@wandelbots/wandelbots-js-react-components 3.5.1-pr.feat-add-eight-abbs-v2.450.4419c66 → 3.6.0

package/dist/auth0-spa-js.production.esm-DL9f1uDJ.js

@@ -0,0 +1,1438 @@
+function I(i, e) {
+  var t = {};
+  for (var n in i) Object.prototype.hasOwnProperty.call(i, n) && e.indexOf(n) < 0 && (t[n] = i[n]);
+  if (i != null && typeof Object.getOwnPropertySymbols == "function") {
+    var o = 0;
+    for (n = Object.getOwnPropertySymbols(i); o < n.length; o++) e.indexOf(n[o]) < 0 && Object.prototype.propertyIsEnumerable.call(i, n[o]) && (t[n[o]] = i[n[o]]);
+  }
+  return t;
+}
+var C = typeof globalThis < "u" ? globalThis : typeof window < "u" ? window : typeof global < "u" ? global : typeof self < "u" ? self : {};
+function Q(i) {
+  return i && i.__esModule && Object.prototype.hasOwnProperty.call(i, "default") ? i.default : i;
+}
+function ee(i, e) {
+  return i(e = { exports: {} }, e.exports), e.exports;
+}
+var O = ee((function(i, e) {
+  Object.defineProperty(e, "__esModule", { value: !0 });
+  var t = (function() {
+    function n() {
+      var o = this;
+      this.locked = /* @__PURE__ */ new Map(), this.addToLocked = function(r, a) {
+        var l = o.locked.get(r);
+        l === void 0 ? a === void 0 ? o.locked.set(r, []) : o.locked.set(r, [a]) : a !== void 0 && (l.unshift(a), o.locked.set(r, l));
+      }, this.isLocked = function(r) {
+        return o.locked.has(r);
+      }, this.lock = function(r) {
+        return new Promise((function(a, l) {
+          o.isLocked(r) ? o.addToLocked(r, a) : (o.addToLocked(r), a());
+        }));
+      }, this.unlock = function(r) {
+        var a = o.locked.get(r);
+        if (a !== void 0 && a.length !== 0) {
+          var l = a.pop();
+          o.locked.set(r, a), l !== void 0 && setTimeout(l, 0);
+        } else o.locked.delete(r);
+      };
+    }
+    return n.getInstance = function() {
+      return n.instance === void 0 && (n.instance = new n()), n.instance;
+    }, n;
+  })();
+  e.default = function() {
+    return t.getInstance();
+  };
+}));
+Q(O);
+var xe = Q(ee((function(i, e) {
+  var t = C && C.__awaiter || function(s, c, h, d) {
+    return new (h || (h = Promise))((function(m, y) {
+      function f(w) {
+        try {
+          b(d.next(w));
+        } catch (g) {
+          y(g);
+        }
+      }
+      function k(w) {
+        try {
+          b(d.throw(w));
+        } catch (g) {
+          y(g);
+        }
+      }
+      function b(w) {
+        w.done ? m(w.value) : new h((function(g) {
+          g(w.value);
+        })).then(f, k);
+      }
+      b((d = d.apply(s, c || [])).next());
+    }));
+  }, n = C && C.__generator || function(s, c) {
+    var h, d, m, y, f = { label: 0, sent: function() {
+      if (1 & m[0]) throw m[1];
+      return m[1];
+    }, trys: [], ops: [] };
+    return y = { next: k(0), throw: k(1), return: k(2) }, typeof Symbol == "function" && (y[Symbol.iterator] = function() {
+      return this;
+    }), y;
+    function k(b) {
+      return function(w) {
+        return (function(g) {
+          if (h) throw new TypeError("Generator is already executing.");
+          for (; f; ) try {
+            if (h = 1, d && (m = 2 & g[0] ? d.return : g[0] ? d.throw || ((m = d.return) && m.call(d), 0) : d.next) && !(m = m.call(d, g[1])).done) return m;
+            switch (d = 0, m && (g = [2 & g[0], m.value]), g[0]) {
+              case 0:
+              case 1:
+                m = g;
+                break;
+              case 4:
+                return f.label++, { value: g[1], done: !1 };
+              case 5:
+                f.label++, d = g[1], g = [0];
+                continue;
+              case 7:
+                g = f.ops.pop(), f.trys.pop();
+                continue;
+              default:
+                if (m = f.trys, !((m = m.length > 0 && m[m.length - 1]) || g[0] !== 6 && g[0] !== 2)) {
+                  f = 0;
+                  continue;
+                }
+                if (g[0] === 3 && (!m || g[1] > m[0] && g[1] < m[3])) {
+                  f.label = g[1];
+                  break;
+                }
+                if (g[0] === 6 && f.label < m[1]) {
+                  f.label = m[1], m = g;
+                  break;
+                }
+                if (m && f.label < m[2]) {
+                  f.label = m[2], f.ops.push(g);
+                  break;
+                }
+                m[2] && f.ops.pop(), f.trys.pop();
+                continue;
+            }
+            g = c.call(s, f);
+          } catch (_) {
+            g = [6, _], d = 0;
+          } finally {
+            h = m = 0;
+          }
+          if (5 & g[0]) throw g[1];
+          return { value: g[0] ? g[1] : void 0, done: !0 };
+        })([b, w]);
+      };
+    }
+  }, o = C;
+  Object.defineProperty(e, "__esModule", { value: !0 });
+  var r = "browser-tabs-lock-key", a = { key: function(s) {
+    return t(o, void 0, void 0, (function() {
+      return n(this, (function(c) {
+        throw new Error("Unsupported");
+      }));
+    }));
+  }, getItem: function(s) {
+    return t(o, void 0, void 0, (function() {
+      return n(this, (function(c) {
+        throw new Error("Unsupported");
+      }));
+    }));
+  }, clear: function() {
+    return t(o, void 0, void 0, (function() {
+      return n(this, (function(s) {
+        return [2, window.localStorage.clear()];
+      }));
+    }));
+  }, removeItem: function(s) {
+    return t(o, void 0, void 0, (function() {
+      return n(this, (function(c) {
+        throw new Error("Unsupported");
+      }));
+    }));
+  }, setItem: function(s, c) {
+    return t(o, void 0, void 0, (function() {
+      return n(this, (function(h) {
+        throw new Error("Unsupported");
+      }));
+    }));
+  }, keySync: function(s) {
+    return window.localStorage.key(s);
+  }, getItemSync: function(s) {
+    return window.localStorage.getItem(s);
+  }, clearSync: function() {
+    return window.localStorage.clear();
+  }, removeItemSync: function(s) {
+    return window.localStorage.removeItem(s);
+  }, setItemSync: function(s, c) {
+    return window.localStorage.setItem(s, c);
+  } };
+  function l(s) {
+    return new Promise((function(c) {
+      return setTimeout(c, s);
+    }));
+  }
+  function u(s) {
+    for (var c = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz", h = "", d = 0; d < s; d++)
+      h += c[Math.floor(Math.random() * c.length)];
+    return h;
+  }
+  var p = (function() {
+    function s(c) {
+      this.acquiredIatSet = /* @__PURE__ */ new Set(), this.storageHandler = void 0, this.id = Date.now().toString() + u(15), this.acquireLock = this.acquireLock.bind(this), this.releaseLock = this.releaseLock.bind(this), this.releaseLock__private__ = this.releaseLock__private__.bind(this), this.waitForSomethingToChange = this.waitForSomethingToChange.bind(this), this.refreshLockWhileAcquired = this.refreshLockWhileAcquired.bind(this), this.storageHandler = c, s.waiters === void 0 && (s.waiters = []);
+    }
+    return s.prototype.acquireLock = function(c, h) {
+      return h === void 0 && (h = 5e3), t(this, void 0, void 0, (function() {
+        var d, m, y, f, k, b, w;
+        return n(this, (function(g) {
+          switch (g.label) {
+            case 0:
+              d = Date.now() + u(4), m = Date.now() + h, y = r + "-" + c, f = this.storageHandler === void 0 ? a : this.storageHandler, g.label = 1;
+            case 1:
+              return Date.now() < m ? [4, l(30)] : [3, 8];
+            case 2:
+              return g.sent(), f.getItemSync(y) !== null ? [3, 5] : (k = this.id + "-" + c + "-" + d, [4, l(Math.floor(25 * Math.random()))]);
+            case 3:
+              return g.sent(), f.setItemSync(y, JSON.stringify({ id: this.id, iat: d, timeoutKey: k, timeAcquired: Date.now(), timeRefreshed: Date.now() })), [4, l(30)];
+            case 4:
+              return g.sent(), (b = f.getItemSync(y)) !== null && (w = JSON.parse(b)).id === this.id && w.iat === d ? (this.acquiredIatSet.add(d), this.refreshLockWhileAcquired(y, d), [2, !0]) : [3, 7];
+            case 5:
+              return s.lockCorrector(this.storageHandler === void 0 ? a : this.storageHandler), [4, this.waitForSomethingToChange(m)];
+            case 6:
+              g.sent(), g.label = 7;
+            case 7:
+              return d = Date.now() + u(4), [3, 1];
+            case 8:
+              return [2, !1];
+          }
+        }));
+      }));
+    }, s.prototype.refreshLockWhileAcquired = function(c, h) {
+      return t(this, void 0, void 0, (function() {
+        var d = this;
+        return n(this, (function(m) {
+          return setTimeout((function() {
+            return t(d, void 0, void 0, (function() {
+              var y, f, k;
+              return n(this, (function(b) {
+                switch (b.label) {
+                  case 0:
+                    return [4, O.default().lock(h)];
+                  case 1:
+                    return b.sent(), this.acquiredIatSet.has(h) ? (y = this.storageHandler === void 0 ? a : this.storageHandler, (f = y.getItemSync(c)) === null ? (O.default().unlock(h), [2]) : ((k = JSON.parse(f)).timeRefreshed = Date.now(), y.setItemSync(c, JSON.stringify(k)), O.default().unlock(h), this.refreshLockWhileAcquired(c, h), [2])) : (O.default().unlock(h), [2]);
+                }
+              }));
+            }));
+          }), 1e3), [2];
+        }));
+      }));
+    }, s.prototype.waitForSomethingToChange = function(c) {
+      return t(this, void 0, void 0, (function() {
