npm - authhero - Versions diffs - 4.78.0 → 4.79.0 - Mend

authhero 4.78.0 → 4.79.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/authhero.mjs CHANGED Viewed

@@ -79,7 +79,7 @@ const ke = (e) => typeof e == "string", es = () => {
   for (const i in t)
     i !== "__proto__" && i !== "constructor" && (i in e ? ke(e[i]) || e[i] instanceof String || ke(t[i]) || t[i] instanceof String ? n && (e[i] = t[i]) : jA(e[i], t[i], n) : e[i] = t[i]);
   return e;
-}, Sr = (e) => e.replace(/[\-\[\]\/\{\}\(\)\*\+\?\.\\\^\$\|]/g, "\\$&");
+}, xr = (e) => e.replace(/[\-\[\]\/\{\}\(\)\*\+\?\.\\\^\$\|]/g, "\\$&");
 var PE = {
   "&": "&amp;",
   "<": "&lt;",
@@ -718,7 +718,7 @@ class B_ {
       maxReplaces: y,
       alwaysFormat: _
     } = t.interpolation;
-    this.escape = n !== void 0 ? n : jE, this.escapeValue = i !== void 0 ? i : !0, this.useRawValueToEscape = r !== void 0 ? r : !1, this.prefix = o ? Sr(o) : s || "{{", this.suffix = c ? Sr(c) : l || "}}", this.formatSeparator = d || ",", this.unescapePrefix = u ? "" : p || "-", this.unescapeSuffix = this.unescapePrefix ? "" : u || "", this.nestingPrefix = f ? Sr(f) : h || Sr("$t("), this.nestingSuffix = m ? Sr(m) : g || Sr(")"), this.nestingOptionsSeparator = w || ",", this.maxReplaces = y || 1e3, this.alwaysFormat = _ !== void 0 ? _ : !1, this.resetRegExp();
+    this.escape = n !== void 0 ? n : jE, this.escapeValue = i !== void 0 ? i : !0, this.useRawValueToEscape = r !== void 0 ? r : !1, this.prefix = o ? xr(o) : s || "{{", this.suffix = c ? xr(c) : l || "}}", this.formatSeparator = d || ",", this.unescapePrefix = u ? "" : p || "-", this.unescapeSuffix = this.unescapePrefix ? "" : u || "", this.nestingPrefix = f ? xr(f) : h || xr("$t("), this.nestingSuffix = m ? xr(m) : g || xr(")"), this.nestingOptionsSeparator = w || ",", this.maxReplaces = y || 1e3, this.alwaysFormat = _ !== void 0 ? _ : !1, this.resetRegExp();
   }
   reset() {
     this.options && this.init(this.options);
@@ -779,7 +779,7 @@ class B_ {
     const c = (l, d) => {
       const u = this.nestingOptionsSeparator;
       if (l.indexOf(u) < 0) return l;
-      const p = l.split(new RegExp(`${Sr(u)}[ ]*{`));
+      const p = l.split(new RegExp(`${xr(u)}[ ]*{`));
       let f = `{${p[1]}`;
       l = p[0], f = this.interpolate(f, s);
       const h = f.match(/'/g), m = f.match(/"/g);
@@ -1376,7 +1376,7 @@ L.setDefaultNamespace;
 L.hasLoadedNamespace;
 L.loadNamespaces;
 L.loadLanguages;
-const fr = a.object({
+const hr = a.object({
   created_at: a.string(),
   updated_at: a.string()
 }), vme = a.enum(["AUTH0", "EMAIL", "REDIRECT"]), Ame = a.enum([
@@ -1443,7 +1443,7 @@ const fr = a.object({
     description: "The list of actions to execute in sequence"
   })
 }), fs = sm.extend({
-  ...fr.shape,
+  ...hr.shape,
   id: a.string().openapi({
     description: "Unique identifier for the flow",
     example: "af_12tMpdJ3iek7svMyZkSh5M"
@@ -1555,7 +1555,7 @@ const fr = a.object({
   }).optional()
 }), DA = a.object({
   ...lm.omit({ password: !0 }).shape,
-  ...fr.shape,
+  ...hr.shape,
   user_id: a.string(),
   provider: a.string(),
   is_social: a.boolean(),
@@ -2199,7 +2199,7 @@ const Cd = a.object({
   show_as_button: a.boolean().optional(),
   metadata: a.record(a.any()).optional(),
   is_system: a.boolean().optional()
-}), Dr = a.object({
+}), Mr = a.object({
   id: a.string(),
   created_at: a.string().transform((e) => e === null ? "" : e),
   updated_at: a.string().transform((e) => e === null ? "" : e)
@@ -2228,7 +2228,7 @@ const Cd = a.object({
     http_body: a.string(),
     http_url: a.string()
   })
-]), Pr = a.object({
+]), jr = a.object({
   ...UA.shape,
   custom_domain_id: a.string(),
   primary: a.boolean(),
@@ -2238,25 +2238,25 @@ const Cd = a.object({
     methods: a.array(S5)
   }).optional(),
   tls_policy: a.string().optional()
-}), Tme = Pr.extend({
+}), Tme = jr.extend({
   tenant_id: a.string()
 }), C0 = a.object({
   id: a.string(),
   order: a.number().optional(),
   visible: a.boolean().optional().default(!0)
-}), hr = C0.extend({
+}), mr = C0.extend({
   category: a.literal("BLOCK").optional()
-}), x5 = hr.extend({
+}), x5 = mr.extend({
   type: a.literal("DIVIDER"),
   config: a.object({
     text: a.string().optional()
   }).optional()
-}), E5 = hr.extend({
+}), E5 = mr.extend({
   type: a.literal("HTML"),
   config: a.object({
     content: a.string().optional()
   }).optional()
-}), C5 = hr.extend({
+}), C5 = mr.extend({
   type: a.literal("IMAGE"),
   config: a.object({
     src: a.string().optional(),
@@ -2264,29 +2264,29 @@ const Cd = a.object({
     width: a.number().optional(),
     height: a.number().optional()
   }).optional()
-}), $5 = hr.extend({
+}), $5 = mr.extend({
   type: a.literal("JUMP_BUTTON"),
   config: a.object({
     text: a.string().optional(),
     target_step: a.string().optional()
   })
-}), T5 = hr.extend({
+}), T5 = mr.extend({
   type: a.literal("RESEND_BUTTON"),
   config: a.object({
     text: a.string().optional(),
     resend_action: a.string().optional()
   })
-}), I5 = hr.extend({
+}), I5 = mr.extend({
   type: a.literal("NEXT_BUTTON"),
   config: a.object({
     text: a.string().optional()
   })
-}), N5 = hr.extend({
+}), N5 = mr.extend({
   type: a.literal("PREVIOUS_BUTTON"),
   config: a.object({
     text: a.string().optional()
   })
-}), P5 = hr.extend({
+}), P5 = mr.extend({
   type: a.literal("RICH_TEXT"),
   config: a.object({
     content: a.string().optional()
@@ -2607,7 +2607,7 @@ const Cd = a.object({
 }).openapi({
   description: "Schema for flow-based forms (matches Auth0 Forms structure)"
 }), hs = a.object({
-  ...fr.shape,
+  ...hr.shape,
   ...fm.shape,
   id: a.string()
 }), aC = a.object({
@@ -2697,19 +2697,19 @@ const qA = a.enum([
 ]), uC = a.object({
   ...Ra,
   trigger_id: qA,
-  ...fr.shape,
+  ...hr.shape,
   hook_id: a.string(),
   url: a.string()
 }), pC = a.object({
   ...Ra,
   trigger_id: HA,
-  ...fr.shape,
+  ...hr.shape,
   hook_id: a.string(),
   form_id: a.string()
 }), fC = a.object({
   ...Ra,
   trigger_id: KA,
-  ...fr.shape,
+  ...hr.shape,
   hook_id: a.string(),
   template_id: VA
 }), ms = a.union([
@@ -2781,8 +2781,8 @@ const qA = a.enum([
   request_parameter_supported: a.boolean(),
   token_endpoint_auth_signing_alg_values_supported: a.array(a.string())
 });
-var Pe = /* @__PURE__ */ ((e) => (e.PENDING = "pending", e.AUTHENTICATED = "authenticated", e.AWAITING_EMAIL_VERIFICATION = "awaiting_email_verification", e.AWAITING_MFA = "awaiting_mfa", e.AWAITING_HOOK = "awaiting_hook", e.AWAITING_CONTINUATION = "awaiting_continuation", e.COMPLETED = "completed", e.FAILED = "failed", e.EXPIRED = "expired", e))(Pe || {});
-const yC = a.nativeEnum(Pe), _C = a.object({
+var $e = /* @__PURE__ */ ((e) => (e.PENDING = "pending", e.AUTHENTICATED = "authenticated", e.AWAITING_EMAIL_VERIFICATION = "awaiting_email_verification", e.AWAITING_MFA = "awaiting_mfa", e.AWAITING_HOOK = "awaiting_hook", e.AWAITING_CONTINUATION = "awaiting_continuation", e.COMPLETED = "completed", e.FAILED = "failed", e.EXPIRED = "expired", e))($e || {});
+const yC = a.nativeEnum($e), _C = a.object({
   csrf_token: a.string(),
   auth0Client: a.string().optional(),
   authParams: Cd,
@@ -3530,9 +3530,9 @@ const xC = a.object({
     description: "List of enabled connections for the organization"
   }),
   token_quota: HC
-}), Mr = a.object({
+}), Lr = a.object({
   ...wm.shape,
-  ...fr.shape,
+  ...hr.shape,
   id: a.string(),
   // Override name to be lenient when reading from database (to support existing uppercase names)
   name: a.string().min(1).openapi({
@@ -3547,7 +3547,7 @@ const xC = a.object({
   })
 }), Hme = a.object({
   ...KC.shape,
-  ...fr.shape,
+  ...hr.shape,
   id: a.string()
 }), Kme = a.object({
   // Session settings
@@ -4254,7 +4254,7 @@ async function I0(e, t, n) {
     q: `email:${n}`
   })).users;
 }
-async function mr({
+async function gr({
   userAdapter: e,
   tenant_id: t,
   username: n,
@@ -4297,7 +4297,7 @@ async function Rn({
   username: n,
   provider: i
 }) {
-  const r = await mr({
+  const r = await gr({
     userAdapter: e,
     tenant_id: t,
     username: n,
@@ -6458,7 +6458,7 @@ function $i(e, t) {
   });
   return i.headers.set("Content-Type", "application/x-www-form-urlencoded"), i.headers.set("Accept", "application/json"), i.headers.set("User-Agent", "arctic"), i.headers.set("Content-Length", n.byteLength.toString()), i;
 }
-function zr(e, t) {
+function qr(e, t) {
   const n = new TextEncoder().encode(`${e}:${t}`);
   return w8(n);
 }
@@ -6595,10 +6595,10 @@ class fo {
   }
   createAuthorizationURLWithPKCE(t, n, i, r, o) {
     const s = new URL(t);
-    if (s.searchParams.set("response_type", "code"), s.searchParams.set("client_id", this.clientId), this.redirectURI !== null && s.searchParams.set("redirect_uri", this.redirectURI), s.searchParams.set("state", n), i === Gr.S256) {
+    if (s.searchParams.set("response_type", "code"), s.searchParams.set("client_id", this.clientId), this.redirectURI !== null && s.searchParams.set("redirect_uri", this.redirectURI), s.searchParams.set("state", n), i === Wr.S256) {
       const c = hk(r);
       s.searchParams.set("code_challenge_method", "S256"), s.searchParams.set("code_challenge", c);
-    } else i === Gr.Plain && (s.searchParams.set("code_challenge_method", "plain"), s.searchParams.set("code_challenge", r));
+    } else i === Wr.Plain && (s.searchParams.set("code_challenge_method", "plain"), s.searchParams.set("code_challenge", r));
     return o.length > 0 && s.searchParams.set("scope", o.join(" ")), s;
   }
   async validateAuthorizationCode(t, n, i) {
@@ -6606,7 +6606,7 @@ class fo {
     r.set("grant_type", "authorization_code"), r.set("code", n), this.redirectURI !== null && r.set("redirect_uri", this.redirectURI), i !== null && r.set("code_verifier", i), this.clientPassword === null && r.set("client_id", this.clientId);
     const o = $i(t, r);
     if (this.clientPassword !== null) {
-      const c = zr(this.clientId, this.clientPassword);
+      const c = qr(this.clientId, this.clientPassword);
       o.headers.set("Authorization", `Basic ${c}`);
     }
     return await ra(o);
@@ -6616,7 +6616,7 @@ class fo {
     r.set("grant_type", "refresh_token"), r.set("refresh_token", n), this.clientPassword === null && r.set("client_id", this.clientId), i.length > 0 && r.set("scope", i.join(" "));
     const o = $i(t, r);
     if (this.clientPassword !== null) {
-      const c = zr(this.clientId, this.clientPassword);
+      const c = qr(this.clientId, this.clientPassword);
       o.headers.set("Authorization", `Basic ${c}`);
     }
     return await ra(o);
@@ -6626,16 +6626,16 @@ class fo {
     i.set("token", n), this.clientPassword === null && i.set("client_id", this.clientId);
     const r = $i(t, i);
     if (this.clientPassword !== null) {
-      const o = zr(this.clientId, this.clientPassword);
+      const o = qr(this.clientId, this.clientPassword);
       r.headers.set("Authorization", `Basic ${o}`);
     }
     await C8(r);
   }
 }
-var Gr;
+var Wr;
 (function(e) {
   e[e.S256 = 0] = "S256", e[e.Plain = 1] = "Plain";
-})(Gr || (Gr = {}));
+})(Wr || (Wr = {}));
 var ew;
 (function(e) {
   e[e.Include = 0] = "Include", e[e.None = 1] = "None";
@@ -6752,13 +6752,13 @@ class _k {
   async validateAuthorizationCode(t) {
     const n = new URLSearchParams();
     n.set("grant_type", "authorization_code"), n.set("code", t), this.redirectURI !== null && n.set("redirect_uri", this.redirectURI);
-    const i = $i(iw, n), r = zr(this.clientId, this.clientSecret);
+    const i = $i(iw, n), r = qr(this.clientId, this.clientSecret);
     return i.headers.set("Authorization", `Basic ${r}`), await rw(i);
   }
   async refreshAccessToken(t) {
     const n = new URLSearchParams();
     n.set("grant_type", "refresh_token"), n.set("refresh_token", t);
-    const i = $i(iw, n), r = zr(this.clientId, this.clientSecret);
+    const i = $i(iw, n), r = qr(this.clientId, this.clientSecret);
     return i.headers.set("Authorization", `Basic ${r}`), await rw(i);
   }
 }
@@ -6797,7 +6797,7 @@ let wk = class {
     this.client = new fo(t, n, i);
   }
   createAuthorizationURL(t, n, i) {
-    return this.client.createAuthorizationURLWithPKCE(M8, t, Gr.S256, n, i);
+    return this.client.createAuthorizationURLWithPKCE(M8, t, Wr.S256, n, i);
   }
   async validateAuthorizationCode(t, n) {
     return await this.client.validateAuthorizationCode(ow, t, n);
@@ -6829,7 +6829,7 @@ class bk {
     i.set("grant_type", "authorization_code"), i.set("code", t), i.set("redirect_uri", this.redirectURI), i.set("code_verifier", n), this.clientSecret === null && i.set("client_id", this.clientId);
     const r = $i(this.tokenEndpoint, i);
     if (this.clientSecret !== null) {
-      const s = zr(this.clientId, this.clientSecret);
+      const s = qr(this.clientId, this.clientSecret);
       r.headers.set("Authorization", `Basic ${s}`);
     } else
       r.headers.set("Origin", "arctic");
@@ -6840,7 +6840,7 @@ class bk {
     i.set("grant_type", "refresh_token"), i.set("refresh_token", t), this.clientSecret === null && i.set("client_id", this.clientId), n.length > 0 && i.set("scope", n.join(" "));
     const r = $i(this.tokenEndpoint, i);
     if (this.clientSecret !== null) {
-      const s = zr(this.clientId, this.clientSecret);
+      const s = qr(this.clientId, this.clientSecret);
       r.headers.set("Authorization", `Basic ${s}`);
     } else
       r.headers.set("Origin", "arctic");
@@ -7232,14 +7232,14 @@ Ma.omit({
   at_hash: !0,
   c_hash: !0
 });
-function gr(e, t) {
+function yr(e, t) {
   return t ? `https://${t}/` : e.ISSUER;
 }
 function Dt(e) {
   return e.UNIVERSAL_LOGIN_URL || `${e.ISSUER}u/`;
 }
-function Ge(e) {
-  return e.OAUTH_API_URL || e.ISSUER;
+function Ge(e, t) {
+  return t ? `https://${t}/` : e.OAUTH_API_URL || e.ISSUER;
 }
 const W8 = "Apple", J8 = "data:image/svg+xml,%3Csvg%20width%3D%2245%22%20height%3D%2245%22%20viewBox%3D%220%200%2045%2045%22%20fill%3D%22none%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%3Cpath%20d%3D%22M45%200H0V45H45V0Z%22%20fill%3D%22white%22%2F%3E%3Cpath%20d%3D%22M23.5344%2010.3846C25.5313%2010.3846%2028.0344%209.01144%2029.525%207.18055C30.875%205.5213%2031.8594%203.20407%2031.8594%200.886839C31.8594%200.572154%2031.8313%200.25747%2031.775%200C29.5531%200.0858233%2026.8813%201.51621%2025.2781%203.43293C24.0125%204.89193%2022.8594%207.18055%2022.8594%209.52638C22.8594%209.86968%2022.9156%2010.213%2022.9438%2010.3274C23.0844%2010.356%2023.3094%2010.3846%2023.5344%2010.3846ZM16.5031%2045C19.2313%2045%2020.4406%2043.1405%2023.8438%2043.1405C27.3031%2043.1405%2028.0625%2044.9428%2031.1%2044.9428C34.0813%2044.9428%2036.0781%2042.1392%2037.9625%2039.3929C40.0719%2036.246%2040.9438%2033.1564%2041%2033.0134C40.8031%2032.9561%2035.0938%2030.5817%2035.0938%2023.9161C35.0938%2018.1373%2039.5938%2015.534%2039.8469%2015.3338C36.8656%2010.9854%2032.3375%2010.8709%2031.1%2010.8709C27.7531%2010.8709%2025.025%2012.9307%2023.3094%2012.9307C21.4531%2012.9307%2019.0063%2010.9854%2016.1094%2010.9854C10.5969%2010.9854%205%2015.6198%205%2024.3738C5%2029.8093%207.08125%2035.5594%209.64063%2039.2784C11.8344%2042.4253%2013.7469%2045%2016.5031%2045Z%22%20fill%3D%22black%22%2F%3E%3C%2Fsvg%3E";
 function xk(e) {
@@ -7590,7 +7590,7 @@ async function C$(e, t) {
     redirectUrl: r.createAuthorizationURLWithPKCE(
       n.authorization_endpoint,
       o,
-      Gr.S256,
+      Wr.S256,
       s,
       c
     ).href,
@@ -7669,7 +7669,7 @@ async function P$(e, t) {
     redirectUrl: r.createAuthorizationURLWithPKCE(
       n.authorization_endpoint,
       o,
-      Gr.S256,
+      Wr.S256,
       s,
       c
     ).href,
@@ -7774,7 +7774,7 @@ const lw = nn.extend({
 }), M$ = nn.extend({
   sessions: a.array(T0)
 }), L$ = nn.extend({
-  organizations: a.array(Mr)
+  organizations: a.array(Lr)
 }), U$ = new he().openapi(
   B({
     tags: ["users"],
@@ -8600,7 +8600,7 @@ const lw = nn.extend({
           "application/json": {
             schema: a.union([
               L$,
-              a.array(Mr)
+              a.array(Lr)
             ])
           }
         },
@@ -8831,7 +8831,7 @@ function z$() {
         if (q(H) || (H = z(H)), !ue(F))
           throw new TypeError();
         q(H) || (H = z(H));
-        var X = kr(
+        var X = Sr(
           F,
           H,
           /*Create*/
@@ -8870,7 +8870,7 @@ function z$() {
         return Be(we) ? !1 : D(U, we, H);
       }
       function V(U, F, H) {
-        var X = kr(
+        var X = Sr(
           F,
           H,
           /*Create*/
@@ -8887,7 +8887,7 @@ function z$() {
           return Z(U, we, H);
       }
       function ne(U, F, H) {
-        var X = kr(
+        var X = Sr(
           F,
           H,
           /*Create*/
@@ -8897,7 +8897,7 @@ function z$() {
           return X.OrdinaryGetOwnMetadata(U, F, H);
       }
       function oe(U, F, H, X) {
-        var we = kr(
+        var we = Sr(
           H,
           X,
           /*Create*/
@@ -8925,7 +8925,7 @@ function z$() {
         return gt;
       }
       function ae(U, F) {
-        var H = kr(
+        var H = Sr(
           U,
           F,
           /*create*/
@@ -9272,7 +9272,7 @@ function z$() {
         };
         return Oe;
       }
-      function kr(U, F, H) {
+      function Sr(U, F, H) {
         var X = y.getProvider(U, F);
         if (!q(X))
           return X;
@@ -9784,7 +9784,7 @@ function oa(e, t) {
     n += e[e.length - 1 - i] * Math.pow(2, t * i);
   return n;
 }
-function Wr(e, t, n = -1) {
+function Jr(e, t, n = -1) {
   const i = n;
   let r = e, o = 0, s = Math.pow(2, t);
   for (let c = 1; c < 8; c++) {
@@ -9838,10 +9838,10 @@ function W$(e) {
   for (let i = 1; i < 8; i++) {
     if (t <= n) {
       if (e < 0) {
-        const s = n - t, c = Wr(s, 8, i), l = new Uint8Array(c);
+        const s = n - t, c = Jr(s, 8, i), l = new Uint8Array(c);
         return l[0] |= 128, c;
       }
-      let r = Wr(t, 8, i), o = new Uint8Array(r);
+      let r = Jr(t, 8, i), o = new Uint8Array(r);
       if (o[0] & 128) {
         const s = r.slice(0), c = new Uint8Array(s);
         r = new ArrayBuffer(r.byteLength + 1), o = new Uint8Array(r);
@@ -10004,7 +10004,7 @@ class Pk extends ci(ho) {
       return r.buffer;
     }
     if (!this.isHexOnly) {
-      const r = Wr(this.tagNumber, 7), o = new Uint8Array(r), s = r.byteLength, c = new Uint8Array(s + 1);
+      const r = Jr(this.tagNumber, 7), o = new Uint8Array(r), s = r.byteLength, c = new Uint8Array(s + 1);
       if (c[0] = n | 31, !t) {
         for (let l = 0; l < s - 1; l++)
           c[l + 1] = o[l] | 128;
@@ -10127,7 +10127,7 @@ class jk extends ho {
     if (this.length > 127 && (this.longFormUsed = !0), this.isIndefiniteForm)
       return n = new ArrayBuffer(1), t === !1 && (i = new Uint8Array(n), i[0] = 128), n;
     if (this.longFormUsed) {
-      const r = Wr(this.length, 8);
+      const r = Jr(this.length, 8);
       if (r.byteLength > 127)
         return this.error = "Too big length", si;
       if (n = new ArrayBuffer(r.byteLength + 1), t)
@@ -10496,7 +10496,7 @@ Lk = U0;
 le.EndOfContent = Lk;
 U0.NAME = fc;
 var Uk;
-class Jr extends kt {
+class Qr extends kt {
   constructor(t = {}) {
     super(t, Lt), this.idBlock.tagClass = 1, this.idBlock.tagNumber = 5;
   }
@@ -10515,9 +10515,9 @@ class Jr extends kt {
     return `${this.constructor.NAME}`;
   }
 }
-Uk = Jr;
+Uk = Qr;
 le.Null = Uk;
-Jr.NAME = "NULL";
+Qr.NAME = "NULL";
 class Fk extends ci(Lt) {
   get value() {
     for (const t of this.valueHexView)
@@ -10599,7 +10599,7 @@ class qk extends ci(nr) {
 }
 qk.NAME = "OctetStringValueBlock";
