Changeset 3405904

authress/assets/banner-1544x500.png

Property svn:mime-type changed from application/octet-stream to image/png

authress/assets/banner-772x250.png

Property svn:mime-type changed from application/octet-stream to image/png

authress/assets/icon-128x128.png

Property svn:mime-type changed from application/octet-stream to image/png

authress/assets/icon-256x256.png

Property svn:mime-type changed from application/octet-stream to image/png

authress/assets/icon.svg

Property svn:mime-type set to image/svg+xml

authress/assets/readme.txt

-                      r3264076
+                      r3405904
 Requires at least: 5.5
 Requires PHP: 8.2
 Tested up to: 6.6
 Stable tag: 0.2.100
+Tested up to: 6.9
+Stable tag: 0.2.107
 License: Apache-2.0
 License URI: https://github.com/Authress/wordpress-sso-login/blob/main/LICENSE

authress/assets/screenshot-1.png

Property svn:mime-type changed from application/octet-stream to image/png

authress/assets/screenshot-2.png

Property svn:mime-type changed from application/octet-stream to image/png

authress/assets/screenshot-3.png

Property svn:mime-type changed from application/octet-stream to image/png

authress/tags/0.2.107/Authress_Sso_Login.php

-                      r3264076
+                      r3405904
     Plugin URI:   https://wordpress.org/plugins/authress
     Description:  Upgrades the WordPress login to support SSO Login.
     Version:      0.2.100
+    Version:      0.2.107
     Author:       Authress
     Author URI:   https://authress.io
 …
 */
 define( 'AUTHRESS_SSO_LOGIN_VERSION', '0.2.100' );
+define( 'AUTHRESS_SSO_LOGIN_VERSION', '0.2.107' );
 define( 'AUTHRESS_SSO_LOGIN_PLUGIN_FILE', __FILE__ );

authress/tags/0.2.107/package-lock.json

-                      r3264076
+                      r3405904
     },
     "node_modules/@authress/login": {
       "version": "2.5.362",
       "resolved": "https://registry.npmjs.org/@authress/login/-/login-2.5.362.tgz",
       "integrity": "sha512-EzHTbZ46xAekxUMKhmUBsXiS/slJ7BrdazPqHkmMvqiTeUv6/LjZqx8VA+Ae3cAWoIS7kSKG6hmgCaNs4PjCJQ==",
+      "version": "2.5.394",
+      "resolved": "https://registry.npmjs.org/@authress/login/-/login-2.5.394.tgz",
+      "integrity": "sha512-wkpLBBw/8d/Fn6lOKvbqkxIpJ/j50onCCDc5RZZxNZlvL8ui9xuA6rDft+uHWEQTlsc+uAuwcCzBRRPI4d+Wwg==",
       "license": "Apache-2.0",
       "dependencies": {
 …
     },
     "node_modules/@authress/sdk": {
       "version": "3.0.172",
       "resolved": "https://registry.npmjs.org/@authress/sdk/-/sdk-3.0.172.tgz",
       "integrity": "sha512-GHE5SI8ANs5ZDytIIYkalX/AVaKsDoyFiHX1jN3YSdkOAxfRBixDYAbr1oG/1gXyyqwxvY6PszyrSI+Z7MJC9A==",
+      "version": "3.0.196",
+      "resolved": "https://registry.npmjs.org/@authress/sdk/-/sdk-3.0.196.tgz",
+      "integrity": "sha512-cq/U3NfN+VRE1sjwnNL9jEdh+uHYiANRPPmemtv05+88kLV/ur0OYDBymul/OadWs/axX4vaFd/nyB/jR61kfw==",
       "dev": true,
       "license": "Apache-2.0",
 …
     },
     "node_modules/axios": {
       "version": "1.8.4",
       "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.4.tgz",
       "integrity": "sha512-eBSYY4Y68NNlHbHBMdeDmKNtDgXWhQsJcGqzO3iLUM0GraQFSS9cVgPX5I9b3lbdFKyYoAEGAZF1DwhTaljNAw==",
+      "version": "1.13.2",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.2.tgz",
+      "integrity": "sha512-VPk9ebNqPcy5lRGuSlKx752IlDatOjT9paPlm8A7yOuW2Fbvp4X3JznJtT4f0GzGLLiWE9W8onz51SqLYwzGaA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "follow-redirects": "^1.15.6",
         "form-data": "^4.0.0",
+        "form-data": "^4.0.4",
         "proxy-from-env": "^1.1.0"
+      }
 …
     },
     "node_modules/brace-expansion": {
       "version": "1.1.11",
       "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
       "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
       "dev": true,
       "license": "MIT",
 …
     },
     "node_modules/follow-redirects": {
       "version": "1.15.9",
       "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.9.tgz",
       "integrity": "sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==",
+      "version": "1.15.11",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.11.tgz",
+      "integrity": "sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==",
       "dev": true,
       "funding": [
 …
     },
     "node_modules/form-data": {
       "version": "4.0.2",
       "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.2.tgz",
       "integrity": "sha512-hGfm/slu0ZabnNt4oaRZ6uREyfCj6P4fT/n6A1rGV+Z0VdGXjfOhVUpkn6qVQONHGIFwmveGXyDs75+nr6FM8w==",
+      "version": "4.0.5",
+      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.5.tgz",
+      "integrity": "sha512-8RipRLol37bNs2bhoV67fiTEvdTrbMUYcFTiy3+wuuOnUog2QBHCZWXDRijWQfAkhBj2Uf5UnVaiWwA5vdd82w==",
       "dev": true,
       "license": "MIT",
 …
         "combined-stream": "^1.0.8",
         "es-set-tostringtag": "^2.1.0",
+        "hasown": "^2.0.2",
         "mime-types": "^2.1.12"
       },
 …
     },
     "node_modules/morgan": {
       "version": "1.10.0",
       "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.0.tgz",
       "integrity": "sha512-AbegBVI4sh6El+1gNwvD5YIck7nSA36weD7xvIxG4in80j/UoK8AEGaWnnz8v1GxonMCltmlNs5ZKbGvl9b1XQ==",
+      "version": "1.10.1",
+      "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.1.tgz",
+      "integrity": "sha512-223dMRJtI/l25dJKWpgij2cMtywuG/WiUKXdvwfbhGKBhy1puASqXwFzmWZ7+K73vUPoR7SS2Qz2cI/g9MKw0A==",
       "dev": true,
       "license": "MIT",
 …
         "depd": "~2.0.0",
         "on-finished": "~2.3.0",
         "on-headers": "~1.0.2"
+        "on-headers": "~1.1.0"
       },
       "engines": {
 …
     },
     "node_modules/on-headers": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz",
       "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==",
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz",
+      "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==",
       "dev": true,
       "license": "MIT",

authress/tags/0.2.107/readme.txt

-                      r3264076
+                      r3405904
 Requires at least: 5.5
 Requires PHP: 8.2
 Tested up to: 6.6
 Stable tag: 0.2.100
+Tested up to: 6.9
+Stable tag: 0.2.107
 License: Apache-2.0
 License URI: https://github.com/Authress/wordpress-sso-login/blob/main/LICENSE

authress/tags/0.2.107/templates/assets/js/authress-login-sdk.min.js

r3264076	r3405904
1		/! Authress Login SDK 2.5.362 \| Author - Authress Developers \| License information can be found at https://github.com/Authress/login-sdk.js /
2		!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,n={75:(e,t,n)=>{const{sanitizeUrl:r}=n(332),o=n(629),i={"Content-Type":"application/json","X-Powered-By":`Authress Login SDK; Javascript; ${n(330).version}`},a=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","Load failed","<HTML DOCUMENT></HTML>"]);function s(e){return"Network Error"===e.message\|\|"ERR_NETWORK"===e.code\|\|!e.status\|\|e.status>=500\|\|"string"==typeof e.message&&a.has(e.message)\|\|"string"==typeof e.data&&a.has(e.data)}async function c(e){let t=null;for(let n=0;n<5;n++)try{return await e()}catch(e){if(e.retryCount=n,!s(e))throw e;t=e,t.isNetworkError=!0,await new Promise((e=>setTimeout(e,102n)));continue}const n=new Error("[Authress Login SDK] Http Request failed due to a Network Error even after multiple retries",{cause:t});throw n.code="AuthressSdkNetworkError",n}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const n=t\|\|{debug(){},warn(){},critical(){}};this.logger=n;const o=new URL(r(e));this.loginUrl=`${o.origin}/api`}get(e,t,n,r){return c((()=>this.fetchWrapper("GET",e,null,n,t,r)))}delete(e,t,n,r){return c((()=>this.fetchWrapper("DELETE",e,null,n,t,r)))}post(e,t,n,r,o){return c((()=>this.fetchWrapper("POST",e,n,r,t,o)))}put(e,t,n,r,o){return c((()=>this.fetchWrapper("PUT",e,n,r,t,o)))}patch(e,t,n,r,o){return c((()=>this.fetchWrapper("PATCH",e,n,r,t,o)))}async fetchWrapper(e,t,n,r,a,s){const c=`${this.loginUrl}${t.toString()}`,d=e.toUpperCase(),l=Object.assign({},i,r);try{this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] HttpClient Request",method:d,url:c});const e={method:d,headers:l};n&&(e.body=JSON.stringify(n)),!o.isLocalHost()&&a&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let r={};try{r=await t.text(),r=JSON.parse(r)}catch(e){}return{url:c,method:d,headers:t.headers,status:t.status,data:r}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const r=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(r){this.logger&&this.logger.debug&&this.logger.debug({title:`[Authress Login SDK] Fetch failed due to a browser extension - ${d} - ${c}`,method:d,url:c,data:n,headers:l,error:e,resolvedError:t,extensionErrorId:r});const o=new Error(`Extension Error ID: ${r}`);throw o.code="BROWSER_EXTENSION_ERROR",o}const o=e.status;let i="warn",a="[Authress Login SDK] HttpClient Response Error";e?401===o?(a="[Authress Login SDK] HttpClient Response Error due to invalid token",i="debug"):404===o?(a="[Authress Login SDK] HttpClient Response: Not Found",i="debug"):o<500&&s&&(i="debug"):a="[Authress Login SDK] HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[i]&&this.logger[i]({title:a,online:"undefined"==typeof navigator\|\|navigator.onLine,method:d,url:c,status:o,data:n,headers:l,error:e,resolvedError:t});throw{url:c,method:d,status:o,data:t,headers:e.headers}}}}},160:(e,t,n)=>{const r=n(427),o="AuthenticationCredentialsStorage";e.exports=new class{constructor(){this.retainUserCookie=!1}getUserCookie(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;return document.cookie.split(";").filter((e=>"user"===e.split("=")[0].trim())).map((e=>e.replace(/^user=/,""))).find((e=>e&&e.trim()))\|\|null}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const n=r.parse(document.cookie);localStorage.setItem(o,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!n.authorization})),this.retainUserCookie\|\|this.clearCookies("user")}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;let e={};try{e=r.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:n,jsCookies:r}=JSON.parse(localStorage.getItem(o)\|\|"{}");return t?n<Date.now()\|\|r&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(o)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies("user")}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window\|\|"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const n of t){if(!["user","authorization","auth-code","AuthUserId"].includes(n.split("=")[0])\|\|e&&n.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),r=[...Array(t.length-1)].map(((e,n)=>t.reverse().slice(0,n+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&r.push("localhost");for(const e of r){const t=e?`domain=${e};`:"",r=`${encodeURIComponent(n.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${r}/`;const o=location.pathname.split("/");for(;o.length>0;)document.cookie=r+o.join("/"),o.pop()}}}}},321:e=>{var t=1/0,n=17976931348623157e292,r=NaN,o="[object Symbol]",i=/^\s+\|\s+$/g,a=/^[-+]0x[0-9a-f]+$/i,s=/^0b[01]+$/i,c=/^0o[0-7]+$/i,d=parseInt,l=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t\|\|"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,n){var r=-1,o=e.length;t<0&&(t=-t>o?0:o+t),(n=n>o?o:n)<0&&(n+=o),o=t>n?0:n-t>>>0,t>>>=0;for(var i=Array(o);++r<o;)i[r]=e[r+t];return i}(e,0,(h=p\|\|void 0===h?1:(f=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e\|\|function(e){return!!e&&"object"==typeof e}(e)&&l.call(e)==o}(e))return r;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(i,"");var n=s.test(e);return n\|\|c.test(e)?d(e.slice(2),n?2:8):a.test(e)?r:+e}(e))===t\|\|e===-1/0?(e<0?-1:1)n:e==e?e:0:0===e?e:0}(h),g=f%1,f==f?g?f-g:f:0))<0?0:h):[];var f,g}},330:e=>{"use strict";e.exports=JSON.parse('{"name":"@authress/login","version":"2.5.362","description":"Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.","main":"./src/index.js","types":"./index.d.ts","files":["index.d.ts","src","dist"],"scripts":{"build":"node make.js build && NODE_ENV=production webpack --mode=production","lint":"eslint --ext .js,.ts src tests make.js index.d.ts","test":"check-dts index.d.ts && mocha tests/.test.js tests//.test.js -R spec"},"dependencies":{"cookie":"<1","lodash.take":"^4.1.1"},"devDependencies":{"@babel/core":"^7.17.5","@babel/preset-env":"^7.16.11","@types/node":"^14.14.35","@typescript-eslint/eslint-plugin":"^3.1.0","@typescript-eslint/parser":"^3.1.0","babel-loader":"^8.2.3","chai":"^4.2.0","check-dts":"^0.4.4","ci-build-tools":"^1.0.13","commander":"^4.0.1","compression-webpack-plugin":"^9.2.0","eslint":"^7.12.1","eslint-config-cimpress-atsquad":"^1.0.67","eslint-loader":"^4.0.2","eslint-plugin-mocha":"^7.0.1","eslint-plugin-node":"^11.1.0","eslint-plugin-promise":"^6.1.1","fs-extra":"^8.1.0","glob":"^7.1.6","mocha":"^11.1.0","path-browserify":"^1.0.1","sinon":"^7.5.0","sinon-chai":"^3.3.0","terser-webpack-plugin":"^5.3.1","typescript":"^3.9.5","webpack":"^5.69.1","webpack-cli":"^4.9.2"},"repository":{"type":"git","url":"git+https://github.com/Authress/authress-login.js"},"keywords":["authentication","authentication as a service","Login","Login Client","universal login","auth","federated login","secure login","application security","IDaaS","authentication","user authentication","user identity","Oauth2","Oauth2.1","Oauth3","platform","platform login","extension","Authress","Authress client","user security","DBSC","Device Bound Session Credentials"],"author":"Authress Developers <developers@authress.io> (https://authress.io)","license":"Apache-2.0","bugs":{"url":"https://github.com/Authress/authress-login.js/issues"},"homepage":"https://authress.io","engines":{"node":">=18"}}')},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")\|\|(t=`https://${t}`);const n=new URL(t),r=n.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return r&&(n.host=`${r[1]}.login.authress.io`,t=n.toString()),t.replace(/[/]+$/,"")}},354:(e,t,n)=>{const r=n(427),o=n(321),i=n(629),a=n(75),s=n(836),{sanitizeUrl:c}=n(332),d=n(160);let l,u=new Promise((e=>l=e)),h=null;const p="AuthenticationRequestNonce";const f=n(568);e.exports={LoginClient:class{constructor(e,t){const n=Object.assign({applicationId:"app_default"},e);this.logger=t\|\|console;const r=n.authressApiUrl\|\|n.authressLoginHostUrl\|\|n.authenticationServiceUrl\|\|"";if(!r)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');if(this.applicationId=n.applicationId,!this.applicationId\|\|this.applicationId.match(/^(sc_\|ext_)/)){const e=Error("You have incorrectly specified an Authress Service Client or Extension as the applicationId instead of a valid application. The applicationId is your application that your users will log into, usually hosted on your domain https://example.yourdomain.com. Users cannot log into a Service Client, but they can log in with one. Users can use a Service Client to log in, by setting the connection ID in the authenticate({ connectionId }) method to be the Authress Service Client.\n(1) If you are building an Custom Login Portal, then the application ID should correspond to this login portal.\n(2) If you are replacing or extending an Authress connection, then specify the Service Client as the connectionId and the end user application as the applicationId.\n(3) If you are building a platform or plugin marketplace, where users will log into third party extensions or apps, then distribute in your SDK a wrapper for the Authress Extension Client using: import { extensionClient } from '@authress/login' found within this SDK.\n(4) If you aren't sure what to do here to fix the problem, the fastest and usually correct solution is go to https://authress.io/app/#/settings?focus=applications create a new application, specify your site in the application url property and then update the value here.");throw e.code="InvalidApplication",e}this.hostUrl=c(r),this.httpClient=new a(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),d.retainUserCookie=e.retainUserCookie,n.skipBackgroundCredentialsCheck\|\|i.onLoad((async()=>{await this.userSessionExists(!0)}))}getMatchingDomainInfo(e){const t=new URL(e);if(i.isLocalHost())return!1;const n=i.getCurrentLocation();if("https:"!==n.protocol)return!1;const r=t.host.toLowerCase().split(".").reverse(),a=n.host.toLowerCase().split(".").reverse();let s=[];for(let e of r){const t=o(a,s.length+1).join(".");if(s.concat(e).join(".")!==t)break;s.push(e)}return s.length===r.length&&s.length===a.length\|\|s.length>1}getUserIdentity(){const e=d.getUserCookie(),t=s.decodeOrParse(e);if(t){const n=t.exp?new Date(1e3t.exp):new Date(Date.now()+864e5);return d.set(e,n),t.userId=t.sub,t}const n=d.get(),r=s.decodeOrParse(n);if(!r)return null;const o=new URL(r.iss).hostname,i=new URL(this.hostUrl).hostname;return o.endsWith(i)\|\|i.endsWith(o)?(r.userId=r.sub,r):(d.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage\|\|"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl\|\|i.getCurrentLocation().href),i.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:"",type:"",totp:{}}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}if(!e){const e=Error("Register Device missing required parameter: 'Options'");throw e.code="InvalidInput",e}let n;if(e.type&&"WebAuthN"!==e.type)"TOTP"===e.type&&(n={name:e.name,code:e.totp.verificationCode,totpData:e.totp,type:"TOTP"});else{const r=t.sub,o={challenge:Uint8Array.from(r,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(r,(e=>e.charCodeAt(0))),name:r,displayName:`Generated User ID: ${r}`},pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},i=await navigator.credentials.create({publicKey:o}),a={authenticatorAttachment:i.authenticatorAttachment,credentialId:i.id,type:i.type,userId:r,attestation:btoa(String.fromCharCode(...new Uint8Array(i.response.attestationObject))),client:btoa(String.fromCharCode(...new Uint8Array(i.response.clientDataJSON)))};n={name:e&&e.name,code:a,type:"WebAuthN"}}try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,n,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to register new device",error:e,request:n}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e){return h?Date.now()-this.lastSessionCheck<50?h:(this.lastSessionCheck=Date.now(),h=h.catch((()=>{})).then((()=>this.userSessionContinuation(e)))):(this.lastSessionCheck=Date.now(),h=this.userSessionContinuation(e))}async userSessionContinuation(e){const t=new URLSearchParams(i.getCurrentLocation().search);let n={};if("undefined"!=typeof localStorage)try{n=JSON.parse(localStorage.getItem(p)\|\|"{}"),localStorage.removeItem(p),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if((n.nonce\|\|t.get("iss")&&t.get("iss").includes(this.hostUrl))&&this.sanitizeQueryParameters(),n.nonce&&t.get("code")&&n.nonce===t.get("nonce")){const e="cookie"===t.get("code")?r.parse(document.cookie)["auth-code"]:t.get("code"),o=await s.calculateAntiAbuseHash({client_id:this.applicationId,authenticationRequestId:n.nonce,code:e}),i={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.applicationId,code:e,code_verifier:n.codeVerifier,antiAbuseHash:o};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,i),t=s.decode(e.data.id_token),o=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);return document.cookie=r.serialize("authorization",e.data.access_token\|\|"",{expires:o,path:"/",sameSite:"strict"}),d.set(e.data.id_token,o),l(),!0}catch(e){if(this.logger&&this.logger.log({title:"[Authress Login SDK] Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data\|\|e}}if(i.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(!n.nonce\|\|n.nonce===t.get("nonce"))){const e=s.decode(t.get("id_token")),n=e.exp&&new Date(1e3e.exp)\|\|Number(t.get("expires_in"))&&new Date(Date.now()+1e3Number(t.get("expires_in")));return document.cookie=r.serialize("authorization",t.get("access_token")\|\|"",{expires:n,path:"/",sameSite:"strict"}),d.set(t.get("id_token"),n),l(),!0}if(this.getUserIdentity())return l(),!0;if(!i.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=s.decode(e.data.id_token),n=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);document.cookie=r.serialize("authorization",e.data.access_token\|\|"",{expires:n,path:"/",sameSite:"strict"}),d.set(e.data.id_token,n)}}catch(e){400===e.status\|\|404===e.status\|\|409===e.status?this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return l(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:r}){if(!t&&!n){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const o=new URLSearchParams(i.getCurrentLocation().search),a=e\|\|o.get("state");if(!a){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=await s.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,authenticationRequestId:a}),o=await this.httpClient.patch(`/authentication/${a}`,!0,{antiAbuseHash:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:r});if(new URL(o.data.authenticationUrl).hostname===i.getCurrentLocation().hostname)return{authenticationUrl:o.data.authenticationUrl};i.assign(o.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const n=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,n)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:n,connectionProperties:r}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let o;try{o=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:a}=await s.getAuthCodes(),c=await s.calculateAntiAbuseHash({connectionId:e,tenantLookupIdentifier:t,applicationId:this.applicationId});try{const s=n&&new URL(n).toString()\|\|i.getCurrentLocation().href,d=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${o}`},l=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:c,linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:a,connectionId:e,tenantLookupIdentifier:t,connectionProperties:r,applicationId:this.applicationId},d);i.assign(l.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:n,inviteId:r,redirectUrl:o,force:a,responseLocation:c,flowType:l,connectionProperties:u,openType:h,multiAccount:f,clearUserDataBeforeLogin:g}=e\|\|{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!r&&!a&&!f&&await this.userSessionExists()){const n=await this.ensureToken(),r=s.decode(n);if(t&&r&&r.azp&&t!==r.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:r});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:m,codeChallenge:w}=await s.getAuthCodes(),y=await s.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,inviteId:r,applicationId:this.applicationId});try{const e=o&&new URL(o).toString()\|\|i.getCurrentLocation().href;!1!==g&&d.clear();const a=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:y,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:w,connectionId:t,tenantLookupIdentifier:n,inviteId:r,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:l,multiAccount:f});if(localStorage.setItem(p,JSON.stringify({nonce:a.data.authenticationRequestId,codeVerifier:m,lastConnectionId:t,tenantLookupIdentifier:n,redirectUrl:e,enableCredentials:a.data.enableCredentials,multiAccount:f})),new URL(a.data.authenticationUrl).hostname===i.getCurrentLocation().hostname)return{authenticationUrl:a.data.authenticationUrl};if("tab"===h){const e=i.open(a.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed\|\|i.assign(a.data.authenticationUrl)}else i.assign(a.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async ensureToken(e){if(e&&0===e.timeoutInMillis){const e=this.getUserIdentity(),t=r.parse(document.cookie);if(e)return"undefined"!==t.authorization&&t.authorization;const n=Error("No token retrieved after timeout");throw n.code="TokenTimeout",n}await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e\|\|{}),n=this.waitForUserSession(),o=-1===t.timeoutInMillis\|\|t.timeoutInMillis>231-1?231-1:t.timeoutInMillis,i=new Promise(((e,t)=>setTimeout(t,o\|\|0)));try{await Promise.race([n,i])}catch(e){const t=Error("No token retrieved after timeout");throw t.code="TokenTimeout",t}const a=r.parse(document.cookie);return"undefined"!==a.authorization&&a.authorization}async logout(e){let t;if(e)try{new URL(e),t=e}catch(n){try{t=new URL(e,i.getCurrentLocation().href).toString()}catch(t){const n=Error(`The logout redirect url is not valid URL: ${e}`);throw n.code="InvalidRedirectUrl",n}}if(d.clear(),this.sanitizeQueryParameters(),u=new Promise((e=>l=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),this.lastSessionCheck=0,void(e&&e!==i.getCurrentLocation().href&&i.assign(e))}catch(e){}const n=new URL("/logout",this.hostUrl);n.searchParams.set("redirect_uri",t\|\|i.getCurrentLocation().href),n.searchParams.set("client_id",this.applicationId),i.assign(n.toString()),this.lastSessionCheck=0,await new Promise((e=>setTimeout(e,500)))}sanitizeQueryParameters(){const e=new URL(i.getCurrentLocation());e.searchParams.delete("iss"),e.searchParams.delete("nonce"),e.searchParams.delete("code"),e.searchParams.delete("expires_in"),e.searchParams.delete("access_token"),e.searchParams.delete("id_token"),history.replaceState({},void 0,e.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var n={},o=e.length;if(o<2)return n;var i=t&&t.decode\|\|l,a=0,s=0,h=0;do{if(-1===(s=e.indexOf("=",a)))break;if(-1===(h=e.indexOf(";",a)))h=o;else if(s>h){a=e.lastIndexOf(";",s-1)+1;continue}var p=c(e,a,s),f=d(e,s,p),g=e.slice(p,f);if(!r.call(n,g)){var m=c(e,s+1,h),w=d(e,h,m);34===e.charCodeAt(m)&&34===e.charCodeAt(w-1)&&(m++,w--);var y=e.slice(m,w);n[g]=u(y,i)}a=h+1}while(a<o);return n},t.serialize=function(e,t,r){var c=r&&r.encode\|\|encodeURIComponent;if("function"!=typeof c)throw new TypeError("option encode is invalid");if(!o.test(e))throw new TypeError("argument name is invalid");var d=c(t);if(!i.test(d))throw new TypeError("argument val is invalid");var l=e+"="+d;if(!r)return l;if(null!=r.maxAge){var u=Math.floor(r.maxAge);if(!isFinite(u))throw new TypeError("option maxAge is invalid");l+="; Max-Age="+u}if(r.domain){if(!a.test(r.domain))throw new TypeError("option domain is invalid");l+="; Domain="+r.domain}if(r.path){if(!s.test(r.path))throw new TypeError("option path is invalid");l+="; Path="+r.path}if(r.expires){var h=r.expires;if(!function(e){return"[object Date]"===n.call(e)}(h)\|\|isNaN(h.valueOf()))throw new TypeError("option expires is invalid");l+="; Expires="+h.toUTCString()}r.httpOnly&&(l+="; HttpOnly");r.secure&&(l+="; Secure");r.partitioned&&(l+="; Partitioned");if(r.priority){switch("string"==typeof r.priority?r.priority.toLowerCase():r.priority){case"low":l+="; Priority=Low";break;case"medium":l+="; Priority=Medium";break;case"high":l+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(r.sameSite){switch("string"==typeof r.sameSite?r.sameSite.toLowerCase():r.sameSite){case!0:l+="; SameSite=Strict";break;case"lax":l+="; SameSite=Lax";break;case"strict":l+="; SameSite=Strict";break;case"none":l+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return l};var n=Object.prototype.toString,r=Object.prototype.hasOwnProperty,o=/^[!#$%&'+\-.^_`\|~0-9A-Za-z]+$/,i=/^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]\1$/,a=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)$/i,s=/^[\u0020-\u003A\u003D-\u007E]$/;function c(e,t,n){do{var r=e.charCodeAt(t);if(32!==r&&9!==r)return t}while(++t<n);return n}function d(e,t,n){for(;t>n;){var r=e.charCodeAt(--t);if(32!==r&&9!==r)return t+1}return n}function l(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function u(e,t){try{return t(e)}catch(t){return e}}},568:(e,t,n)=>{const r=n(836),{sanitizeUrl:o}=n(332),i=n(629),a="ExtensionRequestNonce";let s=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=o(e),this.accessToken=null,i.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await r.decode(this.accessToken);return e?1e3e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(s)return s=s.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),s=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code\|\|new URLSearchParams(i.getCurrentLocation().search).get("code");if(!t){if(!e\|\|!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const n=new URL(this.authressCustomDomain);n.pathname="/api/authentication/oauth/tokens";const{codeVerifier:r,redirectUrl:o}=JSON.parse(localStorage.getItem(a)\|\|"{}"),s=await fetch(n.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:r,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:o})}),c=await s.json();this.accessToken=c.access_token;const d=new URL(i.getCurrentLocation());return d.searchParams.delete("code"),d.searchParams.delete("iss"),d.searchParams.delete("nonce"),d.searchParams.delete("expires_in"),d.searchParams.delete("access_token"),d.searchParams.delete("id_token"),history.replaceState({},void 0,d.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const n=await this.requestToken({silent:!0});if(n)return n;const o=new URL(this.authressCustomDomain),{codeVerifier:s,codeChallenge:c}=r.getAuthCodes(),d=e\|\|i.getCurrentLocation().href;return localStorage.setItem(a,JSON.stringify({codeVerifier:s,redirectUrl:d})),o.searchParams.set("client_id",this.extensionId),o.searchParams.set("code_challenge",c),o.searchParams.set("code_challenge_method","S256"),o.searchParams.set("redirect_uri",d),i.assign(o.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname\|\|"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)\|\|new URL("http://localhost:8080")}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},836:(e,t,n)=>{const r=n(878);e.exports=new class{decode(e){if(!e)return null;try{const t=JSON.parse(r.decode(e.split(".")[1]));return t.exp&&(t.exp=t.exp-10),t}catch(e){return null}}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;try{const t=JSON.parse(r.decode(e.split(".")[0])),n=JSON.parse(r.decode(e.split(".")[1]));return n.exp&&(n.exp=n.exp-10),{header:t,payload:n}}catch(e){return null}}async getAuthCodes(){const e=r.encode((window.crypto\|\|window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:r.encode(t)}}async calculateAntiAbuseHash(e){const t=Date.now(),n=Object.values(e).filter((e=>e)).join("\|");let o=0,i=null;for(;++o&&(i=r.encode(await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(`${t};${o};${n}`))),!i.match(/^00/)););return`v2;${t};${o};${i}`}}},878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function n(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),n).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}}},r={};function o(e){var t=r[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var i=r[e]={exports:{}};try{var a={id:e,module:i,factory:n[e],require:o};o.i.forEach((function(e){e(a)})),i=a.module,a.factory.call(i.exports,i,i.exports,a.require)}catch(e){throw i.error=e,e}return i.exports}return o.m=n,o.c=r,o.i=[],o.hu=e=>e+"."+o.h()+".hot-update.js",o.hmrF=()=>"main."+o.h()+".hot-update.json",o.h=()=>"3727d279383e9571121c",o.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",o.l=(n,r,i,a)=>{if(e[n])e[n].push(r);else{var s,c;if(void 0!==i)for(var d=document.getElementsByTagName("script"),l=0;l<d.length;l++){var u=d[l];if(u.getAttribute("src")==n\|\|u.getAttribute("data-webpack")==t+i){s=u;break}}s\|\|(c=!0,(s=document.createElement("script")).charset="utf-8",s.timeout=120,o.nc&&s.setAttribute("nonce",o.nc),s.setAttribute("data-webpack",t+i),s.src=n),e[n]=[r];var h=(t,r)=>{s.onerror=s.onload=null,clearTimeout(p);var o=e[n];if(delete e[n],s.parentNode&&s.parentNode.removeChild(s),o&&o.forEach((e=>e(r))),t)return t(r)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},(()=>{var e,t,n,r={},i=o.c,a=[],s=[],c="idle",d=0,l=[];function u(e){c=e;for(var t=[],n=0;n<s.length;n++)t[n]=s[n].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--d&&u("ready").then((function(){if(0===d){var e=l;l=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(o.hmrM).then((function(n){return n?u("prepare").then((function(){var r=[];return t=[],Promise.all(Object.keys(o.hmrC).reduce((function(e,i){return o.hmrC[i](n.c,n.r,n.m,e,t,r),e}),[])).then((function(){return t=function(){return e?g(e):u("ready").then((function(){return r}))},0===d?t():new Promise((function(e){l.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function f(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):g(e)}function g(e){e=e\|\|{},m();var r=t.map((function(t){return t(e)}));t=void 0;var o=r.map((function(e){return e.error})).filter(Boolean);if(o.length>0)return u("abort").then((function(){throw o[0]}));var i=u("dispose");r.forEach((function(e){e.dispose&&e.dispose()}));var a,s=u("apply"),c=function(e){a\|\|(a=e)},d=[];return r.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var n=0;n<t.length;n++)d.push(t[n])}})),Promise.all([i,s]).then((function(){return a?u("fail").then((function(){throw a})):n?g(e).then((function(e){return d.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return d}))}))}function m(){if(n)return t\|\|(t=[]),Object.keys(o.hmrI).forEach((function(e){n.forEach((function(n){o.hmrI[e](n,t)}))})),n=void 0,!0}o.hmrD=r,o.i.push((function(l){var g,m,w,y,v=l.module,k=function(t,n){var r=i[n];if(!r)return t;var o=function(o){if(r.hot.active){if(i[o]){var s=i[o].parents;-1===s.indexOf(n)&&s.push(n)}else a=[n],e=o;-1===r.children.indexOf(o)&&r.children.push(o)}else console.warn("[HMR] unexpected require("+o+") from disposed module "+n),a=[];return t(o)},s=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(n){t[e]=n}}};for(var l in t)Object.prototype.hasOwnProperty.call(t,l)&&"e"!==l&&Object.defineProperty(o,l,s(l));return o.e=function(e,n){return function(e){switch(c){case"ready":u("prepare");case"prepare":return d++,e.then(h,h),e;default:return e}}(t.e(e,n))},o}(l.require,l.id);v.hot=(g=l.id,m=v,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==g,_requireSelf:function(){a=m.parents.slice(),e=w?void 0:g,o(g)},active:!0,accept:function(e,t,n){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var r=0;r<e.length;r++)y._acceptedDependencies[e[r]]=t\|\|function(){},y._acceptedErrorHandlers[e[r]]=n;else y._acceptedDependencies[e]=t\|\|function(){},y._acceptedErrorHandlers[e]=n},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)})),u("ready");break;case"ready":Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)}));break;case"prepare":case"check":case"dispose":case"apply":(n=n\|\|[]).push(g)}},check:p,apply:f,status:function(e){if(!e)return c;s.push(e)},addStatusHandler:function(e){s.push(e)},removeStatusHandler:function(e){var t=s.indexOf(e);t>=0&&s.splice(t,1)},data:r[g]},e=void 0,y),v.parents=a,v.children=[],a=[],l.require=k})),o.hmrC={},o.hmrI={}})(),o.p="",(()=>{var e,t,n,r,i,a=o.hmrS_jsonp=o.hmrS_jsonp\|\|{792:0},s={};function c(t,n){return e=n,new Promise(((e,n)=>{s[t]=e;var r=o.p+o.hu(t),i=new Error;o.l(r,(e=>{if(s[t]){s[t]=void 0;var r=e&&("load"===e.type?"missing":e.type),o=e&&e.target&&e.target.src;i.message="Loading hot update chunk "+t+" failed.\n("+r+": "+o+")",i.name="ChunkLoadError",i.type=r,i.request=o,n(i)}}))}))}function d(e){function s(e){for(var t=[e],n={},r=t.map((function(e){return{chain:[e],id:e}}));r.length>0;){var i=r.pop(),a=i.id,s=i.chain,d=o.c[a];if(d&&(!d.hot._selfAccepted\|\|d.hot._selfInvalidated)){if(d.hot._selfDeclined)return{type:"self-declined",chain:s,moduleId:a};if(d.hot._main)return{type:"unaccepted",chain:s,moduleId:a};for(var l=0;l<d.parents.length;l++){var u=d.parents[l],h=o.c[u];if(h){if(h.hot._declinedDependencies[a])return{type:"declined",chain:s.concat([u]),moduleId:a,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[a]?(n[u]\|\|(n[u]=[]),c(n[u],[a])):(delete n[u],t.push(u),r.push({chain:s.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:n}}function c(e,t){for(var n=0;n<t.length;n++){var r=t[n];-1===e.indexOf(r)&&e.push(r)}}o.f&&delete o.f.jsonpHmr,t=void 0;var d={},l=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in n)if(o.o(n,p)){var f=n[p],g=f?s(p):{type:"disposed",moduleId:p},m=!1,w=!1,y=!1,v="";switch(g.chain&&(v="\nUpdate propagation: "+g.chain.join(" -> ")),g.type){case"self-declined":e.onDeclined&&e.onDeclined(g),e.ignoreDeclined\|\|(m=new Error("Aborted because of self decline: "+g.moduleId+v));break;case"declined":e.onDeclined&&e.onDeclined(g),e.ignoreDeclined\|\|(m=new Error("Aborted because of declined dependency: "+g.moduleId+" in "+g.parentId+v));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(g),e.ignoreUnaccepted\|\|(m=new Error("Aborted because "+p+" is not accepted"+v));break;case"accepted":e.onAccepted&&e.onAccepted(g),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(g),y=!0;break;default:throw new Error("Unexception type "+g.type)}if(m)return{error:m};if(w)for(p in u[p]=f,c(l,g.outdatedModules),g.outdatedDependencies)o.o(g.outdatedDependencies,p)&&(d[p]\|\|(d[p]=[]),c(d[p],g.outdatedDependencies[p]));y&&(c(l,[g.moduleId]),u[p]=h)}n=void 0;for(var k,C=[],b=0;b<l.length;b++){var I=l[b],S=o.c[I];S&&(S.hot._selfAccepted\|\|S.hot._main)&&u[I]!==h&&!S.hot._selfInvalidated&&C.push({module:I,require:S.hot._requireSelf,errorHandler:S.hot._selfAccepted})}return{dispose:function(){var e;r.forEach((function(e){delete a[e]})),r=void 0;for(var t,n=l.slice();n.length>0;){var i=n.pop(),s=o.c[i];if(s){var c={},u=s.hot._disposeHandlers;for(b=0;b<u.length;b++)u[b].call(null,c);for(o.hmrD[i]=c,s.hot.active=!1,delete o.c[i],delete d[i],b=0;b<s.children.length;b++){var h=o.c[s.children[b]];h&&((e=h.parents.indexOf(i))>=0&&h.parents.splice(e,1))}}}for(var p in d)if(o.o(d,p)&&(s=o.c[p]))for(k=d[p],b=0;b<k.length;b++)t=k[b],(e=s.children.indexOf(t))>=0&&s.children.splice(e,1)},apply:function(t){for(var n in u)o.o(u,n)&&(o.m[n]=u[n]);for(var r=0;r<i.length;r++)i[r](o);for(var a in d)if(o.o(d,a)){var s=o.c[a];if(s){k=d[a];for(var c=[],h=[],p=[],f=0;f<k.length;f++){var g=k[f],m=s.hot._acceptedDependencies[g],w=s.hot._acceptedErrorHandlers[g];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(g)}}for(var y=0;y<c.length;y++)try{c[y].call(null,k)}catch(n){if("function"==typeof h[y])try{h[y](n,{moduleId:a,dependencyId:p[y]})}catch(r){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:a,dependencyId:p[y],error:r,originalError:n}),e.ignoreErrored\|\|(t(r),t(n))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:a,dependencyId:p[y],error:n}),e.ignoreErrored\|\|t(n)}}}for(var v=0;v<C.length;v++){var b=C[v],I=b.module;try{b.require(I)}catch(n){if("function"==typeof b.errorHandler)try{b.errorHandler(n,{moduleId:I,module:o.c[I]})}catch(r){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:r,originalError:n}),e.ignoreErrored\|\|(t(r),t(n))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:n}),e.ignoreErrored\|\|t(n)}}return l}}}this.webpackHotUpdateauthress=(t,r,a)=>{for(var c in r)o.o(r,c)&&(n[c]=r[c],e&&e.push(c));a&&i.push(a),s[t]&&(s[t](),s[t]=void 0)},o.hmrI.jsonp=function(e,t){n\|\|(n={},i=[],r=[],t.push(d)),o.o(n,e)\|\|(n[e]=o.m[e])},o.hmrC.jsonp=function(e,s,l,u,h,p){h.push(d),t={},r=s,n=l.reduce((function(e,t){return e[t]=!1,e}),{}),i=[],e.forEach((function(e){o.o(a,e)&&void 0!==a[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),o.f&&(o.f.jsonpHmr=function(e,n){t&&o.o(t,e)&&!t[e]&&(n.push(c(e)),t[e]=!0)})},o.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(o.p+o.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),o(354)})()));