+        return n(this, (function(h) {
+          switch (h.label) {
+            case 0:
+              return [4, new Promise((function(d) {
+                var m = !1, y = Date.now(), f = !1;
+                function k() {
+                  if (f || (window.removeEventListener("storage", k), s.removeFromWaiting(k), clearTimeout(b), f = !0), !m) {
+                    m = !0;
+                    var w = 50 - (Date.now() - y);
+                    w > 0 ? setTimeout(d, w) : d(null);
+                  }
+                }
+                window.addEventListener("storage", k), s.addToWaiting(k);
+                var b = setTimeout(k, Math.max(0, c - Date.now()));
+              }))];
+            case 1:
+              return h.sent(), [2];
+          }
+        }));
+      }));
+    }, s.addToWaiting = function(c) {
+      this.removeFromWaiting(c), s.waiters !== void 0 && s.waiters.push(c);
+    }, s.removeFromWaiting = function(c) {
+      s.waiters !== void 0 && (s.waiters = s.waiters.filter((function(h) {
+        return h !== c;
+      })));
+    }, s.notifyWaiters = function() {
+      s.waiters !== void 0 && s.waiters.slice().forEach((function(c) {
+        return c();
+      }));
+    }, s.prototype.releaseLock = function(c) {
+      return t(this, void 0, void 0, (function() {
+        return n(this, (function(h) {
+          switch (h.label) {
+            case 0:
+              return [4, this.releaseLock__private__(c)];
+            case 1:
+              return [2, h.sent()];
+          }
+        }));
+      }));
+    }, s.prototype.releaseLock__private__ = function(c) {
+      return t(this, void 0, void 0, (function() {
+        var h, d, m, y;
+        return n(this, (function(f) {
+          switch (f.label) {
+            case 0:
+              return h = this.storageHandler === void 0 ? a : this.storageHandler, d = r + "-" + c, (m = h.getItemSync(d)) === null ? [2] : (y = JSON.parse(m)).id !== this.id ? [3, 2] : [4, O.default().lock(y.iat)];
+            case 1:
+              f.sent(), this.acquiredIatSet.delete(y.iat), h.removeItemSync(d), O.default().unlock(y.iat), s.notifyWaiters(), f.label = 2;
+            case 2:
+              return [2];
+          }
+        }));
+      }));
+    }, s.lockCorrector = function(c) {
+      for (var h = Date.now() - 5e3, d = c, m = [], y = 0; ; ) {
+        var f = d.keySync(y);
+        if (f === null) break;
+        m.push(f), y++;
+      }
+      for (var k = !1, b = 0; b < m.length; b++) {
+        var w = m[b];
+        if (w.includes(r)) {
+          var g = d.getItemSync(w);
+          if (g !== null) {
+            var _ = JSON.parse(g);
+            (_.timeRefreshed === void 0 && _.timeAcquired < h || _.timeRefreshed !== void 0 && _.timeRefreshed < h) && (d.removeItemSync(w), k = !0);
+          }
+        }
+      }
+      k && s.notifyWaiters();
+    }, s.waiters = void 0, s;
+  })();
+  e.default = p;
+})));
+const ze = { timeoutInSeconds: 60 }, ve = { name: "auth0-spa-js", version: "2.11.3" }, _e = () => Date.now();
+class v extends Error {
+  constructor(e, t) {
+    super(t), this.error = e, this.error_description = t, Object.setPrototypeOf(this, v.prototype);
+  }
+  static fromPayload({ error: e, error_description: t }) {
+    return new v(e, t);
+  }
+}
+class te extends v {
+  constructor(e, t, n, o = null) {
+    super(e, t), this.state = n, this.appState = o, Object.setPrototypeOf(this, te.prototype);
+  }
+}
+class ne extends v {
+  constructor(e, t, n, o, r = null) {
+    super(e, t), this.connection = n, this.state = o, this.appState = r, Object.setPrototypeOf(this, ne.prototype);
+  }
+}
+class N extends v {
+  constructor() {
+    super("timeout", "Timeout"), Object.setPrototypeOf(this, N.prototype);
+  }
+}
+class oe extends N {
+  constructor(e) {
+    super(), this.popup = e, Object.setPrototypeOf(this, oe.prototype);
+  }
+}
+class ie extends v {
+  constructor(e) {
+    super("cancelled", "Popup closed"), this.popup = e, Object.setPrototypeOf(this, ie.prototype);
+  }
+}
+class re extends v {
+  constructor() {
+    super("popup_open", "Unable to open a popup for loginWithPopup - window.open returned `null`"), Object.setPrototypeOf(this, re.prototype);
+  }
+}
+class se extends v {
+  constructor(e, t, n) {
+    super(e, t), this.mfa_token = n, Object.setPrototypeOf(this, se.prototype);
+  }
+}
+class F extends v {
+  constructor(e, t) {
+    super("missing_refresh_token", `Missing Refresh Token (audience: '${J(e, ["default"])}', scope: '${J(t)}')`), this.audience = e, this.scope = t, Object.setPrototypeOf(this, F.prototype);
+  }
+}
+class ae extends v {
+  constructor(e, t) {
+    super("missing_scopes", `Missing requested scopes after refresh (audience: '${J(e, ["default"])}', missing scope: '${J(t)}')`), this.audience = e, this.scope = t, Object.setPrototypeOf(this, ae.prototype);
+  }
+}
+class G extends v {
+  constructor(e) {
+    super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce"), this.newDpopNonce = e, Object.setPrototypeOf(this, G.prototype);
+  }
+}
+function J(i, e = []) {
+  return i && !e.includes(i) ? i : "";
+}
+const X = () => window.crypto, R = () => {
+  const i = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";
+  let e = "";
+  return Array.from(X().getRandomValues(new Uint8Array(43))).forEach(((t) => e += i[t % i.length])), e;
+}, M = (i) => btoa(i), Ee = [{ key: "name", type: ["string"] }, { key: "version", type: ["string", "number"] }, { key: "env", type: ["object"] }], Ne = (i) => Object.keys(i).reduce(((e, t) => {
+  const n = Ee.find(((o) => o.key === t));
+  return n && n.type.includes(typeof i[t]) && (e[t] = i[t]), e;
+}), {}), B = (i) => {
+  var { clientId: e } = i, t = I(i, ["clientId"]);
+  return new URLSearchParams(((n) => Object.keys(n).filter(((o) => n[o] !== void 0)).reduce(((o, r) => Object.assign(Object.assign({}, o), { [r]: n[r] })), {}))(Object.assign({ client_id: e }, t))).toString();
+}, de = async (i) => await X().subtle.digest({ name: "SHA-256" }, new TextEncoder().encode(i)), he = (i) => ((e) => decodeURIComponent(atob(e).split("").map(((t) => "%" + ("00" + t.charCodeAt(0).toString(16)).slice(-2))).join("")))(i.replace(/_/g, "/").replace(/-/g, "+")), le = (i) => {
+  const e = new Uint8Array(i);
+  return ((t) => {
+    const n = { "+": "-", "/": "_", "=": "" };
+    return t.replace(/[+/=]/g, ((o) => n[o]));
+  })(window.btoa(String.fromCharCode(...Array.from(e))));
+}, Re = new TextEncoder(), De = new TextDecoder();
+function L(i) {
+  return typeof i == "string" ? Re.encode(i) : De.decode(i);
+}
+function pe(i) {
+  if (typeof i.modulusLength != "number" || i.modulusLength < 2048) throw new Le(`${i.name} modulusLength must be at least 2048 bits`);
+}
+async function Ae(i, e, t) {
+  if (t.usages.includes("sign") === !1) throw new TypeError('private CryptoKey instances used for signing assertions must include "sign" in their "usages"');
+  const n = `${U(L(JSON.stringify(i)))}.${U(L(JSON.stringify(e)))}`;
+  return `${n}.${U(await crypto.subtle.sign((function(o) {
+    switch (o.algorithm.name) {
+      case "ECDSA":
+        return { name: o.algorithm.name, hash: "SHA-256" };
+      case "RSA-PSS":
+        return pe(o.algorithm), { name: o.algorithm.name, saltLength: 32 };
+      case "RSASSA-PKCS1-v1_5":
+        return pe(o.algorithm), { name: o.algorithm.name };
+      case "Ed25519":
+        return { name: o.algorithm.name };
+    }
+    throw new K();
+  })(t), t, L(n)))}`;
+}
+let q;
+Uint8Array.prototype.toBase64 ? q = (i) => (i instanceof ArrayBuffer && (i = new Uint8Array(i)), i.toBase64({ alphabet: "base64url", omitPadding: !0 })) : q = (e) => {
+  e instanceof ArrayBuffer && (e = new Uint8Array(e));
+  const t = [];
+  for (let n = 0; n < e.byteLength; n += 32768) t.push(String.fromCharCode.apply(null, e.subarray(n, n + 32768)));
+  return btoa(t.join("")).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+};
+function U(i) {
+  return q(i);
+}
+class K extends Error {
+  constructor(e) {
+    var t;
+    super(e ?? "operation not supported"), this.name = this.constructor.name, (t = Error.captureStackTrace) === null || t === void 0 || t.call(Error, this, this.constructor);
+  }
+}
+class Le extends Error {
+  constructor(e) {
+    var t;
+    super(e), this.name = this.constructor.name, (t = Error.captureStackTrace) === null || t === void 0 || t.call(Error, this, this.constructor);
+  }
+}
+function Ue(i) {
+  switch (i.algorithm.name) {
+    case "RSA-PSS":
+      return (function(e) {
+        if (e.algorithm.hash.name === "SHA-256") return "PS256";
+        throw new K("unsupported RsaHashedKeyAlgorithm hash name");
+      })(i);
+    case "RSASSA-PKCS1-v1_5":
+      return (function(e) {
+        if (e.algorithm.hash.name === "SHA-256") return "RS256";
+        throw new K("unsupported RsaHashedKeyAlgorithm hash name");
+      })(i);
+    case "ECDSA":
+      return (function(e) {
+        if (e.algorithm.namedCurve === "P-256") return "ES256";
+        throw new K("unsupported EcKeyAlgorithm namedCurve");
+      })(i);
+    case "Ed25519":
+      return "Ed25519";
+    default:
+      throw new K("unsupported CryptoKey algorithm name");
+  }
+}
+function Se(i) {
+  return i instanceof CryptoKey;
+}
+function Ie(i) {
+  return Se(i) && i.type === "public";
+}
+async function Ze(i, e, t, n, o, r) {
+  const a = i == null ? void 0 : i.privateKey, l = i == null ? void 0 : i.publicKey;
+  if (!Se(u = a) || u.type !== "private") throw new TypeError('"keypair.privateKey" must be a private CryptoKey');