 var F0;
-let qr = class extends kt {
+let Hr = class extends kt {
   constructor({ idBlock: t = {}, lenBlock: n = {}, ...i } = {}) {
     var r, o;
     (r = i.isConstructed) !== null && r !== void 0 || (i.isConstructed = !!(!((o = i.value) === null || o === void 0) && o.length)), super({
@@ -10644,9 +10644,9 @@ let qr = class extends kt {
     return Y.concat(t);
   }
 };
-F0 = qr;
+F0 = Hr;
 le.OctetString = F0;
-qr.NAME = Ik;
+Hr.NAME = Ik;
 class Hk extends ci(nr) {
   constructor({ unusedBits: t = 0, isConstructed: n = !1, ...i } = {}) {
     super(i), this.unusedBits = t, this.isConstructed = n, this.blockLength = this.valueHexView.byteLength;
@@ -10714,7 +10714,7 @@ class Hk extends ci(nr) {
 }
 Hk.NAME = "BitStringValueBlock";
 var Kk;
-let Hr = class extends kt {
+let Kr = class extends kt {
   constructor({ idBlock: t = {}, lenBlock: n = {}, ...i } = {}) {
     var r, o;
     (r = i.isConstructed) !== null && r !== void 0 || (i.isConstructed = !!(!((o = i.value) === null || o === void 0) && o.length)), super({
@@ -10744,9 +10744,9 @@ let Hr = class extends kt {
     }
   }
 };
-Kk = Hr;
+Kk = Kr;
 le.BitString = Kk;
-Hr.NAME = Nk;
+Kr.NAME = Nk;
 var Vk;
 function aT(e, t) {
   const n = new Uint8Array([0]), i = new Uint8Array(e), r = new Uint8Array(t);
@@ -10944,7 +10944,7 @@ class Em extends ci(Lt) {
         o[s] = r[s] | 128;
       return o[this.blockLength - 1] = r[this.blockLength - 1], o.buffer;
     }
-    const n = Wr(this.valueDec, 7);
+    const n = Jr(this.valueDec, 7);
     if (n.byteLength === 0)
       return this.error = "Error during encoding SID value", si;
     const i = new Uint8Array(n.byteLength);
@@ -11109,7 +11109,7 @@ class Cm extends ci(ho) {
         o[s] = r[s] | 128;
       return o[this.blockLength - 1] = r[this.blockLength - 1], o.buffer;
     }
-    const n = Wr(this.valueDec, 7);
+    const n = Jr(this.valueDec, 7);
     if (n.byteLength === 0)
       return this.error = "Error during encoding SID value", si;
     const i = new Uint8Array(n.byteLength);
@@ -11313,7 +11313,7 @@ class a3 extends rn {
   fromString(t) {
     const n = t.length, i = this.valueBlock.valueHexView = new Uint8Array(n * 4);
     for (let r = 0; r < n; r++) {
-      const o = Wr(t.charCodeAt(r), 8), s = new Uint8Array(o);
+      const o = Jr(t.charCodeAt(r), 8), s = new Uint8Array(o);
       if (s.length > 4)
         continue;
       const c = 4 - s.length;
@@ -11643,18 +11643,18 @@ class W0 extends Di {
 k3 = W0;
 le.TIME = k3;
 W0.NAME = "TIME";
-class Qr {
+class Yr {
   constructor({ name: t = Kt, optional: n = !1 } = {}) {
     this.name = t, this.optional = n;
   }
 }
-class J0 extends Qr {
+class J0 extends Yr {
   constructor({ value: t = [], ...n } = {}) {
     super(n), this.value = t;
   }
 }
-class Nd extends Qr {
-  constructor({ value: t = new Qr(), local: n = !1, ...i } = {}) {
+class Nd extends Yr {
+  constructor({ value: t = new Yr(), local: n = !1, ...i } = {}) {
     super(i), this.value = t, this.local = n;
   }
 }
@@ -11692,7 +11692,7 @@ function Qi(e, t, n) {
       return n.hasOwnProperty(_f) && (o.name = n.name), o;
     }
   }
-  if (n instanceof Qr)
+  if (n instanceof Yr)
     return n.hasOwnProperty(_f) && (e[n.name] = t), {
       verified: !0,
       result: e
@@ -11885,10 +11885,10 @@ function lT(e, t) {
 }
 const S3 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
   __proto__: null,
-  Any: Qr,
+  Any: Yr,
   BaseBlock: kt,
   BaseStringBlock: L0,
-  BitString: Hr,
+  BitString: Kr,
   BmpString: Vu,
   Boolean: qu,
   CharacterString: tp,
@@ -11905,10 +11905,10 @@ const S3 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
   HexBlock: ci,
   IA5String: Zu,
   Integer: Ua,
-  Null: Jr,
+  Null: Qr,
   NumericString: Wu,
   ObjectIdentifier: Ku,
-  OctetString: qr,
+  OctetString: Hr,
   Primitive: Gc,
   PrintableString: Ju,
   RawData: cT,
@@ -11949,15 +11949,15 @@ class ip {
         throw TypeError("Unsupported type of 'params' argument for BitString");
   }
   fromASN(t) {
-    if (!(t instanceof Hr))
+    if (!(t instanceof Kr))
       throw new TypeError("Argument 'asn' is not instance of ASN.1 BitString");
     return this.unusedBits = t.valueBlock.unusedBits, this.value = t.valueBlock.valueHex, this;
   }
   toASN() {
-    return new Hr({ unusedBits: this.unusedBits, valueHex: this.value });
+    return new Kr({ unusedBits: this.unusedBits, valueHex: this.value });
   }
   toSchema(t) {
-    return new Hr({ name: t });
+    return new Kr({ name: t });
   }
   toNumber() {
     let t = "";
@@ -11989,22 +11989,22 @@ class ge {
     typeof t == "number" ? this.buffer = new ArrayBuffer(t) : Y.isBufferSource(t) ? this.buffer = Y.toArrayBuffer(t) : Array.isArray(t) ? this.buffer = new Uint8Array(t) : this.buffer = new ArrayBuffer(0);
   }
   fromASN(t) {
-    if (!(t instanceof qr))
+    if (!(t instanceof Hr))
       throw new TypeError("Argument 'asn' is not instance of ASN.1 OctetString");
     return this.buffer = t.valueBlock.valueHex, this;
   }
   toASN() {
-    return new qr({ valueHex: this.buffer });
+    return new Hr({ valueHex: this.buffer });
   }
   toSchema(t) {
-    return new qr({ name: t });
+    return new Hr({ name: t });
   }
 }
 const dT = {
-  fromASN: (e) => e instanceof Jr ? null : e.valueBeforeDecodeView,
+  fromASN: (e) => e instanceof Qr ? null : e.valueBeforeDecodeView,
   toASN: (e) => {
     if (e === null)
-      return new Jr();
+      return new Qr();
     const t = Yo(e);
     if (t.result.error)
       throw new Error(t.result.error);
@@ -12021,7 +12021,7 @@ const dT = {
   toASN: (e) => new Ua({ valueHex: e })
 }, fT = {
   fromASN: (e) => e.valueBlock.valueHexView,
-  toASN: (e) => new Hr({ valueHex: e })
+  toASN: (e) => new Kr({ valueHex: e })
 }, hT = {
   fromASN: (e) => e.valueBlock.toString(),
   toASN: (e) => new Ku({ value: e })
@@ -12030,7 +12030,7 @@ const dT = {
   toASN: (e) => new qu({ value: e })
 }, Pd = {
   fromASN: (e) => e.valueBlock.valueHexView,
-  toASN: (e) => new qr({ valueHex: e })
+  toASN: (e) => new Hr({ valueHex: e })
 }, gT = {
   fromASN: (e) => new ge(e.getValue()),
   toASN: (e) => e.toASN()
@@ -12049,7 +12049,7 @@ const x3 = gn(Di), yT = gn(Vu), _T = gn(Gu), wT = gn(Wu), bT = gn(Ju), vT = gn(Q
   toASN: (e) => new np({ valueDate: e })
 }, IT = {
   fromASN: () => null,
-  toASN: () => new Jr()
+  toASN: () => new Qr()
 };
 function Zs(e) {
   switch (e) {
@@ -12154,7 +12154,7 @@ class PT {
         if (!p)
           throw new Error(`Cannot get ASN1 class by name '${u}'`);
         l = new p({ name: c });
-      } else Ei(s.type) ? l = new s.type().toSchema(c) : s.optional ? this.get(s.type).type === K.Choice ? l = new Qr({ name: c }) : (l = this.create(s.type, !1), l.name = c) : l = new Qr({ name: c });
+      } else Ei(s.type) ? l = new s.type().toSchema(c) : s.optional ? this.get(s.type).type === K.Choice ? l = new Yr({ name: c }) : (l = this.create(s.type, !1), l.name = c) : l = new Yr({ name: c });
       const d = !!s.optional || s.defaultValue !== void 0;
       if (s.repeated) {
         l.name = "";
@@ -12470,7 +12470,7 @@ class Q0 {
           if (c.implicit)
             if (!c.repeated && (typeof c.type == "number" || Ei(c.type))) {
               const u = {};
-              u.valueHex = d instanceof Jr ? d.valueBeforeDecodeView : d.valueBlock.toBER(), r.push(new Gc({
+              u.valueHex = d instanceof Qr ? d.valueBeforeDecodeView : d.valueBlock.toBER(), r.push(new Gc({
                 optional: c.optional,
                 idBlock: {
                   tagClass: 3,
@@ -12577,7 +12577,7 @@ function de(e, t, n, i) {
   if (typeof t == "function" ? e !== t || !i : !t.has(e)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
   return n === "m" ? i : n === "a" ? i.call(e) : i ? i.value : t.get(e);
 }
-function Ie(e, t, n, i, r) {
+function Ne(e, t, n, i, r) {
   if (i === "m") throw new TypeError("Private method is not writable");
   if (i === "a" && !r) throw new TypeError("Private accessor was defined without a setter");
   if (typeof t == "function" ? e !== t || !r : !t.has(e)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
@@ -12856,17 +12856,17 @@ Ko = Pm = S([
 const Om = `${zn}.35`;
 class X0 extends ge {
 }
-class Lr {
+class Ur {
   constructor(t = {}) {
     t && Object.assign(this, t);
   }
 }
 S([
   E({ type: X0, context: 0, optional: !0, implicit: !0 })
-], Lr.prototype, "keyIdentifier", void 0);
+], Ur.prototype, "keyIdentifier", void 0);
 S([
   E({ type: Ee, context: 1, optional: !0, implicit: !0, repeated: "sequence" })
-], Lr.prototype, "authorityCertIssuer", void 0);
+], Ur.prototype, "authorityCertIssuer", void 0);
 S([
   E({
     type: R.Integer,
@@ -12875,7 +12875,7 @@ S([
     implicit: !0,
     converter: We
   })
-], Lr.prototype, "authorityCertSerialNumber", void 0);
+], Ur.prototype, "authorityCertSerialNumber", void 0);
 const ey = `${zn}.19`;
 class mc {
   constructor(t = {}) {
@@ -13028,27 +13028,27 @@ class $3 extends ip {
     return `[${this.toJSON().join(", ")}]`;
   }
 }
-let Yr = class {
+let Zr = class {
   constructor(t = {}) {
     Object.assign(this, t);
   }
 };
 S([
   E({ type: Ee, context: 0, repeated: "sequence", implicit: !0 })
-], Yr.prototype, "fullName", void 0);
+], Zr.prototype, "fullName", void 0);
 S([
   E({ type: sa, context: 1, implicit: !0 })
-], Yr.prototype, "nameRelativeToCRLIssuer", void 0);
-Yr = S([
+], Zr.prototype, "nameRelativeToCRLIssuer", void 0);
+Zr = S([
   W({ type: K.Choice })
-], Yr);
+], Zr);
 class za {
   constructor(t = {}) {
     Object.assign(this, t);
   }
 }
 S([
-  E({ type: Yr, context: 0, optional: !0 })
+  E({ type: Zr, context: 0, optional: !0 })
 ], za.prototype, "distributionPoint", void 0);
 S([
   E({ type: $3, context: 1, optional: !0, implicit: !0 })
@@ -13080,7 +13080,7 @@ class Nt {
 }
 Nt.ONLY = !1;
 S([
-  E({ type: Yr, context: 0, optional: !0 })
+  E({ type: Zr, context: 0, optional: !0 })
 ], Nt.prototype, "distributionPoint", void 0);
 S([
   E({
@@ -13448,20 +13448,20 @@ let rr = Jm = class extends Fe {
 rr = Jm = S([
   W({ type: K.Sequence, itemType: fn })
 ], rr);
-var Zr;
+var Xr;
 (function(e) {
   e[e.v1 = 0] = "v1", e[e.v2 = 1] = "v2", e[e.v3 = 2] = "v3";
-})(Zr || (Zr = {}));
+})(Xr || (Xr = {}));
 class on {
   constructor(t = {}) {
-    this.version = Zr.v1, this.serialNumber = new ArrayBuffer(0), this.signature = new ce(), this.issuer = new ct(), this.validity = new Yc(), this.subject = new ct(), this.subjectPublicKeyInfo = new Tn(), Object.assign(this, t);
+    this.version = Xr.v1, this.serialNumber = new ArrayBuffer(0), this.signature = new ce(), this.issuer = new ct(), this.validity = new Yc(), this.subject = new ct(), this.subjectPublicKeyInfo = new Tn(), Object.assign(this, t);
   }
 }
 S([
   E({
     type: R.Integer,
     context: 0,
-    defaultValue: Zr.v1
+    defaultValue: Xr.v1
   })
 ], on.prototype, "version", void 0);
 S([
@@ -13513,20 +13513,20 @@ S([
 S([
   E({ type: R.BitString })
 ], hn.prototype, "signatureValue", void 0);
-class Kr {
+class Vr {
   constructor(t = {}) {
     this.userCertificate = new ArrayBuffer(0), this.revocationDate = new vt(), Object.assign(this, t);
   }
 }
 S([
   E({ type: R.Integer, converter: We })
-], Kr.prototype, "userCertificate", void 0);
+], Vr.prototype, "userCertificate", void 0);
 S([
   E({ type: vt })
-], Kr.prototype, "revocationDate", void 0);
+], Vr.prototype, "revocationDate", void 0);
 S([
   E({ type: fn, optional: !0, repeated: "sequence" })
-], Kr.prototype, "crlEntryExtensions", void 0);
+], Vr.prototype, "crlEntryExtensions", void 0);
 class Mi {
   constructor(t = {}) {
     this.signature = new ce(), this.issuer = new ct(), this.thisUpdate = new vt(), Object.assign(this, t);
@@ -13548,7 +13548,7 @@ S([
   E({ type: vt, optional: !0 })
 ], Mi.prototype, "nextUpdate", void 0);
 S([
-  E({ type: Kr, repeated: "sequence", optional: !0 })
+  E({ type: Vr, repeated: "sequence", optional: !0 })
 ], Mi.prototype, "revokedCertificates", void 0);
 S([
   E({ type: fn, optional: !0, context: 0, repeated: "sequence" })
@@ -14175,33 +14175,33 @@ S([
 S([
   E({ type: R.BitString })
 ], fy.prototype, "publicKey", void 0);
-let Xr = class {
+let eo = class {
   constructor(t = {}) {
     Object.assign(this, t);
   }
 };
 S([
   E({ type: ir, context: 0, implicit: !0, optional: !0 })
-], Xr.prototype, "subjectKeyIdentifier", void 0);
+], eo.prototype, "subjectKeyIdentifier", void 0);
 S([
   E({ type: fy, context: 1, implicit: !0, optional: !0 })
-], Xr.prototype, "originatorKey", void 0);
+], eo.prototype, "originatorKey", void 0);
 S([
   E({ type: qa, optional: !0 })
-], Xr.prototype, "issuerAndSerialNumber", void 0);
-Xr = S([
+], eo.prototype, "issuerAndSerialNumber", void 0);
+eo = S([
   W({ type: K.Choice })
-], Xr);
+], eo);
 class Va {
   constructor(t = {}) {
-    this.version = Ni.v3, this.originator = new Xr(), this.keyEncryptionAlgorithm = new oi(), this.recipientEncryptedKeys = new Vd(), Object.assign(this, t);
+    this.version = Ni.v3, this.originator = new eo(), this.keyEncryptionAlgorithm = new oi(), this.recipientEncryptedKeys = new Vd(), Object.assign(this, t);
   }
 }
 S([
   E({ type: R.Integer })
 ], Va.prototype, "version", void 0);
 S([
-  E({ type: Xr, context: 0 })
+  E({ type: eo, context: 0 })
 ], Va.prototype, "originator", void 0);
 S([
   E({ type: ge, context: 1, optional: !0 })
@@ -14559,7 +14559,7 @@ function _t(e) {
 }
 _t(nI);
 _t(iI);
-const eo = _t(eu);
+const to = _t(eu);
 _t(q3);
 _t(tu);
 _t(nu);
@@ -14568,7 +14568,7 @@ _t(eI);
 _t(tI);
 const H3 = new ce({
   algorithm: bp,
-  parameters: Q.serialize(eo)
+  parameters: Q.serialize(to)
 }), K3 = new ce({
   algorithm: QT,
   parameters: Q.serialize(Pd.toASN(new Uint8Array([
@@ -14606,14 +14606,14 @@ _t(F3);
 _t(z3);
 class vp {
   constructor(t = {}) {
-    this.hashAlgorithm = new ce(eo), this.maskGenAlgorithm = new ce({
+    this.hashAlgorithm = new ce(to), this.maskGenAlgorithm = new ce({
       algorithm: bp,
-      parameters: Q.serialize(eo)
+      parameters: Q.serialize(to)
     }), this.pSourceAlgorithm = new ce(K3), Object.assign(this, t);
   }
 }
 S([
-  E({ type: ce, context: 0, defaultValue: eo })
+  E({ type: ce, context: 0, defaultValue: to })
 ], vp.prototype, "hashAlgorithm", void 0);
 S([
   E({ type: ce, context: 1, defaultValue: H3 })
@@ -14625,29 +14625,29 @@ new ce({
   algorithm: JT,
   parameters: Q.serialize(new vp())
 });
-class to {
+class no {
   constructor(t = {}) {
-    this.hashAlgorithm = new ce(eo), this.maskGenAlgorithm = new ce({
+    this.hashAlgorithm = new ce(to), this.maskGenAlgorithm = new ce({
       algorithm: bp,
-      parameters: Q.serialize(eo)
+      parameters: Q.serialize(to)
     }), this.saltLength = 20, this.trailerField = 1, Object.assign(this, t);
   }
 }
 S([
-  E({ type: ce, context: 0, defaultValue: eo })
-], to.prototype, "hashAlgorithm", void 0);
+  E({ type: ce, context: 0, defaultValue: to })
+], no.prototype, "hashAlgorithm", void 0);
 S([
   E({ type: ce, context: 1, defaultValue: H3 })
-], to.prototype, "maskGenAlgorithm", void 0);
+], no.prototype, "maskGenAlgorithm", void 0);
 S([
   E({ type: R.Integer, context: 2, defaultValue: 20 })
-], to.prototype, "saltLength", void 0);
+], no.prototype, "saltLength", void 0);
 S([
   E({ type: R.Integer, context: 3, defaultValue: 1 })
-], to.prototype, "trailerField", void 0);
+], no.prototype, "trailerField", void 0);
 new ce({
   algorithm: tc,
-  parameters: Q.serialize(new to())
+  parameters: Q.serialize(new no())
 });
 class Ap {
   constructor(t = {}) {
@@ -14862,7 +14862,7 @@ function ru(e, t) {
   }
   return o;
 }
-function jr() {
+function Or() {
   for (var e = [], t = 0; t < arguments.length; t++)
     e = e.concat(ru(arguments[t]));
   return e;
@@ -14908,7 +14908,7 @@ var G3 = (function() {
           o[s] = arguments[s];
         o[0] = t();
         var c = Reflect[r];
-        return c.apply(void 0, jr(o));
+        return c.apply(void 0, Or(o));
       };
     };
     return this.reflectMethods.forEach(i), n;
@@ -14977,7 +14977,7 @@ function pI(e, t) {
   return '"' + n + '" at position #' + t;
 }
 function fI(e, t, n) {
-  return n === void 0 && (n = "    "), jr([e], t.message.split(`
+  return n === void 0 && (n = "    "), Or([e], t.message.split(`
 `).map(function(i) {
     return n + i;
   })).join(`
@@ -15021,7 +15021,7 @@ var gI = (function(e) {
       for (var o = [t], s = r; s != null; ) {
         var c = s.useToken;
         if (o.includes(c))
-          throw new Error("Token registration cycle detected! " + jr(o, [c]).join(" -> "));
+          throw new Error("Token registration cycle detected! " + Or(o, [c]).join(" -> "));
         o.push(c);
         var l = this._registry.get(c);
         l && ld(l.provider) ? s = l.provider : s = null;
@@ -15229,7 +15229,7 @@ var gI = (function(e) {
         throw new Error('TypeInfo not known for "' + t.name + '"');
       }
       var s = o.map(i.resolveParams(n, t));
-      return new (t.bind.apply(t, jr([void 0], s)))();
+      return new (t.bind.apply(t, Or([void 0], s)))();
     })();
     return mI(r) && this.disposables.add(r), r;
   }, e.prototype.resolveParams = function(t, n) {
@@ -15237,7 +15237,7 @@ var gI = (function(e) {
     return function(r, o) {
       var s, c, l;
       try {
-        return cI(r) ? Ow(r) ? r.multiple ? (s = i.resolve(r.transform)).transform.apply(s, jr([i.resolveAll(r.token, new Dl(), r.isOptional)], r.transformArgs)) : (c = i.resolve(r.transform)).transform.apply(c, jr([i.resolve(r.token, t, r.isOptional)], r.transformArgs)) : r.multiple ? i.resolveAll(r.token, new Dl(), r.isOptional) : i.resolve(r.token, t, r.isOptional) : Ow(r) ? (l = i.resolve(r.transform, t)).transform.apply(l, jr([i.resolve(r.token, t)], r.transformArgs)) : i.resolve(r, t);
+        return cI(r) ? Ow(r) ? r.multiple ? (s = i.resolve(r.transform)).transform.apply(s, Or([i.resolveAll(r.token, new Dl(), r.isOptional)], r.transformArgs)) : (c = i.resolve(r.transform)).transform.apply(c, Or([i.resolve(r.token, t, r.isOptional)], r.transformArgs)) : r.multiple ? i.resolveAll(r.token, new Dl(), r.isOptional) : i.resolve(r.token, t, r.isOptional) : Ow(r) ? (l = i.resolve(r.transform, t)).transform.apply(l, Or([i.resolve(r.token, t)], r.transformArgs)) : i.resolve(r, t);
       } catch (d) {
         throw new Error(hI(n, o, d));
       }
@@ -15915,7 +15915,7 @@ Ue.NAME = n4;
 Ue.VALUE = i4;
 class vI {
   static toTextObject(t) {
-    const n = new Ue("Algorithm Identifier", {}, yr.toString(t.algorithm));
+    const n = new Ue("Algorithm Identifier", {}, _r.toString(t.algorithm));
     if (t.parameters)
       if (t.algorithm === ha) {
         const i = new kc().toWebAlgorithm(t);
@@ -15925,13 +15925,13 @@ class vI {
     return n;
   }
 }
-class yr {
+class _r {
   static toString(t) {
     const n = this.items[t];
     return n || t;
   }
 }
-yr.items = {
+_r.items = {
   [eu]: "sha1",
   [q3]: "sha224",
   [tu]: "sha256",
@@ -15957,7 +15957,7 @@ yr.items = {
   [FT]: "OCSP Signing",
   [qT]: "Signed Data"
 };
-class no {
+class io {
   static serialize(t) {
     return this.serializeObj(t).join(`
 `);
@@ -16010,15 +16010,15 @@ class no {
     return this.algorithmSerializer.toTextObject(t);
   }
 }
-no.oidSerializer = yr;
-no.algorithmSerializer = vI;
+io.oidSerializer = _r;
+io.algorithmSerializer = vI;
 var Po;
 class Li {
   get rawData() {
-    return de(this, Po, "f") || Ie(this, Po, Q.serialize(this.asn), "f"), de(this, Po, "f");
+    return de(this, Po, "f") || Ne(this, Po, Q.serialize(this.asn), "f"), de(this, Po, "f");
   }
   constructor(...t) {