	1	/! Authress Login SDK 2.5.394 \| Author - Authress Developers \| License information can be found at https://github.com/Authress/login-sdk.js /
	2	!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,n={75:(e,t,n)=>{const{sanitizeUrl:o}=n(332),i=n(629),r={"Content-Type":"application/json","X-Powered-By":`Authress Login SDK; Javascript; ${n(330).version}`},s=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","Load failed","<HTML DOCUMENT></HTML>"]);function a(e){return"Network Error"===e.message\|\|"ERR_NETWORK"===e.code\|\|!e.status\|\|e.status>=500\|\|"string"==typeof e.message&&s.has(e.message)\|\|"string"==typeof e.data&&s.has(e.data)}async function c(e){let t=null;for(let n=0;n<5;n++)try{return await e()}catch(e){if(e.retryCount=n,!a(e))throw e;t=e,t.isNetworkError=!0,await new Promise((e=>setTimeout(e,102n)));continue}const n=new Error("[Authress Login SDK] Http Request failed due to a Network Error even after multiple retries",{cause:t});throw n.code="AuthressSdkNetworkError",n}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const n=t\|\|{debug(){},warn(){},critical(){}};this.logger=n;const i=new URL(o(e));this.loginUrl=`${i.origin}/api`}get(e,t,n,o){return c((()=>this.fetchWrapper("GET",e,null,n,t,o)))}delete(e,t,n,o){return c((()=>this.fetchWrapper("DELETE",e,null,n,t,o)))}post(e,t,n,o,i){return c((()=>this.fetchWrapper("POST",e,n,o,t,i)))}put(e,t,n,o,i){return c((()=>this.fetchWrapper("PUT",e,n,o,t,i)))}patch(e,t,n,o,i){return c((()=>this.fetchWrapper("PATCH",e,n,o,t,i)))}async fetchWrapper(e,t,n,o,s,a){const c=`${this.loginUrl}${t.toString()}`,l=e.toUpperCase(),d=Object.assign({},r,o);try{this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] HttpClient Request",method:l,url:c});const e={method:l,headers:d};n&&(e.body=JSON.stringify(n)),!i.isLocalHost()&&s&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let o={};try{o=await t.text(),o=JSON.parse(o)}catch(e){}return{url:c,method:l,headers:t.headers,status:t.status,data:o}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const o=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(o){this.logger&&this.logger.debug&&this.logger.debug({title:`[Authress Login SDK] Fetch failed due to a browser extension - ${l} - ${c}`,method:l,url:c,data:n,headers:d,error:e,resolvedError:t,extensionErrorId:o});const i=new Error(`Extension Error ID: ${o}`);throw i.code="BROWSER_EXTENSION_ERROR",i}const i=e.status;let r="warn",s="[Authress Login SDK] HttpClient Response Error";e?401===i?(s="[Authress Login SDK] HttpClient Response Error due to invalid token",r="debug"):404===i?(s="[Authress Login SDK] HttpClient Response: Not Found",r="debug"):i<500&&a&&(r="debug"):s="[Authress Login SDK] HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[r]&&this.logger[r]({title:s,online:"undefined"==typeof navigator\|\|navigator.onLine,method:l,url:c,status:i,data:n,headers:d,error:e,resolvedError:t});throw{url:c,method:l,status:i,data:t,headers:e.headers}}}}},160:(e,t,n)=>{const o=n(427),i=n(629),r="AuthenticationCredentialsStorage",s={user:"user",authorization:"authorization",authCode:"auth-code",authUserId:"AuthUserId"};e.exports=new class{constructor(){this.retainUserCookie=!1}getUserCookie(){const e=i.getDocument();if(!e)return null;return e.cookie.split(";").filter((e=>e.split("=")[0].trim()===s.user)).map((e=>e.trim().replace(/^user=/,""))).find((e=>e&&e.trim()))\|\|null}getAuthorizationTokens(){if("undefined"==typeof window\|\|"undefined"==typeof document)return[];return document.cookie.split(";").filter((e=>e.split("=")[0].trim()===s.authorization)).map((e=>e.trim().replace(/^authorization=/,""))).filter((e=>e&&e.trim()))}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const n=o.parse(document.cookie);localStorage.setItem(r,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!n.authorization})),this.retainUserCookie\|\|this.clearCookies(s.user)}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;let e={};try{e=o.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:n,jsCookies:o}=JSON.parse(localStorage.getItem(r)\|\|"{}");return t?n<Date.now()\|\|o&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(r)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies(s.user)}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window\|\|"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const n of t){if(!Object.values(s).includes(n.split("=")[0])\|\|e&&n.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),o=[...Array(t.length-1)].map(((e,n)=>t.reverse().slice(0,n+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&o.push("localhost");for(const e of o){const t=e?`domain=${e};`:"",o=`${encodeURIComponent(n.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${o}/`;const i=location.pathname.split("/");for(;i.length>0;)document.cookie=o+i.join("/"),i.pop()}}}}},321:e=>{var t=1/0,n=17976931348623157e292,o=NaN,i="[object Symbol]",r=/^\s+\|\s+$/g,s=/^[-+]0x[0-9a-f]+$/i,a=/^0b[01]+$/i,c=/^0o[0-7]+$/i,l=parseInt,d=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t\|\|"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,n){var o=-1,i=e.length;t<0&&(t=-t>i?0:i+t),(n=n>i?i:n)<0&&(n+=i),i=t>n?0:n-t>>>0,t>>>=0;for(var r=Array(i);++o<i;)r[o]=e[o+t];return r}(e,0,(h=p\|\|void 0===h?1:(g=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e\|\|function(e){return!!e&&"object"==typeof e}(e)&&d.call(e)==i}(e))return o;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(r,"");var n=a.test(e);return n\|\|c.test(e)?l(e.slice(2),n?2:8):s.test(e)?o:+e}(e))===t\|\|e===-1/0?(e<0?-1:1)n:e==e?e:0:0===e?e:0}(h),f=g%1,g==g?f?g-f:g:0))<0?0:h):[];var g,f}},330:e=>{"use strict";e.exports=JSON.parse('{"name":"@authress/login","version":"2.5.394","description":"Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.","main":"./src/index.js","types":"./index.d.ts","files":["index.d.ts","src","dist"],"scripts":{"build":"node make.js build && NODE_ENV=production webpack --mode=production","lint":"eslint --ext .js,.ts src tests make.js index.d.ts","test":"check-dts index.d.ts && mocha tests/.test.js tests//.test.js -R spec"},"dependencies":{"cookie":"<1","lodash.take":"^4.1.1"},"devDependencies":{"@babel/core":"^7.17.5","@babel/preset-env":"^7.16.11","@types/node":"^14.14.35","@typescript-eslint/eslint-plugin":"^3.1.0","@typescript-eslint/parser":"^3.1.0","babel-loader":"^8.2.3","chai":"^4.2.0","check-dts":"^0.4.4","ci-build-tools":"^1.0.13","commander":"^4.0.1","compression-webpack-plugin":"^9.2.0","eslint":"^7.12.1","eslint-config-cimpress-atsquad":"^1.0.67","eslint-loader":"^4.0.2","eslint-plugin-mocha":"^7.0.1","eslint-plugin-node":"^11.1.0","eslint-plugin-promise":"^6.1.1","fs-extra":"^8.1.0","glob":"^7.1.6","mocha":"^11.1.0","path-browserify":"^1.0.1","sinon":"^7.5.0","sinon-chai":"^3.3.0","terser-webpack-plugin":"^5.3.1","typescript":"^3.9.5","webpack":"^5.69.1","webpack-cli":"^4.9.2"},"repository":{"type":"git","url":"git+https://github.com/Authress/authress-login.js"},"keywords":["authentication","authentication as a service","Login","Login Client","universal login","auth","federated login","secure login","application security","IDaaS","authentication","user authentication","user identity","Oauth2","Oauth2.1","Oauth3","platform","platform login","extension","Authress","Authress client","user security","DBSC","Device Bound Session Credentials"],"author":"Authress Developers <developers@authress.io> (https://authress.io)","license":"Apache-2.0","bugs":{"url":"https://github.com/Authress/authress-login.js/issues"},"homepage":"https://authress.io","engines":{"node":">=18"}}')},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")\|\|(t=`https://${t}`);const n=new URL(t),o=n.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return o&&(n.host=`${o[1]}.login.authress.io`,t=n.toString()),t.replace(/[/]+$/,"")}},354:(e,t,n)=>{const o=n(427),i=n(321),r=n(629),s=n(75),a=n(836),{sanitizeUrl:c}=n(332),l=n(160);let d,u=new Promise((e=>d=e)),h=Promise.resolve(),p=!1;const g="AuthenticationRequestNonce";const f=n(568);e.exports={LoginClient:class{constructor(e,t){var n;const o=Object.assign({applicationId:"app_default"},e);this.logger=t\|\|console;const i=o.authressApiUrl\|\|o.authressLoginHostUrl\|\|o.authenticationServiceUrl\|\|"";if(!i)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');if(this.applicationId=null===(n=o.applicationId)\|\|void 0===n?void 0:n.trim(),!this.applicationId){const e=Error("Application ID is required.");throw e.code="InvalidApplication",e}if(this.applicationId.match(/^(sc_\|ext_)/)){const e=Error("You have incorrectly specified an Authress Service Client or Extension as the applicationId instead of a valid application. The applicationId is your application that your users will log into, usually hosted on your domain https://example.yourdomain.com. Users cannot log into a Service Client, but they can log in with one. Users can use a Service Client to log in, by setting the connection ID in the authenticate({ connectionId }) method to be the Authress Service Client.\n(1) If you are building an Custom Login Portal, then the application ID should correspond to this login portal.\n(2) If you are replacing or extending an Authress connection, then specify the Service Client as the connectionId and the end user application as the applicationId.\n(3) If you are building a platform or plugin marketplace, where users will log into third party extensions or apps, then distribute in your SDK a wrapper for the Authress Extension Client using: import { extensionClient } from '@authress/login' found within this SDK.\n(4) If you aren't sure what to do here to fix the problem, the fastest and usually correct solution is go to https://authress.io/app/#/settings?focus=applications create a new application, specify your site in the application url property and then update the value here.");throw e.code="InvalidApplication",e}this.hostUrl=c(i),this.httpClient=new s(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),l.retainUserCookie=e.retainUserCookie,o.skipBackgroundCredentialsCheck\|\|r.onLoad((async()=>{await this.userSessionExists({backgroundTrigger:!0})}))}getMatchingDomainInfo(e){const t=new URL(e);if(r.isLocalHost())return!1;const n=r.getCurrentLocation();if("https:"!==n.protocol)return!1;const o=t.host.toLowerCase().split(".").reverse(),s=n.host.toLowerCase().split(".").reverse();let a=[];for(let e of o){const t=i(s,a.length+1).join(".");if(a.concat(e).join(".")!==t)break;a.push(e)}return a.length===o.length&&a.length===s.length\|\|a.length>1}getUserIdentity(){const e=l.getUserCookie(),t=a.decodeOrParse(e);if(t){const n=t.exp?new Date(1e3t.exp):new Date(Date.now()+864e5);return l.set(e,n),t.userId=t.sub,t}const n=l.get(),o=a.decodeOrParse(n);if(!o)return null;const i=new URL(o.iss).hostname,r=new URL(this.hostUrl).hostname;return i.endsWith(r)\|\|r.endsWith(i)?(o.userId=o.sub,o):(l.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage\|\|"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl\|\|r.getCurrentLocation().href),r.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:"",type:"",totp:{}}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}if(!e){const e=Error("Register Device missing required parameter: 'Options'");throw e.code="InvalidInput",e}let n;if(e.type&&"WebAuthN"!==e.type)"TOTP"===e.type&&(n={name:e.name,code:e.totp.verificationCode,totpData:e.totp,type:"TOTP"});else{const o=t.sub,i={challenge:Uint8Array.from(o,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(o,(e=>e.charCodeAt(0))),name:o,displayName:`Generated User ID: ${o}`},pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},r=await navigator.credentials.create({publicKey:i}),s={authenticatorAttachment:r.authenticatorAttachment,credentialId:r.id,type:r.type,userId:o,attestation:btoa(String.fromCharCode(...new Uint8Array(r.response.attestationObject))),client:btoa(String.fromCharCode(...new Uint8Array(r.response.clientDataJSON)))};n={name:e&&e.name,code:s,type:"WebAuthN"}}try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,n,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to register new device",error:e,request:n}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e={backgroundTrigger:!1}){return Date.now()-this.lastSessionCheck<50\|\|p?h:(this.lastSessionCheck=Date.now(),p=!0,h=h.catch((()=>{})).then((async()=>{try{const t=await this.userSessionContinuation(null==e?void 0:e.backgroundTrigger);return p=!1,t}catch(e){throw p=!1,e}})))}async userSessionContinuation(e){const t=new URLSearchParams(r.getCurrentLocation().search);let n={};if("undefined"!=typeof localStorage)try{n=JSON.parse(localStorage.getItem(g)\|\|"{}"),localStorage.removeItem(g),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if((n.nonce\|\|t.get("iss")&&t.get("iss").includes(this.hostUrl))&&this.sanitizeQueryParameters(),n.nonce&&t.get("code")&&n.nonce===t.get("nonce")){const e="cookie"===t.get("code")?o.parse(document.cookie)["auth-code"]:t.get("code"),i=await a.calculateAntiAbuseHash({client_id:this.applicationId,authenticationRequestId:n.nonce,code:e}),r={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.applicationId,code:e,code_verifier:n.codeVerifier,antiAbuseHash:i};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,r),t=a.decode(e.data.id_token),i=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);return document.cookie=o.serialize("authorization",e.data.access_token\|\|"",{expires:i,path:"/",sameSite:"strict"}),l.set(e.data.id_token,i),d(),!0}catch(e){if(this.logger&&this.logger.log({title:"[Authress Login SDK] Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data\|\|e}}if(r.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(!n.nonce\|\|n.nonce===t.get("nonce"))){const e=a.decode(t.get("id_token")),n=e.exp&&new Date(1e3e.exp)\|\|Number(t.get("expires_in"))&&new Date(Date.now()+1e3Number(t.get("expires_in")));return document.cookie=o.serialize("authorization",t.get("access_token")\|\|"",{expires:n,path:"/",sameSite:"strict"}),l.set(t.get("id_token"),n),d(),!0}if(this.getUserIdentity())return d(),!0;if(!r.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=a.decode(e.data.id_token),n=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);document.cookie=o.serialize("authorization",e.data.access_token\|\|"",{expires:n,path:"/",sameSite:"strict"}),l.set(e.data.id_token,n)}}catch(e){400===e.status\|\|404===e.status\|\|409===e.status?this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return d(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:o,hint:i}){if(!t&&!n&&!i){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const s=new URLSearchParams(r.getCurrentLocation().search),c=e\|\|s.get("state");if(!c){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=i\|\|n,s=await a.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:e,authenticationRequestId:c}),l=await this.httpClient.patch(`/authentication/${c}`,!0,{antiAbuseHash:s,connectionId:t,tenantLookupIdentifier:e,connectionProperties:o});if(new URL(l.data.authenticationUrl).hostname===r.getCurrentLocation().hostname)return{authenticationUrl:l.data.authenticationUrl};r.assign(l.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const n=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,n)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async linkIdentityWithOneTimeCode({connectionId:e,redirectUrl:t}){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let n;try{n=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:o}=await a.getAuthCodes(),i=await a.calculateAntiAbuseHash({connectionId:e,applicationId:this.applicationId});try{const s=t&&new URL(t).toString()\|\|r.getCurrentLocation().href,a=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${n}`},c=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:i,linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:o,connectionId:e,applicationId:this.applicationId},a);return{authenticationUrl:c.data.authenticationUrl,authenticationRequestId:c.data.authenticationRequestId}}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:n,connectionProperties:o}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let i;try{i=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:s}=await a.getAuthCodes(),c=await a.calculateAntiAbuseHash({connectionId:e,tenantLookupIdentifier:t,applicationId:this.applicationId});try{const a=n&&new URL(n).toString()\|\|r.getCurrentLocation().href,l=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${i}`},d=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:c,linkIdentity:!0,redirectUrl:a,codeChallengeMethod:"S256",codeChallenge:s,connectionId:e,tenantLookupIdentifier:t,connectionProperties:o,applicationId:this.applicationId},l);r.assign(d.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticateWithOneTimeCode(e={}){const{serviceClientId:t,inviteId:n,redirectUrl:o,force:i,responseLocation:s,flowType:c,clearUserDataBeforeLogin:d,audiences:u}=e\|\|{};if(s&&"cookie"!==s&&"query"!==s&&"none"!==s){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!t){const e=Error("The Passwordless Service Client ID is required");throw e.code="InvalidInput",e}if(!n&&!i&&await this.userSessionExists()){const n=await this.ensureToken(),o=a.decode(n);if(o&&o.azp&&t!==o.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:o});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:h,codeChallenge:p}=await a.getAuthCodes(),f=await a.calculateAntiAbuseHash({serviceClientId:t,inviteId:n,applicationId:this.applicationId,audiences:u});try{const e=o&&new URL(o).toString()\|\|r.getCurrentLocation().href;!1!==d&&l.clear();const i=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:f,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:p,audiences:u,connectionId:t,inviteId:n,applicationId:this.applicationId,responseLocation:s,flowType:c});return localStorage.setItem(g,JSON.stringify({nonce:i.data.authenticationRequestId,codeVerifier:h,lastConnectionId:t,redirectUrl:e,enableCredentials:i.data.enableCredentials})),{authenticationUrl:i.data.authenticationUrl,authenticationRequestId:i.data.authenticationRequestId}}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:n,inviteId:o,redirectUrl:i,force:s,responseLocation:c,flowType:d,connectionProperties:u,openType:h,multiAccount:p,clearUserDataBeforeLogin:f,audiences:m}=e\|\|{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!o&&!s&&!p&&await this.userSessionExists()){const n=await this.ensureToken(),o=a.decode(n);if(t&&o&&o.azp&&t!==o.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:o});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:w,codeChallenge:y}=await a.getAuthCodes(),k=await a.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,inviteId:o,applicationId:this.applicationId,audiences:m});try{const e=i&&new URL(i).toString()\|\|r.getCurrentLocation().href;!1!==f&&l.clear();const s=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:k,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:y,audiences:m,connectionId:t,tenantLookupIdentifier:n,inviteId:o,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:d,multiAccount:p});if(localStorage.setItem(g,JSON.stringify({nonce:s.data.authenticationRequestId,codeVerifier:w,lastConnectionId:t,tenantLookupIdentifier:n,redirectUrl:e,enableCredentials:s.data.enableCredentials,multiAccount:p})),!s.data.authenticationUrl\|\|new URL(s.data.authenticationUrl).hostname===r.getCurrentLocation().hostname)return{authenticationUrl:s.data.authenticationUrl,authenticationRequestId:s.data.authenticationRequestId};if("tab"===h){const e=r.open(s.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed\|\|r.assign(s.data.authenticationUrl)}else r.assign(s.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async ensureToken(e){if(e&&0===e.timeoutInMillis){if(!this.getUserIdentity()){const e=Error("No token available because the user is not logged in.");throw e.code="TokenTimeout",e}const t=l.getAuthorizationTokens(),n=t.find((t=>{try{const n=a.decode(t);return(null==n?void 0:n.iss)===this.hostUrl\|\|(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because the issuer does not match the library configured value.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:n}),!1)}catch(n){return this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because it is no longer a valid token.",requestedAuthenticationOptions:e,currentAuthenticationSessionDataToken:t,error:n}),!1}}));return n\|\|(t.length?(this.logger&&this.logger.error&&this.logger.log({title:"[Authress Login SDK] No matching issuer token found, returning the first valid token instead."}),t[0]):(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] HttpOnly access token configuration has blocked the returning of a valid token. The application specified in the Authress LoginClient constructor has been configured to block returning access tokens via the enableAccessToToken property. To use the loginClient.ensureToken() method in production, please set the enableAccessToToken to true. Note: This setting does not affect localhost.",options:e}),null))}await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e\|\|{}),n=this.waitForUserSession(),o=-1===t.timeoutInMillis\|\|t.timeoutInMillis>231-1?231-1:t.timeoutInMillis,i=new Promise(((e,t)=>setTimeout(t,o\|\|0)));try{await Promise.race([n,i])}catch(e){const t=Error("No token available because the user is still not logged in and the timeout has been exceeded. If you are seeing this error, it is because you have called ensureToken() without first validating that the user is logged. Review the route guards and checks for user sessions in your source code. ensureToken() should only ever be called after you have verified that the user is logged in.");throw t.code="TokenTimeout",t}const r=l.getAuthorizationTokens(),s=r.find((t=>{try{const n=a.decode(t);return(null==n?void 0:n.iss)===this.hostUrl\|\|(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because the issuer does not match the library configured value.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:n}),!1)}catch(n){return this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because it is no longer a valid token.",requestedAuthenticationOptions:e,currentAuthenticationSessionDataToken:t,error:n}),!1}}));if(s)return s;if(r.length)return this.logger&&this.logger.error&&this.logger.log({title:"[Authress Login SDK] No matching issuer token found, returning the first valid token instead."}),r[0];return this.getUserIdentity()?(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] Your Authress Application access token configuration has blocked the returning of a valid token because the setting HttpOnly has been enabled. The application specified in the Authress LoginClient constructor has been configured to block returning access tokens via the enableAccessToToken property. To use the loginClient.ensureToken() method in production, please set the enableAccessToToken to true. (LocalHost Note: This setting does not affect localhost development, and you may still see ensureToken work successfully during development, but fail with this error in production. This is because HttpOnly does not work for LocalHost)",options:e}),null):(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] User completed login but the user identity still does not exist. This happened because there is a race condition in your code and why waiting for ensureToken() to complete, the user was logged out. Returning null."}),null)}async logout(e){let t;if(e)try{new URL(e),t=e}catch(n){try{t=new URL(e,r.getCurrentLocation().href).toString()}catch(t){const n=Error(`The logout redirect url is not valid URL: ${e}`);throw n.code="InvalidRedirectUrl",n}}if(l.clear(),this.sanitizeQueryParameters(),u=new Promise((e=>d=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),this.lastSessionCheck=0,void(e&&e!==r.getCurrentLocation().href&&r.assign(e))}catch(e){}const n=new URL("/logout",this.hostUrl);n.searchParams.set("redirect_uri",t\|\|r.getCurrentLocation().href),n.searchParams.set("client_id",this.applicationId),r.assign(n.toString()),this.lastSessionCheck=0,await new Promise((e=>setTimeout(e,500)))}sanitizeQueryParameters(){const e=new URL(r.getCurrentLocation());e.searchParams.delete("iss"),e.searchParams.delete("nonce"),e.searchParams.delete("code"),e.searchParams.delete("expires_in"),e.searchParams.delete("access_token"),e.searchParams.delete("id_token"),history.replaceState({},void 0,e.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var n={},i=e.length;if(i<2)return n;var r=t&&t.decode\|\|d,s=0,a=0,h=0;do{if(-1===(a=e.indexOf("=",s)))break;if(-1===(h=e.indexOf(";",s)))h=i;else if(a>h){s=e.lastIndexOf(";",a-1)+1;continue}var p=c(e,s,a),g=l(e,a,p),f=e.slice(p,g);if(!o.call(n,f)){var m=c(e,a+1,h),w=l(e,h,m);34===e.charCodeAt(m)&&34===e.charCodeAt(w-1)&&(m++,w--);var y=e.slice(m,w);n[f]=u(y,r)}s=h+1}while(s<i);return n},t.serialize=function(e,t,o){var c=o&&o.encode\|\|encodeURIComponent;if("function"!=typeof c)throw new TypeError("option encode is invalid");if(!i.test(e))throw new TypeError("argument name is invalid");var l=c(t);if(!r.test(l))throw new TypeError("argument val is invalid");var d=e+"="+l;if(!o)return d;if(null!=o.maxAge){var u=Math.floor(o.maxAge);if(!isFinite(u))throw new TypeError("option maxAge is invalid");d+="; Max-Age="+u}if(o.domain){if(!s.test(o.domain))throw new TypeError("option domain is invalid");d+="; Domain="+o.domain}if(o.path){if(!a.test(o.path))throw new TypeError("option path is invalid");d+="; Path="+o.path}if(o.expires){var h=o.expires;if(!function(e){return"[object Date]"===n.call(e)}(h)\|\|isNaN(h.valueOf()))throw new TypeError("option expires is invalid");d+="; Expires="+h.toUTCString()}o.httpOnly&&(d+="; HttpOnly");o.secure&&(d+="; Secure");o.partitioned&&(d+="; Partitioned");if(o.priority){switch("string"==typeof o.priority?o.priority.toLowerCase():o.priority){case"low":d+="; Priority=Low";break;case"medium":d+="; Priority=Medium";break;case"high":d+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(o.sameSite){switch("string"==typeof o.sameSite?o.sameSite.toLowerCase():o.sameSite){case!0:d+="; SameSite=Strict";break;case"lax":d+="; SameSite=Lax";break;case"strict":d+="; SameSite=Strict";break;case"none":d+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return d};var n=Object.prototype.toString,o=Object.prototype.hasOwnProperty,i=/^[!#$%&'+\-.^_`\|~0-9A-Za-z]+$/,r=/^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]\1$/,s=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)$/i,a=/^[\u0020-\u003A\u003D-\u007E]$/;function c(e,t,n){do{var o=e.charCodeAt(t);if(32!==o&&9!==o)return t}while(++t<n);return n}function l(e,t,n){for(;t>n;){var o=e.charCodeAt(--t);if(32!==o&&9!==o)return t+1}return n}function d(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function u(e,t){try{return t(e)}catch(t){return e}}},568:(e,t,n)=>{const o=n(836),{sanitizeUrl:i}=n(332),r=n(629),s="ExtensionRequestNonce";let a=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=i(e),this.accessToken=null,r.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await o.decode(this.accessToken);return e?1e3e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(a)return a=a.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),a=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code\|\|new URLSearchParams(r.getCurrentLocation().search).get("code");if(!t){if(!e\|\|!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const n=new URL(this.authressCustomDomain);n.pathname="/api/authentication/oauth/tokens";const{codeVerifier:o,redirectUrl:i}=JSON.parse(localStorage.getItem(s)\|\|"{}"),a=await fetch(n.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:o,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:i})}),c=await a.json();this.accessToken=c.access_token;const l=new URL(r.getCurrentLocation());return l.searchParams.delete("code"),l.searchParams.delete("iss"),l.searchParams.delete("nonce"),l.searchParams.delete("expires_in"),l.searchParams.delete("access_token"),l.searchParams.delete("id_token"),history.replaceState({},void 0,l.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const n=await this.requestToken({silent:!0});if(n)return n;const i=new URL(this.authressCustomDomain),{codeVerifier:a,codeChallenge:c}=o.getAuthCodes(),l=e\|\|r.getCurrentLocation().href;return localStorage.setItem(s,JSON.stringify({codeVerifier:a,redirectUrl:l})),i.searchParams.set("client_id",this.extensionId),i.searchParams.set("code_challenge",c),i.searchParams.set("code_challenge_method","S256"),i.searchParams.set("redirect_uri",l),r.assign(i.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname\|\|"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)\|\|new URL("http://localhost:8080")}getDocument(){return"undefined"==typeof window\|\|"undefined"==typeof document?null:document}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},836:(e,t,n)=>{const o=n(878);e.exports=new class{decode(e){var t;return e?null===(t=this.decodeFull(e))\|\|void 0===t?void 0:t.payload:null}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;let t=null;try{t=JSON.parse(o.decode(e.split(".")[0]))}catch(e){}try{const n=JSON.parse(o.decode(e.split(".")[1]));return n.exp&&(n.exp=n.exp-10),{header:t,payload:n}}catch(e){return null}}async getAuthCodes(){const e=o.encode((window.crypto\|\|window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:o.encode(t)}}async calculateAntiAbuseHash(e){const t=Date.now(),n=Object.values(e).filter((e=>e)).join("\|");let i=0,r=null;for(;++i&&(r=o.encode(await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(`${t};${i};${n}`))),!r.match(/^00/)););return`v2;${t};${i};${r}`}}},878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function n(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),n).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}}},o={};function i(e){var t=o[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var r=o[e]={exports:{}};try{var s={id:e,module:r,factory:n[e],require:i};i.i.forEach((function(e){e(s)})),r=s.module,s.factory.call(r.exports,r,r.exports,s.require)}catch(e){throw r.error=e,e}return r.exports}return i.m=n,i.c=o,i.i=[],i.hu=e=>e+"."+i.h()+".hot-update.js",i.hmrF=()=>"main."+i.h()+".hot-update.json",i.h=()=>"42f9aeaf5c0172d4442f",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",i.l=(n,o,r,s)=>{if(e[n])e[n].push(o);else{var a,c;if(void 0!==r)for(var l=document.getElementsByTagName("script"),d=0;d<l.length;d++){var u=l[d];if(u.getAttribute("src")==n\|\|u.getAttribute("data-webpack")==t+r){a=u;break}}a\|\|(c=!0,(a=document.createElement("script")).charset="utf-8",a.timeout=120,i.nc&&a.setAttribute("nonce",i.nc),a.setAttribute("data-webpack",t+r),a.src=n),e[n]=[o];var h=(t,o)=>{a.onerror=a.onload=null,clearTimeout(p);var i=e[n];if(delete e[n],a.parentNode&&a.parentNode.removeChild(a),i&&i.forEach((e=>e(o))),t)return t(o)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:a}),12e4);a.onerror=h.bind(null,a.onerror),a.onload=h.bind(null,a.onload),c&&document.head.appendChild(a)}},(()=>{var e,t,n,o={},r=i.c,s=[],a=[],c="idle",l=0,d=[];function u(e){c=e;for(var t=[],n=0;n<a.length;n++)t[n]=a[n].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--l&&u("ready").then((function(){if(0===l){var e=d;d=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(i.hmrM).then((function(n){return n?u("prepare").then((function(){var o=[];return t=[],Promise.all(Object.keys(i.hmrC).reduce((function(e,r){return i.hmrC[r](n.c,n.r,n.m,e,t,o),e}),[])).then((function(){return t=function(){return e?f(e):u("ready").then((function(){return o}))},0===l?t():new Promise((function(e){d.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function g(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):f(e)}function f(e){e=e\|\|{},m();var o=t.map((function(t){return t(e)}));t=void 0;var i=o.map((function(e){return e.error})).filter(Boolean);if(i.length>0)return u("abort").then((function(){throw i[0]}));var r=u("dispose");o.forEach((function(e){e.dispose&&e.dispose()}));var s,a=u("apply"),c=function(e){s\|\|(s=e)},l=[];return o.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var n=0;n<t.length;n++)l.push(t[n])}})),Promise.all([r,a]).then((function(){return s?u("fail").then((function(){throw s})):n?f(e).then((function(e){return l.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return l}))}))}function m(){if(n)return t\|\|(t=[]),Object.keys(i.hmrI).forEach((function(e){n.forEach((function(n){i.hmrI[e](n,t)}))})),n=void 0,!0}i.hmrD=o,i.i.push((function(d){var f,m,w,y,k=d.module,v=function(t,n){var o=r[n];if(!o)return t;var i=function(i){if(o.hot.active){if(r[i]){var a=r[i].parents;-1===a.indexOf(n)&&a.push(n)}else s=[n],e=i;-1===o.children.indexOf(i)&&o.children.push(i)}else console.warn("[HMR] unexpected require("+i+") from disposed module "+n),s=[];return t(i)},a=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(n){t[e]=n}}};for(var d in t)Object.prototype.hasOwnProperty.call(t,d)&&"e"!==d&&Object.defineProperty(i,d,a(d));return i.e=function(e,n){return function(e){switch(c){case"ready":u("prepare");case"prepare":return l++,e.then(h,h),e;default:return e}}(t.e(e,n))},i}(d.require,d.id);k.hot=(f=d.id,m=k,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==f,_requireSelf:function(){s=m.parents.slice(),e=w?void 0:f,i(f)},active:!0,accept:function(e,t,n){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var o=0;o<e.length;o++)y._acceptedDependencies[e[o]]=t\|\|function(){},y._acceptedErrorHandlers[e[o]]=n;else y._acceptedDependencies[e]=t\|\|function(){},y._acceptedErrorHandlers[e]=n},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(i.hmrI).forEach((function(e){i.hmrI[e](f,t)})),u("ready");break;case"ready":Object.keys(i.hmrI).forEach((function(e){i.hmrI[e](f,t)}));break;case"prepare":case"check":case"dispose":case"apply":(n=n\|\|[]).push(f)}},check:p,apply:g,status:function(e){if(!e)return c;a.push(e)},addStatusHandler:function(e){a.push(e)},removeStatusHandler:function(e){var t=a.indexOf(e);t>=0&&a.splice(t,1)},data:o[f]},e=void 0,y),k.parents=s,k.children=[],s=[],d.require=v})),i.hmrC={},i.hmrI={}})(),i.p="",(()=>{var e,t,n,o,r,s=i.hmrS_jsonp=i.hmrS_jsonp\|\|{792:0},a={};function c(t,n){return e=n,new Promise(((e,n)=>{a[t]=e;var o=i.p+i.hu(t),r=new Error;i.l(o,(e=>{if(a[t]){a[t]=void 0;var o=e&&("load"===e.type?"missing":e.type),i=e&&e.target&&e.target.src;r.message="Loading hot update chunk "+t+" failed.\n("+o+": "+i+")",r.name="ChunkLoadError",r.type=o,r.request=i,n(r)}}))}))}function l(e){function a(e){for(var t=[e],n={},o=t.map((function(e){return{chain:[e],id:e}}));o.length>0;){var r=o.pop(),s=r.id,a=r.chain,l=i.c[s];if(l&&(!l.hot._selfAccepted\|\|l.hot._selfInvalidated)){if(l.hot._selfDeclined)return{type:"self-declined",chain:a,moduleId:s};if(l.hot._main)return{type:"unaccepted",chain:a,moduleId:s};for(var d=0;d<l.parents.length;d++){var u=l.parents[d],h=i.c[u];if(h){if(h.hot._declinedDependencies[s])return{type:"declined",chain:a.concat([u]),moduleId:s,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[s]?(n[u]\|\|(n[u]=[]),c(n[u],[s])):(delete n[u],t.push(u),o.push({chain:a.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:n}}function c(e,t){for(var n=0;n<t.length;n++){var o=t[n];-1===e.indexOf(o)&&e.push(o)}}i.f&&delete i.f.jsonpHmr,t=void 0;var l={},d=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in n)if(i.o(n,p)){var g=n[p],f=g?a(p):{type:"disposed",moduleId:p},m=!1,w=!1,y=!1,k="";switch(f.chain&&(k="\nUpdate propagation: "+f.chain.join(" -> ")),f.type){case"self-declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined\|\|(m=new Error("Aborted because of self decline: "+f.moduleId+k));break;case"declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined\|\|(m=new Error("Aborted because of declined dependency: "+f.moduleId+" in "+f.parentId+k));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(f),e.ignoreUnaccepted\|\|(m=new Error("Aborted because "+p+" is not accepted"+k));break;case"accepted":e.onAccepted&&e.onAccepted(f),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(f),y=!0;break;default:throw new Error("Unexception type "+f.type)}if(m)return{error:m};if(w)for(p in u[p]=g,c(d,f.outdatedModules),f.outdatedDependencies)i.o(f.outdatedDependencies,p)&&(l[p]\|\|(l[p]=[]),c(l[p],f.outdatedDependencies[p]));y&&(c(d,[f.moduleId]),u[p]=h)}n=void 0;for(var v,b=[],C=0;C<d.length;C++){var I=d[C],A=i.c[I];A&&(A.hot._selfAccepted\|\|A.hot._main)&&u[I]!==h&&!A.hot._selfInvalidated&&b.push({module:I,require:A.hot._requireSelf,errorHandler:A.hot._selfAccepted})}return{dispose:function(){var e;o.forEach((function(e){delete s[e]})),o=void 0;for(var t,n=d.slice();n.length>0;){var r=n.pop(),a=i.c[r];if(a){var c={},u=a.hot._disposeHandlers;for(C=0;C<u.length;C++)u[C].call(null,c);for(i.hmrD[r]=c,a.hot.active=!1,delete i.c[r],delete l[r],C=0;C<a.children.length;C++){var h=i.c[a.children[C]];h&&((e=h.parents.indexOf(r))>=0&&h.parents.splice(e,1))}}}for(var p in l)if(i.o(l,p)&&(a=i.c[p]))for(v=l[p],C=0;C<v.length;C++)t=v[C],(e=a.children.indexOf(t))>=0&&a.children.splice(e,1)},apply:function(t){for(var n in u)i.o(u,n)&&(i.m[n]=u[n]);for(var o=0;o<r.length;o++)r[o](i);for(var s in l)if(i.o(l,s)){var a=i.c[s];if(a){v=l[s];for(var c=[],h=[],p=[],g=0;g<v.length;g++){var f=v[g],m=a.hot._acceptedDependencies[f],w=a.hot._acceptedErrorHandlers[f];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(f)}}for(var y=0;y<c.length;y++)try{c[y].call(null,v)}catch(n){if("function"==typeof h[y])try{h[y](n,{moduleId:s,dependencyId:p[y]})}catch(o){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:s,dependencyId:p[y],error:o,originalError:n}),e.ignoreErrored\|\|(t(o),t(n))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:s,dependencyId:p[y],error:n}),e.ignoreErrored\|\|t(n)}}}for(var k=0;k<b.length;k++){var C=b[k],I=C.module;try{C.require(I)}catch(n){if("function"==typeof C.errorHandler)try{C.errorHandler(n,{moduleId:I,module:i.c[I]})}catch(o){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:o,originalError:n}),e.ignoreErrored\|\|(t(o),t(n))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:n}),e.ignoreErrored\|\|t(n)}}return d}}}this.webpackHotUpdateauthress=(t,o,s)=>{for(var c in o)i.o(o,c)&&(n[c]=o[c],e&&e.push(c));s&&r.push(s),a[t]&&(a[t](),a[t]=void 0)},i.hmrI.jsonp=function(e,t){n\|\|(n={},r=[],o=[],t.push(l)),i.o(n,e)\|\|(n[e]=i.m[e])},i.hmrC.jsonp=function(e,a,d,u,h,p){h.push(l),t={},o=a,n=d.reduce((function(e,t){return e[t]=!1,e}),{}),r=[],e.forEach((function(e){i.o(s,e)&&void 0!==s[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),i.f&&(i.f.jsonpHmr=function(e,n){t&&i.o(t,e)&&!t[e]&&(n.push(c(e)),t[e]=!0)})},i.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(i.p+i.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),i(354)})()));