+  var u;
+  if (!Ie(l)) throw new TypeError('"keypair.publicKey" must be a public CryptoKey');
+  if (l.extractable !== !0) throw new TypeError('"keypair.publicKey.extractable" must be true');
+  if (typeof e != "string") throw new TypeError('"htu" must be a string');
+  if (typeof t != "string") throw new TypeError('"htm" must be a string');
+  if (n !== void 0 && typeof n != "string") throw new TypeError('"nonce" must be a string or undefined');
+  if (o !== void 0 && typeof o != "string") throw new TypeError('"accessToken" must be a string or undefined');
+  return Ae({ alg: Ue(a), typ: "dpop+jwt", jwk: await Pe(l) }, Object.assign(Object.assign({}, r), { iat: Math.floor(Date.now() / 1e3), jti: crypto.randomUUID(), htm: t, nonce: n, htu: e, ath: o ? U(await crypto.subtle.digest("SHA-256", L(o))) : void 0 }), a);
+}
+async function Pe(i) {
+  const { kty: e, e: t, n, x: o, y: r, crv: a } = await crypto.subtle.exportKey("jwk", i);
+  return { kty: e, crv: a, e: t, n, x: o, y: r };
+}
+const He = ["authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:token-exchange"];
+function We() {
+  return (async function(i, e) {
+    var t;
+    let n;
+    if (i.length === 0) throw new TypeError('"alg" must be a non-empty string');
+    switch (i) {
+      case "PS256":
+        n = { name: "RSA-PSS", hash: "SHA-256", modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]) };
+        break;
+      case "RS256":
+        n = { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256", modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]) };
+        break;
+      case "ES256":
+        n = { name: "ECDSA", namedCurve: "P-256" };
+        break;
+      case "Ed25519":
+        n = { name: "Ed25519" };
+        break;
+      default:
+        throw new K();
+    }
+    return crypto.subtle.generateKey(n, (t = e == null ? void 0 : e.extractable) !== null && t !== void 0 && t, ["sign", "verify"]);
+  })("ES256", { extractable: !1 });
+}
+function Je(i) {
+  return (async function(e) {
+    if (!Ie(e)) throw new TypeError('"publicKey" must be a public CryptoKey');
+    if (e.extractable !== !0) throw new TypeError('"publicKey.extractable" must be true');
+    const t = await Pe(e);
+    let n;
+    switch (t.kty) {
+      case "EC":
+        n = { crv: t.crv, kty: t.kty, x: t.x, y: t.y };
+        break;
+      case "OKP":
+        n = { crv: t.crv, kty: t.kty, x: t.x };
+        break;
+      case "RSA":
+        n = { e: t.e, kty: t.kty, n: t.n };
+        break;
+      default:
+        throw new K("unsupported JWK kty");
+    }
+    return U(await crypto.subtle.digest({ name: "SHA-256" }, L(JSON.stringify(n))));
+  })(i.publicKey);
+}
+function Xe({ keyPair: i, url: e, method: t, nonce: n, accessToken: o }) {
+  const r = (function(a) {
+    const l = new URL(a);
+    return l.search = "", l.hash = "", l.href;
+  })(e);
+  return Ze(i, r, t, n, o);
+}
+const Ve = async (i, e) => {
+  const t = await fetch(i, e);
+  return { ok: t.ok, json: await t.json(), headers: (n = t.headers, [...n].reduce(((o, [r, a]) => (o[r] = a, o)), {})) };
+  var n;
+}, Fe = async (i, e, t) => {
+  const n = new AbortController();
+  let o;
+  return e.signal = n.signal, Promise.race([Ve(i, e), new Promise(((r, a) => {
+    o = setTimeout((() => {
+      n.abort(), a(new Error("Timeout when executing 'fetch'"));
+    }), t);
+  }))]).finally((() => {
+    clearTimeout(o);
+  }));
+}, Ge = async (i, e, t, n, o, r, a, l) => {
+  return u = { auth: { audience: e, scope: t }, timeout: o, fetchUrl: i, fetchOptions: n, useFormData: a, useMrrt: l }, p = r, new Promise((function(s, c) {
+    const h = new MessageChannel();
+    h.port1.onmessage = function(d) {
+      d.data.error ? c(new Error(d.data.error)) : s(d.data), h.port1.close();
+    }, p.postMessage(u, [h.port2]);
+  }));
+  var u, p;
+}, Me = async (i, e, t, n, o, r, a = 1e4, l) => o ? Ge(i, e, t, n, a, o, r, l) : Fe(i, n, a);
+async function Te(i, e, t, n, o, r, a, l, u, p) {
+  if (u) {
+    const w = await u.generateProof({ url: i, method: o.method || "GET", nonce: await u.getNonce() });
+    o.headers = Object.assign(Object.assign({}, o.headers), { dpop: w });
+  }
+  let s, c = null;
+  for (let w = 0; w < 3; w++) try {
+    s = await Me(i, t, n, o, r, a, e, l), c = null;
+    break;
+  } catch (g) {
+    c = g;
+  }
+  if (c) throw c;
+  const h = s.json, { error: d, error_description: m } = h, y = I(h, ["error", "error_description"]), { headers: f, ok: k } = s;
+  let b;
+  if (u && (b = f["dpop-nonce"], b && await u.setNonce(b)), !k) {
+    const w = m || `HTTP error. Unable to fetch ${i}`;
+    if (d === "mfa_required") throw new se(d, w, y.mfa_token);
+    if (d === "missing_refresh_token") throw new F(t, n);
+    if (d === "use_dpop_nonce") {
+      if (!u || !b || p) throw new G(b);
+      return Te(i, e, t, n, o, r, a, l, u, !0);
+    }
+    throw new v(d || "request_error", w);
+  }
+  return y;
+}
+async function Ye(i, e) {
+  var { baseUrl: t, timeout: n, audience: o, scope: r, auth0Client: a, useFormData: l, useMrrt: u, dpop: p } = i, s = I(i, ["baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop"]);
+  const c = s.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange", h = s.grant_type === "refresh_token" && u, d = Object.assign(Object.assign(Object.assign(Object.assign({}, s), c && o && { audience: o }), c && r && { scope: r }), h && { audience: o, scope: r }), m = l ? B(d) : JSON.stringify(d), y = (f = s.grant_type, He.includes(f));
+  var f;
+  return await Te(`${t}/oauth/token`, n, o || "default", r, { method: "POST", body: m, headers: { "Content-Type": l ? "application/x-www-form-urlencoded" : "application/json", "Auth0-Client": btoa(JSON.stringify(Ne(a || ve))) } }, e, l, u, y ? p : void 0);
+}
+const W = (...i) => {
+  return (e = i.filter(Boolean).join(" ").trim().split(/\s+/), Array.from(new Set(e))).join(" ");
+  var e;
+}, H = (i, e, t) => {
+  let n;
+  return t && (n = i[t]), n || (n = i.default), W(n, e);
+};
+class S {
+  constructor(e, t = "@@auth0spajs@@", n) {
+    this.prefix = t, this.suffix = n, this.clientId = e.clientId, this.scope = e.scope, this.audience = e.audience;
+  }
+  toKey() {
+    return [this.prefix, this.clientId, this.audience, this.scope, this.suffix].filter(Boolean).join("::");
+  }
+  static fromKey(e) {
+    const [t, n, o, r] = e.split("::");
+    return new S({ clientId: n, scope: r, audience: o }, t);
+  }
+  static fromCacheEntry(e) {
+    const { scope: t, audience: n, client_id: o } = e;
+    return new S({ scope: t, audience: n, clientId: o });
+  }
+}
+class $e {
+  set(e, t) {
+    localStorage.setItem(e, JSON.stringify(t));
+  }
+  get(e) {
+    const t = window.localStorage.getItem(e);
+    if (t) try {
+      return JSON.parse(t);
+    } catch {
+      return;
+    }
+  }
+  remove(e) {
+    localStorage.removeItem(e);
+  }
+  allKeys() {
+    return Object.keys(window.localStorage).filter(((e) => e.startsWith("@@auth0spajs@@")));
+  }
+}
+class Oe {
+  constructor() {
+    this.enclosedCache = /* @__PURE__ */ (function() {
+      let e = {};
+      return { set(t, n) {
+        e[t] = n;
+      }, get(t) {
+        const n = e[t];
+        if (n) return n;
+      }, remove(t) {
+        delete e[t];
+      }, allKeys: () => Object.keys(e) };
+    })();
+  }
+}
+class Be {
+  constructor(e, t, n) {
+    this.cache = e, this.keyManifest = t, this.nowProvider = n || _e;
+  }
+  async setIdToken(e, t, n) {
+    var o;
+    const r = this.getIdTokenCacheKey(e);
+    await this.cache.set(r, { id_token: t, decodedToken: n }), await ((o = this.keyManifest) === null || o === void 0 ? void 0 : o.add(r));
+  }
+  async getIdToken(e) {
+    const t = await this.cache.get(this.getIdTokenCacheKey(e.clientId));
+    if (!t && e.scope && e.audience) {
+      const n = await this.get(e);
+      return !n || !n.id_token || !n.decodedToken ? void 0 : { id_token: n.id_token, decodedToken: n.decodedToken };
+    }
+    if (t) return { id_token: t.id_token, decodedToken: t.decodedToken };
+  }
+  async get(e, t = 0, n = !1, o) {
+    var r;
+    let a = await this.cache.get(e.toKey());
+    if (!a) {
+      const p = await this.getCacheKeys();
+      if (!p) return;
+      const s = this.matchExistingCacheKey(e, p);
+      if (s && (a = await this.cache.get(s)), !a && n && o !== "cache-only") return this.getEntryWithRefreshToken(e, p);
+    }
+    if (!a) return;
+    const l = await this.nowProvider(), u = Math.floor(l / 1e3);
+    return a.expiresAt - t < u ? a.body.refresh_token ? this.modifiedCachedEntry(a, e) : (await this.cache.remove(e.toKey()), void await ((r = this.keyManifest) === null || r === void 0 ? void 0 : r.remove(e.toKey()))) : a.body;
+  }
+  async modifiedCachedEntry(e, t) {
+    return e.body = { refresh_token: e.body.refresh_token, audience: e.body.audience, scope: e.body.scope }, await this.cache.set(t.toKey(), e), { refresh_token: e.body.refresh_token, audience: e.body.audience, scope: e.body.scope };
+  }
+  async set(e) {
+    var t;
+    const n = new S({ clientId: e.client_id, scope: e.scope, audience: e.audience }), o = await this.wrapCacheEntry(e);
+    await this.cache.set(n.toKey(), o), await ((t = this.keyManifest) === null || t === void 0 ? void 0 : t.add(n.toKey()));
+  }
+  async remove(e, t, n) {
+    const o = new S({ clientId: e, scope: n, audience: t });
+    await this.cache.remove(o.toKey());
+  }
+  async clear(e) {
+    var t;
+    const n = await this.getCacheKeys();
+    n && (await n.filter(((o) => !e || o.includes(e))).reduce((async (o, r) => {