-    Po.set(this, void 0), Y.isBufferSource(t[0]) ? (this.asn = Q.parse(t[0], t[1]), Ie(this, Po, Y.toArrayBuffer(t[0]), "f"), this.onInit(this.asn)) : (this.asn = t[0], this.onInit(this.asn));
+    Po.set(this, void 0), Y.isBufferSource(t[0]) ? (this.asn = Q.parse(t[0], t[1]), Ne(this, Po, Y.toArrayBuffer(t[0]), "f"), this.onInit(this.asn)) : (this.asn = t[0], this.onInit(this.asn));
   }
   equal(t) {
     return t instanceof Li ? $k(t.rawData, this.rawData) : !1;
@@ -16028,7 +16028,7 @@ class Li {
       case "asn":
         return Q.toString(this.rawData);
       case "text":
-        return no.serialize(this.toTextObject());
+        return io.serialize(this.toTextObject());
       case "hex":
         return fe.ToHex(this.rawData);
       case "base64":
@@ -16070,7 +16070,7 @@ class an extends Li {
   }
   toTextObjectWithoutValue() {
     const t = this.toTextObjectEmpty(this.critical ? "critical" : void 0);
-    return t[Ue.NAME] === an.NAME && (t[Ue.NAME] = yr.toString(this.type)), t;
+    return t[Ue.NAME] === an.NAME && (t[Ue.NAME] = _r.toString(this.type)), t;
   }
 }
 var r4;
@@ -16399,10 +16399,10 @@ class Zi extends Li {
         throw new Error("Unsupported GeneralName type");
     }
     let n = this.value;
-    return this.type === Ml && (n = yr.toString(n)), new Ue(t, void 0, n);
+    return this.type === Ml && (n = _r.toString(n)), new Ue(t, void 0, n);
   }
 }
-class io extends Li {
+class ro extends Li {
   constructor(t) {
     let n;
     if (t instanceof Pt)
@@ -16449,7 +16449,7 @@ class io extends Li {
     return t;
   }
 }
-io.NAME = "GeneralNames";
+ro.NAME = "GeneralNames";
 const nc = "-{5}", Sc = "\\n", CI = `[^${Sc}]+`, $I = `${nc}BEGIN (${CI}(?=${nc}))${nc}`, TI = `${nc}END \\1${nc}`, ga = "\\n", II = `[^:${Sc}]+`, NI = `(?:[^${Sc}]+${ga}(?: +[^${Sc}]+${ga})*)`, PI = "[a-zA-Z0-9=+/]+", jI = `(?:${PI}${ga})+`, Nb = `${$I}${ga}(?:((?:${II}: ${NI})+))?${ga}?(${jI})${TI}`;
 class Vt {
   static isPem(t) {
@@ -16631,7 +16631,7 @@ class dn extends Bn {
   }
   toTextObject() {
     const t = this.toTextObjectEmpty(), n = Q.parse(this.rawData, Tn);
-    switch (t.Algorithm = no.serializeAlgorithm(n.algorithm), n.algorithm.algorithm) {
+    switch (t.Algorithm = io.serializeAlgorithm(n.algorithm), n.algorithm.algorithm) {
       case ha:
         t["EC Point"] = n.subjectPublicKey;
         break;
@@ -16659,10 +16659,10 @@ class ya extends an {
     if (Y.isBufferSource(t[0]))
       super(t[0]);
     else if (typeof t[0] == "string") {
-      const n = new Lr({ keyIdentifier: new X0(fe.FromHex(t[0])) });
+      const n = new Ur({ keyIdentifier: new X0(fe.FromHex(t[0])) });
       super(Om, t[1], Q.serialize(n));
     } else {
-      const n = t[0], i = n.name instanceof io ? Q.parse(n.name.rawData, Pt) : n.name, r = new Lr({
+      const n = t[0], i = n.name instanceof ro ? Q.parse(n.name.rawData, Pt) : n.name, r = new Ur({
         authorityCertIssuer: i,
         authorityCertSerialNumber: fe.FromHex(n.serialNumber)
       });
@@ -16671,15 +16671,15 @@ class ya extends an {
   }
   onInit(t) {
     super.onInit(t);
-    const n = Q.parse(t.extnValue, Lr);
+    const n = Q.parse(t.extnValue, Ur);
     n.keyIdentifier && (this.keyId = fe.ToHex(n.keyIdentifier)), (n.authorityCertIssuer || n.authorityCertSerialNumber) && (this.certId = {
       name: n.authorityCertIssuer || [],
       serialNumber: n.authorityCertSerialNumber ? fe.ToHex(n.authorityCertSerialNumber) : ""
     });
   }
   toTextObject() {
-    const t = this.toTextObjectWithoutValue(), n = Q.parse(this.value, Lr);
-    return n.authorityCertIssuer && (t["Authority Issuer"] = new io(n.authorityCertIssuer).toTextObject()), n.authorityCertSerialNumber && (t["Authority Serial Number"] = n.authorityCertSerialNumber), n.keyIdentifier && (t[""] = n.keyIdentifier), t;
+    const t = this.toTextObjectWithoutValue(), n = Q.parse(this.value, Ur);
+    return n.authorityCertIssuer && (t["Authority Issuer"] = new ro(n.authorityCertIssuer).toTextObject()), n.authorityCertSerialNumber && (t["Authority Serial Number"] = n.authorityCertSerialNumber), n.keyIdentifier && (t[""] = n.keyIdentifier), t;
   }
 }
 ya.NAME = "Authority Key Identifier";
@@ -16720,7 +16720,7 @@ class Sy extends an {
   }
   toTextObject() {
     const t = this.toTextObjectWithoutValue();
-    return t[""] = this.usages.map((n) => yr.toString(n)).join(", "), t;
+    return t[""] = this.usages.map((n) => _r.toString(n)).join(", "), t;
   }
 }
 Sy.NAME = "Extended Key Usages";
@@ -16768,12 +16768,12 @@ class Ja extends an {
 Ja.NAME = "Subject Key Identifier";
 class s4 extends an {
   constructor(...t) {
-    Y.isBufferSource(t[0]) ? super(t[0]) : super(ay, t[1], new io(t[0] || []).rawData);
+    Y.isBufferSource(t[0]) ? super(t[0]) : super(ay, t[1], new ro(t[0] || []).rawData);
   }
   onInit(t) {
     super.onInit(t);
     const n = Q.parse(t.extnValue, Ld);
-    this.names = new io(n);
+    this.names = new ro(n);
   }
   toTextObject() {
     const t = this.toTextObjectWithoutValue(), n = this.names.toTextObject();
@@ -16807,7 +16807,7 @@ class c4 extends an {
   }
   toTextObject() {
     const t = this.toTextObjectWithoutValue();
-    return t.Policy = this.policies.map((n) => new Ue("", {}, yr.toString(n))), t;
+    return t.Policy = this.policies.map((n) => new Ue("", {}, _r.toString(n))), t;
   }
 }
 c4.NAME = "Certificate Policies";
@@ -16819,7 +16819,7 @@ class Ey extends an {
       super(t[0]);
     else if (Array.isArray(t[0]) && typeof t[0][0] == "string") {
       const r = t[0].map((s) => new za({
-        distributionPoint: new Yr({ fullName: [new Ee({ uniformResourceIdentifier: s })] })
+        distributionPoint: new Zr({ fullName: [new Ee({ uniformResourceIdentifier: s })] })
       })), o = new Zo(r);
       super(Lm, t[1], Q.serialize(o));
     } else {
@@ -16904,12 +16904,12 @@ function Ul(e, t, n, i) {
 }
 class d4 extends an {
   constructor(...t) {
-    Y.isBufferSource(t[0]) ? super(t[0]) : super(T3, t[1], new io(t[0] || []).rawData);
+    Y.isBufferSource(t[0]) ? super(t[0]) : super(T3, t[1], new ro(t[0] || []).rawData);
   }
   onInit(t) {
     super.onInit(t);
     const n = Q.parse(t.extnValue, Pt);
-    this.names = new io(n);
+    this.names = new ro(n);
   }
   toTextObject() {
     const t = this.toTextObjectWithoutValue(), n = this.names.toTextObject();
@@ -16942,7 +16942,7 @@ class Qa extends Li {
   }
   toTextObjectWithoutValue() {
     const t = this.toTextObjectEmpty();
-    return t[Ue.NAME] === Qa.NAME && (t[Ue.NAME] = yr.toString(this.type)), t;
+    return t[Ue.NAME] === Qa.NAME && (t[Ue.NAME] = _r.toString(this.type)), t;
   }
 }
 Qa.NAME = "Attribute";
@@ -17019,7 +17019,7 @@ var pd;
 let Mg = pd = class {
   static createPssParams(t, n) {
     const i = pd.getHashAlgorithm(t);
-    return i ? new to({
+    return i ? new no({
       hashAlgorithm: i,
       maskGenAlgorithm: new ce({
         algorithm: bp,
@@ -17116,7 +17116,7 @@ let Mg = pd = class {
         };
       case tc:
         if (t.parameters) {
-          const n = Q.parse(t.parameters, to);
+          const n = Q.parse(t.parameters, no);
           return {
             name: "RSA-PSS",
             hash: yt.resolve(sr).toWebAlgorithm(n.hashAlgorithm),
@@ -17259,37 +17259,37 @@ yt.registerSingleton(cl, Ug);
 var _s, ws, bs, vs, As, ks, Ss, jo;
 class BI extends Bn {
   get subjectName() {
-    return de(this, ws, "f") || Ie(this, ws, new cn(this.asn.certificationRequestInfo.subject), "f"), de(this, ws, "f");
+    return de(this, ws, "f") || Ne(this, ws, new cn(this.asn.certificationRequestInfo.subject), "f"), de(this, ws, "f");
   }
   get subject() {
-    return de(this, bs, "f") || Ie(this, bs, this.subjectName.toString(), "f"), de(this, bs, "f");
+    return de(this, bs, "f") || Ne(this, bs, this.subjectName.toString(), "f"), de(this, bs, "f");
   }
   get signatureAlgorithm() {
     if (!de(this, vs, "f")) {
       const t = yt.resolve(sr);
-      Ie(this, vs, t.toWebAlgorithm(this.asn.signatureAlgorithm), "f");
+      Ne(this, vs, t.toWebAlgorithm(this.asn.signatureAlgorithm), "f");
     }
     return de(this, vs, "f");
   }
   get signature() {
-    return de(this, As, "f") || Ie(this, As, this.asn.signature, "f"), de(this, As, "f");
+    return de(this, As, "f") || Ne(this, As, this.asn.signature, "f"), de(this, As, "f");
   }
   get publicKey() {
-    return de(this, ks, "f") || Ie(this, ks, new dn(this.asn.certificationRequestInfo.subjectPKInfo), "f"), de(this, ks, "f");
+    return de(this, ks, "f") || Ne(this, ks, new dn(this.asn.certificationRequestInfo.subjectPKInfo), "f"), de(this, ks, "f");
   }
   get attributes() {
-    return de(this, Ss, "f") || Ie(this, Ss, this.asn.certificationRequestInfo.attributes.map((t) => Ip.create(Q.serialize(t))), "f"), de(this, Ss, "f");
+    return de(this, Ss, "f") || Ne(this, Ss, this.asn.certificationRequestInfo.attributes.map((t) => Ip.create(Q.serialize(t))), "f"), de(this, Ss, "f");
   }
   get extensions() {
     if (!de(this, jo, "f")) {
-      Ie(this, jo, [], "f");
+      Ne(this, jo, [], "f");
       const t = this.getAttribute(Ay);
-      t instanceof Cy && Ie(this, jo, t.items, "f");
+      t instanceof Cy && Ne(this, jo, t.items, "f");
     }
     return de(this, jo, "f");
   }
   get tbs() {
-    return de(this, _s, "f") || Ie(this, _s, this.asn.certificationRequestInfoRaw || Q.serialize(this.asn.certificationRequestInfo), "f"), de(this, _s, "f");
+    return de(this, _s, "f") || Ne(this, _s, this.asn.certificationRequestInfoRaw || Q.serialize(this.asn.certificationRequestInfo), "f"), de(this, _s, "f");
   }
   constructor(t) {
     const n = Bn.isAsnEncoded(t) ? [t, Ac] : [t];
@@ -17330,7 +17330,7 @@ class BI extends Bn {
   }
   toTextObject() {
     const t = this.toTextObjectEmpty(), n = Q.parse(this.rawData, Ac), i = n.certificationRequestInfo, r = new Ue("", {
-      Version: `${Zr[i.version]} (${i.version})`,
+      Version: `${Xr[i.version]} (${i.version})`,
       Subject: this.subject,
       "Subject Public Key Info": this.publicKey
     });
@@ -17343,7 +17343,7 @@ class BI extends Bn {
       r.Attributes = o;
     }
     return t.Data = r, t.Signature = new Ue("", {
-      Algorithm: no.serializeAlgorithm(n.signatureAlgorithm),
+      Algorithm: io.serializeAlgorithm(n.signatureAlgorithm),
       "": n.signature
     }), t;
   }
@@ -17351,36 +17351,36 @@ class BI extends Bn {
 _s = /* @__PURE__ */ new WeakMap(), ws = /* @__PURE__ */ new WeakMap(), bs = /* @__PURE__ */ new WeakMap(), vs = /* @__PURE__ */ new WeakMap(), As = /* @__PURE__ */ new WeakMap(), ks = /* @__PURE__ */ new WeakMap(), Ss = /* @__PURE__ */ new WeakMap(), jo = /* @__PURE__ */ new WeakMap();
 BI.NAME = "PKCS#10 Certificate Request";
 var xs, Es, Cs, $s, Ts, Is, Ns, Ps, js, Os, Oo, Rs;
-class ro extends Bn {
+class oo extends Bn {
   get publicKey() {
-    return de(this, Rs, "f") || Ie(this, Rs, new dn(this.asn.tbsCertificate.subjectPublicKeyInfo), "f"), de(this, Rs, "f");
+    return de(this, Rs, "f") || Ne(this, Rs, new dn(this.asn.tbsCertificate.subjectPublicKeyInfo), "f"), de(this, Rs, "f");
   }
   get serialNumber() {
     if (!de(this, Es, "f")) {
       const t = this.asn.tbsCertificate;
       let n = new Uint8Array(t.serialNumber);
-      n.length > 1 && n[0] === 0 && n[1] > 127 && (n = n.slice(1)), Ie(this, Es, fe.ToHex(n), "f");
+      n.length > 1 && n[0] === 0 && n[1] > 127 && (n = n.slice(1)), Ne(this, Es, fe.ToHex(n), "f");
     }
     return de(this, Es, "f");
   }
   get subjectName() {
-    return de(this, Cs, "f") || Ie(this, Cs, new cn(this.asn.tbsCertificate.subject), "f"), de(this, Cs, "f");
+    return de(this, Cs, "f") || Ne(this, Cs, new cn(this.asn.tbsCertificate.subject), "f"), de(this, Cs, "f");
   }
   get subject() {
-    return de(this, $s, "f") || Ie(this, $s, this.subjectName.toString(), "f"), de(this, $s, "f");
+    return de(this, $s, "f") || Ne(this, $s, this.subjectName.toString(), "f"), de(this, $s, "f");
   }
   get issuerName() {
-    return de(this, Ts, "f") || Ie(this, Ts, new cn(this.asn.tbsCertificate.issuer), "f"), de(this, Ts, "f");
+    return de(this, Ts, "f") || Ne(this, Ts, new cn(this.asn.tbsCertificate.issuer), "f"), de(this, Ts, "f");
   }
   get issuer() {
-    return de(this, Is, "f") || Ie(this, Is, this.issuerName.toString(), "f"), de(this, Is, "f");
+    return de(this, Is, "f") || Ne(this, Is, this.issuerName.toString(), "f"), de(this, Is, "f");
   }
   get notBefore() {
     if (!de(this, Ns, "f")) {
       const t = this.asn.tbsCertificate.validity.notBefore.utcTime || this.asn.tbsCertificate.validity.notBefore.generalTime;
       if (!t)
         throw new Error("Cannot get 'notBefore' value");
-      Ie(this, Ns, t, "f");
+      Ne(this, Ns, t, "f");
     }
     return de(this, Ns, "f");
   }
@@ -17389,25 +17389,25 @@ class ro extends Bn {
       const t = this.asn.tbsCertificate.validity.notAfter.utcTime || this.asn.tbsCertificate.validity.notAfter.generalTime;
       if (!t)
         throw new Error("Cannot get 'notAfter' value");
-      Ie(this, Ps, t, "f");
+      Ne(this, Ps, t, "f");
     }
     return de(this, Ps, "f");
   }
   get signatureAlgorithm() {
     if (!de(this, js, "f")) {
       const t = yt.resolve(sr);
-      Ie(this, js, t.toWebAlgorithm(this.asn.signatureAlgorithm), "f");
+      Ne(this, js, t.toWebAlgorithm(this.asn.signatureAlgorithm), "f");
     }
     return de(this, js, "f");
   }
   get signature() {
-    return de(this, Os, "f") || Ie(this, Os, this.asn.signatureValue, "f"), de(this, Os, "f");
+    return de(this, Os, "f") || Ne(this, Os, this.asn.signatureValue, "f"), de(this, Os, "f");
   }
   get extensions() {
-    return de(this, Oo, "f") || (Ie(this, Oo, [], "f"), this.asn.tbsCertificate.extensions && Ie(this, Oo, this.asn.tbsCertificate.extensions.map((t) => Ut.create(Q.serialize(t))), "f")), de(this, Oo, "f");
+    return de(this, Oo, "f") || (Ne(this, Oo, [], "f"), this.asn.tbsCertificate.extensions && Ne(this, Oo, this.asn.tbsCertificate.extensions.map((t) => Ut.create(Q.serialize(t))), "f")), de(this, Oo, "f");
   }
   get tbs() {
-    return de(this, xs, "f") || Ie(this, xs, this.asn.tbsCertificateRaw || Q.serialize(this.asn.tbsCertificate), "f"), de(this, xs, "f");
+    return de(this, xs, "f") || Ne(this, xs, this.asn.tbsCertificateRaw || Q.serialize(this.asn.tbsCertificate), "f"), de(this, xs, "f");
   }
   constructor(t) {
     const n = Bn.isAsnEncoded(t) ? [t, hn] : [t];
@@ -17484,9 +17484,9 @@ class ro extends Bn {
   }
   toTextObject() {
     const t = this.toTextObjectEmpty(), n = Q.parse(this.rawData, hn), i = n.tbsCertificate, r = new Ue("", {
-      Version: `${Zr[i.version]} (${i.version})`,
+      Version: `${Xr[i.version]} (${i.version})`,
       "Serial Number": i.serialNumber,
-      "Signature Algorithm": no.serializeAlgorithm(i.signature),
+      "Signature Algorithm": io.serializeAlgorithm(i.signature),
       Issuer: this.issuer,
       Validity: new Ue("", {
         "Not Before": i.validity.notBefore.getTime(),
@@ -17504,13 +17504,13 @@ class ro extends Bn {
       r.Extensions = o;
     }
     return t.Data = r, t.Signature = new Ue("", {
-      Algorithm: no.serializeAlgorithm(n.signatureAlgorithm),
+      Algorithm: io.serializeAlgorithm(n.signatureAlgorithm),
       "": n.signatureValue
     }), t;
   }
 }
 xs = /* @__PURE__ */ new WeakMap(), Es = /* @__PURE__ */ new WeakMap(), Cs = /* @__PURE__ */ new WeakMap(), $s = /* @__PURE__ */ new WeakMap(), Ts = /* @__PURE__ */ new WeakMap(), Is = /* @__PURE__ */ new WeakMap(), Ns = /* @__PURE__ */ new WeakMap(), Ps = /* @__PURE__ */ new WeakMap(), js = /* @__PURE__ */ new WeakMap(), Os = /* @__PURE__ */ new WeakMap(), Oo = /* @__PURE__ */ new WeakMap(), Rs = /* @__PURE__ */ new WeakMap();
-ro.NAME = "Certificate";
+oo.NAME = "Certificate";
 function $y(e, t = ut.get()) {
   const n = Y.toUint8Array(fe.FromHex(e || ""));
   let i = n && n.length && n.some((o) => o > 0) ? new Uint8Array(n) : void 0;
@@ -17548,7 +17548,7 @@ class DI {
     t.publicKey instanceof dn ? r = t.publicKey.rawData : "publicKey" in t.publicKey ? r = t.publicKey.publicKey.rawData : Y.isBufferSource(t.publicKey) ? r = t.publicKey : r = await n.subtle.exportKey("spki", t.publicKey);
     const o = $y(t.serialNumber, n), s = t.notBefore || /* @__PURE__ */ new Date(), c = t.notAfter || new Date(s.getTime() + 31536e6), l = new hn({
       tbsCertificate: new on({
-        version: Zr.v3,
+        version: Xr.v3,
         serialNumber: o,
         validity: new Yc({
           notBefore: s,
@@ -17582,7 +17582,7 @@ class DI {
         break;
     if (!g)
       throw Error("Cannot convert ASN.1 signature value to WebCrypto format");
-    return l.signatureValue = g, new ro(Q.serialize(l));
+    return l.signatureValue = g, new oo(Q.serialize(l));
   }
 }
 var Bs, Ds, Ro, Bo, Do, Rb;
@@ -17591,10 +17591,10 @@ var Bs, Ds, Ro, Bo, Do, Rb;
 })(Rb || (Rb = {}));
 class Bb extends Li {
   get serialNumber() {
-    return de(this, Bs, "f") || Ie(this, Bs, fe.ToHex(this.asn.userCertificate), "f"), de(this, Bs, "f");
+    return de(this, Bs, "f") || Ne(this, Bs, fe.ToHex(this.asn.userCertificate), "f"), de(this, Bs, "f");
   }
   get revocationDate() {
-    return de(this, Ds, "f") || Ie(this, Ds, this.asn.revocationDate.getTime(), "f"), de(this, Ds, "f");
+    return de(this, Ds, "f") || Ne(this, Ds, this.asn.revocationDate.getTime(), "f"), de(this, Ds, "f");
   }
   get reason() {
     return de(this, Ro, "f") === void 0 && this.extensions, de(this, Ro, "f");
@@ -17603,14 +17603,14 @@ class Bb extends Li {
     return de(this, Bo, "f") === void 0 && this.extensions, de(this, Bo, "f");
   }
   get extensions() {
-    return de(this, Do, "f") || (Ie(this, Do, [], "f"), this.asn.crlEntryExtensions && Ie(this, Do, this.asn.crlEntryExtensions.map((t) => {
+    return de(this, Do, "f") || (Ne(this, Do, [], "f"), this.asn.crlEntryExtensions && Ne(this, Do, this.asn.crlEntryExtensions.map((t) => {
       const n = Ut.create(Q.serialize(t));
       switch (n.type) {
         case RT:
-          de(this, Ro, "f") === void 0 && Ie(this, Ro, Q.parse(n.value, Bd).reason, "f");
+          de(this, Ro, "f") === void 0 && Ne(this, Ro, Q.parse(n.value, Bd).reason, "f");
           break;
         case zT:
-          de(this, Bo, "f") === void 0 && Ie(this, Bo, Q.parse(n.value, Dd).value, "f");
+          de(this, Bo, "f") === void 0 && Ne(this, Bo, Q.parse(n.value, Dd).value, "f");
           break;
       }
       return n;
@@ -17618,13 +17618,13 @@ class Bb extends Li {
   }
   constructor(...t) {
     let n;
-    if (Y.isBufferSource(t[0]) ? n = Y.toArrayBuffer(t[0]) : typeof t[0] == "string" ? n = Q.serialize(new Kr({
+    if (Y.isBufferSource(t[0]) ? n = Y.toArrayBuffer(t[0]) : typeof t[0] == "string" ? n = Q.serialize(new Vr({
       userCertificate: $y(t[0]),
       revocationDate: new vt(t[1]),
       crlEntryExtensions: t[2]
-    })) : t[0] instanceof Kr && (n = t[0]), !n)
+    })) : t[0] instanceof Vr && (n = t[0]), !n)
       throw new TypeError("Cannot create X509CrlEntry instance. Wrong constructor arguments.");
-    super(n, Kr), Bs.set(this, void 0), Ds.set(this, void 0), Ro.set(this, void 0), Bo.set(this, void 0), Do.set(this, void 0);
+    super(n, Vr), Bs.set(this, void 0), Ds.set(this, void 0), Ro.set(this, void 0), Bo.set(this, void 0), Do.set(this, void 0);
   }
   onInit(t) {
   }
@@ -17638,7 +17638,7 @@ class MI extends Bn {
   get signatureAlgorithm() {
     if (!de(this, Ls, "f")) {
       const t = yt.resolve(sr);
-      Ie(this, Ls, t.toWebAlgorithm(this.asn.signatureAlgorithm), "f");
+      Ne(this, Ls, t.toWebAlgorithm(this.asn.signatureAlgorithm), "f");
     }
     return de(this, Ls, "f");