authress/tags/0.2.107/vendor/autoload.php

-                      r3264076
+                      r3405904
 // autoload.php @generated by Composer
+if (PHP_VERSION_ID < 50600) {
+    if (!headers_sent()) {
+        header('HTTP/1.1 500 Internal Server Error');
+    }
+    $err = 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL;
+    if (!ini_get('display_errors')) {
+        if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') {
+            fwrite(STDERR, $err);
+        } elseif (!headers_sent()) {
+            echo $err;
+        }
+    }
+    throw new RuntimeException($err);
+}
 require_once __DIR__ . '/composer/autoload_real.php';
 return ComposerAutoloaderInit0afc4f4830b212e88cd7a189750a61be::getLoader();
+return ComposerAutoloaderInit908d35cafd3f3b46a98d2b262382722b::getLoader();

authress/tags/0.2.107/vendor/composer/ClassLoader.php

-                      r2688858
+                      r3405904
 class ClassLoader
+{
+    /** @var \Closure(string):void */
+    private static $includeFile;
+    /** @var string|null */
     private $vendorDir;
     // PSR-4
+    /**
+     * @var array<string, array<string, int>>
+     */
     private $prefixLengthsPsr4 = array();
+    /**
+     * @var array<string, list<string>>
+     */
     private $prefixDirsPsr4 = array();
+    /**
+     * @var list<string>
+     */
     private $fallbackDirsPsr4 = array();
     // PSR-0
+    /**
+     * List of PSR-0 prefixes
+     *
+     * Structured as array('F (first letter)' => array('Foo\Bar (full prefix)' => array('path', 'path2')))
+     *
+     * @var array<string, array<string, list<string>>>
+     */
     private $prefixesPsr0 = array();
+    /**
+     * @var list<string>
+     */
     private $fallbackDirsPsr0 = array();
+    /** @var bool */
     private $useIncludePath = false;
+    /**
+     * @var array<string, string>
+     */
     private $classMap = array();
+    /** @var bool */
     private $classMapAuthoritative = false;
+    /**
+     * @var array<string, bool>
+     */
     private $missingClasses = array();
+    /** @var string|null */
     private $apcuPrefix;
+    /**
+     * @var array<string, self>
+     */
     private static $registeredLoaders = array();
+    /**
+     * @param string|null $vendorDir
+     */
     public function __construct($vendorDir = null)
+    {
         $this->vendorDir = $vendorDir;
+    }
+        self::initializeIncludeClosure();
+    }
+    /**
+     * @return array<string, list<string>>
+     */
     public function getPrefixes()
+    {
 …
+    }
+    /**
+     * @return array<string, list<string>>
+     */
     public function getPrefixesPsr4()
+    {
 …
+    }
+    /**
+     * @return list<string>
+     */
     public function getFallbackDirs()
+    {
 …
+    }
+    /**
+     * @return list<string>
+     */
     public function getFallbackDirsPsr4()
+    {
 …
+    }
+    /**
+     * @return array<string, string> Array of classname => path
+     */
     public function getClassMap()
+    {
 …
     /**
+     * @param array $classMap Class to filename map
+     * @param array<string, string> $classMap Class to filename map
+     *
+     * @return void
      */
     public function addClassMap(array $classMap)
 …
      * appending or prepending to the ones previously set for this prefix.
+     *
+     * @param string       $prefix  The prefix
+     * @param array|string $paths   The PSR-0 root directories
+     * @param bool         $prepend Whether to prepend the directories
+     * @param string              $prefix  The prefix
+     * @param list<string>|string $paths   The PSR-0 root directories
+     * @param bool                $prepend Whether to prepend the directories
+     *
+     * @return void
      */
     public function add($prefix, $paths, $prepend = false)
+    {
+        $paths = (array) $paths;
         if (!$prefix) {
             if ($prepend) {
                 $this->fallbackDirsPsr0 = array_merge(
                     (array) $paths,
+                    $paths,
                     $this->fallbackDirsPsr0
                 );
 …
                 $this->fallbackDirsPsr0 = array_merge(
                     $this->fallbackDirsPsr0,
                     (array) $paths
+                    $paths
                 );
+            }
 …
         $first = $prefix[0];
         if (!isset($this->prefixesPsr0[$first][$prefix])) {
             $this->prefixesPsr0[$first][$prefix] = (array) $paths;
+            $this->prefixesPsr0[$first][$prefix] = $paths;
             return;
 …
         if ($prepend) {
             $this->prefixesPsr0[$first][$prefix] = array_merge(
                 (array) $paths,
+                $paths,
                 $this->prefixesPsr0[$first][$prefix]
             );
 …
             $this->prefixesPsr0[$first][$prefix] = array_merge(
                 $this->prefixesPsr0[$first][$prefix],
                 (array) $paths
+                $paths
             );
+        }
 …
      * appending or prepending to the ones previously set for this namespace.
+     *
      * @param string       $prefix  The prefix/namespace, with trailing '\\'
      * @param array|string $paths   The PSR-4 base directories
      * @param bool         $prepend Whether to prepend the directories
+     * @param string              $prefix  The prefix/namespace, with trailing '\\'
+     * @param list<string>|string $paths   The PSR-4 base directories
+     * @param bool                $prepend Whether to prepend the directories
+     *
      * @throws \InvalidArgumentException
+     *
+     * @return void
      */
     public function addPsr4($prefix, $paths, $prepend = false)
+    {
+        $paths = (array) $paths;
         if (!$prefix) {
             // Register directories for the root namespace.
             if ($prepend) {
                 $this->fallbackDirsPsr4 = array_merge(
                     (array) $paths,
+                    $paths,
                     $this->fallbackDirsPsr4
                 );
 …
                 $this->fallbackDirsPsr4 = array_merge(
                     $this->fallbackDirsPsr4,
                     (array) $paths
+                    $paths
                 );
+            }
 …
+            }
             $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length;
             $this->prefixDirsPsr4[$prefix] = (array) $paths;
+            $this->prefixDirsPsr4[$prefix] = $paths;
         } elseif ($prepend) {
             // Prepend directories for an already registered namespace.
             $this->prefixDirsPsr4[$prefix] = array_merge(
                 (array) $paths,
+                $paths,
                 $this->prefixDirsPsr4[$prefix]
             );
 …
             $this->prefixDirsPsr4[$prefix] = array_merge(
                 $this->prefixDirsPsr4[$prefix],
                 (array) $paths
+                $paths
             );
+        }
 …
      * replacing any others previously set for this prefix.
+     *
+     * @param string       $prefix The prefix
+     * @param array|string $paths  The PSR-0 base directories
+     * @param string              $prefix The prefix
+     * @param list<string>|string $paths  The PSR-0 base directories
+     *
+     * @return void
      */
     public function set($prefix, $paths)
 …
      * replacing any others previously set for this namespace.
+     *
      * @param string       $prefix The prefix/namespace, with trailing '\\'
      * @param array|string $paths  The PSR-4 base directories
+     * @param string              $prefix The prefix/namespace, with trailing '\\'
+     * @param list<string>|string $paths  The PSR-4 base directories
+     *
      * @throws \InvalidArgumentException
+     *
+     * @return void
      */
     public function setPsr4($prefix, $paths)
 …
+     *
      * @param bool $useIncludePath
+     *
+     * @return void
      */
     public function setUseIncludePath($useIncludePath)
 …
+     *
      * @param bool $classMapAuthoritative
+     *
+     * @return void
      */
     public function setClassMapAuthoritative($classMapAuthoritative)
 …
+     *
      * @param string|null $apcuPrefix
+     *
+     * @return void
      */
     public function setApcuPrefix($apcuPrefix)
 …
+     *
      * @param bool $prepend Whether to prepend the autoloader or not
+     *
+     * @return void
      */
     public function register($prepend = false)
 …
         if (null === $this->vendorDir) {
+            //no-op
+        } elseif ($prepend) {
+            return;
+        }
+        if ($prepend) {
             self::$registeredLoaders = array($this->vendorDir => $this) + self::$registeredLoaders;
         } else {
 …
     /**
      * Unregisters this instance as an autoloader.
+     *
+     * @return void
      */
     public function unregister()
 …
+     *
      * @param  string    $class The name of the class
      * @return bool|null True if loaded, null otherwise
+     * @return true|null True if loaded, null otherwise
      */
     public function loadClass($class)
+    {
         if ($file = $this->findFile($class)) {
+            includeFile($file);
+            $includeFile = self::$includeFile;
+            $includeFile($file);
             return true;
+        }
+        return null;
+    }
 …
     /**
      * Returns the currently registered loaders indexed by their corresponding vendor directories.
+     *
      * @return self[]
+     * Returns the currently registered loaders keyed by their corresponding vendor directories.
+     *
+     * @return array<string, self>
      */
     public static function getRegisteredLoaders()
 …
+    }
+    /**
+     * @param  string       $class
+     * @param  string       $ext
+     * @return string|false
+     */
     private function findFileWithExtension($class, $ext)
+    {
 …
         return false;
+    }
+    /**
+     * @return void
+     */
+    private static function initializeIncludeClosure()
+    {
+        if (self::$includeFile !== null) {
+            return;
+        }
+        /**
+         * Scope isolated include.
+         *
+         * Prevents access to $this/self from included files.
+         *
+         * @param  string $file
+         * @return void
+         */
+        self::$includeFile = \Closure::bind(static function($file) {
+            include $file;
+        }, null, null);
+    }
+}
-/**
- * Scope isolated include.
+ *
- * Prevents access to $this/self from included files.
- */
-function includeFile($file)
+{
-    include $file;
+}

authress/tags/0.2.107/vendor/composer/InstalledVersions.php

-                      r3264076
+                      r3405904
 <?php
+/*
+ * This file is part of Composer.
+ *
+ * (c) Nils Adermann <naderman@naderman.de>
+ *     Jordi Boggiano <j.boggiano@seld.be>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
 namespace Composer;
 …
 use Composer\Semver\VersionParser;
+/**
+ * This class is copied in every Composer installed project and available to all
+ *
+ * See also https://getcomposer.org/doc/07-runtime.md#installed-versions
+ *
+ * To require its presence, you can require `composer-runtime-api ^2.0`
+ *
+ * @final
+ */
 class InstalledVersions
+{
+private static $installed = array (
+  'root' =>
+  array (
+    'pretty_version' => 'dev-release/0.2',
+    'version' => 'dev-release/0.2',
+    'aliases' =>
+    array (
+    ),
+    'reference' => '96e0eab8ebba749fdfc6becf25a6501b8eaa1b43',
+    'name' => 'authress/wordpress-plugin.php',
+  ),
+  'versions' =>
+  array (
+    'authress/wordpress-plugin.php' =>
+    array (
+      'pretty_version' => 'dev-release/0.2',
+      'version' => 'dev-release/0.2',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '96e0eab8ebba749fdfc6becf25a6501b8eaa1b43',
+    ),
+    'codercat/jwk-to-pem' =>
+    array (
+      'pretty_version' => '1.1',
+      'version' => '1.1.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '4b3cdcf5f87b9b074f132f763a6b7b82c7d3ff1d',
+    ),
+    'guzzlehttp/guzzle' =>
+    array (
+      'pretty_version' => '7.8.1',
+      'version' => '7.8.1.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '41042bc7ab002487b876a0683fc8dce04ddce104',
+    ),
+    'guzzlehttp/promises' =>
+    array (
+      'pretty_version' => '2.0.2',
+      'version' => '2.0.2.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'bbff78d96034045e58e13dedd6ad91b5d1253223',
+    ),
+    'guzzlehttp/psr7' =>
+    array (
+      'pretty_version' => '2.6.2',
+      'version' => '2.6.2.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '45b30f99ac27b5ca93cb4831afe16285f57b8221',
+    ),
+    'lcobucci/clock' =>
+    array (
+      'pretty_version' => '3.2.0',
+      'version' => '3.2.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '6f28b826ea01306b07980cb8320ab30b966cd715',
+    ),
+    'lcobucci/jwt' =>
+    array (
+      'pretty_version' => '4.3.0',
+      'version' => '4.3.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '4d7de2fe0d51a96418c0d04004986e410e87f6b4',
+    ),
+    'paragonie/constant_time_encoding' =>
+    array (
+      'pretty_version' => 'v3.0.0',
+      'version' => '3.0.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'df1e7fde177501eee2037dd159cf04f5f301a512',
+    ),
+    'paragonie/random_compat' =>
+    array (
+      'pretty_version' => 'v9.99.100',
+      'version' => '9.99.100.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a',
+    ),
+    'phpseclib/phpseclib' =>
+    array (
+      'pretty_version' => '3.0.38',
+      'version' => '3.0.38.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'b18b8788e51156c4dd97b7f220a31149a0052067',
+    ),
+    'psr/clock' =>
+    array (
+      'pretty_version' => '1.0.0',
+      'version' => '1.0.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'e41a24703d4560fd0acb709162f73b8adfc3aa0d',
+    ),
+    'psr/clock-implementation' =>
+    array (
+      'provided' =>
+      array (
+=> '1.0',
+      ),
+    ),
+    'psr/http-client' =>
+    array (
+      'pretty_version' => '1.0.3',
+      'version' => '1.0.3.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'bb5906edc1c324c9a05aa0873d40117941e5fa90',
+    ),
+    'psr/http-client-implementation' =>
+    array (
+      'provided' =>
+      array (
+=> '1.0',
+      ),
+    ),
+    'psr/http-factory' =>
+    array (
+      'pretty_version' => '1.1.0',
+      'version' => '1.1.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '2b4765fddfe3b508ac62f829e852b1501d3f6e8a',
+    ),
+    'psr/http-factory-implementation' =>
+    array (
+      'provided' =>
+      array (
+=> '1.0',
+      ),
+    ),
+    'psr/http-message' =>
+    array (
+      'pretty_version' => '2.0',
+      'version' => '2.0.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '402d35bcb92c70c026d1a6a9883f06b2ead23d71',
+    ),
+    'psr/http-message-implementation' =>
+    array (
+      'provided' =>
+      array (
+=> '1.0',
+      ),
+    ),
+    'ralouphie/getallheaders' =>
+    array (
+      'pretty_version' => '3.0.3',
+      'version' => '3.0.3.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '120b605dfeb996808c31b6477290a714d356e822',
+    ),
+    'symfony/deprecation-contracts' =>
+    array (
+      'pretty_version' => 'v3.5.0',
+      'version' => '3.5.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1',
+    ),
+  ),
+);
+private static $canGetVendors;
+private static $installedByVendor = array();
+public static function getInstalledPackages()
+{
+$packages = array();
+foreach (self::getInstalled() as $installed) {
+$packages[] = array_keys($installed['versions']);
+    /**
+     * @var string|null if set (by reflection by Composer), this should be set to the path where this class is being copied to
+     * @internal
+     */
+    private static $selfDir = null;
+    /**
+     * @var mixed[]|null
+     * @psalm-var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}|array{}|null
+     */
+    private static $installed;
+    /**
+     * @var bool
+     */
+    private static $installedIsLocalDir;
+    /**
+     * @var bool|null
+     */
+    private static $canGetVendors;
+    /**
+     * @var array[]
+     * @psalm-var array<string, array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}>
+     */
+    private static $installedByVendor = array();
+    /**
+     * Returns a list of all package names which are present, either by being installed, replaced or provided
+     *
+     * @return string[]
+     * @psalm-return list<string>
+     */
+    public static function getInstalledPackages()
+    {
+        $packages = array();
+        foreach (self::getInstalled() as $installed) {
+            $packages[] = array_keys($installed['versions']);
+        }
+        if (1 === \count($packages)) {
+            return $packages[0];
+        }
+        return array_keys(array_flip(\call_user_func_array('array_merge', $packages)));
+    }
+    /**
+     * Returns a list of all package names with a specific type e.g. 'library'
+     *
+     * @param  string   $type
+     * @return string[]
+     * @psalm-return list<string>
+     */
+    public static function getInstalledPackagesByType($type)
+    {
+        $packagesByType = array();
+        foreach (self::getInstalled() as $installed) {
+            foreach ($installed['versions'] as $name => $package) {
+                if (isset($package['type']) && $package['type'] === $type) {
+                    $packagesByType[] = $name;
+                }
+            }
+        }
+        return $packagesByType;
+    }
+    /**
+     * Checks whether the given package is installed
+     *
+     * This also returns true if the package name is provided or replaced by another package
+     *
+     * @param  string $packageName
+     * @param  bool   $includeDevRequirements
+     * @return bool
+     */
+    public static function isInstalled($packageName, $includeDevRequirements = true)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (isset($installed['versions'][$packageName])) {
+                return $includeDevRequirements || !isset($installed['versions'][$packageName]['dev_requirement']) || $installed['versions'][$packageName]['dev_requirement'] === false;
+            }
+        }
+        return false;
+    }
+    /**
+     * Checks whether the given package satisfies a version constraint
+     *
+     * e.g. If you want to know whether version 2.3+ of package foo/bar is installed, you would call:
+     *
+     *   Composer\InstalledVersions::satisfies(new VersionParser, 'foo/bar', '^2.3')
+     *
+     * @param  VersionParser $parser      Install composer/semver to have access to this class and functionality
+     * @param  string        $packageName
+     * @param  string|null   $constraint  A version constraint to check for, if you pass one you have to make sure composer/semver is required by your package
+     * @return bool
+     */
+    public static function satisfies(VersionParser $parser, $packageName, $constraint)
+    {
+        $constraint = $parser->parseConstraints((string) $constraint);
+        $provided = $parser->parseConstraints(self::getVersionRanges($packageName));
+        return $provided->matches($constraint);
+    }
+    /**
+     * Returns a version constraint representing all the range(s) which are installed for a given package
+     *
+     * It is easier to use this via isInstalled() with the $constraint argument if you need to check
+     * whether a given version of a package is installed, and not just whether it exists
+     *
+     * @param  string $packageName
+     * @return string Version constraint usable with composer/semver
+     */
+    public static function getVersionRanges($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            $ranges = array();
+            if (isset($installed['versions'][$packageName]['pretty_version'])) {
+                $ranges[] = $installed['versions'][$packageName]['pretty_version'];
+            }
+            if (array_key_exists('aliases', $installed['versions'][$packageName])) {
+                $ranges = array_merge($ranges, $installed['versions'][$packageName]['aliases']);
+            }
+            if (array_key_exists('replaced', $installed['versions'][$packageName])) {
+                $ranges = array_merge($ranges, $installed['versions'][$packageName]['replaced']);
+            }
+            if (array_key_exists('provided', $installed['versions'][$packageName])) {
+                $ranges = array_merge($ranges, $installed['versions'][$packageName]['provided']);
+            }
+            return implode(' || ', $ranges);
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @param  string      $packageName
+     * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as version, use satisfies or getVersionRanges if you need to know if a given version is present
+     */
+    public static function getVersion($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            if (!isset($installed['versions'][$packageName]['version'])) {
+                return null;
+            }
+            return $installed['versions'][$packageName]['version'];
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @param  string      $packageName
+     * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as version, use satisfies or getVersionRanges if you need to know if a given version is present
+     */
+    public static function getPrettyVersion($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            if (!isset($installed['versions'][$packageName]['pretty_version'])) {
+                return null;
+            }
+            return $installed['versions'][$packageName]['pretty_version'];
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @param  string      $packageName
+     * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as reference
+     */
+    public static function getReference($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            if (!isset($installed['versions'][$packageName]['reference'])) {
+                return null;
+            }
+            return $installed['versions'][$packageName]['reference'];
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @param  string      $packageName
+     * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as install path. Packages of type metapackages also have a null install path.
+     */
+    public static function getInstallPath($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            return isset($installed['versions'][$packageName]['install_path']) ? $installed['versions'][$packageName]['install_path'] : null;
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @return array
+     * @psalm-return array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}
+     */
+    public static function getRootPackage()
+    {
+        $installed = self::getInstalled();
+        return $installed[0]['root'];
+    }
+    /**
+     * Returns the raw installed.php data for custom implementations
+     *
+     * @deprecated Use getAllRawData() instead which returns all datasets for all autoloaders present in the process. getRawData only returns the first dataset loaded, which may not be what you expect.
+     * @return array[]
+     * @psalm-return array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}
+     */
+    public static function getRawData()
+    {
+        @trigger_error('getRawData only returns the first dataset loaded, which may not be what you expect. Use getAllRawData() instead which returns all datasets for all autoloaders present in the process.', E_USER_DEPRECATED);
+        if (null === self::$installed) {
+            // only require the installed.php file if this file is loaded from its dumped location,
+            // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937
+            if (substr(__DIR__, -8, 1) !== 'C') {
+                self::$installed = include __DIR__ . '/installed.php';
+            } else {
+                self::$installed = array();
+            }
+        }
+        return self::$installed;
+    }
+    /**
+     * Returns the raw data of all installed.php which are currently loaded for custom implementations
+     *
+     * @return array[]
+     * @psalm-return list<array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}>
+     */
+    public static function getAllRawData()
+    {
+        return self::getInstalled();
+    }
+    /**
+     * Lets you reload the static array from another file
+     *
+     * This is only useful for complex integrations in which a project needs to use
+     * this class but then also needs to execute another project's autoloader in process,
+     * and wants to ensure both projects have access to their version of installed.php.
+     *
+     * A typical case would be PHPUnit, where it would need to make sure it reads all
+     * the data it needs from this class, then call reload() with
+     * `require $CWD/vendor/composer/installed.php` (or similar) as input to make sure
+     * the project in which it runs can then also use this class safely, without
+     * interference between PHPUnit's dependencies and the project's dependencies.
+     *
+     * @param  array[] $data A vendor/composer/installed.php data set
+     * @return void
+     *
+     * @psalm-param array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>} $data
+     */
+    public static function reload($data)
+    {
+        self::$installed = $data;
+        self::$installedByVendor = array();
+        // when using reload, we disable the duplicate protection to ensure that self::$installed data is
+        // always returned, but we cannot know whether it comes from the installed.php in __DIR__ or not,
+        // so we have to assume it does not, and that may result in duplicate data being returned when listing
+        // all installed packages for example
+        self::$installedIsLocalDir = false;
+    }
+    /**
+     * @return string
+     */
+    private static function getSelfDir()
+    {
+        if (self::$selfDir === null) {
+            self::$selfDir = strtr(__DIR__, '\\', '/');
+        }
+        return self::$selfDir;
+    }
+    /**
+     * @return array[]
+     * @psalm-return list<array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}>
+     */
+    private static function getInstalled()
+    {
+        if (null === self::$canGetVendors) {
+            self::$canGetVendors = method_exists('Composer\Autoload\ClassLoader', 'getRegisteredLoaders');
+        }
+        $installed = array();
+        $copiedLocalDir = false;
+        if (self::$canGetVendors) {
+            $selfDir = self::getSelfDir();
+            foreach (ClassLoader::getRegisteredLoaders() as $vendorDir => $loader) {
+                $vendorDir = strtr($vendorDir, '\\', '/');
+                if (isset(self::$installedByVendor[$vendorDir])) {
+                    $installed[] = self::$installedByVendor[$vendorDir];
+                } elseif (is_file($vendorDir.'/composer/installed.php')) {
+                    /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>} $required */
+                    $required = require $vendorDir.'/composer/installed.php';
+                    self::$installedByVendor[$vendorDir] = $required;
+                    $installed[] = $required;
+                    if (self::$installed === null && $vendorDir.'/composer' === $selfDir) {
+                        self::$installed = $required;
+                        self::$installedIsLocalDir = true;
+                    }
+                }
+                if (self::$installedIsLocalDir && $vendorDir.'/composer' === $selfDir) {
+                    $copiedLocalDir = true;
+                }
+            }
+        }
+        if (null === self::$installed) {
+            // only require the installed.php file if this file is loaded from its dumped location,
+            // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937
+            if (substr(__DIR__, -8, 1) !== 'C') {
+                /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>} $required */
+                $required = require __DIR__ . '/installed.php';
+                self::$installed = $required;
+            } else {
+                self::$installed = array();
+            }
+        }
+        if (self::$installed !== array() && !$copiedLocalDir) {
+            $installed[] = self::$installed;
+        }
+        return $installed;
+    }
+}
-if (1 === \count($packages)) {
-return $packages[0];
+}
-return array_keys(array_flip(\call_user_func_array('array_merge', $packages)));
+}
-public static function isInstalled($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (isset($installed['versions'][$packageName])) {
-return true;
+}
+}
-return false;
+}
-public static function satisfies(VersionParser $parser, $packageName, $constraint)
+{
-$constraint = $parser->parseConstraints($constraint);
-$provided = $parser->parseConstraints(self::getVersionRanges($packageName));
-return $provided->matches($constraint);
+}
-public static function getVersionRanges($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (!isset($installed['versions'][$packageName])) {
-continue;
+}
-$ranges = array();
-if (isset($installed['versions'][$packageName]['pretty_version'])) {
-$ranges[] = $installed['versions'][$packageName]['pretty_version'];
+}
-if (array_key_exists('aliases', $installed['versions'][$packageName])) {
-$ranges = array_merge($ranges, $installed['versions'][$packageName]['aliases']);
+}
-if (array_key_exists('replaced', $installed['versions'][$packageName])) {
-$ranges = array_merge($ranges, $installed['versions'][$packageName]['replaced']);
+}
-if (array_key_exists('provided', $installed['versions'][$packageName])) {
-$ranges = array_merge($ranges, $installed['versions'][$packageName]['provided']);
+}
-return implode(' || ', $ranges);
+}
-throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+}
-public static function getVersion($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (!isset($installed['versions'][$packageName])) {
-continue;
+}
-if (!isset($installed['versions'][$packageName]['version'])) {
-return null;
+}
-return $installed['versions'][$packageName]['version'];
+}
-throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+}
-public static function getPrettyVersion($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (!isset($installed['versions'][$packageName])) {
-continue;
+}
-if (!isset($installed['versions'][$packageName]['pretty_version'])) {
-return null;
+}
-return $installed['versions'][$packageName]['pretty_version'];
+}
-throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+}
-public static function getReference($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (!isset($installed['versions'][$packageName])) {
-continue;
+}
-if (!isset($installed['versions'][$packageName]['reference'])) {
-return null;
+}
-return $installed['versions'][$packageName]['reference'];
+}
-throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+}
-public static function getRootPackage()
+{
-$installed = self::getInstalled();
-return $installed[0]['root'];
+}
-public static function getRawData()
+{
-return self::$installed;
+}
-public static function reload($data)
+{
-self::$installed = $data;
-self::$installedByVendor = array();
+}
-private static function getInstalled()
+{
-if (null === self::$canGetVendors) {
-self::$canGetVendors = method_exists('Composer\Autoload\ClassLoader', 'getRegisteredLoaders');
+}
-$installed = array();
-if (self::$canGetVendors) {
-foreach (ClassLoader::getRegisteredLoaders() as $vendorDir => $loader) {
-if (isset(self::$installedByVendor[$vendorDir])) {
-$installed[] = self::$installedByVendor[$vendorDir];
-} elseif (is_file($vendorDir.'/composer/installed.php')) {
-$installed[] = self::$installedByVendor[$vendorDir] = require $vendorDir.'/composer/installed.php';
+}
+}
+}
-$installed[] = self::$installed;
-return $installed;
+}
+}