+      await o, await this.cache.remove(r);
+    }), Promise.resolve()), await ((t = this.keyManifest) === null || t === void 0 ? void 0 : t.clear()));
+  }
+  async wrapCacheEntry(e) {
+    const t = await this.nowProvider();
+    return { body: e, expiresAt: Math.floor(t / 1e3) + e.expires_in };
+  }
+  async getCacheKeys() {
+    var e;
+    return this.keyManifest ? (e = await this.keyManifest.get()) === null || e === void 0 ? void 0 : e.keys : this.cache.allKeys ? this.cache.allKeys() : void 0;
+  }
+  getIdTokenCacheKey(e) {
+    return new S({ clientId: e }, "@@auth0spajs@@", "@@user@@").toKey();
+  }
+  matchExistingCacheKey(e, t) {
+    return t.filter(((n) => {
+      var o;
+      const r = S.fromKey(n), a = new Set(r.scope && r.scope.split(" ")), l = ((o = e.scope) === null || o === void 0 ? void 0 : o.split(" ")) || [], u = r.scope && l.reduce(((p, s) => p && a.has(s)), !0);
+      return r.prefix === "@@auth0spajs@@" && r.clientId === e.clientId && r.audience === e.audience && u;
+    }))[0];
+  }
+  async getEntryWithRefreshToken(e, t) {
+    var n;
+    for (const o of t) {
+      const r = S.fromKey(o);
+      if (r.prefix === "@@auth0spajs@@" && r.clientId === e.clientId) {
+        const a = await this.cache.get(o);
+        if (!((n = a == null ? void 0 : a.body) === null || n === void 0) && n.refresh_token) return this.modifiedCachedEntry(a, e);
+      }
+    }
+  }
+  async updateEntry(e, t) {
+    var n;
+    const o = await this.getCacheKeys();
+    if (o) for (const r of o) {
+      const a = await this.cache.get(r);
+      if (((n = a == null ? void 0 : a.body) === null || n === void 0 ? void 0 : n.refresh_token) === e) {
+        const l = Object.assign(Object.assign({}, a.body), { refresh_token: t });
+        await this.set(l);
+      }
+    }
+  }
+}
+class qe {
+  constructor(e, t, n) {
+    this.storage = e, this.clientId = t, this.cookieDomain = n, this.storageKey = `a0.spajs.txs.${this.clientId}`;
+  }
+  create(e) {
+    this.storage.save(this.storageKey, e, { daysUntilExpire: 1, cookieDomain: this.cookieDomain });
+  }
+  get() {
+    return this.storage.get(this.storageKey);
+  }
+  remove() {
+    this.storage.remove(this.storageKey, { cookieDomain: this.cookieDomain });
+  }
+}
+const D = (i) => typeof i == "number", Qe = ["iss", "aud", "exp", "nbf", "iat", "jti", "azp", "nonce", "auth_time", "at_hash", "c_hash", "acr", "amr", "sub_jwk", "cnf", "sip_from_tag", "sip_date", "sip_callid", "sip_cseq_num", "sip_via_branch", "orig", "dest", "mky", "events", "toe", "txn", "rph", "sid", "vot", "vtm"], et = (i) => {
+  if (!i.id_token) throw new Error("ID token is required but missing");
+  const e = ((r) => {
+    const a = r.split("."), [l, u, p] = a;
+    if (a.length !== 3 || !l || !u || !p) throw new Error("ID token could not be decoded");
+    const s = JSON.parse(he(u)), c = { __raw: r }, h = {};
+    return Object.keys(s).forEach(((d) => {
+      c[d] = s[d], Qe.includes(d) || (h[d] = s[d]);
+    })), { encoded: { header: l, payload: u, signature: p }, header: JSON.parse(he(l)), claims: c, user: h };
+  })(i.id_token);
+  if (!e.claims.iss) throw new Error("Issuer (iss) claim must be a string present in the ID token");
+  if (e.claims.iss !== i.iss) throw new Error(`Issuer (iss) claim mismatch in the ID token; expected "${i.iss}", found "${e.claims.iss}"`);
+  if (!e.user.sub) throw new Error("Subject (sub) claim must be a string present in the ID token");
+  if (e.header.alg !== "RS256") throw new Error(`Signature algorithm of "${e.header.alg}" is not supported. Expected the ID token to be signed with "RS256".`);
+  if (!e.claims.aud || typeof e.claims.aud != "string" && !Array.isArray(e.claims.aud)) throw new Error("Audience (aud) claim must be a string or array of strings present in the ID token");
+  if (Array.isArray(e.claims.aud)) {
+    if (!e.claims.aud.includes(i.aud)) throw new Error(`Audience (aud) claim mismatch in the ID token; expected "${i.aud}" but was not one of "${e.claims.aud.join(", ")}"`);
+    if (e.claims.aud.length > 1) {
+      if (!e.claims.azp) throw new Error("Authorized Party (azp) claim must be a string present in the ID token when Audience (aud) claim has multiple values");
+      if (e.claims.azp !== i.aud) throw new Error(`Authorized Party (azp) claim mismatch in the ID token; expected "${i.aud}", found "${e.claims.azp}"`);
+    }
+  } else if (e.claims.aud !== i.aud) throw new Error(`Audience (aud) claim mismatch in the ID token; expected "${i.aud}" but found "${e.claims.aud}"`);
+  if (i.nonce) {
+    if (!e.claims.nonce) throw new Error("Nonce (nonce) claim must be a string present in the ID token");
+    if (e.claims.nonce !== i.nonce) throw new Error(`Nonce (nonce) claim mismatch in the ID token; expected "${i.nonce}", found "${e.claims.nonce}"`);
+  }
+  if (i.max_age && !D(e.claims.auth_time)) throw new Error("Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified");
+  if (e.claims.exp == null || !D(e.claims.exp)) throw new Error("Expiration Time (exp) claim must be a number present in the ID token");
+  if (!D(e.claims.iat)) throw new Error("Issued At (iat) claim must be a number present in the ID token");
+  const t = i.leeway || 60, n = new Date(i.now || Date.now()), o = /* @__PURE__ */ new Date(0);
+  if (o.setUTCSeconds(e.claims.exp + t), n > o) throw new Error(`Expiration Time (exp) claim error in the ID token; current time (${n}) is after expiration time (${o})`);
+  if (e.claims.nbf != null && D(e.claims.nbf)) {
+    const r = /* @__PURE__ */ new Date(0);
+    if (r.setUTCSeconds(e.claims.nbf - t), n < r) throw new Error(`Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${n}) is before ${r}`);
+  }
+  if (e.claims.auth_time != null && D(e.claims.auth_time)) {
+    const r = /* @__PURE__ */ new Date(0);
+    if (r.setUTCSeconds(parseInt(e.claims.auth_time) + i.max_age + t), n > r) throw new Error(`Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${n}) is after last auth at ${r}`);
+  }
+  if (i.organization) {
+    const r = i.organization.trim();
+    if (r.startsWith("org_")) {
+      const a = r;
+      if (!e.claims.org_id) throw new Error("Organization ID (org_id) claim must be a string present in the ID token");
+      if (a !== e.claims.org_id) throw new Error(`Organization ID (org_id) claim mismatch in the ID token; expected "${a}", found "${e.claims.org_id}"`);
+    } else {
+      const a = r.toLowerCase();
+      if (!e.claims.org_name) throw new Error("Organization Name (org_name) claim must be a string present in the ID token");
+      if (a !== e.claims.org_name) throw new Error(`Organization Name (org_name) claim mismatch in the ID token; expected "${a}", found "${e.claims.org_name}"`);
+    }
+  }
+  return e;
+};
+var x = ee((function(i, e) {
+  var t = C && C.__assign || function() {
+    return t = Object.assign || function(u) {
+      for (var p, s = 1, c = arguments.length; s < c; s++) for (var h in p = arguments[s]) Object.prototype.hasOwnProperty.call(p, h) && (u[h] = p[h]);
+      return u;
+    }, t.apply(this, arguments);
+  };
+  function n(u, p) {
+    if (!p) return "";
+    var s = "; " + u;
+    return p === !0 ? s : s + "=" + p;
+  }
+  function o(u, p, s) {
+    return encodeURIComponent(u).replace(/%(23|24|26|2B|5E|60|7C)/g, decodeURIComponent).replace(/\(/g, "%28").replace(/\)/g, "%29") + "=" + encodeURIComponent(p).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g, decodeURIComponent) + (function(c) {
+      if (typeof c.expires == "number") {
+        var h = /* @__PURE__ */ new Date();
+        h.setMilliseconds(h.getMilliseconds() + 864e5 * c.expires), c.expires = h;
+      }
+      return n("Expires", c.expires ? c.expires.toUTCString() : "") + n("Domain", c.domain) + n("Path", c.path) + n("Secure", c.secure) + n("SameSite", c.sameSite);
+    })(s);
+  }
+  function r(u) {
+    for (var p = {}, s = u ? u.split("; ") : [], c = /(%[\dA-F]{2})+/gi, h = 0; h < s.length; h++) {
+      var d = s[h].split("="), m = d.slice(1).join("=");
+      m.charAt(0) === '"' && (m = m.slice(1, -1));
+      try {
+        p[d[0].replace(c, decodeURIComponent)] = m.replace(c, decodeURIComponent);
+      } catch {
+      }
+    }
+    return p;
+  }
+  function a() {
+    return r(document.cookie);
+  }
+  function l(u, p, s) {
+    document.cookie = o(u, p, t({ path: "/" }, s));
+  }
+  e.__esModule = !0, e.encode = o, e.parse = r, e.getAll = a, e.get = function(u) {
+    return a()[u];
+  }, e.set = l, e.remove = function(u, p) {
+    l(u, "", t(t({}, p), { expires: -1 }));
+  };
+}));
+Q(x), x.encode, x.parse, x.getAll;
+var tt = x.get, Ce = x.set, je = x.remove;
+const z = { get(i) {
+  const e = tt(i);
+  if (e !== void 0) return JSON.parse(e);
+}, save(i, e, t) {
+  let n = {};
+  window.location.protocol === "https:" && (n = { secure: !0, sameSite: "none" }), t != null && t.daysUntilExpire && (n.expires = t.daysUntilExpire), t != null && t.cookieDomain && (n.domain = t.cookieDomain), Ce(i, JSON.stringify(e), n);
+}, remove(i, e) {
+  let t = {};
+  e != null && e.cookieDomain && (t.domain = e.cookieDomain), je(i, t);
+} }, nt = { get(i) {
+  return z.get(i) || z.get(`_legacy_${i}`);
+}, save(i, e, t) {
+  let n = {};
+  window.location.protocol === "https:" && (n = { secure: !0 }), t != null && t.daysUntilExpire && (n.expires = t.daysUntilExpire), t != null && t.cookieDomain && (n.domain = t.cookieDomain), Ce(`_legacy_${i}`, JSON.stringify(e), n), z.save(i, e, t);
+}, remove(i, e) {
+  let t = {};