   }
@@ -17649,30 +17649,30 @@ class MI extends Bn {
     return this.issuerName.toString();
   }
   get issuerName() {
-    return de(this, Us, "f") || Ie(this, Us, new cn(this.asn.tbsCertList.issuer), "f"), de(this, Us, "f");
+    return de(this, Us, "f") || Ne(this, Us, new cn(this.asn.tbsCertList.issuer), "f"), de(this, Us, "f");
   }
   get thisUpdate() {
     if (!de(this, Fs, "f")) {
       const t = this.asn.tbsCertList.thisUpdate.getTime();
       if (!t)
         throw new Error("Cannot get 'thisUpdate' value");
-      Ie(this, Fs, t, "f");
+      Ne(this, Fs, t, "f");
     }
     return de(this, Fs, "f");
   }
   get nextUpdate() {
     var t;
-    return de(this, zs, "f") === void 0 && Ie(this, zs, ((t = this.asn.tbsCertList.nextUpdate) === null || t === void 0 ? void 0 : t.getTime()) || void 0, "f"), de(this, zs, "f");
+    return de(this, zs, "f") === void 0 && Ne(this, zs, ((t = this.asn.tbsCertList.nextUpdate) === null || t === void 0 ? void 0 : t.getTime()) || void 0, "f"), de(this, zs, "f");
   }
   get entries() {
     var t;
-    return de(this, qs, "f") || Ie(this, qs, ((t = this.asn.tbsCertList.revokedCertificates) === null || t === void 0 ? void 0 : t.map((n) => new Bb(n))) || [], "f"), de(this, qs, "f");
+    return de(this, qs, "f") || Ne(this, qs, ((t = this.asn.tbsCertList.revokedCertificates) === null || t === void 0 ? void 0 : t.map((n) => new Bb(n))) || [], "f"), de(this, qs, "f");
   }
   get extensions() {
-    return de(this, Mo, "f") || (Ie(this, Mo, [], "f"), this.asn.tbsCertList.crlExtensions && Ie(this, Mo, this.asn.tbsCertList.crlExtensions.map((t) => Ut.create(Q.serialize(t))), "f")), de(this, Mo, "f");
+    return de(this, Mo, "f") || (Ne(this, Mo, [], "f"), this.asn.tbsCertList.crlExtensions && Ne(this, Mo, this.asn.tbsCertList.crlExtensions.map((t) => Ut.create(Q.serialize(t))), "f")), de(this, Mo, "f");
   }
   get tbs() {
-    return de(this, Ms, "f") || Ie(this, Ms, this.asn.tbsCertListRaw || Q.serialize(this.asn.tbsCertList), "f"), de(this, Ms, "f");
+    return de(this, Ms, "f") || Ne(this, Ms, this.asn.tbsCertListRaw || Q.serialize(this.asn.tbsCertList), "f"), de(this, Ms, "f");
   }
   get tbsCertListSignatureAlgorithm() {
     return this.asn.tbsCertList.signature;
@@ -17703,7 +17703,7 @@ class MI extends Bn {
     let i, r;
     const o = t.publicKey;
     try {
-      o instanceof ro ? (i = {
+      o instanceof oo ? (i = {
         ...o.publicKey.algorithm,
         ...o.signatureAlgorithm
       }, r = await o.publicKey.export(i, ["verify"])) : o instanceof dn ? (i = {
@@ -17985,7 +17985,7 @@ const FI = 1e3 * 60 * 60 * 24, zI = new he().openapi(
   enabled_connections: a.array(
     a.object({
       connection_id: a.string(),
-      connection: Dr.optional()
+      connection: Mr.optional()
     })
   )
 }), KI = a.array(a.string()), VI = new he().openapi(
@@ -18706,7 +18706,7 @@ x0.extend({
   user_id: a.string()
 }).catchall(a.any());
 const rN = nn.extend({
-  connections: a.array(Dr)
+  connections: a.array(Mr)
 }), oN = a.object({
   enabled_clients: a.array(
     a.object({
@@ -18740,7 +18740,7 @@ const rN = nn.extend({
         content: {
           "application/json": {
             schema: a.union([
-              a.array(Dr),
+              a.array(Mr),
               rN
             ])
           }
@@ -18787,7 +18787,7 @@ const rN = nn.extend({
       200: {
         content: {
           "application/json": {
-            schema: Dr
+            schema: Mr
           }
         },
         description: "A connection"
@@ -18864,7 +18864,7 @@ const rN = nn.extend({
       200: {
         content: {
           "application/json": {
-            schema: Dr
+            schema: Mr
           }
         },
         description: "The updated connection"
@@ -18910,7 +18910,7 @@ const rN = nn.extend({
       201: {
         content: {
           "application/json": {
-            schema: Dr
+            schema: Mr
           }
         },
         description: "A connection"
@@ -19419,7 +19419,7 @@ function CN(e) {
   const t = e.split("-")[0]?.toLowerCase() || uu;
   return SN.includes(t) ? t : uu;
 }
-function Te(e, t, n, i) {
+function Ie(e, t, n, i) {
   const r = CN(n), o = _a[uu]?.[e]?.[t] ?? {}, s = _a[r]?.[e]?.[t] ?? {}, c = { ...o, ...s }, l = i?.[t] ?? {}, d = { ...c, ...l }, u = IS[`${e}.${t}`];
   if (u) {
     const h = u.safeParse(d);
@@ -20104,7 +20104,7 @@ async function fd(e) {
   });
   return await Promise.all(
     t.map(async (i) => {
-      const o = await new ro(i.cert).publicKey.export(), s = await crypto.subtle.exportKey("jwk", o);
+      const o = await new oo(i.cert).publicKey.export(), s = await crypto.subtle.exportKey("jwk", o);
       return WA.parse({
         ...s,
         kid: i.kid
@@ -20500,7 +20500,7 @@ const c9 = new he().openapi(
       200: {
         content: {
           "application/json": {
-            schema: a.array(Pr)
+            schema: a.array(jr)
           }
         },
         description: "List of custom domains"
@@ -20533,7 +20533,7 @@ const c9 = new he().openapi(
       200: {
         content: {
           "application/json": {
-            schema: Pr
+            schema: jr
           }
         },
         description: "A customDomain"
@@ -20593,7 +20593,7 @@ const c9 = new he().openapi(
       body: {
         content: {
           "application/json": {
-            schema: a.object(Pr.shape).partial()
+            schema: a.object(jr.shape).partial()
           }
         }
       },
@@ -20613,7 +20613,7 @@ const c9 = new he().openapi(
       200: {
         content: {
           "application/json": {
-            schema: Pr
+            schema: jr
           }
         },
         description: "The updated custom domain"
@@ -20662,7 +20662,7 @@ const c9 = new he().openapi(
       201: {
         content: {
           "application/json": {
-            schema: Pr
+            schema: jr
           }
         },
         description: "The created custom domain"
@@ -20698,7 +20698,7 @@ const c9 = new he().openapi(
       200: {
         content: {
           "application/json": {
-            schema: Pr
+            schema: jr
           }
         },
         description: "The custom domain"
@@ -20785,7 +20785,7 @@ async function _9(e, t) {
     includePadding: !1
   });
 }
-const Ke = "auth2", Fl = 300, jp = 720 * 60 * 60, oo = 1440 * 60, w9 = "auth-token", ea = 1800 * 1e3, Hg = 10080 * 60 * 1e3, b9 = 300, v9 = 300, A9 = 1800 * 1e3, k9 = 1800 * 1e3, S9 = 1440 * 60 * 1e3;
+const Ke = "auth2", Fl = 300, jp = 720 * 60 * 60, lr = 1440 * 60, w9 = "auth-token", ea = 1800 * 1e3, Hg = 10080 * 60 * 1e3, b9 = 300, v9 = 300, A9 = 1800 * 1e3, k9 = 1800 * 1e3, S9 = 1440 * 60 * 1e3;
 var wn = {}, Vb;
 function x9() {
   if (Vb) return wn;
@@ -20999,7 +20999,7 @@ function E9(e, t) {
   }
   return i;
 }
-function lr(e, t) {
+function dr(e, t) {
   return t ? xc.parse(t)[Op(e)] : void 0;
 }
 function MS(e, t) {
@@ -21524,7 +21524,7 @@ const L9 = M9, U9 = j9, F9 = {
   // transformAttributeName: false,
   oneListGroup: !1
 };
-function _r(e) {
+function wr(e) {
   this.options = Object.assign({}, F9, e), this.options.ignoreAttributes === !0 || this.options.attributesGroupName ? this.isAttribute = function() {
     return !1;
   } : (this.ignoreAttributesFn = U9(this.options.ignoreAttributes), this.attrPrefixLen = this.options.attributeNamePrefix.length, this.isAttribute = H9), this.processTextOrObjNode = z9, this.options.format ? (this.indentate = q9, this.tagEndChar = `>
@@ -21533,12 +21533,12 @@ function _r(e) {
     return "";
   }, this.tagEndChar = ">", this.newLine = "");
 }
-_r.prototype.build = function(e) {
+wr.prototype.build = function(e) {
   return this.options.preserveOrder ? L9(e, this.options) : (Array.isArray(e) && this.options.arrayNodeName && this.options.arrayNodeName.length > 1 && (e = {
     [this.options.arrayNodeName]: e
   }), this.j2x(e, 0, []).val);
 };
-_r.prototype.j2x = function(e, t, n) {
+wr.prototype.j2x = function(e, t, n) {
   let i = "", r = "";
   const o = n.join(".");
   for (let s in e)
@@ -21587,14 +21587,14 @@ _r.prototype.j2x = function(e, t, n) {
         r += this.processTextOrObjNode(e[s], s, t, n);
   return { attrStr: i, val: r };
 };
-_r.prototype.buildAttrPairStr = function(e, t) {
+wr.prototype.buildAttrPairStr = function(e, t) {
   return t = this.options.attributeValueProcessor(e, "" + t), t = this.replaceEntitiesValue(t), this.options.suppressBooleanAttributes && t === "true" ? " " + e : " " + e + '="' + t + '"';
 };
 function z9(e, t, n, i) {
   const r = this.j2x(e, n + 1, i.concat(t));
   return e[this.options.textNodeName] !== void 0 && Object.keys(e).length === 1 ? this.buildTextValNode(e[this.options.textNodeName], t, r.attrStr, n) : this.buildObjectNode(r.val, t, r.attrStr, n);
 }
-_r.prototype.buildObjectNode = function(e, t, n, i) {
+wr.prototype.buildObjectNode = function(e, t, n, i) {
   if (e === "")
     return t[0] === "?" ? this.indentate(i) + "<" + t + n + "?" + this.tagEndChar : this.indentate(i) + "<" + t + n + this.closeTag(t) + this.tagEndChar;
   {
@@ -21602,11 +21602,11 @@ _r.prototype.buildObjectNode = function(e, t, n, i) {
     return t[0] === "?" && (o = "?", r = ""), (n || n === "") && e.indexOf("<") === -1 ? this.indentate(i) + "<" + t + n + o + ">" + e + r : this.options.commentPropName !== !1 && t === this.options.commentPropName && o.length === 0 ? this.indentate(i) + `<!--${e}-->` + this.newLine : this.indentate(i) + "<" + t + n + o + this.tagEndChar + e + this.indentate(i) + r;
   }
 };
-_r.prototype.closeTag = function(e) {
+wr.prototype.closeTag = function(e) {
   let t = "";
   return this.options.unpairedTags.indexOf(e) !== -1 ? this.options.suppressUnpairedNode || (t = "/") : this.options.suppressEmptyNode ? t = "/" : t = `></${e}`, t;
 };
-_r.prototype.buildTextValNode = function(e, t, n, i) {
+wr.prototype.buildTextValNode = function(e, t, n, i) {
   if (this.options.cdataPropName !== !1 && t === this.options.cdataPropName)
     return this.indentate(i) + `<![CDATA[${e}]]>` + this.newLine;
   if (this.options.commentPropName !== !1 && t === this.options.commentPropName)
@@ -21618,7 +21618,7 @@ _r.prototype.buildTextValNode = function(e, t, n, i) {
     return r = this.replaceEntitiesValue(r), r === "" ? this.indentate(i) + "<" + t + n + this.closeTag(t) + this.tagEndChar : this.indentate(i) + "<" + t + n + ">" + r + "</" + t + this.tagEndChar;
   }
 };
-_r.prototype.replaceEntitiesValue = function(e) {
+wr.prototype.replaceEntitiesValue = function(e) {
   if (e && e.length > 0 && this.options.processEntities)
     for (let t = 0; t < this.options.entities.length; t++) {
       const n = this.options.entities[t];
@@ -21632,7 +21632,7 @@ function q9(e) {
 function H9(e) {
   return e.startsWith(this.options.attributeNamePrefix) && e !== this.options.textNodeName ? e.substr(this.attrPrefixLen) : !1;
 }
-var K9 = _r;
+var K9 = wr;
 const V9 = K9;
 var G9 = {
   XMLBuilder: V9
@@ -23646,7 +23646,7 @@ function rx(e) {
     target: t.map((n) => typeof n == "string" ? yu(e.parent, n) : n)
   } : e.parent.initial;
 }
-function Ur(e) {
+function Fr(e) {
   return e.type === "history";
 }
 function nv(e) {
@@ -23736,7 +23736,7 @@ function Ly(e, t, n, i) {
 function UP(e) {
   return Object.keys(e.states).map((t) => e.states[t]).filter((t) => t.type === "history");
 }
-function dr(e, t) {
+function ur(e, t) {
   let n = e;
   for (; n.parent && n.parent !== t; )
     n = n.parent;
@@ -23759,7 +23759,7 @@ function ax(e, t, n) {
     const s = /* @__PURE__ */ new Set();
     for (const c of i)
       if (FP(Qg([r], t, n), Qg([c], t, n)))
-        if (dr(r.source, c.source))
+        if (ur(r.source, c.source))
           s.add(c);
         else {
           o = !0;
@@ -23776,7 +23776,7 @@ function ax(e, t, n) {
 function zP(e) {
   const [t, ...n] = e;
   for (const i of ll(t, void 0))
-    if (n.every((r) => dr(r, i)))
+    if (n.every((r) => ur(r, i)))
       return i;
 }
 function Uy(e, t) {
@@ -23784,7 +23784,7 @@ function Uy(e, t) {
     return [];
   const n = /* @__PURE__ */ new Set();
   for (const i of e.target)
-    if (Ur(i))
+    if (Fr(i))
       if (t[i.id])
         for (const r of t[i.id])
           n.add(r);
@@ -23799,7 +23799,7 @@ function sx(e, t) {
   const n = Uy(e, t);
   if (!n)
     return;
-  if (!e.reenter && n.every((r) => r === e.source || dr(r, e.source)))
+  if (!e.reenter && n.every((r) => r === e.source || ur(r, e.source)))
     return e.source;
   const i = zP(n.concat(e.source));
   if (i)
@@ -23814,7 +23814,7 @@ function Qg(e, t, n) {
       const o = sx(r, n);
       r.reenter && r.source === o && i.add(o);
       for (const s of t)
-        dr(s, o) && i.add(s);
+        ur(s, o) && i.add(s);
     }
   return [...i];
 }
@@ -23907,7 +23907,7 @@ function GP(e, t, n, i) {
   for (const r of e) {
     const o = sx(r, t);
     for (const c of r.target || [])
-      !Ur(c) && // if the target is different than the source then it will *definitely* be entered
+      !Fr(c) && // if the target is different than the source then it will *definitely* be entered
       (r.source !== c || // we know that the domain can't lie within the source
       // if it's different than the source then it's outside of it and it means that the target has to be entered as well
       r.source !== o || // reentering transitions always enter the target, even if it's the source itself
@@ -23920,7 +23920,7 @@ function GP(e, t, n, i) {
   }
 }
 function Vo(e, t, n, i) {
-  if (Ur(e))
+  if (Fr(e))
     if (t[e.id]) {
       const r = t[e.id];
       for (const o of r)
@@ -23936,16 +23936,16 @@ function Vo(e, t, n, i) {
     }
   else if (e.type === "compound") {
     const [r] = e.initial.target;
-    Ur(r) || (i.add(r), n.add(r)), Vo(r, t, n, i), Pf(r, e, i, t, n);
+    Fr(r) || (i.add(r), n.add(r)), Vo(r, t, n, i), Pf(r, e, i, t, n);
   } else if (e.type === "parallel")
-    for (const r of wa(e).filter((o) => !Ur(o)))
-      [...i].some((o) => dr(o, r)) || (Ur(r) || (i.add(r), n.add(r)), Vo(r, t, n, i));
+    for (const r of wa(e).filter((o) => !Fr(o)))
+      [...i].some((o) => ur(o, r)) || (Fr(r) || (i.add(r), n.add(r)), Vo(r, t, n, i));
 }
 function cx(e, t, n, i, r) {
   for (const o of i)
-    if ((!r || dr(o, r)) && e.add(o), o.type === "parallel")
-      for (const s of wa(o).filter((c) => !Ur(c)))
-        [...e].some((c) => dr(c, s)) || (e.add(s), Vo(s, t, n, e));
+    if ((!r || ur(o, r)) && e.add(o), o.type === "parallel")
+      for (const s of wa(o).filter((c) => !Fr(c)))
+        [...e].some((c) => ur(c, s)) || (e.add(s), Vo(s, t, n, e));
 }
 function Pf(e, t, n, i, r) {
   cx(n, i, r, ll(e, t));
@@ -23958,7 +23958,7 @@ function WP(e, t, n, i, r, o, s, c) {
   for (const p of d)
     for (const f of UP(p)) {
       let h;
-      f.history === "deep" ? h = (m) => Dy(m) && dr(m, p) : h = (m) => m.parent === p, u ??= {
+      f.history === "deep" ? h = (m) => Dy(m) && ur(m, p) : h = (m) => m.parent === p, u ??= {
         ...o
       }, u[f.id] = Array.from(r).filter(h);
     }
@@ -25168,7 +25168,7 @@ async function Mp(e, t) {
   ), f = p[p.length - 1];
   if (!f?.pkcs7)
     throw new ee(500, { message: "No signing key available" });
-  const h = y9(f.pkcs7), m = gr(e.env, e.var.custom_domain), g = n.audience || r.tenant.audience;
+  const h = y9(f.pkcs7), m = yr(e.env, e.var.custom_domain), g = n.audience || r.tenant.audience;
   if (!g)
     throw new ee(400, {
       error: "invalid_request",
@@ -25421,12 +25421,13 @@ async function $7(e, {
     throw new j(400, {
       message: `Login session ${i.id} not found`
     });
-  const c = s.state || Pe.PENDING;
-  if (c === Pe.FAILED || c === Pe.EXPIRED || c === Pe.COMPLETED)
-    throw new j(400, {
-      message: `Cannot authenticate login session in ${c} state`
+  const c = s.state || $e.PENDING;
+  if (c === $e.FAILED || c === $e.COMPLETED)
+    throw new ee(400, {
+      error: "access_denied",
+      error_description: `Cannot authenticate login session in ${c} state`
     });
-  if (c === Pe.AUTHENTICATED) {
+  if (c === $e.AUTHENTICATED) {
     if (s.session_id)
       return s.session_id;
     throw new j(500, {
@@ -25435,19 +25436,19 @@ async function $7(e, {
   }
   let l;
   if (r) {
-    const p = await e.env.data.sessions.get(
+    const f = await e.env.data.sessions.get(
       n.tenant.id,
       r
     );
-    !p || p.revoked_at ? l = (await sv(e, {
+    !f || f.revoked_at ? l = (await sv(e, {
       user: t,
       client: n,
       loginSession: i
-    })).id : (l = r, p.clients.includes(n.client_id) || await e.env.data.sessions.update(
+    })).id : (l = r, f.clients.includes(n.client_id) || await e.env.data.sessions.update(
       n.tenant.id,
       r,
       {
-        clients: [...p.clients, n.client_id]
+        clients: [...f.clients, n.client_id]
       }
     ));
   } else
@@ -25456,15 +25457,20 @@ async function $7(e, {
       client: n,
       loginSession: i
     })).id;
-  const { state: d } = ui(c, {
+  const d = c === $e.EXPIRED ? $e.PENDING : c, { state: u } = ui(d, {
     type: Hn.AUTHENTICATE,
     userId: t.user_id
-  }), u = o || e.var.connection;
+  }), p = o || e.var.connection;
   return await e.env.data.loginSessions.update(n.tenant.id, i.id, {
     session_id: l,
-    state: d,
+    state: u,
     user_id: t.user_id,
-    ...u ? { auth_connection: u } : {}
+    ...p ? { auth_connection: p } : {},
+    ...c === $e.EXPIRED ? {
+      expires_at: new Date(
+        Date.now() + lr * 1e3
+      ).toISOString()
+    } : {}
   }), l;
 }
 async function T7(e, t, n, i) {
@@ -25478,7 +25484,7 @@ async function T7(e, t, n, i) {
     );
     return;
   }
-  const o = r.state || Pe.PENDING, { state: s, context: c } = ui(o, {
+  const o = r.state || $e.PENDING, { state: s, context: c } = ui(o, {
     type: Hn.FAIL,
     reason: i
   });
@@ -25498,7 +25504,7 @@ async function bu(e, t, n, i) {
     );
     return;
   }
-  const o = r.state || Pe.PENDING, { state: s, context: c } = ui(o, {
+  const o = r.state || $e.PENDING, { state: s, context: c } = ui(o, {
     type: Hn.START_HOOK,
     hookId: i
   });
@@ -25518,7 +25524,7 @@ async function $c(e, t, n) {
     );
     return;
   }
-  const r = i.state || Pe.PENDING, { state: o } = ui(r, {
+  const r = i.state || $e.PENDING, { state: o } = ui(r, {
     type: Hn.COMPLETE_HOOK
   });
   o !== r && await e.env.data.loginSessions.update(t, n.id, {
@@ -25538,7 +25544,7 @@ async function cv(e, t, n, i) {
     );
     return;
   }
-  const o = r.state || Pe.PENDING, { state: s } = ui(o, {
+  const o = r.state || $e.PENDING, { state: s } = ui(o, {
     type: Hn.COMPLETE
   });
   s !== o && await e.env.data.loginSessions.update(t, n.id, {
@@ -25557,7 +25563,7 @@ async function dl(e, t, n, i, r) {
     );
     return;
   }
-  const s = o.state || Pe.PENDING, { state: c } = ui(s, {
+  const s = o.state || $e.PENDING, { state: c } = ui(s, {
     type: Hn.START_CONTINUATION,
     scope: i
   });
@@ -25605,7 +25611,7 @@ async function vu(e, t, n) {
       o = p;
     } catch {
     }
-  const s = i.state || Pe.PENDING, { state: c } = ui(s, {
+  const s = i.state || $e.PENDING, { state: c } = ui(s, {
     type: Hn.COMPLETE_CONTINUATION
   });
   return c !== s ? await e.env.data.loginSessions.update(t, n.id, {
@@ -25624,7 +25630,7 @@ function I7(e) {
   }
 }
 function Au(e, t) {
-  if (e.state !== Pe.AWAITING_CONTINUATION)
+  if (e.state !== $e.AWAITING_CONTINUATION)
     return !1;
   const n = I7(e);
   return n ? n.includes(t) : !1;
@@ -25685,23 +25691,18 @@ async function et(e, t) {
       throw new ee(500, {
         message: "Login session not found."