authress/tags/0.2.107/vendor/composer/autoload_classmap.php

r3103661	r3405904
3	3	// autoload_classmap.php @generated by Composer
4	4
5		$vendorDir = dirname(~~dirname(__FILE__)~~);
	5	$vendorDir = dirname(__DIR__);
6	6	$baseDir = dirname($vendorDir);
7	7

authress/tags/0.2.107/vendor/composer/autoload_files.php

r3103661	r3405904
3	3	// autoload_files.php @generated by Composer
4	4
5		$vendorDir = dirname(~~dirname(__FILE__)~~);
	5	$vendorDir = dirname(__DIR__);
6	6	$baseDir = dirname($vendorDir);
7	7

authress/tags/0.2.107/vendor/composer/autoload_namespaces.php

r2688858	r3405904
3	3	// autoload_namespaces.php @generated by Composer
4	4
5		$vendorDir = dirname(~~dirname(__FILE__)~~);
	5	$vendorDir = dirname(__DIR__);
6	6	$baseDir = dirname($vendorDir);
7	7

authress/tags/0.2.107/vendor/composer/autoload_psr4.php

r3103661	r3405904
3	3	// autoload_psr4.php @generated by Composer
4	4
5		$vendorDir = dirname(~~dirname(__FILE__)~~);
	5	$vendorDir = dirname(__DIR__);
6	6	$baseDir = dirname($vendorDir);
7	7

authress/tags/0.2.107/vendor/composer/autoload_real.php

-                      r3264076
+                      r3405904
 // autoload_real.php @generated by Composer
 class ComposerAutoloaderInit0afc4f4830b212e88cd7a189750a61be
+class ComposerAutoloaderInit908d35cafd3f3b46a98d2b262382722b
+{
     private static $loader;
 …
         require __DIR__ . '/platform_check.php';
         spl_autoload_register(array('ComposerAutoloaderInit0afc4f4830b212e88cd7a189750a61be', 'loadClassLoader'), true, true);
         self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__)));
         spl_autoload_unregister(array('ComposerAutoloaderInit0afc4f4830b212e88cd7a189750a61be', 'loadClassLoader'));
+        spl_autoload_register(array('ComposerAutoloaderInit908d35cafd3f3b46a98d2b262382722b', 'loadClassLoader'), true, true);
+        self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__));
+        spl_autoload_unregister(array('ComposerAutoloaderInit908d35cafd3f3b46a98d2b262382722b', 'loadClassLoader'));
+        $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
+        if ($useStaticLoader) {
+            require __DIR__ . '/autoload_static.php';
+            call_user_func(\Composer\Autoload\ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::getInitializer($loader));
+        } else {
+            $map = require __DIR__ . '/autoload_namespaces.php';
+            foreach ($map as $namespace => $path) {
+                $loader->set($namespace, $path);
+            }
+            $map = require __DIR__ . '/autoload_psr4.php';
+            foreach ($map as $namespace => $path) {
+                $loader->setPsr4($namespace, $path);
+            }
+            $classMap = require __DIR__ . '/autoload_classmap.php';
+            if ($classMap) {
+                $loader->addClassMap($classMap);
+            }
+        }
+        require __DIR__ . '/autoload_static.php';
+        call_user_func(\Composer\Autoload\ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::getInitializer($loader));
         $loader->register(true);
+        if ($useStaticLoader) {
+            $includeFiles = Composer\Autoload\ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$files;
+        } else {
+            $includeFiles = require __DIR__ . '/autoload_files.php';
+        }
+        foreach ($includeFiles as $fileIdentifier => $file) {
+            composerRequire0afc4f4830b212e88cd7a189750a61be($fileIdentifier, $file);
+        $filesToLoad = \Composer\Autoload\ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$files;
+        $requireFile = \Closure::bind(static function ($fileIdentifier, $file) {
+            if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
+                $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
+                require $file;
+            }
+        }, null, null);
+        foreach ($filesToLoad as $fileIdentifier => $file) {
+            $requireFile($fileIdentifier, $file);
+        }
 …
+    }
+}
-function composerRequire0afc4f4830b212e88cd7a189750a61be($fileIdentifier, $file)
+{
-    if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
-        require $file;
-        $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
+    }
+}

authress/tags/0.2.107/vendor/composer/autoload_static.php

-                      r3264076
+                      r3405904
 namespace Composer\Autoload;
 class ComposerStaticInit0afc4f4830b212e88cd7a189750a61be
+class ComposerStaticInit908d35cafd3f3b46a98d2b262382722b
+{
     public static $files = array (
 …
     public static $prefixLengthsPsr4 = array (
         'p' =>
+        'p' =>
         array (
             'phpseclib3\\' => 11,
         ),
         'P' =>
+        'P' =>
         array (
             'Psr\\Http\\Message\\' => 17,
 …
             'ParagonIE\\ConstantTime\\' => 23,
         ),
         'L' =>
+        'L' =>
         array (
             'Lcobucci\\JWT\\' => 13,
             'Lcobucci\\Clock\\' => 15,
         ),
         'G' =>
+        'G' =>
         array (
             'GuzzleHttp\\Psr7\\' => 16,
 …
             'GuzzleHttp\\' => 11,
         ),
         'C' =>
+        'C' =>
         array (
             'CoderCat\\JWKToPEM\\' => 18,
 …
     public static $prefixDirsPsr4 = array (
         'phpseclib3\\' =>
+        'phpseclib3\\' =>
         array (
 => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib',
         ),
         'Psr\\Http\\Message\\' =>
+        'Psr\\Http\\Message\\' =>
         array (
 => __DIR__ . '/..' . '/psr/http-factory/src',
 => __DIR__ . '/..' . '/psr/http-message/src',
         ),
         'Psr\\Http\\Client\\' =>
+        'Psr\\Http\\Client\\' =>
         array (
 => __DIR__ . '/..' . '/psr/http-client/src',
         ),
         'Psr\\Clock\\' =>
+        'Psr\\Clock\\' =>
         array (
 => __DIR__ . '/..' . '/psr/clock/src',
         ),
         'ParagonIE\\ConstantTime\\' =>
+        'ParagonIE\\ConstantTime\\' =>
         array (
 => __DIR__ . '/..' . '/paragonie/constant_time_encoding/src',
         ),
         'Lcobucci\\JWT\\' =>
+        'Lcobucci\\JWT\\' =>
         array (
 => __DIR__ . '/..' . '/lcobucci/jwt/src',
         ),
         'Lcobucci\\Clock\\' =>
+        'Lcobucci\\Clock\\' =>
         array (
 => __DIR__ . '/..' . '/lcobucci/clock/src',
         ),
         'GuzzleHttp\\Psr7\\' =>
+        'GuzzleHttp\\Psr7\\' =>
         array (
 => __DIR__ . '/..' . '/guzzlehttp/psr7/src',
         ),
         'GuzzleHttp\\Promise\\' =>
+        'GuzzleHttp\\Promise\\' =>
         array (
 => __DIR__ . '/..' . '/guzzlehttp/promises/src',
         ),
         'GuzzleHttp\\' =>
+        'GuzzleHttp\\' =>
         array (
 => __DIR__ . '/..' . '/guzzlehttp/guzzle/src',
         ),
         'CoderCat\\JWKToPEM\\' =>
+        'CoderCat\\JWKToPEM\\' =>
         array (
 => __DIR__ . '/..' . '/codercat/jwk-to-pem/src',
 …
+    {
         return \Closure::bind(function () use ($loader) {
             $loader->prefixLengthsPsr4 = ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$prefixLengthsPsr4;
             $loader->prefixDirsPsr4 = ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$prefixDirsPsr4;
             $loader->fallbackDirsPsr4 = ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$fallbackDirsPsr4;
             $loader->classMap = ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$classMap;
+            $loader->prefixLengthsPsr4 = ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$prefixLengthsPsr4;
+            $loader->prefixDirsPsr4 = ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$prefixDirsPsr4;
+            $loader->fallbackDirsPsr4 = ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$fallbackDirsPsr4;
+            $loader->classMap = ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$classMap;
         }, null, ClassLoader::class);

authress/tags/0.2.107/vendor/composer/installed.php

-                      r3264076
+                      r3405904
+<?php return array (
+  'root' =>
+  array (
+    'pretty_version' => 'dev-release/0.2',
+    'version' => 'dev-release/0.2',
+    'aliases' =>
+    array (
+<?php return array(
+    'root' => array(
+        'name' => 'authress/wordpress-plugin.php',
+        'pretty_version' => 'dev-release/0.2',
+        'version' => 'dev-release/0.2',
+        'reference' => '3442604cc0624068e0cb453813a53653f881f1f8',
+        'type' => 'library',
+        'install_path' => __DIR__ . '/../../',
+        'aliases' => array(),
+        'dev' => false,
     ),
+    'reference' => '96e0eab8ebba749fdfc6becf25a6501b8eaa1b43',
+    'name' => 'authress/wordpress-plugin.php',
+  ),
+  'versions' =>
+  array (
+    'authress/wordpress-plugin.php' =>
+    array (
+      'pretty_version' => 'dev-release/0.2',
+      'version' => 'dev-release/0.2',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '96e0eab8ebba749fdfc6becf25a6501b8eaa1b43',
+    'versions' => array(
+        'authress/wordpress-plugin.php' => array(
+            'pretty_version' => 'dev-release/0.2',
+            'version' => 'dev-release/0.2',
+            'reference' => '3442604cc0624068e0cb453813a53653f881f1f8',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../../',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'codercat/jwk-to-pem' => array(
+            'pretty_version' => '1.1',
+            'version' => '1.1.0.0',
+            'reference' => '4b3cdcf5f87b9b074f132f763a6b7b82c7d3ff1d',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../codercat/jwk-to-pem',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'guzzlehttp/guzzle' => array(
+            'pretty_version' => '7.8.1',
+            'version' => '7.8.1.0',
+            'reference' => '41042bc7ab002487b876a0683fc8dce04ddce104',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../guzzlehttp/guzzle',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'guzzlehttp/promises' => array(
+            'pretty_version' => '2.0.2',
+            'version' => '2.0.2.0',
+            'reference' => 'bbff78d96034045e58e13dedd6ad91b5d1253223',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../guzzlehttp/promises',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'guzzlehttp/psr7' => array(
+            'pretty_version' => '2.6.2',
+            'version' => '2.6.2.0',
+            'reference' => '45b30f99ac27b5ca93cb4831afe16285f57b8221',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../guzzlehttp/psr7',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'lcobucci/clock' => array(
+            'pretty_version' => '3.2.0',
+            'version' => '3.2.0.0',
+            'reference' => '6f28b826ea01306b07980cb8320ab30b966cd715',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../lcobucci/clock',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'lcobucci/jwt' => array(
+            'pretty_version' => '4.3.0',
+            'version' => '4.3.0.0',
+            'reference' => '4d7de2fe0d51a96418c0d04004986e410e87f6b4',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../lcobucci/jwt',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'paragonie/constant_time_encoding' => array(
+            'pretty_version' => 'v3.0.0',
+            'version' => '3.0.0.0',
+            'reference' => 'df1e7fde177501eee2037dd159cf04f5f301a512',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../paragonie/constant_time_encoding',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'paragonie/random_compat' => array(
+            'pretty_version' => 'v9.99.100',
+            'version' => '9.99.100.0',
+            'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../paragonie/random_compat',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'phpseclib/phpseclib' => array(
+            'pretty_version' => '3.0.38',
+            'version' => '3.0.38.0',
+            'reference' => 'b18b8788e51156c4dd97b7f220a31149a0052067',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../phpseclib/phpseclib',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/clock' => array(
+            'pretty_version' => '1.0.0',
+            'version' => '1.0.0.0',
+            'reference' => 'e41a24703d4560fd0acb709162f73b8adfc3aa0d',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../psr/clock',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/clock-implementation' => array(
+            'dev_requirement' => false,
+            'provided' => array(
+=> '1.0',
+            ),
+        ),
+        'psr/http-client' => array(
+            'pretty_version' => '1.0.3',
+            'version' => '1.0.3.0',
+            'reference' => 'bb5906edc1c324c9a05aa0873d40117941e5fa90',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../psr/http-client',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/http-client-implementation' => array(
+            'dev_requirement' => false,
+            'provided' => array(
+=> '1.0',
+            ),
+        ),
+        'psr/http-factory' => array(
+            'pretty_version' => '1.1.0',
+            'version' => '1.1.0.0',
+            'reference' => '2b4765fddfe3b508ac62f829e852b1501d3f6e8a',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../psr/http-factory',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/http-factory-implementation' => array(
+            'dev_requirement' => false,
+            'provided' => array(
+=> '1.0',
+            ),
+        ),
+        'psr/http-message' => array(
+            'pretty_version' => '2.0',
+            'version' => '2.0.0.0',
+            'reference' => '402d35bcb92c70c026d1a6a9883f06b2ead23d71',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../psr/http-message',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/http-message-implementation' => array(
+            'dev_requirement' => false,
+            'provided' => array(
+=> '1.0',
+            ),
+        ),
+        'ralouphie/getallheaders' => array(
+            'pretty_version' => '3.0.3',
+            'version' => '3.0.3.0',
+            'reference' => '120b605dfeb996808c31b6477290a714d356e822',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../ralouphie/getallheaders',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'symfony/deprecation-contracts' => array(
+            'pretty_version' => 'v3.5.0',
+            'version' => '3.5.0.0',
+            'reference' => '0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../symfony/deprecation-contracts',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
     ),
-    'codercat/jwk-to-pem' =>
-    array (
-      'pretty_version' => '1.1',
-      'version' => '1.1.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '4b3cdcf5f87b9b074f132f763a6b7b82c7d3ff1d',
-    ),
-    'guzzlehttp/guzzle' =>
-    array (
-      'pretty_version' => '7.8.1',
-      'version' => '7.8.1.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '41042bc7ab002487b876a0683fc8dce04ddce104',
-    ),
-    'guzzlehttp/promises' =>
-    array (
-      'pretty_version' => '2.0.2',
-      'version' => '2.0.2.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'bbff78d96034045e58e13dedd6ad91b5d1253223',
-    ),
-    'guzzlehttp/psr7' =>
-    array (
-      'pretty_version' => '2.6.2',
-      'version' => '2.6.2.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '45b30f99ac27b5ca93cb4831afe16285f57b8221',
-    ),
-    'lcobucci/clock' =>
-    array (
-      'pretty_version' => '3.2.0',
-      'version' => '3.2.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '6f28b826ea01306b07980cb8320ab30b966cd715',
-    ),
-    'lcobucci/jwt' =>
-    array (
-      'pretty_version' => '4.3.0',
-      'version' => '4.3.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '4d7de2fe0d51a96418c0d04004986e410e87f6b4',
-    ),
-    'paragonie/constant_time_encoding' =>
-    array (
-      'pretty_version' => 'v3.0.0',
-      'version' => '3.0.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'df1e7fde177501eee2037dd159cf04f5f301a512',
-    ),
-    'paragonie/random_compat' =>
-    array (
-      'pretty_version' => 'v9.99.100',
-      'version' => '9.99.100.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a',
-    ),
-    'phpseclib/phpseclib' =>
-    array (
-      'pretty_version' => '3.0.38',
-      'version' => '3.0.38.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'b18b8788e51156c4dd97b7f220a31149a0052067',
-    ),
-    'psr/clock' =>
-    array (
-      'pretty_version' => '1.0.0',
-      'version' => '1.0.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'e41a24703d4560fd0acb709162f73b8adfc3aa0d',
-    ),
-    'psr/clock-implementation' =>
-    array (
-      'provided' =>
-      array (
-=> '1.0',
-      ),
-    ),
-    'psr/http-client' =>
-    array (
-      'pretty_version' => '1.0.3',
-      'version' => '1.0.3.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'bb5906edc1c324c9a05aa0873d40117941e5fa90',
-    ),
-    'psr/http-client-implementation' =>
-    array (
-      'provided' =>
-      array (
-=> '1.0',
-      ),
-    ),
-    'psr/http-factory' =>
-    array (
-      'pretty_version' => '1.1.0',
-      'version' => '1.1.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '2b4765fddfe3b508ac62f829e852b1501d3f6e8a',
-    ),
-    'psr/http-factory-implementation' =>
-    array (
-      'provided' =>
-      array (
-=> '1.0',
-      ),
-    ),
-    'psr/http-message' =>
-    array (
-      'pretty_version' => '2.0',
-      'version' => '2.0.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '402d35bcb92c70c026d1a6a9883f06b2ead23d71',
-    ),
-    'psr/http-message-implementation' =>
-    array (
-      'provided' =>
-      array (
-=> '1.0',
-      ),
-    ),
-    'ralouphie/getallheaders' =>
-    array (
-      'pretty_version' => '3.0.3',
-      'version' => '3.0.3.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '120b605dfeb996808c31b6477290a714d356e822',
-    ),
-    'symfony/deprecation-contracts' =>
-    array (
-      'pretty_version' => 'v3.5.0',
-      'version' => '3.5.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1',
-    ),
-  ),
 );

authress/tags/0.2.107/vendor/composer/platform_check.php

r3103661	r3405904
20	20	}
21	21	}
22		trigger_error(
23		'Composer detected issues in your platform: ' . implode(' ', $issues),
24		E_USER_ERROR
	22	throw new \RuntimeException(
	23	'Composer detected issues in your platform: ' . implode(' ', $issues)
25	24	);
26	25	}

authress/tags/0.2.107/wordpress/readme.txt

-                      r3264076
+                      r3405904
 Requires at least: 5.5
 Requires PHP: 8.2
 Tested up to: 6.6
 Stable tag: 0.2.100
+Tested up to: 6.9
+Stable tag: 0.2.107
 License: Apache-2.0
 License URI: https://github.com/Authress/wordpress-sso-login/blob/main/LICENSE

authress/trunk/Authress_Sso_Login.php

-                      r3264076
+                      r3405904
     Plugin URI:   https://wordpress.org/plugins/authress
     Description:  Upgrades the WordPress login to support SSO Login.
     Version:      0.2.100
+    Version:      0.2.107
     Author:       Authress
     Author URI:   https://authress.io
 …
 */
 define( 'AUTHRESS_SSO_LOGIN_VERSION', '0.2.100' );
+define( 'AUTHRESS_SSO_LOGIN_VERSION', '0.2.107' );
 define( 'AUTHRESS_SSO_LOGIN_PLUGIN_FILE', __FILE__ );

authress/trunk/package-lock.json

-                      r3264076
+                      r3405904
     },
     "node_modules/@authress/login": {
       "version": "2.5.362",
       "resolved": "https://registry.npmjs.org/@authress/login/-/login-2.5.362.tgz",
       "integrity": "sha512-EzHTbZ46xAekxUMKhmUBsXiS/slJ7BrdazPqHkmMvqiTeUv6/LjZqx8VA+Ae3cAWoIS7kSKG6hmgCaNs4PjCJQ==",
+      "version": "2.5.394",
+      "resolved": "https://registry.npmjs.org/@authress/login/-/login-2.5.394.tgz",
+      "integrity": "sha512-wkpLBBw/8d/Fn6lOKvbqkxIpJ/j50onCCDc5RZZxNZlvL8ui9xuA6rDft+uHWEQTlsc+uAuwcCzBRRPI4d+Wwg==",
       "license": "Apache-2.0",
       "dependencies": {
 …
     },
     "node_modules/@authress/sdk": {
       "version": "3.0.172",
       "resolved": "https://registry.npmjs.org/@authress/sdk/-/sdk-3.0.172.tgz",
       "integrity": "sha512-GHE5SI8ANs5ZDytIIYkalX/AVaKsDoyFiHX1jN3YSdkOAxfRBixDYAbr1oG/1gXyyqwxvY6PszyrSI+Z7MJC9A==",
+      "version": "3.0.196",
+      "resolved": "https://registry.npmjs.org/@authress/sdk/-/sdk-3.0.196.tgz",
+      "integrity": "sha512-cq/U3NfN+VRE1sjwnNL9jEdh+uHYiANRPPmemtv05+88kLV/ur0OYDBymul/OadWs/axX4vaFd/nyB/jR61kfw==",
       "dev": true,
       "license": "Apache-2.0",
 …
     },
     "node_modules/axios": {
       "version": "1.8.4",
       "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.4.tgz",
       "integrity": "sha512-eBSYY4Y68NNlHbHBMdeDmKNtDgXWhQsJcGqzO3iLUM0GraQFSS9cVgPX5I9b3lbdFKyYoAEGAZF1DwhTaljNAw==",
+      "version": "1.13.2",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.2.tgz",
+      "integrity": "sha512-VPk9ebNqPcy5lRGuSlKx752IlDatOjT9paPlm8A7yOuW2Fbvp4X3JznJtT4f0GzGLLiWE9W8onz51SqLYwzGaA==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "follow-redirects": "^1.15.6",
         "form-data": "^4.0.0",
+        "form-data": "^4.0.4",
         "proxy-from-env": "^1.1.0"
+      }
 …
     },
     "node_modules/brace-expansion": {
       "version": "1.1.11",
       "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
       "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
       "dev": true,
       "license": "MIT",
 …
     },
     "node_modules/follow-redirects": {
       "version": "1.15.9",
       "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.9.tgz",
       "integrity": "sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==",
+      "version": "1.15.11",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.11.tgz",
+      "integrity": "sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==",
       "dev": true,
       "funding": [
 …
     },
     "node_modules/form-data": {
       "version": "4.0.2",
       "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.2.tgz",
       "integrity": "sha512-hGfm/slu0ZabnNt4oaRZ6uREyfCj6P4fT/n6A1rGV+Z0VdGXjfOhVUpkn6qVQONHGIFwmveGXyDs75+nr6FM8w==",
+      "version": "4.0.5",
+      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.5.tgz",
+      "integrity": "sha512-8RipRLol37bNs2bhoV67fiTEvdTrbMUYcFTiy3+wuuOnUog2QBHCZWXDRijWQfAkhBj2Uf5UnVaiWwA5vdd82w==",
       "dev": true,
       "license": "MIT",
 …
         "combined-stream": "^1.0.8",
         "es-set-tostringtag": "^2.1.0",
+        "hasown": "^2.0.2",
         "mime-types": "^2.1.12"
       },
 …
     },
     "node_modules/morgan": {
       "version": "1.10.0",
       "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.0.tgz",
       "integrity": "sha512-AbegBVI4sh6El+1gNwvD5YIck7nSA36weD7xvIxG4in80j/UoK8AEGaWnnz8v1GxonMCltmlNs5ZKbGvl9b1XQ==",
+      "version": "1.10.1",
+      "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.1.tgz",
+      "integrity": "sha512-223dMRJtI/l25dJKWpgij2cMtywuG/WiUKXdvwfbhGKBhy1puASqXwFzmWZ7+K73vUPoR7SS2Qz2cI/g9MKw0A==",
       "dev": true,
       "license": "MIT",
 …
         "depd": "~2.0.0",
         "on-finished": "~2.3.0",
         "on-headers": "~1.0.2"
+        "on-headers": "~1.1.0"
       },
       "engines": {
 …
     },
     "node_modules/on-headers": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz",
       "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==",
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.1.0.tgz",
+      "integrity": "sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==",
       "dev": true,
       "license": "MIT",

authress/trunk/readme.txt

-                      r3264076
+                      r3405904
 Requires at least: 5.5
 Requires PHP: 8.2
 Tested up to: 6.6
 Stable tag: 0.2.100
+Tested up to: 6.9
+Stable tag: 0.2.107
 License: Apache-2.0
 License URI: https://github.com/Authress/wordpress-sso-login/blob/main/LICENSE