+  e != null && e.cookieDomain && (t.domain = e.cookieDomain), je(i, t), z.remove(i, e), z.remove(`_legacy_${i}`, e);
+} }, ot = { get(i) {
+  if (typeof sessionStorage > "u") return;
+  const e = sessionStorage.getItem(i);
+  return e != null ? JSON.parse(e) : void 0;
+}, save(i, e) {
+  sessionStorage.setItem(i, JSON.stringify(e));
+}, remove(i) {
+  sessionStorage.removeItem(i);
+} };
+var j;
+(function(i) {
+  i.Code = "code", i.ConnectCode = "connect_code";
+})(j || (j = {}));
+function it(i, e, t) {
+  var n = e === void 0 ? null : e, o = (function(u, p) {
+    var s = atob(u);
+    if (p) {
+      for (var c = new Uint8Array(s.length), h = 0, d = s.length; h < d; ++h) c[h] = s.charCodeAt(h);
+      return String.fromCharCode.apply(null, new Uint16Array(c.buffer));
+    }
+    return s;
+  })(i, t !== void 0 && t), r = o.indexOf(`
+`, 10) + 1, a = o.substring(r) + (n ? "//# sourceMappingURL=" + n : ""), l = new Blob([a], { type: "application/javascript" });
+  return URL.createObjectURL(l);
+}
+var me, fe, ge, Y, rt = (me = "Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwohZnVuY3Rpb24oKXsidXNlIHN0cmljdCI7Y2xhc3MgZSBleHRlbmRzIEVycm9ye2NvbnN0cnVjdG9yKHQscil7c3VwZXIociksdGhpcy5lcnJvcj10LHRoaXMuZXJyb3JfZGVzY3JpcHRpb249cixPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcyxlLnByb3RvdHlwZSl9c3RhdGljIGZyb21QYXlsb2FkKHtlcnJvcjp0LGVycm9yX2Rlc2NyaXB0aW9uOnJ9KXtyZXR1cm4gbmV3IGUodCxyKX19Y2xhc3MgdCBleHRlbmRzIGV7Y29uc3RydWN0b3IoZSxzKXtzdXBlcigibWlzc2luZ19yZWZyZXNoX3Rva2VuIixgTWlzc2luZyBSZWZyZXNoIFRva2VuIChhdWRpZW5jZTogJyR7cihlLFsiZGVmYXVsdCJdKX0nLCBzY29wZTogJyR7cihzKX0nKWApLHRoaXMuYXVkaWVuY2U9ZSx0aGlzLnNjb3BlPXMsT2JqZWN0LnNldFByb3RvdHlwZU9mKHRoaXMsdC5wcm90b3R5cGUpfX1mdW5jdGlvbiByKGUsdD1bXSl7cmV0dXJuIGUmJiF0LmluY2x1ZGVzKGUpP2U6IiJ9ImZ1bmN0aW9uIj09dHlwZW9mIFN1cHByZXNzZWRFcnJvciYmU3VwcHJlc3NlZEVycm9yO2NvbnN0IHM9ZT0+e3ZhcntjbGllbnRJZDp0fT1lLHI9ZnVuY3Rpb24oZSx0KXt2YXIgcj17fTtmb3IodmFyIHMgaW4gZSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoZSxzKSYmdC5pbmRleE9mKHMpPDAmJihyW3NdPWVbc10pO2lmKG51bGwhPWUmJiJmdW5jdGlvbiI9PXR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzKXt2YXIgbz0wO2ZvcihzPU9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMoZSk7bzxzLmxlbmd0aDtvKyspdC5pbmRleE9mKHNbb10pPDAmJk9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChlLHNbb10pJiYocltzW29dXT1lW3Nbb11dKX1yZXR1cm4gcn0oZSxbImNsaWVudElkIl0pO3JldHVybiBuZXcgVVJMU2VhcmNoUGFyYW1zKChlPT5PYmplY3Qua2V5cyhlKS5maWx0ZXIoKHQ9PnZvaWQgMCE9PWVbdF0pKS5yZWR1Y2UoKCh0LHIpPT5PYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sdCkse1tyXTplW3JdfSkpLHt9KSkoT2JqZWN0LmFzc2lnbih7Y2xpZW50X2lkOnR9LHIpKSkudG9TdHJpbmcoKX07bGV0IG89e307Y29uc3Qgbj0oZSx0KT0+YCR7ZX18JHt0fWA7YWRkRXZlbnRMaXN0ZW5lcigibWVzc2FnZSIsKGFzeW5jKHtkYXRhOnt0aW1lb3V0OmUsYXV0aDpyLGZldGNoVXJsOmksZmV0Y2hPcHRpb25zOmMsdXNlRm9ybURhdGE6YSx1c2VNcnJ0OmZ9LHBvcnRzOltwXX0pPT57bGV0IGgsdSxsPXt9O2NvbnN0e2F1ZGllbmNlOmQsc2NvcGU6eX09cnx8e307dHJ5e2NvbnN0IHI9YT8oZT0+e2NvbnN0IHQ9bmV3IFVSTFNlYXJjaFBhcmFtcyhlKSxyPXt9O3JldHVybiB0LmZvckVhY2goKChlLHQpPT57clt0XT1lfSkpLHJ9KShjLmJvZHkpOkpTT04ucGFyc2UoYy5ib2R5KTtpZighci5yZWZyZXNoX3Rva2VuJiYicmVmcmVzaF90b2tlbiI9PT1yLmdyYW50X3R5cGUpe2lmKHU9KChlLHQpPT5vW24oZSx0KV0pKGQseSksIXUmJmYpe2NvbnN0IGU9by5sYXRlc3RfcmVmcmVzaF90b2tlbix0PSgoZSx0KT0+e2NvbnN0IHI9T2JqZWN0LmtleXMobykuZmluZCgocj0+e2lmKCJsYXRlc3RfcmVmcmVzaF90b2tlbiIhPT1yKXtjb25zdCBzPSgoZSx0KT0+dC5zdGFydHNXaXRoKGAke2V9fGApKSh0LHIpLG89ci5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIiksbj1lLnNwbGl0KCIgIikuZXZlcnkoKGU9Pm8uaW5jbHVkZXMoZSkpKTtyZXR1cm4gcyYmbn19KSk7cmV0dXJuISFyfSkoeSxkKTtlJiYhdCYmKHU9ZSl9aWYoIXUpdGhyb3cgbmV3IHQoZCx5KTtjLmJvZHk9YT9zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSxyKSx7cmVmcmVzaF90b2tlbjp1fSkpOkpTT04uc3RyaW5naWZ5KE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSxyKSx7cmVmcmVzaF90b2tlbjp1fSkpfWxldCBqLGs7ImZ1bmN0aW9uIj09dHlwZW9mIEFib3J0Q29udHJvbGxlciYmKGo9bmV3IEFib3J0Q29udHJvbGxlcixjLnNpZ25hbD1qLnNpZ25hbCk7dHJ5e2s9YXdhaXQgUHJvbWlzZS5yYWNlKFsoXz1lLG5ldyBQcm9taXNlKChlPT5zZXRUaW1lb3V0KGUsXykpKSksZmV0Y2goaSxPYmplY3QuYXNzaWduKHt9LGMpKV0pfWNhdGNoKGUpe3JldHVybiB2b2lkIHAucG9zdE1lc3NhZ2Uoe2Vycm9yOmUubWVzc2FnZX0pfWlmKCFrKXJldHVybiBqJiZqLmFib3J0KCksdm9pZCBwLnBvc3RNZXNzYWdlKHtlcnJvcjoiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIn0pO2c9ay5oZWFkZXJzLGw9Wy4uLmddLnJlZHVjZSgoKGUsW3Qscl0pPT4oZVt0XT1yLGUpKSx7fSksaD1hd2FpdCBrLmpzb24oKSxoLnJlZnJlc2hfdG9rZW4/KGYmJihvLmxhdGVzdF9yZWZyZXNoX3Rva2VuPWgucmVmcmVzaF90b2tlbixPPXUsYj1oLnJlZnJlc2hfdG9rZW4sT2JqZWN0LmVudHJpZXMobykuZm9yRWFjaCgoKFtlLHRdKT0+e3Q9PT1PJiYob1tlXT1iKX0pKSksKChlLHQscik9PntvW24odCxyKV09ZX0pKGgucmVmcmVzaF90b2tlbixkLHkpLGRlbGV0ZSBoLnJlZnJlc2hfdG9rZW4pOigoZSx0KT0+e2RlbGV0ZSBvW24oZSx0KV19KShkLHkpLHAucG9zdE1lc3NhZ2Uoe29rOmsub2ssanNvbjpoLGhlYWRlcnM6bH0pfWNhdGNoKGUpe3AucG9zdE1lc3NhZ2Uoe29rOiExLGpzb246e2Vycm9yOmUuZXJyb3IsZXJyb3JfZGVzY3JpcHRpb246ZS5tZXNzYWdlfSxoZWFkZXJzOmx9KX12YXIgTyxiLGcsX30pKX0oKTsKCg==", fe = null, ge = !1, function(i) {
+  return Y = Y || it(me, fe, ge), new Worker(Y, i);
+});
+const $ = {}, ye = async (i, e = 3) => {
+  for (let t = 0; t < e; t++) if (await i()) return !0;
+  return !1;
+};
+class st {
+  constructor(e, t) {
+    this.cache = e, this.clientId = t, this.manifestKey = this.createManifestKeyFrom(this.clientId);
+  }
+  async add(e) {
+    var t;
+    const n = new Set(((t = await this.cache.get(this.manifestKey)) === null || t === void 0 ? void 0 : t.keys) || []);
+    n.add(e), await this.cache.set(this.manifestKey, { keys: [...n] });
+  }
+  async remove(e) {
+    const t = await this.cache.get(this.manifestKey);
+    if (t) {
+      const n = new Set(t.keys);
+      return n.delete(e), n.size > 0 ? await this.cache.set(this.manifestKey, { keys: [...n] }) : await this.cache.remove(this.manifestKey);
+    }
+  }
+  get() {
+    return this.cache.get(this.manifestKey);
+  }
+  clear() {
+    return this.cache.remove(this.manifestKey);
+  }
+  createManifestKeyFrom(e) {
+    return `@@auth0spajs@@::${e}`;
+  }
+}
+const at = { memory: () => new Oe().enclosedCache, localstorage: () => new $e() }, we = (i) => at[i], be = (i) => {
+  const { openUrl: e, onRedirect: t } = i, n = I(i, ["openUrl", "onRedirect"]);
+  return Object.assign(Object.assign({}, n), { openUrl: e === !1 || e ? e : t });
+}, ke = (i, e) => {
+  const t = (e == null ? void 0 : e.split(" ")) || [];
+  return ((i == null ? void 0 : i.split(" ")) || []).every(((n) => t.includes(n)));
+}, T = { NONCE: "nonce", KEYPAIR: "keypair" };
+class ct {
+  constructor(e) {
+    this.clientId = e;
+  }
+  getVersion() {
+    return 1;
+  }
+  createDbHandle() {
+    const e = window.indexedDB.open("auth0-spa-js", this.getVersion());
+    return new Promise(((t, n) => {
+      e.onupgradeneeded = () => Object.values(T).forEach(((o) => e.result.createObjectStore(o))), e.onerror = () => n(e.error), e.onsuccess = () => t(e.result);
+    }));
+  }
+  async getDbHandle() {
+    return this.dbHandle || (this.dbHandle = await this.createDbHandle()), this.dbHandle;
+  }
+  async executeDbRequest(e, t, n) {
+    const o = n((await this.getDbHandle()).transaction(e, t).objectStore(e));
+    return new Promise(((r, a) => {
+      o.onsuccess = () => r(o.result), o.onerror = () => a(o.error);
+    }));
+  }
+  buildKey(e) {
+    const t = e ? `_${e}` : "auth0";
+    return `${this.clientId}::${t}`;
+  }
+  setNonce(e, t) {
+    return this.save(T.NONCE, this.buildKey(t), e);
+  }
+  setKeyPair(e) {
+    return this.save(T.KEYPAIR, this.buildKey(), e);
+  }
+  async save(e, t, n) {
+    await this.executeDbRequest(e, "readwrite", ((o) => o.put(n, t)));
+  }
+  findNonce(e) {
+    return this.find(T.NONCE, this.buildKey(e));
+  }
+  findKeyPair() {
+    return this.find(T.KEYPAIR, this.buildKey());
+  }
+  find(e, t) {
+    return this.executeDbRequest(e, "readonly", ((n) => n.get(t)));
+  }
+  async deleteBy(e, t) {
+    const n = await this.executeDbRequest(e, "readonly", ((o) => o.getAllKeys()));
+    n == null || n.filter(t).map(((o) => this.executeDbRequest(e, "readwrite", ((r) => r.delete(o)))));
+  }
+  deleteByClientId(e, t) {
+    return this.deleteBy(e, ((n) => typeof n == "string" && n.startsWith(`${t}::`)));
+  }
+  clearNonces() {
+    return this.deleteByClientId(T.NONCE, this.clientId);
+  }
+  clearKeyPairs() {
+    return this.deleteByClientId(T.KEYPAIR, this.clientId);
+  }
+}
+class ut {
+  constructor(e) {
+    this.storage = new ct(e);
+  }
+  getNonce(e) {
+    return this.storage.findNonce(e);
+  }
+  setNonce(e, t) {
+    return this.storage.setNonce(e, t);
+  }
+  async getOrGenerateKeyPair() {
+    let e = await this.storage.findKeyPair();
+    return e || (e = await We(), await this.storage.setKeyPair(e)), e;
+  }
+  async generateProof(e) {
+    const t = await this.getOrGenerateKeyPair();
+    return Xe(Object.assign({ keyPair: t }, e));
+  }
+  async calculateThumbprint() {
+    return Je(await this.getOrGenerateKeyPair());
+  }
+  async clear() {
+    await Promise.all([this.storage.clearNonces(), this.storage.clearKeyPairs()]);
+  }
+}
+var E;
+(function(i) {
+  i.Bearer = "Bearer", i.DPoP = "DPoP";
+})(E || (E = {}));
+class dt {
+  constructor(e, t) {
+    this.hooks = t, this.config = Object.assign(Object.assign({}, e), { fetch: e.fetch || (typeof window > "u" ? fetch : window.fetch.bind(window)) });
+  }
+  isAbsoluteUrl(e) {
+    return /^(https?:)?\/\//i.test(e);
+  }
+  buildUrl(e, t) {
+    if (t) {
+      if (this.isAbsoluteUrl(t)) return t;
+      if (e) return `${e.replace(/\/?\/$/, "")}/${t.replace(/^\/+/, "")}`;
+    }
+    throw new TypeError("`url` must be absolute or `baseUrl` non-empty.");
+  }
+  getAccessToken(e) {