       });
-    const m = h.state || Pe.PENDING;
-    if (m === Pe.COMPLETED)
+    const m = h.state || $e.PENDING;
+    if (m === $e.COMPLETED)
       throw new ee(400, {
         error: "invalid_request",
         error_description: "Login session has already been completed"
       });
-    if (m === Pe.FAILED)
+    if (m === $e.FAILED)
       throw new ee(400, {
         error: "access_denied",
         error_description: `Login session failed: ${h.failure_reason || "unknown reason"}`
       });
-    if (m === Pe.EXPIRED)
-      throw new ee(400, {
-        error: "invalid_request",
-        error_description: "Login session has expired"
-      });
-    if (m === Pe.PENDING)
+    if (m === $e.PENDING || m === $e.EXPIRED)
       d = await $7(e, {
         user: o,
         client: i,
@@ -25723,7 +25724,7 @@ async function et(e, t) {
       t.loginSession.id
     );
     if (h) {
-      const m = h.state || Pe.PENDING;
+      const m = h.state || $e.PENDING;
       let g = {};
       if (h.state_data)
         try {
@@ -25734,7 +25735,7 @@ async function et(e, t) {
             h.id
           );
         }
-      if (m === Pe.AWAITING_MFA) {
+      if (m === $e.AWAITING_MFA) {
         let w = "/u2/mfa/login-options";
         if (g.authenticationMethodId) {
           const _ = (await e.env.data.authenticationMethods.list(
@@ -25752,7 +25753,7 @@ async function et(e, t) {
           }
         });
       }
-      if (m === Pe.AUTHENTICATED && !g.mfa_verified) {
+      if (m === $e.AUTHENTICATED && !g.mfa_verified) {
         const { checkMfaRequired: w, sendMfaOtp: y } = await Promise.resolve().then(() => S6), _ = await w(
           e,
           i.tenant.id,
@@ -25760,7 +25761,7 @@ async function et(e, t) {
         );
         if (_.required) {
           const { state: v } = ui(
-            Pe.AUTHENTICATED,
+            $e.AUTHENTICATED,
             { type: Hn.REQUIRE_MFA }
           );
           if (_.enrolled) {
@@ -25842,14 +25843,14 @@ async function et(e, t) {
       t.loginSession.id
     );
     if (h) {
-      const m = h.state || Pe.PENDING;
+      const m = h.state || $e.PENDING;
       let g = {};
       if (h.state_data)
         try {
           g = JSON.parse(h.state_data);
         } catch {
         }
-      if (m === Pe.AUTHENTICATED && !g.passkey_nudge_completed) {
+      if (m === $e.AUTHENTICATED && !g.passkey_nudge_completed) {
         const { checkPasskeyNudgeRequired: w } = await import("./passkey-enrollment-D0dl7raT.mjs");
         if ((await w(
           e,
@@ -26239,7 +26240,7 @@ function B7(e) {
 a.object({
   ...Fo.shape,
   tenant: mm,
-  connections: a.array(Dr)
+  connections: a.array(Mr)
 });
 async function tt(e, t, n) {
   let i, r = n;
@@ -27252,7 +27253,7 @@ async function ml(e, t) {
       await e.env.data.tenants.get(l) && e.set("tenant_id", l);
     }
   } else
-    e.set("host", new URL(gr(e.env)).host);
+    e.set("host", new URL(yr(e.env)).host);
   if (!e.var.tenant_id) {
     const { tenants: s } = await e.env.data.tenants.list({ per_page: 2 });
     s.length === 1 && s[0] && e.set("tenant_id", s[0].id);
@@ -28926,7 +28927,7 @@ const ej = nn.extend({
   organization_id: !0,
   invitation_url: !0
 }), hj = nn.extend({
-  organizations: a.array(Mr)
+  organizations: a.array(Lr)
 }), Hy = a.object({
   user_id: a.string().openapi({
     description: "ID of this user"
@@ -28988,7 +28989,7 @@ const ej = nn.extend({
           "application/json": {
             schema: a.union([
               hj,
-              a.array(Mr)
+              a.array(Lr)
             ])
           }
         },
@@ -29030,7 +29031,7 @@ const ej = nn.extend({
       200: {
         content: {
           "application/json": {
-            schema: Mr
+            schema: Lr
           }
         },
         description: "An organization"
@@ -29102,7 +29103,7 @@ const ej = nn.extend({
       200: {
         content: {
           "application/json": {
-            schema: Mr
+            schema: Lr
           }
         },
         description: "The updated organization"
@@ -29148,7 +29149,7 @@ const ej = nn.extend({
       201: {
         content: {
           "application/json": {
-            schema: Mr
+            schema: Lr
           }
         },
         description: "The created organization"
@@ -30250,7 +30251,7 @@ const e0 = a.object({
       },
       csrf_token: He(),
       user_id: t,
-      state: Pe.AWAITING_MFA,
+      state: $e.AWAITING_MFA,
       state_data: JSON.stringify({ guardian_enrollment: !0 })
     }), f = He();
     await e.env.data.codes.create(i, {
@@ -30260,7 +30261,7 @@ const e0 = a.object({
       user_id: t,
       expires_at: u
     });
-    const m = `${gr(e.env, e.var.custom_domain)}u2/guardian/enroll?ticket=${f}`;
+    const m = `${yr(e.env, e.var.custom_domain)}u2/guardian/enroll?ticket=${f}`;
     return e.json(
       {
         ticket_id: f,
@@ -30803,7 +30804,7 @@ async function hv(e, t, n, i) {
     const l = e.get("ip"), d = e.get("useragent"), u = e.get("auth0_client");
     o = await e.env.data.loginSessions.create(t.tenant.id, {
       expires_at: new Date(
-        Date.now() + oo * 1e3
+        Date.now() + lr * 1e3
       ).toISOString(),
       authParams: i,
       csrf_token: He(),
@@ -30909,7 +30910,7 @@ async function mv(e, { code: t, state: n }) {
 function Su(e, t, n) {
   const i = new URL(
     "/u/error",
-    gr(e.env, e.var.custom_domain)
+    yr(e.env, e.var.custom_domain)
   );
   return hx(i, {
     error: t,
@@ -30958,7 +30959,7 @@ async function Hl(e, t, n, i, r) {
     }
   const u = new URL(
     `${l}${d}`,
-    gr(e.env, e.var.custom_domain)
+    yr(e.env, e.var.custom_domain)
   );
   return hx(u, {
     state: s.id,
@@ -31037,13 +31038,14 @@ const Tj = new he().openapi(
             e.var.tenant_id,
             c.login_id
           )) {
-            let d = "access_denied";
+            let d = "access_denied", u = "access_denied";
             try {
-              d = JSON.parse(s.message).message || d;
+              const p = JSON.parse(s.message);
+              d = p.error_description || p.message || d, u = p.error || u;
             } catch {
               d = s.message || d;
             }
-            return Hl(e, t, "access_denied", d);
+            return Hl(e, t, u, d);
           }
         }
       }
@@ -31127,13 +31129,14 @@ const Tj = new he().openapi(
             e.var.tenant_id,
             c.login_id
           )) {
-            let d = "access_denied";
+            let d = "access_denied", u = "access_denied";
             try {
-              d = JSON.parse(s.message).message || d;
+              const p = JSON.parse(s.message);
+              d = p.error_description || p.message || d, u = p.error || u;
             } catch {
               d = s.message || d;
             }
-            return Hl(e, t, "access_denied", d);
+            return Hl(e, t, u, d);
           }
         }
       }
@@ -31220,7 +31223,7 @@ const Nj = new he().openapi(
       });
     const s = e.req.header("cookie");
     if (s) {
-      const d = lr(i.tenant.id, s);
+      const d = dr(i.tenant.id, s);
       if (d) {
         const u = await e.env.data.sessions.get(
           i.tenant.id,
@@ -31500,16 +31503,16 @@ const jj = a.object({
     }
   }),
   async (e) => {
-    const t = U_.parse({
-      issuer: gr(e.env),
-      authorization_endpoint: `${Ge(e.env)}authorize`,
-      token_endpoint: `${Ge(e.env)}oauth/token`,
-      device_authorization_endpoint: `${Ge(e.env)}oauth/device/code`,
-      userinfo_endpoint: `${Ge(e.env)}userinfo`,
-      mfa_challenge_endpoint: `${Ge(e.env)}mfa/challenge`,
-      jwks_uri: `${Ge(e.env)}.well-known/jwks.json`,
-      registration_endpoint: `${Ge(e.env)}oidc/register`,
-      revocation_endpoint: `${Ge(e.env)}oauth/revoke`,
+    const t = e.var.custom_domain, n = U_.parse({
+      issuer: yr(e.env, t),
+      authorization_endpoint: `${Ge(e.env, t)}authorize`,
+      token_endpoint: `${Ge(e.env, t)}oauth/token`,
+      device_authorization_endpoint: `${Ge(e.env, t)}oauth/device/code`,
+      userinfo_endpoint: `${Ge(e.env, t)}userinfo`,
+      mfa_challenge_endpoint: `${Ge(e.env, t)}mfa/challenge`,
+      jwks_uri: `${Ge(e.env, t)}.well-known/jwks.json`,
+      registration_endpoint: `${Ge(e.env, t)}oidc/register`,
+      revocation_endpoint: `${Ge(e.env, t)}oauth/revoke`,
       scopes_supported: [
         "openid",
         "profile",
@@ -31572,7 +31575,7 @@ const jj = a.object({
         "PS256"
       ]
     });
-    return e.json(t, {
+    return e.json(n, {
       headers: {
         "access-control-allow-origin": "*",
         "access-control-allow-method": "GET",
@@ -33529,7 +33532,7 @@ function ZR() {
 function XR() {
   return zj(ZR, arguments);
 }
-function wr(e, t = "US") {
+function br(e, t = "US") {
   const n = e.trim();
   if (n.includes("@")) {
     const i = n.toLowerCase(), r = /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(i);
@@ -33640,7 +33643,7 @@ async function $x(e, {
   authParams: r,
   enforceIpCheck: o = !1
 }) {
-  const s = e.get("ip"), c = e.get("countryCode"), { connectionType: l, normalized: d } = wr(
+  const s = e.get("ip"), c = e.get("countryCode"), { connectionType: l, normalized: d } = br(
     n,
     c
   );
@@ -34002,7 +34005,7 @@ async function vl(e, { to: t, code: n, language: i }) {
   const r = await e.env.data.tenants.get(e.var.tenant_id);
   if (!r)
     throw new j(500, { message: "Tenant not found" });
-  const { connectionType: o } = wr(t), s = await e.env.data.branding.get(e.var.tenant_id), c = s?.logo_url || "", l = s?.colors?.primary || "#7d68f4", d = new URL(Dt(e.env)), u = {
+  const { connectionType: o } = br(t), s = await e.env.data.branding.get(e.var.tenant_id), c = s?.logo_url || "", l = s?.colors?.primary || "#7d68f4", d = new URL(Dt(e.env)), u = {
     vendorName: r.friendly_name,
     vendorId: r.id,
     loginDomain: d.hostname,
@@ -34045,7 +34048,7 @@ async function Al(e, { to: t, code: n, authParams: i, language: r }) {
     throw new j(500, { message: "Tenant not found" });
   if (!i.redirect_uri)
     throw new j(400, { message: "redirect_uri is required" });
-  const { connectionType: s } = wr(t), c = await e.env.data.branding.get(e.var.tenant_id), l = c?.logo_url || "", d = c?.colors?.primary || "", u = new URL(Ge(e.env));
+  const { connectionType: s } = br(t), c = await e.env.data.branding.get(e.var.tenant_id), l = c?.logo_url || "", d = c?.colors?.primary || "", u = new URL(Ge(e.env));
   u.pathname = "passwordless/verify_redirect", u.searchParams.set("verification_code", n), u.searchParams.set("connection", s), u.searchParams.set("client_id", i.client_id), u.searchParams.set("redirect_uri", i.redirect_uri), u.searchParams.set("email", t), i.response_type && u.searchParams.set("response_type", i.response_type), i.scope && u.searchParams.set("scope", i.scope), i.state && u.searchParams.set("state", i.state), i.nonce && u.searchParams.set("nonce", i.nonce), i.code_challenge && u.searchParams.set("code_challenge", i.code_challenge), i.code_challenge_method && u.searchParams.set(
     "code_challenge_method",
     i.code_challenge_method
@@ -34271,7 +34274,7 @@ const cB = new he().openapi(
   }),
   async (e) => {
     const { email: t, client_id: n } = e.req.valid("json"), i = await tt(e.env, n);
-    if (e.set("client_id", i.client_id), mn(e, i.tenant.id), !await mr({
+    if (e.set("client_id", i.client_id), mn(e, i.tenant.id), !await gr({
       userAdapter: e.env.data.users,
       tenant_id: i.tenant.id,
       username: t,
@@ -34287,7 +34290,7 @@ const cB = new he().openapi(
       i.tenant.id,
       {
         expires_at: new Date(
-          Date.now() + oo * 1e3
+          Date.now() + lr * 1e3
         ).toISOString(),
         authParams: o,
         csrf_token: He(),
@@ -34517,7 +34520,7 @@ async function Nx(e, t, n, i) {
   const { data: r } = e.env, { username: o } = n;
   if (e.set("username", o), !o)
     throw new ee(400, { message: "Username is required" });
-  const s = await mr({
+  const s = await gr({
     userAdapter: e.env.data.users,
     tenant_id: t.tenant.id,
     username: o,
@@ -34696,7 +34699,7 @@ const fB = new he().openapi(
         r.tenant.id,
         {
           expires_at: new Date(
-            Date.now() + oo * 1e3
+            Date.now() + lr * 1e3
           ).toISOString(),
           authParams: {
             client_id: n,
@@ -34766,7 +34769,7 @@ async function mB({
     n.tenant.id,
     {
       expires_at: new Date(
-        Date.now() + oo * 1e3
+        Date.now() + lr * 1e3
       ).toISOString(),
       authParams: i,
       csrf_token: He(),
@@ -34797,7 +34800,7 @@ async function mB({
       code_type: "otp",
       login_id: p.id,
       expires_at: new Date(
-        Date.now() + oo * 1e3
+        Date.now() + lr * 1e3
       ).toISOString(),
       redirect_uri: i.redirect_uri
     }), await Al(e, {
@@ -35238,7 +35241,7 @@ const vB = new he().openapi(
     };
     if ($.redirect_uri) {
       const D = T.callbacks || [];
-      if (e.var.host && (D.push(`${gr(e.env)}/*`), D.push(`${Dt(e.env)}/*`)), !Ky($.redirect_uri, D, {
+      if (e.var.host && (D.push(`${yr(e.env)}/*`), D.push(`${Dt(e.env)}/*`)), !Ky($.redirect_uri, D, {
         allowPathWildcards: !0,
         allowSubDomainWildcards: !0
       }))
@@ -35365,7 +35368,7 @@ const vB = new he().openapi(
       });
     if (c.redirect_uri) {
       const _ = s.callbacks || [];
-      if (e.var.host && (_.push(`${gr(e.env)}/*`), _.push(`${Dt(e.env)}/*`)), !Ky(c.redirect_uri, _, {
+      if (e.var.host && (_.push(`${yr(e.env)}/*`), _.push(`${Dt(e.env)}/*`)), !Ky(c.redirect_uri, _, {
         allowPathWildcards: !0,
         allowSubDomainWildcards: !0
       }))
@@ -35373,7 +35376,7 @@ const vB = new he().openapi(
           message: `Invalid redirect URI - ${c.redirect_uri}`
         });
     }
-    const d = lr(
+    const d = dr(
       s.tenant.id,
       e.req.header("cookie")
     ), u = d ? await t.data.sessions.get(s.tenant.id, d) : void 0, p = u && !u.revoked_at ? u : void 0, f = new URL(e.req.url);
@@ -35382,7 +35385,7 @@ const vB = new he().openapi(
       s.tenant.id,
       {
         expires_at: new Date(
-          Date.now() + oo * 1e3
+          Date.now() + lr * 1e3
         ).toISOString(),
         authParams: c,
         csrf_token: He(),
@@ -35518,7 +35521,7 @@ var Xy = /* @__PURE__ */ Symbol("RENDERER"), s0 = /* @__PURE__ */ Symbol("ERROR_
   style: ["data-href"],
   link: ["href"],
   meta: ["name", "httpEquiv", "charset", "itemProp"]
-}, c0 = {}, Or = "data-precedence", Dx = (e) => e.rel === "stylesheet" && "precedence" in e, Mx = (e, t) => e === "link" ? t : $u[e].length > 0, Sl = (e) => Array.isArray(e) ? e : [e], Kv = /* @__PURE__ */ new WeakMap(), Vv = (e, t, n, i) => ({ buffer: r, context: o }) => {
+}, c0 = {}, Rr = "data-precedence", Dx = (e) => e.rel === "stylesheet" && "precedence" in e, Mx = (e, t) => e === "link" ? t : $u[e].length > 0, Sl = (e) => Array.isArray(e) ? e : [e], Kv = /* @__PURE__ */ new WeakMap(), Vv = (e, t, n, i) => ({ buffer: r, context: o }) => {
   if (!r)
     return;
   const s = Kv.get(o) || {};
@@ -35528,7 +35531,7 @@ var Xy = /* @__PURE__ */ Symbol("RENDERER"), s0 = /* @__PURE__ */ Symbol("ERROR_
   const d = $u[e], u = Mx(e, i !== void 0);
   if (u) {
     e: for (const [, p] of c)
-      if (!(e === "link" && !(p.rel === "stylesheet" && p[Or] !== void 0))) {
+      if (!(e === "link" && !(p.rel === "stylesheet" && p[Rr] !== void 0))) {
         for (const f of d)
           if ((p?.[f] ?? null) === n?.[f]) {
             l = !0;
@@ -35556,7 +35559,7 @@ var Xy = /* @__PURE__ */ Symbol("RENDERER"), s0 = /* @__PURE__ */ Symbol("ERROR_
   if ("itemProp" in n)
     return xl(e, t, n);
   let { precedence: r, blocking: o, ...s } = n;
-  r = i ? r ?? "" : void 0, i && (s[Or] = r);
+  r = i ? r ?? "" : void 0, i && (s[Rr] = r);
   const c = new jn(e, s, Sl(t || [])).toString();
   return c instanceof Promise ? c.then(
     (l) => cr(c, [
@@ -35872,7 +35875,7 @@ async function co(e, t, n) {
     e,
     t,
     !0
-  ), l = lr(o.tenant.id, e.req.header("cookie")), d = l ? await e.env.data.sessions.get(o.tenant.id, l) : null;
+  ), l = dr(o.tenant.id, e.req.header("cookie")), d = l ? await e.env.data.sessions.get(o.tenant.id, l) : null;
   if (n?.continuationScope && Au(c, n.continuationScope)) {
     if (!c.user_id)
       throw new en(
@@ -36040,7 +36043,7 @@ function Qv(e, t = "light") {
   const n = l0(e, "#ffffff"), i = l0(e, "#000000"), r = 1.35;
   return t === "light" ? i > n * r ? "#000000" : "#ffffff" : i * r > n ? "#000000" : "#ffffff";
 }
-const Ea = "mndbcdfd", KB = (e, t) => {
+const Ea = "mndlhg9d", KB = (e, t) => {
   const n = e?.colors?.primary_button || t?.colors?.primary || "#000000", i = e?.colors?.base_hover_color || HB(n, 0.2), r = e?.colors?.primary_button_label, o = r && l0(r, n) >= 4.5, s = o ? r : Qv(n, "light"), c = o ? r : Qv(n, "dark"), l = s !== c ? `
     @media (prefers-color-scheme: dark) {
       body { --text-on-primary: ${c}; }
@@ -36503,7 +36506,7 @@ const YB = new he().openapi(
       normalized: f,
       connectionType: h,
       provider: m
-    } = wr(
+    } = br(
       i.username,
       p
     ), g = r.connections.find(
@@ -37026,7 +37029,7 @@ t.match(/^(?:o|pai|str|u|ve)/)) ? t.replace(/([A-Z])/g, "-$1").toLowerCase() : t
     };
   const o = document.head;
   let { onLoad: s, onError: c, precedence: l, blocking: d, ...u } = t, p = null, f = !1;
-  const h = $u[e], m = Mx(e, i), g = (k) => k.getAttribute("rel") === "stylesheet" && k.getAttribute(Or) !== null;
+  const h = $u[e], m = Mx(e, i), g = (k) => k.getAttribute("rel") === "stylesheet" && k.getAttribute(Rr) !== null;
   let w;
   if (m) {
     const k = o.querySelectorAll(e);
@@ -37052,14 +37055,14 @@ t.match(/^(?:o|pai|str|u|ve)/)) ? t.replace(/([A-Z])/g, "-$1").toLowerCase() : t
     }
   } else
     w = o.querySelectorAll(e);
-  l = i ? l ?? "" : void 0, i && (u[Or] = l);
+  l = i ? l ?? "" : void 0, i && (u[Rr] = l);
   const y = n_(
     (k) => {
       if (m) {
         if (e === "link" && l !== void 0) {
           let x = !1;
           for (const C of o.querySelectorAll(e)) {
-            const T = C.getAttribute(Or);
+            const T = C.getAttribute(Rr);
             if (T === null) {
               o.insertBefore(k, C);
               return;
@@ -37075,11 +37078,11 @@ t.match(/^(?:o|pai|str|u|ve)/)) ? t.replace(/([A-Z])/g, "-$1").toLowerCase() : t
         }
         let b = !1;
         for (const x of o.querySelectorAll(e)) {
-          if (b && x.getAttribute(Or) !== l) {
+          if (b && x.getAttribute(Rr) !== l) {
             o.insertBefore(k, x);
             return;
           }
-          x.getAttribute(Or) === l && (b = !0);
+          x.getAttribute(Rr) === l && (b = !0);
         }
         o.appendChild(k);
       } else if (e === "link")
@@ -38041,7 +38044,7 @@ const Mc = (e) => {
         s.tenant.id,
         p.login_id
       ) : void 0;
-      if (await mr({
+      if (await gr({
         userAdapter: e.env.data.users,
         tenant_id: s.tenant.id,
         username: c.authParams.username,
@@ -38245,7 +38248,7 @@ const Mc = (e) => {
         ),
         400
       );
-    const u = await mr({
+    const u = await gr({
       userAdapter: o.data.users,
       tenant_id: l.tenant.id,
       username: d.authParams.username,
@@ -38590,7 +38593,7 @@ const Mc = (e) => {
         ),
         500
       );
-    const s = lr(
+    const s = dr(
       o.tenant.id,
       e.req.header("cookie")
     ), c = s ? await t.data.sessions.get(o.tenant.id, s) : null, l = new URL(e.req.url).pathname.startsWith("/u2/") ? "/u2" : "/u";
@@ -38662,7 +38665,7 @@ const Mc = (e) => {
         ),
         500
       );
-    const c = lr(
+    const c = dr(
       o.tenant.id,
       e.req.header("cookie")
     ), l = c ? await t.data.sessions.get(o.tenant.id, c) : null, d = new URL(e.req.url).pathname.startsWith("/u2/") ? "/u2" : "/u";
@@ -39723,7 +39726,7 @@ const Mc = (e) => {
       throw new j(400, {
         message: "Username not found in state"
       });
-    const d = await mr({
+    const d = await gr({
       userAdapter: i.data.users,
       tenant_id: r.tenant.id,
       username: l,
@@ -40998,7 +41001,7 @@ function x1() {
   };
   return vn.Parser = g, vn;
 }
-var xr = {}, Yf = {}, E1;
+var Er = {}, Yf = {}, E1;
 function $l() {
   return E1 || (E1 = 1, (function(e) {
     Object.defineProperty(e, "__esModule", { value: !0 }), e.Doctype = e.CDATA = e.Tag = e.Style = e.Script = e.Comment = e.Directive = e.Text = e.Root = e.isTag = e.ElementType = void 0;
@@ -41367,9 +41370,9 @@ function $1() {
   return Ce;
 }
 var T1;
-function ur() {
+function pr() {
   return T1 || (T1 = 1, (function(e) {
-    var t = xr && xr.__createBinding || (Object.create ? (function(c, l, d, u) {
+    var t = Er && Er.__createBinding || (Object.create ? (function(c, l, d, u) {
       u === void 0 && (u = d);
       var p = Object.getOwnPropertyDescriptor(l, d);
       (!p || ("get" in p ? !l.__esModule : p.writable || p.configurable)) && (p = { enumerable: !0, get: function() {
@@ -41377,7 +41380,7 @@ function ur() {
       } }), Object.defineProperty(c, u, p);
     }) : (function(c, l, d, u) {
       u === void 0 && (u = d), c[u] = l[d];
-    })), n = xr && xr.__exportStar || function(c, l) {
+    })), n = Er && Er.__exportStar || function(c, l) {
       for (var d in c) d !== "default" && !Object.prototype.hasOwnProperty.call(l, d) && t(l, c, d);
     };
     Object.defineProperty(e, "__esModule", { value: !0 }), e.DomHandler = void 0;
@@ -41445,9 +41448,9 @@ function ur() {
       })()
     );
     e.DomHandler = s, e.default = s;
-  })(xr)), xr;
+  })(Er)), Er;
 }
-var Er = {}, Qn = {}, zt = {}, Zf = {}, An = {}, Gl = {}, I1;
+var Cr = {}, Qn = {}, zt = {}, Zf = {}, An = {}, Gl = {}, I1;
 function ZD() {
   return I1 || (I1 = 1, Object.defineProperty(Gl, "__esModule", { value: !0 }), Gl.default = new Uint16Array(
     // prettier-ignore
@@ -41921,9 +41924,9 @@ function tM() {
     } });
   })(Zf)), Zf;
 }
-var Cr = {}, F1;
+var $r = {}, F1;
 function nM() {
-  return F1 || (F1 = 1, Object.defineProperty(Cr, "__esModule", { value: !0 }), Cr.attributeNames = Cr.elementNames = void 0, Cr.elementNames = new Map([
+  return F1 || (F1 = 1, Object.defineProperty($r, "__esModule", { value: !0 }), $r.attributeNames = $r.elementNames = void 0, $r.elementNames = new Map([
     "altGlyph",
     "altGlyphDef",
     "altGlyphItem",
@@ -41963,7 +41966,7 @@ function nM() {
     "textPath"
   ].map(function(e) {
     return [e.toLowerCase(), e];
-  })), Cr.attributeNames = new Map([
+  })), $r.attributeNames = new Map([
     "definitionURL",
     "attributeName",
     "attributeType",
@@ -42025,7 +42028,7 @@ function nM() {
     "zoomAndPan"
   ].map(function(e) {
     return [e.toLowerCase(), e];
-  }))), Cr;
+  }))), $r;
 }
 var z1;
 function iM() {
@@ -42175,7 +42178,7 @@ function r6() {
     return d && d.__esModule ? d : { default: d };
   };
   Object.defineProperty(Qn, "__esModule", { value: !0 }), Qn.getOuterHTML = r, Qn.getInnerHTML = o, Qn.getText = s, Qn.textContent = c, Qn.innerText = l;
-  var t = /* @__PURE__ */ ur(), n = e(/* @__PURE__ */ iM()), i = /* @__PURE__ */ $l();
+  var t = /* @__PURE__ */ pr(), n = e(/* @__PURE__ */ iM()), i = /* @__PURE__ */ $l();
   function r(d, u) {
     return (0, n.default)(d, u);
   }
@@ -42200,7 +42203,7 @@ var kn = {}, H1;
 function rM() {
   if (H1) return kn;
   H1 = 1, Object.defineProperty(kn, "__esModule", { value: !0 }), kn.getChildren = t, kn.getParent = n, kn.getSiblings = i, kn.getAttributeValue = r, kn.hasAttrib = o, kn.getName = s, kn.nextElementSibling = c, kn.prevElementSibling = l;
-  var e = /* @__PURE__ */ ur();
+  var e = /* @__PURE__ */ pr();
   function t(d) {
     return (0, e.hasChildren)(d) ? d.children : [];
   }
@@ -42300,7 +42303,7 @@ var _i = {}, V1;
 function o6() {
   if (V1) return _i;
   V1 = 1, Object.defineProperty(_i, "__esModule", { value: !0 }), _i.filter = t, _i.find = n, _i.findOneChild = i, _i.findOne = r, _i.existsOne = o, _i.findAll = s;
-  var e = /* @__PURE__ */ ur();
+  var e = /* @__PURE__ */ pr();
   function t(c, l, d, u) {
     return d === void 0 && (d = !0), u === void 0 && (u = 1 / 0), n(c, Array.isArray(l) ? l : [l], d, u);
   }
@@ -42358,7 +42361,7 @@ var wi = {}, G1;
 function a6() {
   if (G1) return wi;
   G1 = 1, Object.defineProperty(wi, "__esModule", { value: !0 }), wi.testElement = s, wi.getElements = c, wi.getElementById = l, wi.getElementsByTagName = d, wi.getElementsByClassName = u, wi.getElementsByTagType = p;
-  var e = /* @__PURE__ */ ur(), t = /* @__PURE__ */ o6(), n = {
+  var e = /* @__PURE__ */ pr(), t = /* @__PURE__ */ o6(), n = {
     tag_name: function(f) {
       return typeof f == "function" ? function(h) {
         return (0, e.isTag)(h) && f(h.name);
@@ -42427,7 +42430,7 @@ var Hi = {}, W1;
 function aM() {
   if (W1) return Hi;
   W1 = 1, Object.defineProperty(Hi, "__esModule", { value: !0 }), Hi.DocumentPosition = void 0, Hi.removeSubsets = t, Hi.compareDocumentPosition = i, Hi.uniqueSort = r;
-  var e = /* @__PURE__ */ ur();
+  var e = /* @__PURE__ */ pr();
   function t(o) {
     for (var s = o.length; --s >= 0; ) {
       var c = o[s];
@@ -42561,7 +42564,7 @@ function sM() {
 var Q1;
 function th() {
   return Q1 || (Q1 = 1, (function(e) {
-    var t = Er && Er.__createBinding || (Object.create ? (function(r, o, s, c) {
+    var t = Cr && Cr.__createBinding || (Object.create ? (function(r, o, s, c) {
       c === void 0 && (c = s);
       var l = Object.getOwnPropertyDescriptor(o, s);
       (!l || ("get" in l ? !o.__esModule : l.writable || l.configurable)) && (l = { enumerable: !0, get: function() {
@@ -42569,11 +42572,11 @@ function th() {
       } }), Object.defineProperty(r, c, l);
     }) : (function(r, o, s, c) {
       c === void 0 && (c = s), r[c] = o[s];
-    })), n = Er && Er.__exportStar || function(r, o) {
+    })), n = Cr && Cr.__exportStar || function(r, o) {
       for (var s in r) s !== "default" && !Object.prototype.hasOwnProperty.call(o, s) && t(o, r, s);
     };
     Object.defineProperty(e, "__esModule", { value: !0 }), e.hasChildren = e.isDocument = e.isComment = e.isText = e.isCDATA = e.isTag = void 0, n(/* @__PURE__ */ r6(), e), n(/* @__PURE__ */ rM(), e), n(/* @__PURE__ */ oM(), e), n(/* @__PURE__ */ o6(), e), n(/* @__PURE__ */ a6(), e), n(/* @__PURE__ */ aM(), e), n(/* @__PURE__ */ sM(), e);
-    var i = /* @__PURE__ */ ur();
+    var i = /* @__PURE__ */ pr();
     Object.defineProperty(e, "isTag", { enumerable: !0, get: function() {
       return i.isTag;
     } }), Object.defineProperty(e, "isCDATA", { enumerable: !0, get: function() {
@@ -42587,7 +42590,7 @@ function th() {
     } }), Object.defineProperty(e, "hasChildren", { enumerable: !0, get: function() {
       return i.hasChildren;
     } });
-  })(Er)), Er;
+  })(Cr)), Cr;
 }
 var Y1;
 function cM() {
@@ -42627,8 +42630,8 @@ function cM() {
     Object.defineProperty(e, "Parser", { enumerable: !0, get: function() {
       return s.Parser;
     } });
-    const c = /* @__PURE__ */ ur();
-    var l = /* @__PURE__ */ ur();
+    const c = /* @__PURE__ */ pr();
+    var l = /* @__PURE__ */ pr();
     Object.defineProperty(e, "DomHandler", { enumerable: !0, get: function() {
       return l.DomHandler;
     } }), Object.defineProperty(e, "DefaultHandler", { enumerable: !0, get: function() {
@@ -45352,9 +45355,9 @@ and ensure you are accounting for this risk.
                 return;
               }
             if (De === "class") {
-              const Me = P[z], qe = P["*"], mi = $[z], yn = N[z], Yt = N["*"], kr = $["*"], Ol = [
+              const Me = P[z], qe = P["*"], mi = $[z], yn = N[z], Yt = N["*"], Sr = $["*"], Ol = [
                 mi,
-                kr
+                Sr
               ].concat(yn, Yt).filter(function(lf) {
                 return lf;
               });
@@ -46763,7 +46766,7 @@ const BM = new he().openapi(
     const { state: t } = e.req.valid("query"), { client: n, loginSession: i } = await Le(e, t, !0);
     if (!n || !n.tenant?.id)
       return console.error("Client or tenant ID missing in GET /u/continue"), e.text("Configuration error", 500);
-    if (i.state !== Pe.AWAITING_CONTINUATION)
+    if (i.state !== $e.AWAITING_CONTINUATION)
       return console.warn(
         `Continue endpoint called but session ${i.id} is in unexpected state ${i.state}`
       ), e.redirect(
@@ -47580,7 +47583,7 @@ function VM(e) {
     }
   }), r;
 }
-async function br(e) {
+async function vr(e) {
   const { routePrefix: t = "/u2" } = e, n = await e.ctx.env.data.promptSettings.get(
     e.tenant.id
   ), i = Jo.parse(n || {}), r = e.connections.some(
@@ -47588,13 +47591,13 @@ async function br(e) {
   );
   return i.identifier_first === !1 && r ? `${t}/login` : `${t}/login/identifier`;
 }
-async function Rr(e) {
-  const { branding: t, state: n, errors: i, messages: r, data: o, customText: s, routePrefix: c } = e, l = e.language || "en", { m: d } = Te(
+async function Br(e) {
+  const { branding: t, state: n, errors: i, messages: r, data: o, customText: s, routePrefix: c } = e, l = e.language || "en", { m: d } = Ie(
     "email-otp-challenge",
     "email-otp-challenge",
     l,
     s
-  ), { m: u } = Te(
+  ), { m: u } = Ie(
     "common",
     "common",
     l,
@@ -47641,7 +47644,7 @@ async function Rr(e) {
     }
   ], w = e.connections.some(
     (_) => _.strategy === G.USERNAME_PASSWORD
-  ) ? await br(e) : `${c}/login/login-passwordless-identifier`;
+  ) ? await vr(e) : `${c}/login/login-passwordless-identifier`;
   return {
     screen: {
       name: "email-otp-challenge",
@@ -47669,9 +47672,9 @@ const GM = {
   name: "Email OTP Challenge",
   description: "Email OTP code verification screen",
   handler: {
-    get: Rr,
+    get: Br,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Ie(
         "email-otp-challenge",
         "email-otp-challenge",
         s,
@@ -47681,7 +47684,7 @@ const GM = {
         const u = c.noCode();
         return {
           error: u,
-          screen: await Rr({
+          screen: await Br({
             ...e,
             errors: { code: u }
           })
@@ -47695,14 +47698,14 @@ const GM = {
         const u = c.sessionExpired();
         return {
           error: u,
-          screen: await Rr({
+          screen: await Br({
             ...e,
             errors: { code: u }
           })
         };
       }
-      const d = l.state || Pe.PENDING;
-      if (d === Pe.AWAITING_MFA || d === Pe.AUTHENTICATED)
+      const d = l.state || $e.PENDING;
+      if (d === $e.AWAITING_MFA || d === $e.AUTHENTICATED)
         try {
           const u = l.session_id ? await n.env.data.sessions.get(
             i.tenant.id,
@@ -47742,7 +47745,7 @@ const GM = {
         const p = c.unexpectedError();
         return {
           error: p,
-          screen: await Rr({
+          screen: await Br({
             ...e,
             errors: { code: p }
           })
@@ -47772,7 +47775,7 @@ const GM = {
         else u instanceof j && (f = u.message);
         return {
           error: f,
-          screen: await Rr({
+          screen: await Br({
             ...e,
             errors: { code: f },
             data: {
@@ -47785,13 +47788,13 @@ const GM = {
     }
   }
 };
-async function Br(e) {
-  const { branding: t, state: n, errors: i, messages: r, data: o, customText: s, routePrefix: c } = e, l = e.language || "en", { m: d } = Te(
+async function Dr(e) {
+  const { branding: t, state: n, errors: i, messages: r, data: o, customText: s, routePrefix: c } = e, l = e.language || "en", { m: d } = Ie(
     "sms-otp-challenge",
     "sms-otp-challenge",
     l,
     s
-  ), { m: u } = Te(
+  ), { m: u } = Ie(
     "common",
     "common",
     l,
@@ -47863,7 +47866,7 @@ async function Br(e) {
           id: "back",
           text: "",
           linkText: u.backText(),
-          href: `${await br(e)}?state=${encodeURIComponent(n)}`
+          href: `${await vr(e)}?state=${encodeURIComponent(n)}`
         }
       ]
     },
@@ -47875,9 +47878,9 @@ const WM = {
   name: "SMS OTP Challenge",
   description: "SMS OTP code verification screen",
   handler: {
-    get: Br,
+    get: Dr,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Ie(
         "sms-otp-challenge",
         "sms-otp-challenge",
         s,
@@ -47890,14 +47893,14 @@ const WM = {
         const u = c.sessionExpired();
         return {
           error: u,
-          screen: await Br({
+          screen: await Dr({
             ...e,
             errors: { code: u }
           })
         };
       }
-      const d = l.state || Pe.PENDING;
-      if (d === Pe.AWAITING_MFA || d === Pe.AUTHENTICATED)
+      const d = l.state || $e.PENDING;
+      if (d === $e.AWAITING_MFA || d === $e.AUTHENTICATED)
         try {
           const u = l.session_id ? await n.env.data.sessions.get(
             i.tenant.id,
@@ -47927,7 +47930,7 @@ const WM = {
         const u = c.noCode();
         return {
           error: u,
-          screen: await Br({
+          screen: await Dr({
             ...e,
             errors: { code: u }
           })
@@ -47947,7 +47950,7 @@ const WM = {
         const p = c.unexpectedError();
         return {
           error: p,
-          screen: await Br({
+          screen: await Dr({
             ...e,
             errors: { code: p }
           })
@@ -47973,7 +47976,7 @@ const WM = {
           }
         return {
           error: f,
-          screen: await Br({
+          screen: await Dr({
             ...e,
             errors: { code: f },
             data: {
@@ -47987,12 +47990,12 @@ const WM = {
   }
 };
 async function w6(e) {
-  const { branding: t, state: n, messages: i, data: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Te(
+  const { branding: t, state: n, messages: i, data: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Ie(
     "magic-link-sent",
     "magic-link-sent",
     c,
     o
-  ), { m: d } = Te(
+  ), { m: d } = Ie(
     "common",
     "common",
     c,
@@ -48047,12 +48050,12 @@ async function w6(e) {
   };
 }
 async function Ks(e) {
-  const { branding: t, state: n, errors: i, data: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Te(
+  const { branding: t, state: n, errors: i, data: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Ie(
     "login-password",
     "login-password",
     c,
     o
-  ), { m: d } = Te(
+  ), { m: d } = Ie(
     "common",
     "common",
     c,
@@ -48097,7 +48100,7 @@ async function Ks(e) {
       },
       order: 2
     }
-  ], m = await br(e);
+  ], m = await vr(e);
   return {
     screen: {
       name: "enter-password",
@@ -48159,7 +48162,7 @@ const JM = {
         ), l = c.headers.get("location"), d = c.headers.getSetCookie?.() || [];
         return l ? { redirect: l, cookies: d } : { response: c };
       } catch (c) {
-        const l = c, d = e.language || "en", { m: u } = Te(
+        const l = c, d = e.language || "en", { m: u } = Ie(
           "login-password",
           "login-password",
           d,
@@ -48231,7 +48234,7 @@ async function Ki(e) {
     messages: s,
     customText: c,
     routePrefix: l
-  } = e, d = e.language || "en", { m: u } = Te("login-id", "login-id", d, c), p = QM(e, u), f = p.length, h = e.connections.some(
+  } = e, d = e.language || "en", { m: u } = Ie("login-id", "login-id", d, c), p = QM(e, u), f = p.length, h = e.connections.some(
     (C) => C.strategy === G.EMAIL || C.strategy === G.SMS || C.strategy === G.USERNAME_PASSWORD
   ), m = e.connections.find(
     (C) => C.strategy === G.USERNAME_PASSWORD
@@ -48318,7 +48321,7 @@ const YM = {
     post: async (e, t) => {
       const { ctx: n, client: i, state: r } = e, o = t.username?.toLowerCase()?.trim(), s = i.connections.find(
         (T) => T.strategy === G.USERNAME_PASSWORD
-      ), c = Ba(s), l = c.usernameIdentifierActive, d = e.language || "en", { m: u } = Te(
+      ), c = Ba(s), l = c.usernameIdentifierActive, d = e.language || "en", { m: u } = Ie(
         "login-id",
         "login-id",
         d,
@@ -48334,7 +48337,7 @@ const YM = {
           })
         };
       }
-      const p = n.get("countryCode"), { normalized: f, connectionType: h, provider: m } = wr(o, p);
+      const p = n.get("countryCode"), { normalized: f, connectionType: h, provider: m } = br(o, p);
       if (!f) {
         const T = u["invalid-email-format"]();
         return {
@@ -48473,7 +48476,7 @@ const YM = {
         to: f,
         code: k,
         language: C
-      }), h === "sms" ? { screen: await Br(v) } : x?.options?.authentication_method === "magic_link" ? { screen: await w6(v) } : { screen: await Rr(v) };
+      }), h === "sms" ? { screen: await Dr(v) } : x?.options?.authentication_method === "magic_link" ? { screen: await w6(v) } : { screen: await Br(v) };
     }
   }
 };
@@ -48546,7 +48549,7 @@ async function Sn(e) {
     messages: s,
     customText: c,
     routePrefix: l
-  } = e, d = e.language || "en", { m: u } = Te("login", "login", d, c), p = ZM(e, u), f = p.length, h = e.connections.find(
+  } = e, d = e.language || "en", { m: u } = Ie("login", "login", d, c), p = ZM(e, u), f = p.length, h = e.connections.find(
     (x) => x.strategy === G.USERNAME_PASSWORD
   ), m = !!h, g = Ba(h), w = g.usernameIdentifierActive, y = g.emailIdentifierActive, _ = w && y || w ? u.usernamePlaceholder() : u.emailPlaceholder(), v = [
     // Social login buttons (if any)
@@ -48650,7 +48653,7 @@ const XM = {
   handler: {
     get: Sn,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.username?.toLowerCase()?.trim(), s = t.password?.trim(), c = e.language || "en", { m: l } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.username?.toLowerCase()?.trim(), s = t.password?.trim(), c = e.language || "en", { m: l } = Ie(
         "login",
         "login",
         c,
@@ -48679,7 +48682,7 @@ const XM = {
           })
         };
       }
-      const f = n.get("countryCode"), { normalized: h, connectionType: m, provider: g } = wr(o, f);
+      const f = n.get("countryCode"), { normalized: h, connectionType: m, provider: g } = br(o, f);
       if (!h) {
         const _ = l.invalidIdentifier();
         return {
@@ -48812,7 +48815,7 @@ const XM = {
   }
 };
 async function Zn(e) {
-  const { branding: t, state: n, prefill: i, errors: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Te("signup", "signup", c, o), d = e.connections.some(
+  const { branding: t, state: n, prefill: i, errors: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Ie("signup", "signup", c, o), d = e.connections.some(
     (h) => h.strategy === G.USERNAME_PASSWORD
   ), u = [];
   if (d) {
@@ -48881,7 +48884,7 @@ async function Zn(e) {
     const h = u.find((m) => m.id === "email");
     h && "config" in h && (h.config.default_value = i.email);
   }
-  const p = await br(e);
+  const p = await vr(e);
   return {
     screen: {
       name: "signup",
@@ -48910,12 +48913,12 @@ const eL = {
   handler: {
     get: Zn,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.email?.toLowerCase()?.trim(), s = t.password?.trim(), c = t.re_password?.trim(), l = e.language || "en", { m: d } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.email?.toLowerCase()?.trim(), s = t.password?.trim(), c = t.re_password?.trim(), l = e.language || "en", { m: d } = Ie(
         "signup",
         "signup",
         l,
         e.customText
-      ), { m: u } = Te(
+      ), { m: u } = Ie(
         "signup-password",
         "signup-password",
         l,
@@ -48982,7 +48985,7 @@ const eL = {
           })
         };
       }
-      if (await mr({
+      if (await gr({
         userAdapter: n.env.data.users,
         tenant_id: i.tenant.id,
         username: o,
@@ -49073,12 +49076,12 @@ async function tL(e) {
     messages: o,
     customText: s,
     routePrefix: c = "/u2"
-  } = e, l = e.language || "en", { m: d } = Te(
+  } = e, l = e.language || "en", { m: d } = Ie(
     "reset-password",
     "reset-password",
     l,
     s
-  ), { m: u } = Te("login", "login", l, s), p = [
+  ), { m: u } = Ie("login", "login", l, s), p = [
     // Info text
     {
       id: "info",
@@ -49134,7 +49137,7 @@ async function tL(e) {
           id: "back",
           text: d.backToLoginText(),
           linkText: u.buttonText(),
-          href: `${await br(e)}?state=${encodeURIComponent(n)}`
+          href: `${await vr(e)}?state=${encodeURIComponent(n)}`
         }
       ]
     },
@@ -49154,7 +49157,7 @@ const nL = {
   }
 };
 async function bi(e) {
-  const { branding: t, state: n, errors: i, messages: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Te(
+  const { branding: t, state: n, errors: i, messages: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Ie(
     "reset-password",
     "reset-password",
     c,
@@ -49224,7 +49227,7 @@ const iL = {
   handler: {
     get: bi,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, { env: o } = n, s = t.password?.trim(), c = t.confirm_password?.trim(), l = e.language || "en", { m: d } = Te(
+      const { ctx: n, client: i, state: r } = e, { env: o } = n, s = t.password?.trim(), c = t.confirm_password?.trim(), l = e.language || "en", { m: d } = Ie(
         "reset-password",
         "reset-password",
         l,
@@ -49260,7 +49263,7 @@ const iL = {
             errors: { password: "Session expired. Please start over." }
           })
         };
-      const p = await mr({
+      const p = await gr({
         userAdapter: o.data.users,
         tenant_id: i.tenant.id,
         username: u.authParams.username,
@@ -49580,15 +49583,15 @@ async function v6(e) {
     state: r,
     routePrefix: o = "/u2",
     customText: s
-  } = e, c = e.language || "en", { m: l } = Te(
+  } = e, c = e.language || "en", { m: l } = Ie(
     "check-account",
     "check-account",
     c,
     s
-  ), d = await br(e);
+  ), d = await vr(e);
   if (!await t.env.data.loginSessions.get(n.id, r))
     throw new j(400, { message: "Login session not found" });
-  const p = lr(n.id, t.req.header("cookie")), f = p ? await t.env.data.sessions.get(n.id, p) : null;
+  const p = dr(n.id, t.req.header("cookie")), f = p ? await t.env.data.sessions.get(n.id, p) : null;
   if (!f || f.revoked_at)
     throw new en(
       `${d}?state=${encodeURIComponent(r)}`
@@ -49645,7 +49648,7 @@ async function aL(e, t) {
   const { ctx: n, tenant: i, client: r, state: o } = e, s = await n.env.data.loginSessions.get(i.id, o);
   if (!s)
     throw new j(400, { message: "Login session not found" });
-  const c = lr(i.id, n.req.header("cookie")), l = c ? await n.env.data.sessions.get(i.id, c) : null, d = await br(e);
+  const c = dr(i.id, n.req.header("cookie")), l = c ? await n.env.data.sessions.get(i.id, c) : null, d = await vr(e);
   if (!l || l.revoked_at)
     return {
       redirect: `${d}?state=${encodeURIComponent(o)}`
@@ -49670,7 +49673,7 @@ async function aL(e, t) {
       return {
         redirect: `${d}?state=${encodeURIComponent(o)}`
       };
-    const h = e.language || "en", { m } = Te(
+    const h = e.language || "en", { m } = Ie(
       "check-account",
       "check-account",
       h,
@@ -49700,12 +49703,12 @@ async function Vi(e) {
     messages: o,
     customText: s,
     routePrefix: c
-  } = e, l = e.language || "en", { m: d } = Te(
+  } = e, l = e.language || "en", { m: d } = Ie(
     "login-passwordless",
     "login-passwordless",
     l,
     s
-  ), { m: u } = Te(
+  ), { m: u } = Ie(
     "common",
     "common",
     l,
@@ -49810,7 +49813,7 @@ const cL = {
   handler: {
     get: Vi,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.username?.toLowerCase()?.trim(), s = e.language || "en", { m: c } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.username?.toLowerCase()?.trim(), s = e.language || "en", { m: c } = Ie(
         "login-passwordless",
         "login-passwordless",
         s,
@@ -49826,7 +49829,7 @@ const cL = {
           })
         };
       }
-      const l = n.get("countryCode"), { normalized: d, connectionType: u } = wr(
+      const l = n.get("countryCode"), { normalized: d, connectionType: u } = br(
         o,
         l
       );
@@ -49962,7 +49965,7 @@ const cL = {
         data: { email: d },
         errors: void 0
       };
-      return u === "sms" ? { screen: await Br(y) } : p?.options?.authentication_method === "magic_link" ? { screen: await w6(y) } : { screen: await Rr(y) };
+      return u === "sms" ? { screen: await Dr(y) } : p?.options?.authentication_method === "magic_link" ? { screen: await w6(y) } : { screen: await Br(y) };
     }
   }
 };
@@ -50102,7 +50105,7 @@ const S6 = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
   verifyTotpCode: f_
 }, Symbol.toStringTag, { value: "Module" }));
 async function cs(e) {
-  const { branding: t, state: n, errors: i, customText: r, routePrefix: o } = e, s = e.language || "en", { m: c } = Te(
+  const { branding: t, state: n, errors: i, customText: r, routePrefix: o } = e, s = e.language || "en", { m: c } = Ie(
     "mfa-phone",
     "mfa-phone-enrollment",
     s,
@@ -50157,7 +50160,7 @@ const wL = {
   handler: {
     get: cs,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.phone_number?.trim(), s = e.language || "en", { m: c } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.phone_number?.trim(), s = e.language || "en", { m: c } = Ie(
         "mfa-phone",
         "mfa-phone-enrollment",
         s,
@@ -50253,7 +50256,7 @@ const wL = {
   }
 };
 async function vi(e) {
-  const { branding: t, state: n, errors: i, messages: r, data: o, customText: s, routePrefix: c } = e, l = e.language || "en", { m: d } = Te(
+  const { branding: t, state: n, errors: i, messages: r, data: o, customText: s, routePrefix: c } = e, l = e.language || "en", { m: d } = Ie(
     "mfa-phone",
     "mfa-phone-challenge",
     l,
@@ -50343,7 +50346,7 @@ const bL = {
   handler: {
     get: vi,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Ie(
         "mfa-phone",
         "mfa-phone-challenge",
         s,
@@ -50354,7 +50357,7 @@ const bL = {
           i.tenant.id,
           r
         );
-        if (!u || u.state !== Pe.AWAITING_MFA) {
+        if (!u || u.state !== $e.AWAITING_MFA) {
           const h = c["transaction-not-found"]();
           return {
             error: h,
@@ -50404,7 +50407,7 @@ const bL = {
         i.tenant.id,
         r
       );
-      if (!l || !l.user_id || l.state !== Pe.AWAITING_MFA) {
+      if (!l || !l.user_id || l.state !== $e.AWAITING_MFA) {
         const u = c["transaction-not-found"]();
         return {
           error: u,
@@ -50502,7 +50505,7 @@ const bL = {
               branding: e.branding
             }
           };
-        const p = l.state || Pe.AWAITING_MFA, { state: f } = ui(
+        const p = l.state || $e.AWAITING_MFA, { state: f } = ui(
           p,
           { type: Hn.COMPLETE_MFA }
         );
@@ -52064,8 +52067,8 @@ function FL() {
 }
 var zL = FL();
 const qL = /* @__PURE__ */ D0(zL);
-async function $r(e, t) {
-  const { branding: n, state: i, errors: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Te(
+async function Tr(e, t) {
+  const { branding: n, state: i, errors: r, customText: o, routePrefix: s } = e, c = e.language || "en", { m: l } = Ie(
     "mfa-otp",
     "mfa-totp-enrollment",
     c,
@@ -52153,7 +52156,7 @@ const HL = {
         i
       );
       if (!r || !r.user_id)
-        return $r(e);
+        return Tr(e);
       const o = r.state_data ? JSON.parse(r.state_data) : {};
       let s = o.totpSecret;
       if (!s) {
@@ -52183,13 +52186,13 @@ const HL = {
         n.tenant.id,
         r.user_id
       ))?.email || r.user_id, d = n.tenant.friendly_name || n.tenant.id, u = vd(d, l, s), p = await im(u);
-      return $r(e, {
+      return Tr(e, {
         qrCodeSvg: p,
         secretBase32: s
       });
     },
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Ie(
         "mfa-otp",
         "mfa-totp-enrollment",
         s,
@@ -52207,7 +52210,7 @@ const HL = {
         }
         return {
           error: h,
-          screen: await $r(
+          screen: await Tr(
             { ...e, errors: { code: h } },
             w ? {
               qrCodeSvg: k,
@@ -52224,7 +52227,7 @@ const HL = {
         const h = c["transaction-not-found"]();
         return {
           error: h,
-          screen: await $r({
+          screen: await Tr({
             ...e,
             errors: { code: h }
           })
@@ -52235,7 +52238,7 @@ const HL = {
         const h = c["transaction-not-found"]();
         return {
           error: h,
-          screen: await $r({
+          screen: await Tr({
             ...e,
             errors: { code: h }
           })
@@ -52253,7 +52256,7 @@ const HL = {
         const m = c.unexpectedError();
         return {
           error: m,
-          screen: await $r({
+          screen: await Tr({
             ...e,
             errors: { code: m }
           })
@@ -52271,7 +52274,7 @@ const HL = {
         ))?.email || l.user_id, g = i.tenant.friendly_name || i.tenant.id, w = c["invalid-code"](), y = vd(g, m, u), _ = await im(y);
         return {
           error: w,
-          screen: await $r(
+          screen: await Tr(
             { ...e, errors: { code: w } },
             {
               qrCodeSvg: _,
@@ -52306,8 +52309,8 @@ const HL = {
     }
   }
 };
-async function Tr(e) {
-  const { branding: t, state: n, errors: i, customText: r, routePrefix: o } = e, s = e.language || "en", { m: c } = Te(
+async function Ir(e) {
+  const { branding: t, state: n, errors: i, customText: r, routePrefix: o } = e, s = e.language || "en", { m: c } = Ie(
     "mfa-otp",
     "mfa-totp-challenge",
     s,
@@ -52376,9 +52379,9 @@ const VL = {
   name: "MFA TOTP Challenge",
   description: "Authenticator app code verification screen for MFA",
   handler: {
-    get: Tr,
+    get: Ir,
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.code?.trim(), s = e.language || "en", { m: c } = Ie(
         "mfa-otp",
         "mfa-totp-challenge",
         s,
@@ -52388,7 +52391,7 @@ const VL = {
         const p = c["invalid-code"]();
         return {
           error: p,
-          screen: await Tr({
+          screen: await Ir({
             ...e,
             errors: { code: p }
           })
@@ -52398,11 +52401,11 @@ const VL = {
         i.tenant.id,
         r
       );
-      if (!l || !l.user_id || l.state !== Pe.AWAITING_MFA) {
+      if (!l || !l.user_id || l.state !== $e.AWAITING_MFA) {
         const p = c["transaction-not-found"]();
         return {
           error: p,
-          screen: await Tr({
+          screen: await Ir({
             ...e,
             errors: { code: p }
           })
@@ -52422,7 +52425,7 @@ const VL = {
         const p = c["transaction-not-found"]();
         return {
           error: p,
-          screen: await Tr({
+          screen: await Ir({
             ...e,
             errors: { code: p }
           })
@@ -52440,7 +52443,7 @@ const VL = {
         const f = c.unexpectedError();
         return {
           error: f,
-          screen: await Tr({
+          screen: await Ir({
             ...e,
             errors: { code: f }
           })
@@ -52455,7 +52458,7 @@ const VL = {
         const p = c["invalid-code"]();
         return {
           error: p,
-          screen: await Tr({
+          screen: await Ir({
             ...e,
             errors: { code: p }
           })
@@ -52478,7 +52481,7 @@ const VL = {
             userId: l.user_id
           }));
         }
-        const f = l.state || Pe.AWAITING_MFA, { state: h } = ui(
+        const f = l.state || $e.AWAITING_MFA, { state: h } = ui(
           f,
           { type: Hn.COMPLETE_MFA }
         );
@@ -52511,7 +52514,7 @@ const VL = {
         const p = c.unexpectedError();
         return {
           error: p,
-          screen: await Tr({
+          screen: await Ir({
             ...e,
             errors: { code: p }
           })
@@ -52521,7 +52524,7 @@ const VL = {
   }
 };
 async function GL(e, t) {
-  const { branding: n, state: i, customText: r, routePrefix: o } = e, s = e.language || "en", { m: c } = Te(
+  const { branding: n, state: i, customText: r, routePrefix: o } = e, s = e.language || "en", { m: c } = Ie(
     "mfa-login-options",
     "mfa-login-options",
     s,
@@ -52567,7 +52570,7 @@ const WL = {
       );
       if (!r || !r.user_id)
         throw new j(400, { message: "Login session not found" });
-      const o = e.language || "en", { m: s } = Te(
+      const o = e.language || "en", { m: s } = Ie(
         "mfa-login-options",
         "mfa-login-options",
         o,
@@ -52670,7 +52673,7 @@ const WL = {
   }
 };
 async function Ui(e) {
-  const { ctx: t, tenant: n, state: i } = e, r = await br(e), o = lr(n.id, t.req.header("cookie")), s = o ? await t.env.data.sessions.get(n.id, o) : null;
+  const { ctx: t, tenant: n, state: i } = e, r = await vr(e), o = dr(n.id, t.req.header("cookie")), s = o ? await t.env.data.sessions.get(n.id, o) : null;
   if (!s || s.revoked_at)
     throw new en(
       `${r}?state=${encodeURIComponent(i)}`
@@ -53309,7 +53312,7 @@ const aU = {
   }
 };
 async function nd(e) {
-  const { branding: t, state: n } = e, i = e.language || "en", { m: r } = Te(
+  const { branding: t, state: n } = e, i = e.language || "en", { m: r } = Ie(
     "passkeys",
     "passkey-enrollment-nudge",
     i,
@@ -53653,7 +53656,7 @@ function _U(e, t, n) {
   for (let c = 0; c < i; c++) {
     if (e.byteLength - n - o <= 0)
       throw new Error("array is not supported or well formed");
-    const [d, u] = Vr(e, n + o);
+    const [d, u] = Gr(e, n + o);
     s.push(d), o += u;
   }
   return [s, o];
@@ -53669,14 +53672,14 @@ function wU(e, t, n) {
     let l = e.byteLength - n - o;
     if (l <= 0)
       throw new Error(id);
-    const [d, u] = Vr(e, n + o);
+    const [d, u] = Gr(e, n + o);
     if (o += u, l -= u, l <= 0)
       throw new Error(id);
     if (typeof d != "string" && typeof d != "number")
       throw new Error(id);
     if (s.has(d))
       throw new Error(id);
-    const [p, f] = Vr(e, n + o);
+    const [p, f] = Gr(e, n + o);
     o += f, s.set(d, p);
   }
   return [s, o];
@@ -53704,10 +53707,10 @@ function AU(e, t) {
   return [e.getFloat64(t + 1, !1), 9];
 }
 function kU(e, t, n) {
-  const [i, r] = Il(e, t, n), [o, s] = Vr(e, n + r);
+  const [i, r] = Il(e, t, n), [o, s] = Gr(e, n + r);
   return [new L6(i, o), r + s];
 }
-function Vr(e, t) {
+function Gr(e, t) {
   if (t >= e.byteLength)
     throw new Error("CBOR stream ended before tag value");
   const n = e.getUint8(t), i = n >> 5, r = n & 31;
@@ -53816,7 +53819,7 @@ function Uc(e, t) {
 function jU(e, t) {
   if (e.byteLength === 0 || e.byteLength <= t || t < 0)
     throw new Error("No data");
-  return e instanceof Uint8Array ? Vr(new DataView(e.buffer), t) : e instanceof ArrayBuffer ? Vr(new DataView(e), t) : Vr(e, t);
+  return e instanceof Uint8Array ? Gr(new DataView(e.buffer), t) : e instanceof ArrayBuffer ? Gr(new DataView(e), t) : Gr(e, t);
 }
 function OU(e) {
   const t = [];
@@ -53838,21 +53841,21 @@ function pA(e) {
   return OU(e);
 }
 function RU(e) {
-  const t = e.get($e.kty);
+  const t = e.get(Te.kty);
   return y_(t) && t === Un.OKP;
 }
 function ef(e) {
-  const t = e.get($e.kty);
+  const t = e.get(Te.kty);
   return y_(t) && t === Un.EC2;
 }
 function g_(e) {
-  const t = e.get($e.kty);
+  const t = e.get(Te.kty);
   return y_(t) && t === Un.RSA;
 }
-var $e;
+var Te;
 (function(e) {
   e[e.kty = 1] = "kty", e[e.alg = 3] = "alg", e[e.crv = -1] = "crv", e[e.x = -2] = "x", e[e.y = -3] = "y", e[e.n = -1] = "n", e[e.e = -2] = "e";
-})($e || ($e = {}));
+})(Te || (Te = {}));
 var Un;
 (function(e) {
   e[e.OKP = 1] = "OKP", e[e.EC2 = 2] = "EC2", e[e.RSA = 3] = "RSA";
@@ -53867,21 +53870,21 @@ var un;
 function BU(e) {
   return Object.values(un).indexOf(e) >= 0;
 }
-var Ne;
+var Pe;
 (function(e) {
   e[e.ES256 = -7] = "ES256", e[e.EdDSA = -8] = "EdDSA", e[e.ES384 = -35] = "ES384", e[e.ES512 = -36] = "ES512", e[e.PS256 = -37] = "PS256", e[e.PS384 = -38] = "PS384", e[e.PS512 = -39] = "PS512", e[e.ES256K = -47] = "ES256K", e[e.RS256 = -257] = "RS256", e[e.RS384 = -258] = "RS384", e[e.RS512 = -259] = "RS512", e[e.RS1 = -65535] = "RS1";
-})(Ne || (Ne = {}));
+})(Pe || (Pe = {}));
 function Nl(e) {
-  return Object.values(Ne).indexOf(e) >= 0;
+  return Object.values(Pe).indexOf(e) >= 0;
 }
 function Fc(e) {
-  if ([Ne.RS1].indexOf(e) >= 0)
+  if ([Pe.RS1].indexOf(e) >= 0)
     return "SHA-1";
-  if ([Ne.ES256, Ne.PS256, Ne.RS256].indexOf(e) >= 0)
+  if ([Pe.ES256, Pe.PS256, Pe.RS256].indexOf(e) >= 0)
     return "SHA-256";
-  if ([Ne.ES384, Ne.PS384, Ne.RS384].indexOf(e) >= 0)
+  if ([Pe.ES384, Pe.PS384, Pe.RS384].indexOf(e) >= 0)
     return "SHA-384";
-  if ([Ne.ES512, Ne.PS512, Ne.RS512, Ne.EdDSA].indexOf(e) >= 0)
+  if ([Pe.ES512, Pe.PS512, Pe.RS512, Pe.EdDSA].indexOf(e) >= 0)
     return "SHA-512";
   throw new Error(`Could not map COSE alg value of ${e} to a WebCrypto alg`);
 }
@@ -53920,7 +53923,7 @@ async function __(e) {
   ]);
 }
 async function q6(e) {
-  const { cosePublicKey: t, signature: n, data: i, shaHashOverride: r } = e, o = await bo(), s = t.get($e.alg), c = t.get($e.crv), l = t.get($e.x), d = t.get($e.y);
+  const { cosePublicKey: t, signature: n, data: i, shaHashOverride: r } = e, o = await bo(), s = t.get(Te.alg), c = t.get(Te.crv), l = t.get(Te.x), d = t.get(Te.y);
   if (!s)
     throw new Error("Public key was missing alg (EC2)");
   if (!c)
@@ -53966,18 +53969,18 @@ async function q6(e) {
   return o.subtle.verify(g, h, n, i);
 }
 function fA(e) {
-  if ([Ne.EdDSA].indexOf(e) >= 0)
+  if ([Pe.EdDSA].indexOf(e) >= 0)
     return "Ed25519";
-  if ([Ne.ES256, Ne.ES384, Ne.ES512, Ne.ES256K].indexOf(e) >= 0)
+  if ([Pe.ES256, Pe.ES384, Pe.ES512, Pe.ES256K].indexOf(e) >= 0)
     return "ECDSA";
-  if ([Ne.RS256, Ne.RS384, Ne.RS512, Ne.RS1].indexOf(e) >= 0)
+  if ([Pe.RS256, Pe.RS384, Pe.RS512, Pe.RS1].indexOf(e) >= 0)
     return "RSASSA-PKCS1-v1_5";
-  if ([Ne.PS256, Ne.PS384, Ne.PS512].indexOf(e) >= 0)
+  if ([Pe.PS256, Pe.PS384, Pe.PS512].indexOf(e) >= 0)
     return "RSA-PSS";
   throw new Error(`Could not map COSE alg value of ${e} to a WebCrypto key alg name`);
 }
 async function H6(e) {
-  const { cosePublicKey: t, signature: n, data: i, shaHashOverride: r } = e, o = await bo(), s = t.get($e.alg), c = t.get($e.n), l = t.get($e.e);
+  const { cosePublicKey: t, signature: n, data: i, shaHashOverride: r } = e, o = await bo(), s = t.get(Te.alg), c = t.get(Te.n), l = t.get(Te.e);
   if (!s)
     throw new Error("Public key was missing alg (RSA)");
   if (!Nl(s))
@@ -54048,7 +54051,7 @@ ${n}-----END CERTIFICATE-----
 `, n;
 }
 function w_(e) {
-  const t = Ta(e), n = Uint8Array.from([4]), i = t.get($e.x), r = t.get($e.y);
+  const t = Ta(e), n = Uint8Array.from([4]), i = t.get(Te.x), r = t.get(Te.y);
   if (!i)
     throw new Error("COSE public key was missing x");
   return pn(r ? [n, i, r] : [n, i]);
@@ -54249,10 +54252,10 @@ const YU = {
 function Ia(e, t = -7) {
   return typeof e == "string" && (e = nf(e)), LU(e, t);
 }
-async function vr(e, t = []) {
+async function Ar(e, t = []) {
   if (t.length === 0)
     return !0;
-  const n = await bo(), i = e.map((c) => new ro(c));
+  const n = await bo(), i = e.map((c) => new oo(c));
   for (let c = 0; c < i.length; c++) {
     const l = i[c], d = e[c];
     try {
@@ -54270,7 +54273,7 @@ ${d}`);
   }
   const r = t.map((c) => {
     try {
-      return new ro(c);
+      return new oo(c);
     } catch (l) {
       const d = l;
       throw new Error(`Could not parse trust anchor certificate:
@@ -54338,19 +54341,19 @@ class rd extends Error {
 function wA(e) {
   let t;
   if (e === "1.2.840.10045.4.3.2")
-    t = Ne.ES256;
+    t = Pe.ES256;
   else if (e === "1.2.840.10045.4.3.3")
-    t = Ne.ES384;
+    t = Pe.ES384;
   else if (e === "1.2.840.10045.4.3.4")
-    t = Ne.ES512;
+    t = Pe.ES512;
   else if (e === "1.2.840.113549.1.1.11")
-    t = Ne.RS256;
+    t = Pe.RS256;
   else if (e === "1.2.840.113549.1.1.12")
-    t = Ne.RS384;
+    t = Pe.RS384;
   else if (e === "1.2.840.113549.1.1.13")
-    t = Ne.RS512;
+    t = Pe.RS512;
   else if (e === "1.2.840.113549.1.1.5")
-    t = Ne.RS1;
+    t = Pe.RS1;
   else
     throw new Error(`Unable to map X.509 signature algorithm ${e} to a COSE algorithm`);
   return t;
@@ -54379,10 +54382,10 @@ function W6(e) {
     } else
       throw new Error('TODO: Figure out how to handle public keys in "compressed form"');
     const m = /* @__PURE__ */ new Map();
-    m.set($e.kty, Un.EC2), m.set($e.alg, wA(s)), m.set($e.crv, d), m.set($e.x, f), m.set($e.y, h), t = m;
+    m.set(Te.kty, Un.EC2), m.set(Te.alg, wA(s)), m.set(Te.crv, d), m.set(Te.x, f), m.set(Te.y, h), t = m;
   } else if (c === ar) {
     const l = Gt.parse(r.subjectPublicKey, Sp), d = /* @__PURE__ */ new Map();
-    d.set($e.kty, Un.RSA), d.set($e.alg, wA(s)), d.set($e.n, new Uint8Array(l.modulus)), d.set($e.e, new Uint8Array(l.publicExponent)), t = d;
+    d.set(Te.kty, Un.RSA), d.set(Te.alg, wA(s)), d.set(Te.n, new Uint8Array(l.modulus)), d.set(Te.e, new Uint8Array(l.publicExponent)), t = d;
   } else
     throw new Error(`Certificate public key contained unexpected algorithm ID ${c}`);
   return t;
@@ -54419,7 +54422,7 @@ function eF(e, t) {
       data: s,
       signature: c,
       cosePublicKey: o,
-      shaHashOverride: Ne.ES256
+      shaHashOverride: Pe.ES256
     });
   if (g_(o))
     return H6({
@@ -54427,7 +54430,7 @@ function eF(e, t) {
       signature: c,
       cosePublicKey: o
     });
-  const l = o.get($e.kty);
+  const l = o.get(Te.kty);
   throw new Error(`JWT verification with public key of kty ${l} is not supported by this method`);
 }
 function tF(e) {
@@ -54662,7 +54665,7 @@ async function dF(e) {
     const f = Xa.getRootCertificates({
       identifier: "mds"
     });
-    await vr(r, f);
+    await Ar(r, f);
   } catch (f) {
     const h = f;
     throw new Error("BLOB certificate path could not be validated", { cause: h });
@@ -54686,7 +54689,7 @@ async function dF(e) {
   };
 }
 async function uF(e) {
-  const { cosePublicKey: t, signature: n, data: i } = e, r = await bo(), o = t.get($e.alg), s = t.get($e.crv), c = t.get($e.x);
+  const { cosePublicKey: t, signature: n, data: i } = e, r = await bo(), o = t.get(Te.alg), s = t.get(Te.crv), c = t.get(Te.x);
   if (!o)
     throw new Error("Public key was missing alg (OKP)");
   if (!Nl(o))
@@ -54751,7 +54754,7 @@ function bA(e, t) {
 function hF(e) {
   const { cosePublicKey: t, signature: n, data: i, shaHashOverride: r } = e;
   if (ef(t)) {
-    const s = t.get($e.crv);
+    const s = t.get(Te.crv);
     if (!BU(s))
       throw new Error(`unknown COSE curve ${s}`);
     const c = pF(n, s);
@@ -54767,7 +54770,7 @@ function hF(e) {
     if (RU(t))
       return uF({ cosePublicKey: t, signature: n, data: i });
   }
-  const o = t.get($e.kty);
+  const o = t.get(Te.kty);
   throw new Error(`Signature verification with public key of kty ${o} is not supported by this method`);
 }
 function Nn(e, t) {
@@ -54919,7 +54922,7 @@ async function CF(e) {
   if (h !== 0)
     throw new Error(`AAGUID "${h}" was not expected value`);
   try {
-    await vr(f.map(Fn), c);
+    await Ar(f.map(Fn), c);
   } catch (m) {
     const g = m;
     throw new Error(`${g.message} (FIDOU2F)`);
@@ -54928,7 +54931,7 @@ async function CF(e) {
     signature: p,
     data: u,
     x509Certificate: f[0],
-    hashAlgorithm: Ne.ES256
+    hashAlgorithm: Pe.ES256
   });
 }
 const vA = "1.3.6.1.4.1.45724.1.1.4";
@@ -54956,7 +54959,7 @@ var Zt;
 (function(e) {
   e[e.DISABLED = 0] = "DISABLED", e[e.REFRESHING = 1] = "REFRESHING", e[e.READY = 2] = "READY";
 })(Zt || (Zt = {}));
-const Ir = $F();
+const Nr = $F();
 class NF {
   constructor() {
     Object.defineProperty(this, "mdsCache", {
@@ -54995,7 +54998,7 @@ class NF {
           },
           url: TF.url
         }, o += 1);
-      }), Ir(`Cached ${o} local statements`);
+      }), Nr(`Cached ${o} local statements`);
     }
     if (n?.length) {
       const o = Object.keys(this.statementCache).length;
@@ -55009,10 +55012,10 @@ class NF {
           }, p = await this.downloadBlob(u);
           await this.verifyBlob(p, u);
         } catch (u) {
-          Ir(`Could not download BLOB from ${d}:`, u), s -= 1;
+          Nr(`Could not download BLOB from ${d}:`, u), s -= 1;
         }
       const l = Object.keys(this.statementCache).length - o;
-      Ir(`Cached ${l} statements from ${s} metadata server(s)`);
+      Nr(`Cached ${l} statements from ${s} metadata server(s)`);
     }
     r && (this.verificationMode = r), this.setState(Zt.READY);
   }
@@ -55067,7 +55070,7 @@ class NF {
       no: o.no,
       // Remember when we need to refresh this blob
       nextUpdate: s
-    } : s < /* @__PURE__ */ new Date() && Ir(`⚠️ This MDS blob (serial: ${o.no}) contains stale data as of ${s.toISOString()}. Please consider re-initializing MetadataService with a newer MDS blob.`);
+    } : s < /* @__PURE__ */ new Date() && Nr(`⚠️ This MDS blob (serial: ${o.no}) contains stale data as of ${s.toISOString()}. Please consider re-initializing MetadataService with a newer MDS blob.`);
   }
   /**
    * A helper method to pause execution until the service is ready
@@ -55086,7 +55089,7 @@ class NF {
    * Report service status on change
    */
   setState(t) {
-    this.state = t, t === Zt.DISABLED ? Ir("MetadataService is DISABLED") : t === Zt.REFRESHING ? Ir("MetadataService is REFRESHING") : t === Zt.READY && Ir("MetadataService is READY");
+    this.state = t, t === Zt.DISABLED ? Nr("MetadataService is DISABLED") : t === Zt.REFRESHING ? Nr("MetadataService is REFRESHING") : t === Zt.READY && Nr("MetadataService is READY");
   }
 }
 const rf = new NF();
@@ -55096,7 +55099,7 @@ async function of({ statement: e, credentialPublicKey: t, x5c: n, attestationSta
     const y = AA[w];
     y && c.add(y);
   });
-  const l = tf(t), d = l.get($e.kty), u = l.get($e.alg);
+  const l = tf(t), d = l.get(Te.kty), u = l.get(Te.alg);
   if (!d)
     throw new Error("Credential public key was missing kty");
   if (!u)
@@ -55105,7 +55108,7 @@ async function of({ statement: e, credentialPublicKey: t, x5c: n, attestationSta
     throw new Error("Credential public key was missing kty");
   const p = { kty: d, alg: u };
   if (ef(l)) {
-    const w = l.get($e.crv);
+    const w = l.get(Te.crv);
     p.crv = w;
   }
   let f = !1;
@@ -55126,7 +55129,7 @@ ${y}`);
   let g = !1;
   if (h.length === 1 && m.indexOf(h[0]) >= 0 && (g = !0), !g)
     try {
-      await vr(h, m);
+      await Ar(h, m);
     } catch (w) {
       const y = w;
       throw new Error(`Could not validate certificate path with any metadata root certificates: ${y.message}`);
@@ -55206,7 +55209,7 @@ async function PF(e) {
       }
     } else
       try {
-        await vr(l.map(Fn), s);
+        await Ar(l.map(Fn), s);
       } catch (T) {
         const I = T;
         throw new Error(`${I.message} (Packed|Full)`);
@@ -55263,7 +55266,7 @@ async function jF(e) {
     }
   else
     try {
-      await vr(m.x5c.map(Fn), o);
+      await Ar(m.x5c.map(Fn), o);
     } catch (M) {
       const D = M;
       throw new Error(`${D.message} (SafetyNet)`);
@@ -55501,8 +55504,8 @@ async function UF(e) {
   const h = LF(p), { unique: m, type: g, parameters: w } = h, y = tf(r);
   if (g === "TPM_ALG_RSA") {
     if (!g_(y))
-      throw new Error(`Credential public key with kty ${y.get($e.kty)} did not match ${g}`);
-    const xe = y.get($e.n), ue = y.get($e.e);
+      throw new Error(`Credential public key with kty ${y.get(Te.kty)} did not match ${g}`);
+    const xe = y.get(Te.n), ue = y.get(Te.e);
     if (!xe)
       throw new Error("COSE public key missing n (TPM|RSA)");
     if (!ue)
@@ -55516,8 +55519,8 @@ async function UF(e) {
       throw new Error(`Unexpected public key exp ${ft}, expected ${Qe} (TPM|RSA)`);
   } else if (g === "TPM_ALG_ECC") {
     if (!ef(y))
-      throw new Error(`Credential public key with kty ${y.get($e.kty)} did not match ${g}`);
-    const xe = y.get($e.crv), ue = y.get($e.x), je = y.get($e.y);
+      throw new Error(`Credential public key with kty ${y.get(Te.kty)} did not match ${g}`);
+    const xe = y.get(Te.crv), ue = y.get(Te.x), je = y.get(Te.y);
     if (!xe)
       throw new Error("COSE public key missing crv (TPM|ECC)");
     if (!ue)
@@ -55601,7 +55604,7 @@ async function UF(e) {
     }
   else
     try {
-      await vr(u.map(Fn), s);
+      await Ar(u.map(Fn), s);
     } catch (xe) {
       const ue = xe;
       throw new Error(`${ue.message} (TPM)`);
@@ -55628,11 +55631,11 @@ function FF(e) {
 }
 function zF(e) {
   if (e === "TPM_ALG_SHA256")
-    return Ne.ES256;
+    return Pe.ES256;
   if (e === "TPM_ALG_SHA384")
-    return Ne.ES384;
+    return Pe.ES384;
   if (e === "TPM_ALG_SHA512")
-    return Ne.ES512;
+    return Pe.ES512;
   throw new Error(`Unexpected TPM attested name alg ${e}`);
 }
 var g0;
@@ -55800,17 +55803,17 @@ S([
 S([
   E({ context: 724, type: ge, optional: !0 })
 ], _e.prototype, "moduleHash", void 0);
-var pr;
+var fr;
 (function(e) {
   e[e.software = 0] = "software", e[e.trustedEnvironment = 1] = "trustedEnvironment", e[e.strongBox = 2] = "strongBox";
-})(pr || (pr = {}));
+})(fr || (fr = {}));
 var zc;
 (function(e) {
   e[e.KM2 = 1] = "KM2", e[e.KM3 = 2] = "KM3", e[e.KM4 = 3] = "KM4", e[e.KM4_1 = 4] = "KM4_1", e[e.keyMint1 = 100] = "keyMint1", e[e.keyMint2 = 200] = "keyMint2", e[e.keyMint3 = 300] = "keyMint3", e[e.keyMint4 = 400] = "keyMint4";
 })(zc || (zc = {}));
 class fi {
   constructor(t = {}) {
-    this.attestationVersion = zc.KM4, this.attestationSecurityLevel = pr.software, this.keymasterVersion = 0, this.keymasterSecurityLevel = pr.software, this.attestationChallenge = new ge(), this.uniqueId = new ge(), this.softwareEnforced = new _e(), this.teeEnforced = new _e(), Object.assign(this, t);
+    this.attestationVersion = zc.KM4, this.attestationSecurityLevel = fr.software, this.keymasterVersion = 0, this.keymasterSecurityLevel = fr.software, this.attestationChallenge = new ge(), this.uniqueId = new ge(), this.softwareEnforced = new _e(), this.teeEnforced = new _e(), Object.assign(this, t);
   }
 }
 S([
@@ -55839,7 +55842,7 @@ S([
 ], fi.prototype, "teeEnforced", void 0);
 class hi {
   constructor(t = {}) {
-    this.attestationVersion = zc.keyMint4, this.attestationSecurityLevel = pr.software, this.keyMintVersion = 0, this.keyMintSecurityLevel = pr.software, this.attestationChallenge = new ge(), this.uniqueId = new ge(), this.softwareEnforced = new _e(), this.hardwareEnforced = new _e(), Object.assign(this, t);
+    this.attestationVersion = zc.keyMint4, this.attestationSecurityLevel = fr.software, this.keyMintVersion = 0, this.keyMintSecurityLevel = fr.software, this.attestationChallenge = new ge(), this.uniqueId = new ge(), this.softwareEnforced = new _e(), this.hardwareEnforced = new _e(), Object.assign(this, t);
   }
   toLegacyKeyDescription() {
     return new fi({
@@ -55929,7 +55932,7 @@ class Fi {
     this.teeEnforced = t;
   }
   constructor(t = {}) {
-    this.attestationVersion = zc.KM4, this.attestationSecurityLevel = pr.software, this.keymasterVersion = 0, this.keymasterSecurityLevel = pr.software, this.attestationChallenge = new ge(), this.uniqueId = new ge(), this.softwareEnforced = new ja(), this.teeEnforced = new ja(), Object.assign(this, t);
+    this.attestationVersion = zc.KM4, this.attestationSecurityLevel = fr.software, this.keymasterVersion = 0, this.keymasterSecurityLevel = fr.software, this.attestationChallenge = new ge(), this.uniqueId = new ge(), this.softwareEnforced = new ja(), this.teeEnforced = new ja(), Object.assign(this, t);
   }
 }
 S([
@@ -56025,7 +56028,7 @@ async function HF(e) {
   else {
     const k = c.slice(0, -1).map(Fn), b = c.slice(-1).map(Fn);
     try {
-      await vr(k, b);
+      await Ar(k, b);
     } catch (x) {
       const C = x;
       throw new Error(`${C.message} (Android Key)`, { cause: C });
@@ -56046,7 +56049,7 @@ async function KF(e) {
   if (!s)
     throw new Error("No attestation certificate provided in attestation statement (Apple)");
   try {
-    await vr(s.map(Fn), o);
+    await Ar(s.map(Fn), o);
   } catch (w) {
     const y = w;
     throw new Error(`${y.message} (Apple)`);
@@ -56116,7 +56119,7 @@ async function VF(e) {
     throw new Error("No public key was provided by authenticator");
   if (!I)
     throw new Error("No AAGUID was present during registration");
-  const ne = tf(M).get($e.alg);
+  const ne = tf(M).get(Te.alg);
   if (typeof ne != "number")
     throw new Error("Credential public key was missing numeric alg");
   if (!l.includes(ne)) {
@@ -56181,7 +56184,7 @@ async function VF(e) {
   };
 }
 async function sn(e, t) {
-  const { branding: n, state: i, routePrefix: r } = e, o = e.language || "en", { m: s } = Te(
+  const { branding: n, state: i, routePrefix: r } = e, o = e.language || "en", { m: s } = Ie(
     "passkeys",
     "passkey-enrollment",
     o,
@@ -56384,7 +56387,7 @@ const WF = {
       });
     },
     post: async (e, t) => {
-      const { ctx: n, client: i, state: r } = e, o = t.action, s = t["credential-field"], c = e.language || "en", { m: l } = Te(
+      const { ctx: n, client: i, state: r } = e, o = t.action, s = t["credential-field"], c = e.language || "en", { m: l } = Ie(
         "passkeys",
         "passkey-enrollment",
         c,
@@ -59535,7 +59538,7 @@ let Iz = class {
       let r = 1, o = !1, s = !1, c = "";
       for (; t < e.length; t++)
         if (e[t] === "<" && !s) {
-          if (o && Nr(e, "!ENTITY", t)) {
+          if (o && Pr(e, "!ENTITY", t)) {
             t += 7;
             let l, d;
             if ([l, d, t] = this.readEntityExp(e, t + 1, this.suppressValidationErr), d.indexOf("&") === -1) {
@@ -59549,17 +59552,17 @@ let Iz = class {
                 val: d
               }, i++;
             }
-          } else if (o && Nr(e, "!ELEMENT", t)) {
+          } else if (o && Pr(e, "!ELEMENT", t)) {
             t += 8;
             const { index: l } = this.readElementExp(e, t + 1);
             t = l;
-          } else if (o && Nr(e, "!ATTLIST", t))
+          } else if (o && Pr(e, "!ATTLIST", t))
             t += 8;
-          else if (o && Nr(e, "!NOTATION", t)) {
+          else if (o && Pr(e, "!NOTATION", t)) {
             t += 9;
             const { index: l } = this.readNotationExp(e, t + 1, this.suppressValidationErr);
             t = l;
-          } else if (Nr(e, "!--", t))
+          } else if (Pr(e, "!--", t))
             s = !0;
           else
             throw new Error("Invalid DOCTYPE");
@@ -59629,9 +59632,9 @@ let Iz = class {
       throw new Error(`Invalid element name: "${n}"`);
     t = qt(e, t);
     let i = "";
-    if (e[t] === "E" && Nr(e, "MPTY", t))
+    if (e[t] === "E" && Pr(e, "MPTY", t))
       t += 4;
-    else if (e[t] === "A" && Nr(e, "NY", t))
+    else if (e[t] === "A" && Pr(e, "NY", t))
       t += 2;
     else if (e[t] === "(") {
       for (t++; t < e.length && e[t] !== ")"; )
@@ -59698,7 +59701,7 @@ const qt = (e, t) => {
     t++;
   return t;
 };
-function Nr(e, t, n) {
+function Pr(e, t, n) {
   for (let i = 0; i < t.length; i++)
     if (t[i] !== e[n + i + 1]) return !1;
   return !0;
@@ -59864,7 +59867,7 @@ const Jz = function(e) {
   for (let s = 0; s < e.length; s++)
     if (e[s] === "<")
       if (e[s + 1] === "/") {
-        const c = Fr(e, ">", s, "Closing Tag is not closed.");
+        const c = zr(e, ">", s, "Closing Tag is not closed.");
         let l = e.substring(s + 2, c).trim();
         if (this.options.removeNSPrefix) {
           const p = l.indexOf(":");
@@ -59885,7 +59888,7 @@ const Jz = function(e) {
         }
         s = c.closeIndex + 1;
       } else if (e.substr(s + 1, 3) === "!--") {
-        const c = Fr(e, "-->", s + 4, "Comment is not closed.");
+        const c = zr(e, "-->", s + 4, "Comment is not closed.");
         if (this.options.commentPropName) {
           const l = e.substring(s + 4, c - 2);
           i = this.saveTextToParentTag(i, n, r), n.add(this.options.commentPropName, [{ [this.options.textNodeName]: l }]);
@@ -59895,7 +59898,7 @@ const Jz = function(e) {
         const c = o.readDocType(e, s);
         this.docTypeEntities = c.entities, s = c.i;
       } else if (e.substr(s + 1, 2) === "![") {
-        const c = Fr(e, "]]>", s, "CDATA is not closed.") - 2, l = e.substring(s + 9, c);
+        const c = zr(e, "]]>", s, "CDATA is not closed.") - 2, l = e.substring(s + 9, c);
         i = this.saveTextToParentTag(i, n, r);
         let d = this.parseTextData(l, n.tagname, r, !0, !1, !0, !0);
         d == null && (d = ""), this.options.cdataPropName ? n.add(this.options.cdataPropName, [{ [this.options.textNodeName]: l }]) : n.add(this.options.textNodeName, d), s = c + 2;
@@ -60034,7 +60037,7 @@ function eq(e, t, n = ">") {
     r += s;
   }
 }
-function Fr(e, t, n, i) {
+function zr(e, t, n, i) {
   const r = e.indexOf(t, n);
   if (r === -1)
     throw new Error(i);
@@ -60066,7 +60069,7 @@ function tq(e, t, n) {
   for (; n < e.length; n++)
     if (e[n] === "<")
       if (e[n + 1] === "/") {
-        const o = Fr(e, ">", n, `${t} is not closed`);
+        const o = zr(e, ">", n, `${t} is not closed`);
         if (e.substring(n + 2, o).trim() === t && (r--, r === 0))
           return {
             tagContent: e.substring(i, n),
@@ -60074,11 +60077,11 @@ function tq(e, t, n) {
           };
         n = o;
       } else if (e[n + 1] === "?")
-        n = Fr(e, "?>", n + 1, "StopNode is not closed.");
+        n = zr(e, "?>", n + 1, "StopNode is not closed.");
       else if (e.substr(n + 1, 3) === "!--")
-        n = Fr(e, "-->", n + 3, "StopNode is not closed.");
+        n = zr(e, "-->", n + 3, "StopNode is not closed.");
       else if (e.substr(n + 1, 2) === "![")
-        n = Fr(e, "]]>", n, "StopNode is not closed.") - 2;
+        n = zr(e, "]]>", n, "StopNode is not closed.") - 2;
       else {
         const o = A0(e, n, ">");
         o && ((o && o.tagName) === t && o.tagExp[o.tagExp.length - 1] !== "/" && r++, n = o.closeIndex);
@@ -60297,7 +60300,7 @@ const wq = _q, bq = _E, vq = {
   // transformAttributeName: false,
   oneListGroup: !1
 };
-function Ar(e) {
+function kr(e) {
   this.options = Object.assign({}, vq, e), this.options.ignoreAttributes === !0 || this.options.attributesGroupName ? this.isAttribute = function() {
     return !1;
   } : (this.ignoreAttributesFn = bq(this.options.ignoreAttributes), this.attrPrefixLen = this.options.attributeNamePrefix.length, this.isAttribute = Sq), this.processTextOrObjNode = Aq, this.options.format ? (this.indentate = kq, this.tagEndChar = `>
@@ -60306,12 +60309,12 @@ function Ar(e) {
     return "";
   }, this.tagEndChar = ">", this.newLine = "");
 }
-Ar.prototype.build = function(e) {
+kr.prototype.build = function(e) {
   return this.options.preserveOrder ? wq(e, this.options) : (Array.isArray(e) && this.options.arrayNodeName && this.options.arrayNodeName.length > 1 && (e = {
     [this.options.arrayNodeName]: e
   }), this.j2x(e, 0, []).val);
 };
-Ar.prototype.j2x = function(e, t, n) {
+kr.prototype.j2x = function(e, t, n) {
   let i = "", r = "";
   const o = n.join(".");
   for (let s in e)
@@ -60360,14 +60363,14 @@ Ar.prototype.j2x = function(e, t, n) {
         r += this.processTextOrObjNode(e[s], s, t, n);
   return { attrStr: i, val: r };
 };
-Ar.prototype.buildAttrPairStr = function(e, t) {
+kr.prototype.buildAttrPairStr = function(e, t) {
   return t = this.options.attributeValueProcessor(e, "" + t), t = this.replaceEntitiesValue(t), this.options.suppressBooleanAttributes && t === "true" ? " " + e : " " + e + '="' + t + '"';
 };
 function Aq(e, t, n, i) {
   const r = this.j2x(e, n + 1, i.concat(t));
   return e[this.options.textNodeName] !== void 0 && Object.keys(e).length === 1 ? this.buildTextValNode(e[this.options.textNodeName], t, r.attrStr, n) : this.buildObjectNode(r.val, t, r.attrStr, n);
 }
-Ar.prototype.buildObjectNode = function(e, t, n, i) {
+kr.prototype.buildObjectNode = function(e, t, n, i) {
   if (e === "")
     return t[0] === "?" ? this.indentate(i) + "<" + t + n + "?" + this.tagEndChar : this.indentate(i) + "<" + t + n + this.closeTag(t) + this.tagEndChar;
   {
@@ -60375,11 +60378,11 @@ Ar.prototype.buildObjectNode = function(e, t, n, i) {
     return t[0] === "?" && (o = "?", r = ""), (n || n === "") && e.indexOf("<") === -1 ? this.indentate(i) + "<" + t + n + o + ">" + e + r : this.options.commentPropName !== !1 && t === this.options.commentPropName && o.length === 0 ? this.indentate(i) + `<!--${e}-->` + this.newLine : this.indentate(i) + "<" + t + n + o + this.tagEndChar + e + this.indentate(i) + r;
   }
 };
-Ar.prototype.closeTag = function(e) {
+kr.prototype.closeTag = function(e) {
   let t = "";
   return this.options.unpairedTags.indexOf(e) !== -1 ? this.options.suppressUnpairedNode || (t = "/") : this.options.suppressEmptyNode ? t = "/" : t = `></${e}`, t;
 };
-Ar.prototype.buildTextValNode = function(e, t, n, i) {
+kr.prototype.buildTextValNode = function(e, t, n, i) {
   if (this.options.cdataPropName !== !1 && t === this.options.cdataPropName)
     return this.indentate(i) + `<![CDATA[${e}]]>` + this.newLine;
   if (this.options.commentPropName !== !1 && t === this.options.commentPropName)
@@ -60391,7 +60394,7 @@ Ar.prototype.buildTextValNode = function(e, t, n, i) {
     return r = this.replaceEntitiesValue(r), r === "" ? this.indentate(i) + "<" + t + n + this.closeTag(t) + this.tagEndChar : this.indentate(i) + "<" + t + n + ">" + r + "</" + t + this.tagEndChar;
   }
 };
-Ar.prototype.replaceEntitiesValue = function(e) {
+kr.prototype.replaceEntitiesValue = function(e) {
   if (e && e.length > 0 && this.options.processEntities)
     for (let t = 0; t < this.options.entities.length; t++) {
       const n = this.options.entities[t];
@@ -60405,7 +60408,7 @@ function kq(e) {
 function Sq(e) {
   return e.startsWith(this.options.attributeNamePrefix) && e !== this.options.textNodeName ? e.substr(this.attrPrefixLen) : !1;
 }
-var xq = Ar;
+var xq = kr;
 const Eq = fq, Cq = xq;
 var AE = {
   XMLParser: Eq,
@@ -60673,7 +60676,7 @@ const jq = new he().openapi(
         message: "No signing key found"
       });
     const r = i.map(
-      (c) => new ro(c.cert).toString("base64")
+      (c) => new oo(c.cert).toString("base64")
     ), o = e.env.ISSUER, s = Pq({
       entityId: n.addons?.samlp?.audience || n.client_id,
       certificates: r,
@@ -60737,7 +60740,7 @@ const jq = new he().openapi(
           audience: s
         },
         expires_at: new Date(
-          Date.now() + oo * 1e3
+          Date.now() + lr * 1e3
         ).toISOString(),
         ip: e.get("ip"),
         useragent: e.get("useragent"),
@@ -61707,7 +61710,7 @@ function Bq(e) {
         const I = o("Passwords do not match.");
         return (l.req.header("Accept") || "").includes("application/json") ? l.json({ screen: I }) : c(l, I, "setup");
       }
-      const { connectionType: m, normalized: g, isValid: w } = wr(u), y = g || u, _ = m === "email" && w ? y : void 0, v = h || (n ? "Control Plane" : "My App"), k = n ? "control_plane" : r(v) || "my_app", b = new URL(l.req.url).origin, x = [
+      const { connectionType: m, normalized: g, isValid: w } = br(u), y = g || u, _ = m === "email" && w ? y : void 0, v = h || (n ? "Control Plane" : "My App"), k = n ? "control_plane" : r(v) || "my_app", b = new URL(l.req.url).origin, x = [
         `${b}/auth-callback`,
         `${b}/admin/auth-callback`,
         "https://manage.authhero.net/auth-callback",
@@ -63819,7 +63822,7 @@ export {
   dt as Layout,
   vC as LocationInfo,
   ie as LogTypes,
-  Pe as LoginSessionState,
+  $e as LoginSessionState,
   Y0e as MANAGEMENT_API_AUDIENCE,
   sd as MANAGEMENT_API_SCOPES,
   Ln as Message,
@@ -63871,14 +63874,14 @@ export {
   u5 as componentSchema,
   pm as connectionInsertSchema,
   k5 as connectionOptionsSchema,
-  Dr as connectionSchema,
+  Mr as connectionSchema,
   Oa as coordinatesSchema,
   Iy as createAuthMiddleware,
   _l as createInMemoryCache,
   Yme as createPassthroughAdapter,
   Zme as createWriteOnlyAdapter,
   UA as customDomainInsertSchema,
-  Pr as customDomainSchema,
+  jr as customDomainSchema,
   Tme as customDomainWithTenantIdSchema,
   Gme as customTextEntrySchema,
   ys as customTextSchema,
@@ -63933,7 +63936,7 @@ export {
   zC as organizationBrandingSchema,
   qC as organizationEnabledConnectionSchema,
   wm as organizationInsertSchema,
-  Mr as organizationSchema,
+  Lr as organizationSchema,
   HC as organizationTokenQuotaSchema,
   $C as pageBackgroundSchema,
   Qme as parseUserId,