authress/trunk/templates/assets/js/authress-login-sdk.min.js

r3264076	r3405904
1		/! Authress Login SDK 2.5.362 \| Author - Authress Developers \| License information can be found at https://github.com/Authress/login-sdk.js /
2		!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,n={75:(e,t,n)=>{const{sanitizeUrl:r}=n(332),o=n(629),i={"Content-Type":"application/json","X-Powered-By":`Authress Login SDK; Javascript; ${n(330).version}`},a=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","Load failed","<HTML DOCUMENT></HTML>"]);function s(e){return"Network Error"===e.message\|\|"ERR_NETWORK"===e.code\|\|!e.status\|\|e.status>=500\|\|"string"==typeof e.message&&a.has(e.message)\|\|"string"==typeof e.data&&a.has(e.data)}async function c(e){let t=null;for(let n=0;n<5;n++)try{return await e()}catch(e){if(e.retryCount=n,!s(e))throw e;t=e,t.isNetworkError=!0,await new Promise((e=>setTimeout(e,102n)));continue}const n=new Error("[Authress Login SDK] Http Request failed due to a Network Error even after multiple retries",{cause:t});throw n.code="AuthressSdkNetworkError",n}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const n=t\|\|{debug(){},warn(){},critical(){}};this.logger=n;const o=new URL(r(e));this.loginUrl=`${o.origin}/api`}get(e,t,n,r){return c((()=>this.fetchWrapper("GET",e,null,n,t,r)))}delete(e,t,n,r){return c((()=>this.fetchWrapper("DELETE",e,null,n,t,r)))}post(e,t,n,r,o){return c((()=>this.fetchWrapper("POST",e,n,r,t,o)))}put(e,t,n,r,o){return c((()=>this.fetchWrapper("PUT",e,n,r,t,o)))}patch(e,t,n,r,o){return c((()=>this.fetchWrapper("PATCH",e,n,r,t,o)))}async fetchWrapper(e,t,n,r,a,s){const c=`${this.loginUrl}${t.toString()}`,d=e.toUpperCase(),l=Object.assign({},i,r);try{this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] HttpClient Request",method:d,url:c});const e={method:d,headers:l};n&&(e.body=JSON.stringify(n)),!o.isLocalHost()&&a&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let r={};try{r=await t.text(),r=JSON.parse(r)}catch(e){}return{url:c,method:d,headers:t.headers,status:t.status,data:r}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const r=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(r){this.logger&&this.logger.debug&&this.logger.debug({title:`[Authress Login SDK] Fetch failed due to a browser extension - ${d} - ${c}`,method:d,url:c,data:n,headers:l,error:e,resolvedError:t,extensionErrorId:r});const o=new Error(`Extension Error ID: ${r}`);throw o.code="BROWSER_EXTENSION_ERROR",o}const o=e.status;let i="warn",a="[Authress Login SDK] HttpClient Response Error";e?401===o?(a="[Authress Login SDK] HttpClient Response Error due to invalid token",i="debug"):404===o?(a="[Authress Login SDK] HttpClient Response: Not Found",i="debug"):o<500&&s&&(i="debug"):a="[Authress Login SDK] HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[i]&&this.logger[i]({title:a,online:"undefined"==typeof navigator\|\|navigator.onLine,method:d,url:c,status:o,data:n,headers:l,error:e,resolvedError:t});throw{url:c,method:d,status:o,data:t,headers:e.headers}}}}},160:(e,t,n)=>{const r=n(427),o="AuthenticationCredentialsStorage";e.exports=new class{constructor(){this.retainUserCookie=!1}getUserCookie(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;return document.cookie.split(";").filter((e=>"user"===e.split("=")[0].trim())).map((e=>e.replace(/^user=/,""))).find((e=>e&&e.trim()))\|\|null}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const n=r.parse(document.cookie);localStorage.setItem(o,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!n.authorization})),this.retainUserCookie\|\|this.clearCookies("user")}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;let e={};try{e=r.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:n,jsCookies:r}=JSON.parse(localStorage.getItem(o)\|\|"{}");return t?n<Date.now()\|\|r&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(o)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies("user")}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window\|\|"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const n of t){if(!["user","authorization","auth-code","AuthUserId"].includes(n.split("=")[0])\|\|e&&n.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),r=[...Array(t.length-1)].map(((e,n)=>t.reverse().slice(0,n+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&r.push("localhost");for(const e of r){const t=e?`domain=${e};`:"",r=`${encodeURIComponent(n.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${r}/`;const o=location.pathname.split("/");for(;o.length>0;)document.cookie=r+o.join("/"),o.pop()}}}}},321:e=>{var t=1/0,n=17976931348623157e292,r=NaN,o="[object Symbol]",i=/^\s+\|\s+$/g,a=/^[-+]0x[0-9a-f]+$/i,s=/^0b[01]+$/i,c=/^0o[0-7]+$/i,d=parseInt,l=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t\|\|"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,n){var r=-1,o=e.length;t<0&&(t=-t>o?0:o+t),(n=n>o?o:n)<0&&(n+=o),o=t>n?0:n-t>>>0,t>>>=0;for(var i=Array(o);++r<o;)i[r]=e[r+t];return i}(e,0,(h=p\|\|void 0===h?1:(f=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e\|\|function(e){return!!e&&"object"==typeof e}(e)&&l.call(e)==o}(e))return r;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(i,"");var n=s.test(e);return n\|\|c.test(e)?d(e.slice(2),n?2:8):a.test(e)?r:+e}(e))===t\|\|e===-1/0?(e<0?-1:1)n:e==e?e:0:0===e?e:0}(h),g=f%1,f==f?g?f-g:f:0))<0?0:h):[];var f,g}},330:e=>{"use strict";e.exports=JSON.parse('{"name":"@authress/login","version":"2.5.362","description":"Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.","main":"./src/index.js","types":"./index.d.ts","files":["index.d.ts","src","dist"],"scripts":{"build":"node make.js build && NODE_ENV=production webpack --mode=production","lint":"eslint --ext .js,.ts src tests make.js index.d.ts","test":"check-dts index.d.ts && mocha tests/.test.js tests//.test.js -R spec"},"dependencies":{"cookie":"<1","lodash.take":"^4.1.1"},"devDependencies":{"@babel/core":"^7.17.5","@babel/preset-env":"^7.16.11","@types/node":"^14.14.35","@typescript-eslint/eslint-plugin":"^3.1.0","@typescript-eslint/parser":"^3.1.0","babel-loader":"^8.2.3","chai":"^4.2.0","check-dts":"^0.4.4","ci-build-tools":"^1.0.13","commander":"^4.0.1","compression-webpack-plugin":"^9.2.0","eslint":"^7.12.1","eslint-config-cimpress-atsquad":"^1.0.67","eslint-loader":"^4.0.2","eslint-plugin-mocha":"^7.0.1","eslint-plugin-node":"^11.1.0","eslint-plugin-promise":"^6.1.1","fs-extra":"^8.1.0","glob":"^7.1.6","mocha":"^11.1.0","path-browserify":"^1.0.1","sinon":"^7.5.0","sinon-chai":"^3.3.0","terser-webpack-plugin":"^5.3.1","typescript":"^3.9.5","webpack":"^5.69.1","webpack-cli":"^4.9.2"},"repository":{"type":"git","url":"git+https://github.com/Authress/authress-login.js"},"keywords":["authentication","authentication as a service","Login","Login Client","universal login","auth","federated login","secure login","application security","IDaaS","authentication","user authentication","user identity","Oauth2","Oauth2.1","Oauth3","platform","platform login","extension","Authress","Authress client","user security","DBSC","Device Bound Session Credentials"],"author":"Authress Developers <developers@authress.io> (https://authress.io)","license":"Apache-2.0","bugs":{"url":"https://github.com/Authress/authress-login.js/issues"},"homepage":"https://authress.io","engines":{"node":">=18"}}')},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")\|\|(t=`https://${t}`);const n=new URL(t),r=n.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return r&&(n.host=`${r[1]}.login.authress.io`,t=n.toString()),t.replace(/[/]+$/,"")}},354:(e,t,n)=>{const r=n(427),o=n(321),i=n(629),a=n(75),s=n(836),{sanitizeUrl:c}=n(332),d=n(160);let l,u=new Promise((e=>l=e)),h=null;const p="AuthenticationRequestNonce";const f=n(568);e.exports={LoginClient:class{constructor(e,t){const n=Object.assign({applicationId:"app_default"},e);this.logger=t\|\|console;const r=n.authressApiUrl\|\|n.authressLoginHostUrl\|\|n.authenticationServiceUrl\|\|"";if(!r)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');if(this.applicationId=n.applicationId,!this.applicationId\|\|this.applicationId.match(/^(sc_\|ext_)/)){const e=Error("You have incorrectly specified an Authress Service Client or Extension as the applicationId instead of a valid application. The applicationId is your application that your users will log into, usually hosted on your domain https://example.yourdomain.com. Users cannot log into a Service Client, but they can log in with one. Users can use a Service Client to log in, by setting the connection ID in the authenticate({ connectionId }) method to be the Authress Service Client.\n(1) If you are building an Custom Login Portal, then the application ID should correspond to this login portal.\n(2) If you are replacing or extending an Authress connection, then specify the Service Client as the connectionId and the end user application as the applicationId.\n(3) If you are building a platform or plugin marketplace, where users will log into third party extensions or apps, then distribute in your SDK a wrapper for the Authress Extension Client using: import { extensionClient } from '@authress/login' found within this SDK.\n(4) If you aren't sure what to do here to fix the problem, the fastest and usually correct solution is go to https://authress.io/app/#/settings?focus=applications create a new application, specify your site in the application url property and then update the value here.");throw e.code="InvalidApplication",e}this.hostUrl=c(r),this.httpClient=new a(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),d.retainUserCookie=e.retainUserCookie,n.skipBackgroundCredentialsCheck\|\|i.onLoad((async()=>{await this.userSessionExists(!0)}))}getMatchingDomainInfo(e){const t=new URL(e);if(i.isLocalHost())return!1;const n=i.getCurrentLocation();if("https:"!==n.protocol)return!1;const r=t.host.toLowerCase().split(".").reverse(),a=n.host.toLowerCase().split(".").reverse();let s=[];for(let e of r){const t=o(a,s.length+1).join(".");if(s.concat(e).join(".")!==t)break;s.push(e)}return s.length===r.length&&s.length===a.length\|\|s.length>1}getUserIdentity(){const e=d.getUserCookie(),t=s.decodeOrParse(e);if(t){const n=t.exp?new Date(1e3t.exp):new Date(Date.now()+864e5);return d.set(e,n),t.userId=t.sub,t}const n=d.get(),r=s.decodeOrParse(n);if(!r)return null;const o=new URL(r.iss).hostname,i=new URL(this.hostUrl).hostname;return o.endsWith(i)\|\|i.endsWith(o)?(r.userId=r.sub,r):(d.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage\|\|"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl\|\|i.getCurrentLocation().href),i.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:"",type:"",totp:{}}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}if(!e){const e=Error("Register Device missing required parameter: 'Options'");throw e.code="InvalidInput",e}let n;if(e.type&&"WebAuthN"!==e.type)"TOTP"===e.type&&(n={name:e.name,code:e.totp.verificationCode,totpData:e.totp,type:"TOTP"});else{const r=t.sub,o={challenge:Uint8Array.from(r,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(r,(e=>e.charCodeAt(0))),name:r,displayName:`Generated User ID: ${r}`},pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},i=await navigator.credentials.create({publicKey:o}),a={authenticatorAttachment:i.authenticatorAttachment,credentialId:i.id,type:i.type,userId:r,attestation:btoa(String.fromCharCode(...new Uint8Array(i.response.attestationObject))),client:btoa(String.fromCharCode(...new Uint8Array(i.response.clientDataJSON)))};n={name:e&&e.name,code:a,type:"WebAuthN"}}try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,n,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to register new device",error:e,request:n}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e){return h?Date.now()-this.lastSessionCheck<50?h:(this.lastSessionCheck=Date.now(),h=h.catch((()=>{})).then((()=>this.userSessionContinuation(e)))):(this.lastSessionCheck=Date.now(),h=this.userSessionContinuation(e))}async userSessionContinuation(e){const t=new URLSearchParams(i.getCurrentLocation().search);let n={};if("undefined"!=typeof localStorage)try{n=JSON.parse(localStorage.getItem(p)\|\|"{}"),localStorage.removeItem(p),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if((n.nonce\|\|t.get("iss")&&t.get("iss").includes(this.hostUrl))&&this.sanitizeQueryParameters(),n.nonce&&t.get("code")&&n.nonce===t.get("nonce")){const e="cookie"===t.get("code")?r.parse(document.cookie)["auth-code"]:t.get("code"),o=await s.calculateAntiAbuseHash({client_id:this.applicationId,authenticationRequestId:n.nonce,code:e}),i={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.applicationId,code:e,code_verifier:n.codeVerifier,antiAbuseHash:o};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,i),t=s.decode(e.data.id_token),o=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);return document.cookie=r.serialize("authorization",e.data.access_token\|\|"",{expires:o,path:"/",sameSite:"strict"}),d.set(e.data.id_token,o),l(),!0}catch(e){if(this.logger&&this.logger.log({title:"[Authress Login SDK] Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data\|\|e}}if(i.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(!n.nonce\|\|n.nonce===t.get("nonce"))){const e=s.decode(t.get("id_token")),n=e.exp&&new Date(1e3e.exp)\|\|Number(t.get("expires_in"))&&new Date(Date.now()+1e3Number(t.get("expires_in")));return document.cookie=r.serialize("authorization",t.get("access_token")\|\|"",{expires:n,path:"/",sameSite:"strict"}),d.set(t.get("id_token"),n),l(),!0}if(this.getUserIdentity())return l(),!0;if(!i.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=s.decode(e.data.id_token),n=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);document.cookie=r.serialize("authorization",e.data.access_token\|\|"",{expires:n,path:"/",sameSite:"strict"}),d.set(e.data.id_token,n)}}catch(e){400===e.status\|\|404===e.status\|\|409===e.status?this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return l(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:r}){if(!t&&!n){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const o=new URLSearchParams(i.getCurrentLocation().search),a=e\|\|o.get("state");if(!a){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=await s.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,authenticationRequestId:a}),o=await this.httpClient.patch(`/authentication/${a}`,!0,{antiAbuseHash:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:r});if(new URL(o.data.authenticationUrl).hostname===i.getCurrentLocation().hostname)return{authenticationUrl:o.data.authenticationUrl};i.assign(o.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const n=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,n)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:n,connectionProperties:r}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let o;try{o=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:a}=await s.getAuthCodes(),c=await s.calculateAntiAbuseHash({connectionId:e,tenantLookupIdentifier:t,applicationId:this.applicationId});try{const s=n&&new URL(n).toString()\|\|i.getCurrentLocation().href,d=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${o}`},l=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:c,linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:a,connectionId:e,tenantLookupIdentifier:t,connectionProperties:r,applicationId:this.applicationId},d);i.assign(l.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:n,inviteId:r,redirectUrl:o,force:a,responseLocation:c,flowType:l,connectionProperties:u,openType:h,multiAccount:f,clearUserDataBeforeLogin:g}=e\|\|{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!r&&!a&&!f&&await this.userSessionExists()){const n=await this.ensureToken(),r=s.decode(n);if(t&&r&&r.azp&&t!==r.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:r});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:m,codeChallenge:w}=await s.getAuthCodes(),y=await s.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,inviteId:r,applicationId:this.applicationId});try{const e=o&&new URL(o).toString()\|\|i.getCurrentLocation().href;!1!==g&&d.clear();const a=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:y,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:w,connectionId:t,tenantLookupIdentifier:n,inviteId:r,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:l,multiAccount:f});if(localStorage.setItem(p,JSON.stringify({nonce:a.data.authenticationRequestId,codeVerifier:m,lastConnectionId:t,tenantLookupIdentifier:n,redirectUrl:e,enableCredentials:a.data.enableCredentials,multiAccount:f})),new URL(a.data.authenticationUrl).hostname===i.getCurrentLocation().hostname)return{authenticationUrl:a.data.authenticationUrl};if("tab"===h){const e=i.open(a.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed\|\|i.assign(a.data.authenticationUrl)}else i.assign(a.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async ensureToken(e){if(e&&0===e.timeoutInMillis){const e=this.getUserIdentity(),t=r.parse(document.cookie);if(e)return"undefined"!==t.authorization&&t.authorization;const n=Error("No token retrieved after timeout");throw n.code="TokenTimeout",n}await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e\|\|{}),n=this.waitForUserSession(),o=-1===t.timeoutInMillis\|\|t.timeoutInMillis>231-1?231-1:t.timeoutInMillis,i=new Promise(((e,t)=>setTimeout(t,o\|\|0)));try{await Promise.race([n,i])}catch(e){const t=Error("No token retrieved after timeout");throw t.code="TokenTimeout",t}const a=r.parse(document.cookie);return"undefined"!==a.authorization&&a.authorization}async logout(e){let t;if(e)try{new URL(e),t=e}catch(n){try{t=new URL(e,i.getCurrentLocation().href).toString()}catch(t){const n=Error(`The logout redirect url is not valid URL: ${e}`);throw n.code="InvalidRedirectUrl",n}}if(d.clear(),this.sanitizeQueryParameters(),u=new Promise((e=>l=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),this.lastSessionCheck=0,void(e&&e!==i.getCurrentLocation().href&&i.assign(e))}catch(e){}const n=new URL("/logout",this.hostUrl);n.searchParams.set("redirect_uri",t\|\|i.getCurrentLocation().href),n.searchParams.set("client_id",this.applicationId),i.assign(n.toString()),this.lastSessionCheck=0,await new Promise((e=>setTimeout(e,500)))}sanitizeQueryParameters(){const e=new URL(i.getCurrentLocation());e.searchParams.delete("iss"),e.searchParams.delete("nonce"),e.searchParams.delete("code"),e.searchParams.delete("expires_in"),e.searchParams.delete("access_token"),e.searchParams.delete("id_token"),history.replaceState({},void 0,e.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var n={},o=e.length;if(o<2)return n;var i=t&&t.decode\|\|l,a=0,s=0,h=0;do{if(-1===(s=e.indexOf("=",a)))break;if(-1===(h=e.indexOf(";",a)))h=o;else if(s>h){a=e.lastIndexOf(";",s-1)+1;continue}var p=c(e,a,s),f=d(e,s,p),g=e.slice(p,f);if(!r.call(n,g)){var m=c(e,s+1,h),w=d(e,h,m);34===e.charCodeAt(m)&&34===e.charCodeAt(w-1)&&(m++,w--);var y=e.slice(m,w);n[g]=u(y,i)}a=h+1}while(a<o);return n},t.serialize=function(e,t,r){var c=r&&r.encode\|\|encodeURIComponent;if("function"!=typeof c)throw new TypeError("option encode is invalid");if(!o.test(e))throw new TypeError("argument name is invalid");var d=c(t);if(!i.test(d))throw new TypeError("argument val is invalid");var l=e+"="+d;if(!r)return l;if(null!=r.maxAge){var u=Math.floor(r.maxAge);if(!isFinite(u))throw new TypeError("option maxAge is invalid");l+="; Max-Age="+u}if(r.domain){if(!a.test(r.domain))throw new TypeError("option domain is invalid");l+="; Domain="+r.domain}if(r.path){if(!s.test(r.path))throw new TypeError("option path is invalid");l+="; Path="+r.path}if(r.expires){var h=r.expires;if(!function(e){return"[object Date]"===n.call(e)}(h)\|\|isNaN(h.valueOf()))throw new TypeError("option expires is invalid");l+="; Expires="+h.toUTCString()}r.httpOnly&&(l+="; HttpOnly");r.secure&&(l+="; Secure");r.partitioned&&(l+="; Partitioned");if(r.priority){switch("string"==typeof r.priority?r.priority.toLowerCase():r.priority){case"low":l+="; Priority=Low";break;case"medium":l+="; Priority=Medium";break;case"high":l+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(r.sameSite){switch("string"==typeof r.sameSite?r.sameSite.toLowerCase():r.sameSite){case!0:l+="; SameSite=Strict";break;case"lax":l+="; SameSite=Lax";break;case"strict":l+="; SameSite=Strict";break;case"none":l+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return l};var n=Object.prototype.toString,r=Object.prototype.hasOwnProperty,o=/^[!#$%&'+\-.^_`\|~0-9A-Za-z]+$/,i=/^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]\1$/,a=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)$/i,s=/^[\u0020-\u003A\u003D-\u007E]$/;function c(e,t,n){do{var r=e.charCodeAt(t);if(32!==r&&9!==r)return t}while(++t<n);return n}function d(e,t,n){for(;t>n;){var r=e.charCodeAt(--t);if(32!==r&&9!==r)return t+1}return n}function l(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function u(e,t){try{return t(e)}catch(t){return e}}},568:(e,t,n)=>{const r=n(836),{sanitizeUrl:o}=n(332),i=n(629),a="ExtensionRequestNonce";let s=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=o(e),this.accessToken=null,i.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await r.decode(this.accessToken);return e?1e3e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(s)return s=s.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),s=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code\|\|new URLSearchParams(i.getCurrentLocation().search).get("code");if(!t){if(!e\|\|!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const n=new URL(this.authressCustomDomain);n.pathname="/api/authentication/oauth/tokens";const{codeVerifier:r,redirectUrl:o}=JSON.parse(localStorage.getItem(a)\|\|"{}"),s=await fetch(n.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:r,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:o})}),c=await s.json();this.accessToken=c.access_token;const d=new URL(i.getCurrentLocation());return d.searchParams.delete("code"),d.searchParams.delete("iss"),d.searchParams.delete("nonce"),d.searchParams.delete("expires_in"),d.searchParams.delete("access_token"),d.searchParams.delete("id_token"),history.replaceState({},void 0,d.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const n=await this.requestToken({silent:!0});if(n)return n;const o=new URL(this.authressCustomDomain),{codeVerifier:s,codeChallenge:c}=r.getAuthCodes(),d=e\|\|i.getCurrentLocation().href;return localStorage.setItem(a,JSON.stringify({codeVerifier:s,redirectUrl:d})),o.searchParams.set("client_id",this.extensionId),o.searchParams.set("code_challenge",c),o.searchParams.set("code_challenge_method","S256"),o.searchParams.set("redirect_uri",d),i.assign(o.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname\|\|"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)\|\|new URL("http://localhost:8080")}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},836:(e,t,n)=>{const r=n(878);e.exports=new class{decode(e){if(!e)return null;try{const t=JSON.parse(r.decode(e.split(".")[1]));return t.exp&&(t.exp=t.exp-10),t}catch(e){return null}}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;try{const t=JSON.parse(r.decode(e.split(".")[0])),n=JSON.parse(r.decode(e.split(".")[1]));return n.exp&&(n.exp=n.exp-10),{header:t,payload:n}}catch(e){return null}}async getAuthCodes(){const e=r.encode((window.crypto\|\|window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:r.encode(t)}}async calculateAntiAbuseHash(e){const t=Date.now(),n=Object.values(e).filter((e=>e)).join("\|");let o=0,i=null;for(;++o&&(i=r.encode(await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(`${t};${o};${n}`))),!i.match(/^00/)););return`v2;${t};${o};${i}`}}},878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function n(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),n).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}}},r={};function o(e){var t=r[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var i=r[e]={exports:{}};try{var a={id:e,module:i,factory:n[e],require:o};o.i.forEach((function(e){e(a)})),i=a.module,a.factory.call(i.exports,i,i.exports,a.require)}catch(e){throw i.error=e,e}return i.exports}return o.m=n,o.c=r,o.i=[],o.hu=e=>e+"."+o.h()+".hot-update.js",o.hmrF=()=>"main."+o.h()+".hot-update.json",o.h=()=>"3727d279383e9571121c",o.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",o.l=(n,r,i,a)=>{if(e[n])e[n].push(r);else{var s,c;if(void 0!==i)for(var d=document.getElementsByTagName("script"),l=0;l<d.length;l++){var u=d[l];if(u.getAttribute("src")==n\|\|u.getAttribute("data-webpack")==t+i){s=u;break}}s\|\|(c=!0,(s=document.createElement("script")).charset="utf-8",s.timeout=120,o.nc&&s.setAttribute("nonce",o.nc),s.setAttribute("data-webpack",t+i),s.src=n),e[n]=[r];var h=(t,r)=>{s.onerror=s.onload=null,clearTimeout(p);var o=e[n];if(delete e[n],s.parentNode&&s.parentNode.removeChild(s),o&&o.forEach((e=>e(r))),t)return t(r)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},(()=>{var e,t,n,r={},i=o.c,a=[],s=[],c="idle",d=0,l=[];function u(e){c=e;for(var t=[],n=0;n<s.length;n++)t[n]=s[n].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--d&&u("ready").then((function(){if(0===d){var e=l;l=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(o.hmrM).then((function(n){return n?u("prepare").then((function(){var r=[];return t=[],Promise.all(Object.keys(o.hmrC).reduce((function(e,i){return o.hmrC[i](n.c,n.r,n.m,e,t,r),e}),[])).then((function(){return t=function(){return e?g(e):u("ready").then((function(){return r}))},0===d?t():new Promise((function(e){l.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function f(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):g(e)}function g(e){e=e\|\|{},m();var r=t.map((function(t){return t(e)}));t=void 0;var o=r.map((function(e){return e.error})).filter(Boolean);if(o.length>0)return u("abort").then((function(){throw o[0]}));var i=u("dispose");r.forEach((function(e){e.dispose&&e.dispose()}));var a,s=u("apply"),c=function(e){a\|\|(a=e)},d=[];return r.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var n=0;n<t.length;n++)d.push(t[n])}})),Promise.all([i,s]).then((function(){return a?u("fail").then((function(){throw a})):n?g(e).then((function(e){return d.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return d}))}))}function m(){if(n)return t\|\|(t=[]),Object.keys(o.hmrI).forEach((function(e){n.forEach((function(n){o.hmrI[e](n,t)}))})),n=void 0,!0}o.hmrD=r,o.i.push((function(l){var g,m,w,y,v=l.module,k=function(t,n){var r=i[n];if(!r)return t;var o=function(o){if(r.hot.active){if(i[o]){var s=i[o].parents;-1===s.indexOf(n)&&s.push(n)}else a=[n],e=o;-1===r.children.indexOf(o)&&r.children.push(o)}else console.warn("[HMR] unexpected require("+o+") from disposed module "+n),a=[];return t(o)},s=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(n){t[e]=n}}};for(var l in t)Object.prototype.hasOwnProperty.call(t,l)&&"e"!==l&&Object.defineProperty(o,l,s(l));return o.e=function(e,n){return function(e){switch(c){case"ready":u("prepare");case"prepare":return d++,e.then(h,h),e;default:return e}}(t.e(e,n))},o}(l.require,l.id);v.hot=(g=l.id,m=v,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==g,_requireSelf:function(){a=m.parents.slice(),e=w?void 0:g,o(g)},active:!0,accept:function(e,t,n){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var r=0;r<e.length;r++)y._acceptedDependencies[e[r]]=t\|\|function(){},y._acceptedErrorHandlers[e[r]]=n;else y._acceptedDependencies[e]=t\|\|function(){},y._acceptedErrorHandlers[e]=n},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)})),u("ready");break;case"ready":Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)}));break;case"prepare":case"check":case"dispose":case"apply":(n=n\|\|[]).push(g)}},check:p,apply:f,status:function(e){if(!e)return c;s.push(e)},addStatusHandler:function(e){s.push(e)},removeStatusHandler:function(e){var t=s.indexOf(e);t>=0&&s.splice(t,1)},data:r[g]},e=void 0,y),v.parents=a,v.children=[],a=[],l.require=k})),o.hmrC={},o.hmrI={}})(),o.p="",(()=>{var e,t,n,r,i,a=o.hmrS_jsonp=o.hmrS_jsonp\|\|{792:0},s={};function c(t,n){return e=n,new Promise(((e,n)=>{s[t]=e;var r=o.p+o.hu(t),i=new Error;o.l(r,(e=>{if(s[t]){s[t]=void 0;var r=e&&("load"===e.type?"missing":e.type),o=e&&e.target&&e.target.src;i.message="Loading hot update chunk "+t+" failed.\n("+r+": "+o+")",i.name="ChunkLoadError",i.type=r,i.request=o,n(i)}}))}))}function d(e){function s(e){for(var t=[e],n={},r=t.map((function(e){return{chain:[e],id:e}}));r.length>0;){var i=r.pop(),a=i.id,s=i.chain,d=o.c[a];if(d&&(!d.hot._selfAccepted\|\|d.hot._selfInvalidated)){if(d.hot._selfDeclined)return{type:"self-declined",chain:s,moduleId:a};if(d.hot._main)return{type:"unaccepted",chain:s,moduleId:a};for(var l=0;l<d.parents.length;l++){var u=d.parents[l],h=o.c[u];if(h){if(h.hot._declinedDependencies[a])return{type:"declined",chain:s.concat([u]),moduleId:a,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[a]?(n[u]\|\|(n[u]=[]),c(n[u],[a])):(delete n[u],t.push(u),r.push({chain:s.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:n}}function c(e,t){for(var n=0;n<t.length;n++){var r=t[n];-1===e.indexOf(r)&&e.push(r)}}o.f&&delete o.f.jsonpHmr,t=void 0;var d={},l=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in n)if(o.o(n,p)){var f=n[p],g=f?s(p):{type:"disposed",moduleId:p},m=!1,w=!1,y=!1,v="";switch(g.chain&&(v="\nUpdate propagation: "+g.chain.join(" -> ")),g.type){case"self-declined":e.onDeclined&&e.onDeclined(g),e.ignoreDeclined\|\|(m=new Error("Aborted because of self decline: "+g.moduleId+v));break;case"declined":e.onDeclined&&e.onDeclined(g),e.ignoreDeclined\|\|(m=new Error("Aborted because of declined dependency: "+g.moduleId+" in "+g.parentId+v));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(g),e.ignoreUnaccepted\|\|(m=new Error("Aborted because "+p+" is not accepted"+v));break;case"accepted":e.onAccepted&&e.onAccepted(g),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(g),y=!0;break;default:throw new Error("Unexception type "+g.type)}if(m)return{error:m};if(w)for(p in u[p]=f,c(l,g.outdatedModules),g.outdatedDependencies)o.o(g.outdatedDependencies,p)&&(d[p]\|\|(d[p]=[]),c(d[p],g.outdatedDependencies[p]));y&&(c(l,[g.moduleId]),u[p]=h)}n=void 0;for(var k,C=[],b=0;b<l.length;b++){var I=l[b],S=o.c[I];S&&(S.hot._selfAccepted\|\|S.hot._main)&&u[I]!==h&&!S.hot._selfInvalidated&&C.push({module:I,require:S.hot._requireSelf,errorHandler:S.hot._selfAccepted})}return{dispose:function(){var e;r.forEach((function(e){delete a[e]})),r=void 0;for(var t,n=l.slice();n.length>0;){var i=n.pop(),s=o.c[i];if(s){var c={},u=s.hot._disposeHandlers;for(b=0;b<u.length;b++)u[b].call(null,c);for(o.hmrD[i]=c,s.hot.active=!1,delete o.c[i],delete d[i],b=0;b<s.children.length;b++){var h=o.c[s.children[b]];h&&((e=h.parents.indexOf(i))>=0&&h.parents.splice(e,1))}}}for(var p in d)if(o.o(d,p)&&(s=o.c[p]))for(k=d[p],b=0;b<k.length;b++)t=k[b],(e=s.children.indexOf(t))>=0&&s.children.splice(e,1)},apply:function(t){for(var n in u)o.o(u,n)&&(o.m[n]=u[n]);for(var r=0;r<i.length;r++)i[r](o);for(var a in d)if(o.o(d,a)){var s=o.c[a];if(s){k=d[a];for(var c=[],h=[],p=[],f=0;f<k.length;f++){var g=k[f],m=s.hot._acceptedDependencies[g],w=s.hot._acceptedErrorHandlers[g];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(g)}}for(var y=0;y<c.length;y++)try{c[y].call(null,k)}catch(n){if("function"==typeof h[y])try{h[y](n,{moduleId:a,dependencyId:p[y]})}catch(r){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:a,dependencyId:p[y],error:r,originalError:n}),e.ignoreErrored\|\|(t(r),t(n))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:a,dependencyId:p[y],error:n}),e.ignoreErrored\|\|t(n)}}}for(var v=0;v<C.length;v++){var b=C[v],I=b.module;try{b.require(I)}catch(n){if("function"==typeof b.errorHandler)try{b.errorHandler(n,{moduleId:I,module:o.c[I]})}catch(r){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:r,originalError:n}),e.ignoreErrored\|\|(t(r),t(n))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:n}),e.ignoreErrored\|\|t(n)}}return l}}}this.webpackHotUpdateauthress=(t,r,a)=>{for(var c in r)o.o(r,c)&&(n[c]=r[c],e&&e.push(c));a&&i.push(a),s[t]&&(s[t](),s[t]=void 0)},o.hmrI.jsonp=function(e,t){n\|\|(n={},i=[],r=[],t.push(d)),o.o(n,e)\|\|(n[e]=o.m[e])},o.hmrC.jsonp=function(e,s,l,u,h,p){h.push(d),t={},r=s,n=l.reduce((function(e,t){return e[t]=!1,e}),{}),i=[],e.forEach((function(e){o.o(a,e)&&void 0!==a[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),o.f&&(o.f.jsonpHmr=function(e,n){t&&o.o(t,e)&&!t[e]&&(n.push(c(e)),t[e]=!0)})},o.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(o.p+o.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),o(354)})()));
	1	/! Authress Login SDK 2.5.394 \| Author - Authress Developers \| License information can be found at https://github.com/Authress/login-sdk.js /
	2	!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,n={75:(e,t,n)=>{const{sanitizeUrl:o}=n(332),i=n(629),r={"Content-Type":"application/json","X-Powered-By":`Authress Login SDK; Javascript; ${n(330).version}`},s=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","Load failed","<HTML DOCUMENT></HTML>"]);function a(e){return"Network Error"===e.message\|\|"ERR_NETWORK"===e.code\|\|!e.status\|\|e.status>=500\|\|"string"==typeof e.message&&s.has(e.message)\|\|"string"==typeof e.data&&s.has(e.data)}async function c(e){let t=null;for(let n=0;n<5;n++)try{return await e()}catch(e){if(e.retryCount=n,!a(e))throw e;t=e,t.isNetworkError=!0,await new Promise((e=>setTimeout(e,102n)));continue}const n=new Error("[Authress Login SDK] Http Request failed due to a Network Error even after multiple retries",{cause:t});throw n.code="AuthressSdkNetworkError",n}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const n=t\|\|{debug(){},warn(){},critical(){}};this.logger=n;const i=new URL(o(e));this.loginUrl=`${i.origin}/api`}get(e,t,n,o){return c((()=>this.fetchWrapper("GET",e,null,n,t,o)))}delete(e,t,n,o){return c((()=>this.fetchWrapper("DELETE",e,null,n,t,o)))}post(e,t,n,o,i){return c((()=>this.fetchWrapper("POST",e,n,o,t,i)))}put(e,t,n,o,i){return c((()=>this.fetchWrapper("PUT",e,n,o,t,i)))}patch(e,t,n,o,i){return c((()=>this.fetchWrapper("PATCH",e,n,o,t,i)))}async fetchWrapper(e,t,n,o,s,a){const c=`${this.loginUrl}${t.toString()}`,l=e.toUpperCase(),d=Object.assign({},r,o);try{this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] HttpClient Request",method:l,url:c});const e={method:l,headers:d};n&&(e.body=JSON.stringify(n)),!i.isLocalHost()&&s&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let o={};try{o=await t.text(),o=JSON.parse(o)}catch(e){}return{url:c,method:l,headers:t.headers,status:t.status,data:o}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const o=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(o){this.logger&&this.logger.debug&&this.logger.debug({title:`[Authress Login SDK] Fetch failed due to a browser extension - ${l} - ${c}`,method:l,url:c,data:n,headers:d,error:e,resolvedError:t,extensionErrorId:o});const i=new Error(`Extension Error ID: ${o}`);throw i.code="BROWSER_EXTENSION_ERROR",i}const i=e.status;let r="warn",s="[Authress Login SDK] HttpClient Response Error";e?401===i?(s="[Authress Login SDK] HttpClient Response Error due to invalid token",r="debug"):404===i?(s="[Authress Login SDK] HttpClient Response: Not Found",r="debug"):i<500&&a&&(r="debug"):s="[Authress Login SDK] HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[r]&&this.logger[r]({title:s,online:"undefined"==typeof navigator\|\|navigator.onLine,method:l,url:c,status:i,data:n,headers:d,error:e,resolvedError:t});throw{url:c,method:l,status:i,data:t,headers:e.headers}}}}},160:(e,t,n)=>{const o=n(427),i=n(629),r="AuthenticationCredentialsStorage",s={user:"user",authorization:"authorization",authCode:"auth-code",authUserId:"AuthUserId"};e.exports=new class{constructor(){this.retainUserCookie=!1}getUserCookie(){const e=i.getDocument();if(!e)return null;return e.cookie.split(";").filter((e=>e.split("=")[0].trim()===s.user)).map((e=>e.trim().replace(/^user=/,""))).find((e=>e&&e.trim()))\|\|null}getAuthorizationTokens(){if("undefined"==typeof window\|\|"undefined"==typeof document)return[];return document.cookie.split(";").filter((e=>e.split("=")[0].trim()===s.authorization)).map((e=>e.trim().replace(/^authorization=/,""))).filter((e=>e&&e.trim()))}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const n=o.parse(document.cookie);localStorage.setItem(r,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!n.authorization})),this.retainUserCookie\|\|this.clearCookies(s.user)}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;let e={};try{e=o.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:n,jsCookies:o}=JSON.parse(localStorage.getItem(r)\|\|"{}");return t?n<Date.now()\|\|o&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(r)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies(s.user)}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window\|\|"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const n of t){if(!Object.values(s).includes(n.split("=")[0])\|\|e&&n.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),o=[...Array(t.length-1)].map(((e,n)=>t.reverse().slice(0,n+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&o.push("localhost");for(const e of o){const t=e?`domain=${e};`:"",o=`${encodeURIComponent(n.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${o}/`;const i=location.pathname.split("/");for(;i.length>0;)document.cookie=o+i.join("/"),i.pop()}}}}},321:e=>{var t=1/0,n=17976931348623157e292,o=NaN,i="[object Symbol]",r=/^\s+\|\s+$/g,s=/^[-+]0x[0-9a-f]+$/i,a=/^0b[01]+$/i,c=/^0o[0-7]+$/i,l=parseInt,d=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t\|\|"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,n){var o=-1,i=e.length;t<0&&(t=-t>i?0:i+t),(n=n>i?i:n)<0&&(n+=i),i=t>n?0:n-t>>>0,t>>>=0;for(var r=Array(i);++o<i;)r[o]=e[o+t];return r}(e,0,(h=p\|\|void 0===h?1:(g=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e\|\|function(e){return!!e&&"object"==typeof e}(e)&&d.call(e)==i}(e))return o;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(r,"");var n=a.test(e);return n\|\|c.test(e)?l(e.slice(2),n?2:8):s.test(e)?o:+e}(e))===t\|\|e===-1/0?(e<0?-1:1)n:e==e?e:0:0===e?e:0}(h),f=g%1,g==g?f?g-f:g:0))<0?0:h):[];var g,f}},330:e=>{"use strict";e.exports=JSON.parse('{"name":"@authress/login","version":"2.5.394","description":"Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.","main":"./src/index.js","types":"./index.d.ts","files":["index.d.ts","src","dist"],"scripts":{"build":"node make.js build && NODE_ENV=production webpack --mode=production","lint":"eslint --ext .js,.ts src tests make.js index.d.ts","test":"check-dts index.d.ts && mocha tests/.test.js tests//.test.js -R spec"},"dependencies":{"cookie":"<1","lodash.take":"^4.1.1"},"devDependencies":{"@babel/core":"^7.17.5","@babel/preset-env":"^7.16.11","@types/node":"^14.14.35","@typescript-eslint/eslint-plugin":"^3.1.0","@typescript-eslint/parser":"^3.1.0","babel-loader":"^8.2.3","chai":"^4.2.0","check-dts":"^0.4.4","ci-build-tools":"^1.0.13","commander":"^4.0.1","compression-webpack-plugin":"^9.2.0","eslint":"^7.12.1","eslint-config-cimpress-atsquad":"^1.0.67","eslint-loader":"^4.0.2","eslint-plugin-mocha":"^7.0.1","eslint-plugin-node":"^11.1.0","eslint-plugin-promise":"^6.1.1","fs-extra":"^8.1.0","glob":"^7.1.6","mocha":"^11.1.0","path-browserify":"^1.0.1","sinon":"^7.5.0","sinon-chai":"^3.3.0","terser-webpack-plugin":"^5.3.1","typescript":"^3.9.5","webpack":"^5.69.1","webpack-cli":"^4.9.2"},"repository":{"type":"git","url":"git+https://github.com/Authress/authress-login.js"},"keywords":["authentication","authentication as a service","Login","Login Client","universal login","auth","federated login","secure login","application security","IDaaS","authentication","user authentication","user identity","Oauth2","Oauth2.1","Oauth3","platform","platform login","extension","Authress","Authress client","user security","DBSC","Device Bound Session Credentials"],"author":"Authress Developers <developers@authress.io> (https://authress.io)","license":"Apache-2.0","bugs":{"url":"https://github.com/Authress/authress-login.js/issues"},"homepage":"https://authress.io","engines":{"node":">=18"}}')},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")\|\|(t=`https://${t}`);const n=new URL(t),o=n.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return o&&(n.host=`${o[1]}.login.authress.io`,t=n.toString()),t.replace(/[/]+$/,"")}},354:(e,t,n)=>{const o=n(427),i=n(321),r=n(629),s=n(75),a=n(836),{sanitizeUrl:c}=n(332),l=n(160);let d,u=new Promise((e=>d=e)),h=Promise.resolve(),p=!1;const g="AuthenticationRequestNonce";const f=n(568);e.exports={LoginClient:class{constructor(e,t){var n;const o=Object.assign({applicationId:"app_default"},e);this.logger=t\|\|console;const i=o.authressApiUrl\|\|o.authressLoginHostUrl\|\|o.authenticationServiceUrl\|\|"";if(!i)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');if(this.applicationId=null===(n=o.applicationId)\|\|void 0===n?void 0:n.trim(),!this.applicationId){const e=Error("Application ID is required.");throw e.code="InvalidApplication",e}if(this.applicationId.match(/^(sc_\|ext_)/)){const e=Error("You have incorrectly specified an Authress Service Client or Extension as the applicationId instead of a valid application. The applicationId is your application that your users will log into, usually hosted on your domain https://example.yourdomain.com. Users cannot log into a Service Client, but they can log in with one. Users can use a Service Client to log in, by setting the connection ID in the authenticate({ connectionId }) method to be the Authress Service Client.\n(1) If you are building an Custom Login Portal, then the application ID should correspond to this login portal.\n(2) If you are replacing or extending an Authress connection, then specify the Service Client as the connectionId and the end user application as the applicationId.\n(3) If you are building a platform or plugin marketplace, where users will log into third party extensions or apps, then distribute in your SDK a wrapper for the Authress Extension Client using: import { extensionClient } from '@authress/login' found within this SDK.\n(4) If you aren't sure what to do here to fix the problem, the fastest and usually correct solution is go to https://authress.io/app/#/settings?focus=applications create a new application, specify your site in the application url property and then update the value here.");throw e.code="InvalidApplication",e}this.hostUrl=c(i),this.httpClient=new s(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),l.retainUserCookie=e.retainUserCookie,o.skipBackgroundCredentialsCheck\|\|r.onLoad((async()=>{await this.userSessionExists({backgroundTrigger:!0})}))}getMatchingDomainInfo(e){const t=new URL(e);if(r.isLocalHost())return!1;const n=r.getCurrentLocation();if("https:"!==n.protocol)return!1;const o=t.host.toLowerCase().split(".").reverse(),s=n.host.toLowerCase().split(".").reverse();let a=[];for(let e of o){const t=i(s,a.length+1).join(".");if(a.concat(e).join(".")!==t)break;a.push(e)}return a.length===o.length&&a.length===s.length\|\|a.length>1}getUserIdentity(){const e=l.getUserCookie(),t=a.decodeOrParse(e);if(t){const n=t.exp?new Date(1e3t.exp):new Date(Date.now()+864e5);return l.set(e,n),t.userId=t.sub,t}const n=l.get(),o=a.decodeOrParse(n);if(!o)return null;const i=new URL(o.iss).hostname,r=new URL(this.hostUrl).hostname;return i.endsWith(r)\|\|r.endsWith(i)?(o.userId=o.sub,o):(l.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage\|\|"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl\|\|r.getCurrentLocation().href),r.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:"",type:"",totp:{}}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}if(!e){const e=Error("Register Device missing required parameter: 'Options'");throw e.code="InvalidInput",e}let n;if(e.type&&"WebAuthN"!==e.type)"TOTP"===e.type&&(n={name:e.name,code:e.totp.verificationCode,totpData:e.totp,type:"TOTP"});else{const o=t.sub,i={challenge:Uint8Array.from(o,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(o,(e=>e.charCodeAt(0))),name:o,displayName:`Generated User ID: ${o}`},pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},r=await navigator.credentials.create({publicKey:i}),s={authenticatorAttachment:r.authenticatorAttachment,credentialId:r.id,type:r.type,userId:o,attestation:btoa(String.fromCharCode(...new Uint8Array(r.response.attestationObject))),client:btoa(String.fromCharCode(...new Uint8Array(r.response.clientDataJSON)))};n={name:e&&e.name,code:s,type:"WebAuthN"}}try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,n,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to register new device",error:e,request:n}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e={backgroundTrigger:!1}){return Date.now()-this.lastSessionCheck<50\|\|p?h:(this.lastSessionCheck=Date.now(),p=!0,h=h.catch((()=>{})).then((async()=>{try{const t=await this.userSessionContinuation(null==e?void 0:e.backgroundTrigger);return p=!1,t}catch(e){throw p=!1,e}})))}async userSessionContinuation(e){const t=new URLSearchParams(r.getCurrentLocation().search);let n={};if("undefined"!=typeof localStorage)try{n=JSON.parse(localStorage.getItem(g)\|\|"{}"),localStorage.removeItem(g),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if((n.nonce\|\|t.get("iss")&&t.get("iss").includes(this.hostUrl))&&this.sanitizeQueryParameters(),n.nonce&&t.get("code")&&n.nonce===t.get("nonce")){const e="cookie"===t.get("code")?o.parse(document.cookie)["auth-code"]:t.get("code"),i=await a.calculateAntiAbuseHash({client_id:this.applicationId,authenticationRequestId:n.nonce,code:e}),r={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.applicationId,code:e,code_verifier:n.codeVerifier,antiAbuseHash:i};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,r),t=a.decode(e.data.id_token),i=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);return document.cookie=o.serialize("authorization",e.data.access_token\|\|"",{expires:i,path:"/",sameSite:"strict"}),l.set(e.data.id_token,i),d(),!0}catch(e){if(this.logger&&this.logger.log({title:"[Authress Login SDK] Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data\|\|e}}if(r.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(!n.nonce\|\|n.nonce===t.get("nonce"))){const e=a.decode(t.get("id_token")),n=e.exp&&new Date(1e3e.exp)\|\|Number(t.get("expires_in"))&&new Date(Date.now()+1e3Number(t.get("expires_in")));return document.cookie=o.serialize("authorization",t.get("access_token")\|\|"",{expires:n,path:"/",sameSite:"strict"}),l.set(t.get("id_token"),n),d(),!0}if(this.getUserIdentity())return d(),!0;if(!r.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=a.decode(e.data.id_token),n=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);document.cookie=o.serialize("authorization",e.data.access_token\|\|"",{expires:n,path:"/",sameSite:"strict"}),l.set(e.data.id_token,n)}}catch(e){400===e.status\|\|404===e.status\|\|409===e.status?this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return d(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:o,hint:i}){if(!t&&!n&&!i){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const s=new URLSearchParams(r.getCurrentLocation().search),c=e\|\|s.get("state");if(!c){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=i\|\|n,s=await a.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:e,authenticationRequestId:c}),l=await this.httpClient.patch(`/authentication/${c}`,!0,{antiAbuseHash:s,connectionId:t,tenantLookupIdentifier:e,connectionProperties:o});if(new URL(l.data.authenticationUrl).hostname===r.getCurrentLocation().hostname)return{authenticationUrl:l.data.authenticationUrl};r.assign(l.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const n=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,n)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async linkIdentityWithOneTimeCode({connectionId:e,redirectUrl:t}){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let n;try{n=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:o}=await a.getAuthCodes(),i=await a.calculateAntiAbuseHash({connectionId:e,applicationId:this.applicationId});try{const s=t&&new URL(t).toString()\|\|r.getCurrentLocation().href,a=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${n}`},c=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:i,linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:o,connectionId:e,applicationId:this.applicationId},a);return{authenticationUrl:c.data.authenticationUrl,authenticationRequestId:c.data.authenticationRequestId}}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:n,connectionProperties:o}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let i;try{i=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:s}=await a.getAuthCodes(),c=await a.calculateAntiAbuseHash({connectionId:e,tenantLookupIdentifier:t,applicationId:this.applicationId});try{const a=n&&new URL(n).toString()\|\|r.getCurrentLocation().href,l=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${i}`},d=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:c,linkIdentity:!0,redirectUrl:a,codeChallengeMethod:"S256",codeChallenge:s,connectionId:e,tenantLookupIdentifier:t,connectionProperties:o,applicationId:this.applicationId},l);r.assign(d.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticateWithOneTimeCode(e={}){const{serviceClientId:t,inviteId:n,redirectUrl:o,force:i,responseLocation:s,flowType:c,clearUserDataBeforeLogin:d,audiences:u}=e\|\|{};if(s&&"cookie"!==s&&"query"!==s&&"none"!==s){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!t){const e=Error("The Passwordless Service Client ID is required");throw e.code="InvalidInput",e}if(!n&&!i&&await this.userSessionExists()){const n=await this.ensureToken(),o=a.decode(n);if(o&&o.azp&&t!==o.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:o});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:h,codeChallenge:p}=await a.getAuthCodes(),f=await a.calculateAntiAbuseHash({serviceClientId:t,inviteId:n,applicationId:this.applicationId,audiences:u});try{const e=o&&new URL(o).toString()\|\|r.getCurrentLocation().href;!1!==d&&l.clear();const i=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:f,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:p,audiences:u,connectionId:t,inviteId:n,applicationId:this.applicationId,responseLocation:s,flowType:c});return localStorage.setItem(g,JSON.stringify({nonce:i.data.authenticationRequestId,codeVerifier:h,lastConnectionId:t,redirectUrl:e,enableCredentials:i.data.enableCredentials})),{authenticationUrl:i.data.authenticationUrl,authenticationRequestId:i.data.authenticationRequestId}}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:n,inviteId:o,redirectUrl:i,force:s,responseLocation:c,flowType:d,connectionProperties:u,openType:h,multiAccount:p,clearUserDataBeforeLogin:f,audiences:m}=e\|\|{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!o&&!s&&!p&&await this.userSessionExists()){const n=await this.ensureToken(),o=a.decode(n);if(t&&o&&o.azp&&t!==o.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:o});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:w,codeChallenge:y}=await a.getAuthCodes(),k=await a.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,inviteId:o,applicationId:this.applicationId,audiences:m});try{const e=i&&new URL(i).toString()\|\|r.getCurrentLocation().href;!1!==f&&l.clear();const s=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:k,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:y,audiences:m,connectionId:t,tenantLookupIdentifier:n,inviteId:o,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:d,multiAccount:p});if(localStorage.setItem(g,JSON.stringify({nonce:s.data.authenticationRequestId,codeVerifier:w,lastConnectionId:t,tenantLookupIdentifier:n,redirectUrl:e,enableCredentials:s.data.enableCredentials,multiAccount:p})),!s.data.authenticationUrl\|\|new URL(s.data.authenticationUrl).hostname===r.getCurrentLocation().hostname)return{authenticationUrl:s.data.authenticationUrl,authenticationRequestId:s.data.authenticationRequestId};if("tab"===h){const e=r.open(s.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed\|\|r.assign(s.data.authenticationUrl)}else r.assign(s.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async ensureToken(e){if(e&&0===e.timeoutInMillis){if(!this.getUserIdentity()){const e=Error("No token available because the user is not logged in.");throw e.code="TokenTimeout",e}const t=l.getAuthorizationTokens(),n=t.find((t=>{try{const n=a.decode(t);return(null==n?void 0:n.iss)===this.hostUrl\|\|(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because the issuer does not match the library configured value.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:n}),!1)}catch(n){return this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because it is no longer a valid token.",requestedAuthenticationOptions:e,currentAuthenticationSessionDataToken:t,error:n}),!1}}));return n\|\|(t.length?(this.logger&&this.logger.error&&this.logger.log({title:"[Authress Login SDK] No matching issuer token found, returning the first valid token instead."}),t[0]):(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] HttpOnly access token configuration has blocked the returning of a valid token. The application specified in the Authress LoginClient constructor has been configured to block returning access tokens via the enableAccessToToken property. To use the loginClient.ensureToken() method in production, please set the enableAccessToToken to true. Note: This setting does not affect localhost.",options:e}),null))}await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e\|\|{}),n=this.waitForUserSession(),o=-1===t.timeoutInMillis\|\|t.timeoutInMillis>231-1?231-1:t.timeoutInMillis,i=new Promise(((e,t)=>setTimeout(t,o\|\|0)));try{await Promise.race([n,i])}catch(e){const t=Error("No token available because the user is still not logged in and the timeout has been exceeded. If you are seeing this error, it is because you have called ensureToken() without first validating that the user is logged. Review the route guards and checks for user sessions in your source code. ensureToken() should only ever be called after you have verified that the user is logged in.");throw t.code="TokenTimeout",t}const r=l.getAuthorizationTokens(),s=r.find((t=>{try{const n=a.decode(t);return(null==n?void 0:n.iss)===this.hostUrl\|\|(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because the issuer does not match the library configured value.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:n}),!1)}catch(n){return this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because it is no longer a valid token.",requestedAuthenticationOptions:e,currentAuthenticationSessionDataToken:t,error:n}),!1}}));if(s)return s;if(r.length)return this.logger&&this.logger.error&&this.logger.log({title:"[Authress Login SDK] No matching issuer token found, returning the first valid token instead."}),r[0];return this.getUserIdentity()?(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] Your Authress Application access token configuration has blocked the returning of a valid token because the setting HttpOnly has been enabled. The application specified in the Authress LoginClient constructor has been configured to block returning access tokens via the enableAccessToToken property. To use the loginClient.ensureToken() method in production, please set the enableAccessToToken to true. (LocalHost Note: This setting does not affect localhost development, and you may still see ensureToken work successfully during development, but fail with this error in production. This is because HttpOnly does not work for LocalHost)",options:e}),null):(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] User completed login but the user identity still does not exist. This happened because there is a race condition in your code and why waiting for ensureToken() to complete, the user was logged out. Returning null."}),null)}async logout(e){let t;if(e)try{new URL(e),t=e}catch(n){try{t=new URL(e,r.getCurrentLocation().href).toString()}catch(t){const n=Error(`The logout redirect url is not valid URL: ${e}`);throw n.code="InvalidRedirectUrl",n}}if(l.clear(),this.sanitizeQueryParameters(),u=new Promise((e=>d=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),this.lastSessionCheck=0,void(e&&e!==r.getCurrentLocation().href&&r.assign(e))}catch(e){}const n=new URL("/logout",this.hostUrl);n.searchParams.set("redirect_uri",t\|\|r.getCurrentLocation().href),n.searchParams.set("client_id",this.applicationId),r.assign(n.toString()),this.lastSessionCheck=0,await new Promise((e=>setTimeout(e,500)))}sanitizeQueryParameters(){const e=new URL(r.getCurrentLocation());e.searchParams.delete("iss"),e.searchParams.delete("nonce"),e.searchParams.delete("code"),e.searchParams.delete("expires_in"),e.searchParams.delete("access_token"),e.searchParams.delete("id_token"),history.replaceState({},void 0,e.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var n={},i=e.length;if(i<2)return n;var r=t&&t.decode\|\|d,s=0,a=0,h=0;do{if(-1===(a=e.indexOf("=",s)))break;if(-1===(h=e.indexOf(";",s)))h=i;else if(a>h){s=e.lastIndexOf(";",a-1)+1;continue}var p=c(e,s,a),g=l(e,a,p),f=e.slice(p,g);if(!o.call(n,f)){var m=c(e,a+1,h),w=l(e,h,m);34===e.charCodeAt(m)&&34===e.charCodeAt(w-1)&&(m++,w--);var y=e.slice(m,w);n[f]=u(y,r)}s=h+1}while(s<i);return n},t.serialize=function(e,t,o){var c=o&&o.encode\|\|encodeURIComponent;if("function"!=typeof c)throw new TypeError("option encode is invalid");if(!i.test(e))throw new TypeError("argument name is invalid");var l=c(t);if(!r.test(l))throw new TypeError("argument val is invalid");var d=e+"="+l;if(!o)return d;if(null!=o.maxAge){var u=Math.floor(o.maxAge);if(!isFinite(u))throw new TypeError("option maxAge is invalid");d+="; Max-Age="+u}if(o.domain){if(!s.test(o.domain))throw new TypeError("option domain is invalid");d+="; Domain="+o.domain}if(o.path){if(!a.test(o.path))throw new TypeError("option path is invalid");d+="; Path="+o.path}if(o.expires){var h=o.expires;if(!function(e){return"[object Date]"===n.call(e)}(h)\|\|isNaN(h.valueOf()))throw new TypeError("option expires is invalid");d+="; Expires="+h.toUTCString()}o.httpOnly&&(d+="; HttpOnly");o.secure&&(d+="; Secure");o.partitioned&&(d+="; Partitioned");if(o.priority){switch("string"==typeof o.priority?o.priority.toLowerCase():o.priority){case"low":d+="; Priority=Low";break;case"medium":d+="; Priority=Medium";break;case"high":d+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(o.sameSite){switch("string"==typeof o.sameSite?o.sameSite.toLowerCase():o.sameSite){case!0:d+="; SameSite=Strict";break;case"lax":d+="; SameSite=Lax";break;case"strict":d+="; SameSite=Strict";break;case"none":d+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return d};var n=Object.prototype.toString,o=Object.prototype.hasOwnProperty,i=/^[!#$%&'+\-.^_`\|~0-9A-Za-z]+$/,r=/^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]\1$/,s=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)$/i,a=/^[\u0020-\u003A\u003D-\u007E]$/;function c(e,t,n){do{var o=e.charCodeAt(t);if(32!==o&&9!==o)return t}while(++t<n);return n}function l(e,t,n){for(;t>n;){var o=e.charCodeAt(--t);if(32!==o&&9!==o)return t+1}return n}function d(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function u(e,t){try{return t(e)}catch(t){return e}}},568:(e,t,n)=>{const o=n(836),{sanitizeUrl:i}=n(332),r=n(629),s="ExtensionRequestNonce";let a=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=i(e),this.accessToken=null,r.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await o.decode(this.accessToken);return e?1e3e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(a)return a=a.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),a=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code\|\|new URLSearchParams(r.getCurrentLocation().search).get("code");if(!t){if(!e\|\|!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const n=new URL(this.authressCustomDomain);n.pathname="/api/authentication/oauth/tokens";const{codeVerifier:o,redirectUrl:i}=JSON.parse(localStorage.getItem(s)\|\|"{}"),a=await fetch(n.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:o,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:i})}),c=await a.json();this.accessToken=c.access_token;const l=new URL(r.getCurrentLocation());return l.searchParams.delete("code"),l.searchParams.delete("iss"),l.searchParams.delete("nonce"),l.searchParams.delete("expires_in"),l.searchParams.delete("access_token"),l.searchParams.delete("id_token"),history.replaceState({},void 0,l.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const n=await this.requestToken({silent:!0});if(n)return n;const i=new URL(this.authressCustomDomain),{codeVerifier:a,codeChallenge:c}=o.getAuthCodes(),l=e\|\|r.getCurrentLocation().href;return localStorage.setItem(s,JSON.stringify({codeVerifier:a,redirectUrl:l})),i.searchParams.set("client_id",this.extensionId),i.searchParams.set("code_challenge",c),i.searchParams.set("code_challenge_method","S256"),i.searchParams.set("redirect_uri",l),r.assign(i.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname\|\|"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)\|\|new URL("http://localhost:8080")}getDocument(){return"undefined"==typeof window\|\|"undefined"==typeof document?null:document}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},836:(e,t,n)=>{const o=n(878);e.exports=new class{decode(e){var t;return e?null===(t=this.decodeFull(e))\|\|void 0===t?void 0:t.payload:null}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;let t=null;try{t=JSON.parse(o.decode(e.split(".")[0]))}catch(e){}try{const n=JSON.parse(o.decode(e.split(".")[1]));return n.exp&&(n.exp=n.exp-10),{header:t,payload:n}}catch(e){return null}}async getAuthCodes(){const e=o.encode((window.crypto\|\|window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:o.encode(t)}}async calculateAntiAbuseHash(e){const t=Date.now(),n=Object.values(e).filter((e=>e)).join("\|");let i=0,r=null;for(;++i&&(r=o.encode(await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(`${t};${i};${n}`))),!r.match(/^00/)););return`v2;${t};${i};${r}`}}},878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function n(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),n).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}}},o={};function i(e){var t=o[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var r=o[e]={exports:{}};try{var s={id:e,module:r,factory:n[e],require:i};i.i.forEach((function(e){e(s)})),r=s.module,s.factory.call(r.exports,r,r.exports,s.require)}catch(e){throw r.error=e,e}return r.exports}return i.m=n,i.c=o,i.i=[],i.hu=e=>e+"."+i.h()+".hot-update.js",i.hmrF=()=>"main."+i.h()+".hot-update.json",i.h=()=>"42f9aeaf5c0172d4442f",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",i.l=(n,o,r,s)=>{if(e[n])e[n].push(o);else{var a,c;if(void 0!==r)for(var l=document.getElementsByTagName("script"),d=0;d<l.length;d++){var u=l[d];if(u.getAttribute("src")==n\|\|u.getAttribute("data-webpack")==t+r){a=u;break}}a\|\|(c=!0,(a=document.createElement("script")).charset="utf-8",a.timeout=120,i.nc&&a.setAttribute("nonce",i.nc),a.setAttribute("data-webpack",t+r),a.src=n),e[n]=[o];var h=(t,o)=>{a.onerror=a.onload=null,clearTimeout(p);var i=e[n];if(delete e[n],a.parentNode&&a.parentNode.removeChild(a),i&&i.forEach((e=>e(o))),t)return t(o)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:a}),12e4);a.onerror=h.bind(null,a.onerror),a.onload=h.bind(null,a.onload),c&&document.head.appendChild(a)}},(()=>{var e,t,n,o={},r=i.c,s=[],a=[],c="idle",l=0,d=[];function u(e){c=e;for(var t=[],n=0;n<a.length;n++)t[n]=a[n].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--l&&u("ready").then((function(){if(0===l){var e=d;d=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(i.hmrM).then((function(n){return n?u("prepare").then((function(){var o=[];return t=[],Promise.all(Object.keys(i.hmrC).reduce((function(e,r){return i.hmrC[r](n.c,n.r,n.m,e,t,o),e}),[])).then((function(){return t=function(){return e?f(e):u("ready").then((function(){return o}))},0===l?t():new Promise((function(e){d.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function g(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):f(e)}function f(e){e=e\|\|{},m();var o=t.map((function(t){return t(e)}));t=void 0;var i=o.map((function(e){return e.error})).filter(Boolean);if(i.length>0)return u("abort").then((function(){throw i[0]}));var r=u("dispose");o.forEach((function(e){e.dispose&&e.dispose()}));var s,a=u("apply"),c=function(e){s\|\|(s=e)},l=[];return o.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var n=0;n<t.length;n++)l.push(t[n])}})),Promise.all([r,a]).then((function(){return s?u("fail").then((function(){throw s})):n?f(e).then((function(e){return l.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return l}))}))}function m(){if(n)return t\|\|(t=[]),Object.keys(i.hmrI).forEach((function(e){n.forEach((function(n){i.hmrI[e](n,t)}))})),n=void 0,!0}i.hmrD=o,i.i.push((function(d){var f,m,w,y,k=d.module,v=function(t,n){var o=r[n];if(!o)return t;var i=function(i){if(o.hot.active){if(r[i]){var a=r[i].parents;-1===a.indexOf(n)&&a.push(n)}else s=[n],e=i;-1===o.children.indexOf(i)&&o.children.push(i)}else console.warn("[HMR] unexpected require("+i+") from disposed module "+n),s=[];return t(i)},a=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(n){t[e]=n}}};for(var d in t)Object.prototype.hasOwnProperty.call(t,d)&&"e"!==d&&Object.defineProperty(i,d,a(d));return i.e=function(e,n){return function(e){switch(c){case"ready":u("prepare");case"prepare":return l++,e.then(h,h),e;default:return e}}(t.e(e,n))},i}(d.require,d.id);k.hot=(f=d.id,m=k,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==f,_requireSelf:function(){s=m.parents.slice(),e=w?void 0:f,i(f)},active:!0,accept:function(e,t,n){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var o=0;o<e.length;o++)y._acceptedDependencies[e[o]]=t\|\|function(){},y._acceptedErrorHandlers[e[o]]=n;else y._acceptedDependencies[e]=t\|\|function(){},y._acceptedErrorHandlers[e]=n},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(i.hmrI).forEach((function(e){i.hmrI[e](f,t)})),u("ready");break;case"ready":Object.keys(i.hmrI).forEach((function(e){i.hmrI[e](f,t)}));break;case"prepare":case"check":case"dispose":case"apply":(n=n\|\|[]).push(f)}},check:p,apply:g,status:function(e){if(!e)return c;a.push(e)},addStatusHandler:function(e){a.push(e)},removeStatusHandler:function(e){var t=a.indexOf(e);t>=0&&a.splice(t,1)},data:o[f]},e=void 0,y),k.parents=s,k.children=[],s=[],d.require=v})),i.hmrC={},i.hmrI={}})(),i.p="",(()=>{var e,t,n,o,r,s=i.hmrS_jsonp=i.hmrS_jsonp\|\|{792:0},a={};function c(t,n){return e=n,new Promise(((e,n)=>{a[t]=e;var o=i.p+i.hu(t),r=new Error;i.l(o,(e=>{if(a[t]){a[t]=void 0;var o=e&&("load"===e.type?"missing":e.type),i=e&&e.target&&e.target.src;r.message="Loading hot update chunk "+t+" failed.\n("+o+": "+i+")",r.name="ChunkLoadError",r.type=o,r.request=i,n(r)}}))}))}function l(e){function a(e){for(var t=[e],n={},o=t.map((function(e){return{chain:[e],id:e}}));o.length>0;){var r=o.pop(),s=r.id,a=r.chain,l=i.c[s];if(l&&(!l.hot._selfAccepted\|\|l.hot._selfInvalidated)){if(l.hot._selfDeclined)return{type:"self-declined",chain:a,moduleId:s};if(l.hot._main)return{type:"unaccepted",chain:a,moduleId:s};for(var d=0;d<l.parents.length;d++){var u=l.parents[d],h=i.c[u];if(h){if(h.hot._declinedDependencies[s])return{type:"declined",chain:a.concat([u]),moduleId:s,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[s]?(n[u]\|\|(n[u]=[]),c(n[u],[s])):(delete n[u],t.push(u),o.push({chain:a.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:n}}function c(e,t){for(var n=0;n<t.length;n++){var o=t[n];-1===e.indexOf(o)&&e.push(o)}}i.f&&delete i.f.jsonpHmr,t=void 0;var l={},d=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in n)if(i.o(n,p)){var g=n[p],f=g?a(p):{type:"disposed",moduleId:p},m=!1,w=!1,y=!1,k="";switch(f.chain&&(k="\nUpdate propagation: "+f.chain.join(" -> ")),f.type){case"self-declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined\|\|(m=new Error("Aborted because of self decline: "+f.moduleId+k));break;case"declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined\|\|(m=new Error("Aborted because of declined dependency: "+f.moduleId+" in "+f.parentId+k));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(f),e.ignoreUnaccepted\|\|(m=new Error("Aborted because "+p+" is not accepted"+k));break;case"accepted":e.onAccepted&&e.onAccepted(f),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(f),y=!0;break;default:throw new Error("Unexception type "+f.type)}if(m)return{error:m};if(w)for(p in u[p]=g,c(d,f.outdatedModules),f.outdatedDependencies)i.o(f.outdatedDependencies,p)&&(l[p]\|\|(l[p]=[]),c(l[p],f.outdatedDependencies[p]));y&&(c(d,[f.moduleId]),u[p]=h)}n=void 0;for(var v,b=[],C=0;C<d.length;C++){var I=d[C],A=i.c[I];A&&(A.hot._selfAccepted\|\|A.hot._main)&&u[I]!==h&&!A.hot._selfInvalidated&&b.push({module:I,require:A.hot._requireSelf,errorHandler:A.hot._selfAccepted})}return{dispose:function(){var e;o.forEach((function(e){delete s[e]})),o=void 0;for(var t,n=d.slice();n.length>0;){var r=n.pop(),a=i.c[r];if(a){var c={},u=a.hot._disposeHandlers;for(C=0;C<u.length;C++)u[C].call(null,c);for(i.hmrD[r]=c,a.hot.active=!1,delete i.c[r],delete l[r],C=0;C<a.children.length;C++){var h=i.c[a.children[C]];h&&((e=h.parents.indexOf(r))>=0&&h.parents.splice(e,1))}}}for(var p in l)if(i.o(l,p)&&(a=i.c[p]))for(v=l[p],C=0;C<v.length;C++)t=v[C],(e=a.children.indexOf(t))>=0&&a.children.splice(e,1)},apply:function(t){for(var n in u)i.o(u,n)&&(i.m[n]=u[n]);for(var o=0;o<r.length;o++)r[o](i);for(var s in l)if(i.o(l,s)){var a=i.c[s];if(a){v=l[s];for(var c=[],h=[],p=[],g=0;g<v.length;g++){var f=v[g],m=a.hot._acceptedDependencies[f],w=a.hot._acceptedErrorHandlers[f];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(f)}}for(var y=0;y<c.length;y++)try{c[y].call(null,v)}catch(n){if("function"==typeof h[y])try{h[y](n,{moduleId:s,dependencyId:p[y]})}catch(o){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:s,dependencyId:p[y],error:o,originalError:n}),e.ignoreErrored\|\|(t(o),t(n))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:s,dependencyId:p[y],error:n}),e.ignoreErrored\|\|t(n)}}}for(var k=0;k<b.length;k++){var C=b[k],I=C.module;try{C.require(I)}catch(n){if("function"==typeof C.errorHandler)try{C.errorHandler(n,{moduleId:I,module:i.c[I]})}catch(o){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:o,originalError:n}),e.ignoreErrored\|\|(t(o),t(n))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:n}),e.ignoreErrored\|\|t(n)}}return d}}}this.webpackHotUpdateauthress=(t,o,s)=>{for(var c in o)i.o(o,c)&&(n[c]=o[c],e&&e.push(c));s&&r.push(s),a[t]&&(a[t](),a[t]=void 0)},i.hmrI.jsonp=function(e,t){n\|\|(n={},r=[],o=[],t.push(l)),i.o(n,e)\|\|(n[e]=i.m[e])},i.hmrC.jsonp=function(e,a,d,u,h,p){h.push(l),t={},o=a,n=d.reduce((function(e,t){return e[t]=!1,e}),{}),r=[],e.forEach((function(e){i.o(s,e)&&void 0!==s[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),i.f&&(i.f.jsonpHmr=function(e,n){t&&i.o(t,e)&&!t[e]&&(n.push(c(e)),t[e]=!0)})},i.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(i.p+i.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),i(354)})()));