+    return this.config.getAccessToken ? this.config.getAccessToken(e) : this.hooks.getAccessToken(e);
+  }
+  extractUrl(e) {
+    return typeof e == "string" ? e : e instanceof URL ? e.href : e.url;
+  }
+  buildBaseRequest(e, t) {
+    if (!this.config.baseUrl) return new Request(e, t);
+    const n = this.buildUrl(this.config.baseUrl, this.extractUrl(e)), o = e instanceof Request ? new Request(n, e) : n;
+    return new Request(o, t);
+  }
+  setAuthorizationHeader(e, t, n = E.Bearer) {
+    e.headers.set("authorization", `${n} ${t}`);
+  }
+  async setDpopProofHeader(e, t) {
+    if (!this.config.dpopNonceId) return;
+    const n = await this.hooks.getDpopNonce(), o = await this.hooks.generateDpopProof({ accessToken: t, method: e.method, nonce: n, url: e.url });
+    e.headers.set("dpop", o);
+  }
+  async prepareRequest(e, t) {
+    const n = await this.getAccessToken(t);
+    let o, r;
+    typeof n == "string" ? (o = this.config.dpopNonceId ? E.DPoP : E.Bearer, r = n) : (o = n.token_type, r = n.access_token), this.setAuthorizationHeader(e, r, o), o === E.DPoP && await this.setDpopProofHeader(e, r);
+  }
+  getHeader(e, t) {
+    return Array.isArray(e) ? new Headers(e).get(t) || "" : typeof e.get == "function" ? e.get(t) || "" : e[t] || "";
+  }
+  hasUseDpopNonceError(e) {
+    if (e.status !== 401) return !1;
+    const t = this.getHeader(e.headers, "www-authenticate");
+    return t.includes("invalid_dpop_nonce") || t.includes("use_dpop_nonce");
+  }
+  async handleResponse(e, t) {
+    const n = this.getHeader(e.headers, "dpop-nonce");
+    if (n && await this.hooks.setDpopNonce(n), !this.hasUseDpopNonceError(e)) return e;
+    if (!n || !t.onUseDpopNonceError) throw new G(n);
+    return t.onUseDpopNonceError();
+  }
+  async internalFetchWithAuth(e, t, n, o) {
+    const r = this.buildBaseRequest(e, t);
+    await this.prepareRequest(r, o);
+    const a = await this.config.fetch(r);
+    return this.handleResponse(a, n);
+  }
+  fetchWithAuth(e, t, n) {
+    const o = { onUseDpopNonceError: () => this.internalFetchWithAuth(e, t, Object.assign(Object.assign({}, o), { onUseDpopNonceError: void 0 }), n) };
+    return this.internalFetchWithAuth(e, t, o, n);
+  }
+}
+class ht {
+  constructor(e, t) {
+    this.myAccountFetcher = e, this.apiBase = t;
+  }
+  async connectAccount(e) {
+    const t = await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/connect`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify(e) });
+    return this._handleResponse(t);
+  }
+  async completeAccount(e) {
+    const t = await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/complete`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify(e) });
+    return this._handleResponse(t);
+  }
+  async _handleResponse(e) {
+    let t;
+    try {
+      t = await e.text(), t = JSON.parse(t);
+    } catch (n) {
+      throw new V({ type: "invalid_json", status: e.status, title: "Invalid JSON response", detail: t || String(n) });
+    }
+    if (e.ok) return t;
+    throw new V(t);
+  }
+}
+class V extends Error {
+  constructor({ type: e, status: t, title: n, detail: o, validation_errors: r }) {
+    super(o), this.name = "MyAccountApiError", this.type = e, this.status = t, this.title = n, this.detail = o, this.validation_errors = r, Object.setPrototypeOf(this, V.prototype);
+  }
+}
+const A = new xe();
+class lt {
+  constructor(e) {
+    let t, n;
+    if (this.userCache = new Oe().enclosedCache, this.activeLockKeys = /* @__PURE__ */ new Set(), this.defaultOptions = { authorizationParams: { scope: "openid profile email" }, useRefreshTokensFallback: !1, useFormData: !0 }, this._releaseLockOnPageHide = async () => {
+      const u = Array.from(this.activeLockKeys);
+      for (const p of u) await A.releaseLock(p);
+      this.activeLockKeys.clear(), window.removeEventListener("pagehide", this._releaseLockOnPageHide);
+    }, this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), e), { authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), e.authorizationParams) }), typeof window < "u" && (() => {
+      if (!X()) throw new Error("For security reasons, `window.crypto` is required to run `auth0-spa-js`.");
+      if (X().subtle === void 0) throw new Error(`
+      auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information.
+    `);
+    })(), e.cache && e.cacheLocation && console.warn("Both `cache` and `cacheLocation` options have been specified in the Auth0Client configuration; ignoring `cacheLocation` and using `cache`."), e.cache) n = e.cache;
+    else {
+      if (t = e.cacheLocation || "memory", !we(t)) throw new Error(`Invalid cache location "${t}"`);
+      n = we(t)();
+    }
+    this.httpTimeoutMs = e.httpTimeoutInSeconds ? 1e3 * e.httpTimeoutInSeconds : 1e4, this.cookieStorage = e.legacySameSiteCookie === !1 ? z : nt, this.orgHintCookieName = `auth0.${this.options.clientId}.organization_hint`, this.isAuthenticatedCookieName = ((u) => `auth0.${u}.is.authenticated`)(this.options.clientId), this.sessionCheckExpiryDays = e.sessionCheckExpiryDays || 1;
+    const o = e.useCookiesForTransactions ? this.cookieStorage : ot;
+    var r;
+    this.scope = ((u, p, ...s) => {
+      if (typeof u != "object") return { default: W(p, u, ...s) };
+      let c = { default: W(p, ...s) };
+      return Object.keys(u).forEach(((h) => {
+        const d = u[h];
+        c[h] = W(p, d, ...s);
+      })), c;
+    })(this.options.authorizationParams.scope, "openid", this.options.useRefreshTokens ? "offline_access" : ""), this.transactionManager = new qe(o, this.options.clientId, this.options.cookieDomain), this.nowProvider = this.options.nowProvider || _e, this.cacheManager = new Be(n, n.allKeys ? void 0 : new st(n, this.options.clientId), this.nowProvider), this.dpop = this.options.useDpop ? new ut(this.options.clientId) : void 0, this.domainUrl = (r = this.options.domain, /^https?:\/\//.test(r) ? r : `https://${r}`), this.tokenIssuer = ((u, p) => u ? u.startsWith("https://") ? u : `https://${u}/` : `${p}/`)(this.options.issuer, this.domainUrl);
+    const a = `${this.domainUrl}/me/`, l = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && { dpopNonceId: "__auth0_my_account_api__" }), { getAccessToken: () => this.getTokenSilently({ authorizationParams: { scope: "create:me:connected_accounts", audience: a }, detailedResponse: !0 }) }));
+    this.myAccountApi = new ht(l, a), typeof window < "u" && window.Worker && this.options.useRefreshTokens && t === "memory" && (this.options.workerUrl ? this.worker = new Worker(this.options.workerUrl) : this.worker = new rt());
+  }
+  _url(e) {
+    const t = encodeURIComponent(btoa(JSON.stringify(this.options.auth0Client || ve)));
+    return `${this.domainUrl}${e}&auth0Client=${t}`;
+  }
+  _authorizeUrl(e) {
+    return this._url(`/authorize?${B(e)}`);
+  }
+  async _verifyIdToken(e, t, n) {
+    const o = await this.nowProvider();
+    return et({ iss: this.tokenIssuer, aud: this.options.clientId, id_token: e, nonce: t, organization: n, leeway: this.options.leeway, max_age: (r = this.options.authorizationParams.max_age, typeof r != "string" ? r : parseInt(r, 10) || void 0), now: o });
+    var r;
+  }
+  _processOrgHint(e) {
+    e ? this.cookieStorage.save(this.orgHintCookieName, e, { daysUntilExpire: this.sessionCheckExpiryDays, cookieDomain: this.options.cookieDomain }) : this.cookieStorage.remove(this.orgHintCookieName, { cookieDomain: this.options.cookieDomain });
+  }
+  async _prepareAuthorizeUrl(e, t, n) {
+    var o;
+    const r = M(R()), a = M(R()), l = R(), u = await de(l), p = le(u), s = await ((o = this.dpop) === null || o === void 0 ? void 0 : o.calculateThumbprint()), c = ((d, m, y, f, k, b, w, g, _) => Object.assign(Object.assign(Object.assign({ client_id: d.clientId }, d.authorizationParams), y), { scope: H(m, y.scope, y.audience), response_type: "code", response_mode: g || "query", state: f, nonce: k, redirect_uri: w || d.authorizationParams.redirect_uri, code_challenge: b, code_challenge_method: "S256", dpop_jkt: _ }))(this.options, this.scope, e, r, a, p, e.redirect_uri || this.options.authorizationParams.redirect_uri || n, t == null ? void 0 : t.response_mode, s), h = this._authorizeUrl(c);
+    return { nonce: a, code_verifier: l, scope: c.scope, audience: c.audience || "default", redirect_uri: c.redirect_uri, state: r, url: h };
+  }
+  async loginWithPopup(e, t) {
+    var n;
+    if (e = e || {}, !(t = t || {}).popup && (t.popup = ((l) => {
+      const u = window.screenX + (window.innerWidth - 400) / 2, p = window.screenY + (window.innerHeight - 600) / 2;
+      return window.open(l, "auth0:authorize:popup", `left=${u},top=${p},width=400,height=600,resizable,scrollbars=yes,status=1`);
+    })(""), !t.popup)) throw new re();
+    const o = await this._prepareAuthorizeUrl(e.authorizationParams || {}, { response_mode: "web_message" }, window.location.origin);
+    t.popup.location.href = o.url;
+    const r = await ((l) => new Promise(((u, p) => {
+      let s;
+      const c = setInterval((() => {
+        l.popup && l.popup.closed && (clearInterval(c), clearTimeout(h), window.removeEventListener("message", s, !1), p(new ie(l.popup)));
+      }), 1e3), h = setTimeout((() => {
+        clearInterval(c), p(new oe(l.popup)), window.removeEventListener("message", s, !1);
+      }), 1e3 * (l.timeoutInSeconds || 60));
+      s = function(d) {
+        if (d.data && d.data.type === "authorization_response") {
+          if (clearTimeout(h), clearInterval(c), window.removeEventListener("message", s, !1), l.closePopup !== !1 && l.popup.close(), d.data.response.error) return p(v.fromPayload(d.data.response));
+          u(d.data.response);
+        }
+      }, window.addEventListener("message", s);
+    })))(Object.assign(Object.assign({}, t), { timeoutInSeconds: t.timeoutInSeconds || this.options.authorizeTimeoutInSeconds || 60 }));
+    if (o.state !== r.state) throw new v("state_mismatch", "Invalid state");
+    const a = ((n = e.authorizationParams) === null || n === void 0 ? void 0 : n.organization) || this.options.authorizationParams.organization;
+    await this._requestToken({ audience: o.audience, scope: o.scope, code_verifier: o.code_verifier, grant_type: "authorization_code", code: r.code, redirect_uri: o.redirect_uri }, { nonceIn: o.nonce, organization: a });
+  }
+  async getUser() {
+    var e;
+    const t = await this._getIdTokenFromCache();
+    return (e = t == null ? void 0 : t.decodedToken) === null || e === void 0 ? void 0 : e.user;
+  }
+  async getIdTokenClaims() {
+    var e;
+    const t = await this._getIdTokenFromCache();
+    return (e = t == null ? void 0 : t.decodedToken) === null || e === void 0 ? void 0 : e.claims;
+  }
+  async loginWithRedirect(e = {}) {
+    var t;
+    const n = be(e), { openUrl: o, fragment: r, appState: a } = n, l = I(n, ["openUrl", "fragment", "appState"]), u = ((t = l.authorizationParams) === null || t === void 0 ? void 0 : t.organization) || this.options.authorizationParams.organization, p = await this._prepareAuthorizeUrl(l.authorizationParams || {}), { url: s } = p, c = I(p, ["url"]);
+    this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, c), { appState: a, response_type: j.Code }), u && { organization: u }));
+    const h = r ? `${s}#${r}` : s;
+    o ? await o(h) : window.location.assign(h);
+  }
+  async handleRedirectCallback(e = window.location.href) {
+    const t = e.split("?").slice(1);
+    if (t.length === 0) throw new Error("There are no query params available for parsing.");
+    const n = this.transactionManager.get();
+    if (!n) throw new v("missing_transaction", "Invalid state");
+    this.transactionManager.remove();
+    const o = ((r) => {
+      r.indexOf("#") > -1 && (r = r.substring(0, r.indexOf("#")));
+      const a = new URLSearchParams(r);
+      return { state: a.get("state"), code: a.get("code") || void 0, connect_code: a.get("connect_code") || void 0, error: a.get("error") || void 0, error_description: a.get("error_description") || void 0 };
+    })(t.join(""));
+    return n.response_type === j.ConnectCode ? this._handleConnectAccountRedirectCallback(o, n) : this._handleLoginRedirectCallback(o, n);
+  }
+  async _handleLoginRedirectCallback(e, t) {
+    const { code: n, state: o, error: r, error_description: a } = e;
+    if (r) throw new te(r, a || r, o, t.appState);
+    if (!t.code_verifier || t.state && t.state !== o) throw new v("state_mismatch", "Invalid state");
+    const l = t.organization, u = t.nonce, p = t.redirect_uri;
+    return await this._requestToken(Object.assign({ audience: t.audience, scope: t.scope, code_verifier: t.code_verifier, grant_type: "authorization_code", code: n }, p ? { redirect_uri: p } : {}), { nonceIn: u, organization: l }), { appState: t.appState, response_type: j.Code };
+  }
+  async _handleConnectAccountRedirectCallback(e, t) {
+    const { connect_code: n, state: o, error: r, error_description: a } = e;
+    if (r) throw new ne(r, a || r, t.connection, o, t.appState);
+    if (!n) throw new v("missing_connect_code", "Missing connect code");
+    if (!(t.code_verifier && t.state && t.auth_session && t.redirect_uri && t.state === o)) throw new v("state_mismatch", "Invalid state");
+    const l = await this.myAccountApi.completeAccount({ auth_session: t.auth_session, connect_code: n, redirect_uri: t.redirect_uri, code_verifier: t.code_verifier });
+    return Object.assign(Object.assign({}, l), { appState: t.appState, response_type: j.ConnectCode });
+  }
+  async checkSession(e) {
+    if (!this.cookieStorage.get(this.isAuthenticatedCookieName)) {
+      if (!this.cookieStorage.get("auth0.is.authenticated")) return;
+      this.cookieStorage.save(this.isAuthenticatedCookieName, !0, { daysUntilExpire: this.sessionCheckExpiryDays, cookieDomain: this.options.cookieDomain }), this.cookieStorage.remove("auth0.is.authenticated");
+    }
+    try {
+      await this.getTokenSilently(e);
+    } catch {
+    }
+  }
+  async getTokenSilently(e = {}) {
+    var t, n;
+    const o = Object.assign(Object.assign({ cacheMode: "on" }, e), { authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), e.authorizationParams), { scope: H(this.scope, (t = e.authorizationParams) === null || t === void 0 ? void 0 : t.scope, ((n = e.authorizationParams) === null || n === void 0 ? void 0 : n.audience) || this.options.authorizationParams.audience) }) }), r = await ((a, l) => {
+      let u = $[l];
+      return u || (u = a().finally((() => {
+        delete $[l], u = null;
+      })), $[l] = u), u;
+    })((() => this._getTokenSilently(o)), `${this.options.clientId}::${o.authorizationParams.audience}::${o.authorizationParams.scope}`);
+    return e.detailedResponse ? r : r == null ? void 0 : r.access_token;
+  }
+  async _getTokenSilently(e) {
+    const { cacheMode: t } = e, n = I(e, ["cacheMode"]);
+    if (t !== "off") {
+      const l = await this._getEntryFromCache({ scope: n.authorizationParams.scope, audience: n.authorizationParams.audience || "default", clientId: this.options.clientId, cacheMode: t });
+      if (l) return l;
+    }
+    if (t === "cache-only") return;
+    const o = (r = this.options.clientId, a = n.authorizationParams.audience || "default", `auth0.lock.getTokenSilently.${r}.${a}`);
+    var r, a;
+    if (!await ye((() => A.acquireLock(o, 5e3)), 10)) throw new N();
+    this.activeLockKeys.add(o), this.activeLockKeys.size === 1 && window.addEventListener("pagehide", this._releaseLockOnPageHide);
+    try {
+      if (t !== "off") {
+        const d = await this._getEntryFromCache({ scope: n.authorizationParams.scope, audience: n.authorizationParams.audience || "default", clientId: this.options.clientId });
+        if (d) return d;
+      }
+      const l = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(n) : await this._getTokenFromIFrame(n), { id_token: u, token_type: p, access_token: s, oauthTokenScope: c, expires_in: h } = l;
+      return Object.assign(Object.assign({ id_token: u, token_type: p, access_token: s }, c ? { scope: c } : null), { expires_in: h });
+    } finally {
+      await A.releaseLock(o), this.activeLockKeys.delete(o), this.activeLockKeys.size === 0 && window.removeEventListener("pagehide", this._releaseLockOnPageHide);
+    }
+  }
+  async getTokenWithPopup(e = {}, t = {}) {
+    var n, o;
+    const r = Object.assign(Object.assign({}, e), { authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), e.authorizationParams), { scope: H(this.scope, (n = e.authorizationParams) === null || n === void 0 ? void 0 : n.scope, ((o = e.authorizationParams) === null || o === void 0 ? void 0 : o.audience) || this.options.authorizationParams.audience) }) });
+    return t = Object.assign(Object.assign({}, ze), t), await this.loginWithPopup(r, t), (await this.cacheManager.get(new S({ scope: r.authorizationParams.scope, audience: r.authorizationParams.audience || "default", clientId: this.options.clientId }), void 0, this.options.useMrrt)).access_token;
+  }
+  async isAuthenticated() {
+    return !!await this.getUser();
+  }
+  _buildLogoutUrl(e) {
+    e.clientId !== null ? e.clientId = e.clientId || this.options.clientId : delete e.clientId;
+    const t = e.logoutParams || {}, { federated: n } = t, o = I(t, ["federated"]), r = n ? "&federated" : "";
+    return this._url(`/v2/logout?${B(Object.assign({ clientId: e.clientId }, o))}`) + r;
+  }
+  async logout(e = {}) {
+    var t;
+    const n = be(e), { openUrl: o } = n, r = I(n, ["openUrl"]);
+    e.clientId === null ? await this.cacheManager.clear() : await this.cacheManager.clear(e.clientId || this.options.clientId), this.cookieStorage.remove(this.orgHintCookieName, { cookieDomain: this.options.cookieDomain }), this.cookieStorage.remove(this.isAuthenticatedCookieName, { cookieDomain: this.options.cookieDomain }), this.userCache.remove("@@user@@"), await ((t = this.dpop) === null || t === void 0 ? void 0 : t.clear());
+    const a = this._buildLogoutUrl(r);
+    o ? await o(a) : o !== !1 && window.location.assign(a);
+  }
+  async _getTokenFromIFrame(e) {
+    const t = `auth0.lock.getTokenFromIFrame.${this.options.clientId}`;
+    if (!await ye((() => A.acquireLock(t, 5e3)), 10)) throw new N();
+    try {
+      const n = Object.assign(Object.assign({}, e.authorizationParams), { prompt: "none" }), o = this.cookieStorage.get(this.orgHintCookieName);
+      o && !n.organization && (n.organization = o);
+      const { url: r, state: a, nonce: l, code_verifier: u, redirect_uri: p, scope: s, audience: c } = await this._prepareAuthorizeUrl(n, { response_mode: "web_message" }, window.location.origin);
+      if (window.crossOriginIsolated) throw new v("login_required", "The application is running in a Cross-Origin Isolated context, silently retrieving a token without refresh token is not possible.");
+      const h = e.timeoutInSeconds || this.options.authorizeTimeoutInSeconds;
+      let d;
+      try {
+        d = new URL(this.domainUrl).origin;
+      } catch {
+        d = this.domainUrl;
+      }
+      const m = await ((f, k, b = 60) => new Promise(((w, g) => {