authress/trunk/vendor/autoload.php

-                      r3264076
+                      r3405904
 // autoload.php @generated by Composer
+if (PHP_VERSION_ID < 50600) {
+    if (!headers_sent()) {
+        header('HTTP/1.1 500 Internal Server Error');
+    }
+    $err = 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL;
+    if (!ini_get('display_errors')) {
+        if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') {
+            fwrite(STDERR, $err);
+        } elseif (!headers_sent()) {
+            echo $err;
+        }
+    }
+    throw new RuntimeException($err);
+}
 require_once __DIR__ . '/composer/autoload_real.php';
 return ComposerAutoloaderInit0afc4f4830b212e88cd7a189750a61be::getLoader();
+return ComposerAutoloaderInit908d35cafd3f3b46a98d2b262382722b::getLoader();

authress/trunk/vendor/composer/ClassLoader.php

-                      r2688858
+                      r3405904
 class ClassLoader
+{
+    /** @var \Closure(string):void */
+    private static $includeFile;
+    /** @var string|null */
     private $vendorDir;
     // PSR-4
+    /**
+     * @var array<string, array<string, int>>
+     */
     private $prefixLengthsPsr4 = array();
+    /**
+     * @var array<string, list<string>>
+     */
     private $prefixDirsPsr4 = array();
+    /**
+     * @var list<string>
+     */
     private $fallbackDirsPsr4 = array();
     // PSR-0
+    /**
+     * List of PSR-0 prefixes
+     *
+     * Structured as array('F (first letter)' => array('Foo\Bar (full prefix)' => array('path', 'path2')))
+     *
+     * @var array<string, array<string, list<string>>>
+     */
     private $prefixesPsr0 = array();
+    /**
+     * @var list<string>
+     */
     private $fallbackDirsPsr0 = array();
+    /** @var bool */
     private $useIncludePath = false;
+    /**
+     * @var array<string, string>
+     */
     private $classMap = array();
+    /** @var bool */
     private $classMapAuthoritative = false;
+    /**
+     * @var array<string, bool>
+     */
     private $missingClasses = array();
+    /** @var string|null */
     private $apcuPrefix;
+    /**
+     * @var array<string, self>
+     */
     private static $registeredLoaders = array();
+    /**
+     * @param string|null $vendorDir
+     */
     public function __construct($vendorDir = null)
+    {
         $this->vendorDir = $vendorDir;
+    }
+        self::initializeIncludeClosure();
+    }
+    /**
+     * @return array<string, list<string>>
+     */
     public function getPrefixes()
+    {
 …
+    }
+    /**
+     * @return array<string, list<string>>
+     */
     public function getPrefixesPsr4()
+    {
 …
+    }
+    /**
+     * @return list<string>
+     */
     public function getFallbackDirs()
+    {
 …
+    }
+    /**
+     * @return list<string>
+     */
     public function getFallbackDirsPsr4()
+    {
 …
+    }
+    /**
+     * @return array<string, string> Array of classname => path
+     */
     public function getClassMap()
+    {
 …
     /**
+     * @param array $classMap Class to filename map
+     * @param array<string, string> $classMap Class to filename map
+     *
+     * @return void
      */
     public function addClassMap(array $classMap)
 …
      * appending or prepending to the ones previously set for this prefix.
+     *
+     * @param string       $prefix  The prefix
+     * @param array|string $paths   The PSR-0 root directories
+     * @param bool         $prepend Whether to prepend the directories
+     * @param string              $prefix  The prefix
+     * @param list<string>|string $paths   The PSR-0 root directories
+     * @param bool                $prepend Whether to prepend the directories
+     *
+     * @return void
      */
     public function add($prefix, $paths, $prepend = false)
+    {
+        $paths = (array) $paths;
         if (!$prefix) {
             if ($prepend) {
                 $this->fallbackDirsPsr0 = array_merge(
                     (array) $paths,
+                    $paths,
                     $this->fallbackDirsPsr0
                 );
 …
                 $this->fallbackDirsPsr0 = array_merge(
                     $this->fallbackDirsPsr0,
                     (array) $paths
+                    $paths
                 );
+            }
 …
         $first = $prefix[0];
         if (!isset($this->prefixesPsr0[$first][$prefix])) {
             $this->prefixesPsr0[$first][$prefix] = (array) $paths;
+            $this->prefixesPsr0[$first][$prefix] = $paths;
             return;
 …
         if ($prepend) {
             $this->prefixesPsr0[$first][$prefix] = array_merge(
                 (array) $paths,
+                $paths,
                 $this->prefixesPsr0[$first][$prefix]
             );
 …
             $this->prefixesPsr0[$first][$prefix] = array_merge(
                 $this->prefixesPsr0[$first][$prefix],
                 (array) $paths
+                $paths
             );
+        }
 …
      * appending or prepending to the ones previously set for this namespace.
+     *
      * @param string       $prefix  The prefix/namespace, with trailing '\\'
      * @param array|string $paths   The PSR-4 base directories
      * @param bool         $prepend Whether to prepend the directories
+     * @param string              $prefix  The prefix/namespace, with trailing '\\'
+     * @param list<string>|string $paths   The PSR-4 base directories
+     * @param bool                $prepend Whether to prepend the directories
+     *
      * @throws \InvalidArgumentException
+     *
+     * @return void
      */
     public function addPsr4($prefix, $paths, $prepend = false)
+    {
+        $paths = (array) $paths;
         if (!$prefix) {
             // Register directories for the root namespace.
             if ($prepend) {
                 $this->fallbackDirsPsr4 = array_merge(
                     (array) $paths,
+                    $paths,
                     $this->fallbackDirsPsr4
                 );
 …
                 $this->fallbackDirsPsr4 = array_merge(
                     $this->fallbackDirsPsr4,
                     (array) $paths
+                    $paths
                 );
+            }
 …
+            }
             $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length;
             $this->prefixDirsPsr4[$prefix] = (array) $paths;
+            $this->prefixDirsPsr4[$prefix] = $paths;
         } elseif ($prepend) {
             // Prepend directories for an already registered namespace.
             $this->prefixDirsPsr4[$prefix] = array_merge(
                 (array) $paths,
+                $paths,
                 $this->prefixDirsPsr4[$prefix]
             );
 …
             $this->prefixDirsPsr4[$prefix] = array_merge(
                 $this->prefixDirsPsr4[$prefix],
                 (array) $paths
+                $paths
             );
+        }
 …
      * replacing any others previously set for this prefix.
+     *
+     * @param string       $prefix The prefix
+     * @param array|string $paths  The PSR-0 base directories
+     * @param string              $prefix The prefix
+     * @param list<string>|string $paths  The PSR-0 base directories
+     *
+     * @return void
      */
     public function set($prefix, $paths)
 …
      * replacing any others previously set for this namespace.
+     *
      * @param string       $prefix The prefix/namespace, with trailing '\\'
      * @param array|string $paths  The PSR-4 base directories
+     * @param string              $prefix The prefix/namespace, with trailing '\\'
+     * @param list<string>|string $paths  The PSR-4 base directories
+     *
      * @throws \InvalidArgumentException
+     *
+     * @return void
      */
     public function setPsr4($prefix, $paths)
 …
+     *
      * @param bool $useIncludePath
+     *
+     * @return void
      */
     public function setUseIncludePath($useIncludePath)
 …
+     *
      * @param bool $classMapAuthoritative
+     *
+     * @return void
      */
     public function setClassMapAuthoritative($classMapAuthoritative)
 …
+     *
      * @param string|null $apcuPrefix
+     *
+     * @return void
      */
     public function setApcuPrefix($apcuPrefix)
 …
+     *
      * @param bool $prepend Whether to prepend the autoloader or not
+     *
+     * @return void
      */
     public function register($prepend = false)
 …
         if (null === $this->vendorDir) {
+            //no-op
+        } elseif ($prepend) {
+            return;
+        }
+        if ($prepend) {
             self::$registeredLoaders = array($this->vendorDir => $this) + self::$registeredLoaders;
         } else {
 …
     /**
      * Unregisters this instance as an autoloader.
+     *
+     * @return void
      */
     public function unregister()
 …
+     *
      * @param  string    $class The name of the class
      * @return bool|null True if loaded, null otherwise
+     * @return true|null True if loaded, null otherwise
      */
     public function loadClass($class)
+    {
         if ($file = $this->findFile($class)) {
+            includeFile($file);
+            $includeFile = self::$includeFile;
+            $includeFile($file);
             return true;
+        }
+        return null;
+    }
 …
     /**
      * Returns the currently registered loaders indexed by their corresponding vendor directories.
+     *
      * @return self[]
+     * Returns the currently registered loaders keyed by their corresponding vendor directories.
+     *
+     * @return array<string, self>
      */
     public static function getRegisteredLoaders()
 …
+    }
+    /**
+     * @param  string       $class
+     * @param  string       $ext
+     * @return string|false
+     */
     private function findFileWithExtension($class, $ext)
+    {
 …
         return false;
+    }
+    /**
+     * @return void
+     */
+    private static function initializeIncludeClosure()
+    {
+        if (self::$includeFile !== null) {
+            return;
+        }
+        /**
+         * Scope isolated include.
+         *
+         * Prevents access to $this/self from included files.
+         *
+         * @param  string $file
+         * @return void
+         */
+        self::$includeFile = \Closure::bind(static function($file) {
+            include $file;
+        }, null, null);
+    }
+}
-/**
- * Scope isolated include.
+ *
- * Prevents access to $this/self from included files.
- */
-function includeFile($file)
+{
-    include $file;
+}

authress/trunk/vendor/composer/InstalledVersions.php

-                      r3264076
+                      r3405904
 <?php
+/*
+ * This file is part of Composer.
+ *
+ * (c) Nils Adermann <naderman@naderman.de>
+ *     Jordi Boggiano <j.boggiano@seld.be>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
 namespace Composer;
 …
 use Composer\Semver\VersionParser;
+/**
+ * This class is copied in every Composer installed project and available to all
+ *
+ * See also https://getcomposer.org/doc/07-runtime.md#installed-versions
+ *
+ * To require its presence, you can require `composer-runtime-api ^2.0`
+ *
+ * @final
+ */
 class InstalledVersions
+{
+private static $installed = array (
+  'root' =>
+  array (
+    'pretty_version' => 'dev-release/0.2',
+    'version' => 'dev-release/0.2',
+    'aliases' =>
+    array (
+    ),
+    'reference' => '96e0eab8ebba749fdfc6becf25a6501b8eaa1b43',
+    'name' => 'authress/wordpress-plugin.php',
+  ),
+  'versions' =>
+  array (
+    'authress/wordpress-plugin.php' =>
+    array (
+      'pretty_version' => 'dev-release/0.2',
+      'version' => 'dev-release/0.2',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '96e0eab8ebba749fdfc6becf25a6501b8eaa1b43',
+    ),
+    'codercat/jwk-to-pem' =>
+    array (
+      'pretty_version' => '1.1',
+      'version' => '1.1.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '4b3cdcf5f87b9b074f132f763a6b7b82c7d3ff1d',
+    ),
+    'guzzlehttp/guzzle' =>
+    array (
+      'pretty_version' => '7.8.1',
+      'version' => '7.8.1.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '41042bc7ab002487b876a0683fc8dce04ddce104',
+    ),
+    'guzzlehttp/promises' =>
+    array (
+      'pretty_version' => '2.0.2',
+      'version' => '2.0.2.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'bbff78d96034045e58e13dedd6ad91b5d1253223',
+    ),
+    'guzzlehttp/psr7' =>
+    array (
+      'pretty_version' => '2.6.2',
+      'version' => '2.6.2.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '45b30f99ac27b5ca93cb4831afe16285f57b8221',
+    ),
+    'lcobucci/clock' =>
+    array (
+      'pretty_version' => '3.2.0',
+      'version' => '3.2.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '6f28b826ea01306b07980cb8320ab30b966cd715',
+    ),
+    'lcobucci/jwt' =>
+    array (
+      'pretty_version' => '4.3.0',
+      'version' => '4.3.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '4d7de2fe0d51a96418c0d04004986e410e87f6b4',
+    ),
+    'paragonie/constant_time_encoding' =>
+    array (
+      'pretty_version' => 'v3.0.0',
+      'version' => '3.0.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'df1e7fde177501eee2037dd159cf04f5f301a512',
+    ),
+    'paragonie/random_compat' =>
+    array (
+      'pretty_version' => 'v9.99.100',
+      'version' => '9.99.100.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a',
+    ),
+    'phpseclib/phpseclib' =>
+    array (
+      'pretty_version' => '3.0.38',
+      'version' => '3.0.38.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'b18b8788e51156c4dd97b7f220a31149a0052067',
+    ),
+    'psr/clock' =>
+    array (
+      'pretty_version' => '1.0.0',
+      'version' => '1.0.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'e41a24703d4560fd0acb709162f73b8adfc3aa0d',
+    ),
+    'psr/clock-implementation' =>
+    array (
+      'provided' =>
+      array (
+=> '1.0',
+      ),
+    ),
+    'psr/http-client' =>
+    array (
+      'pretty_version' => '1.0.3',
+      'version' => '1.0.3.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => 'bb5906edc1c324c9a05aa0873d40117941e5fa90',
+    ),
+    'psr/http-client-implementation' =>
+    array (
+      'provided' =>
+      array (
+=> '1.0',
+      ),
+    ),
+    'psr/http-factory' =>
+    array (
+      'pretty_version' => '1.1.0',
+      'version' => '1.1.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '2b4765fddfe3b508ac62f829e852b1501d3f6e8a',
+    ),
+    'psr/http-factory-implementation' =>
+    array (
+      'provided' =>
+      array (
+=> '1.0',
+      ),
+    ),
+    'psr/http-message' =>
+    array (
+      'pretty_version' => '2.0',
+      'version' => '2.0.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '402d35bcb92c70c026d1a6a9883f06b2ead23d71',
+    ),
+    'psr/http-message-implementation' =>
+    array (
+      'provided' =>
+      array (
+=> '1.0',
+      ),
+    ),
+    'ralouphie/getallheaders' =>
+    array (
+      'pretty_version' => '3.0.3',
+      'version' => '3.0.3.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '120b605dfeb996808c31b6477290a714d356e822',
+    ),
+    'symfony/deprecation-contracts' =>
+    array (
+      'pretty_version' => 'v3.5.0',
+      'version' => '3.5.0.0',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1',
+    ),
+  ),
+);
+private static $canGetVendors;
+private static $installedByVendor = array();
+public static function getInstalledPackages()
+{
+$packages = array();
+foreach (self::getInstalled() as $installed) {
+$packages[] = array_keys($installed['versions']);
+    /**
+     * @var string|null if set (by reflection by Composer), this should be set to the path where this class is being copied to
+     * @internal
+     */
+    private static $selfDir = null;
+    /**
+     * @var mixed[]|null
+     * @psalm-var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}|array{}|null
+     */
+    private static $installed;
+    /**
+     * @var bool
+     */
+    private static $installedIsLocalDir;
+    /**
+     * @var bool|null
+     */
+    private static $canGetVendors;
+    /**
+     * @var array[]
+     * @psalm-var array<string, array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}>
+     */
+    private static $installedByVendor = array();
+    /**
+     * Returns a list of all package names which are present, either by being installed, replaced or provided
+     *
+     * @return string[]
+     * @psalm-return list<string>
+     */
+    public static function getInstalledPackages()
+    {
+        $packages = array();
+        foreach (self::getInstalled() as $installed) {
+            $packages[] = array_keys($installed['versions']);
+        }
+        if (1 === \count($packages)) {
+            return $packages[0];
+        }
+        return array_keys(array_flip(\call_user_func_array('array_merge', $packages)));
+    }
+    /**
+     * Returns a list of all package names with a specific type e.g. 'library'
+     *
+     * @param  string   $type
+     * @return string[]
+     * @psalm-return list<string>
+     */
+    public static function getInstalledPackagesByType($type)
+    {
+        $packagesByType = array();
+        foreach (self::getInstalled() as $installed) {
+            foreach ($installed['versions'] as $name => $package) {
+                if (isset($package['type']) && $package['type'] === $type) {
+                    $packagesByType[] = $name;
+                }
+            }
+        }
+        return $packagesByType;
+    }
+    /**
+     * Checks whether the given package is installed
+     *
+     * This also returns true if the package name is provided or replaced by another package
+     *
+     * @param  string $packageName
+     * @param  bool   $includeDevRequirements
+     * @return bool
+     */
+    public static function isInstalled($packageName, $includeDevRequirements = true)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (isset($installed['versions'][$packageName])) {
+                return $includeDevRequirements || !isset($installed['versions'][$packageName]['dev_requirement']) || $installed['versions'][$packageName]['dev_requirement'] === false;
+            }
+        }
+        return false;
+    }
+    /**
+     * Checks whether the given package satisfies a version constraint
+     *
+     * e.g. If you want to know whether version 2.3+ of package foo/bar is installed, you would call:
+     *
+     *   Composer\InstalledVersions::satisfies(new VersionParser, 'foo/bar', '^2.3')
+     *
+     * @param  VersionParser $parser      Install composer/semver to have access to this class and functionality
+     * @param  string        $packageName
+     * @param  string|null   $constraint  A version constraint to check for, if you pass one you have to make sure composer/semver is required by your package
+     * @return bool
+     */
+    public static function satisfies(VersionParser $parser, $packageName, $constraint)
+    {
+        $constraint = $parser->parseConstraints((string) $constraint);
+        $provided = $parser->parseConstraints(self::getVersionRanges($packageName));
+        return $provided->matches($constraint);
+    }
+    /**
+     * Returns a version constraint representing all the range(s) which are installed for a given package
+     *
+     * It is easier to use this via isInstalled() with the $constraint argument if you need to check
+     * whether a given version of a package is installed, and not just whether it exists
+     *
+     * @param  string $packageName
+     * @return string Version constraint usable with composer/semver
+     */
+    public static function getVersionRanges($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            $ranges = array();
+            if (isset($installed['versions'][$packageName]['pretty_version'])) {
+                $ranges[] = $installed['versions'][$packageName]['pretty_version'];
+            }
+            if (array_key_exists('aliases', $installed['versions'][$packageName])) {
+                $ranges = array_merge($ranges, $installed['versions'][$packageName]['aliases']);
+            }
+            if (array_key_exists('replaced', $installed['versions'][$packageName])) {
+                $ranges = array_merge($ranges, $installed['versions'][$packageName]['replaced']);
+            }
+            if (array_key_exists('provided', $installed['versions'][$packageName])) {
+                $ranges = array_merge($ranges, $installed['versions'][$packageName]['provided']);
+            }
+            return implode(' || ', $ranges);
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @param  string      $packageName
+     * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as version, use satisfies or getVersionRanges if you need to know if a given version is present
+     */
+    public static function getVersion($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            if (!isset($installed['versions'][$packageName]['version'])) {
+                return null;
+            }
+            return $installed['versions'][$packageName]['version'];
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @param  string      $packageName
+     * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as version, use satisfies or getVersionRanges if you need to know if a given version is present
+     */
+    public static function getPrettyVersion($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            if (!isset($installed['versions'][$packageName]['pretty_version'])) {
+                return null;
+            }
+            return $installed['versions'][$packageName]['pretty_version'];
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @param  string      $packageName
+     * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as reference
+     */
+    public static function getReference($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            if (!isset($installed['versions'][$packageName]['reference'])) {
+                return null;
+            }
+            return $installed['versions'][$packageName]['reference'];
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @param  string      $packageName
+     * @return string|null If the package is being replaced or provided but is not really installed, null will be returned as install path. Packages of type metapackages also have a null install path.
+     */
+    public static function getInstallPath($packageName)
+    {
+        foreach (self::getInstalled() as $installed) {
+            if (!isset($installed['versions'][$packageName])) {
+                continue;
+            }
+            return isset($installed['versions'][$packageName]['install_path']) ? $installed['versions'][$packageName]['install_path'] : null;
+        }
+        throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+    }
+    /**
+     * @return array
+     * @psalm-return array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}
+     */
+    public static function getRootPackage()
+    {
+        $installed = self::getInstalled();
+        return $installed[0]['root'];
+    }
+    /**
+     * Returns the raw installed.php data for custom implementations
+     *
+     * @deprecated Use getAllRawData() instead which returns all datasets for all autoloaders present in the process. getRawData only returns the first dataset loaded, which may not be what you expect.
+     * @return array[]
+     * @psalm-return array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}
+     */
+    public static function getRawData()
+    {
+        @trigger_error('getRawData only returns the first dataset loaded, which may not be what you expect. Use getAllRawData() instead which returns all datasets for all autoloaders present in the process.', E_USER_DEPRECATED);
+        if (null === self::$installed) {
+            // only require the installed.php file if this file is loaded from its dumped location,
+            // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937
+            if (substr(__DIR__, -8, 1) !== 'C') {
+                self::$installed = include __DIR__ . '/installed.php';
+            } else {
+                self::$installed = array();
+            }
+        }
+        return self::$installed;
+    }
+    /**
+     * Returns the raw data of all installed.php which are currently loaded for custom implementations
+     *
+     * @return array[]
+     * @psalm-return list<array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}>
+     */
+    public static function getAllRawData()
+    {
+        return self::getInstalled();
+    }
+    /**
+     * Lets you reload the static array from another file
+     *
+     * This is only useful for complex integrations in which a project needs to use
+     * this class but then also needs to execute another project's autoloader in process,
+     * and wants to ensure both projects have access to their version of installed.php.
+     *
+     * A typical case would be PHPUnit, where it would need to make sure it reads all
+     * the data it needs from this class, then call reload() with
+     * `require $CWD/vendor/composer/installed.php` (or similar) as input to make sure
+     * the project in which it runs can then also use this class safely, without
+     * interference between PHPUnit's dependencies and the project's dependencies.
+     *
+     * @param  array[] $data A vendor/composer/installed.php data set
+     * @return void
+     *
+     * @psalm-param array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>} $data
+     */
+    public static function reload($data)
+    {
+        self::$installed = $data;
+        self::$installedByVendor = array();
+        // when using reload, we disable the duplicate protection to ensure that self::$installed data is
+        // always returned, but we cannot know whether it comes from the installed.php in __DIR__ or not,
+        // so we have to assume it does not, and that may result in duplicate data being returned when listing
+        // all installed packages for example
+        self::$installedIsLocalDir = false;
+    }
+    /**
+     * @return string
+     */
+    private static function getSelfDir()
+    {
+        if (self::$selfDir === null) {
+            self::$selfDir = strtr(__DIR__, '\\', '/');
+        }
+        return self::$selfDir;
+    }
+    /**
+     * @return array[]
+     * @psalm-return list<array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}>
+     */
+    private static function getInstalled()
+    {
+        if (null === self::$canGetVendors) {
+            self::$canGetVendors = method_exists('Composer\Autoload\ClassLoader', 'getRegisteredLoaders');
+        }
+        $installed = array();
+        $copiedLocalDir = false;
+        if (self::$canGetVendors) {
+            $selfDir = self::getSelfDir();
+            foreach (ClassLoader::getRegisteredLoaders() as $vendorDir => $loader) {
+                $vendorDir = strtr($vendorDir, '\\', '/');
+                if (isset(self::$installedByVendor[$vendorDir])) {
+                    $installed[] = self::$installedByVendor[$vendorDir];
+                } elseif (is_file($vendorDir.'/composer/installed.php')) {
+                    /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>} $required */
+                    $required = require $vendorDir.'/composer/installed.php';
+                    self::$installedByVendor[$vendorDir] = $required;
+                    $installed[] = $required;
+                    if (self::$installed === null && $vendorDir.'/composer' === $selfDir) {
+                        self::$installed = $required;
+                        self::$installedIsLocalDir = true;
+                    }
+                }
+                if (self::$installedIsLocalDir && $vendorDir.'/composer' === $selfDir) {
+                    $copiedLocalDir = true;
+                }
+            }
+        }
+        if (null === self::$installed) {
+            // only require the installed.php file if this file is loaded from its dumped location,
+            // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937
+            if (substr(__DIR__, -8, 1) !== 'C') {
+                /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>} $required */
+                $required = require __DIR__ . '/installed.php';
+                self::$installed = $required;
+            } else {
+                self::$installed = array();
+            }
+        }
+        if (self::$installed !== array() && !$copiedLocalDir) {
+            $installed[] = self::$installed;
+        }
+        return $installed;
+    }
+}
-if (1 === \count($packages)) {
-return $packages[0];
+}
-return array_keys(array_flip(\call_user_func_array('array_merge', $packages)));
+}
-public static function isInstalled($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (isset($installed['versions'][$packageName])) {
-return true;
+}
+}
-return false;
+}
-public static function satisfies(VersionParser $parser, $packageName, $constraint)
+{
-$constraint = $parser->parseConstraints($constraint);
-$provided = $parser->parseConstraints(self::getVersionRanges($packageName));
-return $provided->matches($constraint);
+}
-public static function getVersionRanges($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (!isset($installed['versions'][$packageName])) {
-continue;
+}
-$ranges = array();
-if (isset($installed['versions'][$packageName]['pretty_version'])) {
-$ranges[] = $installed['versions'][$packageName]['pretty_version'];
+}
-if (array_key_exists('aliases', $installed['versions'][$packageName])) {
-$ranges = array_merge($ranges, $installed['versions'][$packageName]['aliases']);
+}
-if (array_key_exists('replaced', $installed['versions'][$packageName])) {
-$ranges = array_merge($ranges, $installed['versions'][$packageName]['replaced']);
+}
-if (array_key_exists('provided', $installed['versions'][$packageName])) {
-$ranges = array_merge($ranges, $installed['versions'][$packageName]['provided']);
+}
-return implode(' || ', $ranges);
+}
-throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+}
-public static function getVersion($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (!isset($installed['versions'][$packageName])) {
-continue;
+}
-if (!isset($installed['versions'][$packageName]['version'])) {
-return null;
+}
-return $installed['versions'][$packageName]['version'];
+}
-throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+}
-public static function getPrettyVersion($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (!isset($installed['versions'][$packageName])) {
-continue;
+}
-if (!isset($installed['versions'][$packageName]['pretty_version'])) {
-return null;
+}
-return $installed['versions'][$packageName]['pretty_version'];
+}
-throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+}
-public static function getReference($packageName)
+{
-foreach (self::getInstalled() as $installed) {
-if (!isset($installed['versions'][$packageName])) {
-continue;
+}
-if (!isset($installed['versions'][$packageName]['reference'])) {
-return null;
+}
-return $installed['versions'][$packageName]['reference'];
+}
-throw new \OutOfBoundsException('Package "' . $packageName . '" is not installed');
+}
-public static function getRootPackage()
+{
-$installed = self::getInstalled();
-return $installed[0]['root'];
+}
-public static function getRawData()
+{
-return self::$installed;
+}
-public static function reload($data)
+{
-self::$installed = $data;
-self::$installedByVendor = array();
+}
-private static function getInstalled()
+{
-if (null === self::$canGetVendors) {
-self::$canGetVendors = method_exists('Composer\Autoload\ClassLoader', 'getRegisteredLoaders');
+}
-$installed = array();
-if (self::$canGetVendors) {
-foreach (ClassLoader::getRegisteredLoaders() as $vendorDir => $loader) {
-if (isset(self::$installedByVendor[$vendorDir])) {
-$installed[] = self::$installedByVendor[$vendorDir];
-} elseif (is_file($vendorDir.'/composer/installed.php')) {
-$installed[] = self::$installedByVendor[$vendorDir] = require $vendorDir.'/composer/installed.php';
+}
+}
+}
-$installed[] = self::$installed;
-return $installed;
+}
+}

authress/trunk/vendor/composer/autoload_classmap.php

r3103661	r3405904
3	3	// autoload_classmap.php @generated by Composer
4	4
5		$vendorDir = dirname(~~dirname(__FILE__)~~);
	5	$vendorDir = dirname(__DIR__);
6	6	$baseDir = dirname($vendorDir);
7	7

authress/trunk/vendor/composer/autoload_files.php

r3103661	r3405904
3	3	// autoload_files.php @generated by Composer
4	4
5		$vendorDir = dirname(~~dirname(__FILE__)~~);
	5	$vendorDir = dirname(__DIR__);
6	6	$baseDir = dirname($vendorDir);
7	7

authress/trunk/vendor/composer/autoload_namespaces.php

r2688858	r3405904
3	3	// autoload_namespaces.php @generated by Composer
4	4
5		$vendorDir = dirname(~~dirname(__FILE__)~~);
	5	$vendorDir = dirname(__DIR__);
6	6	$baseDir = dirname($vendorDir);
7	7

authress/trunk/vendor/composer/autoload_psr4.php

r3103661	r3405904
3	3	// autoload_psr4.php @generated by Composer
4	4
5		$vendorDir = dirname(~~dirname(__FILE__)~~);
	5	$vendorDir = dirname(__DIR__);
6	6	$baseDir = dirname($vendorDir);
7	7

authress/trunk/vendor/composer/autoload_real.php

-                      r3264076
+                      r3405904
 // autoload_real.php @generated by Composer
 class ComposerAutoloaderInit0afc4f4830b212e88cd7a189750a61be
+class ComposerAutoloaderInit908d35cafd3f3b46a98d2b262382722b
+{
     private static $loader;
 …
         require __DIR__ . '/platform_check.php';
         spl_autoload_register(array('ComposerAutoloaderInit0afc4f4830b212e88cd7a189750a61be', 'loadClassLoader'), true, true);
         self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__)));
         spl_autoload_unregister(array('ComposerAutoloaderInit0afc4f4830b212e88cd7a189750a61be', 'loadClassLoader'));
+        spl_autoload_register(array('ComposerAutoloaderInit908d35cafd3f3b46a98d2b262382722b', 'loadClassLoader'), true, true);
+        self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__));
+        spl_autoload_unregister(array('ComposerAutoloaderInit908d35cafd3f3b46a98d2b262382722b', 'loadClassLoader'));
+        $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
+        if ($useStaticLoader) {
+            require __DIR__ . '/autoload_static.php';
+            call_user_func(\Composer\Autoload\ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::getInitializer($loader));
+        } else {
+            $map = require __DIR__ . '/autoload_namespaces.php';
+            foreach ($map as $namespace => $path) {
+                $loader->set($namespace, $path);
+            }
+            $map = require __DIR__ . '/autoload_psr4.php';
+            foreach ($map as $namespace => $path) {
+                $loader->setPsr4($namespace, $path);
+            }
+            $classMap = require __DIR__ . '/autoload_classmap.php';
+            if ($classMap) {
+                $loader->addClassMap($classMap);
+            }
+        }
+        require __DIR__ . '/autoload_static.php';
+        call_user_func(\Composer\Autoload\ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::getInitializer($loader));
         $loader->register(true);
+        if ($useStaticLoader) {
+            $includeFiles = Composer\Autoload\ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$files;
+        } else {
+            $includeFiles = require __DIR__ . '/autoload_files.php';
+        }
+        foreach ($includeFiles as $fileIdentifier => $file) {
+            composerRequire0afc4f4830b212e88cd7a189750a61be($fileIdentifier, $file);
+        $filesToLoad = \Composer\Autoload\ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$files;
+        $requireFile = \Closure::bind(static function ($fileIdentifier, $file) {
+            if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
+                $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
+                require $file;
+            }
+        }, null, null);
+        foreach ($filesToLoad as $fileIdentifier => $file) {
+            $requireFile($fileIdentifier, $file);
+        }
 …
+    }
+}
-function composerRequire0afc4f4830b212e88cd7a189750a61be($fileIdentifier, $file)
+{
-    if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
-        require $file;
-        $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
+    }
+}

authress/trunk/vendor/composer/autoload_static.php

-                      r3264076
+                      r3405904
 namespace Composer\Autoload;
 class ComposerStaticInit0afc4f4830b212e88cd7a189750a61be
+class ComposerStaticInit908d35cafd3f3b46a98d2b262382722b
+{
     public static $files = array (
 …
     public static $prefixLengthsPsr4 = array (
         'p' =>
+        'p' =>
         array (
             'phpseclib3\\' => 11,
         ),
         'P' =>
+        'P' =>
         array (
             'Psr\\Http\\Message\\' => 17,
 …
             'ParagonIE\\ConstantTime\\' => 23,
         ),
         'L' =>
+        'L' =>
         array (
             'Lcobucci\\JWT\\' => 13,
             'Lcobucci\\Clock\\' => 15,
         ),
         'G' =>
+        'G' =>
         array (
             'GuzzleHttp\\Psr7\\' => 16,
 …
             'GuzzleHttp\\' => 11,
         ),
         'C' =>
+        'C' =>
         array (
             'CoderCat\\JWKToPEM\\' => 18,
 …
     public static $prefixDirsPsr4 = array (
         'phpseclib3\\' =>
+        'phpseclib3\\' =>
         array (
 => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib',
         ),
         'Psr\\Http\\Message\\' =>
+        'Psr\\Http\\Message\\' =>
         array (
 => __DIR__ . '/..' . '/psr/http-factory/src',
 => __DIR__ . '/..' . '/psr/http-message/src',
         ),
         'Psr\\Http\\Client\\' =>
+        'Psr\\Http\\Client\\' =>
         array (
 => __DIR__ . '/..' . '/psr/http-client/src',
         ),
         'Psr\\Clock\\' =>
+        'Psr\\Clock\\' =>
         array (
 => __DIR__ . '/..' . '/psr/clock/src',
         ),
         'ParagonIE\\ConstantTime\\' =>
+        'ParagonIE\\ConstantTime\\' =>
         array (
 => __DIR__ . '/..' . '/paragonie/constant_time_encoding/src',
         ),
         'Lcobucci\\JWT\\' =>
+        'Lcobucci\\JWT\\' =>
         array (
 => __DIR__ . '/..' . '/lcobucci/jwt/src',
         ),
         'Lcobucci\\Clock\\' =>
+        'Lcobucci\\Clock\\' =>
         array (
 => __DIR__ . '/..' . '/lcobucci/clock/src',
         ),
         'GuzzleHttp\\Psr7\\' =>
+        'GuzzleHttp\\Psr7\\' =>
         array (
 => __DIR__ . '/..' . '/guzzlehttp/psr7/src',
         ),
         'GuzzleHttp\\Promise\\' =>
+        'GuzzleHttp\\Promise\\' =>
         array (
 => __DIR__ . '/..' . '/guzzlehttp/promises/src',
         ),
         'GuzzleHttp\\' =>
+        'GuzzleHttp\\' =>
         array (
 => __DIR__ . '/..' . '/guzzlehttp/guzzle/src',
         ),
         'CoderCat\\JWKToPEM\\' =>
+        'CoderCat\\JWKToPEM\\' =>
         array (
 => __DIR__ . '/..' . '/codercat/jwk-to-pem/src',
 …
+    {
         return \Closure::bind(function () use ($loader) {
             $loader->prefixLengthsPsr4 = ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$prefixLengthsPsr4;
             $loader->prefixDirsPsr4 = ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$prefixDirsPsr4;
             $loader->fallbackDirsPsr4 = ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$fallbackDirsPsr4;
             $loader->classMap = ComposerStaticInit0afc4f4830b212e88cd7a189750a61be::$classMap;
+            $loader->prefixLengthsPsr4 = ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$prefixLengthsPsr4;
+            $loader->prefixDirsPsr4 = ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$prefixDirsPsr4;
+            $loader->fallbackDirsPsr4 = ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$fallbackDirsPsr4;
+            $loader->classMap = ComposerStaticInit908d35cafd3f3b46a98d2b262382722b::$classMap;
         }, null, ClassLoader::class);

authress/trunk/vendor/composer/installed.php

-                      r3264076
+                      r3405904
+<?php return array (
+  'root' =>
+  array (
+    'pretty_version' => 'dev-release/0.2',
+    'version' => 'dev-release/0.2',
+    'aliases' =>
+    array (
+<?php return array(
+    'root' => array(
+        'name' => 'authress/wordpress-plugin.php',
+        'pretty_version' => 'dev-release/0.2',
+        'version' => 'dev-release/0.2',
+        'reference' => '3442604cc0624068e0cb453813a53653f881f1f8',
+        'type' => 'library',
+        'install_path' => __DIR__ . '/../../',
+        'aliases' => array(),
+        'dev' => false,
     ),
+    'reference' => '96e0eab8ebba749fdfc6becf25a6501b8eaa1b43',
+    'name' => 'authress/wordpress-plugin.php',
+  ),
+  'versions' =>
+  array (
+    'authress/wordpress-plugin.php' =>
+    array (
+      'pretty_version' => 'dev-release/0.2',
+      'version' => 'dev-release/0.2',
+      'aliases' =>
+      array (
+      ),
+      'reference' => '96e0eab8ebba749fdfc6becf25a6501b8eaa1b43',
+    'versions' => array(
+        'authress/wordpress-plugin.php' => array(
+            'pretty_version' => 'dev-release/0.2',
+            'version' => 'dev-release/0.2',
+            'reference' => '3442604cc0624068e0cb453813a53653f881f1f8',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../../',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'codercat/jwk-to-pem' => array(
+            'pretty_version' => '1.1',
+            'version' => '1.1.0.0',
+            'reference' => '4b3cdcf5f87b9b074f132f763a6b7b82c7d3ff1d',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../codercat/jwk-to-pem',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'guzzlehttp/guzzle' => array(
+            'pretty_version' => '7.8.1',
+            'version' => '7.8.1.0',
+            'reference' => '41042bc7ab002487b876a0683fc8dce04ddce104',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../guzzlehttp/guzzle',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'guzzlehttp/promises' => array(
+            'pretty_version' => '2.0.2',
+            'version' => '2.0.2.0',
+            'reference' => 'bbff78d96034045e58e13dedd6ad91b5d1253223',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../guzzlehttp/promises',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'guzzlehttp/psr7' => array(
+            'pretty_version' => '2.6.2',
+            'version' => '2.6.2.0',
+            'reference' => '45b30f99ac27b5ca93cb4831afe16285f57b8221',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../guzzlehttp/psr7',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'lcobucci/clock' => array(
+            'pretty_version' => '3.2.0',
+            'version' => '3.2.0.0',
+            'reference' => '6f28b826ea01306b07980cb8320ab30b966cd715',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../lcobucci/clock',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'lcobucci/jwt' => array(
+            'pretty_version' => '4.3.0',
+            'version' => '4.3.0.0',
+            'reference' => '4d7de2fe0d51a96418c0d04004986e410e87f6b4',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../lcobucci/jwt',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'paragonie/constant_time_encoding' => array(
+            'pretty_version' => 'v3.0.0',
+            'version' => '3.0.0.0',
+            'reference' => 'df1e7fde177501eee2037dd159cf04f5f301a512',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../paragonie/constant_time_encoding',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'paragonie/random_compat' => array(
+            'pretty_version' => 'v9.99.100',
+            'version' => '9.99.100.0',
+            'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../paragonie/random_compat',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'phpseclib/phpseclib' => array(
+            'pretty_version' => '3.0.38',
+            'version' => '3.0.38.0',
+            'reference' => 'b18b8788e51156c4dd97b7f220a31149a0052067',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../phpseclib/phpseclib',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/clock' => array(
+            'pretty_version' => '1.0.0',
+            'version' => '1.0.0.0',
+            'reference' => 'e41a24703d4560fd0acb709162f73b8adfc3aa0d',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../psr/clock',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/clock-implementation' => array(
+            'dev_requirement' => false,
+            'provided' => array(
+=> '1.0',
+            ),
+        ),
+        'psr/http-client' => array(
+            'pretty_version' => '1.0.3',
+            'version' => '1.0.3.0',
+            'reference' => 'bb5906edc1c324c9a05aa0873d40117941e5fa90',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../psr/http-client',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/http-client-implementation' => array(
+            'dev_requirement' => false,
+            'provided' => array(
+=> '1.0',
+            ),
+        ),
+        'psr/http-factory' => array(
+            'pretty_version' => '1.1.0',
+            'version' => '1.1.0.0',
+            'reference' => '2b4765fddfe3b508ac62f829e852b1501d3f6e8a',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../psr/http-factory',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/http-factory-implementation' => array(
+            'dev_requirement' => false,
+            'provided' => array(
+=> '1.0',
+            ),
+        ),
+        'psr/http-message' => array(
+            'pretty_version' => '2.0',
+            'version' => '2.0.0.0',
+            'reference' => '402d35bcb92c70c026d1a6a9883f06b2ead23d71',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../psr/http-message',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'psr/http-message-implementation' => array(
+            'dev_requirement' => false,
+            'provided' => array(
+=> '1.0',
+            ),
+        ),
+        'ralouphie/getallheaders' => array(
+            'pretty_version' => '3.0.3',
+            'version' => '3.0.3.0',
+            'reference' => '120b605dfeb996808c31b6477290a714d356e822',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../ralouphie/getallheaders',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
+        'symfony/deprecation-contracts' => array(
+            'pretty_version' => 'v3.5.0',
+            'version' => '3.5.0.0',
+            'reference' => '0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1',
+            'type' => 'library',
+            'install_path' => __DIR__ . '/../symfony/deprecation-contracts',
+            'aliases' => array(),
+            'dev_requirement' => false,
+        ),
     ),
-    'codercat/jwk-to-pem' =>
-    array (
-      'pretty_version' => '1.1',
-      'version' => '1.1.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '4b3cdcf5f87b9b074f132f763a6b7b82c7d3ff1d',
-    ),
-    'guzzlehttp/guzzle' =>
-    array (
-      'pretty_version' => '7.8.1',
-      'version' => '7.8.1.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '41042bc7ab002487b876a0683fc8dce04ddce104',
-    ),
-    'guzzlehttp/promises' =>
-    array (
-      'pretty_version' => '2.0.2',
-      'version' => '2.0.2.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'bbff78d96034045e58e13dedd6ad91b5d1253223',
-    ),
-    'guzzlehttp/psr7' =>
-    array (
-      'pretty_version' => '2.6.2',
-      'version' => '2.6.2.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '45b30f99ac27b5ca93cb4831afe16285f57b8221',
-    ),
-    'lcobucci/clock' =>
-    array (
-      'pretty_version' => '3.2.0',
-      'version' => '3.2.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '6f28b826ea01306b07980cb8320ab30b966cd715',
-    ),
-    'lcobucci/jwt' =>
-    array (
-      'pretty_version' => '4.3.0',
-      'version' => '4.3.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '4d7de2fe0d51a96418c0d04004986e410e87f6b4',
-    ),
-    'paragonie/constant_time_encoding' =>
-    array (
-      'pretty_version' => 'v3.0.0',
-      'version' => '3.0.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'df1e7fde177501eee2037dd159cf04f5f301a512',
-    ),
-    'paragonie/random_compat' =>
-    array (
-      'pretty_version' => 'v9.99.100',
-      'version' => '9.99.100.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a',
-    ),
-    'phpseclib/phpseclib' =>
-    array (
-      'pretty_version' => '3.0.38',
-      'version' => '3.0.38.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'b18b8788e51156c4dd97b7f220a31149a0052067',
-    ),
-    'psr/clock' =>
-    array (
-      'pretty_version' => '1.0.0',
-      'version' => '1.0.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'e41a24703d4560fd0acb709162f73b8adfc3aa0d',
-    ),
-    'psr/clock-implementation' =>
-    array (
-      'provided' =>
-      array (
-=> '1.0',
-      ),
-    ),
-    'psr/http-client' =>
-    array (
-      'pretty_version' => '1.0.3',
-      'version' => '1.0.3.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => 'bb5906edc1c324c9a05aa0873d40117941e5fa90',
-    ),
-    'psr/http-client-implementation' =>
-    array (
-      'provided' =>
-      array (
-=> '1.0',
-      ),
-    ),
-    'psr/http-factory' =>
-    array (
-      'pretty_version' => '1.1.0',
-      'version' => '1.1.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '2b4765fddfe3b508ac62f829e852b1501d3f6e8a',
-    ),
-    'psr/http-factory-implementation' =>
-    array (
-      'provided' =>
-      array (
-=> '1.0',
-      ),
-    ),
-    'psr/http-message' =>
-    array (
-      'pretty_version' => '2.0',
-      'version' => '2.0.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '402d35bcb92c70c026d1a6a9883f06b2ead23d71',
-    ),
-    'psr/http-message-implementation' =>
-    array (
-      'provided' =>
-      array (
-=> '1.0',
-      ),
-    ),
-    'ralouphie/getallheaders' =>
-    array (
-      'pretty_version' => '3.0.3',
-      'version' => '3.0.3.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '120b605dfeb996808c31b6477290a714d356e822',
-    ),
-    'symfony/deprecation-contracts' =>
-    array (
-      'pretty_version' => 'v3.5.0',
-      'version' => '3.5.0.0',
-      'aliases' =>
-      array (
-      ),
-      'reference' => '0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1',
-    ),
-  ),
 );