+        const _ = window.document.createElement("iframe");
+        _.setAttribute("width", "0"), _.setAttribute("height", "0"), _.style.display = "none";
+        const ce = () => {
+          window.document.body.contains(_) && (window.document.body.removeChild(_), window.removeEventListener("message", Z, !1));
+        };
+        let Z;
+        const Ke = setTimeout((() => {
+          g(new N()), ce();
+        }), 1e3 * b);
+        Z = function(P) {
+          if (P.origin != k || !P.data || P.data.type !== "authorization_response") return;
+          const ue = P.source;
+          ue && ue.close(), P.data.response.error ? g(v.fromPayload(P.data.response)) : w(P.data.response), clearTimeout(Ke), window.removeEventListener("message", Z, !1), setTimeout(ce, 2e3);
+        }, window.addEventListener("message", Z, !1), window.document.body.appendChild(_), _.setAttribute("src", f);
+      })))(r, d, h);
+      if (a !== m.state) throw new v("state_mismatch", "Invalid state");
+      const y = await this._requestToken(Object.assign(Object.assign({}, e.authorizationParams), { code_verifier: u, code: m.code, grant_type: "authorization_code", redirect_uri: p, timeout: e.authorizationParams.timeout || this.httpTimeoutMs }), { nonceIn: l, organization: n.organization });
+      return Object.assign(Object.assign({}, y), { scope: s, oauthTokenScope: y.scope, audience: c });
+    } catch (n) {
+      throw n.error === "login_required" && this.logout({ openUrl: !1 }), n;
+    } finally {
+      await A.releaseLock(t);
+    }
+  }
+  async _getTokenUsingRefreshToken(e) {
+    const t = await this.cacheManager.get(new S({ scope: e.authorizationParams.scope, audience: e.authorizationParams.audience || "default", clientId: this.options.clientId }), void 0, this.options.useMrrt);
+    if (!(t && t.refresh_token || this.worker)) {
+      if (this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
+      throw new F(e.authorizationParams.audience || "default", e.authorizationParams.scope);
+    }
+    const n = e.authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || window.location.origin, o = typeof e.timeoutInSeconds == "number" ? 1e3 * e.timeoutInSeconds : null, r = ((s, c, h, d) => {
+      var m;
+      if (s && h && d) {
+        if (c.audience !== h) return c.scope;
+        const y = d.split(" "), f = ((m = c.scope) === null || m === void 0 ? void 0 : m.split(" ")) || [], k = f.every(((b) => y.includes(b)));
+        return y.length >= f.length && k ? d : c.scope;
+      }
+      return c.scope;
+    })(this.options.useMrrt, e.authorizationParams, t == null ? void 0 : t.audience, t == null ? void 0 : t.scope);
+    try {
+      const s = await this._requestToken(Object.assign(Object.assign(Object.assign({}, e.authorizationParams), { grant_type: "refresh_token", refresh_token: t && t.refresh_token, redirect_uri: n }), o && { timeout: o }), { scopesToRequest: r });
+      if (s.refresh_token && (t != null && t.refresh_token) && await this.cacheManager.updateEntry(t.refresh_token, s.refresh_token), this.options.useMrrt && (a = t == null ? void 0 : t.audience, l = t == null ? void 0 : t.scope, u = e.authorizationParams.audience, p = e.authorizationParams.scope, (a !== u || !ke(p, l)) && !ke(r, s.scope))) {
+        if (this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
+        await this.cacheManager.remove(this.options.clientId, e.authorizationParams.audience, e.authorizationParams.scope);
+        const c = ((h, d) => {
+          const m = (h == null ? void 0 : h.split(" ")) || [], y = (d == null ? void 0 : d.split(" ")) || [];
+          return m.filter(((f) => y.indexOf(f) == -1)).join(",");
+        })(r, s.scope);
+        throw new ae(e.authorizationParams.audience || "default", c);
+      }
+      return Object.assign(Object.assign({}, s), { scope: e.authorizationParams.scope, oauthTokenScope: s.scope, audience: e.authorizationParams.audience || "default" });
+    } catch (s) {
+      if ((s.message.indexOf("Missing Refresh Token") > -1 || s.message && s.message.indexOf("invalid refresh token") > -1) && this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
+      throw s;
+    }
+    var a, l, u, p;
+  }
+  async _saveEntryInCache(e) {
+    const { id_token: t, decodedToken: n } = e, o = I(e, ["id_token", "decodedToken"]);
+    this.userCache.set("@@user@@", { id_token: t, decodedToken: n }), await this.cacheManager.setIdToken(this.options.clientId, e.id_token, e.decodedToken), await this.cacheManager.set(o);
+  }
+  async _getIdTokenFromCache() {
+    const e = this.options.authorizationParams.audience || "default", t = this.scope[e], n = await this.cacheManager.getIdToken(new S({ clientId: this.options.clientId, audience: e, scope: t })), o = this.userCache.get("@@user@@");
+    return n && n.id_token === (o == null ? void 0 : o.id_token) ? o : (this.userCache.set("@@user@@", n), n);
+  }
+  async _getEntryFromCache({ scope: e, audience: t, clientId: n, cacheMode: o }) {
+    const r = await this.cacheManager.get(new S({ scope: e, audience: t, clientId: n }), 60, this.options.useMrrt, o);
+    if (r && r.access_token) {
+      const { token_type: a, access_token: l, oauthTokenScope: u, expires_in: p } = r, s = await this._getIdTokenFromCache();
+      return s && Object.assign(Object.assign({ id_token: s.id_token, token_type: a || "Bearer", access_token: l }, u ? { scope: u } : null), { expires_in: p });
+    }
+  }
+  async _requestToken(e, t) {
+    var n, o;
+    const { nonceIn: r, organization: a, scopesToRequest: l } = t || {}, u = await Ye(Object.assign(Object.assign({ baseUrl: this.domainUrl, client_id: this.options.clientId, auth0Client: this.options.auth0Client, useFormData: this.options.useFormData, timeout: this.httpTimeoutMs, useMrrt: this.options.useMrrt, dpop: this.dpop }, e), { scope: l || e.scope }), this.worker), p = await this._verifyIdToken(u.id_token, r, a);
+    if (e.grant_type === "authorization_code") {
+      const s = await this._getIdTokenFromCache();
+      !((o = (n = s == null ? void 0 : s.decodedToken) === null || n === void 0 ? void 0 : n.claims) === null || o === void 0) && o.sub && s.decodedToken.claims.sub !== p.claims.sub && (await this.cacheManager.clear(this.options.clientId), this.userCache.remove("@@user@@"));
+    }
+    return await this._saveEntryInCache(Object.assign(Object.assign(Object.assign(Object.assign({}, u), { decodedToken: p, scope: e.scope, audience: e.audience || "default" }), u.scope ? { oauthTokenScope: u.scope } : null), { client_id: this.options.clientId })), this.cookieStorage.save(this.isAuthenticatedCookieName, !0, { daysUntilExpire: this.sessionCheckExpiryDays, cookieDomain: this.options.cookieDomain }), this._processOrgHint(a || p.claims.org_id), Object.assign(Object.assign({}, u), { decodedToken: p });
+  }
+  async exchangeToken(e) {
+    return this._requestToken({ grant_type: "urn:ietf:params:oauth:grant-type:token-exchange", subject_token: e.subject_token, subject_token_type: e.subject_token_type, scope: H(this.scope, e.scope, e.audience || this.options.authorizationParams.audience), audience: e.audience || this.options.authorizationParams.audience, organization: e.organization || this.options.authorizationParams.organization });
+  }
+  _assertDpop(e) {
+    if (!e) throw new Error("`useDpop` option must be enabled before using DPoP.");
+  }
+  getDpopNonce(e) {
+    return this._assertDpop(this.dpop), this.dpop.getNonce(e);
+  }
+  setDpopNonce(e, t) {
+    return this._assertDpop(this.dpop), this.dpop.setNonce(e, t);
+  }
+  generateDpopProof(e) {
+    return this._assertDpop(this.dpop), this.dpop.generateProof(e);
+  }
+  createFetcher(e = {}) {
+    return new dt(e, { isDpopEnabled: () => !!this.options.useDpop, getAccessToken: (t) => {
+      var n;
+      return this.getTokenSilently({ authorizationParams: { scope: (n = t == null ? void 0 : t.scope) === null || n === void 0 ? void 0 : n.join(" "), audience: t == null ? void 0 : t.audience }, detailedResponse: !0 });
+    }, getDpopNonce: () => this.getDpopNonce(e.dpopNonceId), setDpopNonce: (t) => this.setDpopNonce(t, e.dpopNonceId), generateDpopProof: (t) => this.generateDpopProof(t) });
+  }
+  async connectAccountWithRedirect(e) {
+    const { openUrl: t, appState: n, connection: o, scopes: r, authorization_params: a, redirectUri: l = this.options.authorizationParams.redirect_uri || window.location.origin } = e;
+    if (!o) throw new Error("connection is required");
+    const u = M(R()), p = R(), s = await de(p), c = le(s), { connect_uri: h, connect_params: d, auth_session: m } = await this.myAccountApi.connectAccount({ connection: o, scopes: r, redirect_uri: l, state: u, code_challenge: c, code_challenge_method: "S256", authorization_params: a });
+    this.transactionManager.create({ state: u, code_verifier: p, auth_session: m, redirect_uri: l, appState: n, connection: o, response_type: j.ConnectCode });
+    const y = new URL(h);
+    y.searchParams.set("ticket", d.ticket), t ? await t(y.toString()) : window.location.assign(y);
+  }
+}
+export {
+  lt as Auth0Client,
+  te as AuthenticationError,
+  S as CacheKey,
+  ne as ConnectError,
+  v as GenericError,
+  Oe as InMemoryCache,
+  $e as LocalStorageCache,
+  se as MfaRequiredError,
+  F as MissingRefreshTokenError,
+  V as MyAccountApiError,
+  ie as PopupCancelledError,
+  re as PopupOpenError,
+  oe as PopupTimeoutError,
+  j as ResponseType,
+  N as TimeoutError,
+  G as UseDpopNonceError
+};
+//# sourceMappingURL=auth0-spa-js.production.esm-DL9f1uDJ.js.map