authress/trunk/vendor/composer/platform_check.php

r3103661	r3405904
20	20	}
21	21	}
22		trigger_error(
23		'Composer detected issues in your platform: ' . implode(' ', $issues),
24		E_USER_ERROR
	22	throw new \RuntimeException(
	23	'Composer detected issues in your platform: ' . implode(' ', $issues)
25	24	);
26	25	}

authress/trunk/wordpress/readme.txt

-                      r3264076
+                      r3405904
 Requires at least: 5.5
 Requires PHP: 8.2
 Tested up to: 6.6
 Stable tag: 0.2.100
+Tested up to: 6.9
+Stable tag: 0.2.107
 License: Apache-2.0
 License URI: https://github.com/Authress/wordpress-sso-login/blob/main/LICENSE

r3264076	r3405904
1		/! Authress Login SDK 2.5.362 \| Author - Authress Developers \| License information can be found at https://github.com/Authress/login-sdk.js /
2		!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,n={75:(e,t,n)=>{const{sanitizeUrl:r}=n(332),o=n(629),i={"Content-Type":"application/json","X-Powered-By":`Authress Login SDK; Javascript; ${n(330).version}`},a=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","Load failed","<HTML DOCUMENT></HTML>"]);function s(e){return"Network Error"===e.message\|\|"ERR_NETWORK"===e.code\|\|!e.status\|\|e.status>=500\|\|"string"==typeof e.message&&a.has(e.message)\|\|"string"==typeof e.data&&a.has(e.data)}async function c(e){let t=null;for(let n=0;n<5;n++)try{return await e()}catch(e){if(e.retryCount=n,!s(e))throw e;t=e,t.isNetworkError=!0,await new Promise((e=>setTimeout(e,102n)));continue}const n=new Error("[Authress Login SDK] Http Request failed due to a Network Error even after multiple retries",{cause:t});throw n.code="AuthressSdkNetworkError",n}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const n=t\|\|{debug(){},warn(){},critical(){}};this.logger=n;const o=new URL(r(e));this.loginUrl=`${o.origin}/api`}get(e,t,n,r){return c((()=>this.fetchWrapper("GET",e,null,n,t,r)))}delete(e,t,n,r){return c((()=>this.fetchWrapper("DELETE",e,null,n,t,r)))}post(e,t,n,r,o){return c((()=>this.fetchWrapper("POST",e,n,r,t,o)))}put(e,t,n,r,o){return c((()=>this.fetchWrapper("PUT",e,n,r,t,o)))}patch(e,t,n,r,o){return c((()=>this.fetchWrapper("PATCH",e,n,r,t,o)))}async fetchWrapper(e,t,n,r,a,s){const c=`${this.loginUrl}${t.toString()}`,d=e.toUpperCase(),l=Object.assign({},i,r);try{this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] HttpClient Request",method:d,url:c});const e={method:d,headers:l};n&&(e.body=JSON.stringify(n)),!o.isLocalHost()&&a&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let r={};try{r=await t.text(),r=JSON.parse(r)}catch(e){}return{url:c,method:d,headers:t.headers,status:t.status,data:r}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const r=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(r){this.logger&&this.logger.debug&&this.logger.debug({title:`[Authress Login SDK] Fetch failed due to a browser extension - ${d} - ${c}`,method:d,url:c,data:n,headers:l,error:e,resolvedError:t,extensionErrorId:r});const o=new Error(`Extension Error ID: ${r}`);throw o.code="BROWSER_EXTENSION_ERROR",o}const o=e.status;let i="warn",a="[Authress Login SDK] HttpClient Response Error";e?401===o?(a="[Authress Login SDK] HttpClient Response Error due to invalid token",i="debug"):404===o?(a="[Authress Login SDK] HttpClient Response: Not Found",i="debug"):o<500&&s&&(i="debug"):a="[Authress Login SDK] HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[i]&&this.logger[i]({title:a,online:"undefined"==typeof navigator\|\|navigator.onLine,method:d,url:c,status:o,data:n,headers:l,error:e,resolvedError:t});throw{url:c,method:d,status:o,data:t,headers:e.headers}}}}},160:(e,t,n)=>{const r=n(427),o="AuthenticationCredentialsStorage";e.exports=new class{constructor(){this.retainUserCookie=!1}getUserCookie(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;return document.cookie.split(";").filter((e=>"user"===e.split("=")[0].trim())).map((e=>e.replace(/^user=/,""))).find((e=>e&&e.trim()))\|\|null}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const n=r.parse(document.cookie);localStorage.setItem(o,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!n.authorization})),this.retainUserCookie\|\|this.clearCookies("user")}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;let e={};try{e=r.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:n,jsCookies:r}=JSON.parse(localStorage.getItem(o)\|\|"{}");return t?n<Date.now()\|\|r&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(o)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies("user")}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window\|\|"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const n of t){if(!["user","authorization","auth-code","AuthUserId"].includes(n.split("=")[0])\|\|e&&n.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),r=[...Array(t.length-1)].map(((e,n)=>t.reverse().slice(0,n+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&r.push("localhost");for(const e of r){const t=e?`domain=${e};`:"",r=`${encodeURIComponent(n.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${r}/`;const o=location.pathname.split("/");for(;o.length>0;)document.cookie=r+o.join("/"),o.pop()}}}}},321:e=>{var t=1/0,n=17976931348623157e292,r=NaN,o="[object Symbol]",i=/^\s+\|\s+$/g,a=/^[-+]0x[0-9a-f]+$/i,s=/^0b[01]+$/i,c=/^0o[0-7]+$/i,d=parseInt,l=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t\|\|"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,n){var r=-1,o=e.length;t<0&&(t=-t>o?0:o+t),(n=n>o?o:n)<0&&(n+=o),o=t>n?0:n-t>>>0,t>>>=0;for(var i=Array(o);++r<o;)i[r]=e[r+t];return i}(e,0,(h=p\|\|void 0===h?1:(f=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e\|\|function(e){return!!e&&"object"==typeof e}(e)&&l.call(e)==o}(e))return r;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(i,"");var n=s.test(e);return n\|\|c.test(e)?d(e.slice(2),n?2:8):a.test(e)?r:+e}(e))===t\|\|e===-1/0?(e<0?-1:1)n:e==e?e:0:0===e?e:0}(h),g=f%1,f==f?g?f-g:f:0))<0?0:h):[];var f,g}},330:e=>{"use strict";e.exports=JSON.parse('{"name":"@authress/login","version":"2.5.362","description":"Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.","main":"./src/index.js","types":"./index.d.ts","files":["index.d.ts","src","dist"],"scripts":{"build":"node make.js build && NODE_ENV=production webpack --mode=production","lint":"eslint --ext .js,.ts src tests make.js index.d.ts","test":"check-dts index.d.ts && mocha tests/.test.js tests//.test.js -R spec"},"dependencies":{"cookie":"<1","lodash.take":"^4.1.1"},"devDependencies":{"@babel/core":"^7.17.5","@babel/preset-env":"^7.16.11","@types/node":"^14.14.35","@typescript-eslint/eslint-plugin":"^3.1.0","@typescript-eslint/parser":"^3.1.0","babel-loader":"^8.2.3","chai":"^4.2.0","check-dts":"^0.4.4","ci-build-tools":"^1.0.13","commander":"^4.0.1","compression-webpack-plugin":"^9.2.0","eslint":"^7.12.1","eslint-config-cimpress-atsquad":"^1.0.67","eslint-loader":"^4.0.2","eslint-plugin-mocha":"^7.0.1","eslint-plugin-node":"^11.1.0","eslint-plugin-promise":"^6.1.1","fs-extra":"^8.1.0","glob":"^7.1.6","mocha":"^11.1.0","path-browserify":"^1.0.1","sinon":"^7.5.0","sinon-chai":"^3.3.0","terser-webpack-plugin":"^5.3.1","typescript":"^3.9.5","webpack":"^5.69.1","webpack-cli":"^4.9.2"},"repository":{"type":"git","url":"git+https://github.com/Authress/authress-login.js"},"keywords":["authentication","authentication as a service","Login","Login Client","universal login","auth","federated login","secure login","application security","IDaaS","authentication","user authentication","user identity","Oauth2","Oauth2.1","Oauth3","platform","platform login","extension","Authress","Authress client","user security","DBSC","Device Bound Session Credentials"],"author":"Authress Developers <developers@authress.io> (https://authress.io)","license":"Apache-2.0","bugs":{"url":"https://github.com/Authress/authress-login.js/issues"},"homepage":"https://authress.io","engines":{"node":">=18"}}')},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")\|\|(t=`https://${t}`);const n=new URL(t),r=n.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return r&&(n.host=`${r[1]}.login.authress.io`,t=n.toString()),t.replace(/[/]+$/,"")}},354:(e,t,n)=>{const r=n(427),o=n(321),i=n(629),a=n(75),s=n(836),{sanitizeUrl:c}=n(332),d=n(160);let l,u=new Promise((e=>l=e)),h=null;const p="AuthenticationRequestNonce";const f=n(568);e.exports={LoginClient:class{constructor(e,t){const n=Object.assign({applicationId:"app_default"},e);this.logger=t\|\|console;const r=n.authressApiUrl\|\|n.authressLoginHostUrl\|\|n.authenticationServiceUrl\|\|"";if(!r)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');if(this.applicationId=n.applicationId,!this.applicationId\|\|this.applicationId.match(/^(sc_\|ext_)/)){const e=Error("You have incorrectly specified an Authress Service Client or Extension as the applicationId instead of a valid application. The applicationId is your application that your users will log into, usually hosted on your domain https://example.yourdomain.com. Users cannot log into a Service Client, but they can log in with one. Users can use a Service Client to log in, by setting the connection ID in the authenticate({ connectionId }) method to be the Authress Service Client.\n(1) If you are building an Custom Login Portal, then the application ID should correspond to this login portal.\n(2) If you are replacing or extending an Authress connection, then specify the Service Client as the connectionId and the end user application as the applicationId.\n(3) If you are building a platform or plugin marketplace, where users will log into third party extensions or apps, then distribute in your SDK a wrapper for the Authress Extension Client using: import { extensionClient } from '@authress/login' found within this SDK.\n(4) If you aren't sure what to do here to fix the problem, the fastest and usually correct solution is go to https://authress.io/app/#/settings?focus=applications create a new application, specify your site in the application url property and then update the value here.");throw e.code="InvalidApplication",e}this.hostUrl=c(r),this.httpClient=new a(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),d.retainUserCookie=e.retainUserCookie,n.skipBackgroundCredentialsCheck\|\|i.onLoad((async()=>{await this.userSessionExists(!0)}))}getMatchingDomainInfo(e){const t=new URL(e);if(i.isLocalHost())return!1;const n=i.getCurrentLocation();if("https:"!==n.protocol)return!1;const r=t.host.toLowerCase().split(".").reverse(),a=n.host.toLowerCase().split(".").reverse();let s=[];for(let e of r){const t=o(a,s.length+1).join(".");if(s.concat(e).join(".")!==t)break;s.push(e)}return s.length===r.length&&s.length===a.length\|\|s.length>1}getUserIdentity(){const e=d.getUserCookie(),t=s.decodeOrParse(e);if(t){const n=t.exp?new Date(1e3t.exp):new Date(Date.now()+864e5);return d.set(e,n),t.userId=t.sub,t}const n=d.get(),r=s.decodeOrParse(n);if(!r)return null;const o=new URL(r.iss).hostname,i=new URL(this.hostUrl).hostname;return o.endsWith(i)\|\|i.endsWith(o)?(r.userId=r.sub,r):(d.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage\|\|"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl\|\|i.getCurrentLocation().href),i.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:"",type:"",totp:{}}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}if(!e){const e=Error("Register Device missing required parameter: 'Options'");throw e.code="InvalidInput",e}let n;if(e.type&&"WebAuthN"!==e.type)"TOTP"===e.type&&(n={name:e.name,code:e.totp.verificationCode,totpData:e.totp,type:"TOTP"});else{const r=t.sub,o={challenge:Uint8Array.from(r,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(r,(e=>e.charCodeAt(0))),name:r,displayName:`Generated User ID: ${r}`},pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},i=await navigator.credentials.create({publicKey:o}),a={authenticatorAttachment:i.authenticatorAttachment,credentialId:i.id,type:i.type,userId:r,attestation:btoa(String.fromCharCode(...new Uint8Array(i.response.attestationObject))),client:btoa(String.fromCharCode(...new Uint8Array(i.response.clientDataJSON)))};n={name:e&&e.name,code:a,type:"WebAuthN"}}try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,n,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to register new device",error:e,request:n}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e){return h?Date.now()-this.lastSessionCheck<50?h:(this.lastSessionCheck=Date.now(),h=h.catch((()=>{})).then((()=>this.userSessionContinuation(e)))):(this.lastSessionCheck=Date.now(),h=this.userSessionContinuation(e))}async userSessionContinuation(e){const t=new URLSearchParams(i.getCurrentLocation().search);let n={};if("undefined"!=typeof localStorage)try{n=JSON.parse(localStorage.getItem(p)\|\|"{}"),localStorage.removeItem(p),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if((n.nonce\|\|t.get("iss")&&t.get("iss").includes(this.hostUrl))&&this.sanitizeQueryParameters(),n.nonce&&t.get("code")&&n.nonce===t.get("nonce")){const e="cookie"===t.get("code")?r.parse(document.cookie)["auth-code"]:t.get("code"),o=await s.calculateAntiAbuseHash({client_id:this.applicationId,authenticationRequestId:n.nonce,code:e}),i={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.applicationId,code:e,code_verifier:n.codeVerifier,antiAbuseHash:o};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,i),t=s.decode(e.data.id_token),o=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);return document.cookie=r.serialize("authorization",e.data.access_token\|\|"",{expires:o,path:"/",sameSite:"strict"}),d.set(e.data.id_token,o),l(),!0}catch(e){if(this.logger&&this.logger.log({title:"[Authress Login SDK] Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data\|\|e}}if(i.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(!n.nonce\|\|n.nonce===t.get("nonce"))){const e=s.decode(t.get("id_token")),n=e.exp&&new Date(1e3e.exp)\|\|Number(t.get("expires_in"))&&new Date(Date.now()+1e3Number(t.get("expires_in")));return document.cookie=r.serialize("authorization",t.get("access_token")\|\|"",{expires:n,path:"/",sameSite:"strict"}),d.set(t.get("id_token"),n),l(),!0}if(this.getUserIdentity())return l(),!0;if(!i.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=s.decode(e.data.id_token),n=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);document.cookie=r.serialize("authorization",e.data.access_token\|\|"",{expires:n,path:"/",sameSite:"strict"}),d.set(e.data.id_token,n)}}catch(e){400===e.status\|\|404===e.status\|\|409===e.status?this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return l(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:r}){if(!t&&!n){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const o=new URLSearchParams(i.getCurrentLocation().search),a=e\|\|o.get("state");if(!a){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=await s.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,authenticationRequestId:a}),o=await this.httpClient.patch(`/authentication/${a}`,!0,{antiAbuseHash:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:r});if(new URL(o.data.authenticationUrl).hostname===i.getCurrentLocation().hostname)return{authenticationUrl:o.data.authenticationUrl};i.assign(o.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const n=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,n)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:n,connectionProperties:r}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let o;try{o=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:a}=await s.getAuthCodes(),c=await s.calculateAntiAbuseHash({connectionId:e,tenantLookupIdentifier:t,applicationId:this.applicationId});try{const s=n&&new URL(n).toString()\|\|i.getCurrentLocation().href,d=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${o}`},l=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:c,linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:a,connectionId:e,tenantLookupIdentifier:t,connectionProperties:r,applicationId:this.applicationId},d);i.assign(l.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:n,inviteId:r,redirectUrl:o,force:a,responseLocation:c,flowType:l,connectionProperties:u,openType:h,multiAccount:f,clearUserDataBeforeLogin:g}=e\|\|{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!r&&!a&&!f&&await this.userSessionExists()){const n=await this.ensureToken(),r=s.decode(n);if(t&&r&&r.azp&&t!==r.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:r});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:m,codeChallenge:w}=await s.getAuthCodes(),y=await s.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,inviteId:r,applicationId:this.applicationId});try{const e=o&&new URL(o).toString()\|\|i.getCurrentLocation().href;!1!==g&&d.clear();const a=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:y,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:w,connectionId:t,tenantLookupIdentifier:n,inviteId:r,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:l,multiAccount:f});if(localStorage.setItem(p,JSON.stringify({nonce:a.data.authenticationRequestId,codeVerifier:m,lastConnectionId:t,tenantLookupIdentifier:n,redirectUrl:e,enableCredentials:a.data.enableCredentials,multiAccount:f})),new URL(a.data.authenticationUrl).hostname===i.getCurrentLocation().hostname)return{authenticationUrl:a.data.authenticationUrl};if("tab"===h){const e=i.open(a.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed\|\|i.assign(a.data.authenticationUrl)}else i.assign(a.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async ensureToken(e){if(e&&0===e.timeoutInMillis){const e=this.getUserIdentity(),t=r.parse(document.cookie);if(e)return"undefined"!==t.authorization&&t.authorization;const n=Error("No token retrieved after timeout");throw n.code="TokenTimeout",n}await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e\|\|{}),n=this.waitForUserSession(),o=-1===t.timeoutInMillis\|\|t.timeoutInMillis>231-1?231-1:t.timeoutInMillis,i=new Promise(((e,t)=>setTimeout(t,o\|\|0)));try{await Promise.race([n,i])}catch(e){const t=Error("No token retrieved after timeout");throw t.code="TokenTimeout",t}const a=r.parse(document.cookie);return"undefined"!==a.authorization&&a.authorization}async logout(e){let t;if(e)try{new URL(e),t=e}catch(n){try{t=new URL(e,i.getCurrentLocation().href).toString()}catch(t){const n=Error(`The logout redirect url is not valid URL: ${e}`);throw n.code="InvalidRedirectUrl",n}}if(d.clear(),this.sanitizeQueryParameters(),u=new Promise((e=>l=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),this.lastSessionCheck=0,void(e&&e!==i.getCurrentLocation().href&&i.assign(e))}catch(e){}const n=new URL("/logout",this.hostUrl);n.searchParams.set("redirect_uri",t\|\|i.getCurrentLocation().href),n.searchParams.set("client_id",this.applicationId),i.assign(n.toString()),this.lastSessionCheck=0,await new Promise((e=>setTimeout(e,500)))}sanitizeQueryParameters(){const e=new URL(i.getCurrentLocation());e.searchParams.delete("iss"),e.searchParams.delete("nonce"),e.searchParams.delete("code"),e.searchParams.delete("expires_in"),e.searchParams.delete("access_token"),e.searchParams.delete("id_token"),history.replaceState({},void 0,e.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var n={},o=e.length;if(o<2)return n;var i=t&&t.decode\|\|l,a=0,s=0,h=0;do{if(-1===(s=e.indexOf("=",a)))break;if(-1===(h=e.indexOf(";",a)))h=o;else if(s>h){a=e.lastIndexOf(";",s-1)+1;continue}var p=c(e,a,s),f=d(e,s,p),g=e.slice(p,f);if(!r.call(n,g)){var m=c(e,s+1,h),w=d(e,h,m);34===e.charCodeAt(m)&&34===e.charCodeAt(w-1)&&(m++,w--);var y=e.slice(m,w);n[g]=u(y,i)}a=h+1}while(a<o);return n},t.serialize=function(e,t,r){var c=r&&r.encode\|\|encodeURIComponent;if("function"!=typeof c)throw new TypeError("option encode is invalid");if(!o.test(e))throw new TypeError("argument name is invalid");var d=c(t);if(!i.test(d))throw new TypeError("argument val is invalid");var l=e+"="+d;if(!r)return l;if(null!=r.maxAge){var u=Math.floor(r.maxAge);if(!isFinite(u))throw new TypeError("option maxAge is invalid");l+="; Max-Age="+u}if(r.domain){if(!a.test(r.domain))throw new TypeError("option domain is invalid");l+="; Domain="+r.domain}if(r.path){if(!s.test(r.path))throw new TypeError("option path is invalid");l+="; Path="+r.path}if(r.expires){var h=r.expires;if(!function(e){return"[object Date]"===n.call(e)}(h)\|\|isNaN(h.valueOf()))throw new TypeError("option expires is invalid");l+="; Expires="+h.toUTCString()}r.httpOnly&&(l+="; HttpOnly");r.secure&&(l+="; Secure");r.partitioned&&(l+="; Partitioned");if(r.priority){switch("string"==typeof r.priority?r.priority.toLowerCase():r.priority){case"low":l+="; Priority=Low";break;case"medium":l+="; Priority=Medium";break;case"high":l+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(r.sameSite){switch("string"==typeof r.sameSite?r.sameSite.toLowerCase():r.sameSite){case!0:l+="; SameSite=Strict";break;case"lax":l+="; SameSite=Lax";break;case"strict":l+="; SameSite=Strict";break;case"none":l+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return l};var n=Object.prototype.toString,r=Object.prototype.hasOwnProperty,o=/^[!#$%&'+\-.^_`\|~0-9A-Za-z]+$/,i=/^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]\1$/,a=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)$/i,s=/^[\u0020-\u003A\u003D-\u007E]$/;function c(e,t,n){do{var r=e.charCodeAt(t);if(32!==r&&9!==r)return t}while(++t<n);return n}function d(e,t,n){for(;t>n;){var r=e.charCodeAt(--t);if(32!==r&&9!==r)return t+1}return n}function l(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function u(e,t){try{return t(e)}catch(t){return e}}},568:(e,t,n)=>{const r=n(836),{sanitizeUrl:o}=n(332),i=n(629),a="ExtensionRequestNonce";let s=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=o(e),this.accessToken=null,i.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await r.decode(this.accessToken);return e?1e3e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(s)return s=s.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),s=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code\|\|new URLSearchParams(i.getCurrentLocation().search).get("code");if(!t){if(!e\|\|!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const n=new URL(this.authressCustomDomain);n.pathname="/api/authentication/oauth/tokens";const{codeVerifier:r,redirectUrl:o}=JSON.parse(localStorage.getItem(a)\|\|"{}"),s=await fetch(n.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:r,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:o})}),c=await s.json();this.accessToken=c.access_token;const d=new URL(i.getCurrentLocation());return d.searchParams.delete("code"),d.searchParams.delete("iss"),d.searchParams.delete("nonce"),d.searchParams.delete("expires_in"),d.searchParams.delete("access_token"),d.searchParams.delete("id_token"),history.replaceState({},void 0,d.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const n=await this.requestToken({silent:!0});if(n)return n;const o=new URL(this.authressCustomDomain),{codeVerifier:s,codeChallenge:c}=r.getAuthCodes(),d=e\|\|i.getCurrentLocation().href;return localStorage.setItem(a,JSON.stringify({codeVerifier:s,redirectUrl:d})),o.searchParams.set("client_id",this.extensionId),o.searchParams.set("code_challenge",c),o.searchParams.set("code_challenge_method","S256"),o.searchParams.set("redirect_uri",d),i.assign(o.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname\|\|"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)\|\|new URL("http://localhost:8080")}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},836:(e,t,n)=>{const r=n(878);e.exports=new class{decode(e){if(!e)return null;try{const t=JSON.parse(r.decode(e.split(".")[1]));return t.exp&&(t.exp=t.exp-10),t}catch(e){return null}}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;try{const t=JSON.parse(r.decode(e.split(".")[0])),n=JSON.parse(r.decode(e.split(".")[1]));return n.exp&&(n.exp=n.exp-10),{header:t,payload:n}}catch(e){return null}}async getAuthCodes(){const e=r.encode((window.crypto\|\|window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:r.encode(t)}}async calculateAntiAbuseHash(e){const t=Date.now(),n=Object.values(e).filter((e=>e)).join("\|");let o=0,i=null;for(;++o&&(i=r.encode(await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(`${t};${o};${n}`))),!i.match(/^00/)););return`v2;${t};${o};${i}`}}},878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function n(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),n).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}}},r={};function o(e){var t=r[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var i=r[e]={exports:{}};try{var a={id:e,module:i,factory:n[e],require:o};o.i.forEach((function(e){e(a)})),i=a.module,a.factory.call(i.exports,i,i.exports,a.require)}catch(e){throw i.error=e,e}return i.exports}return o.m=n,o.c=r,o.i=[],o.hu=e=>e+"."+o.h()+".hot-update.js",o.hmrF=()=>"main."+o.h()+".hot-update.json",o.h=()=>"3727d279383e9571121c",o.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",o.l=(n,r,i,a)=>{if(e[n])e[n].push(r);else{var s,c;if(void 0!==i)for(var d=document.getElementsByTagName("script"),l=0;l<d.length;l++){var u=d[l];if(u.getAttribute("src")==n\|\|u.getAttribute("data-webpack")==t+i){s=u;break}}s\|\|(c=!0,(s=document.createElement("script")).charset="utf-8",s.timeout=120,o.nc&&s.setAttribute("nonce",o.nc),s.setAttribute("data-webpack",t+i),s.src=n),e[n]=[r];var h=(t,r)=>{s.onerror=s.onload=null,clearTimeout(p);var o=e[n];if(delete e[n],s.parentNode&&s.parentNode.removeChild(s),o&&o.forEach((e=>e(r))),t)return t(r)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},(()=>{var e,t,n,r={},i=o.c,a=[],s=[],c="idle",d=0,l=[];function u(e){c=e;for(var t=[],n=0;n<s.length;n++)t[n]=s[n].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--d&&u("ready").then((function(){if(0===d){var e=l;l=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(o.hmrM).then((function(n){return n?u("prepare").then((function(){var r=[];return t=[],Promise.all(Object.keys(o.hmrC).reduce((function(e,i){return o.hmrC[i](n.c,n.r,n.m,e,t,r),e}),[])).then((function(){return t=function(){return e?g(e):u("ready").then((function(){return r}))},0===d?t():new Promise((function(e){l.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function f(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):g(e)}function g(e){e=e\|\|{},m();var r=t.map((function(t){return t(e)}));t=void 0;var o=r.map((function(e){return e.error})).filter(Boolean);if(o.length>0)return u("abort").then((function(){throw o[0]}));var i=u("dispose");r.forEach((function(e){e.dispose&&e.dispose()}));var a,s=u("apply"),c=function(e){a\|\|(a=e)},d=[];return r.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var n=0;n<t.length;n++)d.push(t[n])}})),Promise.all([i,s]).then((function(){return a?u("fail").then((function(){throw a})):n?g(e).then((function(e){return d.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return d}))}))}function m(){if(n)return t\|\|(t=[]),Object.keys(o.hmrI).forEach((function(e){n.forEach((function(n){o.hmrI[e](n,t)}))})),n=void 0,!0}o.hmrD=r,o.i.push((function(l){var g,m,w,y,v=l.module,k=function(t,n){var r=i[n];if(!r)return t;var o=function(o){if(r.hot.active){if(i[o]){var s=i[o].parents;-1===s.indexOf(n)&&s.push(n)}else a=[n],e=o;-1===r.children.indexOf(o)&&r.children.push(o)}else console.warn("[HMR] unexpected require("+o+") from disposed module "+n),a=[];return t(o)},s=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(n){t[e]=n}}};for(var l in t)Object.prototype.hasOwnProperty.call(t,l)&&"e"!==l&&Object.defineProperty(o,l,s(l));return o.e=function(e,n){return function(e){switch(c){case"ready":u("prepare");case"prepare":return d++,e.then(h,h),e;default:return e}}(t.e(e,n))},o}(l.require,l.id);v.hot=(g=l.id,m=v,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==g,_requireSelf:function(){a=m.parents.slice(),e=w?void 0:g,o(g)},active:!0,accept:function(e,t,n){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var r=0;r<e.length;r++)y._acceptedDependencies[e[r]]=t\|\|function(){},y._acceptedErrorHandlers[e[r]]=n;else y._acceptedDependencies[e]=t\|\|function(){},y._acceptedErrorHandlers[e]=n},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)})),u("ready");break;case"ready":Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)}));break;case"prepare":case"check":case"dispose":case"apply":(n=n\|\|[]).push(g)}},check:p,apply:f,status:function(e){if(!e)return c;s.push(e)},addStatusHandler:function(e){s.push(e)},removeStatusHandler:function(e){var t=s.indexOf(e);t>=0&&s.splice(t,1)},data:r[g]},e=void 0,y),v.parents=a,v.children=[],a=[],l.require=k})),o.hmrC={},o.hmrI={}})(),o.p="",(()=>{var e,t,n,r,i,a=o.hmrS_jsonp=o.hmrS_jsonp\|\|{792:0},s={};function c(t,n){return e=n,new Promise(((e,n)=>{s[t]=e;var r=o.p+o.hu(t),i=new Error;o.l(r,(e=>{if(s[t]){s[t]=void 0;var r=e&&("load"===e.type?"missing":e.type),o=e&&e.target&&e.target.src;i.message="Loading hot update chunk "+t+" failed.\n("+r+": "+o+")",i.name="ChunkLoadError",i.type=r,i.request=o,n(i)}}))}))}function d(e){function s(e){for(var t=[e],n={},r=t.map((function(e){return{chain:[e],id:e}}));r.length>0;){var i=r.pop(),a=i.id,s=i.chain,d=o.c[a];if(d&&(!d.hot._selfAccepted\|\|d.hot._selfInvalidated)){if(d.hot._selfDeclined)return{type:"self-declined",chain:s,moduleId:a};if(d.hot._main)return{type:"unaccepted",chain:s,moduleId:a};for(var l=0;l<d.parents.length;l++){var u=d.parents[l],h=o.c[u];if(h){if(h.hot._declinedDependencies[a])return{type:"declined",chain:s.concat([u]),moduleId:a,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[a]?(n[u]\|\|(n[u]=[]),c(n[u],[a])):(delete n[u],t.push(u),r.push({chain:s.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:n}}function c(e,t){for(var n=0;n<t.length;n++){var r=t[n];-1===e.indexOf(r)&&e.push(r)}}o.f&&delete o.f.jsonpHmr,t=void 0;var d={},l=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in n)if(o.o(n,p)){var f=n[p],g=f?s(p):{type:"disposed",moduleId:p},m=!1,w=!1,y=!1,v="";switch(g.chain&&(v="\nUpdate propagation: "+g.chain.join(" -> ")),g.type){case"self-declined":e.onDeclined&&e.onDeclined(g),e.ignoreDeclined\|\|(m=new Error("Aborted because of self decline: "+g.moduleId+v));break;case"declined":e.onDeclined&&e.onDeclined(g),e.ignoreDeclined\|\|(m=new Error("Aborted because of declined dependency: "+g.moduleId+" in "+g.parentId+v));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(g),e.ignoreUnaccepted\|\|(m=new Error("Aborted because "+p+" is not accepted"+v));break;case"accepted":e.onAccepted&&e.onAccepted(g),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(g),y=!0;break;default:throw new Error("Unexception type "+g.type)}if(m)return{error:m};if(w)for(p in u[p]=f,c(l,g.outdatedModules),g.outdatedDependencies)o.o(g.outdatedDependencies,p)&&(d[p]\|\|(d[p]=[]),c(d[p],g.outdatedDependencies[p]));y&&(c(l,[g.moduleId]),u[p]=h)}n=void 0;for(var k,C=[],b=0;b<l.length;b++){var I=l[b],S=o.c[I];S&&(S.hot._selfAccepted\|\|S.hot._main)&&u[I]!==h&&!S.hot._selfInvalidated&&C.push({module:I,require:S.hot._requireSelf,errorHandler:S.hot._selfAccepted})}return{dispose:function(){var e;r.forEach((function(e){delete a[e]})),r=void 0;for(var t,n=l.slice();n.length>0;){var i=n.pop(),s=o.c[i];if(s){var c={},u=s.hot._disposeHandlers;for(b=0;b<u.length;b++)u[b].call(null,c);for(o.hmrD[i]=c,s.hot.active=!1,delete o.c[i],delete d[i],b=0;b<s.children.length;b++){var h=o.c[s.children[b]];h&&((e=h.parents.indexOf(i))>=0&&h.parents.splice(e,1))}}}for(var p in d)if(o.o(d,p)&&(s=o.c[p]))for(k=d[p],b=0;b<k.length;b++)t=k[b],(e=s.children.indexOf(t))>=0&&s.children.splice(e,1)},apply:function(t){for(var n in u)o.o(u,n)&&(o.m[n]=u[n]);for(var r=0;r<i.length;r++)i[r](o);for(var a in d)if(o.o(d,a)){var s=o.c[a];if(s){k=d[a];for(var c=[],h=[],p=[],f=0;f<k.length;f++){var g=k[f],m=s.hot._acceptedDependencies[g],w=s.hot._acceptedErrorHandlers[g];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(g)}}for(var y=0;y<c.length;y++)try{c[y].call(null,k)}catch(n){if("function"==typeof h[y])try{h[y](n,{moduleId:a,dependencyId:p[y]})}catch(r){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:a,dependencyId:p[y],error:r,originalError:n}),e.ignoreErrored\|\|(t(r),t(n))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:a,dependencyId:p[y],error:n}),e.ignoreErrored\|\|t(n)}}}for(var v=0;v<C.length;v++){var b=C[v],I=b.module;try{b.require(I)}catch(n){if("function"==typeof b.errorHandler)try{b.errorHandler(n,{moduleId:I,module:o.c[I]})}catch(r){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:r,originalError:n}),e.ignoreErrored\|\|(t(r),t(n))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:n}),e.ignoreErrored\|\|t(n)}}return l}}}this.webpackHotUpdateauthress=(t,r,a)=>{for(var c in r)o.o(r,c)&&(n[c]=r[c],e&&e.push(c));a&&i.push(a),s[t]&&(s[t](),s[t]=void 0)},o.hmrI.jsonp=function(e,t){n\|\|(n={},i=[],r=[],t.push(d)),o.o(n,e)\|\|(n[e]=o.m[e])},o.hmrC.jsonp=function(e,s,l,u,h,p){h.push(d),t={},r=s,n=l.reduce((function(e,t){return e[t]=!1,e}),{}),i=[],e.forEach((function(e){o.o(a,e)&&void 0!==a[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),o.f&&(o.f.jsonpHmr=function(e,n){t&&o.o(t,e)&&!t[e]&&(n.push(c(e)),t[e]=!0)})},o.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(o.p+o.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),o(354)})()));
	1	/! Authress Login SDK 2.5.394 \| Author - Authress Developers \| License information can be found at https://github.com/Authress/login-sdk.js /
	2	!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,n={75:(e,t,n)=>{const{sanitizeUrl:o}=n(332),i=n(629),r={"Content-Type":"application/json","X-Powered-By":`Authress Login SDK; Javascript; ${n(330).version}`},s=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","Load failed","<HTML DOCUMENT></HTML>"]);function a(e){return"Network Error"===e.message\|\|"ERR_NETWORK"===e.code\|\|!e.status\|\|e.status>=500\|\|"string"==typeof e.message&&s.has(e.message)\|\|"string"==typeof e.data&&s.has(e.data)}async function c(e){let t=null;for(let n=0;n<5;n++)try{return await e()}catch(e){if(e.retryCount=n,!a(e))throw e;t=e,t.isNetworkError=!0,await new Promise((e=>setTimeout(e,102n)));continue}const n=new Error("[Authress Login SDK] Http Request failed due to a Network Error even after multiple retries",{cause:t});throw n.code="AuthressSdkNetworkError",n}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const n=t\|\|{debug(){},warn(){},critical(){}};this.logger=n;const i=new URL(o(e));this.loginUrl=`${i.origin}/api`}get(e,t,n,o){return c((()=>this.fetchWrapper("GET",e,null,n,t,o)))}delete(e,t,n,o){return c((()=>this.fetchWrapper("DELETE",e,null,n,t,o)))}post(e,t,n,o,i){return c((()=>this.fetchWrapper("POST",e,n,o,t,i)))}put(e,t,n,o,i){return c((()=>this.fetchWrapper("PUT",e,n,o,t,i)))}patch(e,t,n,o,i){return c((()=>this.fetchWrapper("PATCH",e,n,o,t,i)))}async fetchWrapper(e,t,n,o,s,a){const c=`${this.loginUrl}${t.toString()}`,l=e.toUpperCase(),d=Object.assign({},r,o);try{this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] HttpClient Request",method:l,url:c});const e={method:l,headers:d};n&&(e.body=JSON.stringify(n)),!i.isLocalHost()&&s&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let o={};try{o=await t.text(),o=JSON.parse(o)}catch(e){}return{url:c,method:l,headers:t.headers,status:t.status,data:o}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const o=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(o){this.logger&&this.logger.debug&&this.logger.debug({title:`[Authress Login SDK] Fetch failed due to a browser extension - ${l} - ${c}`,method:l,url:c,data:n,headers:d,error:e,resolvedError:t,extensionErrorId:o});const i=new Error(`Extension Error ID: ${o}`);throw i.code="BROWSER_EXTENSION_ERROR",i}const i=e.status;let r="warn",s="[Authress Login SDK] HttpClient Response Error";e?401===i?(s="[Authress Login SDK] HttpClient Response Error due to invalid token",r="debug"):404===i?(s="[Authress Login SDK] HttpClient Response: Not Found",r="debug"):i<500&&a&&(r="debug"):s="[Authress Login SDK] HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[r]&&this.logger[r]({title:s,online:"undefined"==typeof navigator\|\|navigator.onLine,method:l,url:c,status:i,data:n,headers:d,error:e,resolvedError:t});throw{url:c,method:l,status:i,data:t,headers:e.headers}}}}},160:(e,t,n)=>{const o=n(427),i=n(629),r="AuthenticationCredentialsStorage",s={user:"user",authorization:"authorization",authCode:"auth-code",authUserId:"AuthUserId"};e.exports=new class{constructor(){this.retainUserCookie=!1}getUserCookie(){const e=i.getDocument();if(!e)return null;return e.cookie.split(";").filter((e=>e.split("=")[0].trim()===s.user)).map((e=>e.trim().replace(/^user=/,""))).find((e=>e&&e.trim()))\|\|null}getAuthorizationTokens(){if("undefined"==typeof window\|\|"undefined"==typeof document)return[];return document.cookie.split(";").filter((e=>e.split("=")[0].trim()===s.authorization)).map((e=>e.trim().replace(/^authorization=/,""))).filter((e=>e&&e.trim()))}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const n=o.parse(document.cookie);localStorage.setItem(r,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!n.authorization})),this.retainUserCookie\|\|this.clearCookies(s.user)}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;let e={};try{e=o.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:n,jsCookies:o}=JSON.parse(localStorage.getItem(r)\|\|"{}");return t?n<Date.now()\|\|o&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(r)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies(s.user)}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window\|\|"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const n of t){if(!Object.values(s).includes(n.split("=")[0])\|\|e&&n.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),o=[...Array(t.length-1)].map(((e,n)=>t.reverse().slice(0,n+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&o.push("localhost");for(const e of o){const t=e?`domain=${e};`:"",o=`${encodeURIComponent(n.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${o}/`;const i=location.pathname.split("/");for(;i.length>0;)document.cookie=o+i.join("/"),i.pop()}}}}},321:e=>{var t=1/0,n=17976931348623157e292,o=NaN,i="[object Symbol]",r=/^\s+\|\s+$/g,s=/^[-+]0x[0-9a-f]+$/i,a=/^0b[01]+$/i,c=/^0o[0-7]+$/i,l=parseInt,d=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t\|\|"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,n){var o=-1,i=e.length;t<0&&(t=-t>i?0:i+t),(n=n>i?i:n)<0&&(n+=i),i=t>n?0:n-t>>>0,t>>>=0;for(var r=Array(i);++o<i;)r[o]=e[o+t];return r}(e,0,(h=p\|\|void 0===h?1:(g=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e\|\|function(e){return!!e&&"object"==typeof e}(e)&&d.call(e)==i}(e))return o;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(r,"");var n=a.test(e);return n\|\|c.test(e)?l(e.slice(2),n?2:8):s.test(e)?o:+e}(e))===t\|\|e===-1/0?(e<0?-1:1)n:e==e?e:0:0===e?e:0}(h),f=g%1,g==g?f?g-f:g:0))<0?0:h):[];var g,f}},330:e=>{"use strict";e.exports=JSON.parse('{"name":"@authress/login","version":"2.5.394","description":"Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.","main":"./src/index.js","types":"./index.d.ts","files":["index.d.ts","src","dist"],"scripts":{"build":"node make.js build && NODE_ENV=production webpack --mode=production","lint":"eslint --ext .js,.ts src tests make.js index.d.ts","test":"check-dts index.d.ts && mocha tests/.test.js tests//.test.js -R spec"},"dependencies":{"cookie":"<1","lodash.take":"^4.1.1"},"devDependencies":{"@babel/core":"^7.17.5","@babel/preset-env":"^7.16.11","@types/node":"^14.14.35","@typescript-eslint/eslint-plugin":"^3.1.0","@typescript-eslint/parser":"^3.1.0","babel-loader":"^8.2.3","chai":"^4.2.0","check-dts":"^0.4.4","ci-build-tools":"^1.0.13","commander":"^4.0.1","compression-webpack-plugin":"^9.2.0","eslint":"^7.12.1","eslint-config-cimpress-atsquad":"^1.0.67","eslint-loader":"^4.0.2","eslint-plugin-mocha":"^7.0.1","eslint-plugin-node":"^11.1.0","eslint-plugin-promise":"^6.1.1","fs-extra":"^8.1.0","glob":"^7.1.6","mocha":"^11.1.0","path-browserify":"^1.0.1","sinon":"^7.5.0","sinon-chai":"^3.3.0","terser-webpack-plugin":"^5.3.1","typescript":"^3.9.5","webpack":"^5.69.1","webpack-cli":"^4.9.2"},"repository":{"type":"git","url":"git+https://github.com/Authress/authress-login.js"},"keywords":["authentication","authentication as a service","Login","Login Client","universal login","auth","federated login","secure login","application security","IDaaS","authentication","user authentication","user identity","Oauth2","Oauth2.1","Oauth3","platform","platform login","extension","Authress","Authress client","user security","DBSC","Device Bound Session Credentials"],"author":"Authress Developers <developers@authress.io> (https://authress.io)","license":"Apache-2.0","bugs":{"url":"https://github.com/Authress/authress-login.js/issues"},"homepage":"https://authress.io","engines":{"node":">=18"}}')},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")\|\|(t=`https://${t}`);const n=new URL(t),o=n.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return o&&(n.host=`${o[1]}.login.authress.io`,t=n.toString()),t.replace(/[/]+$/,"")}},354:(e,t,n)=>{const o=n(427),i=n(321),r=n(629),s=n(75),a=n(836),{sanitizeUrl:c}=n(332),l=n(160);let d,u=new Promise((e=>d=e)),h=Promise.resolve(),p=!1;const g="AuthenticationRequestNonce";const f=n(568);e.exports={LoginClient:class{constructor(e,t){var n;const o=Object.assign({applicationId:"app_default"},e);this.logger=t\|\|console;const i=o.authressApiUrl\|\|o.authressLoginHostUrl\|\|o.authenticationServiceUrl\|\|"";if(!i)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');if(this.applicationId=null===(n=o.applicationId)\|\|void 0===n?void 0:n.trim(),!this.applicationId){const e=Error("Application ID is required.");throw e.code="InvalidApplication",e}if(this.applicationId.match(/^(sc_\|ext_)/)){const e=Error("You have incorrectly specified an Authress Service Client or Extension as the applicationId instead of a valid application. The applicationId is your application that your users will log into, usually hosted on your domain https://example.yourdomain.com. Users cannot log into a Service Client, but they can log in with one. Users can use a Service Client to log in, by setting the connection ID in the authenticate({ connectionId }) method to be the Authress Service Client.\n(1) If you are building an Custom Login Portal, then the application ID should correspond to this login portal.\n(2) If you are replacing or extending an Authress connection, then specify the Service Client as the connectionId and the end user application as the applicationId.\n(3) If you are building a platform or plugin marketplace, where users will log into third party extensions or apps, then distribute in your SDK a wrapper for the Authress Extension Client using: import { extensionClient } from '@authress/login' found within this SDK.\n(4) If you aren't sure what to do here to fix the problem, the fastest and usually correct solution is go to https://authress.io/app/#/settings?focus=applications create a new application, specify your site in the application url property and then update the value here.");throw e.code="InvalidApplication",e}this.hostUrl=c(i),this.httpClient=new s(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),l.retainUserCookie=e.retainUserCookie,o.skipBackgroundCredentialsCheck\|\|r.onLoad((async()=>{await this.userSessionExists({backgroundTrigger:!0})}))}getMatchingDomainInfo(e){const t=new URL(e);if(r.isLocalHost())return!1;const n=r.getCurrentLocation();if("https:"!==n.protocol)return!1;const o=t.host.toLowerCase().split(".").reverse(),s=n.host.toLowerCase().split(".").reverse();let a=[];for(let e of o){const t=i(s,a.length+1).join(".");if(a.concat(e).join(".")!==t)break;a.push(e)}return a.length===o.length&&a.length===s.length\|\|a.length>1}getUserIdentity(){const e=l.getUserCookie(),t=a.decodeOrParse(e);if(t){const n=t.exp?new Date(1e3t.exp):new Date(Date.now()+864e5);return l.set(e,n),t.userId=t.sub,t}const n=l.get(),o=a.decodeOrParse(n);if(!o)return null;const i=new URL(o.iss).hostname,r=new URL(this.hostUrl).hostname;return i.endsWith(r)\|\|r.endsWith(i)?(o.userId=o.sub,o):(l.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage\|\|"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl\|\|r.getCurrentLocation().href),r.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:"",type:"",totp:{}}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}if(!e){const e=Error("Register Device missing required parameter: 'Options'");throw e.code="InvalidInput",e}let n;if(e.type&&"WebAuthN"!==e.type)"TOTP"===e.type&&(n={name:e.name,code:e.totp.verificationCode,totpData:e.totp,type:"TOTP"});else{const o=t.sub,i={challenge:Uint8Array.from(o,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(o,(e=>e.charCodeAt(0))),name:o,displayName:`Generated User ID: ${o}`},pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},r=await navigator.credentials.create({publicKey:i}),s={authenticatorAttachment:r.authenticatorAttachment,credentialId:r.id,type:r.type,userId:o,attestation:btoa(String.fromCharCode(...new Uint8Array(r.response.attestationObject))),client:btoa(String.fromCharCode(...new Uint8Array(r.response.clientDataJSON)))};n={name:e&&e.name,code:s,type:"WebAuthN"}}try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,n,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to register new device",error:e,request:n}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e={backgroundTrigger:!1}){return Date.now()-this.lastSessionCheck<50\|\|p?h:(this.lastSessionCheck=Date.now(),p=!0,h=h.catch((()=>{})).then((async()=>{try{const t=await this.userSessionContinuation(null==e?void 0:e.backgroundTrigger);return p=!1,t}catch(e){throw p=!1,e}})))}async userSessionContinuation(e){const t=new URLSearchParams(r.getCurrentLocation().search);let n={};if("undefined"!=typeof localStorage)try{n=JSON.parse(localStorage.getItem(g)\|\|"{}"),localStorage.removeItem(g),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if((n.nonce\|\|t.get("iss")&&t.get("iss").includes(this.hostUrl))&&this.sanitizeQueryParameters(),n.nonce&&t.get("code")&&n.nonce===t.get("nonce")){const e="cookie"===t.get("code")?o.parse(document.cookie)["auth-code"]:t.get("code"),i=await a.calculateAntiAbuseHash({client_id:this.applicationId,authenticationRequestId:n.nonce,code:e}),r={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.applicationId,code:e,code_verifier:n.codeVerifier,antiAbuseHash:i};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,r),t=a.decode(e.data.id_token),i=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);return document.cookie=o.serialize("authorization",e.data.access_token\|\|"",{expires:i,path:"/",sameSite:"strict"}),l.set(e.data.id_token,i),d(),!0}catch(e){if(this.logger&&this.logger.log({title:"[Authress Login SDK] Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data\|\|e}}if(r.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(!n.nonce\|\|n.nonce===t.get("nonce"))){const e=a.decode(t.get("id_token")),n=e.exp&&new Date(1e3e.exp)\|\|Number(t.get("expires_in"))&&new Date(Date.now()+1e3Number(t.get("expires_in")));return document.cookie=o.serialize("authorization",t.get("access_token")\|\|"",{expires:n,path:"/",sameSite:"strict"}),l.set(t.get("id_token"),n),d(),!0}if(this.getUserIdentity())return d(),!0;if(!r.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=a.decode(e.data.id_token),n=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);document.cookie=o.serialize("authorization",e.data.access_token\|\|"",{expires:n,path:"/",sameSite:"strict"}),l.set(e.data.id_token,n)}}catch(e){400===e.status\|\|404===e.status\|\|409===e.status?this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return d(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:o,hint:i}){if(!t&&!n&&!i){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const s=new URLSearchParams(r.getCurrentLocation().search),c=e\|\|s.get("state");if(!c){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=i\|\|n,s=await a.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:e,authenticationRequestId:c}),l=await this.httpClient.patch(`/authentication/${c}`,!0,{antiAbuseHash:s,connectionId:t,tenantLookupIdentifier:e,connectionProperties:o});if(new URL(l.data.authenticationUrl).hostname===r.getCurrentLocation().hostname)return{authenticationUrl:l.data.authenticationUrl};r.assign(l.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const n=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,n)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async linkIdentityWithOneTimeCode({connectionId:e,redirectUrl:t}){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let n;try{n=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:o}=await a.getAuthCodes(),i=await a.calculateAntiAbuseHash({connectionId:e,applicationId:this.applicationId});try{const s=t&&new URL(t).toString()\|\|r.getCurrentLocation().href,a=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${n}`},c=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:i,linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:o,connectionId:e,applicationId:this.applicationId},a);return{authenticationUrl:c.data.authenticationUrl,authenticationRequestId:c.data.authenticationRequestId}}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:n,connectionProperties:o}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let i;try{i=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:s}=await a.getAuthCodes(),c=await a.calculateAntiAbuseHash({connectionId:e,tenantLookupIdentifier:t,applicationId:this.applicationId});try{const a=n&&new URL(n).toString()\|\|r.getCurrentLocation().href,l=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${i}`},d=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:c,linkIdentity:!0,redirectUrl:a,codeChallengeMethod:"S256",codeChallenge:s,connectionId:e,tenantLookupIdentifier:t,connectionProperties:o,applicationId:this.applicationId},l);r.assign(d.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticateWithOneTimeCode(e={}){const{serviceClientId:t,inviteId:n,redirectUrl:o,force:i,responseLocation:s,flowType:c,clearUserDataBeforeLogin:d,audiences:u}=e\|\|{};if(s&&"cookie"!==s&&"query"!==s&&"none"!==s){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!t){const e=Error("The Passwordless Service Client ID is required");throw e.code="InvalidInput",e}if(!n&&!i&&await this.userSessionExists()){const n=await this.ensureToken(),o=a.decode(n);if(o&&o.azp&&t!==o.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:o});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:h,codeChallenge:p}=await a.getAuthCodes(),f=await a.calculateAntiAbuseHash({serviceClientId:t,inviteId:n,applicationId:this.applicationId,audiences:u});try{const e=o&&new URL(o).toString()\|\|r.getCurrentLocation().href;!1!==d&&l.clear();const i=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:f,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:p,audiences:u,connectionId:t,inviteId:n,applicationId:this.applicationId,responseLocation:s,flowType:c});return localStorage.setItem(g,JSON.stringify({nonce:i.data.authenticationRequestId,codeVerifier:h,lastConnectionId:t,redirectUrl:e,enableCredentials:i.data.enableCredentials})),{authenticationUrl:i.data.authenticationUrl,authenticationRequestId:i.data.authenticationRequestId}}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:n,inviteId:o,redirectUrl:i,force:s,responseLocation:c,flowType:d,connectionProperties:u,openType:h,multiAccount:p,clearUserDataBeforeLogin:f,audiences:m}=e\|\|{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!o&&!s&&!p&&await this.userSessionExists()){const n=await this.ensureToken(),o=a.decode(n);if(t&&o&&o.azp&&t!==o.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:o});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:w,codeChallenge:y}=await a.getAuthCodes(),k=await a.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,inviteId:o,applicationId:this.applicationId,audiences:m});try{const e=i&&new URL(i).toString()\|\|r.getCurrentLocation().href;!1!==f&&l.clear();const s=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:k,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:y,audiences:m,connectionId:t,tenantLookupIdentifier:n,inviteId:o,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:d,multiAccount:p});if(localStorage.setItem(g,JSON.stringify({nonce:s.data.authenticationRequestId,codeVerifier:w,lastConnectionId:t,tenantLookupIdentifier:n,redirectUrl:e,enableCredentials:s.data.enableCredentials,multiAccount:p})),!s.data.authenticationUrl\|\|new URL(s.data.authenticationUrl).hostname===r.getCurrentLocation().hostname)return{authenticationUrl:s.data.authenticationUrl,authenticationRequestId:s.data.authenticationRequestId};if("tab"===h){const e=r.open(s.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed\|\|r.assign(s.data.authenticationUrl)}else r.assign(s.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async ensureToken(e){if(e&&0===e.timeoutInMillis){if(!this.getUserIdentity()){const e=Error("No token available because the user is not logged in.");throw e.code="TokenTimeout",e}const t=l.getAuthorizationTokens(),n=t.find((t=>{try{const n=a.decode(t);return(null==n?void 0:n.iss)===this.hostUrl\|\|(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because the issuer does not match the library configured value.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:n}),!1)}catch(n){return this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because it is no longer a valid token.",requestedAuthenticationOptions:e,currentAuthenticationSessionDataToken:t,error:n}),!1}}));return n\|\|(t.length?(this.logger&&this.logger.error&&this.logger.log({title:"[Authress Login SDK] No matching issuer token found, returning the first valid token instead."}),t[0]):(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] HttpOnly access token configuration has blocked the returning of a valid token. The application specified in the Authress LoginClient constructor has been configured to block returning access tokens via the enableAccessToToken property. To use the loginClient.ensureToken() method in production, please set the enableAccessToToken to true. Note: This setting does not affect localhost.",options:e}),null))}await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e\|\|{}),n=this.waitForUserSession(),o=-1===t.timeoutInMillis\|\|t.timeoutInMillis>231-1?231-1:t.timeoutInMillis,i=new Promise(((e,t)=>setTimeout(t,o\|\|0)));try{await Promise.race([n,i])}catch(e){const t=Error("No token available because the user is still not logged in and the timeout has been exceeded. If you are seeing this error, it is because you have called ensureToken() without first validating that the user is logged. Review the route guards and checks for user sessions in your source code. ensureToken() should only ever be called after you have verified that the user is logged in.");throw t.code="TokenTimeout",t}const r=l.getAuthorizationTokens(),s=r.find((t=>{try{const n=a.decode(t);return(null==n?void 0:n.iss)===this.hostUrl\|\|(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because the issuer does not match the library configured value.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:n}),!1)}catch(n){return this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because it is no longer a valid token.",requestedAuthenticationOptions:e,currentAuthenticationSessionDataToken:t,error:n}),!1}}));if(s)return s;if(r.length)return this.logger&&this.logger.error&&this.logger.log({title:"[Authress Login SDK] No matching issuer token found, returning the first valid token instead."}),r[0];return this.getUserIdentity()?(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] Your Authress Application access token configuration has blocked the returning of a valid token because the setting HttpOnly has been enabled. The application specified in the Authress LoginClient constructor has been configured to block returning access tokens via the enableAccessToToken property. To use the loginClient.ensureToken() method in production, please set the enableAccessToToken to true. (LocalHost Note: This setting does not affect localhost development, and you may still see ensureToken work successfully during development, but fail with this error in production. This is because HttpOnly does not work for LocalHost)",options:e}),null):(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] User completed login but the user identity still does not exist. This happened because there is a race condition in your code and why waiting for ensureToken() to complete, the user was logged out. Returning null."}),null)}async logout(e){let t;if(e)try{new URL(e),t=e}catch(n){try{t=new URL(e,r.getCurrentLocation().href).toString()}catch(t){const n=Error(`The logout redirect url is not valid URL: ${e}`);throw n.code="InvalidRedirectUrl",n}}if(l.clear(),this.sanitizeQueryParameters(),u=new Promise((e=>d=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),this.lastSessionCheck=0,void(e&&e!==r.getCurrentLocation().href&&r.assign(e))}catch(e){}const n=new URL("/logout",this.hostUrl);n.searchParams.set("redirect_uri",t\|\|r.getCurrentLocation().href),n.searchParams.set("client_id",this.applicationId),r.assign(n.toString()),this.lastSessionCheck=0,await new Promise((e=>setTimeout(e,500)))}sanitizeQueryParameters(){const e=new URL(r.getCurrentLocation());e.searchParams.delete("iss"),e.searchParams.delete("nonce"),e.searchParams.delete("code"),e.searchParams.delete("expires_in"),e.searchParams.delete("access_token"),e.searchParams.delete("id_token"),history.replaceState({},void 0,e.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var n={},i=e.length;if(i<2)return n;var r=t&&t.decode\|\|d,s=0,a=0,h=0;do{if(-1===(a=e.indexOf("=",s)))break;if(-1===(h=e.indexOf(";",s)))h=i;else if(a>h){s=e.lastIndexOf(";",a-1)+1;continue}var p=c(e,s,a),g=l(e,a,p),f=e.slice(p,g);if(!o.call(n,f)){var m=c(e,a+1,h),w=l(e,h,m);34===e.charCodeAt(m)&&34===e.charCodeAt(w-1)&&(m++,w--);var y=e.slice(m,w);n[f]=u(y,r)}s=h+1}while(s<i);return n},t.serialize=function(e,t,o){var c=o&&o.encode\|\|encodeURIComponent;if("function"!=typeof c)throw new TypeError("option encode is invalid");if(!i.test(e))throw new TypeError("argument name is invalid");var l=c(t);if(!r.test(l))throw new TypeError("argument val is invalid");var d=e+"="+l;if(!o)return d;if(null!=o.maxAge){var u=Math.floor(o.maxAge);if(!isFinite(u))throw new TypeError("option maxAge is invalid");d+="; Max-Age="+u}if(o.domain){if(!s.test(o.domain))throw new TypeError("option domain is invalid");d+="; Domain="+o.domain}if(o.path){if(!a.test(o.path))throw new TypeError("option path is invalid");d+="; Path="+o.path}if(o.expires){var h=o.expires;if(!function(e){return"[object Date]"===n.call(e)}(h)\|\|isNaN(h.valueOf()))throw new TypeError("option expires is invalid");d+="; Expires="+h.toUTCString()}o.httpOnly&&(d+="; HttpOnly");o.secure&&(d+="; Secure");o.partitioned&&(d+="; Partitioned");if(o.priority){switch("string"==typeof o.priority?o.priority.toLowerCase():o.priority){case"low":d+="; Priority=Low";break;case"medium":d+="; Priority=Medium";break;case"high":d+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(o.sameSite){switch("string"==typeof o.sameSite?o.sameSite.toLowerCase():o.sameSite){case!0:d+="; SameSite=Strict";break;case"lax":d+="; SameSite=Lax";break;case"strict":d+="; SameSite=Strict";break;case"none":d+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return d};var n=Object.prototype.toString,o=Object.prototype.hasOwnProperty,i=/^[!#$%&'+\-.^_`\|~0-9A-Za-z]+$/,r=/^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]\1$/,s=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)$/i,a=/^[\u0020-\u003A\u003D-\u007E]$/;function c(e,t,n){do{var o=e.charCodeAt(t);if(32!==o&&9!==o)return t}while(++t<n);return n}function l(e,t,n){for(;t>n;){var o=e.charCodeAt(--t);if(32!==o&&9!==o)return t+1}return n}function d(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function u(e,t){try{return t(e)}catch(t){return e}}},568:(e,t,n)=>{const o=n(836),{sanitizeUrl:i}=n(332),r=n(629),s="ExtensionRequestNonce";let a=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=i(e),this.accessToken=null,r.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await o.decode(this.accessToken);return e?1e3e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(a)return a=a.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),a=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code\|\|new URLSearchParams(r.getCurrentLocation().search).get("code");if(!t){if(!e\|\|!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const n=new URL(this.authressCustomDomain);n.pathname="/api/authentication/oauth/tokens";const{codeVerifier:o,redirectUrl:i}=JSON.parse(localStorage.getItem(s)\|\|"{}"),a=await fetch(n.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:o,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:i})}),c=await a.json();this.accessToken=c.access_token;const l=new URL(r.getCurrentLocation());return l.searchParams.delete("code"),l.searchParams.delete("iss"),l.searchParams.delete("nonce"),l.searchParams.delete("expires_in"),l.searchParams.delete("access_token"),l.searchParams.delete("id_token"),history.replaceState({},void 0,l.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const n=await this.requestToken({silent:!0});if(n)return n;const i=new URL(this.authressCustomDomain),{codeVerifier:a,codeChallenge:c}=o.getAuthCodes(),l=e\|\|r.getCurrentLocation().href;return localStorage.setItem(s,JSON.stringify({codeVerifier:a,redirectUrl:l})),i.searchParams.set("client_id",this.extensionId),i.searchParams.set("code_challenge",c),i.searchParams.set("code_challenge_method","S256"),i.searchParams.set("redirect_uri",l),r.assign(i.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname\|\|"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)\|\|new URL("http://localhost:8080")}getDocument(){return"undefined"==typeof window\|\|"undefined"==typeof document?null:document}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},836:(e,t,n)=>{const o=n(878);e.exports=new class{decode(e){var t;return e?null===(t=this.decodeFull(e))\|\|void 0===t?void 0:t.payload:null}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;let t=null;try{t=JSON.parse(o.decode(e.split(".")[0]))}catch(e){}try{const n=JSON.parse(o.decode(e.split(".")[1]));return n.exp&&(n.exp=n.exp-10),{header:t,payload:n}}catch(e){return null}}async getAuthCodes(){const e=o.encode((window.crypto\|\|window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:o.encode(t)}}async calculateAntiAbuseHash(e){const t=Date.now(),n=Object.values(e).filter((e=>e)).join("\|");let i=0,r=null;for(;++i&&(r=o.encode(await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(`${t};${i};${n}`))),!r.match(/^00/)););return`v2;${t};${i};${r}`}}},878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function n(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),n).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}}},o={};function i(e){var t=o[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var r=o[e]={exports:{}};try{var s={id:e,module:r,factory:n[e],require:i};i.i.forEach((function(e){e(s)})),r=s.module,s.factory.call(r.exports,r,r.exports,s.require)}catch(e){throw r.error=e,e}return r.exports}return i.m=n,i.c=o,i.i=[],i.hu=e=>e+"."+i.h()+".hot-update.js",i.hmrF=()=>"main."+i.h()+".hot-update.json",i.h=()=>"42f9aeaf5c0172d4442f",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",i.l=(n,o,r,s)=>{if(e[n])e[n].push(o);else{var a,c;if(void 0!==r)for(var l=document.getElementsByTagName("script"),d=0;d<l.length;d++){var u=l[d];if(u.getAttribute("src")==n\|\|u.getAttribute("data-webpack")==t+r){a=u;break}}a\|\|(c=!0,(a=document.createElement("script")).charset="utf-8",a.timeout=120,i.nc&&a.setAttribute("nonce",i.nc),a.setAttribute("data-webpack",t+r),a.src=n),e[n]=[o];var h=(t,o)=>{a.onerror=a.onload=null,clearTimeout(p);var i=e[n];if(delete e[n],a.parentNode&&a.parentNode.removeChild(a),i&&i.forEach((e=>e(o))),t)return t(o)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:a}),12e4);a.onerror=h.bind(null,a.onerror),a.onload=h.bind(null,a.onload),c&&document.head.appendChild(a)}},(()=>{var e,t,n,o={},r=i.c,s=[],a=[],c="idle",l=0,d=[];function u(e){c=e;for(var t=[],n=0;n<a.length;n++)t[n]=a[n].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--l&&u("ready").then((function(){if(0===l){var e=d;d=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(i.hmrM).then((function(n){return n?u("prepare").then((function(){var o=[];return t=[],Promise.all(Object.keys(i.hmrC).reduce((function(e,r){return i.hmrC[r](n.c,n.r,n.m,e,t,o),e}),[])).then((function(){return t=function(){return e?f(e):u("ready").then((function(){return o}))},0===l?t():new Promise((function(e){d.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function g(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):f(e)}function f(e){e=e\|\|{},m();var o=t.map((function(t){return t(e)}));t=void 0;var i=o.map((function(e){return e.error})).filter(Boolean);if(i.length>0)return u("abort").then((function(){throw i[0]}));var r=u("dispose");o.forEach((function(e){e.dispose&&e.dispose()}));var s,a=u("apply"),c=function(e){s\|\|(s=e)},l=[];return o.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var n=0;n<t.length;n++)l.push(t[n])}})),Promise.all([r,a]).then((function(){return s?u("fail").then((function(){throw s})):n?f(e).then((function(e){return l.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return l}))}))}function m(){if(n)return t\|\|(t=[]),Object.keys(i.hmrI).forEach((function(e){n.forEach((function(n){i.hmrI[e](n,t)}))})),n=void 0,!0}i.hmrD=o,i.i.push((function(d){var f,m,w,y,k=d.module,v=function(t,n){var o=r[n];if(!o)return t;var i=function(i){if(o.hot.active){if(r[i]){var a=r[i].parents;-1===a.indexOf(n)&&a.push(n)}else s=[n],e=i;-1===o.children.indexOf(i)&&o.children.push(i)}else console.warn("[HMR] unexpected require("+i+") from disposed module "+n),s=[];return t(i)},a=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(n){t[e]=n}}};for(var d in t)Object.prototype.hasOwnProperty.call(t,d)&&"e"!==d&&Object.defineProperty(i,d,a(d));return i.e=function(e,n){return function(e){switch(c){case"ready":u("prepare");case"prepare":return l++,e.then(h,h),e;default:return e}}(t.e(e,n))},i}(d.require,d.id);k.hot=(f=d.id,m=k,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==f,_requireSelf:function(){s=m.parents.slice(),e=w?void 0:f,i(f)},active:!0,accept:function(e,t,n){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var o=0;o<e.length;o++)y._acceptedDependencies[e[o]]=t\|\|function(){},y._acceptedErrorHandlers[e[o]]=n;else y._acceptedDependencies[e]=t\|\|function(){},y._acceptedErrorHandlers[e]=n},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(i.hmrI).forEach((function(e){i.hmrI[e](f,t)})),u("ready");break;case"ready":Object.keys(i.hmrI).forEach((function(e){i.hmrI[e](f,t)}));break;case"prepare":case"check":case"dispose":case"apply":(n=n\|\|[]).push(f)}},check:p,apply:g,status:function(e){if(!e)return c;a.push(e)},addStatusHandler:function(e){a.push(e)},removeStatusHandler:function(e){var t=a.indexOf(e);t>=0&&a.splice(t,1)},data:o[f]},e=void 0,y),k.parents=s,k.children=[],s=[],d.require=v})),i.hmrC={},i.hmrI={}})(),i.p="",(()=>{var e,t,n,o,r,s=i.hmrS_jsonp=i.hmrS_jsonp\|\|{792:0},a={};function c(t,n){return e=n,new Promise(((e,n)=>{a[t]=e;var o=i.p+i.hu(t),r=new Error;i.l(o,(e=>{if(a[t]){a[t]=void 0;var o=e&&("load"===e.type?"missing":e.type),i=e&&e.target&&e.target.src;r.message="Loading hot update chunk "+t+" failed.\n("+o+": "+i+")",r.name="ChunkLoadError",r.type=o,r.request=i,n(r)}}))}))}function l(e){function a(e){for(var t=[e],n={},o=t.map((function(e){return{chain:[e],id:e}}));o.length>0;){var r=o.pop(),s=r.id,a=r.chain,l=i.c[s];if(l&&(!l.hot._selfAccepted\|\|l.hot._selfInvalidated)){if(l.hot._selfDeclined)return{type:"self-declined",chain:a,moduleId:s};if(l.hot._main)return{type:"unaccepted",chain:a,moduleId:s};for(var d=0;d<l.parents.length;d++){var u=l.parents[d],h=i.c[u];if(h){if(h.hot._declinedDependencies[s])return{type:"declined",chain:a.concat([u]),moduleId:s,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[s]?(n[u]\|\|(n[u]=[]),c(n[u],[s])):(delete n[u],t.push(u),o.push({chain:a.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:n}}function c(e,t){for(var n=0;n<t.length;n++){var o=t[n];-1===e.indexOf(o)&&e.push(o)}}i.f&&delete i.f.jsonpHmr,t=void 0;var l={},d=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in n)if(i.o(n,p)){var g=n[p],f=g?a(p):{type:"disposed",moduleId:p},m=!1,w=!1,y=!1,k="";switch(f.chain&&(k="\nUpdate propagation: "+f.chain.join(" -> ")),f.type){case"self-declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined\|\|(m=new Error("Aborted because of self decline: "+f.moduleId+k));break;case"declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined\|\|(m=new Error("Aborted because of declined dependency: "+f.moduleId+" in "+f.parentId+k));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(f),e.ignoreUnaccepted\|\|(m=new Error("Aborted because "+p+" is not accepted"+k));break;case"accepted":e.onAccepted&&e.onAccepted(f),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(f),y=!0;break;default:throw new Error("Unexception type "+f.type)}if(m)return{error:m};if(w)for(p in u[p]=g,c(d,f.outdatedModules),f.outdatedDependencies)i.o(f.outdatedDependencies,p)&&(l[p]\|\|(l[p]=[]),c(l[p],f.outdatedDependencies[p]));y&&(c(d,[f.moduleId]),u[p]=h)}n=void 0;for(var v,b=[],C=0;C<d.length;C++){var I=d[C],A=i.c[I];A&&(A.hot._selfAccepted\|\|A.hot._main)&&u[I]!==h&&!A.hot._selfInvalidated&&b.push({module:I,require:A.hot._requireSelf,errorHandler:A.hot._selfAccepted})}return{dispose:function(){var e;o.forEach((function(e){delete s[e]})),o=void 0;for(var t,n=d.slice();n.length>0;){var r=n.pop(),a=i.c[r];if(a){var c={},u=a.hot._disposeHandlers;for(C=0;C<u.length;C++)u[C].call(null,c);for(i.hmrD[r]=c,a.hot.active=!1,delete i.c[r],delete l[r],C=0;C<a.children.length;C++){var h=i.c[a.children[C]];h&&((e=h.parents.indexOf(r))>=0&&h.parents.splice(e,1))}}}for(var p in l)if(i.o(l,p)&&(a=i.c[p]))for(v=l[p],C=0;C<v.length;C++)t=v[C],(e=a.children.indexOf(t))>=0&&a.children.splice(e,1)},apply:function(t){for(var n in u)i.o(u,n)&&(i.m[n]=u[n]);for(var o=0;o<r.length;o++)r[o](i);for(var s in l)if(i.o(l,s)){var a=i.c[s];if(a){v=l[s];for(var c=[],h=[],p=[],g=0;g<v.length;g++){var f=v[g],m=a.hot._acceptedDependencies[f],w=a.hot._acceptedErrorHandlers[f];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(f)}}for(var y=0;y<c.length;y++)try{c[y].call(null,v)}catch(n){if("function"==typeof h[y])try{h[y](n,{moduleId:s,dependencyId:p[y]})}catch(o){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:s,dependencyId:p[y],error:o,originalError:n}),e.ignoreErrored\|\|(t(o),t(n))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:s,dependencyId:p[y],error:n}),e.ignoreErrored\|\|t(n)}}}for(var k=0;k<b.length;k++){var C=b[k],I=C.module;try{C.require(I)}catch(n){if("function"==typeof C.errorHandler)try{C.errorHandler(n,{moduleId:I,module:i.c[I]})}catch(o){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:o,originalError:n}),e.ignoreErrored\|\|(t(o),t(n))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:n}),e.ignoreErrored\|\|t(n)}}return d}}}this.webpackHotUpdateauthress=(t,o,s)=>{for(var c in o)i.o(o,c)&&(n[c]=o[c],e&&e.push(c));s&&r.push(s),a[t]&&(a[t](),a[t]=void 0)},i.hmrI.jsonp=function(e,t){n\|\|(n={},r=[],o=[],t.push(l)),i.o(n,e)\|\|(n[e]=i.m[e])},i.hmrC.jsonp=function(e,a,d,u,h,p){h.push(l),t={},o=a,n=d.reduce((function(e,t){return e[t]=!1,e}),{}),r=[],e.forEach((function(e){i.o(s,e)&&void 0!==s[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),i.f&&(i.f.jsonpHmr=function(e,n){t&&i.o(t,e)&&!t[e]&&(n.push(c(e)),t[e]=!0)})},i.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(i.p+i.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),i(354)})()));

r3264076	r3405904
1		/! Authress Login SDK 2.5.362 \| Author - Authress Developers \| License information can be found at https://github.com/Authress/login-sdk.js /
2		!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,n={75:(e,t,n)=>{const{sanitizeUrl:r}=n(332),o=n(629),i={"Content-Type":"application/json","X-Powered-By":`Authress Login SDK; Javascript; ${n(330).version}`},a=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","Load failed","<HTML DOCUMENT></HTML>"]);function s(e){return"Network Error"===e.message\|\|"ERR_NETWORK"===e.code\|\|!e.status\|\|e.status>=500\|\|"string"==typeof e.message&&a.has(e.message)\|\|"string"==typeof e.data&&a.has(e.data)}async function c(e){let t=null;for(let n=0;n<5;n++)try{return await e()}catch(e){if(e.retryCount=n,!s(e))throw e;t=e,t.isNetworkError=!0,await new Promise((e=>setTimeout(e,102n)));continue}const n=new Error("[Authress Login SDK] Http Request failed due to a Network Error even after multiple retries",{cause:t});throw n.code="AuthressSdkNetworkError",n}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const n=t\|\|{debug(){},warn(){},critical(){}};this.logger=n;const o=new URL(r(e));this.loginUrl=`${o.origin}/api`}get(e,t,n,r){return c((()=>this.fetchWrapper("GET",e,null,n,t,r)))}delete(e,t,n,r){return c((()=>this.fetchWrapper("DELETE",e,null,n,t,r)))}post(e,t,n,r,o){return c((()=>this.fetchWrapper("POST",e,n,r,t,o)))}put(e,t,n,r,o){return c((()=>this.fetchWrapper("PUT",e,n,r,t,o)))}patch(e,t,n,r,o){return c((()=>this.fetchWrapper("PATCH",e,n,r,t,o)))}async fetchWrapper(e,t,n,r,a,s){const c=`${this.loginUrl}${t.toString()}`,d=e.toUpperCase(),l=Object.assign({},i,r);try{this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] HttpClient Request",method:d,url:c});const e={method:d,headers:l};n&&(e.body=JSON.stringify(n)),!o.isLocalHost()&&a&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let r={};try{r=await t.text(),r=JSON.parse(r)}catch(e){}return{url:c,method:d,headers:t.headers,status:t.status,data:r}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const r=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(r){this.logger&&this.logger.debug&&this.logger.debug({title:`[Authress Login SDK] Fetch failed due to a browser extension - ${d} - ${c}`,method:d,url:c,data:n,headers:l,error:e,resolvedError:t,extensionErrorId:r});const o=new Error(`Extension Error ID: ${r}`);throw o.code="BROWSER_EXTENSION_ERROR",o}const o=e.status;let i="warn",a="[Authress Login SDK] HttpClient Response Error";e?401===o?(a="[Authress Login SDK] HttpClient Response Error due to invalid token",i="debug"):404===o?(a="[Authress Login SDK] HttpClient Response: Not Found",i="debug"):o<500&&s&&(i="debug"):a="[Authress Login SDK] HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[i]&&this.logger[i]({title:a,online:"undefined"==typeof navigator\|\|navigator.onLine,method:d,url:c,status:o,data:n,headers:l,error:e,resolvedError:t});throw{url:c,method:d,status:o,data:t,headers:e.headers}}}}},160:(e,t,n)=>{const r=n(427),o="AuthenticationCredentialsStorage";e.exports=new class{constructor(){this.retainUserCookie=!1}getUserCookie(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;return document.cookie.split(";").filter((e=>"user"===e.split("=")[0].trim())).map((e=>e.replace(/^user=/,""))).find((e=>e&&e.trim()))\|\|null}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const n=r.parse(document.cookie);localStorage.setItem(o,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!n.authorization})),this.retainUserCookie\|\|this.clearCookies("user")}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;let e={};try{e=r.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:n,jsCookies:r}=JSON.parse(localStorage.getItem(o)\|\|"{}");return t?n<Date.now()\|\|r&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(o)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies("user")}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window\|\|"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const n of t){if(!["user","authorization","auth-code","AuthUserId"].includes(n.split("=")[0])\|\|e&&n.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),r=[...Array(t.length-1)].map(((e,n)=>t.reverse().slice(0,n+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&r.push("localhost");for(const e of r){const t=e?`domain=${e};`:"",r=`${encodeURIComponent(n.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${r}/`;const o=location.pathname.split("/");for(;o.length>0;)document.cookie=r+o.join("/"),o.pop()}}}}},321:e=>{var t=1/0,n=17976931348623157e292,r=NaN,o="[object Symbol]",i=/^\s+\|\s+$/g,a=/^[-+]0x[0-9a-f]+$/i,s=/^0b[01]+$/i,c=/^0o[0-7]+$/i,d=parseInt,l=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t\|\|"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,n){var r=-1,o=e.length;t<0&&(t=-t>o?0:o+t),(n=n>o?o:n)<0&&(n+=o),o=t>n?0:n-t>>>0,t>>>=0;for(var i=Array(o);++r<o;)i[r]=e[r+t];return i}(e,0,(h=p\|\|void 0===h?1:(f=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e\|\|function(e){return!!e&&"object"==typeof e}(e)&&l.call(e)==o}(e))return r;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(i,"");var n=s.test(e);return n\|\|c.test(e)?d(e.slice(2),n?2:8):a.test(e)?r:+e}(e))===t\|\|e===-1/0?(e<0?-1:1)n:e==e?e:0:0===e?e:0}(h),g=f%1,f==f?g?f-g:f:0))<0?0:h):[];var f,g}},330:e=>{"use strict";e.exports=JSON.parse('{"name":"@authress/login","version":"2.5.362","description":"Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.","main":"./src/index.js","types":"./index.d.ts","files":["index.d.ts","src","dist"],"scripts":{"build":"node make.js build && NODE_ENV=production webpack --mode=production","lint":"eslint --ext .js,.ts src tests make.js index.d.ts","test":"check-dts index.d.ts && mocha tests/.test.js tests//.test.js -R spec"},"dependencies":{"cookie":"<1","lodash.take":"^4.1.1"},"devDependencies":{"@babel/core":"^7.17.5","@babel/preset-env":"^7.16.11","@types/node":"^14.14.35","@typescript-eslint/eslint-plugin":"^3.1.0","@typescript-eslint/parser":"^3.1.0","babel-loader":"^8.2.3","chai":"^4.2.0","check-dts":"^0.4.4","ci-build-tools":"^1.0.13","commander":"^4.0.1","compression-webpack-plugin":"^9.2.0","eslint":"^7.12.1","eslint-config-cimpress-atsquad":"^1.0.67","eslint-loader":"^4.0.2","eslint-plugin-mocha":"^7.0.1","eslint-plugin-node":"^11.1.0","eslint-plugin-promise":"^6.1.1","fs-extra":"^8.1.0","glob":"^7.1.6","mocha":"^11.1.0","path-browserify":"^1.0.1","sinon":"^7.5.0","sinon-chai":"^3.3.0","terser-webpack-plugin":"^5.3.1","typescript":"^3.9.5","webpack":"^5.69.1","webpack-cli":"^4.9.2"},"repository":{"type":"git","url":"git+https://github.com/Authress/authress-login.js"},"keywords":["authentication","authentication as a service","Login","Login Client","universal login","auth","federated login","secure login","application security","IDaaS","authentication","user authentication","user identity","Oauth2","Oauth2.1","Oauth3","platform","platform login","extension","Authress","Authress client","user security","DBSC","Device Bound Session Credentials"],"author":"Authress Developers <developers@authress.io> (https://authress.io)","license":"Apache-2.0","bugs":{"url":"https://github.com/Authress/authress-login.js/issues"},"homepage":"https://authress.io","engines":{"node":">=18"}}')},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")\|\|(t=`https://${t}`);const n=new URL(t),r=n.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return r&&(n.host=`${r[1]}.login.authress.io`,t=n.toString()),t.replace(/[/]+$/,"")}},354:(e,t,n)=>{const r=n(427),o=n(321),i=n(629),a=n(75),s=n(836),{sanitizeUrl:c}=n(332),d=n(160);let l,u=new Promise((e=>l=e)),h=null;const p="AuthenticationRequestNonce";const f=n(568);e.exports={LoginClient:class{constructor(e,t){const n=Object.assign({applicationId:"app_default"},e);this.logger=t\|\|console;const r=n.authressApiUrl\|\|n.authressLoginHostUrl\|\|n.authenticationServiceUrl\|\|"";if(!r)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');if(this.applicationId=n.applicationId,!this.applicationId\|\|this.applicationId.match(/^(sc_\|ext_)/)){const e=Error("You have incorrectly specified an Authress Service Client or Extension as the applicationId instead of a valid application. The applicationId is your application that your users will log into, usually hosted on your domain https://example.yourdomain.com. Users cannot log into a Service Client, but they can log in with one. Users can use a Service Client to log in, by setting the connection ID in the authenticate({ connectionId }) method to be the Authress Service Client.\n(1) If you are building an Custom Login Portal, then the application ID should correspond to this login portal.\n(2) If you are replacing or extending an Authress connection, then specify the Service Client as the connectionId and the end user application as the applicationId.\n(3) If you are building a platform or plugin marketplace, where users will log into third party extensions or apps, then distribute in your SDK a wrapper for the Authress Extension Client using: import { extensionClient } from '@authress/login' found within this SDK.\n(4) If you aren't sure what to do here to fix the problem, the fastest and usually correct solution is go to https://authress.io/app/#/settings?focus=applications create a new application, specify your site in the application url property and then update the value here.");throw e.code="InvalidApplication",e}this.hostUrl=c(r),this.httpClient=new a(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),d.retainUserCookie=e.retainUserCookie,n.skipBackgroundCredentialsCheck\|\|i.onLoad((async()=>{await this.userSessionExists(!0)}))}getMatchingDomainInfo(e){const t=new URL(e);if(i.isLocalHost())return!1;const n=i.getCurrentLocation();if("https:"!==n.protocol)return!1;const r=t.host.toLowerCase().split(".").reverse(),a=n.host.toLowerCase().split(".").reverse();let s=[];for(let e of r){const t=o(a,s.length+1).join(".");if(s.concat(e).join(".")!==t)break;s.push(e)}return s.length===r.length&&s.length===a.length\|\|s.length>1}getUserIdentity(){const e=d.getUserCookie(),t=s.decodeOrParse(e);if(t){const n=t.exp?new Date(1e3t.exp):new Date(Date.now()+864e5);return d.set(e,n),t.userId=t.sub,t}const n=d.get(),r=s.decodeOrParse(n);if(!r)return null;const o=new URL(r.iss).hostname,i=new URL(this.hostUrl).hostname;return o.endsWith(i)\|\|i.endsWith(o)?(r.userId=r.sub,r):(d.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage\|\|"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl\|\|i.getCurrentLocation().href),i.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:"",type:"",totp:{}}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}if(!e){const e=Error("Register Device missing required parameter: 'Options'");throw e.code="InvalidInput",e}let n;if(e.type&&"WebAuthN"!==e.type)"TOTP"===e.type&&(n={name:e.name,code:e.totp.verificationCode,totpData:e.totp,type:"TOTP"});else{const r=t.sub,o={challenge:Uint8Array.from(r,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(r,(e=>e.charCodeAt(0))),name:r,displayName:`Generated User ID: ${r}`},pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},i=await navigator.credentials.create({publicKey:o}),a={authenticatorAttachment:i.authenticatorAttachment,credentialId:i.id,type:i.type,userId:r,attestation:btoa(String.fromCharCode(...new Uint8Array(i.response.attestationObject))),client:btoa(String.fromCharCode(...new Uint8Array(i.response.clientDataJSON)))};n={name:e&&e.name,code:a,type:"WebAuthN"}}try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,n,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to register new device",error:e,request:n}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e){return h?Date.now()-this.lastSessionCheck<50?h:(this.lastSessionCheck=Date.now(),h=h.catch((()=>{})).then((()=>this.userSessionContinuation(e)))):(this.lastSessionCheck=Date.now(),h=this.userSessionContinuation(e))}async userSessionContinuation(e){const t=new URLSearchParams(i.getCurrentLocation().search);let n={};if("undefined"!=typeof localStorage)try{n=JSON.parse(localStorage.getItem(p)\|\|"{}"),localStorage.removeItem(p),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if((n.nonce\|\|t.get("iss")&&t.get("iss").includes(this.hostUrl))&&this.sanitizeQueryParameters(),n.nonce&&t.get("code")&&n.nonce===t.get("nonce")){const e="cookie"===t.get("code")?r.parse(document.cookie)["auth-code"]:t.get("code"),o=await s.calculateAntiAbuseHash({client_id:this.applicationId,authenticationRequestId:n.nonce,code:e}),i={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.applicationId,code:e,code_verifier:n.codeVerifier,antiAbuseHash:o};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,i),t=s.decode(e.data.id_token),o=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);return document.cookie=r.serialize("authorization",e.data.access_token\|\|"",{expires:o,path:"/",sameSite:"strict"}),d.set(e.data.id_token,o),l(),!0}catch(e){if(this.logger&&this.logger.log({title:"[Authress Login SDK] Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data\|\|e}}if(i.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(!n.nonce\|\|n.nonce===t.get("nonce"))){const e=s.decode(t.get("id_token")),n=e.exp&&new Date(1e3e.exp)\|\|Number(t.get("expires_in"))&&new Date(Date.now()+1e3Number(t.get("expires_in")));return document.cookie=r.serialize("authorization",t.get("access_token")\|\|"",{expires:n,path:"/",sameSite:"strict"}),d.set(t.get("id_token"),n),l(),!0}if(this.getUserIdentity())return l(),!0;if(!i.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=s.decode(e.data.id_token),n=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);document.cookie=r.serialize("authorization",e.data.access_token\|\|"",{expires:n,path:"/",sameSite:"strict"}),d.set(e.data.id_token,n)}}catch(e){400===e.status\|\|404===e.status\|\|409===e.status?this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return l(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:r}){if(!t&&!n){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const o=new URLSearchParams(i.getCurrentLocation().search),a=e\|\|o.get("state");if(!a){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=await s.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,authenticationRequestId:a}),o=await this.httpClient.patch(`/authentication/${a}`,!0,{antiAbuseHash:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:r});if(new URL(o.data.authenticationUrl).hostname===i.getCurrentLocation().hostname)return{authenticationUrl:o.data.authenticationUrl};i.assign(o.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const n=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,n)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:n,connectionProperties:r}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let o;try{o=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:a}=await s.getAuthCodes(),c=await s.calculateAntiAbuseHash({connectionId:e,tenantLookupIdentifier:t,applicationId:this.applicationId});try{const s=n&&new URL(n).toString()\|\|i.getCurrentLocation().href,d=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${o}`},l=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:c,linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:a,connectionId:e,tenantLookupIdentifier:t,connectionProperties:r,applicationId:this.applicationId},d);i.assign(l.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:n,inviteId:r,redirectUrl:o,force:a,responseLocation:c,flowType:l,connectionProperties:u,openType:h,multiAccount:f,clearUserDataBeforeLogin:g}=e\|\|{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!r&&!a&&!f&&await this.userSessionExists()){const n=await this.ensureToken(),r=s.decode(n);if(t&&r&&r.azp&&t!==r.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:r});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:m,codeChallenge:w}=await s.getAuthCodes(),y=await s.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,inviteId:r,applicationId:this.applicationId});try{const e=o&&new URL(o).toString()\|\|i.getCurrentLocation().href;!1!==g&&d.clear();const a=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:y,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:w,connectionId:t,tenantLookupIdentifier:n,inviteId:r,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:l,multiAccount:f});if(localStorage.setItem(p,JSON.stringify({nonce:a.data.authenticationRequestId,codeVerifier:m,lastConnectionId:t,tenantLookupIdentifier:n,redirectUrl:e,enableCredentials:a.data.enableCredentials,multiAccount:f})),new URL(a.data.authenticationUrl).hostname===i.getCurrentLocation().hostname)return{authenticationUrl:a.data.authenticationUrl};if("tab"===h){const e=i.open(a.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed\|\|i.assign(a.data.authenticationUrl)}else i.assign(a.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async ensureToken(e){if(e&&0===e.timeoutInMillis){const e=this.getUserIdentity(),t=r.parse(document.cookie);if(e)return"undefined"!==t.authorization&&t.authorization;const n=Error("No token retrieved after timeout");throw n.code="TokenTimeout",n}await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e\|\|{}),n=this.waitForUserSession(),o=-1===t.timeoutInMillis\|\|t.timeoutInMillis>231-1?231-1:t.timeoutInMillis,i=new Promise(((e,t)=>setTimeout(t,o\|\|0)));try{await Promise.race([n,i])}catch(e){const t=Error("No token retrieved after timeout");throw t.code="TokenTimeout",t}const a=r.parse(document.cookie);return"undefined"!==a.authorization&&a.authorization}async logout(e){let t;if(e)try{new URL(e),t=e}catch(n){try{t=new URL(e,i.getCurrentLocation().href).toString()}catch(t){const n=Error(`The logout redirect url is not valid URL: ${e}`);throw n.code="InvalidRedirectUrl",n}}if(d.clear(),this.sanitizeQueryParameters(),u=new Promise((e=>l=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),this.lastSessionCheck=0,void(e&&e!==i.getCurrentLocation().href&&i.assign(e))}catch(e){}const n=new URL("/logout",this.hostUrl);n.searchParams.set("redirect_uri",t\|\|i.getCurrentLocation().href),n.searchParams.set("client_id",this.applicationId),i.assign(n.toString()),this.lastSessionCheck=0,await new Promise((e=>setTimeout(e,500)))}sanitizeQueryParameters(){const e=new URL(i.getCurrentLocation());e.searchParams.delete("iss"),e.searchParams.delete("nonce"),e.searchParams.delete("code"),e.searchParams.delete("expires_in"),e.searchParams.delete("access_token"),e.searchParams.delete("id_token"),history.replaceState({},void 0,e.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var n={},o=e.length;if(o<2)return n;var i=t&&t.decode\|\|l,a=0,s=0,h=0;do{if(-1===(s=e.indexOf("=",a)))break;if(-1===(h=e.indexOf(";",a)))h=o;else if(s>h){a=e.lastIndexOf(";",s-1)+1;continue}var p=c(e,a,s),f=d(e,s,p),g=e.slice(p,f);if(!r.call(n,g)){var m=c(e,s+1,h),w=d(e,h,m);34===e.charCodeAt(m)&&34===e.charCodeAt(w-1)&&(m++,w--);var y=e.slice(m,w);n[g]=u(y,i)}a=h+1}while(a<o);return n},t.serialize=function(e,t,r){var c=r&&r.encode\|\|encodeURIComponent;if("function"!=typeof c)throw new TypeError("option encode is invalid");if(!o.test(e))throw new TypeError("argument name is invalid");var d=c(t);if(!i.test(d))throw new TypeError("argument val is invalid");var l=e+"="+d;if(!r)return l;if(null!=r.maxAge){var u=Math.floor(r.maxAge);if(!isFinite(u))throw new TypeError("option maxAge is invalid");l+="; Max-Age="+u}if(r.domain){if(!a.test(r.domain))throw new TypeError("option domain is invalid");l+="; Domain="+r.domain}if(r.path){if(!s.test(r.path))throw new TypeError("option path is invalid");l+="; Path="+r.path}if(r.expires){var h=r.expires;if(!function(e){return"[object Date]"===n.call(e)}(h)\|\|isNaN(h.valueOf()))throw new TypeError("option expires is invalid");l+="; Expires="+h.toUTCString()}r.httpOnly&&(l+="; HttpOnly");r.secure&&(l+="; Secure");r.partitioned&&(l+="; Partitioned");if(r.priority){switch("string"==typeof r.priority?r.priority.toLowerCase():r.priority){case"low":l+="; Priority=Low";break;case"medium":l+="; Priority=Medium";break;case"high":l+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(r.sameSite){switch("string"==typeof r.sameSite?r.sameSite.toLowerCase():r.sameSite){case!0:l+="; SameSite=Strict";break;case"lax":l+="; SameSite=Lax";break;case"strict":l+="; SameSite=Strict";break;case"none":l+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return l};var n=Object.prototype.toString,r=Object.prototype.hasOwnProperty,o=/^[!#$%&'+\-.^_`\|~0-9A-Za-z]+$/,i=/^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]\1$/,a=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)$/i,s=/^[\u0020-\u003A\u003D-\u007E]$/;function c(e,t,n){do{var r=e.charCodeAt(t);if(32!==r&&9!==r)return t}while(++t<n);return n}function d(e,t,n){for(;t>n;){var r=e.charCodeAt(--t);if(32!==r&&9!==r)return t+1}return n}function l(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function u(e,t){try{return t(e)}catch(t){return e}}},568:(e,t,n)=>{const r=n(836),{sanitizeUrl:o}=n(332),i=n(629),a="ExtensionRequestNonce";let s=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=o(e),this.accessToken=null,i.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await r.decode(this.accessToken);return e?1e3e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(s)return s=s.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),s=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code\|\|new URLSearchParams(i.getCurrentLocation().search).get("code");if(!t){if(!e\|\|!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const n=new URL(this.authressCustomDomain);n.pathname="/api/authentication/oauth/tokens";const{codeVerifier:r,redirectUrl:o}=JSON.parse(localStorage.getItem(a)\|\|"{}"),s=await fetch(n.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:r,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:o})}),c=await s.json();this.accessToken=c.access_token;const d=new URL(i.getCurrentLocation());return d.searchParams.delete("code"),d.searchParams.delete("iss"),d.searchParams.delete("nonce"),d.searchParams.delete("expires_in"),d.searchParams.delete("access_token"),d.searchParams.delete("id_token"),history.replaceState({},void 0,d.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const n=await this.requestToken({silent:!0});if(n)return n;const o=new URL(this.authressCustomDomain),{codeVerifier:s,codeChallenge:c}=r.getAuthCodes(),d=e\|\|i.getCurrentLocation().href;return localStorage.setItem(a,JSON.stringify({codeVerifier:s,redirectUrl:d})),o.searchParams.set("client_id",this.extensionId),o.searchParams.set("code_challenge",c),o.searchParams.set("code_challenge_method","S256"),o.searchParams.set("redirect_uri",d),i.assign(o.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname\|\|"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)\|\|new URL("http://localhost:8080")}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},836:(e,t,n)=>{const r=n(878);e.exports=new class{decode(e){if(!e)return null;try{const t=JSON.parse(r.decode(e.split(".")[1]));return t.exp&&(t.exp=t.exp-10),t}catch(e){return null}}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;try{const t=JSON.parse(r.decode(e.split(".")[0])),n=JSON.parse(r.decode(e.split(".")[1]));return n.exp&&(n.exp=n.exp-10),{header:t,payload:n}}catch(e){return null}}async getAuthCodes(){const e=r.encode((window.crypto\|\|window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:r.encode(t)}}async calculateAntiAbuseHash(e){const t=Date.now(),n=Object.values(e).filter((e=>e)).join("\|");let o=0,i=null;for(;++o&&(i=r.encode(await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(`${t};${o};${n}`))),!i.match(/^00/)););return`v2;${t};${o};${i}`}}},878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function n(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),n).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}}},r={};function o(e){var t=r[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var i=r[e]={exports:{}};try{var a={id:e,module:i,factory:n[e],require:o};o.i.forEach((function(e){e(a)})),i=a.module,a.factory.call(i.exports,i,i.exports,a.require)}catch(e){throw i.error=e,e}return i.exports}return o.m=n,o.c=r,o.i=[],o.hu=e=>e+"."+o.h()+".hot-update.js",o.hmrF=()=>"main."+o.h()+".hot-update.json",o.h=()=>"3727d279383e9571121c",o.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",o.l=(n,r,i,a)=>{if(e[n])e[n].push(r);else{var s,c;if(void 0!==i)for(var d=document.getElementsByTagName("script"),l=0;l<d.length;l++){var u=d[l];if(u.getAttribute("src")==n\|\|u.getAttribute("data-webpack")==t+i){s=u;break}}s\|\|(c=!0,(s=document.createElement("script")).charset="utf-8",s.timeout=120,o.nc&&s.setAttribute("nonce",o.nc),s.setAttribute("data-webpack",t+i),s.src=n),e[n]=[r];var h=(t,r)=>{s.onerror=s.onload=null,clearTimeout(p);var o=e[n];if(delete e[n],s.parentNode&&s.parentNode.removeChild(s),o&&o.forEach((e=>e(r))),t)return t(r)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},(()=>{var e,t,n,r={},i=o.c,a=[],s=[],c="idle",d=0,l=[];function u(e){c=e;for(var t=[],n=0;n<s.length;n++)t[n]=s[n].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--d&&u("ready").then((function(){if(0===d){var e=l;l=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(o.hmrM).then((function(n){return n?u("prepare").then((function(){var r=[];return t=[],Promise.all(Object.keys(o.hmrC).reduce((function(e,i){return o.hmrC[i](n.c,n.r,n.m,e,t,r),e}),[])).then((function(){return t=function(){return e?g(e):u("ready").then((function(){return r}))},0===d?t():new Promise((function(e){l.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function f(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):g(e)}function g(e){e=e\|\|{},m();var r=t.map((function(t){return t(e)}));t=void 0;var o=r.map((function(e){return e.error})).filter(Boolean);if(o.length>0)return u("abort").then((function(){throw o[0]}));var i=u("dispose");r.forEach((function(e){e.dispose&&e.dispose()}));var a,s=u("apply"),c=function(e){a\|\|(a=e)},d=[];return r.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var n=0;n<t.length;n++)d.push(t[n])}})),Promise.all([i,s]).then((function(){return a?u("fail").then((function(){throw a})):n?g(e).then((function(e){return d.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return d}))}))}function m(){if(n)return t\|\|(t=[]),Object.keys(o.hmrI).forEach((function(e){n.forEach((function(n){o.hmrI[e](n,t)}))})),n=void 0,!0}o.hmrD=r,o.i.push((function(l){var g,m,w,y,v=l.module,k=function(t,n){var r=i[n];if(!r)return t;var o=function(o){if(r.hot.active){if(i[o]){var s=i[o].parents;-1===s.indexOf(n)&&s.push(n)}else a=[n],e=o;-1===r.children.indexOf(o)&&r.children.push(o)}else console.warn("[HMR] unexpected require("+o+") from disposed module "+n),a=[];return t(o)},s=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(n){t[e]=n}}};for(var l in t)Object.prototype.hasOwnProperty.call(t,l)&&"e"!==l&&Object.defineProperty(o,l,s(l));return o.e=function(e,n){return function(e){switch(c){case"ready":u("prepare");case"prepare":return d++,e.then(h,h),e;default:return e}}(t.e(e,n))},o}(l.require,l.id);v.hot=(g=l.id,m=v,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==g,_requireSelf:function(){a=m.parents.slice(),e=w?void 0:g,o(g)},active:!0,accept:function(e,t,n){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var r=0;r<e.length;r++)y._acceptedDependencies[e[r]]=t\|\|function(){},y._acceptedErrorHandlers[e[r]]=n;else y._acceptedDependencies[e]=t\|\|function(){},y._acceptedErrorHandlers[e]=n},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)})),u("ready");break;case"ready":Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)}));break;case"prepare":case"check":case"dispose":case"apply":(n=n\|\|[]).push(g)}},check:p,apply:f,status:function(e){if(!e)return c;s.push(e)},addStatusHandler:function(e){s.push(e)},removeStatusHandler:function(e){var t=s.indexOf(e);t>=0&&s.splice(t,1)},data:r[g]},e=void 0,y),v.parents=a,v.children=[],a=[],l.require=k})),o.hmrC={},o.hmrI={}})(),o.p="",(()=>{var e,t,n,r,i,a=o.hmrS_jsonp=o.hmrS_jsonp\|\|{792:0},s={};function c(t,n){return e=n,new Promise(((e,n)=>{s[t]=e;var r=o.p+o.hu(t),i=new Error;o.l(r,(e=>{if(s[t]){s[t]=void 0;var r=e&&("load"===e.type?"missing":e.type),o=e&&e.target&&e.target.src;i.message="Loading hot update chunk "+t+" failed.\n("+r+": "+o+")",i.name="ChunkLoadError",i.type=r,i.request=o,n(i)}}))}))}function d(e){function s(e){for(var t=[e],n={},r=t.map((function(e){return{chain:[e],id:e}}));r.length>0;){var i=r.pop(),a=i.id,s=i.chain,d=o.c[a];if(d&&(!d.hot._selfAccepted\|\|d.hot._selfInvalidated)){if(d.hot._selfDeclined)return{type:"self-declined",chain:s,moduleId:a};if(d.hot._main)return{type:"unaccepted",chain:s,moduleId:a};for(var l=0;l<d.parents.length;l++){var u=d.parents[l],h=o.c[u];if(h){if(h.hot._declinedDependencies[a])return{type:"declined",chain:s.concat([u]),moduleId:a,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[a]?(n[u]\|\|(n[u]=[]),c(n[u],[a])):(delete n[u],t.push(u),r.push({chain:s.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:n}}function c(e,t){for(var n=0;n<t.length;n++){var r=t[n];-1===e.indexOf(r)&&e.push(r)}}o.f&&delete o.f.jsonpHmr,t=void 0;var d={},l=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in n)if(o.o(n,p)){var f=n[p],g=f?s(p):{type:"disposed",moduleId:p},m=!1,w=!1,y=!1,v="";switch(g.chain&&(v="\nUpdate propagation: "+g.chain.join(" -> ")),g.type){case"self-declined":e.onDeclined&&e.onDeclined(g),e.ignoreDeclined\|\|(m=new Error("Aborted because of self decline: "+g.moduleId+v));break;case"declined":e.onDeclined&&e.onDeclined(g),e.ignoreDeclined\|\|(m=new Error("Aborted because of declined dependency: "+g.moduleId+" in "+g.parentId+v));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(g),e.ignoreUnaccepted\|\|(m=new Error("Aborted because "+p+" is not accepted"+v));break;case"accepted":e.onAccepted&&e.onAccepted(g),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(g),y=!0;break;default:throw new Error("Unexception type "+g.type)}if(m)return{error:m};if(w)for(p in u[p]=f,c(l,g.outdatedModules),g.outdatedDependencies)o.o(g.outdatedDependencies,p)&&(d[p]\|\|(d[p]=[]),c(d[p],g.outdatedDependencies[p]));y&&(c(l,[g.moduleId]),u[p]=h)}n=void 0;for(var k,C=[],b=0;b<l.length;b++){var I=l[b],S=o.c[I];S&&(S.hot._selfAccepted\|\|S.hot._main)&&u[I]!==h&&!S.hot._selfInvalidated&&C.push({module:I,require:S.hot._requireSelf,errorHandler:S.hot._selfAccepted})}return{dispose:function(){var e;r.forEach((function(e){delete a[e]})),r=void 0;for(var t,n=l.slice();n.length>0;){var i=n.pop(),s=o.c[i];if(s){var c={},u=s.hot._disposeHandlers;for(b=0;b<u.length;b++)u[b].call(null,c);for(o.hmrD[i]=c,s.hot.active=!1,delete o.c[i],delete d[i],b=0;b<s.children.length;b++){var h=o.c[s.children[b]];h&&((e=h.parents.indexOf(i))>=0&&h.parents.splice(e,1))}}}for(var p in d)if(o.o(d,p)&&(s=o.c[p]))for(k=d[p],b=0;b<k.length;b++)t=k[b],(e=s.children.indexOf(t))>=0&&s.children.splice(e,1)},apply:function(t){for(var n in u)o.o(u,n)&&(o.m[n]=u[n]);for(var r=0;r<i.length;r++)i[r](o);for(var a in d)if(o.o(d,a)){var s=o.c[a];if(s){k=d[a];for(var c=[],h=[],p=[],f=0;f<k.length;f++){var g=k[f],m=s.hot._acceptedDependencies[g],w=s.hot._acceptedErrorHandlers[g];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(g)}}for(var y=0;y<c.length;y++)try{c[y].call(null,k)}catch(n){if("function"==typeof h[y])try{h[y](n,{moduleId:a,dependencyId:p[y]})}catch(r){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:a,dependencyId:p[y],error:r,originalError:n}),e.ignoreErrored\|\|(t(r),t(n))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:a,dependencyId:p[y],error:n}),e.ignoreErrored\|\|t(n)}}}for(var v=0;v<C.length;v++){var b=C[v],I=b.module;try{b.require(I)}catch(n){if("function"==typeof b.errorHandler)try{b.errorHandler(n,{moduleId:I,module:o.c[I]})}catch(r){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:r,originalError:n}),e.ignoreErrored\|\|(t(r),t(n))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:n}),e.ignoreErrored\|\|t(n)}}return l}}}this.webpackHotUpdateauthress=(t,r,a)=>{for(var c in r)o.o(r,c)&&(n[c]=r[c],e&&e.push(c));a&&i.push(a),s[t]&&(s[t](),s[t]=void 0)},o.hmrI.jsonp=function(e,t){n\|\|(n={},i=[],r=[],t.push(d)),o.o(n,e)\|\|(n[e]=o.m[e])},o.hmrC.jsonp=function(e,s,l,u,h,p){h.push(d),t={},r=s,n=l.reduce((function(e,t){return e[t]=!1,e}),{}),i=[],e.forEach((function(e){o.o(a,e)&&void 0!==a[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),o.f&&(o.f.jsonpHmr=function(e,n){t&&o.o(t,e)&&!t[e]&&(n.push(c(e)),t[e]=!0)})},o.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(o.p+o.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),o(354)})()));
	1	/! Authress Login SDK 2.5.394 \| Author - Authress Developers \| License information can be found at https://github.com/Authress/login-sdk.js /
	2	!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,n={75:(e,t,n)=>{const{sanitizeUrl:o}=n(332),i=n(629),r={"Content-Type":"application/json","X-Powered-By":`Authress Login SDK; Javascript; ${n(330).version}`},s=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","Load failed","<HTML DOCUMENT></HTML>"]);function a(e){return"Network Error"===e.message\|\|"ERR_NETWORK"===e.code\|\|!e.status\|\|e.status>=500\|\|"string"==typeof e.message&&s.has(e.message)\|\|"string"==typeof e.data&&s.has(e.data)}async function c(e){let t=null;for(let n=0;n<5;n++)try{return await e()}catch(e){if(e.retryCount=n,!a(e))throw e;t=e,t.isNetworkError=!0,await new Promise((e=>setTimeout(e,102n)));continue}const n=new Error("[Authress Login SDK] Http Request failed due to a Network Error even after multiple retries",{cause:t});throw n.code="AuthressSdkNetworkError",n}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const n=t\|\|{debug(){},warn(){},critical(){}};this.logger=n;const i=new URL(o(e));this.loginUrl=`${i.origin}/api`}get(e,t,n,o){return c((()=>this.fetchWrapper("GET",e,null,n,t,o)))}delete(e,t,n,o){return c((()=>this.fetchWrapper("DELETE",e,null,n,t,o)))}post(e,t,n,o,i){return c((()=>this.fetchWrapper("POST",e,n,o,t,i)))}put(e,t,n,o,i){return c((()=>this.fetchWrapper("PUT",e,n,o,t,i)))}patch(e,t,n,o,i){return c((()=>this.fetchWrapper("PATCH",e,n,o,t,i)))}async fetchWrapper(e,t,n,o,s,a){const c=`${this.loginUrl}${t.toString()}`,l=e.toUpperCase(),d=Object.assign({},r,o);try{this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] HttpClient Request",method:l,url:c});const e={method:l,headers:d};n&&(e.body=JSON.stringify(n)),!i.isLocalHost()&&s&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let o={};try{o=await t.text(),o=JSON.parse(o)}catch(e){}return{url:c,method:l,headers:t.headers,status:t.status,data:o}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const o=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(o){this.logger&&this.logger.debug&&this.logger.debug({title:`[Authress Login SDK] Fetch failed due to a browser extension - ${l} - ${c}`,method:l,url:c,data:n,headers:d,error:e,resolvedError:t,extensionErrorId:o});const i=new Error(`Extension Error ID: ${o}`);throw i.code="BROWSER_EXTENSION_ERROR",i}const i=e.status;let r="warn",s="[Authress Login SDK] HttpClient Response Error";e?401===i?(s="[Authress Login SDK] HttpClient Response Error due to invalid token",r="debug"):404===i?(s="[Authress Login SDK] HttpClient Response: Not Found",r="debug"):i<500&&a&&(r="debug"):s="[Authress Login SDK] HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[r]&&this.logger[r]({title:s,online:"undefined"==typeof navigator\|\|navigator.onLine,method:l,url:c,status:i,data:n,headers:d,error:e,resolvedError:t});throw{url:c,method:l,status:i,data:t,headers:e.headers}}}}},160:(e,t,n)=>{const o=n(427),i=n(629),r="AuthenticationCredentialsStorage",s={user:"user",authorization:"authorization",authCode:"auth-code",authUserId:"AuthUserId"};e.exports=new class{constructor(){this.retainUserCookie=!1}getUserCookie(){const e=i.getDocument();if(!e)return null;return e.cookie.split(";").filter((e=>e.split("=")[0].trim()===s.user)).map((e=>e.trim().replace(/^user=/,""))).find((e=>e&&e.trim()))\|\|null}getAuthorizationTokens(){if("undefined"==typeof window\|\|"undefined"==typeof document)return[];return document.cookie.split(";").filter((e=>e.split("=")[0].trim()===s.authorization)).map((e=>e.trim().replace(/^authorization=/,""))).filter((e=>e&&e.trim()))}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const n=o.parse(document.cookie);localStorage.setItem(r,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!n.authorization})),this.retainUserCookie\|\|this.clearCookies(s.user)}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window\|\|"undefined"==typeof document)return null;let e={};try{e=o.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:n,jsCookies:o}=JSON.parse(localStorage.getItem(r)\|\|"{}");return t?n<Date.now()\|\|o&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(r)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies(s.user)}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window\|\|"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const n of t){if(!Object.values(s).includes(n.split("=")[0])\|\|e&&n.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),o=[...Array(t.length-1)].map(((e,n)=>t.reverse().slice(0,n+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&o.push("localhost");for(const e of o){const t=e?`domain=${e};`:"",o=`${encodeURIComponent(n.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${o}/`;const i=location.pathname.split("/");for(;i.length>0;)document.cookie=o+i.join("/"),i.pop()}}}}},321:e=>{var t=1/0,n=17976931348623157e292,o=NaN,i="[object Symbol]",r=/^\s+\|\s+$/g,s=/^[-+]0x[0-9a-f]+$/i,a=/^0b[01]+$/i,c=/^0o[0-7]+$/i,l=parseInt,d=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t\|\|"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,n){var o=-1,i=e.length;t<0&&(t=-t>i?0:i+t),(n=n>i?i:n)<0&&(n+=i),i=t>n?0:n-t>>>0,t>>>=0;for(var r=Array(i);++o<i;)r[o]=e[o+t];return r}(e,0,(h=p\|\|void 0===h?1:(g=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e\|\|function(e){return!!e&&"object"==typeof e}(e)&&d.call(e)==i}(e))return o;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(r,"");var n=a.test(e);return n\|\|c.test(e)?l(e.slice(2),n?2:8):s.test(e)?o:+e}(e))===t\|\|e===-1/0?(e<0?-1:1)n:e==e?e:0:0===e?e:0}(h),f=g%1,g==g?f?g-f:g:0))<0?0:h):[];var g,f}},330:e=>{"use strict";e.exports=JSON.parse('{"name":"@authress/login","version":"2.5.394","description":"Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.","main":"./src/index.js","types":"./index.d.ts","files":["index.d.ts","src","dist"],"scripts":{"build":"node make.js build && NODE_ENV=production webpack --mode=production","lint":"eslint --ext .js,.ts src tests make.js index.d.ts","test":"check-dts index.d.ts && mocha tests/.test.js tests//.test.js -R spec"},"dependencies":{"cookie":"<1","lodash.take":"^4.1.1"},"devDependencies":{"@babel/core":"^7.17.5","@babel/preset-env":"^7.16.11","@types/node":"^14.14.35","@typescript-eslint/eslint-plugin":"^3.1.0","@typescript-eslint/parser":"^3.1.0","babel-loader":"^8.2.3","chai":"^4.2.0","check-dts":"^0.4.4","ci-build-tools":"^1.0.13","commander":"^4.0.1","compression-webpack-plugin":"^9.2.0","eslint":"^7.12.1","eslint-config-cimpress-atsquad":"^1.0.67","eslint-loader":"^4.0.2","eslint-plugin-mocha":"^7.0.1","eslint-plugin-node":"^11.1.0","eslint-plugin-promise":"^6.1.1","fs-extra":"^8.1.0","glob":"^7.1.6","mocha":"^11.1.0","path-browserify":"^1.0.1","sinon":"^7.5.0","sinon-chai":"^3.3.0","terser-webpack-plugin":"^5.3.1","typescript":"^3.9.5","webpack":"^5.69.1","webpack-cli":"^4.9.2"},"repository":{"type":"git","url":"git+https://github.com/Authress/authress-login.js"},"keywords":["authentication","authentication as a service","Login","Login Client","universal login","auth","federated login","secure login","application security","IDaaS","authentication","user authentication","user identity","Oauth2","Oauth2.1","Oauth3","platform","platform login","extension","Authress","Authress client","user security","DBSC","Device Bound Session Credentials"],"author":"Authress Developers <developers@authress.io> (https://authress.io)","license":"Apache-2.0","bugs":{"url":"https://github.com/Authress/authress-login.js/issues"},"homepage":"https://authress.io","engines":{"node":">=18"}}')},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")\|\|(t=`https://${t}`);const n=new URL(t),o=n.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return o&&(n.host=`${o[1]}.login.authress.io`,t=n.toString()),t.replace(/[/]+$/,"")}},354:(e,t,n)=>{const o=n(427),i=n(321),r=n(629),s=n(75),a=n(836),{sanitizeUrl:c}=n(332),l=n(160);let d,u=new Promise((e=>d=e)),h=Promise.resolve(),p=!1;const g="AuthenticationRequestNonce";const f=n(568);e.exports={LoginClient:class{constructor(e,t){var n;const o=Object.assign({applicationId:"app_default"},e);this.logger=t\|\|console;const i=o.authressApiUrl\|\|o.authressLoginHostUrl\|\|o.authenticationServiceUrl\|\|"";if(!i)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');if(this.applicationId=null===(n=o.applicationId)\|\|void 0===n?void 0:n.trim(),!this.applicationId){const e=Error("Application ID is required.");throw e.code="InvalidApplication",e}if(this.applicationId.match(/^(sc_\|ext_)/)){const e=Error("You have incorrectly specified an Authress Service Client or Extension as the applicationId instead of a valid application. The applicationId is your application that your users will log into, usually hosted on your domain https://example.yourdomain.com. Users cannot log into a Service Client, but they can log in with one. Users can use a Service Client to log in, by setting the connection ID in the authenticate({ connectionId }) method to be the Authress Service Client.\n(1) If you are building an Custom Login Portal, then the application ID should correspond to this login portal.\n(2) If you are replacing or extending an Authress connection, then specify the Service Client as the connectionId and the end user application as the applicationId.\n(3) If you are building a platform or plugin marketplace, where users will log into third party extensions or apps, then distribute in your SDK a wrapper for the Authress Extension Client using: import { extensionClient } from '@authress/login' found within this SDK.\n(4) If you aren't sure what to do here to fix the problem, the fastest and usually correct solution is go to https://authress.io/app/#/settings?focus=applications create a new application, specify your site in the application url property and then update the value here.");throw e.code="InvalidApplication",e}this.hostUrl=c(i),this.httpClient=new s(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),l.retainUserCookie=e.retainUserCookie,o.skipBackgroundCredentialsCheck\|\|r.onLoad((async()=>{await this.userSessionExists({backgroundTrigger:!0})}))}getMatchingDomainInfo(e){const t=new URL(e);if(r.isLocalHost())return!1;const n=r.getCurrentLocation();if("https:"!==n.protocol)return!1;const o=t.host.toLowerCase().split(".").reverse(),s=n.host.toLowerCase().split(".").reverse();let a=[];for(let e of o){const t=i(s,a.length+1).join(".");if(a.concat(e).join(".")!==t)break;a.push(e)}return a.length===o.length&&a.length===s.length\|\|a.length>1}getUserIdentity(){const e=l.getUserCookie(),t=a.decodeOrParse(e);if(t){const n=t.exp?new Date(1e3t.exp):new Date(Date.now()+864e5);return l.set(e,n),t.userId=t.sub,t}const n=l.get(),o=a.decodeOrParse(n);if(!o)return null;const i=new URL(o.iss).hostname,r=new URL(this.hostUrl).hostname;return i.endsWith(r)\|\|r.endsWith(i)?(o.userId=o.sub,o):(l.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage\|\|"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl\|\|r.getCurrentLocation().href),r.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:"",type:"",totp:{}}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}if(!e){const e=Error("Register Device missing required parameter: 'Options'");throw e.code="InvalidInput",e}let n;if(e.type&&"WebAuthN"!==e.type)"TOTP"===e.type&&(n={name:e.name,code:e.totp.verificationCode,totpData:e.totp,type:"TOTP"});else{const o=t.sub,i={challenge:Uint8Array.from(o,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(o,(e=>e.charCodeAt(0))),name:o,displayName:`Generated User ID: ${o}`},pubKeyCredParams:[{type:"public-key",alg:-7},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},r=await navigator.credentials.create({publicKey:i}),s={authenticatorAttachment:r.authenticatorAttachment,credentialId:r.id,type:r.type,userId:o,attestation:btoa(String.fromCharCode(...new Uint8Array(r.response.attestationObject))),client:btoa(String.fromCharCode(...new Uint8Array(r.response.clientDataJSON)))};n={name:e&&e.name,code:s,type:"WebAuthN"}}try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,n,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"[Authress Login SDK] Failed to register new device",error:e,request:n}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e={backgroundTrigger:!1}){return Date.now()-this.lastSessionCheck<50\|\|p?h:(this.lastSessionCheck=Date.now(),p=!0,h=h.catch((()=>{})).then((async()=>{try{const t=await this.userSessionContinuation(null==e?void 0:e.backgroundTrigger);return p=!1,t}catch(e){throw p=!1,e}})))}async userSessionContinuation(e){const t=new URLSearchParams(r.getCurrentLocation().search);let n={};if("undefined"!=typeof localStorage)try{n=JSON.parse(localStorage.getItem(g)\|\|"{}"),localStorage.removeItem(g),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"[Authress Login SDK] LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if((n.nonce\|\|t.get("iss")&&t.get("iss").includes(this.hostUrl))&&this.sanitizeQueryParameters(),n.nonce&&t.get("code")&&n.nonce===t.get("nonce")){const e="cookie"===t.get("code")?o.parse(document.cookie)["auth-code"]:t.get("code"),i=await a.calculateAntiAbuseHash({client_id:this.applicationId,authenticationRequestId:n.nonce,code:e}),r={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.applicationId,code:e,code_verifier:n.codeVerifier,antiAbuseHash:i};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,r),t=a.decode(e.data.id_token),i=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);return document.cookie=o.serialize("authorization",e.data.access_token\|\|"",{expires:i,path:"/",sameSite:"strict"}),l.set(e.data.id_token,i),d(),!0}catch(e){if(this.logger&&this.logger.log({title:"[Authress Login SDK] Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data\|\|e}}if(r.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(!n.nonce\|\|n.nonce===t.get("nonce"))){const e=a.decode(t.get("id_token")),n=e.exp&&new Date(1e3e.exp)\|\|Number(t.get("expires_in"))&&new Date(Date.now()+1e3Number(t.get("expires_in")));return document.cookie=o.serialize("authorization",t.get("access_token")\|\|"",{expires:n,path:"/",sameSite:"strict"}),l.set(t.get("id_token"),n),d(),!0}if(this.getUserIdentity())return d(),!0;if(!r.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=a.decode(e.data.id_token),n=t.exp&&new Date(1e3t.exp)\|\|e.data.expires_in&&new Date(Date.now()+1e3e.data.expires_in);document.cookie=o.serialize("authorization",e.data.access_token\|\|"",{expires:n,path:"/",sameSite:"strict"}),l.set(e.data.id_token,n)}}catch(e){400===e.status\|\|404===e.status\|\|409===e.status?this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return d(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:n,connectionProperties:o,hint:i}){if(!t&&!n&&!i){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const s=new URLSearchParams(r.getCurrentLocation().search),c=e\|\|s.get("state");if(!c){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=i\|\|n,s=await a.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:e,authenticationRequestId:c}),l=await this.httpClient.patch(`/authentication/${c}`,!0,{antiAbuseHash:s,connectionId:t,tenantLookupIdentifier:e,connectionProperties:o});if(new URL(l.data.authenticationUrl).hostname===r.getCurrentLocation().hostname)return{authenticationUrl:l.data.authenticationUrl};r.assign(l.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const n=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,n)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async linkIdentityWithOneTimeCode({connectionId:e,redirectUrl:t}){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let n;try{n=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:o}=await a.getAuthCodes(),i=await a.calculateAntiAbuseHash({connectionId:e,applicationId:this.applicationId});try{const s=t&&new URL(t).toString()\|\|r.getCurrentLocation().href,a=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${n}`},c=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:i,linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:o,connectionId:e,applicationId:this.applicationId},a);return{authenticationUrl:c.data.authenticationUrl,authenticationRequestId:c.data.authenticationRequestId}}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:n,connectionProperties:o}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let i;try{i=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:s}=await a.getAuthCodes(),c=await a.calculateAntiAbuseHash({connectionId:e,tenantLookupIdentifier:t,applicationId:this.applicationId});try{const a=n&&new URL(n).toString()\|\|r.getCurrentLocation().href,l=this.enableCredentials&&!r.isLocalHost()?{}:{Authorization:`Bearer ${i}`},d=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:c,linkIdentity:!0,redirectUrl:a,codeChallengeMethod:"S256",codeChallenge:s,connectionId:e,tenantLookupIdentifier:t,connectionProperties:o,applicationId:this.applicationId},l);r.assign(d.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticateWithOneTimeCode(e={}){const{serviceClientId:t,inviteId:n,redirectUrl:o,force:i,responseLocation:s,flowType:c,clearUserDataBeforeLogin:d,audiences:u}=e\|\|{};if(s&&"cookie"!==s&&"query"!==s&&"none"!==s){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!t){const e=Error("The Passwordless Service Client ID is required");throw e.code="InvalidInput",e}if(!n&&!i&&await this.userSessionExists()){const n=await this.ensureToken(),o=a.decode(n);if(o&&o.azp&&t!==o.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:o});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:h,codeChallenge:p}=await a.getAuthCodes(),f=await a.calculateAntiAbuseHash({serviceClientId:t,inviteId:n,applicationId:this.applicationId,audiences:u});try{const e=o&&new URL(o).toString()\|\|r.getCurrentLocation().href;!1!==d&&l.clear();const i=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:f,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:p,audiences:u,connectionId:t,inviteId:n,applicationId:this.applicationId,responseLocation:s,flowType:c});return localStorage.setItem(g,JSON.stringify({nonce:i.data.authenticationRequestId,codeVerifier:h,lastConnectionId:t,redirectUrl:e,enableCredentials:i.data.enableCredentials})),{authenticationUrl:i.data.authenticationUrl,authenticationRequestId:i.data.authenticationRequestId}}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:n,inviteId:o,redirectUrl:i,force:s,responseLocation:c,flowType:d,connectionProperties:u,openType:h,multiAccount:p,clearUserDataBeforeLogin:f,audiences:m}=e\|\|{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!o&&!s&&!p&&await this.userSessionExists()){const n=await this.ensureToken(),o=a.decode(n);if(t&&o&&o.azp&&t!==o.azp){this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Authentication blocked because the user is already logged in, and the requested authentication parameters do not match the original session.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:o});const t=Error('Authentication requested for user that is already logged in, but the connectionId specified does not match their existing session.\n Recommended Options:\n (1) If the goal is to force them to log in with this new connection and ignore their existing session, use the "force" flag.\n (2) If the goal is link their current identity with a new from the new connection, use the linkIdentity() method.\n (3) If the goal is skip log in if they are already logged in or force log in with the connectionId, first check if userSessionExists() and then only if "false", call authenticate().');throw t.code="AuthenticationConstraintContention",t}return null}const{codeVerifier:w,codeChallenge:y}=await a.getAuthCodes(),k=await a.calculateAntiAbuseHash({connectionId:t,tenantLookupIdentifier:n,inviteId:o,applicationId:this.applicationId,audiences:m});try{const e=i&&new URL(i).toString()\|\|r.getCurrentLocation().href;!1!==f&&l.clear();const s=await this.httpClient.post("/authentication",this.enableCredentials,{antiAbuseHash:k,redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:y,audiences:m,connectionId:t,tenantLookupIdentifier:n,inviteId:o,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:d,multiAccount:p});if(localStorage.setItem(g,JSON.stringify({nonce:s.data.authenticationRequestId,codeVerifier:w,lastConnectionId:t,tenantLookupIdentifier:n,redirectUrl:e,enableCredentials:s.data.enableCredentials,multiAccount:p})),!s.data.authenticationUrl\|\|new URL(s.data.authenticationUrl).hostname===r.getCurrentLocation().hostname)return{authenticationUrl:s.data.authenticationUrl,authenticationRequestId:s.data.authenticationRequestId};if("tab"===h){const e=r.open(s.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed\|\|r.assign(s.data.authenticationUrl)}else r.assign(s.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title\|\|e.data.errorCode)\|\|e.data\|\|"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data\|\|e}return await new Promise((e=>setTimeout(e,5e3))),null}async ensureToken(e){if(e&&0===e.timeoutInMillis){if(!this.getUserIdentity()){const e=Error("No token available because the user is not logged in.");throw e.code="TokenTimeout",e}const t=l.getAuthorizationTokens(),n=t.find((t=>{try{const n=a.decode(t);return(null==n?void 0:n.iss)===this.hostUrl\|\|(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because the issuer does not match the library configured value.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:n}),!1)}catch(n){return this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because it is no longer a valid token.",requestedAuthenticationOptions:e,currentAuthenticationSessionDataToken:t,error:n}),!1}}));return n\|\|(t.length?(this.logger&&this.logger.error&&this.logger.log({title:"[Authress Login SDK] No matching issuer token found, returning the first valid token instead."}),t[0]):(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] HttpOnly access token configuration has blocked the returning of a valid token. The application specified in the Authress LoginClient constructor has been configured to block returning access tokens via the enableAccessToToken property. To use the loginClient.ensureToken() method in production, please set the enableAccessToToken to true. Note: This setting does not affect localhost.",options:e}),null))}await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e\|\|{}),n=this.waitForUserSession(),o=-1===t.timeoutInMillis\|\|t.timeoutInMillis>231-1?231-1:t.timeoutInMillis,i=new Promise(((e,t)=>setTimeout(t,o\|\|0)));try{await Promise.race([n,i])}catch(e){const t=Error("No token available because the user is still not logged in and the timeout has been exceeded. If you are seeing this error, it is because you have called ensureToken() without first validating that the user is logged. Review the route guards and checks for user sessions in your source code. ensureToken() should only ever be called after you have verified that the user is logged in.");throw t.code="TokenTimeout",t}const r=l.getAuthorizationTokens(),s=r.find((t=>{try{const n=a.decode(t);return(null==n?void 0:n.iss)===this.hostUrl\|\|(this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because the issuer does not match the library configured value.",requestedAuthenticationOptions:e,currentAuthenticationSessionData:n}),!1)}catch(n){return this.logger&&this.logger.log&&this.logger.log({title:"[Authress Login SDK] Skipping stored authorization cookie because it is no longer a valid token.",requestedAuthenticationOptions:e,currentAuthenticationSessionDataToken:t,error:n}),!1}}));if(s)return s;if(r.length)return this.logger&&this.logger.error&&this.logger.log({title:"[Authress Login SDK] No matching issuer token found, returning the first valid token instead."}),r[0];return this.getUserIdentity()?(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] Your Authress Application access token configuration has blocked the returning of a valid token because the setting HttpOnly has been enabled. The application specified in the Authress LoginClient constructor has been configured to block returning access tokens via the enableAccessToToken property. To use the loginClient.ensureToken() method in production, please set the enableAccessToToken to true. (LocalHost Note: This setting does not affect localhost development, and you may still see ensureToken work successfully during development, but fail with this error in production. This is because HttpOnly does not work for LocalHost)",options:e}),null):(this.logger&&this.logger.error&&this.logger.error({title:"[Authress Login SDK] User completed login but the user identity still does not exist. This happened because there is a race condition in your code and why waiting for ensureToken() to complete, the user was logged out. Returning null."}),null)}async logout(e){let t;if(e)try{new URL(e),t=e}catch(n){try{t=new URL(e,r.getCurrentLocation().href).toString()}catch(t){const n=Error(`The logout redirect url is not valid URL: ${e}`);throw n.code="InvalidRedirectUrl",n}}if(l.clear(),this.sanitizeQueryParameters(),u=new Promise((e=>d=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),this.lastSessionCheck=0,void(e&&e!==r.getCurrentLocation().href&&r.assign(e))}catch(e){}const n=new URL("/logout",this.hostUrl);n.searchParams.set("redirect_uri",t\|\|r.getCurrentLocation().href),n.searchParams.set("client_id",this.applicationId),r.assign(n.toString()),this.lastSessionCheck=0,await new Promise((e=>setTimeout(e,500)))}sanitizeQueryParameters(){const e=new URL(r.getCurrentLocation());e.searchParams.delete("iss"),e.searchParams.delete("nonce"),e.searchParams.delete("code"),e.searchParams.delete("expires_in"),e.searchParams.delete("access_token"),e.searchParams.delete("id_token"),history.replaceState({},void 0,e.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var n={},i=e.length;if(i<2)return n;var r=t&&t.decode\|\|d,s=0,a=0,h=0;do{if(-1===(a=e.indexOf("=",s)))break;if(-1===(h=e.indexOf(";",s)))h=i;else if(a>h){s=e.lastIndexOf(";",a-1)+1;continue}var p=c(e,s,a),g=l(e,a,p),f=e.slice(p,g);if(!o.call(n,f)){var m=c(e,a+1,h),w=l(e,h,m);34===e.charCodeAt(m)&&34===e.charCodeAt(w-1)&&(m++,w--);var y=e.slice(m,w);n[f]=u(y,r)}s=h+1}while(s<i);return n},t.serialize=function(e,t,o){var c=o&&o.encode\|\|encodeURIComponent;if("function"!=typeof c)throw new TypeError("option encode is invalid");if(!i.test(e))throw new TypeError("argument name is invalid");var l=c(t);if(!r.test(l))throw new TypeError("argument val is invalid");var d=e+"="+l;if(!o)return d;if(null!=o.maxAge){var u=Math.floor(o.maxAge);if(!isFinite(u))throw new TypeError("option maxAge is invalid");d+="; Max-Age="+u}if(o.domain){if(!s.test(o.domain))throw new TypeError("option domain is invalid");d+="; Domain="+o.domain}if(o.path){if(!a.test(o.path))throw new TypeError("option path is invalid");d+="; Path="+o.path}if(o.expires){var h=o.expires;if(!function(e){return"[object Date]"===n.call(e)}(h)\|\|isNaN(h.valueOf()))throw new TypeError("option expires is invalid");d+="; Expires="+h.toUTCString()}o.httpOnly&&(d+="; HttpOnly");o.secure&&(d+="; Secure");o.partitioned&&(d+="; Partitioned");if(o.priority){switch("string"==typeof o.priority?o.priority.toLowerCase():o.priority){case"low":d+="; Priority=Low";break;case"medium":d+="; Priority=Medium";break;case"high":d+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(o.sameSite){switch("string"==typeof o.sameSite?o.sameSite.toLowerCase():o.sameSite){case!0:d+="; SameSite=Strict";break;case"lax":d+="; SameSite=Lax";break;case"strict":d+="; SameSite=Strict";break;case"none":d+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return d};var n=Object.prototype.toString,o=Object.prototype.hasOwnProperty,i=/^[!#$%&'+\-.^_`\|~0-9A-Za-z]+$/,r=/^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u005D-\u007E]\1$/,s=/^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)$/i,a=/^[\u0020-\u003A\u003D-\u007E]$/;function c(e,t,n){do{var o=e.charCodeAt(t);if(32!==o&&9!==o)return t}while(++t<n);return n}function l(e,t,n){for(;t>n;){var o=e.charCodeAt(--t);if(32!==o&&9!==o)return t+1}return n}function d(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function u(e,t){try{return t(e)}catch(t){return e}}},568:(e,t,n)=>{const o=n(836),{sanitizeUrl:i}=n(332),r=n(629),s="ExtensionRequestNonce";let a=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=i(e),this.accessToken=null,r.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await o.decode(this.accessToken);return e?1e3e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(a)return a=a.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),a=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code\|\|new URLSearchParams(r.getCurrentLocation().search).get("code");if(!t){if(!e\|\|!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const n=new URL(this.authressCustomDomain);n.pathname="/api/authentication/oauth/tokens";const{codeVerifier:o,redirectUrl:i}=JSON.parse(localStorage.getItem(s)\|\|"{}"),a=await fetch(n.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:o,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:i})}),c=await a.json();this.accessToken=c.access_token;const l=new URL(r.getCurrentLocation());return l.searchParams.delete("code"),l.searchParams.delete("iss"),l.searchParams.delete("nonce"),l.searchParams.delete("expires_in"),l.searchParams.delete("access_token"),l.searchParams.delete("id_token"),history.replaceState({},void 0,l.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const n=await this.requestToken({silent:!0});if(n)return n;const i=new URL(this.authressCustomDomain),{codeVerifier:a,codeChallenge:c}=o.getAuthCodes(),l=e\|\|r.getCurrentLocation().href;return localStorage.setItem(s,JSON.stringify({codeVerifier:a,redirectUrl:l})),i.searchParams.set("client_id",this.extensionId),i.searchParams.set("code_challenge",c),i.searchParams.set("code_challenge_method","S256"),i.searchParams.set("redirect_uri",l),r.assign(i.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname\|\|"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)\|\|new URL("http://localhost:8080")}getDocument(){return"undefined"==typeof window\|\|"undefined"==typeof document?null:document}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},836:(e,t,n)=>{const o=n(878);e.exports=new class{decode(e){var t;return e?null===(t=this.decodeFull(e))\|\|void 0===t?void 0:t.payload:null}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;let t=null;try{t=JSON.parse(o.decode(e.split(".")[0]))}catch(e){}try{const n=JSON.parse(o.decode(e.split(".")[1]));return n.exp&&(n.exp=n.exp-10),{header:t,payload:n}}catch(e){return null}}async getAuthCodes(){const e=o.encode((window.crypto\|\|window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:o.encode(t)}}async calculateAntiAbuseHash(e){const t=Date.now(),n=Object.values(e).filter((e=>e)).join("\|");let i=0,r=null;for(;++i&&(r=o.encode(await(window.crypto\|\|window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(`${t};${i};${n}`))),!r.match(/^00/)););return`v2;${t};${i};${r}`}}},878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function n(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),n).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}}},o={};function i(e){var t=o[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var r=o[e]={exports:{}};try{var s={id:e,module:r,factory:n[e],require:i};i.i.forEach((function(e){e(s)})),r=s.module,s.factory.call(r.exports,r,r.exports,s.require)}catch(e){throw r.error=e,e}return r.exports}return i.m=n,i.c=o,i.i=[],i.hu=e=>e+"."+i.h()+".hot-update.js",i.hmrF=()=>"main."+i.h()+".hot-update.json",i.h=()=>"42f9aeaf5c0172d4442f",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",i.l=(n,o,r,s)=>{if(e[n])e[n].push(o);else{var a,c;if(void 0!==r)for(var l=document.getElementsByTagName("script"),d=0;d<l.length;d++){var u=l[d];if(u.getAttribute("src")==n\|\|u.getAttribute("data-webpack")==t+r){a=u;break}}a\|\|(c=!0,(a=document.createElement("script")).charset="utf-8",a.timeout=120,i.nc&&a.setAttribute("nonce",i.nc),a.setAttribute("data-webpack",t+r),a.src=n),e[n]=[o];var h=(t,o)=>{a.onerror=a.onload=null,clearTimeout(p);var i=e[n];if(delete e[n],a.parentNode&&a.parentNode.removeChild(a),i&&i.forEach((e=>e(o))),t)return t(o)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:a}),12e4);a.onerror=h.bind(null,a.onerror),a.onload=h.bind(null,a.onload),c&&document.head.appendChild(a)}},(()=>{var e,t,n,o={},r=i.c,s=[],a=[],c="idle",l=0,d=[];function u(e){c=e;for(var t=[],n=0;n<a.length;n++)t[n]=a[n].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--l&&u("ready").then((function(){if(0===l){var e=d;d=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(i.hmrM).then((function(n){return n?u("prepare").then((function(){var o=[];return t=[],Promise.all(Object.keys(i.hmrC).reduce((function(e,r){return i.hmrC[r](n.c,n.r,n.m,e,t,o),e}),[])).then((function(){return t=function(){return e?f(e):u("ready").then((function(){return o}))},0===l?t():new Promise((function(e){d.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function g(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):f(e)}function f(e){e=e\|\|{},m();var o=t.map((function(t){return t(e)}));t=void 0;var i=o.map((function(e){return e.error})).filter(Boolean);if(i.length>0)return u("abort").then((function(){throw i[0]}));var r=u("dispose");o.forEach((function(e){e.dispose&&e.dispose()}));var s,a=u("apply"),c=function(e){s\|\|(s=e)},l=[];return o.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var n=0;n<t.length;n++)l.push(t[n])}})),Promise.all([r,a]).then((function(){return s?u("fail").then((function(){throw s})):n?f(e).then((function(e){return l.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return l}))}))}function m(){if(n)return t\|\|(t=[]),Object.keys(i.hmrI).forEach((function(e){n.forEach((function(n){i.hmrI[e](n,t)}))})),n=void 0,!0}i.hmrD=o,i.i.push((function(d){var f,m,w,y,k=d.module,v=function(t,n){var o=r[n];if(!o)return t;var i=function(i){if(o.hot.active){if(r[i]){var a=r[i].parents;-1===a.indexOf(n)&&a.push(n)}else s=[n],e=i;-1===o.children.indexOf(i)&&o.children.push(i)}else console.warn("[HMR] unexpected require("+i+") from disposed module "+n),s=[];return t(i)},a=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(n){t[e]=n}}};for(var d in t)Object.prototype.hasOwnProperty.call(t,d)&&"e"!==d&&Object.defineProperty(i,d,a(d));return i.e=function(e,n){return function(e){switch(c){case"ready":u("prepare");case"prepare":return l++,e.then(h,h),e;default:return e}}(t.e(e,n))},i}(d.require,d.id);k.hot=(f=d.id,m=k,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==f,_requireSelf:function(){s=m.parents.slice(),e=w?void 0:f,i(f)},active:!0,accept:function(e,t,n){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var o=0;o<e.length;o++)y._acceptedDependencies[e[o]]=t\|\|function(){},y._acceptedErrorHandlers[e[o]]=n;else y._acceptedDependencies[e]=t\|\|function(){},y._acceptedErrorHandlers[e]=n},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(i.hmrI).forEach((function(e){i.hmrI[e](f,t)})),u("ready");break;case"ready":Object.keys(i.hmrI).forEach((function(e){i.hmrI[e](f,t)}));break;case"prepare":case"check":case"dispose":case"apply":(n=n\|\|[]).push(f)}},check:p,apply:g,status:function(e){if(!e)return c;a.push(e)},addStatusHandler:function(e){a.push(e)},removeStatusHandler:function(e){var t=a.indexOf(e);t>=0&&a.splice(t,1)},data:o[f]},e=void 0,y),k.parents=s,k.children=[],s=[],d.require=v})),i.hmrC={},i.hmrI={}})(),i.p="",(()=>{var e,t,n,o,r,s=i.hmrS_jsonp=i.hmrS_jsonp\|\|{792:0},a={};function c(t,n){return e=n,new Promise(((e,n)=>{a[t]=e;var o=i.p+i.hu(t),r=new Error;i.l(o,(e=>{if(a[t]){a[t]=void 0;var o=e&&("load"===e.type?"missing":e.type),i=e&&e.target&&e.target.src;r.message="Loading hot update chunk "+t+" failed.\n("+o+": "+i+")",r.name="ChunkLoadError",r.type=o,r.request=i,n(r)}}))}))}function l(e){function a(e){for(var t=[e],n={},o=t.map((function(e){return{chain:[e],id:e}}));o.length>0;){var r=o.pop(),s=r.id,a=r.chain,l=i.c[s];if(l&&(!l.hot._selfAccepted\|\|l.hot._selfInvalidated)){if(l.hot._selfDeclined)return{type:"self-declined",chain:a,moduleId:s};if(l.hot._main)return{type:"unaccepted",chain:a,moduleId:s};for(var d=0;d<l.parents.length;d++){var u=l.parents[d],h=i.c[u];if(h){if(h.hot._declinedDependencies[s])return{type:"declined",chain:a.concat([u]),moduleId:s,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[s]?(n[u]\|\|(n[u]=[]),c(n[u],[s])):(delete n[u],t.push(u),o.push({chain:a.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:n}}function c(e,t){for(var n=0;n<t.length;n++){var o=t[n];-1===e.indexOf(o)&&e.push(o)}}i.f&&delete i.f.jsonpHmr,t=void 0;var l={},d=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in n)if(i.o(n,p)){var g=n[p],f=g?a(p):{type:"disposed",moduleId:p},m=!1,w=!1,y=!1,k="";switch(f.chain&&(k="\nUpdate propagation: "+f.chain.join(" -> ")),f.type){case"self-declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined\|\|(m=new Error("Aborted because of self decline: "+f.moduleId+k));break;case"declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined\|\|(m=new Error("Aborted because of declined dependency: "+f.moduleId+" in "+f.parentId+k));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(f),e.ignoreUnaccepted\|\|(m=new Error("Aborted because "+p+" is not accepted"+k));break;case"accepted":e.onAccepted&&e.onAccepted(f),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(f),y=!0;break;default:throw new Error("Unexception type "+f.type)}if(m)return{error:m};if(w)for(p in u[p]=g,c(d,f.outdatedModules),f.outdatedDependencies)i.o(f.outdatedDependencies,p)&&(l[p]\|\|(l[p]=[]),c(l[p],f.outdatedDependencies[p]));y&&(c(d,[f.moduleId]),u[p]=h)}n=void 0;for(var v,b=[],C=0;C<d.length;C++){var I=d[C],A=i.c[I];A&&(A.hot._selfAccepted\|\|A.hot._main)&&u[I]!==h&&!A.hot._selfInvalidated&&b.push({module:I,require:A.hot._requireSelf,errorHandler:A.hot._selfAccepted})}return{dispose:function(){var e;o.forEach((function(e){delete s[e]})),o=void 0;for(var t,n=d.slice();n.length>0;){var r=n.pop(),a=i.c[r];if(a){var c={},u=a.hot._disposeHandlers;for(C=0;C<u.length;C++)u[C].call(null,c);for(i.hmrD[r]=c,a.hot.active=!1,delete i.c[r],delete l[r],C=0;C<a.children.length;C++){var h=i.c[a.children[C]];h&&((e=h.parents.indexOf(r))>=0&&h.parents.splice(e,1))}}}for(var p in l)if(i.o(l,p)&&(a=i.c[p]))for(v=l[p],C=0;C<v.length;C++)t=v[C],(e=a.children.indexOf(t))>=0&&a.children.splice(e,1)},apply:function(t){for(var n in u)i.o(u,n)&&(i.m[n]=u[n]);for(var o=0;o<r.length;o++)r[o](i);for(var s in l)if(i.o(l,s)){var a=i.c[s];if(a){v=l[s];for(var c=[],h=[],p=[],g=0;g<v.length;g++){var f=v[g],m=a.hot._acceptedDependencies[f],w=a.hot._acceptedErrorHandlers[f];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(f)}}for(var y=0;y<c.length;y++)try{c[y].call(null,v)}catch(n){if("function"==typeof h[y])try{h[y](n,{moduleId:s,dependencyId:p[y]})}catch(o){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:s,dependencyId:p[y],error:o,originalError:n}),e.ignoreErrored\|\|(t(o),t(n))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:s,dependencyId:p[y],error:n}),e.ignoreErrored\|\|t(n)}}}for(var k=0;k<b.length;k++){var C=b[k],I=C.module;try{C.require(I)}catch(n){if("function"==typeof C.errorHandler)try{C.errorHandler(n,{moduleId:I,module:i.c[I]})}catch(o){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:o,originalError:n}),e.ignoreErrored\|\|(t(o),t(n))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:n}),e.ignoreErrored\|\|t(n)}}return d}}}this.webpackHotUpdateauthress=(t,o,s)=>{for(var c in o)i.o(o,c)&&(n[c]=o[c],e&&e.push(c));s&&r.push(s),a[t]&&(a[t](),a[t]=void 0)},i.hmrI.jsonp=function(e,t){n\|\|(n={},r=[],o=[],t.push(l)),i.o(n,e)\|\|(n[e]=i.m[e])},i.hmrC.jsonp=function(e,a,d,u,h,p){h.push(l),t={},o=a,n=d.reduce((function(e,t){return e[t]=!1,e}),{}),r=[],e.forEach((function(e){i.o(s,e)&&void 0!==s[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),i.f&&(i.f.jsonpHmr=function(e,n){t&&i.o(t,e)&&!t[e]&&(n.push(c(e)),t[e]=!0)})},i.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(i.p+i.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),i(354)})()));

Context Navigation

Legend:

Download in other formats: