diff --git a/CHANGELOG.md b/CHANGELOG.md
index b94eba8d..3400710d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,37 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [20.0.0] - 2024-04-03
+
+### Breaking changes
+
+The `shouldDoInterceptionBasedOnUrl` function now returns true: 
+- If `sessionTokenBackendDomain` is a valid subdomain of the URL's domain. This aligns with the behavior of browsers when sending cookies to subdomains.
+- Even if the ports of the URL you are querying are different compared to the `apiDomain`'s port ot the `sessionTokenBackendDomain` port (as long as the hostname is the same, or a subdomain of the `sessionTokenBackendDomain`): https://github.com/supertokens/supertokens-website/issues/217
+
+
+**Before:**
+
+  ```javascript
+    shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "api.example.com") // false
+    shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".api.example.com") // true
+    shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "example.com") // false
+    shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".example.com") // true
+    shouldDoInterceptionBasedOnUrl("https://api.example.com", "", ".example.com:8080") // false
+    shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://example.com:8080") // false
+  ```
+
+**After:**
+  
+  ```javascript
+    shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "api.example.com") // true
+    shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".api.example.com") // true
+    shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "example.com") // true
+    shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".example.com") // true
+    shouldDoInterceptionBasedOnUrl("https://api.example.com", "", ".example.com:8080") // true
+    shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://example.com:8080") // true
+  ```
+
 ## [19.0.1] - 2024-03-18
 - Fixes test server
 
diff --git a/bundle/bundle.js b/bundle/bundle.js
index c9aaac84..09ebbe9b 100644
--- a/bundle/bundle.js
+++ b/bundle/bundle.js
@@ -1 +1 @@
-var supertokens;(()=>{"use strict";var e={759:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.responseErrorInterceptor=t.responseInterceptor=t.interceptorFunctionRequestFulfilled=void 0;var i=n(600),a=n(379),u=n(743),c=n(958),l=n(845);function d(e){var t=void 0===e.url?"":e.url,n=e.baseURL;return void 0!==n&&(t="/"===t.charAt(0)&&"/"===n.charAt(n.length-1)?n+t.substr(1):"/"!==t.charAt(0)&&"/"!==n.charAt(n.length-1)?n+"/"+t:n+t),t}t.interceptorFunctionRequestFulfilled=function(e){return o(this,void 0,void 0,(function(){var t,n,o,i,f,h;return s(this,(function(s){switch(s.label){case 0:(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: started axios interception"),t=d(e),n=!1;try{n="string"==typeof t&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(t,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Trying shouldDoInterceptionBasedOnUrl with location.origin"),n=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)}return(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Value of doNotDoInterception: "+n),n?((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Returning config unchanged"),[2,e]):((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Modifying config"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),[4,(0,a.getLocalSessionState)(!0)]);case 1:return o=s.sent(),i=e,"EXISTS"!==o.status?[3,3]:[4,a.AntiCsrfToken.getToken(o.lastAccessTokenUpdate)];case 2:void 0!==(f=s.sent())&&((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding anti-csrf token to request"),i=r(r({},i),{headers:void 0===i?{"anti-csrf":f}:r(r({},i.headers),{"anti-csrf":f})})),s.label=3;case 3:return a.default.config.autoAddCredentials&&void 0===i.withCredentials&&((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding credentials include"),i=r(r({},i),{withCredentials:!0})),(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding rid header: anti-csrf (it may be overriden by the user's provided rid)"),i=r(r({},i),{headers:void 0===i?{rid:"anti-csrf"}:r({rid:"anti-csrf"},i.headers)}),h=a.default.config.tokenTransferMethod,(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding st-auth-mode header: "+h),i.headers["st-auth-mode"]=h,[4,p(i)];case 4:return[4,g(i=s.sent())];case 5:return s.sent(),(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: returning modified config"),[2,i]}}))}))},t.responseInterceptor=function(e){var t=this;return function(n){return o(t,void 0,void 0,(function(){var t,r,o,i,g;return s(this,(function(s){switch(s.label){case 0:t=!1,s.label=1;case 1:if(s.trys.push([1,,8,14]),!a.default.initCalled)throw new Error("init function not called");(0,l.logDebugMessage)("responseInterceptor: started"),(0,l.logDebugMessage)("responseInterceptor: already intercepted: "+n.headers["x-supertokens-xhr-intercepted"]),r=d(n.config);try{t="string"==typeof r&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(r,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)||!!n.headers["x-supertokens-xhr-intercepted"]}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("responseInterceptor: Trying shouldDoInterceptionBasedOnUrl with location.origin"),t=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)||!!n.headers["x-supertokens-xhr-intercepted"]}return(0,l.logDebugMessage)("responseInterceptor: Value of doNotDoInterception: "+t),t?((0,l.logDebugMessage)("responseInterceptor: Returning without interception"),[2,n]):((0,l.logDebugMessage)("responseInterceptor: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_RESPONSE),[4,(0,a.getLocalSessionState)(!1)]);case 2:return o=s.sent(),[4,h(n)];case 3:return s.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===o.status,n.status,n.headers["front-token"]),n.status!==a.default.config.sessionExpiredStatusCode?[3,4]:((0,l.logDebugMessage)("responseInterceptor: Status code is: "+n.status),i=n.config,[2,f.doRequest((function(t){return e(t)}),i,r,n,void 0,!0)]);case 4:return n.status!==a.default.config.invalidClaimStatusCode?[3,6]:[4,(0,a.onInvalidClaimResponse)(n)];case 5:s.sent(),s.label=6;case 6:return[2,n];case 7:return[3,14];case 8:return(g=!t)?[4,(0,a.getLocalSessionState)(!0)]:[3,10];case 9:g=!("EXISTS"===s.sent().status),s.label=10;case 10:return g?((0,l.logDebugMessage)("responseInterceptor: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,a.AntiCsrfToken.removeToken()]):[3,13];case 11:return s.sent(),[4,a.FrontToken.removeToken()];case 12:s.sent(),s.label=13;case 13:return[7];case 14:return[2]}}))}))}},t.responseErrorInterceptor=function(e){var t=this;return function(n){return o(t,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:if((0,l.logDebugMessage)("responseErrorInterceptor: called"),(0,l.logDebugMessage)("responseErrorInterceptor: already intercepted: "+(n.response&&n.response.headers["x-supertokens-xhr-intercepted"])),n.response.headers["x-supertokens-xhr-intercepted"])throw n;return void 0===n.response||n.response.status!==a.default.config.sessionExpiredStatusCode?[3,1]:((0,l.logDebugMessage)("responseErrorInterceptor: Status code is: "+n.response.status),t=n.config,[2,f.doRequest((function(t){return e(t)}),t,d(t),void 0,n,!0)]);case 1:return void 0===n.response||n.response.status!==a.default.config.invalidClaimStatusCode?[3,3]:[4,(0,a.onInvalidClaimResponse)(n.response)];case 2:r.sent(),r.label=3;case 3:throw n}}))}))}};var f=function(){function e(){}var t;return t=e,e.doRequest=function(e,n,u,d,f,v){return void 0===v&&(v=!1),o(void 0,void 0,void 0,(function(){var o,b,m,w,k,S,y,T,I,R,D,E,x,M;return s(t,(function(t){switch(t.label){case 0:if(!a.default.initCalled)throw Error("init function not called");(0,l.logDebugMessage)("doRequest: called"),o=!1;try{o="string"==typeof u&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(u,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)&&v}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("doRequest: Trying shouldDoInterceptionBasedOnUrl with location.origin"),o=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)&&v}if((0,l.logDebugMessage)("doRequest: Value of doNotDoInterception: "+o),!o)return[3,2];if((0,l.logDebugMessage)("doRequest: Returning without interception"),void 0!==f)throw f;return void 0!==d?[2,d]:[4,e(n)];case 1:return[2,t.sent()];case 2:return(0,l.logDebugMessage)("doRequest: Interception started"),[4,p(n)];case 3:n=t.sent(),t.label=4;case 4:t.trys.push([4,,40,45]),b=void 0,t.label=5;case 5:return[4,(0,a.getLocalSessionState)(!0)];case 6:return m=t.sent(),w=n,"EXISTS"!==m.status?[3,8]:[4,a.AntiCsrfToken.getToken(m.lastAccessTokenUpdate)];case 7:void 0!==(k=t.sent())&&((0,l.logDebugMessage)("doRequest: Adding anti-csrf token to request"),w=r(r({},w),{headers:void 0===w?{"anti-csrf":k}:r(r({},w.headers),{"anti-csrf":k})})),t.label=8;case 8:return a.default.config.autoAddCredentials&&void 0===w.withCredentials&&((0,l.logDebugMessage)("doRequest: Adding credentials include"),w=r(r({},w),{withCredentials:!0})),(0,l.logDebugMessage)("doRequest: Adding rid header: anti-csrf (May get overriden by user's rid)"),w=r(r({},w),{headers:void 0===w?{rid:"anti-csrf"}:r({rid:"anti-csrf"},w.headers)}),S=a.default.config.tokenTransferMethod,(0,l.logDebugMessage)("doRequest: Adding st-auth-mode header: "+S),w.headers["st-auth-mode"]=S,[4,g(w)];case 9:t.sent(),t.label=10;case 10:if(t.trys.push([10,25,,38]),y=f,T=d,f=void 0,d=void 0,void 0!==y)throw(0,l.logDebugMessage)("doRequest: Not making call because localPrevError is not undefined"),y;return void 0!==T?(0,l.logDebugMessage)("doRequest: Not making call because localPrevResponse is not undefined"):(0,l.logDebugMessage)("doRequest: Making user's http call"),void 0!==T?[3,12]:[4,e(w)];case 11:return I=t.sent(),[3,13];case 12:I=T,t.label=13;case 13:return E=I,(0,l.logDebugMessage)("doRequest: User's http call ended"),[4,h(E)];case 14:return t.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===m.status,E.status,E.headers["front-token"]),E.status!==a.default.config.sessionExpiredStatusCode?[3,21]:((0,l.logDebugMessage)("doRequest: Status code is: "+E.status),[4,(0,a.onUnauthorisedResponse)(m)]);case 15:return"RETRY"===(x=t.sent()).result?[3,20]:((0,l.logDebugMessage)("doRequest: Not retrying original request"),x.error?[4,(0,i.createAxiosErrorFromFetchResp)(x.error)]:[3,17]);case 16:return R=t.sent(),[3,19];case 17:return[4,(0,i.createAxiosErrorFromAxiosResp)(E)];case 18:R=t.sent(),t.label=19;case 19:return b=R,[3,39];case 20:return(0,l.logDebugMessage)("doRequest: Retrying original request"),[3,24];case 21:return E.status!==a.default.config.invalidClaimStatusCode?[3,23]:[4,(0,a.onInvalidClaimResponse)(E)];case 22:t.sent(),t.label=23;case 23:return[2,E];case 24:return[3,38];case 25:return D=t.sent(),void 0===(E=D.response)?[3,36]:[4,h(E)];case 26:return t.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===m.status,E.status,E.headers["front-token"]),E.status!==a.default.config.sessionExpiredStatusCode?[3,32]:((0,l.logDebugMessage)("doRequest: Status code is: "+E.status),[4,(0,a.onUnauthorisedResponse)(m)]);case 27:return"RETRY"===(x=t.sent()).result?[3,31]:((0,l.logDebugMessage)("doRequest: Not retrying original request"),void 0===x.error?[3,29]:[4,(0,i.createAxiosErrorFromFetchResp)(x.error)]);case 28:return M=t.sent(),[3,30];case 29:M=D,t.label=30;case 30:return b=M,[3,39];case 31:return(0,l.logDebugMessage)("doRequest: Retrying original request"),[3,35];case 32:return E.status!==a.default.config.invalidClaimStatusCode?[3,34]:[4,(0,a.onInvalidClaimResponse)(E)];case 33:t.sent(),t.label=34;case 34:throw D;case 35:return[3,37];case 36:throw D;case 37:return[3,38];case 38:return[3,5];case 39:throw b;case 40:return[4,(0,a.getLocalSessionState)(!1)];case 41:return"NOT_EXISTS"!==t.sent().status?[3,44]:((0,l.logDebugMessage)("doRequest: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,a.AntiCsrfToken.removeToken()]);case 42:return t.sent(),[4,a.FrontToken.removeToken()];case 43:t.sent(),t.label=44;case 44:return[7];case 45:return[2]}}))}))},e}();function g(e){return o(this,void 0,void 0,(function(){var t,n;return s(this,(function(o){switch(o.label){case 0:return void 0===e.headers&&(e.headers={}),(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: adding existing tokens as header"),[4,(0,a.getTokenForHeaderAuth)("access")];case 1:return t=o.sent(),[4,(0,a.getTokenForHeaderAuth)("refresh")];case 2:return n=o.sent(),void 0!==t&&void 0!==n?void 0!==e.headers.Authorization||void 0!==e.headers.authorization?(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):((0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.headers=r(r({},e.headers),{Authorization:"Bearer ".concat(t)}),e.__supertokensAddedAuthHeader=!0):(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"),[2]}}))}))}function h(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,u;return s(this,(function(s){switch(s.label){case 0:return(0,l.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response"),void 0===(t=e.headers["st-refresh-token"])?[3,2]:((0,l.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,(0,a.setToken)("refresh",t)]);case 1:s.sent(),s.label=2;case 2:return void 0===(n=e.headers["st-access-token"])?[3,4]:((0,l.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,(0,a.setToken)("access",n)]);case 3:s.sent(),s.label=4;case 4:return void 0===(r=e.headers["front-token"])?[3,6]:((0,l.logDebugMessage)("doRequest: Setting sFrontToken: "+r),[4,a.FrontToken.setItem(r)]);case 5:s.sent(),o=new Headers,Object.entries(e.headers).forEach((function(e){var t=e[0],n=e[1];Array.isArray(n)?n.forEach((function(e){return o.append(t,e)})):o.append(t,n)})),(0,a.updateClockSkewUsingFrontToken)({frontToken:r,responseHeaders:o}),s.label=6;case 6:return void 0===(i=e.headers["anti-csrf"])?[3,9]:[4,(0,a.getLocalSessionState)(!0)];case 7:return"EXISTS"!==(u=s.sent()).status?[3,9]:((0,l.logDebugMessage)("doRequest: Setting anti-csrf token"),[4,a.AntiCsrfToken.setItem(u.lastAccessTokenUpdate,i)]);case 8:s.sent(),s.label=9;case 9:return[2]}}))}))}function p(e){return o(this,void 0,void 0,(function(){var t,n,o,i;return s(this,(function(s){switch(s.label){case 0:return[4,(0,a.getTokenForHeaderAuth)("access")];case 1:return t=s.sent(),[4,(0,a.getTokenForHeaderAuth)("refresh")];case 2:return n=s.sent(),o=e.headers.Authorization||e.headers.authorization,void 0===t||void 0===n||o!=="Bearer ".concat(t)&&!("__supertokensAddedAuthHeader"in e)?[2,e]:((0,l.logDebugMessage)("removeAuthHeaderIfMatchesLocalToken: Removing Authorization from user provided headers because it contains our access token"),delete(i=r(r({},e),{headers:r({},e.headers)})).headers.authorization,delete i.headers.Authorization,[2,i])}}))}))}t.default=f},600:function(e,t){var n=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},r=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};function o(e,t,n,r,o){return e.config=t,n&&(e.code=n),e.request=r,e.response=o,e.isAxiosError=!0,e.toJSON=function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:this.config,code:this.code}},e}Object.defineProperty(t,"__esModule",{value:!0}),t.createAxiosErrorFromAxiosResp=t.createAxiosErrorFromFetchResp=void 0,t.createAxiosErrorFromFetchResp=function(e){return n(this,void 0,void 0,(function(){var t,n,s,i;return r(this,(function(r){switch(r.label){case 0:if(t={url:e.url,headers:e.headers},null!==(n=e.headers.get("content-type")))return[3,5];r.label=1;case 1:return r.trys.push([1,3,,4]),[4,e.text()];case 2:return s=r.sent(),[3,4];case 3:return r.sent(),s="",[3,4];case 4:return[3,11];case 5:return n.includes("application/json")?[4,e.json()]:[3,7];case 6:return s=r.sent(),[3,11];case 7:return n.includes("text/")?[4,e.text()]:[3,9];case 8:return s=r.sent(),[3,11];case 9:return[4,e.blob()];case 10:s=r.sent(),r.label=11;case 11:return i={data:s,status:e.status,statusText:e.statusText,headers:e.headers,config:t,request:void 0},[2,o(new Error("Request failed with status code "+e.status),t,void 0,void 0,i)]}}))}))},t.createAxiosErrorFromAxiosResp=function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o(new Error("Request failed with status code "+e.status),e.config,void 0,e.request,e)]}))}))}},280:function(e,t,n){var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){void 0===r&&(r=n);var o=Object.getOwnPropertyDescriptor(t,n);o&&!("get"in o?!t.__esModule:o.writable||o.configurable)||(o={enumerable:!0,get:function(){return t[n]}}),Object.defineProperty(e,r,o)}:function(e,t,n,r){void 0===r&&(r=n),e[r]=t[n]}),o=this&&this.__exportStar||function(e,t){for(var n in e)"default"===n||Object.prototype.hasOwnProperty.call(t,n)||r(t,e,n)};Object.defineProperty(t,"__esModule",{value:!0}),o(n(569),t)},491:function(e,t,n){var r,o=this&&this.__extends||(r=function(e,t){return r=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},r(e,t)},function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}r(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}),s=this&&this.__assign||function(){return s=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},s.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.BooleanClaim=void 0;var i=function(e){function t(t){var n=e.call(this,t)||this;return n.validators=s(s({},n.validators),{isTrue:function(e){return n.validators.hasValue(!0,e)},isFalse:function(e){return n.validators.hasValue(!1,e)}}),n}return o(t,e),t}(n(911).PrimitiveClaim);t.BooleanClaim=i},748:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.PrimitiveArrayClaim=void 0;var s=n(671),i=function(){function e(e){var t=this;this.validators={includes:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:t.includes(e)?[2,{isValid:!0}]:[2,{isValid:!1,reason:{message:"wrong value",expectedToInclude:e,actualValue:t}}])}))}))}}},excludes:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToNotInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:t.includes(e)?[2,{isValid:!1,reason:{message:"wrong value",expectedToNotInclude:e,actualValue:t}}]:[2,{isValid:!0}])}))}))}}},includesAll:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.every((function(e){return u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToInclude:e,actualValue:t}}]))}))}))}}},includesAny:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.some((function(e){return u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToIncludeAtLeastOneOf:e,actualValue:t}}]))}))}))}}},excludesAll:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToNotInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.every((function(e){return!u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToNotInclude:e,actualValue:t}}]))}))}))}}}},this.id=e.id,this.refresh=e.refresh,this.defaultMaxAgeInSeconds=e.defaultMaxAgeInSeconds}return e.prototype.getValueFromPayload=function(e,t){return void 0!==e[this.id]?e[this.id].v:void 0},e.prototype.getLastFetchedTime=function(e,t){return void 0!==e[this.id]?e[this.id].t:void 0},e}();t.PrimitiveArrayClaim=i},911:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.PrimitiveClaim=void 0;var r=n(671),o=function(){function e(e){var t=this;this.validators={hasValue:function(e,n,o){void 0===n&&(n=t.defaultMaxAgeInSeconds);var s=r.default.getReferenceOrThrow().dateProvider;return{id:void 0!==o?o:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<s.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(s.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<s.now()-1e3*n},validate:function(r,o){var i=t.getValueFromPayload(r,o);if(void 0===i)return{isValid:!1,reason:{message:"value does not exist",expectedValue:e,actualValue:i}};var a=(s.now()-t.getLastFetchedTime(r,o))/1e3;return void 0!==n&&a>n?{isValid:!1,reason:{message:"expired",ageInSeconds:a,maxAgeInSeconds:n}}:i!==e?{isValid:!1,reason:{message:"wrong value",expectedValue:e,actualValue:i}}:{isValid:!0}}}}},this.id=e.id,this.refresh=e.refresh,this.defaultMaxAgeInSeconds=e.defaultMaxAgeInSeconds}return e.prototype.getValueFromPayload=function(e,t){return void 0!==e[this.id]?e[this.id].v:void 0},e.prototype.getLastFetchedTime=function(e,t){return void 0!==e[this.id]?e[this.id].t:void 0},e}();t.PrimitiveClaim=o},173:function(e,t){var n,r=this&&this.__extends||(n=function(e,t){return n=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},n(e,t)},function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}n(e,t),e.prototype=null===t?Object.create(t):(r.prototype=t.prototype,new r)});Object.defineProperty(t,"__esModule",{value:!0}),t.STGeneralError=void 0;var o=function(e){function t(t){var n=e.call(this,t)||this;return n.isSuperTokensGeneralError=!0,n}return r(t,e),t.isThisError=function(e){return!0===e.isSuperTokensGeneralError},t}(Error);t.STGeneralError=o},379:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.updateClockSkewUsingFrontToken=t.fireSessionUpdateEventsIfNecessary=t.setFrontToken=t.getFrontToken=t.setAntiCSRF=t.saveLastAccessTokenUpdate=t.getTokenForHeaderAuth=t.setToken=t.getStorageNameForToken=t.getLocalSessionState=t.onInvalidClaimResponse=t.onTokenUpdate=t.onUnauthorisedResponse=t.FrontToken=t.AntiCsrfToken=void 0;var i=n(743),a=n(255),u=n(501),c=n(958),l=n(941),d=n(845),f=n(671),g=function(){function e(){}return e.getToken=function(t){return o(this,void 0,void 0,(function(){var n;return s(this,(function(r){switch(r.label){case 0:return(0,d.logDebugMessage)("AntiCsrfToken.getToken: called"),void 0===t?(e.tokenInfo=void 0,(0,d.logDebugMessage)("AntiCsrfToken.getToken: returning undefined"),[2,void 0]):void 0!==e.tokenInfo?[3,2]:[4,C()];case 1:return null===(n=r.sent())?((0,d.logDebugMessage)("AntiCsrfToken.getToken: returning undefined"),[2,void 0]):(e.tokenInfo={antiCsrf:n,associatedAccessTokenUpdate:t},[3,4]);case 2:return e.tokenInfo.associatedAccessTokenUpdate===t?[3,4]:(e.tokenInfo=void 0,[4,e.getToken(t)]);case 3:return[2,r.sent()];case 4:return(0,d.logDebugMessage)("AntiCsrfToken.getToken: returning: "+e.tokenInfo.antiCsrf),[2,e.tokenInfo.antiCsrf]}}))}))},e.removeToken=function(){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("AntiCsrfToken.removeToken: called"),e.tokenInfo=void 0,[4,_(void 0)];case 1:return t.sent(),[2]}}))}))},e.setItem=function(t,n){return o(this,void 0,void 0,(function(){return s(this,(function(r){switch(r.label){case 0:return void 0===t?(e.tokenInfo=void 0,[2]):((0,d.logDebugMessage)("AntiCsrfToken.setItem: called"),[4,_(n)]);case 1:return r.sent(),e.tokenInfo={antiCsrf:n,associatedAccessTokenUpdate:t},[2]}}))}))},e}();t.AntiCsrfToken=g;var h=function(){function e(){}return e.getTokenInfo=function(){return o(this,void 0,void 0,(function(){var t,n;return s(this,(function(r){switch(r.label){case 0:return(0,d.logDebugMessage)("FrontToken.getTokenInfo: called"),[4,H()];case 1:return null!==(t=r.sent())?[3,5]:[4,y(!1)];case 2:return"EXISTS"!==r.sent().status?[3,4]:[4,new Promise((function(t){e.waiters.push(t)}))];case 3:return r.sent(),[2,e.getTokenInfo()];case 4:return[2,void 0];case 5:return n=P(t),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning ate: "+n.ate),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning uid: "+n.uid),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning up: "+n.up),[2,n]}}))}))},e.removeToken=function(){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("FrontToken.removeToken: called"),[4,F(void 0)];case 1:return t.sent(),[4,I("access","")];case 2:return t.sent(),[4,I("refresh","")];case 3:return t.sent(),e.waiters.forEach((function(e){return e(void 0)})),e.waiters=[],[2]}}))}))},e.setItem=function(t){return o(this,void 0,void 0,(function(){return s(this,(function(n){switch(n.label){case 0:return[4,A()];case 1:return n.sent(),"remove"===t?[2,e.removeToken()]:((0,d.logDebugMessage)("FrontToken.setItem: called"),[4,F(t)]);case 2:return n.sent(),e.waiters.forEach((function(e){return e(void 0)})),e.waiters=[],[2]}}))}))},e.doesTokenExists=function(){return o(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,O()];case 1:return[2,null!==e.sent()]}}))}))},e.waiters=[],e}();t.FrontToken=h;var p=function(){function e(){}var t;return e.init=function(t,r){(0,d.logDebugMessage)("init: called"),(0,d.logDebugMessage)("init: Input apiBasePath: "+t.apiBasePath),(0,d.logDebugMessage)("init: Input apiDomain: "+t.apiDomain),(0,d.logDebugMessage)("init: Input autoAddCredentials: "+t.autoAddCredentials),(0,d.logDebugMessage)("init: Input sessionTokenBackendDomain: "+t.sessionTokenBackendDomain),(0,d.logDebugMessage)("init: Input isInIframe: "+t.isInIframe),(0,d.logDebugMessage)("init: Input sessionExpiredStatusCode: "+t.sessionExpiredStatusCode),(0,d.logDebugMessage)("init: Input sessionTokenFrontendDomain: "+t.sessionTokenFrontendDomain),(0,d.logDebugMessage)("init: Input tokenTransferMethod: "+t.tokenTransferMethod);var o=c.default.getReferenceOrThrow().windowHandler.getWindowUnsafe();e.env=void 0===o||void 0===o.fetch?n.g:o,e.refreshTokenUrl=t.apiDomain+t.apiBasePath+"/session/refresh",e.signOutUrl=t.apiDomain+t.apiBasePath+"/signout",e.rid="session",e.config=t,void 0===e.env.__supertokensOriginalFetch&&((0,d.logDebugMessage)("init: __supertokensOriginalFetch is undefined"),e.env.__supertokensOriginalFetch=e.env.fetch.bind(e.env),e.env.__supertokensSessionRecipe=r,e.env.fetch=e.env.__supertokensSessionRecipe.addFetchInterceptorsAndReturnModifiedFetch({originalFetch:e.env.__supertokensOriginalFetch,userContext:{}}),e.env.__supertokensSessionRecipe.addXMLHttpRequestInterceptor({userContext:{}})),e.recipeImpl=e.env.__supertokensSessionRecipe,e.initCalled=!0},t=e,e.initCalled=!1,e.doRequest=function(n,a,u){return o(void 0,void 0,void 0,(function(){var o,l,f,p,v,b,m,k,T,I,R,E,A;return s(t,(function(t){switch(t.label){case 0:if(!e.initCalled)throw Error("init function not called");(0,d.logDebugMessage)("doRequest: start of fetch interception"),o=!1;try{l=void 0,"string"==typeof u?l=u:"object"==typeof u&&("string"==typeof u.url?l=u.url:"string"==typeof u.href&&(l=u.href)),o=!e.recipeImpl.shouldDoInterceptionBasedOnUrl(l,e.config.apiDomain,e.config.sessionTokenBackendDomain)}catch(t){if("Please provide a valid domain name"!==t.message)throw t;(0,d.logDebugMessage)("doRequest: Trying shouldDoInterceptionBasedOnUrl with location.origin"),o=!e.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),e.config.apiDomain,e.config.sessionTokenBackendDomain)}return(0,d.logDebugMessage)("doRequest: Value of doNotDoInterception: "+o),o?((0,d.logDebugMessage)("doRequest: Returning without interception"),[4,n(a)]):[3,2];case 1:return[2,t.sent()];case 2:return(f=new Headers(void 0!==a&&void 0!==a.headers?a.headers:u.headers)).has("Authorization")?[4,D("access")]:[3,5];case 3:return p=t.sent(),[4,D("refresh")];case 4:v=t.sent(),void 0!==p&&void 0!==v&&f.get("Authorization")==="Bearer ".concat(p)&&((0,d.logDebugMessage)("doRequest: Removing Authorization from user provided headers because it contains our access token"),f.delete("Authorization")),t.label=5;case 5:(0,d.logDebugMessage)("doRequest: Interception started"),i.ProcessState.getInstance().addState(i.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),t.label=6;case 6:t.trys.push([6,,20,25]),b=void 0,t.label=7;case 7:return[4,y(!0)];case 8:return m=t.sent(),k=new Headers(f),T=r(r({},a),{headers:k}),"EXISTS"!==m.status?[3,10]:[4,g.getToken(m.lastAccessTokenUpdate)];case 9:void 0!==(I=t.sent())&&((0,d.logDebugMessage)("doRequest: Adding anti-csrf token to request"),k.set("anti-csrf",I)),t.label=10;case 10:return e.config.autoAddCredentials&&((0,d.logDebugMessage)("doRequest: Adding credentials include"),void 0===T?T={credentials:"include"}:void 0===T.credentials&&(T=r(r({},T),{credentials:"include"}))),k.has("rid")?(0,d.logDebugMessage)("doRequest: rid header was already there in request"):((0,d.logDebugMessage)("doRequest: Adding rid header: anti-csrf"),k.set("rid","anti-csrf")),R=e.config.tokenTransferMethod,(0,d.logDebugMessage)("doRequest: Adding st-auth-mode header: "+R),k.set("st-auth-mode",R),[4,x(k)];case 11:return t.sent(),(0,d.logDebugMessage)("doRequest: Making user's http call"),[4,n(T)];case 12:return E=t.sent(),(0,d.logDebugMessage)("doRequest: User's http call ended"),[4,M(E)];case 13:return t.sent(),U("EXISTS"===m.status,E.status,E.headers.get("front-token")),E.status!==e.config.sessionExpiredStatusCode?[3,15]:((0,d.logDebugMessage)("doRequest: Status code is: "+E.status),[4,w(m)]);case 14:return"RETRY"!==(A=t.sent()).result?((0,d.logDebugMessage)("doRequest: Not retrying original request"),b=void 0!==A.error?A.error:E,[3,19]):((0,d.logDebugMessage)("doRequest: Retrying original request"),[3,18]);case 15:return E.status!==e.config.invalidClaimStatusCode?[3,17]:[4,S(E)];case 16:t.sent(),t.label=17;case 17:return[2,E];case 18:return[3,7];case 19:return[2,b];case 20:return[4,y(!1)];case 21:return"NOT_EXISTS"!==t.sent().status?[3,24]:((0,d.logDebugMessage)("doRequest: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,g.removeToken()]);case 22:return t.sent(),[4,h.removeToken()];case 23:t.sent(),t.label=24;case 24:return[7];case 25:return[2]}}))}))},e.attemptRefreshingSession=function(){return o(void 0,void 0,void 0,(function(){var n;return s(t,(function(t){switch(t.label){case 0:if(!e.initCalled)throw Error("init function not called");return[4,y(!1)];case 1:return[4,w(t.sent())];case 2:if("API_ERROR"===(n=t.sent()).result)throw n.error;return[2,"RETRY"===n.result]}}))}))},e}();t.default=p;var v="st-last-access-token-update",b="sAntiCsrf",m="sFrontToken";function w(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,u,c,f,v,b;return s(this,(function(s){switch(s.label){case 0:return[4,l.default.getReferenceOrThrow().lockFactory()];case 1:t=s.sent(),s.label=2;case 2:return(0,d.logDebugMessage)("onUnauthorisedResponse: trying to acquire lock"),[4,t.acquireLock("REFRESH_TOKEN_USE",1e3)];case 3:if(!s.sent())return[3,24];(0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired"),s.label=4;case 4:return s.trys.push([4,16,18,24]),[4,y(!1)];case 5:return"NOT_EXISTS"===(n=s.sent()).status?((0,d.logDebugMessage)("onUnauthorisedResponse: Not refreshing because local session state is NOT_EXISTS"),p.config.onHandleEvent({action:"UNAUTHORISED",sessionExpiredOrRevoked:!1,userContext:{}}),[2,{result:"SESSION_EXPIRED"}]):n.status!==e.status||"EXISTS"===n.status&&"EXISTS"===e.status&&n.lastAccessTokenUpdate!==e.lastAccessTokenUpdate?((0,d.logDebugMessage)("onUnauthorisedResponse: Retrying early because pre and post lastAccessTokenUpdate don't match"),[2,{result:"RETRY"}]):(r=new Headers,"EXISTS"!==e.status?[3,7]:[4,g.getToken(e.lastAccessTokenUpdate)]);case 6:void 0!==(o=s.sent())&&((0,d.logDebugMessage)("onUnauthorisedResponse: Adding anti-csrf token to refresh API call"),r.set("anti-csrf",o)),s.label=7;case 7:return(0,d.logDebugMessage)("onUnauthorisedResponse: Adding rid and fdi-versions to refresh call header"),r.set("rid",p.rid),r.set("fdi-version",a.supported_fdi.join(",")),i=p.config.tokenTransferMethod,(0,d.logDebugMessage)("onUnauthorisedResponse: Adding st-auth-mode header: "+i),r.set("st-auth-mode",i),[4,x(r,!0)];case 8:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Calling refresh pre API hook"),[4,p.config.preAPIHook({action:"REFRESH_SESSION",requestInit:{method:"post",credentials:"include",headers:r},url:p.refreshTokenUrl,userContext:{}})];case 9:return u=s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Making refresh call"),[4,p.env.__supertokensOriginalFetch(u.url,u.requestInit)];case 10:return c=s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Refresh call ended"),[4,M(c)];case 11:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Refresh status code is: "+c.status),(f=c.status===p.config.sessionExpiredStatusCode)&&null===c.headers.get("front-token")?[4,h.setItem("remove")]:[3,13];case 12:s.sent(),s.label=13;case 13:if(U("EXISTS"===e.status,c.status,f&&null===c.headers.get("front-token")?"remove":c.headers.get("front-token")),c.status>=300)throw c;return[4,p.config.postAPIHook({action:"REFRESH_SESSION",fetchResponse:c.clone(),requestInit:u.requestInit,url:u.url,userContext:{}})];case 14:return s.sent(),[4,y(!1)];case 15:return"NOT_EXISTS"===s.sent().status?((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so returning session expired"),[2,{result:"SESSION_EXPIRED"}]):(p.config.onHandleEvent({action:"REFRESH_SESSION",userContext:{}}),(0,d.logDebugMessage)("onUnauthorisedResponse: Sending RETRY signal"),[2,{result:"RETRY"}]);case 16:return v=s.sent(),[4,y(!1)];case 17:return"NOT_EXISTS"===s.sent().status?((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so returning session expired"),[2,{result:"SESSION_EXPIRED",error:v}]):((0,d.logDebugMessage)("onUnauthorisedResponse: sending API_ERROR"),[2,{result:"API_ERROR",error:v}]);case 18:return[4,t.releaseLock("REFRESH_TOKEN_USE")];case 19:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Released lock"),[4,y(!1)];case 20:return"NOT_EXISTS"!==s.sent().status?[3,23]:((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,g.removeToken()]);case 21:return s.sent(),[4,h.removeToken()];case 22:s.sent(),s.label=23;case 23:return[7];case 24:return[4,y(!1)];case 25:return"NOT_EXISTS"===(b=s.sent()).status?((0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired failed and local session doesn't exist, so sending SESSION_EXPIRED"),[2,{result:"SESSION_EXPIRED"}]):b.status!==e.status||"EXISTS"===b.status&&"EXISTS"===e.status&&b.lastAccessTokenUpdate!==e.lastAccessTokenUpdate?((0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired failed and retrying early because pre and post lastAccessTokenUpdate don't match"),[2,{result:"RETRY"}]):[3,2];case 26:return[2]}}))}))}function k(){(0,d.logDebugMessage)("onTokenUpdate: firing ACCESS_TOKEN_PAYLOAD_UPDATED event"),p.config.onHandleEvent({action:"ACCESS_TOKEN_PAYLOAD_UPDATED",userContext:{}})}function S(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,p.recipeImpl.getInvalidClaimsFromResponse({response:e,userContext:{}})];case 1:return(t=n.sent())&&p.config.onHandleEvent({action:"API_INVALID_CLAIM",claimValidationErrors:t,userContext:{}}),[3,3];case 2:return n.sent(),[3,3];case 3:return[2]}}))}))}function y(e){return o(this,void 0,void 0,(function(){var t,n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("getLocalSessionState: called"),[4,E(v)];case 1:return t=o.sent(),[4,h.doesTokenExists()];case 2:return o.sent()&&void 0!==t?((0,d.logDebugMessage)("getLocalSessionState: returning EXISTS since both frontToken and lastAccessTokenUpdate exists"),[2,{status:"EXISTS",lastAccessTokenUpdate:t}]):[3,3];case 3:return t?((0,d.logDebugMessage)("getLocalSessionState: returning NOT_EXISTS since frontToken was cleared but lastAccessTokenUpdate exists"),[2,{status:"NOT_EXISTS"}]):[3,4];case 4:return n={status:"MAY_EXIST"},e?((0,d.logDebugMessage)("getLocalSessionState: trying to refresh"),[4,w(n)]):[3,7];case 5:return"RETRY"!==(r=o.sent()).result?((0,d.logDebugMessage)("getLocalSessionState: return NOT_EXISTS in case error from backend"+r.result),[2,{status:"NOT_EXISTS"}]):((0,d.logDebugMessage)("getLocalSessionState: Retrying post refresh"),[4,y(e)]);case 6:return[2,o.sent()];case 7:return(0,d.logDebugMessage)("getLocalSessionState: returning: "+n.status),[2,n]}}))}))}function T(e){switch(e){case"access":return"st-access-token";case"refresh":return"st-refresh-token"}}function I(e,t){var n=T(e);return""!==t?((0,d.logDebugMessage)("setToken: saved ".concat(e," token into cookies")),R(n,t,Date.now()+31536e5)):((0,d.logDebugMessage)("setToken: cleared ".concat(e," token from cookies")),R(n,t,0))}function R(e,t,n){var r="Fri, 31 Dec 9999 23:59:59 GMT";n!==Number.MAX_SAFE_INTEGER&&(r=new Date(n).toUTCString());var o=p.config.sessionTokenFrontendDomain;return"localhost"===o||o===c.default.getReferenceOrThrow().windowHandler.location.getHostName()?u.default.getReferenceOrThrow().cookieHandler.setCookie("".concat(e,"=").concat(t,";expires=").concat(r,";path=/;samesite=").concat(p.config.isInIframe?"none;secure":"lax")):u.default.getReferenceOrThrow().cookieHandler.setCookie("".concat(e,"=").concat(t,";expires=").concat(r,";domain=").concat(o,";path=/;samesite=").concat(p.config.isInIframe?"none;secure":"lax"))}function D(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){return[2,E(T(e))]}))}))}function E(e){return o(this,void 0,void 0,(function(){var t,n,r,o;return s(this,(function(s){switch(s.label){case 0:return n="; ",[4,u.default.getReferenceOrThrow().cookieHandler.getCookie()];case 1:return t=n+s.sent(),(r=t.split("; "+e+"=")).length>=2&&void 0!==(o=r.pop())?[2,o.split(";").shift()]:[2,void 0]}}))}))}function x(e,t){return void 0===t&&(t=!1),o(this,void 0,void 0,(function(){var n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("setTokenHeaders: adding existing tokens as header"),[4,D("access")];case 1:return n=o.sent(),[4,D("refresh")];case 2:return r=o.sent(),!t&&void 0===n||void 0===r?(0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"):e.has("Authorization")?(0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):((0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.set("Authorization","Bearer ".concat(t?r:n))),[2]}}))}))}function M(e){return o(this,void 0,void 0,(function(){var n,r,o,i,a;return s(this,(function(s){switch(s.label){case 0:return(0,d.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response headers"),null===(n=e.headers.get("st-refresh-token"))?[3,2]:((0,d.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,I("refresh",n)]);case 1:s.sent(),s.label=2;case 2:return null===(r=e.headers.get("st-access-token"))?[3,4]:((0,d.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,I("access",r)]);case 3:s.sent(),s.label=4;case 4:return null===(o=e.headers.get("front-token"))?[3,6]:((0,d.logDebugMessage)("saveTokensFromHeaders: Setting sFrontToken: "+o),[4,h.setItem(o)]);case 5:s.sent(),(0,t.updateClockSkewUsingFrontToken)({frontToken:o,responseHeaders:e.headers}),s.label=6;case 6:return null===(i=e.headers.get("anti-csrf"))?[3,9]:[4,y(!0)];case 7:return"EXISTS"!==(a=s.sent()).status?[3,9]:((0,d.logDebugMessage)("saveTokensFromHeaders: Setting anti-csrf token"),[4,g.setItem(a.lastAccessTokenUpdate,i)]);case 8:s.sent(),s.label=9;case 9:return[2]}}))}))}function A(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("saveLastAccessTokenUpdate: called"),e=Date.now().toString(),(0,d.logDebugMessage)("saveLastAccessTokenUpdate: setting "+e),[4,R(v,e,Number.MAX_SAFE_INTEGER)];case 1:return t.sent(),[4,R("sIRTFrontend","",0)];case 2:return t.sent(),[2]}}))}))}function C(){return o(this,void 0,void 0,(function(){function e(){return o(this,void 0,void 0,(function(){var e,t,n,r,o;return s(this,(function(s){switch(s.label){case 0:return t="; ",[4,u.default.getReferenceOrThrow().cookieHandler.getCookie()];case 1:return e=t+s.sent(),(n=e.split("; sAntiCsrf=")).length>=2&&void 0!==(r=n.pop())?void 0===(o=r.split(";").shift())?[2,null]:[2,o]:[2,null]}}))}))}var t;return s(this,(function(n){switch(n.label){case 0:return(0,d.logDebugMessage)("getAntiCSRFToken: called"),[4,y(!0)];case 1:return"EXISTS"!==n.sent().status?((0,d.logDebugMessage)("getAntiCSRFToken: Returning because local session state != EXISTS"),[2,null]):[4,e()];case 2:return t=n.sent(),(0,d.logDebugMessage)("getAntiCSRFToken: returning: "+t),[2,t]}}))}))}function _(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("setAntiCSRF: called: "+e),void 0===e?[3,2]:[4,R(b,e,Number.MAX_SAFE_INTEGER)];case 1:return t.sent(),[3,4];case 2:return[4,R(b,"",0)];case 3:t.sent(),t.label=4;case 4:return[2]}}))}))}function O(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("getFrontTokenFromCookie: called"),[4,E(m)];case 1:return[2,void 0===(e=t.sent())?null:e]}}))}))}function P(e){return JSON.parse(decodeURIComponent(escape(atob(e))))}function H(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("getFrontToken: called"),[4,y(!0)];case 1:return"EXISTS"!==t.sent().status?((0,d.logDebugMessage)("getFrontToken: Returning because sIRTFrontend != EXISTS"),[2,null]):[4,O()];case 2:return e=t.sent(),(0,d.logDebugMessage)("getFrontToken: returning: "+e),[2,e]}}))}))}function F(e){return o(this,void 0,void 0,(function(){var t,n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("setFrontToken: called"),[4,O()];case 1:return null!==(t=o.sent())&&void 0!==e&&(n=P(t).up,r=P(e).up,JSON.stringify(n)!==JSON.stringify(r)&&k()),void 0!==e?[3,3]:[4,R(m,"",0)];case 2:return o.sent(),[3,5];case 3:return[4,R(m,e,Number.MAX_SAFE_INTEGER)];case 4:o.sent(),o.label=5;case 5:return[2]}}))}))}function U(e,t,n){if(null!=n){var r="remove"!==n;(0,d.logDebugMessage)("fireSessionUpdateEventsIfNecessary wasLoggedIn: ".concat(e," frontTokenExistsAfter: ").concat(r," status: ").concat(t)),e?r||(t===p.config.sessionExpiredStatusCode?((0,d.logDebugMessage)("onUnauthorisedResponse: firing UNAUTHORISED event"),p.config.onHandleEvent({action:"UNAUTHORISED",sessionExpiredOrRevoked:!0,userContext:{}})):((0,d.logDebugMessage)("onUnauthorisedResponse: firing SIGN_OUT event"),p.config.onHandleEvent({action:"SIGN_OUT",userContext:{}}))):r&&((0,d.logDebugMessage)("onUnauthorisedResponse: firing SESSION_CREATED event"),p.config.onHandleEvent({action:"SESSION_CREATED",userContext:{}}))}else(0,d.logDebugMessage)("fireSessionUpdateEventsIfNecessary returning early because the front token was not updated")}t.onUnauthorisedResponse=w,t.onTokenUpdate=k,t.onInvalidClaimResponse=S,t.getLocalSessionState=y,t.getStorageNameForToken=T,t.setToken=I,t.getTokenForHeaderAuth=D,t.saveLastAccessTokenUpdate=A,t.setAntiCSRF=_,t.getFrontToken=H,t.setFrontToken=F,t.fireSessionUpdateEventsIfNecessary=U,t.updateClockSkewUsingFrontToken=function(e){var t=e.frontToken,n=e.responseHeaders;if((0,d.logDebugMessage)("updateClockSkewUsingFrontToken: frontToken: "+t),null!=t&&"remove"!==t){var r=P(t),o=p.recipeImpl.calculateClockSkewInMillis({accessTokenPayload:r.up,responseHeaders:n});f.default.getReferenceOrThrow().dateProvider.setClientClockSkewInMillis(o),(0,d.logDebugMessage)("updateClockSkewUsingFrontToken: Client clock synchronized successfully")}else(0,d.logDebugMessage)("updateClockSkewUsingFrontToken: the access token payload wasn't updated or is being removed, skipping clock skew update")}},569:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.BooleanClaim=t.PrimitiveArrayClaim=t.PrimitiveClaim=t.getInvalidClaimsFromResponse=t.getClaimValue=t.validateClaims=t.signOut=t.addAxiosInterceptors=t.doesSessionExist=t.attemptRefreshingSession=t.getAccessToken=t.getAccessTokenPayloadSecurely=t.getUserId=t.init=void 0;var s=n(379),i=n(994),a=n(333),u=n(318),c=n(501),l=n(958),d=n(941),f=n(153),g=n(845),h=n(671),p=function(){function e(){}var t;return e.init=function(t){c.default.init(t.cookieHandler),l.default.init(t.windowHandler),h.default.init(t.dateProvider),d.default.init(t.lockFactory,l.default.getReferenceOrThrow().windowHandler.localStorage);var n=(0,u.validateAndNormaliseInputOrThrowError)(t);void 0!==t.enableDebugLogs&&t.enableDebugLogs&&(0,g.enableLogging)();var r=new a.default((0,i.default)({onHandleEvent:n.onHandleEvent,preAPIHook:n.preAPIHook,postAPIHook:n.postAPIHook,sessionExpiredStatusCode:n.sessionExpiredStatusCode})).override(n.override.functions).build();s.default.init(n,r),e.axiosInterceptorQueue.forEach((function(e){e()})),e.axiosInterceptorQueue=[]},e.getUserId=function(e){return s.default.recipeImpl.getUserId({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.getAccessTokenPayloadSecurely=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return[2,s.default.recipeImpl.getAccessTokenPayloadSecurely({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})]}))}))},t=e,e.axiosInterceptorQueue=[],e.attemptRefreshingSession=function(){return r(void 0,void 0,void 0,(function(){return o(t,(function(e){return[2,s.default.attemptRefreshingSession()]}))}))},e.doesSessionExist=function(e){return s.default.recipeImpl.doesSessionExist({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.addAxiosInterceptors=function(t,n){s.default.initCalled?s.default.recipeImpl.addAxiosInterceptors({axiosInstance:t,userContext:(0,u.getNormalisedUserContext)(n)}):e.axiosInterceptorQueue.push((function(){s.default.recipeImpl.addAxiosInterceptors({axiosInstance:t,userContext:(0,u.getNormalisedUserContext)(n)})}))},e.signOut=function(e){return s.default.recipeImpl.signOut({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.getInvalidClaimsFromResponse=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return[2,s.default.recipeImpl.getInvalidClaimsFromResponse({response:e.response,userContext:(0,u.getNormalisedUserContext)(e.userContext)})]}))}))},e.getClaimValue=function(t){return r(this,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return n=(0,u.getNormalisedUserContext)(void 0===t?void 0:t.userContext),[4,e.getAccessTokenPayloadSecurely({userContext:n})];case 1:return r=o.sent(),[2,t.claim.getValueFromPayload(r,n)]}}))}))},e.validateClaims=function(e,t){var n=(0,u.getNormalisedUserContext)(t),r=f.SessionClaimValidatorStore.getClaimValidatorsAddedByOtherRecipes(),o=s.default.recipeImpl.getGlobalClaimValidators({claimValidatorsAddedByOtherRecipes:r,userContext:n}),i=void 0!==e?e(o,n):o;return 0===i.length?[]:s.default.recipeImpl.validateClaims({claimValidators:i,userContext:(0,u.getNormalisedUserContext)(t)})},e.getAccessToken=function(e){return r(void 0,void 0,void 0,(function(){return o(t,(function(t){switch(t.label){case 0:return[4,s.default.recipeImpl.doesSessionExist({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})];case 1:return t.sent()?[2,(0,s.getTokenForHeaderAuth)("access")]:[2,void 0]}}))}))},e}();t.default=p,t.init=p.init,t.getUserId=p.getUserId,t.getAccessTokenPayloadSecurely=p.getAccessTokenPayloadSecurely,t.getAccessToken=p.getAccessToken,t.attemptRefreshingSession=p.attemptRefreshingSession,t.doesSessionExist=p.doesSessionExist,t.addAxiosInterceptors=p.addAxiosInterceptors,t.signOut=p.signOut,t.validateClaims=p.validateClaims,t.getClaimValue=p.getClaimValue,t.getInvalidClaimsFromResponse=p.getInvalidClaimsFromResponse;var v=n(911);Object.defineProperty(t,"PrimitiveClaim",{enumerable:!0,get:function(){return v.PrimitiveClaim}});var b=n(748);Object.defineProperty(t,"PrimitiveArrayClaim",{enumerable:!0,get:function(){return b.PrimitiveArrayClaim}});var m=n(491);Object.defineProperty(t,"BooleanClaim",{enumerable:!0,get:function(){return m.BooleanClaim}})},845:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.logDebugMessage=t.disableLogging=t.enableLogging=void 0;var r=n(255),o=!1;t.enableLogging=function(){o=!0},t.disableLogging=function(){o=!1},t.logDebugMessage=function(e){o&&console.log("".concat("com.supertokens",' {t: "').concat((new Date).toISOString(),'", message: "').concat(e,'", supertokens-website-ver: "').concat(r.package_version,'"}'))}},992:(e,t)=>{function n(e){return/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/.test(e)}Object.defineProperty(t,"__esModule",{value:!0}),t.isAnIpAddress=void 0,t.isAnIpAddress=n;function r(e,t){void 0===t&&(t=!1),e=e.trim();try{if(!e.startsWith("http://")&&!e.startsWith("https://"))throw new Error("converting to proper URL");var o=new URL(e);return t?o.hostname.startsWith("localhost")||n(o.hostname)?"http://"+o.host:"https://"+o.host:o.protocol+"//"+o.host}catch(e){}if(e.startsWith("/"))throw new Error("Please provide a valid domain name");if(0===e.indexOf(".")&&(e=e.substr(1)),(-1!==e.indexOf(".")||e.startsWith("localhost"))&&!e.startsWith("http://")&&!e.startsWith("https://")){e="https://"+e;try{return new URL(e),r(e,!0)}catch(e){}}throw new Error("Please provide a valid domain name")}t.default=function(e){var t=this;this.getAsStringDangerous=function(){return t.value},this.value=r(e)}},260:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});function n(e){e=e.trim();try{if(!e.startsWith("http://")&&!e.startsWith("https://"))throw new Error("converting to proper URL");return"/"===(e=new URL(e).pathname).charAt(e.length-1)?e.substr(0,e.length-1):e}catch(e){}if((function(e){if(-1===e.indexOf(".")||e.startsWith("/"))return!1;try{return-1!==new URL(e).hostname.indexOf(".")}catch(e){}try{return-1!==new URL("http://"+e).hostname.indexOf(".")}catch(e){}return!1}(e)||e.startsWith("localhost"))&&!e.startsWith("http://")&&!e.startsWith("https://"))return n(e="http://"+e);"/"!==e.charAt(0)&&(e="/"+e);try{return new URL("http://example.com"+e),n("http://example.com"+e)}catch(e){throw new Error("Please provide a valid URL path")}}t.default=function e(t){var r=this;this.startsWith=function(e){return r.value.startsWith(e.value)},this.appendPath=function(t){return new e(r.value+t.value)},this.getAsStringDangerous=function(){return r.value},this.value=n(t)}},743:function(e,t){var n,r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.ProcessState=t.PROCESS_STATE=void 0,(n=t.PROCESS_STATE||(t.PROCESS_STATE={}))[n.CALLING_INTERCEPTION_REQUEST=0]="CALLING_INTERCEPTION_REQUEST",n[n.CALLING_INTERCEPTION_RESPONSE=1]="CALLING_INTERCEPTION_RESPONSE";var s=function(){function e(){var e=this;this.history=[],this.addState=function(t){try{void 0!==process&&void 0!==process.env&&"testing"===process.env.TEST_MODE&&e.history.push(t)}catch(e){}},this.getEventByLastEventByName=function(t){for(var n=e.history.length-1;n>=0;n--)if(e.history[n]==t)return e.history[n]},this.reset=function(){e.history=[]},this.waitForEvent=function(t,n){return void 0===n&&(n=7e3),r(e,void 0,void 0,(function(){var e,r=this;return o(this,(function(o){return e=Date.now(),[2,new Promise((function(o){var s=r;!function r(){var i=s.getEventByLastEventByName(t);void 0===i?Date.now()-e>n?o(void 0):setTimeout(r,1e3):o(i)}()}))]}))}))}}return e.getInstance=function(){return null==e.instance&&(e.instance=new e),e.instance},e}();t.ProcessState=s},994:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0});var i=n(379),a=n(759),u=n(255),c=n(845),l=n(173),d=n(648),f=n(318),g=n(671);t.default=function(e){return{addXMLHttpRequestInterceptor:function(e){(0,c.logDebugMessage)("addXMLHttpRequestInterceptorAndReturnModified: called"),(0,d.addInterceptorsToXMLHttpRequest)()},addFetchInterceptorsAndReturnModifiedFetch:function(e){return(0,c.logDebugMessage)("addFetchInterceptorsAndReturnModifiedFetch: called"),function(t,n){return o(this,void 0,void 0,(function(){return s(this,(function(o){switch(o.label){case 0:return[4,i.default.doRequest((function(n){return e.originalFetch("object"==typeof t&&"clone"in t?t.clone():t,r({},n))}),n,t)];case 1:return[2,o.sent()]}}))}))}},addAxiosInterceptors:function(e){if((0,c.logDebugMessage)("addAxiosInterceptors: called"),XMLHttpRequest.__interceptedBySuperTokens)return console.warn("Not adding axios interceptor since XMLHttpRequest is already added. This is just a warning."),console.warn("Our axios and XMLHttpRequest interceptors cannot be used at the same time."),console.warn("Since XMLHttpRequest is added automatically and supports axios by default, you can just remove addAxiosInterceptors from your code."),console.warn("If you want to continue using our axios interceptor, you can override addXMLHttpRequestInterceptor with an empty function."),void(0,c.logDebugMessage)("addAxiosInterceptors: not adding, because XHR interceptors are already in place");for(var t=e.axiosInstance.interceptors.request,n=0;n<t.handlers.length;n++)if(t.handlers[n].fulfilled===a.interceptorFunctionRequestFulfilled)return void(0,c.logDebugMessage)("addAxiosInterceptors: not adding because already added on this instance");e.axiosInstance.interceptors.request.use(a.interceptorFunctionRequestFulfilled,(function(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){throw e}))}))})),e.axiosInstance.interceptors.response.use((0,a.responseInterceptor)(e.axiosInstance),(0,a.responseErrorInterceptor)(e.axiosInstance))},getUserId:function(e){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,c.logDebugMessage)("getUserId: called"),[4,i.FrontToken.getTokenInfo()];case 1:if(void 0===(e=t.sent()))throw new Error("No session exists");return(0,c.logDebugMessage)("getUserId: returning: "+e.uid),[2,e.uid]}}))}))},getAccessTokenPayloadSecurely:function(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return(0,c.logDebugMessage)("getAccessTokenPayloadSecurely: called"),[4,i.FrontToken.getTokenInfo()];case 1:if(void 0===(t=n.sent()))throw new Error("No session exists");return t.ate<g.default.getReferenceOrThrow().dateProvider.now()?((0,c.logDebugMessage)("getAccessTokenPayloadSecurely: access token expired. Refreshing session"),[4,i.default.attemptRefreshingSession()]):[3,5];case 2:return n.sent()?[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})]:[3,4];case 3:return[2,n.sent()];case 4:throw new Error("Could not refresh session");case 5:return(0,c.logDebugMessage)("getAccessTokenPayloadSecurely: returning: "+JSON.stringify(t.up)),[2,t.up]}}))}))},doesSessionExist:function(e){return o(this,void 0,void 0,(function(){var e,t;return s(this,(function(n){switch(n.label){case 0:return(0,c.logDebugMessage)("doesSessionExist: called"),[4,i.FrontToken.getTokenInfo()];case 1:return void 0===(e=n.sent())?((0,c.logDebugMessage)("doesSessionExist: access token does not exist locally"),[2,!1]):e.ate<g.default.getReferenceOrThrow().dateProvider.now()?((0,c.logDebugMessage)("doesSessionExist: access token expired. Refreshing session"),[4,(0,i.getLocalSessionState)(!1)]):[3,4];case 2:return t=n.sent(),[4,(0,i.onUnauthorisedResponse)(t)];case 3:return[2,"RETRY"===n.sent().result];case 4:return[2,!0]}}))}))},signOut:function(t){return o(this,void 0,void 0,(function(){var n,r,o,a;return s(this,(function(s){switch(s.label){case 0:return(0,c.logDebugMessage)("signOut: called"),[4,this.doesSessionExist(t)];case 1:return s.sent()?((0,c.logDebugMessage)("signOut: Calling refresh pre API hook"),[4,e.preAPIHook({action:"SIGN_OUT",requestInit:{method:"post",headers:{"fdi-version":u.supported_fdi.join(","),rid:i.default.rid}},url:i.default.signOutUrl,userContext:t.userContext})]):((0,c.logDebugMessage)("signOut: exiting early because session does not exist"),(0,c.logDebugMessage)("signOut: firing SIGN_OUT event"),e.onHandleEvent({action:"SIGN_OUT",userContext:t.userContext}),[2]);case 2:return n=s.sent(),(0,c.logDebugMessage)("signOut: Calling API"),[4,fetch(n.url,n.requestInit)];case 3:if(r=s.sent(),(0,c.logDebugMessage)("signOut: API ended"),(0,c.logDebugMessage)("signOut: API responded with status code: "+r.status),r.status===e.sessionExpiredStatusCode)return[2];if(r.status>=300)throw r;return[4,e.postAPIHook({action:"SIGN_OUT",requestInit:n.requestInit,url:n.url,fetchResponse:r.clone(),userContext:t.userContext})];case 4:return s.sent(),[4,r.clone().json()];case 5:if("GENERAL_ERROR"===(o=s.sent()).status)throw(0,c.logDebugMessage)("doRequest: Throwing general error"),a=void 0===o.message?"No Error Message Provided":o.message,new l.STGeneralError(a);return[2]}}))}))},getInvalidClaimsFromResponse:function(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return"body"in e.response?[4,e.response.clone().json()]:[3,2];case 1:return t=n.sent(),[3,3];case 2:t="string"==typeof e.response.data?JSON.parse(e.response.data):e.response.data,n.label=3;case 3:return[2,t.claimValidationErrors]}}))}))},getGlobalClaimValidators:function(e){return e.claimValidatorsAddedByOtherRecipes},validateClaims:function(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,a,u,c,l;return s(this,(function(s){switch(s.label){case 0:return[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})];case 1:t=s.sent(),n=0,r=e.claimValidators,s.label=2;case 2:return n<r.length?[4,(c=r[n]).shouldRefresh(t,e.userContext)]:[3,10];case 3:if(!s.sent())return[3,9];s.label=4;case 4:return s.trys.push([4,6,,7]),[4,c.refresh(e.userContext)];case 5:return s.sent(),[3,7];case 6:return o=s.sent(),console.error("Encountered an error while refreshing validator ".concat(c.id),o),[3,7];case 7:return[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})];case 8:t=s.sent(),s.label=9;case 9:return n++,[3,2];case 10:i=[],a=0,u=e.claimValidators,s.label=11;case 11:return a<u.length?[4,(c=u[a]).validate(t,e.userContext)]:[3,14];case 12:(l=s.sent()).isValid||i.push({id:c.id,reason:l.reason}),s.label=13;case 13:return a++,[3,11];case 14:return[2,i]}}))}))},shouldDoInterceptionBasedOnUrl:function(e,t,n){if((0,c.logDebugMessage)("shouldDoInterceptionBasedOnUrl: toCheckUrl: "+e+" apiDomain: "+t+" sessionTokenBackendDomain: "+n),e.includes("superTokensDoNotDoInterception"))return!1;e=(0,f.normaliseURLDomainOrThrowError)(e);var r=new URL(e),o=r.hostname;if(void 0===n){o=""===r.port?o:o+":"+r.port,t=(0,f.normaliseURLDomainOrThrowError)(t);var s=new URL(t);return o===(""===s.port?s.hostname:s.hostname+":"+s.port)}var i,a=(0,f.normaliseSessionScopeOrThrowError)(n);if(n.split(":").length>1){var u=n.split(":")[n.split(":").length-1];"string"!=typeof(i=u)||isNaN(i)||isNaN(parseFloat(i))||(a+=":"+u,o=""===r.port?o:o+":"+r.port)}return n.startsWith(".")?("."+o).endsWith(a):o===a},calculateClockSkewInMillis:function(e){var t=e.accessTokenPayload;(0,c.logDebugMessage)("calculateClockSkewInMillis: called");var n=null==t?void 0:t.iat;if(void 0===n||"number"!=typeof n)return(0,c.logDebugMessage)("calculateClockSkewInMillis: payload iat is undefined or not a number. This may happen due to an unsupported backend sdk. Returning 0"),0;var r=1e3*n-Date.now();return(0,c.logDebugMessage)("calculateClockSkewInMillis: returning "+r),r}}}},272:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.defaultCookieHandlerImplementation=void 0;var s=n(958);t.defaultCookieHandlerImplementation={getCookie:function(){return r(this,void 0,void 0,(function(){return o(this,(function(e){return[2,s.default.getReferenceOrThrow().windowHandler.getWindowUnsafe().document.cookie]}))}))},setCookie:function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return s.default.getReferenceOrThrow().windowHandler.getWindowUnsafe().document.cookie=e,[2]}))}))}}},501:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.CookieHandlerReference=void 0;var r=n(272),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.cookieHandler=t(r.defaultCookieHandlerImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensCookieHandler must be initialized before calling this method.");return e.instance},e}();t.CookieHandlerReference=o,t.default=o},812:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DateProvider=void 0;var r=n(958),o=function(){function e(){this.clockSkewInMillis=0,this.thresholdInSeconds=7}return e.init=function(){if(void 0===e.instance){e.instance=new e;var t=r.default.getReferenceOrThrow().windowHandler.localStorage.getItemSync(e.CLOCK_SKEW_KEY),n=null!==t?parseInt(t,10):0;e.instance.setClientClockSkewInMillis(n)}},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("DateProvider must be initialized before calling this method.");return e.instance},e.prototype.getThresholdInSeconds=function(){return this.thresholdInSeconds},e.prototype.setThresholdInSeconds=function(e){this.thresholdInSeconds=e},e.prototype.setClientClockSkewInMillis=function(t){this.clockSkewInMillis=Math.abs(t)>=1e3*this.thresholdInSeconds?t:0,r.default.getReferenceOrThrow().windowHandler.localStorage.setItemSync(e.CLOCK_SKEW_KEY,String(t))},e.prototype.getClientClockSkewInMillis=function(){return this.clockSkewInMillis},e.prototype.now=function(){return Date.now()+this.getClientClockSkewInMillis()},e.CLOCK_SKEW_KEY="__st_clockSkewInMillis",e}();t.DateProvider=o},671:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DateProviderReference=void 0;var r=n(812),o=function(){function e(e){void 0!==e?this.dateProvider=e():(r.DateProvider.init(),this.dateProvider=r.DateProvider.getReferenceOrThrow())}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensDateProvider must be initialized before calling this method.");return e.instance},e}();t.DateProviderReference=o,t.default=o},318:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.getNormalisedUserContext=t.validateAndNormaliseInputOrThrowError=t.normaliseSessionScopeOrThrowError=t.normaliseURLPathOrThrowError=t.normaliseURLDomainOrThrowError=void 0;var i=n(992),a=n(260),u=n(958);function c(e){return new i.default(e).getAsStringDangerous()}function l(e){return new a.default(e).getAsStringDangerous()}function d(e){var t=function(e){(e=e.trim().toLowerCase()).startsWith(".")&&(e=e.substr(1)),e.startsWith("http://")||e.startsWith("https://")||(e="http://"+e);try{return(e=new URL(e).hostname).startsWith(".")&&(e=e.substr(1)),e}catch(e){throw new Error("Please provide a valid sessionTokenFrontendDomain")}}(e);return"localhost"===t||(0,i.isAnIpAddress)(t)?t:e.startsWith(".")?"."+t:t}t.normaliseURLDomainOrThrowError=c,t.normaliseURLPathOrThrowError=l,t.normaliseSessionScopeOrThrowError=d,t.validateAndNormaliseInputOrThrowError=function(e){var t=this,n=c(e.apiDomain),i=l("/auth");void 0!==e.apiBasePath&&(i=l(e.apiBasePath));var a=u.default.getReferenceOrThrow().windowHandler.location.getHostName(),f=d(void 0!==e&&void 0!==e.sessionTokenFrontendDomain?e.sessionTokenFrontendDomain:a),g=401;void 0!==e.sessionExpiredStatusCode&&(g=e.sessionExpiredStatusCode);var h=403;if(void 0!==e.invalidClaimStatusCode&&(h=e.invalidClaimStatusCode),g===h)throw new Error("sessionExpiredStatusCode and invalidClaimStatusCode cannot be the same.");var p=!0;void 0!==e.autoAddCredentials&&(p=e.autoAddCredentials);var v=!1;void 0!==e.isInIframe&&(v=e.isInIframe);var b=void 0;void 0!==e.sessionTokenBackendDomain&&(b=d(e.sessionTokenBackendDomain));var m=function(e){return o(t,void 0,void 0,(function(){return s(this,(function(t){return[2,{url:e.url,requestInit:e.requestInit}]}))}))};void 0!==e.preAPIHook&&(m=e.preAPIHook);var w=function(){return o(t,void 0,void 0,(function(){return s(this,(function(e){return[2]}))}))};void 0!==e.postAPIHook&&(w=e.postAPIHook);var k=function(){};void 0!==e.onHandleEvent&&(k=e.onHandleEvent);var S=r({functions:function(e){return e}},e.override);return{apiDomain:n,apiBasePath:i,sessionTokenFrontendDomain:f,sessionExpiredStatusCode:g,invalidClaimStatusCode:h,autoAddCredentials:p,isInIframe:v,tokenTransferMethod:void 0!==e.tokenTransferMethod?e.tokenTransferMethod:"cookie",sessionTokenBackendDomain:b,preAPIHook:m,postAPIHook:w,onHandleEvent:k,override:S}},t.getNormalisedUserContext=function(e){return void 0===e?{}:e}},941:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.LockFactoryReference=void 0;var r=n(895),o=function(){function e(e){this.lockFactory=e}return e.init=function(t,n){void 0===this.instance&&(this.instance=new e(null!=t?t:function(e){return function(){return Promise.resolve(new r.default(e))}}(n)))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensLockReference must be initialized before calling this method.");return e.instance},e}();t.LockFactoryReference=o,t.default=o},153:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.SessionClaimValidatorStore=void 0;var n=function(){function e(){}return e.claimValidatorsAddedByOtherRecipes=[],e.addClaimValidatorFromOtherRecipe=function(t){e.claimValidatorsAddedByOtherRecipes.push(t)},e.getClaimValidatorsAddedByOtherRecipes=function(){return e.claimValidatorsAddedByOtherRecipes},e}();t.SessionClaimValidatorStore=n,t.default=n},586:function(e,t){var n=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},r=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};function o(){if("undefined"==typeof window)throw Error("If you are using this package with server-side rendering, please make sure that you are checking if the window object is defined.");return window}Object.defineProperty(t,"__esModule",{value:!0}),t.defaultWindowHandlerImplementation=void 0;var s={key:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.key(e)]}))}))},clear:function(){return n(this,void 0,void 0,(function(){return r(this,(function(e){return[2,o().localStorage.clear()]}))}))},getItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.getItem(e)]}))}))},removeItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.removeItem(e)]}))}))},setItem:function(e,t){return n(this,void 0,void 0,(function(){return r(this,(function(n){return[2,o().localStorage.setItem(e,t)]}))}))},keySync:function(e){return o().localStorage.key(e)},clearSync:function(){return o().localStorage.clear()},getItemSync:function(e){return o().localStorage.getItem(e)},removeItemSync:function(e){return o().localStorage.removeItem(e)},setItemSync:function(e,t){return o().localStorage.setItem(e,t)}},i={key:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.key(e)]}))}))},clear:function(){return n(this,void 0,void 0,(function(){return r(this,(function(e){return[2,o().sessionStorage.clear()]}))}))},getItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.getItem(e)]}))}))},removeItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.removeItem(e)]}))}))},setItem:function(e,t){return n(this,void 0,void 0,(function(){return r(this,(function(n){return[2,o().sessionStorage.setItem(e,t)]}))}))},keySync:function(e){return o().sessionStorage.key(e)},clearSync:function(){return o().sessionStorage.clear()},getItemSync:function(e){return o().sessionStorage.getItem(e)},removeItemSync:function(e){return o().sessionStorage.removeItem(e)},setItemSync:function(e,t){return o().sessionStorage.setItem(e,t)}};t.defaultWindowHandlerImplementation={history:{replaceState:function(e,t,n){return o().history.replaceState(e,t,n)},getState:function(){return o().history.state}},location:{getHref:function(){return o().location.href},setHref:function(e){o().location.href=e},getSearch:function(){return o().location.search},getHash:function(){return o().location.hash},getPathName:function(){return o().location.pathname},assign:function(e){o().location.assign(e)},getHostName:function(){return o().location.hostname},getHost:function(){return o().location.host},getOrigin:function(){return o().location.origin}},getDocument:function(){return o().document},getWindowUnsafe:function(){return o().window},localStorage:s,sessionStorage:i}},958:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.WindowHandlerReference=void 0;var r=n(586),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.windowHandler=t(r.defaultWindowHandlerImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensWindowHandler must be initialized before calling this method.");return e.instance},e}();t.WindowHandlerReference=o,t.default=o},255:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.supported_fdi=t.package_version=void 0,t.package_version="19.0.1",t.supported_fdi=["1.16","1.17","1.18","1.19"]},648:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.addInterceptorsToXMLHttpRequest=void 0;var s=n(379),i=n(845),a=n(958),u=n(743),c=["readystatechange","abort","error","load","loadend","loadstart","progress","timeout"];function l(e){return r(this,void 0,void 0,(function(){var t,n,r,s,i;return o(this,(function(o){switch(o.label){case 0:if(t=e.headers.get("content-type"),n="",r="text",null!==t)return[3,5];o.label=1;case 1:return o.trys.push([1,3,,4]),[4,e.text()];case 2:return n=o.sent(),[3,4];case 3:return o.sent(),n="",[3,4];case 4:return[3,9];case 5:return t.includes("application/json")?(r="json",i=(s=JSON).stringify,[4,e.json()]):[3,7];case 6:return n=i.apply(s,[o.sent()]),[3,9];case 7:return t.includes("text/")?[4,e.text()]:[3,9];case 8:n=o.sent(),o.label=9;case 9:return[2,{status:e.status,responseText:n,statusText:e.statusText,responseType:r,headers:e.headers}]}}))}))}function d(e,t){return r(this,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: adding existing tokens as header"),[4,(0,s.getTokenForHeaderAuth)("access")];case 1:return n=o.sent(),[4,(0,s.getTokenForHeaderAuth)("refresh")];case 2:return r=o.sent(),void 0!==n&&void 0!==r?t.some((function(e){return"authorization"===e.name.toLowerCase()}))?(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):void 0!==n&&((0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.setRequestHeader("Authorization","Bearer ".concat(n))):(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"),[2]}}))}))}function f(e){return r(this,void 0,void 0,(function(){var t,n,r,a,u;return o(this,(function(o){switch(o.label){case 0:return(0,i.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response"),null===(t=e.get("st-refresh-token"))?[3,2]:((0,i.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,(0,s.setToken)("refresh",t)]);case 1:o.sent(),o.label=2;case 2:return null===(n=e.get("st-access-token"))?[3,4]:((0,i.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,(0,s.setToken)("access",n)]);case 3:o.sent(),o.label=4;case 4:return null===(r=e.get("front-token"))?[3,6]:((0,i.logDebugMessage)("saveTokensFromHeaders: Setting sFrontToken: "+r),[4,s.FrontToken.setItem(r)]);case 5:o.sent(),(0,s.updateClockSkewUsingFrontToken)({frontToken:r,responseHeaders:e}),o.label=6;case 6:return null===(a=e.get("anti-csrf"))?[3,9]:[4,(0,s.getLocalSessionState)(!0)];case 7:return"EXISTS"!==(u=o.sent()).status?[3,9]:((0,i.logDebugMessage)("saveTokensFromHeaders: Setting anti-csrf token"),[4,s.AntiCsrfToken.setItem(u.lastAccessTokenUpdate,a)]);case 8:o.sent(),o.label=9;case 9:return[2]}}))}))}t.addInterceptorsToXMLHttpRequest=function(){var e=new Promise((function(e){return setTimeout(e,0)})),t=XMLHttpRequest;(0,i.logDebugMessage)("addInterceptorsToXMLHttpRequest called"),XMLHttpRequest=function(){var n=new t,g=e;function h(e){g=g.finally((function(){var t;return null===(t=e())||void 0===t?void 0:t.catch(console.error)}))}var p,v,b=this,m=[],w=[],k={},S=new Map,y="",T=!1,I=void 0;function R(e,t){var n=S.get(e);(0,i.logDebugMessage)("XHRInterceptor dispatching ".concat(t.type," to ").concat(n?n.size:0," listeners")),n&&Array.from(n).forEach((function(e){return e.apply(b,[t])}))}function D(){return r(this,void 0,void 0,(function(){var e,n;return o(this,(function(r){switch(r.label){case 0:if(void 0===I)throw new Error("Should never come here..");return(0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: preRequestLSS "+I.status),[4,(0,s.onUnauthorisedResponse)(I)];case 1:if("RETRY"!==(e=r.sent()).result){if((0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: Not retrying original request "+!!e.error),void 0!==e.error)throw e.error;return[2,!0]}return(0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: Retrying original request"),n=new t,M(b,n,!0),m.forEach((function(e){e(n)})),A(n,v),[2,!1]}}))}))}function E(e){return r(this,void 0,void 0,(function(){var t,n,r,a;return o(this,(function(o){switch(o.label){case 0:if(T)return(0,i.logDebugMessage)("XHRInterceptor.handleResponse: Returning without interception"),[2,!0];o.label=1;case 1:o.trys.push([1,14,,18]),o.label=2;case 2:return o.trys.push([2,,8,13]),(0,i.logDebugMessage)("XHRInterceptor.handleResponse: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_RESPONSE),t=e.status,n=function(e){return new Headers(e.getAllResponseHeaders().split("\r\n").map((function(e){var t=e.indexOf(": ");return-1===t?["",""]:[e.slice(0,t),e.slice(t+2)]})).filter((function(e){return 0!==e[0].length})))}(e),[4,f(n)];case 3:return o.sent(),(0,s.fireSessionUpdateEventsIfNecessary)("EXISTS"===I.status,t,n.get("front-token")),t!==s.default.config.sessionExpiredStatusCode?[3,5]:((0,i.logDebugMessage)("responseInterceptor: Status code is: "+t),[4,D()]);case 4:return[2,o.sent()];case 5:return t!==s.default.config.invalidClaimStatusCode?[3,7]:[4,(0,s.onInvalidClaimResponse)({data:JSON.parse(e.responseText)})];case 6:o.sent(),o.label=7;case 7:return[2,!0];case 8:return(0,i.logDebugMessage)("XHRInterceptor.handleResponse: doFinallyCheck running"),[4,(0,s.getLocalSessionState)(!1)];case 9:return"EXISTS"===o.sent().status?[3,12]:((0,i.logDebugMessage)("XHRInterceptor.handleResponse: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,s.AntiCsrfToken.removeToken()]);case 10:return o.sent(),[4,s.FrontToken.removeToken()];case 11:o.sent(),o.label=12;case 12:return[7];case 13:return[3,18];case 14:return r=o.sent(),(0,i.logDebugMessage)("XHRInterceptor.handleResponse: caught error"),void 0===r.status?[3,16]:[4,l(r)];case 15:if(a=o.sent(),k.status=a.status,k.statusText=a.statusText,k.responseType=a.responseType,p=a.headers,"json"===a.responseType)try{k.response=JSON.parse(a.responseText)}catch(e){k.response=a.responseText}else k.response=a.responseText;return k.responseText=a.responseText,[3,17];case 16:R("error",new Event("error")),o.label=17;case 17:return[2,!0];case 18:return[2]}}))}))}b.onload=null,b.onreadystatechange=null,b.onloadend=null,b.addEventListener=function(e,t,n){var r=S.get(e);void 0===r&&(r=new Set,S.set(e,r)),r.add(t)},b.removeEventListener=function(e,t){var n=S.get(e);void 0===n&&(n=new Set,S.set(e,n)),n.delete(t)},b.open=function(e,t){(0,i.logDebugMessage)("XHRInterceptor.open called");var r=arguments;y=t;try{T="string"==typeof y&&!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(y,s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)||"string"!=typeof y&&!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(y.toString(),s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,i.logDebugMessage)("XHRInterceptor.open: Trying shouldDoInterceptionBasedOnUrl with location.origin"),T=!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(a.default.getReferenceOrThrow().windowHandler.location.getOrigin(),s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)}h((function(){m.push((function(e){e.open.apply(e,r)})),n.open.apply(n,r)}))},b.send=function(e){A(n,v=e)},b.setRequestHeader=function(e,t){var a=this;(0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: Called with ".concat(e)),T?h((function(){return n.setRequestHeader(e,t)})):"anti-csrf"!==e&&h((function(){return r(a,void 0,void 0,(function(){var r,a;return o(this,(function(o){switch(o.label){case 0:return"authorization"!==e.toLowerCase()?[3,3]:((0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: checking if user provided auth header matches local token"),[4,(0,s.getTokenForHeaderAuth)("access")]);case 1:return r=o.sent(),[4,(0,s.getTokenForHeaderAuth)("refresh")];case 2:if(a=o.sent(),void 0!==r&&void 0!==a&&t==="Bearer ".concat(r))return(0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: skipping Authorization from user provided headers because it contains our access token"),[2];o.label=3;case 3:return m.push((function(n){n.setRequestHeader(e,t)})),w.push({name:e,value:t}),n.setRequestHeader(e,t),[2]}}))}))}))};var x=void 0;function M(e,n,r){var o,s=["load","loadend","readystatechange"];(0,i.logDebugMessage)("XHRInterceptor.setUpXHR called");for(var a=function(e){(0,i.logDebugMessage)("XHRInterceptor added listener for event ".concat(e)),n.addEventListener(e,(function(t){(0,i.logDebugMessage)("XHRInterceptor got event ".concat(e)),s.includes(e)||R(e,t)}))},u=0,l=c;u<l.length;u++)a(l[u]);if(n.onload=function(t){void 0===o&&(o=E(n)),o.then((function(n){n&&(e.onload&&e.onload(t),R("load",t))}))},n.onreadystatechange=function(r){n.readyState===t.DONE?(void 0===o&&(o=E(n)),o.then((function(t){t&&(e.onreadystatechange&&e.onreadystatechange(r),R("readystatechange",r))}))):(e.onreadystatechange&&e.onreadystatechange(r),R("readystatechange",r))},n.onloadend=function(t){void 0===o&&(o=E(n)),o.then((function(n){n&&(e.onloadend&&e.onloadend(t),R("loadend",t))}))},e.getAllResponseHeaders=function(){var e;return p?(e="",p.forEach((function(t,n){return e+="".concat(n,": ").concat(t,"\r\n")}))):e=n.getAllResponseHeaders(),e+"x-supertokens-xhr-intercepted: true\r\n"},e.getResponseHeader=function(e){return"x-supertokens-xhr-intercepted"===e?"true":p?p.get(e):n.getResponseHeader(e)},void 0===x)for(var d in x=[],n)d in e||x.push(d);for(var f=function(t){"function"==typeof n[t]?Object.defineProperty(e,t,{configurable:!0,value:function(){var e=arguments;return r||m.push((function(n){n[t].apply(n,e)})),n[t].apply(n,e)}}):Object.defineProperty(e,t,{configurable:!0,get:function(){return void 0!==k[t]?k[t]:n[t]},set:function(e){r||m.push((function(n){n[t]=e})),(0,i.logDebugMessage)("XHRInterceptor.set[".concat(t,"] = ").concat(e)),n[t]=e}})},g=0,h=x;g<h.length;g++)f(d=h[g])}function A(e,t){var n=this;if((0,i.logDebugMessage)("XHRInterceptor.send: called"),(0,i.logDebugMessage)("XHRInterceptor.send: Value of doNotDoInterception: "+T),T)return(0,i.logDebugMessage)("XHRInterceptor.send: Returning without interception"),void h((function(){return e.send(t)}));(0,i.logDebugMessage)("XHRInterceptor.send: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),h((function(){return r(n,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return[4,(0,s.getLocalSessionState)(!0)];case 1:return"EXISTS"!==(I=o.sent()).status?[3,3]:[4,s.AntiCsrfToken.getToken(I.lastAccessTokenUpdate)];case 2:void 0!==(n=o.sent())&&((0,i.logDebugMessage)("XHRInterceptor.send: Adding anti-csrf token to request"),e.setRequestHeader("anti-csrf",n)),o.label=3;case 3:return s.default.config.autoAddCredentials&&((0,i.logDebugMessage)("XHRInterceptor.send: Adding credentials include"),b.withCredentials=!0),w.some((function(e){return"rid"===e.name}))?(0,i.logDebugMessage)("XHRInterceptor.send: rid header was already there in request"):((0,i.logDebugMessage)("XHRInterceptor.send: Adding rid header: anti-csrf"),e.setRequestHeader("rid","anti-csrf")),r=s.default.config.tokenTransferMethod,w.some((function(e){return"st-auth-mode"===e.name}))?(0,i.logDebugMessage)("XHRInterceptor.send: st-auth-mode header was already there in request"):((0,i.logDebugMessage)("XHRInterceptor.send: Adding st-auth-mode header: "+r),e.setRequestHeader("st-auth-mode",r)),[4,d(e,w)];case 4:return o.sent(),(0,i.logDebugMessage)("XHRInterceptor.send: Making user's http call"),[2,e.send(t)]}}))}))}))}M(b,n,!1)},XMLHttpRequest.__interceptedBySuperTokens=!0,XMLHttpRequest.__original=t}},895:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){e.done?o(e.value):new n((function(t){t(e.value)})).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}},s=this;Object.defineProperty(t,"__esModule",{value:!0});var i=n(142),a="browser-tabs-lock-key",u={key:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},getItem:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},clear:function(){return r(s,void 0,void 0,(function(){return o(this,(function(e){return[2,window.localStorage.clear()]}))}))},removeItem:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},setItem:function(e,t){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},keySync:function(e){return window.localStorage.key(e)},getItemSync:function(e){return window.localStorage.getItem(e)},clearSync:function(){return window.localStorage.clear()},removeItemSync:function(e){return window.localStorage.removeItem(e)},setItemSync:function(e,t){return window.localStorage.setItem(e,t)}};function c(e){return new Promise((function(t){return setTimeout(t,e)}))}function l(e){for(var t="0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz",n="",r=0;r<e;r++)n+=t[Math.floor(Math.random()*t.length)];return n}var d=function(){function e(t){this.acquiredIatSet=new Set,this.storageHandler=void 0,this.id=Date.now().toString()+l(15),this.acquireLock=this.acquireLock.bind(this),this.releaseLock=this.releaseLock.bind(this),this.releaseLock__private__=this.releaseLock__private__.bind(this),this.waitForSomethingToChange=this.waitForSomethingToChange.bind(this),this.refreshLockWhileAcquired=this.refreshLockWhileAcquired.bind(this),this.storageHandler=t,void 0===e.waiters&&(e.waiters=[])}return e.prototype.acquireLock=function(t,n){return void 0===n&&(n=5e3),r(this,void 0,void 0,(function(){var r,s,i,d,f,g,h;return o(this,(function(o){switch(o.label){case 0:r=Date.now()+l(4),s=Date.now()+n,i=a+"-"+t,d=void 0===this.storageHandler?u:this.storageHandler,o.label=1;case 1:return Date.now()<s?[4,c(30)]:[3,8];case 2:return o.sent(),null!==d.getItemSync(i)?[3,5]:(f=this.id+"-"+t+"-"+r,[4,c(Math.floor(25*Math.random()))]);case 3:return o.sent(),d.setItemSync(i,JSON.stringify({id:this.id,iat:r,timeoutKey:f,timeAcquired:Date.now(),timeRefreshed:Date.now()})),[4,c(30)];case 4:return o.sent(),null!==(g=d.getItemSync(i))&&(h=JSON.parse(g)).id===this.id&&h.iat===r?(this.acquiredIatSet.add(r),this.refreshLockWhileAcquired(i,r),[2,!0]):[3,7];case 5:return e.lockCorrector(void 0===this.storageHandler?u:this.storageHandler),[4,this.waitForSomethingToChange(s)];case 6:o.sent(),o.label=7;case 7:return r=Date.now()+l(4),[3,1];case 8:return[2,!1]}}))}))},e.prototype.refreshLockWhileAcquired=function(e,t){return r(this,void 0,void 0,(function(){var n=this;return o(this,(function(s){return setTimeout((function(){return r(n,void 0,void 0,(function(){var n,r,s;return o(this,(function(o){switch(o.label){case 0:return[4,i.default().lock(t)];case 1:return o.sent(),this.acquiredIatSet.has(t)?(n=void 0===this.storageHandler?u:this.storageHandler,null===(r=n.getItemSync(e))?(i.default().unlock(t),[2]):((s=JSON.parse(r)).timeRefreshed=Date.now(),n.setItemSync(e,JSON.stringify(s)),i.default().unlock(t),this.refreshLockWhileAcquired(e,t),[2])):(i.default().unlock(t),[2])}}))}))}),1e3),[2]}))}))},e.prototype.waitForSomethingToChange=function(t){return r(this,void 0,void 0,(function(){return o(this,(function(n){switch(n.label){case 0:return[4,new Promise((function(n){var r=!1,o=Date.now(),s=!1;function i(){if(s||(window.removeEventListener("storage",i),e.removeFromWaiting(i),clearTimeout(a),s=!0),!r){r=!0;var t=50-(Date.now()-o);t>0?setTimeout(n,t):n(null)}}window.addEventListener("storage",i),e.addToWaiting(i);var a=setTimeout(i,Math.max(0,t-Date.now()))}))];case 1:return n.sent(),[2]}}))}))},e.addToWaiting=function(t){this.removeFromWaiting(t),void 0!==e.waiters&&e.waiters.push(t)},e.removeFromWaiting=function(t){void 0!==e.waiters&&(e.waiters=e.waiters.filter((function(e){return e!==t})))},e.notifyWaiters=function(){void 0!==e.waiters&&e.waiters.slice().forEach((function(e){return e()}))},e.prototype.releaseLock=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){switch(t.label){case 0:return[4,this.releaseLock__private__(e)];case 1:return[2,t.sent()]}}))}))},e.prototype.releaseLock__private__=function(t){return r(this,void 0,void 0,(function(){var n,r,s,c;return o(this,(function(o){switch(o.label){case 0:return n=void 0===this.storageHandler?u:this.storageHandler,r=a+"-"+t,null===(s=n.getItemSync(r))?[2]:(c=JSON.parse(s)).id!==this.id?[3,2]:[4,i.default().lock(c.iat)];case 1:o.sent(),this.acquiredIatSet.delete(c.iat),n.removeItemSync(r),i.default().unlock(c.iat),e.notifyWaiters(),o.label=2;case 2:return[2]}}))}))},e.lockCorrector=function(t){for(var n=Date.now()-5e3,r=t,o=[],s=0;;){var i=r.keySync(s);if(null===i)break;o.push(i),s++}for(var u=!1,c=0;c<o.length;c++){var l=o[c];if(l.includes(a)){var d=r.getItemSync(l);if(null!==d){var f=JSON.parse(d);(void 0===f.timeRefreshed&&f.timeAcquired<n||void 0!==f.timeRefreshed&&f.timeRefreshed<n)&&(r.removeItemSync(l),u=!0)}}}u&&e.notifyWaiters()},e.waiters=void 0,e}();t.default=d},142:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});var n=function(){function e(){var e=this;this.locked=new Map,this.addToLocked=function(t,n){var r=e.locked.get(t);void 0===r?void 0===n?e.locked.set(t,[]):e.locked.set(t,[n]):void 0!==n&&(r.unshift(n),e.locked.set(t,r))},this.isLocked=function(t){return e.locked.has(t)},this.lock=function(t){return new Promise((function(n,r){e.isLocked(t)?e.addToLocked(t,n):(e.addToLocked(t),n())}))},this.unlock=function(t){var n=e.locked.get(t);if(void 0!==n&&0!==n.length){var r=n.pop();e.locked.set(t,n),void 0!==r&&setTimeout(r,0)}else e.locked.delete(t)}}return e.getInstance=function(){return void 0===e.instance&&(e.instance=new e),e.instance},e}();t.default=function(){return n.getInstance()}},225:function(e,t){var n=this&&this.__assign||function(){return n=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},n.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.getProxyObject=void 0,t.getProxyObject=function(e){for(var t=n(n({},e),{_call:function(e,t){throw new Error("This function should only be called through the recipe object")}}),r=function(e){"_call"!==e&&(t[e]=function(){for(var t=[],n=0;n<arguments.length;n++)t[n]=arguments[n];return this._call(e,t)})},o=0,s=Object.keys(t);o<s.length;o++)r(s[o]);return t}},333:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OverrideableBuilder=void 0;var r=n(225),o=function(){function e(e){this.layers=[e],this.proxies=[]}return e.prototype.override=function(e){for(var t=(0,r.getProxyObject)(this.layers[0]),n=e(t,this),o=0,s=Object.keys(this.layers[0]);o<s.length;o++){var i=s[o];n[i]===t[i]||"_call"===i?delete n[i]:void 0===n[i]&&(n[i]=null)}return this.layers.push(n),this.proxies.push(t),this},e.prototype.build=function(){var e=this;if(this.result)return this.result;this.result={};for(var t=0,n=this.layers;t<n.length;t++)for(var r=n[t],o=0,s=Object.keys(r);o<s.length;o++){var i=s[o],a=r[i];void 0!==a&&(this.result[i]=null===a?void 0:"function"==typeof a?a.bind(this.result):a)}for(var u=function(t){c.proxies[t]._call=function(n,r){for(var o=t;o>=0;--o){var s=e.layers[o][n];if(null!=s)return s.bind(e.result).apply(void 0,r)}}},c=this,l=0;l<this.proxies.length;++l)u(l);return this.result},e}();t.OverrideableBuilder=o,t.default=o}},t={};function n(r){var o=t[r];if(void 0!==o)return o.exports;var s=t[r]={exports:{}};return e[r].call(s.exports,s,s.exports,n),s.exports}n.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}();var r=n(280);supertokens=r})();
\ No newline at end of file
+var supertokens;(()=>{"use strict";var e={759:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.responseErrorInterceptor=t.responseInterceptor=t.interceptorFunctionRequestFulfilled=void 0;var i=n(600),a=n(379),u=n(743),c=n(958),l=n(845);function d(e){var t=void 0===e.url?"":e.url,n=e.baseURL;return void 0!==n&&(t="/"===t.charAt(0)&&"/"===n.charAt(n.length-1)?n+t.substr(1):"/"!==t.charAt(0)&&"/"!==n.charAt(n.length-1)?n+"/"+t:n+t),t}t.interceptorFunctionRequestFulfilled=function(e){return o(this,void 0,void 0,(function(){var t,n,o,i,f,h;return s(this,(function(s){switch(s.label){case 0:(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: started axios interception"),t=d(e),n=!1;try{n="string"==typeof t&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(t,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Trying shouldDoInterceptionBasedOnUrl with location.origin"),n=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)}return(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Value of doNotDoInterception: "+n),n?((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Returning config unchanged"),[2,e]):((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Modifying config"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),[4,(0,a.getLocalSessionState)(!0)]);case 1:return o=s.sent(),i=e,"EXISTS"!==o.status?[3,3]:[4,a.AntiCsrfToken.getToken(o.lastAccessTokenUpdate)];case 2:void 0!==(f=s.sent())&&((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding anti-csrf token to request"),i=r(r({},i),{headers:void 0===i?{"anti-csrf":f}:r(r({},i.headers),{"anti-csrf":f})})),s.label=3;case 3:return a.default.config.autoAddCredentials&&void 0===i.withCredentials&&((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding credentials include"),i=r(r({},i),{withCredentials:!0})),(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding rid header: anti-csrf (it may be overriden by the user's provided rid)"),i=r(r({},i),{headers:void 0===i?{rid:"anti-csrf"}:r({rid:"anti-csrf"},i.headers)}),h=a.default.config.tokenTransferMethod,(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding st-auth-mode header: "+h),i.headers["st-auth-mode"]=h,[4,p(i)];case 4:return[4,g(i=s.sent())];case 5:return s.sent(),(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: returning modified config"),[2,i]}}))}))},t.responseInterceptor=function(e){var t=this;return function(n){return o(t,void 0,void 0,(function(){var t,r,o,i,g;return s(this,(function(s){switch(s.label){case 0:t=!1,s.label=1;case 1:if(s.trys.push([1,,8,14]),!a.default.initCalled)throw new Error("init function not called");(0,l.logDebugMessage)("responseInterceptor: started"),(0,l.logDebugMessage)("responseInterceptor: already intercepted: "+n.headers["x-supertokens-xhr-intercepted"]),r=d(n.config);try{t="string"==typeof r&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(r,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)||!!n.headers["x-supertokens-xhr-intercepted"]}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("responseInterceptor: Trying shouldDoInterceptionBasedOnUrl with location.origin"),t=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)||!!n.headers["x-supertokens-xhr-intercepted"]}return(0,l.logDebugMessage)("responseInterceptor: Value of doNotDoInterception: "+t),t?((0,l.logDebugMessage)("responseInterceptor: Returning without interception"),[2,n]):((0,l.logDebugMessage)("responseInterceptor: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_RESPONSE),[4,(0,a.getLocalSessionState)(!1)]);case 2:return o=s.sent(),[4,h(n)];case 3:return s.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===o.status,n.status,n.headers["front-token"]),n.status!==a.default.config.sessionExpiredStatusCode?[3,4]:((0,l.logDebugMessage)("responseInterceptor: Status code is: "+n.status),i=n.config,[2,f.doRequest((function(t){return e(t)}),i,r,n,void 0,!0)]);case 4:return n.status!==a.default.config.invalidClaimStatusCode?[3,6]:[4,(0,a.onInvalidClaimResponse)(n)];case 5:s.sent(),s.label=6;case 6:return[2,n];case 7:return[3,14];case 8:return(g=!t)?[4,(0,a.getLocalSessionState)(!0)]:[3,10];case 9:g=!("EXISTS"===s.sent().status),s.label=10;case 10:return g?((0,l.logDebugMessage)("responseInterceptor: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,a.AntiCsrfToken.removeToken()]):[3,13];case 11:return s.sent(),[4,a.FrontToken.removeToken()];case 12:s.sent(),s.label=13;case 13:return[7];case 14:return[2]}}))}))}},t.responseErrorInterceptor=function(e){var t=this;return function(n){return o(t,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:if((0,l.logDebugMessage)("responseErrorInterceptor: called"),(0,l.logDebugMessage)("responseErrorInterceptor: already intercepted: "+(n.response&&n.response.headers["x-supertokens-xhr-intercepted"])),n.response.headers["x-supertokens-xhr-intercepted"])throw n;return void 0===n.response||n.response.status!==a.default.config.sessionExpiredStatusCode?[3,1]:((0,l.logDebugMessage)("responseErrorInterceptor: Status code is: "+n.response.status),t=n.config,[2,f.doRequest((function(t){return e(t)}),t,d(t),void 0,n,!0)]);case 1:return void 0===n.response||n.response.status!==a.default.config.invalidClaimStatusCode?[3,3]:[4,(0,a.onInvalidClaimResponse)(n.response)];case 2:r.sent(),r.label=3;case 3:throw n}}))}))}};var f=function(){function e(){}var t;return t=e,e.doRequest=function(e,n,u,d,f,v){return void 0===v&&(v=!1),o(void 0,void 0,void 0,(function(){var o,b,m,w,k,S,y,T,I,R,D,E,x,M;return s(t,(function(t){switch(t.label){case 0:if(!a.default.initCalled)throw Error("init function not called");(0,l.logDebugMessage)("doRequest: called"),o=!1;try{o="string"==typeof u&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(u,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)&&v}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("doRequest: Trying shouldDoInterceptionBasedOnUrl with location.origin"),o=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)&&v}if((0,l.logDebugMessage)("doRequest: Value of doNotDoInterception: "+o),!o)return[3,2];if((0,l.logDebugMessage)("doRequest: Returning without interception"),void 0!==f)throw f;return void 0!==d?[2,d]:[4,e(n)];case 1:return[2,t.sent()];case 2:return(0,l.logDebugMessage)("doRequest: Interception started"),[4,p(n)];case 3:n=t.sent(),t.label=4;case 4:t.trys.push([4,,40,45]),b=void 0,t.label=5;case 5:return[4,(0,a.getLocalSessionState)(!0)];case 6:return m=t.sent(),w=n,"EXISTS"!==m.status?[3,8]:[4,a.AntiCsrfToken.getToken(m.lastAccessTokenUpdate)];case 7:void 0!==(k=t.sent())&&((0,l.logDebugMessage)("doRequest: Adding anti-csrf token to request"),w=r(r({},w),{headers:void 0===w?{"anti-csrf":k}:r(r({},w.headers),{"anti-csrf":k})})),t.label=8;case 8:return a.default.config.autoAddCredentials&&void 0===w.withCredentials&&((0,l.logDebugMessage)("doRequest: Adding credentials include"),w=r(r({},w),{withCredentials:!0})),(0,l.logDebugMessage)("doRequest: Adding rid header: anti-csrf (May get overriden by user's rid)"),w=r(r({},w),{headers:void 0===w?{rid:"anti-csrf"}:r({rid:"anti-csrf"},w.headers)}),S=a.default.config.tokenTransferMethod,(0,l.logDebugMessage)("doRequest: Adding st-auth-mode header: "+S),w.headers["st-auth-mode"]=S,[4,g(w)];case 9:t.sent(),t.label=10;case 10:if(t.trys.push([10,25,,38]),y=f,T=d,f=void 0,d=void 0,void 0!==y)throw(0,l.logDebugMessage)("doRequest: Not making call because localPrevError is not undefined"),y;return void 0!==T?(0,l.logDebugMessage)("doRequest: Not making call because localPrevResponse is not undefined"):(0,l.logDebugMessage)("doRequest: Making user's http call"),void 0!==T?[3,12]:[4,e(w)];case 11:return I=t.sent(),[3,13];case 12:I=T,t.label=13;case 13:return E=I,(0,l.logDebugMessage)("doRequest: User's http call ended"),[4,h(E)];case 14:return t.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===m.status,E.status,E.headers["front-token"]),E.status!==a.default.config.sessionExpiredStatusCode?[3,21]:((0,l.logDebugMessage)("doRequest: Status code is: "+E.status),[4,(0,a.onUnauthorisedResponse)(m)]);case 15:return"RETRY"===(x=t.sent()).result?[3,20]:((0,l.logDebugMessage)("doRequest: Not retrying original request"),x.error?[4,(0,i.createAxiosErrorFromFetchResp)(x.error)]:[3,17]);case 16:return R=t.sent(),[3,19];case 17:return[4,(0,i.createAxiosErrorFromAxiosResp)(E)];case 18:R=t.sent(),t.label=19;case 19:return b=R,[3,39];case 20:return(0,l.logDebugMessage)("doRequest: Retrying original request"),[3,24];case 21:return E.status!==a.default.config.invalidClaimStatusCode?[3,23]:[4,(0,a.onInvalidClaimResponse)(E)];case 22:t.sent(),t.label=23;case 23:return[2,E];case 24:return[3,38];case 25:return D=t.sent(),void 0===(E=D.response)?[3,36]:[4,h(E)];case 26:return t.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===m.status,E.status,E.headers["front-token"]),E.status!==a.default.config.sessionExpiredStatusCode?[3,32]:((0,l.logDebugMessage)("doRequest: Status code is: "+E.status),[4,(0,a.onUnauthorisedResponse)(m)]);case 27:return"RETRY"===(x=t.sent()).result?[3,31]:((0,l.logDebugMessage)("doRequest: Not retrying original request"),void 0===x.error?[3,29]:[4,(0,i.createAxiosErrorFromFetchResp)(x.error)]);case 28:return M=t.sent(),[3,30];case 29:M=D,t.label=30;case 30:return b=M,[3,39];case 31:return(0,l.logDebugMessage)("doRequest: Retrying original request"),[3,35];case 32:return E.status!==a.default.config.invalidClaimStatusCode?[3,34]:[4,(0,a.onInvalidClaimResponse)(E)];case 33:t.sent(),t.label=34;case 34:throw D;case 35:return[3,37];case 36:throw D;case 37:return[3,38];case 38:return[3,5];case 39:throw b;case 40:return[4,(0,a.getLocalSessionState)(!1)];case 41:return"NOT_EXISTS"!==t.sent().status?[3,44]:((0,l.logDebugMessage)("doRequest: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,a.AntiCsrfToken.removeToken()]);case 42:return t.sent(),[4,a.FrontToken.removeToken()];case 43:t.sent(),t.label=44;case 44:return[7];case 45:return[2]}}))}))},e}();function g(e){return o(this,void 0,void 0,(function(){var t,n;return s(this,(function(o){switch(o.label){case 0:return void 0===e.headers&&(e.headers={}),(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: adding existing tokens as header"),[4,(0,a.getTokenForHeaderAuth)("access")];case 1:return t=o.sent(),[4,(0,a.getTokenForHeaderAuth)("refresh")];case 2:return n=o.sent(),void 0!==t&&void 0!==n?void 0!==e.headers.Authorization||void 0!==e.headers.authorization?(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):((0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.headers=r(r({},e.headers),{Authorization:"Bearer ".concat(t)}),e.__supertokensAddedAuthHeader=!0):(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"),[2]}}))}))}function h(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,u;return s(this,(function(s){switch(s.label){case 0:return(0,l.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response"),void 0===(t=e.headers["st-refresh-token"])?[3,2]:((0,l.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,(0,a.setToken)("refresh",t)]);case 1:s.sent(),s.label=2;case 2:return void 0===(n=e.headers["st-access-token"])?[3,4]:((0,l.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,(0,a.setToken)("access",n)]);case 3:s.sent(),s.label=4;case 4:return void 0===(r=e.headers["front-token"])?[3,6]:((0,l.logDebugMessage)("doRequest: Setting sFrontToken: "+r),[4,a.FrontToken.setItem(r)]);case 5:s.sent(),o=new Headers,Object.entries(e.headers).forEach((function(e){var t=e[0],n=e[1];Array.isArray(n)?n.forEach((function(e){return o.append(t,e)})):o.append(t,n)})),(0,a.updateClockSkewUsingFrontToken)({frontToken:r,responseHeaders:o}),s.label=6;case 6:return void 0===(i=e.headers["anti-csrf"])?[3,9]:[4,(0,a.getLocalSessionState)(!0)];case 7:return"EXISTS"!==(u=s.sent()).status?[3,9]:((0,l.logDebugMessage)("doRequest: Setting anti-csrf token"),[4,a.AntiCsrfToken.setItem(u.lastAccessTokenUpdate,i)]);case 8:s.sent(),s.label=9;case 9:return[2]}}))}))}function p(e){return o(this,void 0,void 0,(function(){var t,n,o,i;return s(this,(function(s){switch(s.label){case 0:return[4,(0,a.getTokenForHeaderAuth)("access")];case 1:return t=s.sent(),[4,(0,a.getTokenForHeaderAuth)("refresh")];case 2:return n=s.sent(),o=e.headers.Authorization||e.headers.authorization,void 0===t||void 0===n||o!=="Bearer ".concat(t)&&!("__supertokensAddedAuthHeader"in e)?[2,e]:((0,l.logDebugMessage)("removeAuthHeaderIfMatchesLocalToken: Removing Authorization from user provided headers because it contains our access token"),delete(i=r(r({},e),{headers:r({},e.headers)})).headers.authorization,delete i.headers.Authorization,[2,i])}}))}))}t.default=f},600:function(e,t){var n=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},r=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};function o(e,t,n,r,o){return e.config=t,n&&(e.code=n),e.request=r,e.response=o,e.isAxiosError=!0,e.toJSON=function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:this.config,code:this.code}},e}Object.defineProperty(t,"__esModule",{value:!0}),t.createAxiosErrorFromAxiosResp=t.createAxiosErrorFromFetchResp=void 0,t.createAxiosErrorFromFetchResp=function(e){return n(this,void 0,void 0,(function(){var t,n,s,i;return r(this,(function(r){switch(r.label){case 0:if(t={url:e.url,headers:e.headers},null!==(n=e.headers.get("content-type")))return[3,5];r.label=1;case 1:return r.trys.push([1,3,,4]),[4,e.text()];case 2:return s=r.sent(),[3,4];case 3:return r.sent(),s="",[3,4];case 4:return[3,11];case 5:return n.includes("application/json")?[4,e.json()]:[3,7];case 6:return s=r.sent(),[3,11];case 7:return n.includes("text/")?[4,e.text()]:[3,9];case 8:return s=r.sent(),[3,11];case 9:return[4,e.blob()];case 10:s=r.sent(),r.label=11;case 11:return i={data:s,status:e.status,statusText:e.statusText,headers:e.headers,config:t,request:void 0},[2,o(new Error("Request failed with status code "+e.status),t,void 0,void 0,i)]}}))}))},t.createAxiosErrorFromAxiosResp=function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o(new Error("Request failed with status code "+e.status),e.config,void 0,e.request,e)]}))}))}},280:function(e,t,n){var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){void 0===r&&(r=n);var o=Object.getOwnPropertyDescriptor(t,n);o&&!("get"in o?!t.__esModule:o.writable||o.configurable)||(o={enumerable:!0,get:function(){return t[n]}}),Object.defineProperty(e,r,o)}:function(e,t,n,r){void 0===r&&(r=n),e[r]=t[n]}),o=this&&this.__exportStar||function(e,t){for(var n in e)"default"===n||Object.prototype.hasOwnProperty.call(t,n)||r(t,e,n)};Object.defineProperty(t,"__esModule",{value:!0}),o(n(569),t)},491:function(e,t,n){var r,o=this&&this.__extends||(r=function(e,t){return r=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},r(e,t)},function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}r(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}),s=this&&this.__assign||function(){return s=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},s.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.BooleanClaim=void 0;var i=function(e){function t(t){var n=e.call(this,t)||this;return n.validators=s(s({},n.validators),{isTrue:function(e){return n.validators.hasValue(!0,e)},isFalse:function(e){return n.validators.hasValue(!1,e)}}),n}return o(t,e),t}(n(911).PrimitiveClaim);t.BooleanClaim=i},748:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.PrimitiveArrayClaim=void 0;var s=n(671),i=function(){function e(e){var t=this;this.validators={includes:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:t.includes(e)?[2,{isValid:!0}]:[2,{isValid:!1,reason:{message:"wrong value",expectedToInclude:e,actualValue:t}}])}))}))}}},excludes:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToNotInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:t.includes(e)?[2,{isValid:!1,reason:{message:"wrong value",expectedToNotInclude:e,actualValue:t}}]:[2,{isValid:!0}])}))}))}}},includesAll:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.every((function(e){return u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToInclude:e,actualValue:t}}]))}))}))}}},includesAny:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.some((function(e){return u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToIncludeAtLeastOneOf:e,actualValue:t}}]))}))}))}}},excludesAll:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<a.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(a.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToNotInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.every((function(e){return!u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToNotInclude:e,actualValue:t}}]))}))}))}}}},this.id=e.id,this.refresh=e.refresh,this.defaultMaxAgeInSeconds=e.defaultMaxAgeInSeconds}return e.prototype.getValueFromPayload=function(e,t){return void 0!==e[this.id]?e[this.id].v:void 0},e.prototype.getLastFetchedTime=function(e,t){return void 0!==e[this.id]?e[this.id].t:void 0},e}();t.PrimitiveArrayClaim=i},911:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.PrimitiveClaim=void 0;var r=n(671),o=function(){function e(e){var t=this;this.validators={hasValue:function(e,n,o){void 0===n&&(n=t.defaultMaxAgeInSeconds);var s=r.default.getReferenceOrThrow().dateProvider;return{id:void 0!==o?o:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){if(void 0!==n&&n<s.getThresholdInSeconds())throw new Error("maxAgeInSeconds must be greater than or equal to the DateProvider threshold value -> ".concat(s.getThresholdInSeconds()));return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<s.now()-1e3*n},validate:function(r,o){var i=t.getValueFromPayload(r,o);if(void 0===i)return{isValid:!1,reason:{message:"value does not exist",expectedValue:e,actualValue:i}};var a=(s.now()-t.getLastFetchedTime(r,o))/1e3;return void 0!==n&&a>n?{isValid:!1,reason:{message:"expired",ageInSeconds:a,maxAgeInSeconds:n}}:i!==e?{isValid:!1,reason:{message:"wrong value",expectedValue:e,actualValue:i}}:{isValid:!0}}}}},this.id=e.id,this.refresh=e.refresh,this.defaultMaxAgeInSeconds=e.defaultMaxAgeInSeconds}return e.prototype.getValueFromPayload=function(e,t){return void 0!==e[this.id]?e[this.id].v:void 0},e.prototype.getLastFetchedTime=function(e,t){return void 0!==e[this.id]?e[this.id].t:void 0},e}();t.PrimitiveClaim=o},173:function(e,t){var n,r=this&&this.__extends||(n=function(e,t){return n=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},n(e,t)},function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}n(e,t),e.prototype=null===t?Object.create(t):(r.prototype=t.prototype,new r)});Object.defineProperty(t,"__esModule",{value:!0}),t.STGeneralError=void 0;var o=function(e){function t(t){var n=e.call(this,t)||this;return n.isSuperTokensGeneralError=!0,n}return r(t,e),t.isThisError=function(e){return!0===e.isSuperTokensGeneralError},t}(Error);t.STGeneralError=o},379:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.updateClockSkewUsingFrontToken=t.fireSessionUpdateEventsIfNecessary=t.setFrontToken=t.getFrontToken=t.setAntiCSRF=t.saveLastAccessTokenUpdate=t.getTokenForHeaderAuth=t.setToken=t.getStorageNameForToken=t.getLocalSessionState=t.onInvalidClaimResponse=t.onTokenUpdate=t.onUnauthorisedResponse=t.FrontToken=t.AntiCsrfToken=void 0;var i=n(743),a=n(255),u=n(501),c=n(958),l=n(941),d=n(845),f=n(671),g=function(){function e(){}return e.getToken=function(t){return o(this,void 0,void 0,(function(){var n;return s(this,(function(r){switch(r.label){case 0:return(0,d.logDebugMessage)("AntiCsrfToken.getToken: called"),void 0===t?(e.tokenInfo=void 0,(0,d.logDebugMessage)("AntiCsrfToken.getToken: returning undefined"),[2,void 0]):void 0!==e.tokenInfo?[3,2]:[4,C()];case 1:return null===(n=r.sent())?((0,d.logDebugMessage)("AntiCsrfToken.getToken: returning undefined"),[2,void 0]):(e.tokenInfo={antiCsrf:n,associatedAccessTokenUpdate:t},[3,4]);case 2:return e.tokenInfo.associatedAccessTokenUpdate===t?[3,4]:(e.tokenInfo=void 0,[4,e.getToken(t)]);case 3:return[2,r.sent()];case 4:return(0,d.logDebugMessage)("AntiCsrfToken.getToken: returning: "+e.tokenInfo.antiCsrf),[2,e.tokenInfo.antiCsrf]}}))}))},e.removeToken=function(){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("AntiCsrfToken.removeToken: called"),e.tokenInfo=void 0,[4,_(void 0)];case 1:return t.sent(),[2]}}))}))},e.setItem=function(t,n){return o(this,void 0,void 0,(function(){return s(this,(function(r){switch(r.label){case 0:return void 0===t?(e.tokenInfo=void 0,[2]):((0,d.logDebugMessage)("AntiCsrfToken.setItem: called"),[4,_(n)]);case 1:return r.sent(),e.tokenInfo={antiCsrf:n,associatedAccessTokenUpdate:t},[2]}}))}))},e}();t.AntiCsrfToken=g;var h=function(){function e(){}return e.getTokenInfo=function(){return o(this,void 0,void 0,(function(){var t,n;return s(this,(function(r){switch(r.label){case 0:return(0,d.logDebugMessage)("FrontToken.getTokenInfo: called"),[4,H()];case 1:return null!==(t=r.sent())?[3,5]:[4,y(!1)];case 2:return"EXISTS"!==r.sent().status?[3,4]:[4,new Promise((function(t){e.waiters.push(t)}))];case 3:return r.sent(),[2,e.getTokenInfo()];case 4:return[2,void 0];case 5:return n=P(t),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning ate: "+n.ate),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning uid: "+n.uid),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning up: "+n.up),[2,n]}}))}))},e.removeToken=function(){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("FrontToken.removeToken: called"),[4,F(void 0)];case 1:return t.sent(),[4,I("access","")];case 2:return t.sent(),[4,I("refresh","")];case 3:return t.sent(),e.waiters.forEach((function(e){return e(void 0)})),e.waiters=[],[2]}}))}))},e.setItem=function(t){return o(this,void 0,void 0,(function(){return s(this,(function(n){switch(n.label){case 0:return[4,A()];case 1:return n.sent(),"remove"===t?[2,e.removeToken()]:((0,d.logDebugMessage)("FrontToken.setItem: called"),[4,F(t)]);case 2:return n.sent(),e.waiters.forEach((function(e){return e(void 0)})),e.waiters=[],[2]}}))}))},e.doesTokenExists=function(){return o(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,O()];case 1:return[2,null!==e.sent()]}}))}))},e.waiters=[],e}();t.FrontToken=h;var p=function(){function e(){}var t;return e.init=function(t,r){(0,d.logDebugMessage)("init: called"),(0,d.logDebugMessage)("init: Input apiBasePath: "+t.apiBasePath),(0,d.logDebugMessage)("init: Input apiDomain: "+t.apiDomain),(0,d.logDebugMessage)("init: Input autoAddCredentials: "+t.autoAddCredentials),(0,d.logDebugMessage)("init: Input sessionTokenBackendDomain: "+t.sessionTokenBackendDomain),(0,d.logDebugMessage)("init: Input isInIframe: "+t.isInIframe),(0,d.logDebugMessage)("init: Input sessionExpiredStatusCode: "+t.sessionExpiredStatusCode),(0,d.logDebugMessage)("init: Input sessionTokenFrontendDomain: "+t.sessionTokenFrontendDomain),(0,d.logDebugMessage)("init: Input tokenTransferMethod: "+t.tokenTransferMethod);var o=c.default.getReferenceOrThrow().windowHandler.getWindowUnsafe();e.env=void 0===o||void 0===o.fetch?n.g:o,e.refreshTokenUrl=t.apiDomain+t.apiBasePath+"/session/refresh",e.signOutUrl=t.apiDomain+t.apiBasePath+"/signout",e.rid="session",e.config=t,void 0===e.env.__supertokensOriginalFetch&&((0,d.logDebugMessage)("init: __supertokensOriginalFetch is undefined"),e.env.__supertokensOriginalFetch=e.env.fetch.bind(e.env),e.env.__supertokensSessionRecipe=r,e.env.fetch=e.env.__supertokensSessionRecipe.addFetchInterceptorsAndReturnModifiedFetch({originalFetch:e.env.__supertokensOriginalFetch,userContext:{}}),e.env.__supertokensSessionRecipe.addXMLHttpRequestInterceptor({userContext:{}})),e.recipeImpl=e.env.__supertokensSessionRecipe,e.initCalled=!0},t=e,e.initCalled=!1,e.doRequest=function(n,a,u){return o(void 0,void 0,void 0,(function(){var o,l,f,p,v,b,m,k,T,I,R,E,A;return s(t,(function(t){switch(t.label){case 0:if(!e.initCalled)throw Error("init function not called");(0,d.logDebugMessage)("doRequest: start of fetch interception"),o=!1;try{l=void 0,"string"==typeof u?l=u:"object"==typeof u&&("string"==typeof u.url?l=u.url:"string"==typeof u.href&&(l=u.href)),o=!e.recipeImpl.shouldDoInterceptionBasedOnUrl(l,e.config.apiDomain,e.config.sessionTokenBackendDomain)}catch(t){if("Please provide a valid domain name"!==t.message)throw t;(0,d.logDebugMessage)("doRequest: Trying shouldDoInterceptionBasedOnUrl with location.origin"),o=!e.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),e.config.apiDomain,e.config.sessionTokenBackendDomain)}return(0,d.logDebugMessage)("doRequest: Value of doNotDoInterception: "+o),o?((0,d.logDebugMessage)("doRequest: Returning without interception"),[4,n(a)]):[3,2];case 1:return[2,t.sent()];case 2:return(f=new Headers(void 0!==a&&void 0!==a.headers?a.headers:u.headers)).has("Authorization")?[4,D("access")]:[3,5];case 3:return p=t.sent(),[4,D("refresh")];case 4:v=t.sent(),void 0!==p&&void 0!==v&&f.get("Authorization")==="Bearer ".concat(p)&&((0,d.logDebugMessage)("doRequest: Removing Authorization from user provided headers because it contains our access token"),f.delete("Authorization")),t.label=5;case 5:(0,d.logDebugMessage)("doRequest: Interception started"),i.ProcessState.getInstance().addState(i.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),t.label=6;case 6:t.trys.push([6,,20,25]),b=void 0,t.label=7;case 7:return[4,y(!0)];case 8:return m=t.sent(),k=new Headers(f),T=r(r({},a),{headers:k}),"EXISTS"!==m.status?[3,10]:[4,g.getToken(m.lastAccessTokenUpdate)];case 9:void 0!==(I=t.sent())&&((0,d.logDebugMessage)("doRequest: Adding anti-csrf token to request"),k.set("anti-csrf",I)),t.label=10;case 10:return e.config.autoAddCredentials&&((0,d.logDebugMessage)("doRequest: Adding credentials include"),void 0===T?T={credentials:"include"}:void 0===T.credentials&&(T=r(r({},T),{credentials:"include"}))),k.has("rid")?(0,d.logDebugMessage)("doRequest: rid header was already there in request"):((0,d.logDebugMessage)("doRequest: Adding rid header: anti-csrf"),k.set("rid","anti-csrf")),R=e.config.tokenTransferMethod,(0,d.logDebugMessage)("doRequest: Adding st-auth-mode header: "+R),k.set("st-auth-mode",R),[4,x(k)];case 11:return t.sent(),(0,d.logDebugMessage)("doRequest: Making user's http call"),[4,n(T)];case 12:return E=t.sent(),(0,d.logDebugMessage)("doRequest: User's http call ended"),[4,M(E)];case 13:return t.sent(),U("EXISTS"===m.status,E.status,E.headers.get("front-token")),E.status!==e.config.sessionExpiredStatusCode?[3,15]:((0,d.logDebugMessage)("doRequest: Status code is: "+E.status),[4,w(m)]);case 14:return"RETRY"!==(A=t.sent()).result?((0,d.logDebugMessage)("doRequest: Not retrying original request"),b=void 0!==A.error?A.error:E,[3,19]):((0,d.logDebugMessage)("doRequest: Retrying original request"),[3,18]);case 15:return E.status!==e.config.invalidClaimStatusCode?[3,17]:[4,S(E)];case 16:t.sent(),t.label=17;case 17:return[2,E];case 18:return[3,7];case 19:return[2,b];case 20:return[4,y(!1)];case 21:return"NOT_EXISTS"!==t.sent().status?[3,24]:((0,d.logDebugMessage)("doRequest: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,g.removeToken()]);case 22:return t.sent(),[4,h.removeToken()];case 23:t.sent(),t.label=24;case 24:return[7];case 25:return[2]}}))}))},e.attemptRefreshingSession=function(){return o(void 0,void 0,void 0,(function(){var n;return s(t,(function(t){switch(t.label){case 0:if(!e.initCalled)throw Error("init function not called");return[4,y(!1)];case 1:return[4,w(t.sent())];case 2:if("API_ERROR"===(n=t.sent()).result)throw n.error;return[2,"RETRY"===n.result]}}))}))},e}();t.default=p;var v="st-last-access-token-update",b="sAntiCsrf",m="sFrontToken";function w(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,u,c,f,v,b;return s(this,(function(s){switch(s.label){case 0:return[4,l.default.getReferenceOrThrow().lockFactory()];case 1:t=s.sent(),s.label=2;case 2:return(0,d.logDebugMessage)("onUnauthorisedResponse: trying to acquire lock"),[4,t.acquireLock("REFRESH_TOKEN_USE",1e3)];case 3:if(!s.sent())return[3,24];(0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired"),s.label=4;case 4:return s.trys.push([4,16,18,24]),[4,y(!1)];case 5:return"NOT_EXISTS"===(n=s.sent()).status?((0,d.logDebugMessage)("onUnauthorisedResponse: Not refreshing because local session state is NOT_EXISTS"),p.config.onHandleEvent({action:"UNAUTHORISED",sessionExpiredOrRevoked:!1,userContext:{}}),[2,{result:"SESSION_EXPIRED"}]):n.status!==e.status||"EXISTS"===n.status&&"EXISTS"===e.status&&n.lastAccessTokenUpdate!==e.lastAccessTokenUpdate?((0,d.logDebugMessage)("onUnauthorisedResponse: Retrying early because pre and post lastAccessTokenUpdate don't match"),[2,{result:"RETRY"}]):(r=new Headers,"EXISTS"!==e.status?[3,7]:[4,g.getToken(e.lastAccessTokenUpdate)]);case 6:void 0!==(o=s.sent())&&((0,d.logDebugMessage)("onUnauthorisedResponse: Adding anti-csrf token to refresh API call"),r.set("anti-csrf",o)),s.label=7;case 7:return(0,d.logDebugMessage)("onUnauthorisedResponse: Adding rid and fdi-versions to refresh call header"),r.set("rid",p.rid),r.set("fdi-version",a.supported_fdi.join(",")),i=p.config.tokenTransferMethod,(0,d.logDebugMessage)("onUnauthorisedResponse: Adding st-auth-mode header: "+i),r.set("st-auth-mode",i),[4,x(r,!0)];case 8:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Calling refresh pre API hook"),[4,p.config.preAPIHook({action:"REFRESH_SESSION",requestInit:{method:"post",credentials:"include",headers:r},url:p.refreshTokenUrl,userContext:{}})];case 9:return u=s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Making refresh call"),[4,p.env.__supertokensOriginalFetch(u.url,u.requestInit)];case 10:return c=s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Refresh call ended"),[4,M(c)];case 11:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Refresh status code is: "+c.status),(f=c.status===p.config.sessionExpiredStatusCode)&&null===c.headers.get("front-token")?[4,h.setItem("remove")]:[3,13];case 12:s.sent(),s.label=13;case 13:if(U("EXISTS"===e.status,c.status,f&&null===c.headers.get("front-token")?"remove":c.headers.get("front-token")),c.status>=300)throw c;return[4,p.config.postAPIHook({action:"REFRESH_SESSION",fetchResponse:c.clone(),requestInit:u.requestInit,url:u.url,userContext:{}})];case 14:return s.sent(),[4,y(!1)];case 15:return"NOT_EXISTS"===s.sent().status?((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so returning session expired"),[2,{result:"SESSION_EXPIRED"}]):(p.config.onHandleEvent({action:"REFRESH_SESSION",userContext:{}}),(0,d.logDebugMessage)("onUnauthorisedResponse: Sending RETRY signal"),[2,{result:"RETRY"}]);case 16:return v=s.sent(),[4,y(!1)];case 17:return"NOT_EXISTS"===s.sent().status?((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so returning session expired"),[2,{result:"SESSION_EXPIRED",error:v}]):((0,d.logDebugMessage)("onUnauthorisedResponse: sending API_ERROR"),[2,{result:"API_ERROR",error:v}]);case 18:return[4,t.releaseLock("REFRESH_TOKEN_USE")];case 19:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Released lock"),[4,y(!1)];case 20:return"NOT_EXISTS"!==s.sent().status?[3,23]:((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,g.removeToken()]);case 21:return s.sent(),[4,h.removeToken()];case 22:s.sent(),s.label=23;case 23:return[7];case 24:return[4,y(!1)];case 25:return"NOT_EXISTS"===(b=s.sent()).status?((0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired failed and local session doesn't exist, so sending SESSION_EXPIRED"),[2,{result:"SESSION_EXPIRED"}]):b.status!==e.status||"EXISTS"===b.status&&"EXISTS"===e.status&&b.lastAccessTokenUpdate!==e.lastAccessTokenUpdate?((0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired failed and retrying early because pre and post lastAccessTokenUpdate don't match"),[2,{result:"RETRY"}]):[3,2];case 26:return[2]}}))}))}function k(){(0,d.logDebugMessage)("onTokenUpdate: firing ACCESS_TOKEN_PAYLOAD_UPDATED event"),p.config.onHandleEvent({action:"ACCESS_TOKEN_PAYLOAD_UPDATED",userContext:{}})}function S(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,p.recipeImpl.getInvalidClaimsFromResponse({response:e,userContext:{}})];case 1:return(t=n.sent())&&p.config.onHandleEvent({action:"API_INVALID_CLAIM",claimValidationErrors:t,userContext:{}}),[3,3];case 2:return n.sent(),[3,3];case 3:return[2]}}))}))}function y(e){return o(this,void 0,void 0,(function(){var t,n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("getLocalSessionState: called"),[4,E(v)];case 1:return t=o.sent(),[4,h.doesTokenExists()];case 2:return o.sent()&&void 0!==t?((0,d.logDebugMessage)("getLocalSessionState: returning EXISTS since both frontToken and lastAccessTokenUpdate exists"),[2,{status:"EXISTS",lastAccessTokenUpdate:t}]):[3,3];case 3:return t?((0,d.logDebugMessage)("getLocalSessionState: returning NOT_EXISTS since frontToken was cleared but lastAccessTokenUpdate exists"),[2,{status:"NOT_EXISTS"}]):[3,4];case 4:return n={status:"MAY_EXIST"},e?((0,d.logDebugMessage)("getLocalSessionState: trying to refresh"),[4,w(n)]):[3,7];case 5:return"RETRY"!==(r=o.sent()).result?((0,d.logDebugMessage)("getLocalSessionState: return NOT_EXISTS in case error from backend"+r.result),[2,{status:"NOT_EXISTS"}]):((0,d.logDebugMessage)("getLocalSessionState: Retrying post refresh"),[4,y(e)]);case 6:return[2,o.sent()];case 7:return(0,d.logDebugMessage)("getLocalSessionState: returning: "+n.status),[2,n]}}))}))}function T(e){switch(e){case"access":return"st-access-token";case"refresh":return"st-refresh-token"}}function I(e,t){var n=T(e);return""!==t?((0,d.logDebugMessage)("setToken: saved ".concat(e," token into cookies")),R(n,t,Date.now()+31536e5)):((0,d.logDebugMessage)("setToken: cleared ".concat(e," token from cookies")),R(n,t,0))}function R(e,t,n){var r="Fri, 31 Dec 9999 23:59:59 GMT";n!==Number.MAX_SAFE_INTEGER&&(r=new Date(n).toUTCString());var o=p.config.sessionTokenFrontendDomain;return"localhost"===o||o===c.default.getReferenceOrThrow().windowHandler.location.getHostName()?u.default.getReferenceOrThrow().cookieHandler.setCookie("".concat(e,"=").concat(t,";expires=").concat(r,";path=/;samesite=").concat(p.config.isInIframe?"none;secure":"lax")):u.default.getReferenceOrThrow().cookieHandler.setCookie("".concat(e,"=").concat(t,";expires=").concat(r,";domain=").concat(o,";path=/;samesite=").concat(p.config.isInIframe?"none;secure":"lax"))}function D(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){return[2,E(T(e))]}))}))}function E(e){return o(this,void 0,void 0,(function(){var t,n,r,o;return s(this,(function(s){switch(s.label){case 0:return n="; ",[4,u.default.getReferenceOrThrow().cookieHandler.getCookie()];case 1:return t=n+s.sent(),(r=t.split("; "+e+"=")).length>=2&&void 0!==(o=r.pop())?[2,o.split(";").shift()]:[2,void 0]}}))}))}function x(e,t){return void 0===t&&(t=!1),o(this,void 0,void 0,(function(){var n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("setTokenHeaders: adding existing tokens as header"),[4,D("access")];case 1:return n=o.sent(),[4,D("refresh")];case 2:return r=o.sent(),!t&&void 0===n||void 0===r?(0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"):e.has("Authorization")?(0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):((0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.set("Authorization","Bearer ".concat(t?r:n))),[2]}}))}))}function M(e){return o(this,void 0,void 0,(function(){var n,r,o,i,a;return s(this,(function(s){switch(s.label){case 0:return(0,d.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response headers"),null===(n=e.headers.get("st-refresh-token"))?[3,2]:((0,d.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,I("refresh",n)]);case 1:s.sent(),s.label=2;case 2:return null===(r=e.headers.get("st-access-token"))?[3,4]:((0,d.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,I("access",r)]);case 3:s.sent(),s.label=4;case 4:return null===(o=e.headers.get("front-token"))?[3,6]:((0,d.logDebugMessage)("saveTokensFromHeaders: Setting sFrontToken: "+o),[4,h.setItem(o)]);case 5:s.sent(),(0,t.updateClockSkewUsingFrontToken)({frontToken:o,responseHeaders:e.headers}),s.label=6;case 6:return null===(i=e.headers.get("anti-csrf"))?[3,9]:[4,y(!0)];case 7:return"EXISTS"!==(a=s.sent()).status?[3,9]:((0,d.logDebugMessage)("saveTokensFromHeaders: Setting anti-csrf token"),[4,g.setItem(a.lastAccessTokenUpdate,i)]);case 8:s.sent(),s.label=9;case 9:return[2]}}))}))}function A(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("saveLastAccessTokenUpdate: called"),e=Date.now().toString(),(0,d.logDebugMessage)("saveLastAccessTokenUpdate: setting "+e),[4,R(v,e,Number.MAX_SAFE_INTEGER)];case 1:return t.sent(),[4,R("sIRTFrontend","",0)];case 2:return t.sent(),[2]}}))}))}function C(){return o(this,void 0,void 0,(function(){function e(){return o(this,void 0,void 0,(function(){var e,t,n,r,o;return s(this,(function(s){switch(s.label){case 0:return t="; ",[4,u.default.getReferenceOrThrow().cookieHandler.getCookie()];case 1:return e=t+s.sent(),(n=e.split("; sAntiCsrf=")).length>=2&&void 0!==(r=n.pop())?void 0===(o=r.split(";").shift())?[2,null]:[2,o]:[2,null]}}))}))}var t;return s(this,(function(n){switch(n.label){case 0:return(0,d.logDebugMessage)("getAntiCSRFToken: called"),[4,y(!0)];case 1:return"EXISTS"!==n.sent().status?((0,d.logDebugMessage)("getAntiCSRFToken: Returning because local session state != EXISTS"),[2,null]):[4,e()];case 2:return t=n.sent(),(0,d.logDebugMessage)("getAntiCSRFToken: returning: "+t),[2,t]}}))}))}function _(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("setAntiCSRF: called: "+e),void 0===e?[3,2]:[4,R(b,e,Number.MAX_SAFE_INTEGER)];case 1:return t.sent(),[3,4];case 2:return[4,R(b,"",0)];case 3:t.sent(),t.label=4;case 4:return[2]}}))}))}function O(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("getFrontTokenFromCookie: called"),[4,E(m)];case 1:return[2,void 0===(e=t.sent())?null:e]}}))}))}function P(e){return JSON.parse(decodeURIComponent(escape(atob(e))))}function H(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("getFrontToken: called"),[4,y(!0)];case 1:return"EXISTS"!==t.sent().status?((0,d.logDebugMessage)("getFrontToken: Returning because sIRTFrontend != EXISTS"),[2,null]):[4,O()];case 2:return e=t.sent(),(0,d.logDebugMessage)("getFrontToken: returning: "+e),[2,e]}}))}))}function F(e){return o(this,void 0,void 0,(function(){var t,n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("setFrontToken: called"),[4,O()];case 1:return null!==(t=o.sent())&&void 0!==e&&(n=P(t).up,r=P(e).up,JSON.stringify(n)!==JSON.stringify(r)&&k()),void 0!==e?[3,3]:[4,R(m,"",0)];case 2:return o.sent(),[3,5];case 3:return[4,R(m,e,Number.MAX_SAFE_INTEGER)];case 4:o.sent(),o.label=5;case 5:return[2]}}))}))}function U(e,t,n){if(null!=n){var r="remove"!==n;(0,d.logDebugMessage)("fireSessionUpdateEventsIfNecessary wasLoggedIn: ".concat(e," frontTokenExistsAfter: ").concat(r," status: ").concat(t)),e?r||(t===p.config.sessionExpiredStatusCode?((0,d.logDebugMessage)("onUnauthorisedResponse: firing UNAUTHORISED event"),p.config.onHandleEvent({action:"UNAUTHORISED",sessionExpiredOrRevoked:!0,userContext:{}})):((0,d.logDebugMessage)("onUnauthorisedResponse: firing SIGN_OUT event"),p.config.onHandleEvent({action:"SIGN_OUT",userContext:{}}))):r&&((0,d.logDebugMessage)("onUnauthorisedResponse: firing SESSION_CREATED event"),p.config.onHandleEvent({action:"SESSION_CREATED",userContext:{}}))}else(0,d.logDebugMessage)("fireSessionUpdateEventsIfNecessary returning early because the front token was not updated")}t.onUnauthorisedResponse=w,t.onTokenUpdate=k,t.onInvalidClaimResponse=S,t.getLocalSessionState=y,t.getStorageNameForToken=T,t.setToken=I,t.getTokenForHeaderAuth=D,t.saveLastAccessTokenUpdate=A,t.setAntiCSRF=_,t.getFrontToken=H,t.setFrontToken=F,t.fireSessionUpdateEventsIfNecessary=U,t.updateClockSkewUsingFrontToken=function(e){var t=e.frontToken,n=e.responseHeaders;if((0,d.logDebugMessage)("updateClockSkewUsingFrontToken: frontToken: "+t),null!=t&&"remove"!==t){var r=P(t),o=p.recipeImpl.calculateClockSkewInMillis({accessTokenPayload:r.up,responseHeaders:n});f.default.getReferenceOrThrow().dateProvider.setClientClockSkewInMillis(o),(0,d.logDebugMessage)("updateClockSkewUsingFrontToken: Client clock synchronized successfully")}else(0,d.logDebugMessage)("updateClockSkewUsingFrontToken: the access token payload wasn't updated or is being removed, skipping clock skew update")}},569:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.BooleanClaim=t.PrimitiveArrayClaim=t.PrimitiveClaim=t.getInvalidClaimsFromResponse=t.getClaimValue=t.validateClaims=t.signOut=t.addAxiosInterceptors=t.doesSessionExist=t.attemptRefreshingSession=t.getAccessToken=t.getAccessTokenPayloadSecurely=t.getUserId=t.init=void 0;var s=n(379),i=n(994),a=n(333),u=n(318),c=n(501),l=n(958),d=n(941),f=n(153),g=n(845),h=n(671),p=function(){function e(){}var t;return e.init=function(t){c.default.init(t.cookieHandler),l.default.init(t.windowHandler),h.default.init(t.dateProvider),d.default.init(t.lockFactory,l.default.getReferenceOrThrow().windowHandler.localStorage);var n=(0,u.validateAndNormaliseInputOrThrowError)(t);void 0!==t.enableDebugLogs&&t.enableDebugLogs&&(0,g.enableLogging)();var r=new a.default((0,i.default)({onHandleEvent:n.onHandleEvent,preAPIHook:n.preAPIHook,postAPIHook:n.postAPIHook,sessionExpiredStatusCode:n.sessionExpiredStatusCode})).override(n.override.functions).build();s.default.init(n,r),e.axiosInterceptorQueue.forEach((function(e){e()})),e.axiosInterceptorQueue=[]},e.getUserId=function(e){return s.default.recipeImpl.getUserId({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.getAccessTokenPayloadSecurely=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return[2,s.default.recipeImpl.getAccessTokenPayloadSecurely({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})]}))}))},t=e,e.axiosInterceptorQueue=[],e.attemptRefreshingSession=function(){return r(void 0,void 0,void 0,(function(){return o(t,(function(e){return[2,s.default.attemptRefreshingSession()]}))}))},e.doesSessionExist=function(e){return s.default.recipeImpl.doesSessionExist({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.addAxiosInterceptors=function(t,n){s.default.initCalled?s.default.recipeImpl.addAxiosInterceptors({axiosInstance:t,userContext:(0,u.getNormalisedUserContext)(n)}):e.axiosInterceptorQueue.push((function(){s.default.recipeImpl.addAxiosInterceptors({axiosInstance:t,userContext:(0,u.getNormalisedUserContext)(n)})}))},e.signOut=function(e){return s.default.recipeImpl.signOut({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.getInvalidClaimsFromResponse=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return[2,s.default.recipeImpl.getInvalidClaimsFromResponse({response:e.response,userContext:(0,u.getNormalisedUserContext)(e.userContext)})]}))}))},e.getClaimValue=function(t){return r(this,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return n=(0,u.getNormalisedUserContext)(void 0===t?void 0:t.userContext),[4,e.getAccessTokenPayloadSecurely({userContext:n})];case 1:return r=o.sent(),[2,t.claim.getValueFromPayload(r,n)]}}))}))},e.validateClaims=function(e,t){var n=(0,u.getNormalisedUserContext)(t),r=f.SessionClaimValidatorStore.getClaimValidatorsAddedByOtherRecipes(),o=s.default.recipeImpl.getGlobalClaimValidators({claimValidatorsAddedByOtherRecipes:r,userContext:n}),i=void 0!==e?e(o,n):o;return 0===i.length?[]:s.default.recipeImpl.validateClaims({claimValidators:i,userContext:(0,u.getNormalisedUserContext)(t)})},e.getAccessToken=function(e){return r(void 0,void 0,void 0,(function(){return o(t,(function(t){switch(t.label){case 0:return[4,s.default.recipeImpl.doesSessionExist({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})];case 1:return t.sent()?[2,(0,s.getTokenForHeaderAuth)("access")]:[2,void 0]}}))}))},e}();t.default=p,t.init=p.init,t.getUserId=p.getUserId,t.getAccessTokenPayloadSecurely=p.getAccessTokenPayloadSecurely,t.getAccessToken=p.getAccessToken,t.attemptRefreshingSession=p.attemptRefreshingSession,t.doesSessionExist=p.doesSessionExist,t.addAxiosInterceptors=p.addAxiosInterceptors,t.signOut=p.signOut,t.validateClaims=p.validateClaims,t.getClaimValue=p.getClaimValue,t.getInvalidClaimsFromResponse=p.getInvalidClaimsFromResponse;var v=n(911);Object.defineProperty(t,"PrimitiveClaim",{enumerable:!0,get:function(){return v.PrimitiveClaim}});var b=n(748);Object.defineProperty(t,"PrimitiveArrayClaim",{enumerable:!0,get:function(){return b.PrimitiveArrayClaim}});var m=n(491);Object.defineProperty(t,"BooleanClaim",{enumerable:!0,get:function(){return m.BooleanClaim}})},845:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.logDebugMessage=t.disableLogging=t.enableLogging=void 0;var r=n(255),o=!1;t.enableLogging=function(){o=!0},t.disableLogging=function(){o=!1},t.logDebugMessage=function(e){o&&console.log("".concat("com.supertokens",' {t: "').concat((new Date).toISOString(),'", message: "').concat(e,'", supertokens-website-ver: "').concat(r.package_version,'"}'))}},992:(e,t)=>{function n(e){return/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/.test(e)}Object.defineProperty(t,"__esModule",{value:!0}),t.isAnIpAddress=void 0,t.isAnIpAddress=n;function r(e,t){void 0===t&&(t=!1),e=e.trim();try{if(!e.startsWith("http://")&&!e.startsWith("https://"))throw new Error("converting to proper URL");var o=new URL(e);return t?o.hostname.startsWith("localhost")||n(o.hostname)?"http://"+o.host:"https://"+o.host:o.protocol+"//"+o.host}catch(e){}if(e.startsWith("/"))throw new Error("Please provide a valid domain name");if(0===e.indexOf(".")&&(e=e.substr(1)),(-1!==e.indexOf(".")||e.startsWith("localhost"))&&!e.startsWith("http://")&&!e.startsWith("https://")){e="https://"+e;try{return new URL(e),r(e,!0)}catch(e){}}throw new Error("Please provide a valid domain name")}t.default=function(e){var t=this;this.getAsStringDangerous=function(){return t.value},this.value=r(e)}},260:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});function n(e){e=e.trim();try{if(!e.startsWith("http://")&&!e.startsWith("https://"))throw new Error("converting to proper URL");return"/"===(e=new URL(e).pathname).charAt(e.length-1)?e.substr(0,e.length-1):e}catch(e){}if((function(e){if(-1===e.indexOf(".")||e.startsWith("/"))return!1;try{return-1!==new URL(e).hostname.indexOf(".")}catch(e){}try{return-1!==new URL("http://"+e).hostname.indexOf(".")}catch(e){}return!1}(e)||e.startsWith("localhost"))&&!e.startsWith("http://")&&!e.startsWith("https://"))return n(e="http://"+e);"/"!==e.charAt(0)&&(e="/"+e);try{return new URL("http://example.com"+e),n("http://example.com"+e)}catch(e){throw new Error("Please provide a valid URL path")}}t.default=function e(t){var r=this;this.startsWith=function(e){return r.value.startsWith(e.value)},this.appendPath=function(t){return new e(r.value+t.value)},this.getAsStringDangerous=function(){return r.value},this.value=n(t)}},743:function(e,t){var n,r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.ProcessState=t.PROCESS_STATE=void 0,(n=t.PROCESS_STATE||(t.PROCESS_STATE={}))[n.CALLING_INTERCEPTION_REQUEST=0]="CALLING_INTERCEPTION_REQUEST",n[n.CALLING_INTERCEPTION_RESPONSE=1]="CALLING_INTERCEPTION_RESPONSE";var s=function(){function e(){var e=this;this.history=[],this.addState=function(t){try{void 0!==process&&void 0!==process.env&&"testing"===process.env.TEST_MODE&&e.history.push(t)}catch(e){}},this.getEventByLastEventByName=function(t){for(var n=e.history.length-1;n>=0;n--)if(e.history[n]==t)return e.history[n]},this.reset=function(){e.history=[]},this.waitForEvent=function(t,n){return void 0===n&&(n=7e3),r(e,void 0,void 0,(function(){var e,r=this;return o(this,(function(o){return e=Date.now(),[2,new Promise((function(o){var s=r;!function r(){var i=s.getEventByLastEventByName(t);void 0===i?Date.now()-e>n?o(void 0):setTimeout(r,1e3):o(i)}()}))]}))}))}}return e.getInstance=function(){return null==e.instance&&(e.instance=new e),e.instance},e}();t.ProcessState=s},994:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0});var i=n(379),a=n(759),u=n(255),c=n(845),l=n(173),d=n(648),f=n(318),g=n(671);t.default=function(e){return{addXMLHttpRequestInterceptor:function(e){(0,c.logDebugMessage)("addXMLHttpRequestInterceptorAndReturnModified: called"),(0,d.addInterceptorsToXMLHttpRequest)()},addFetchInterceptorsAndReturnModifiedFetch:function(e){return(0,c.logDebugMessage)("addFetchInterceptorsAndReturnModifiedFetch: called"),function(t,n){return o(this,void 0,void 0,(function(){return s(this,(function(o){switch(o.label){case 0:return[4,i.default.doRequest((function(n){return e.originalFetch("object"==typeof t&&"clone"in t?t.clone():t,r({},n))}),n,t)];case 1:return[2,o.sent()]}}))}))}},addAxiosInterceptors:function(e){if((0,c.logDebugMessage)("addAxiosInterceptors: called"),XMLHttpRequest.__interceptedBySuperTokens)return console.warn("Not adding axios interceptor since XMLHttpRequest is already added. This is just a warning."),console.warn("Our axios and XMLHttpRequest interceptors cannot be used at the same time."),console.warn("Since XMLHttpRequest is added automatically and supports axios by default, you can just remove addAxiosInterceptors from your code."),console.warn("If you want to continue using our axios interceptor, you can override addXMLHttpRequestInterceptor with an empty function."),void(0,c.logDebugMessage)("addAxiosInterceptors: not adding, because XHR interceptors are already in place");for(var t=e.axiosInstance.interceptors.request,n=0;n<t.handlers.length;n++)if(t.handlers[n].fulfilled===a.interceptorFunctionRequestFulfilled)return void(0,c.logDebugMessage)("addAxiosInterceptors: not adding because already added on this instance");e.axiosInstance.interceptors.request.use(a.interceptorFunctionRequestFulfilled,(function(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){throw e}))}))})),e.axiosInstance.interceptors.response.use((0,a.responseInterceptor)(e.axiosInstance),(0,a.responseErrorInterceptor)(e.axiosInstance))},getUserId:function(e){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,c.logDebugMessage)("getUserId: called"),[4,i.FrontToken.getTokenInfo()];case 1:if(void 0===(e=t.sent()))throw new Error("No session exists");return(0,c.logDebugMessage)("getUserId: returning: "+e.uid),[2,e.uid]}}))}))},getAccessTokenPayloadSecurely:function(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return(0,c.logDebugMessage)("getAccessTokenPayloadSecurely: called"),[4,i.FrontToken.getTokenInfo()];case 1:if(void 0===(t=n.sent()))throw new Error("No session exists");return t.ate<g.default.getReferenceOrThrow().dateProvider.now()?((0,c.logDebugMessage)("getAccessTokenPayloadSecurely: access token expired. Refreshing session"),[4,i.default.attemptRefreshingSession()]):[3,5];case 2:return n.sent()?[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})]:[3,4];case 3:return[2,n.sent()];case 4:throw new Error("Could not refresh session");case 5:return(0,c.logDebugMessage)("getAccessTokenPayloadSecurely: returning: "+JSON.stringify(t.up)),[2,t.up]}}))}))},doesSessionExist:function(e){return o(this,void 0,void 0,(function(){var e,t;return s(this,(function(n){switch(n.label){case 0:return(0,c.logDebugMessage)("doesSessionExist: called"),[4,i.FrontToken.getTokenInfo()];case 1:return void 0===(e=n.sent())?((0,c.logDebugMessage)("doesSessionExist: access token does not exist locally"),[2,!1]):e.ate<g.default.getReferenceOrThrow().dateProvider.now()?((0,c.logDebugMessage)("doesSessionExist: access token expired. Refreshing session"),[4,(0,i.getLocalSessionState)(!1)]):[3,4];case 2:return t=n.sent(),[4,(0,i.onUnauthorisedResponse)(t)];case 3:return[2,"RETRY"===n.sent().result];case 4:return[2,!0]}}))}))},signOut:function(t){return o(this,void 0,void 0,(function(){var n,r,o,a;return s(this,(function(s){switch(s.label){case 0:return(0,c.logDebugMessage)("signOut: called"),[4,this.doesSessionExist(t)];case 1:return s.sent()?((0,c.logDebugMessage)("signOut: Calling refresh pre API hook"),[4,e.preAPIHook({action:"SIGN_OUT",requestInit:{method:"post",headers:{"fdi-version":u.supported_fdi.join(","),rid:i.default.rid}},url:i.default.signOutUrl,userContext:t.userContext})]):((0,c.logDebugMessage)("signOut: exiting early because session does not exist"),(0,c.logDebugMessage)("signOut: firing SIGN_OUT event"),e.onHandleEvent({action:"SIGN_OUT",userContext:t.userContext}),[2]);case 2:return n=s.sent(),(0,c.logDebugMessage)("signOut: Calling API"),[4,fetch(n.url,n.requestInit)];case 3:if(r=s.sent(),(0,c.logDebugMessage)("signOut: API ended"),(0,c.logDebugMessage)("signOut: API responded with status code: "+r.status),r.status===e.sessionExpiredStatusCode)return[2];if(r.status>=300)throw r;return[4,e.postAPIHook({action:"SIGN_OUT",requestInit:n.requestInit,url:n.url,fetchResponse:r.clone(),userContext:t.userContext})];case 4:return s.sent(),[4,r.clone().json()];case 5:if("GENERAL_ERROR"===(o=s.sent()).status)throw(0,c.logDebugMessage)("doRequest: Throwing general error"),a=void 0===o.message?"No Error Message Provided":o.message,new l.STGeneralError(a);return[2]}}))}))},getInvalidClaimsFromResponse:function(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return"body"in e.response?[4,e.response.clone().json()]:[3,2];case 1:return t=n.sent(),[3,3];case 2:t="string"==typeof e.response.data?JSON.parse(e.response.data):e.response.data,n.label=3;case 3:return[2,t.claimValidationErrors]}}))}))},getGlobalClaimValidators:function(e){return e.claimValidatorsAddedByOtherRecipes},validateClaims:function(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,a,u,c,l;return s(this,(function(s){switch(s.label){case 0:return[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})];case 1:t=s.sent(),n=0,r=e.claimValidators,s.label=2;case 2:return n<r.length?[4,(c=r[n]).shouldRefresh(t,e.userContext)]:[3,10];case 3:if(!s.sent())return[3,9];s.label=4;case 4:return s.trys.push([4,6,,7]),[4,c.refresh(e.userContext)];case 5:return s.sent(),[3,7];case 6:return o=s.sent(),console.error("Encountered an error while refreshing validator ".concat(c.id),o),[3,7];case 7:return[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})];case 8:t=s.sent(),s.label=9;case 9:return n++,[3,2];case 10:i=[],a=0,u=e.claimValidators,s.label=11;case 11:return a<u.length?[4,(c=u[a]).validate(t,e.userContext)]:[3,14];case 12:(l=s.sent()).isValid||i.push({id:c.id,reason:l.reason}),s.label=13;case 13:return a++,[3,11];case 14:return[2,i]}}))}))},shouldDoInterceptionBasedOnUrl:function(e,t,n){if((0,c.logDebugMessage)("shouldDoInterceptionBasedOnUrl: toCheckUrl: "+e+" apiDomain: "+t+" sessionTokenBackendDomain: "+n),e.includes("superTokensDoNotDoInterception"))return!1;e=(0,f.normaliseURLDomainOrThrowError)(e);var r=new URL(e).hostname,o=!1;if(""!==t&&(t=(0,f.normaliseURLDomainOrThrowError)(t),o=r===new URL(t).hostname),void 0===n||o)return o;var s=(0,f.normaliseSessionScopeOrThrowError)(n);return(0,f.matchesDomainOrSubdomain)(r,s)},calculateClockSkewInMillis:function(e){var t=e.accessTokenPayload;(0,c.logDebugMessage)("calculateClockSkewInMillis: called");var n=null==t?void 0:t.iat;if(void 0===n||"number"!=typeof n)return(0,c.logDebugMessage)("calculateClockSkewInMillis: payload iat is undefined or not a number. This may happen due to an unsupported backend sdk. Returning 0"),0;var r=1e3*n-Date.now();return(0,c.logDebugMessage)("calculateClockSkewInMillis: returning "+r),r}}}},272:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.defaultCookieHandlerImplementation=void 0;var s=n(958);t.defaultCookieHandlerImplementation={getCookie:function(){return r(this,void 0,void 0,(function(){return o(this,(function(e){return[2,s.default.getReferenceOrThrow().windowHandler.getWindowUnsafe().document.cookie]}))}))},setCookie:function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return s.default.getReferenceOrThrow().windowHandler.getWindowUnsafe().document.cookie=e,[2]}))}))}}},501:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.CookieHandlerReference=void 0;var r=n(272),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.cookieHandler=t(r.defaultCookieHandlerImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensCookieHandler must be initialized before calling this method.");return e.instance},e}();t.CookieHandlerReference=o,t.default=o},812:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DateProvider=void 0;var r=n(958),o=function(){function e(){this.clockSkewInMillis=0,this.thresholdInSeconds=7}return e.init=function(){if(void 0===e.instance){e.instance=new e;var t=r.default.getReferenceOrThrow().windowHandler.localStorage.getItemSync(e.CLOCK_SKEW_KEY),n=null!==t?parseInt(t,10):0;e.instance.setClientClockSkewInMillis(n)}},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("DateProvider must be initialized before calling this method.");return e.instance},e.prototype.getThresholdInSeconds=function(){return this.thresholdInSeconds},e.prototype.setThresholdInSeconds=function(e){this.thresholdInSeconds=e},e.prototype.setClientClockSkewInMillis=function(t){this.clockSkewInMillis=Math.abs(t)>=1e3*this.thresholdInSeconds?t:0,r.default.getReferenceOrThrow().windowHandler.localStorage.setItemSync(e.CLOCK_SKEW_KEY,String(t))},e.prototype.getClientClockSkewInMillis=function(){return this.clockSkewInMillis},e.prototype.now=function(){return Date.now()+this.getClientClockSkewInMillis()},e.CLOCK_SKEW_KEY="__st_clockSkewInMillis",e}();t.DateProvider=o},671:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DateProviderReference=void 0;var r=n(812),o=function(){function e(e){void 0!==e?this.dateProvider=e():(r.DateProvider.init(),this.dateProvider=r.DateProvider.getReferenceOrThrow())}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensDateProvider must be initialized before calling this method.");return e.instance},e}();t.DateProviderReference=o,t.default=o},318:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.matchesDomainOrSubdomain=t.getNormalisedUserContext=t.validateAndNormaliseInputOrThrowError=t.normaliseSessionScopeOrThrowError=t.normaliseURLPathOrThrowError=t.normaliseURLDomainOrThrowError=void 0;var i=n(992),a=n(260),u=n(958);function c(e){return new i.default(e).getAsStringDangerous()}function l(e){return new a.default(e).getAsStringDangerous()}function d(e){var t=function(e){(e=e.trim().toLowerCase()).startsWith(".")&&(e=e.substr(1)),e.startsWith("http://")||e.startsWith("https://")||(e="http://"+e);try{return new URL(e).hostname}catch(e){throw new Error("Please provide a valid sessionScope")}}(e);return"localhost"===t||(0,i.isAnIpAddress)(t)?t:e.startsWith(".")?"."+t:t}t.normaliseURLDomainOrThrowError=c,t.normaliseURLPathOrThrowError=l,t.normaliseSessionScopeOrThrowError=d,t.validateAndNormaliseInputOrThrowError=function(e){var t=this,n=c(e.apiDomain),i=l("/auth");void 0!==e.apiBasePath&&(i=l(e.apiBasePath));var a=u.default.getReferenceOrThrow().windowHandler.location.getHostName(),f=d(void 0!==e&&void 0!==e.sessionTokenFrontendDomain?e.sessionTokenFrontendDomain:a),g=401;void 0!==e.sessionExpiredStatusCode&&(g=e.sessionExpiredStatusCode);var h=403;if(void 0!==e.invalidClaimStatusCode&&(h=e.invalidClaimStatusCode),g===h)throw new Error("sessionExpiredStatusCode and invalidClaimStatusCode cannot be the same.");var p=!0;void 0!==e.autoAddCredentials&&(p=e.autoAddCredentials);var v=!1;void 0!==e.isInIframe&&(v=e.isInIframe);var b=void 0;void 0!==e.sessionTokenBackendDomain&&(b=d(e.sessionTokenBackendDomain));var m=function(e){return o(t,void 0,void 0,(function(){return s(this,(function(t){return[2,{url:e.url,requestInit:e.requestInit}]}))}))};void 0!==e.preAPIHook&&(m=e.preAPIHook);var w=function(){return o(t,void 0,void 0,(function(){return s(this,(function(e){return[2]}))}))};void 0!==e.postAPIHook&&(w=e.postAPIHook);var k=function(){};void 0!==e.onHandleEvent&&(k=e.onHandleEvent);var S=r({functions:function(e){return e}},e.override);return{apiDomain:n,apiBasePath:i,sessionTokenFrontendDomain:f,sessionExpiredStatusCode:g,invalidClaimStatusCode:h,autoAddCredentials:p,isInIframe:v,tokenTransferMethod:void 0!==e.tokenTransferMethod?e.tokenTransferMethod:"cookie",sessionTokenBackendDomain:b,preAPIHook:m,postAPIHook:w,onHandleEvent:k,override:S}},t.getNormalisedUserContext=function(e){return void 0===e?{}:e},t.matchesDomainOrSubdomain=function(e,t){for(var n=e.split("."),r=0;r<n.length;r++){var o=n.slice(r).join(".");if(o===t||".".concat(o)===t)return!0}return!1}},941:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.LockFactoryReference=void 0;var r=n(895),o=function(){function e(e){this.lockFactory=e}return e.init=function(t,n){void 0===this.instance&&(this.instance=new e(null!=t?t:function(e){return function(){return Promise.resolve(new r.default(e))}}(n)))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensLockReference must be initialized before calling this method.");return e.instance},e}();t.LockFactoryReference=o,t.default=o},153:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.SessionClaimValidatorStore=void 0;var n=function(){function e(){}return e.claimValidatorsAddedByOtherRecipes=[],e.addClaimValidatorFromOtherRecipe=function(t){e.claimValidatorsAddedByOtherRecipes.push(t)},e.getClaimValidatorsAddedByOtherRecipes=function(){return e.claimValidatorsAddedByOtherRecipes},e}();t.SessionClaimValidatorStore=n,t.default=n},586:function(e,t){var n=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},r=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};function o(){if("undefined"==typeof window)throw Error("If you are using this package with server-side rendering, please make sure that you are checking if the window object is defined.");return window}Object.defineProperty(t,"__esModule",{value:!0}),t.defaultWindowHandlerImplementation=void 0;var s={key:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.key(e)]}))}))},clear:function(){return n(this,void 0,void 0,(function(){return r(this,(function(e){return[2,o().localStorage.clear()]}))}))},getItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.getItem(e)]}))}))},removeItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.removeItem(e)]}))}))},setItem:function(e,t){return n(this,void 0,void 0,(function(){return r(this,(function(n){return[2,o().localStorage.setItem(e,t)]}))}))},keySync:function(e){return o().localStorage.key(e)},clearSync:function(){return o().localStorage.clear()},getItemSync:function(e){return o().localStorage.getItem(e)},removeItemSync:function(e){return o().localStorage.removeItem(e)},setItemSync:function(e,t){return o().localStorage.setItem(e,t)}},i={key:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.key(e)]}))}))},clear:function(){return n(this,void 0,void 0,(function(){return r(this,(function(e){return[2,o().sessionStorage.clear()]}))}))},getItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.getItem(e)]}))}))},removeItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.removeItem(e)]}))}))},setItem:function(e,t){return n(this,void 0,void 0,(function(){return r(this,(function(n){return[2,o().sessionStorage.setItem(e,t)]}))}))},keySync:function(e){return o().sessionStorage.key(e)},clearSync:function(){return o().sessionStorage.clear()},getItemSync:function(e){return o().sessionStorage.getItem(e)},removeItemSync:function(e){return o().sessionStorage.removeItem(e)},setItemSync:function(e,t){return o().sessionStorage.setItem(e,t)}};t.defaultWindowHandlerImplementation={history:{replaceState:function(e,t,n){return o().history.replaceState(e,t,n)},getState:function(){return o().history.state}},location:{getHref:function(){return o().location.href},setHref:function(e){o().location.href=e},getSearch:function(){return o().location.search},getHash:function(){return o().location.hash},getPathName:function(){return o().location.pathname},assign:function(e){o().location.assign(e)},getHostName:function(){return o().location.hostname},getHost:function(){return o().location.host},getOrigin:function(){return o().location.origin}},getDocument:function(){return o().document},getWindowUnsafe:function(){return o().window},localStorage:s,sessionStorage:i}},958:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.WindowHandlerReference=void 0;var r=n(586),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.windowHandler=t(r.defaultWindowHandlerImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensWindowHandler must be initialized before calling this method.");return e.instance},e}();t.WindowHandlerReference=o,t.default=o},255:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.supported_fdi=t.package_version=void 0,t.package_version="20.0.0",t.supported_fdi=["1.16","1.17","1.18","1.19"]},648:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.addInterceptorsToXMLHttpRequest=void 0;var s=n(379),i=n(845),a=n(958),u=n(743),c=["readystatechange","abort","error","load","loadend","loadstart","progress","timeout"];function l(e){return r(this,void 0,void 0,(function(){var t,n,r,s,i;return o(this,(function(o){switch(o.label){case 0:if(t=e.headers.get("content-type"),n="",r="text",null!==t)return[3,5];o.label=1;case 1:return o.trys.push([1,3,,4]),[4,e.text()];case 2:return n=o.sent(),[3,4];case 3:return o.sent(),n="",[3,4];case 4:return[3,9];case 5:return t.includes("application/json")?(r="json",i=(s=JSON).stringify,[4,e.json()]):[3,7];case 6:return n=i.apply(s,[o.sent()]),[3,9];case 7:return t.includes("text/")?[4,e.text()]:[3,9];case 8:n=o.sent(),o.label=9;case 9:return[2,{status:e.status,responseText:n,statusText:e.statusText,responseType:r,headers:e.headers}]}}))}))}function d(e,t){return r(this,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: adding existing tokens as header"),[4,(0,s.getTokenForHeaderAuth)("access")];case 1:return n=o.sent(),[4,(0,s.getTokenForHeaderAuth)("refresh")];case 2:return r=o.sent(),void 0!==n&&void 0!==r?t.some((function(e){return"authorization"===e.name.toLowerCase()}))?(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):void 0!==n&&((0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.setRequestHeader("Authorization","Bearer ".concat(n))):(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"),[2]}}))}))}function f(e){return r(this,void 0,void 0,(function(){var t,n,r,a,u;return o(this,(function(o){switch(o.label){case 0:return(0,i.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response"),null===(t=e.get("st-refresh-token"))?[3,2]:((0,i.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,(0,s.setToken)("refresh",t)]);case 1:o.sent(),o.label=2;case 2:return null===(n=e.get("st-access-token"))?[3,4]:((0,i.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,(0,s.setToken)("access",n)]);case 3:o.sent(),o.label=4;case 4:return null===(r=e.get("front-token"))?[3,6]:((0,i.logDebugMessage)("saveTokensFromHeaders: Setting sFrontToken: "+r),[4,s.FrontToken.setItem(r)]);case 5:o.sent(),(0,s.updateClockSkewUsingFrontToken)({frontToken:r,responseHeaders:e}),o.label=6;case 6:return null===(a=e.get("anti-csrf"))?[3,9]:[4,(0,s.getLocalSessionState)(!0)];case 7:return"EXISTS"!==(u=o.sent()).status?[3,9]:((0,i.logDebugMessage)("saveTokensFromHeaders: Setting anti-csrf token"),[4,s.AntiCsrfToken.setItem(u.lastAccessTokenUpdate,a)]);case 8:o.sent(),o.label=9;case 9:return[2]}}))}))}t.addInterceptorsToXMLHttpRequest=function(){var e=new Promise((function(e){return setTimeout(e,0)})),t=XMLHttpRequest;(0,i.logDebugMessage)("addInterceptorsToXMLHttpRequest called"),XMLHttpRequest=function(){var n=new t,g=e;function h(e){g=g.finally((function(){var t;return null===(t=e())||void 0===t?void 0:t.catch(console.error)}))}var p,v,b=this,m=[],w=[],k={},S=new Map,y="",T=!1,I=void 0;function R(e,t){var n=S.get(e);(0,i.logDebugMessage)("XHRInterceptor dispatching ".concat(t.type," to ").concat(n?n.size:0," listeners")),n&&Array.from(n).forEach((function(e){return e.apply(b,[t])}))}function D(){return r(this,void 0,void 0,(function(){var e,n;return o(this,(function(r){switch(r.label){case 0:if(void 0===I)throw new Error("Should never come here..");return(0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: preRequestLSS "+I.status),[4,(0,s.onUnauthorisedResponse)(I)];case 1:if("RETRY"!==(e=r.sent()).result){if((0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: Not retrying original request "+!!e.error),void 0!==e.error)throw e.error;return[2,!0]}return(0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: Retrying original request"),n=new t,M(b,n,!0),m.forEach((function(e){e(n)})),A(n,v),[2,!1]}}))}))}function E(e){return r(this,void 0,void 0,(function(){var t,n,r,a;return o(this,(function(o){switch(o.label){case 0:if(T)return(0,i.logDebugMessage)("XHRInterceptor.handleResponse: Returning without interception"),[2,!0];o.label=1;case 1:o.trys.push([1,14,,18]),o.label=2;case 2:return o.trys.push([2,,8,13]),(0,i.logDebugMessage)("XHRInterceptor.handleResponse: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_RESPONSE),t=e.status,n=function(e){return new Headers(e.getAllResponseHeaders().split("\r\n").map((function(e){var t=e.indexOf(": ");return-1===t?["",""]:[e.slice(0,t),e.slice(t+2)]})).filter((function(e){return 0!==e[0].length})))}(e),[4,f(n)];case 3:return o.sent(),(0,s.fireSessionUpdateEventsIfNecessary)("EXISTS"===I.status,t,n.get("front-token")),t!==s.default.config.sessionExpiredStatusCode?[3,5]:((0,i.logDebugMessage)("responseInterceptor: Status code is: "+t),[4,D()]);case 4:return[2,o.sent()];case 5:return t!==s.default.config.invalidClaimStatusCode?[3,7]:[4,(0,s.onInvalidClaimResponse)({data:JSON.parse(e.responseText)})];case 6:o.sent(),o.label=7;case 7:return[2,!0];case 8:return(0,i.logDebugMessage)("XHRInterceptor.handleResponse: doFinallyCheck running"),[4,(0,s.getLocalSessionState)(!1)];case 9:return"EXISTS"===o.sent().status?[3,12]:((0,i.logDebugMessage)("XHRInterceptor.handleResponse: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,s.AntiCsrfToken.removeToken()]);case 10:return o.sent(),[4,s.FrontToken.removeToken()];case 11:o.sent(),o.label=12;case 12:return[7];case 13:return[3,18];case 14:return r=o.sent(),(0,i.logDebugMessage)("XHRInterceptor.handleResponse: caught error"),void 0===r.status?[3,16]:[4,l(r)];case 15:if(a=o.sent(),k.status=a.status,k.statusText=a.statusText,k.responseType=a.responseType,p=a.headers,"json"===a.responseType)try{k.response=JSON.parse(a.responseText)}catch(e){k.response=a.responseText}else k.response=a.responseText;return k.responseText=a.responseText,[3,17];case 16:R("error",new Event("error")),o.label=17;case 17:return[2,!0];case 18:return[2]}}))}))}b.onload=null,b.onreadystatechange=null,b.onloadend=null,b.addEventListener=function(e,t,n){var r=S.get(e);void 0===r&&(r=new Set,S.set(e,r)),r.add(t)},b.removeEventListener=function(e,t){var n=S.get(e);void 0===n&&(n=new Set,S.set(e,n)),n.delete(t)},b.open=function(e,t){(0,i.logDebugMessage)("XHRInterceptor.open called");var r=arguments;y=t;try{T="string"==typeof y&&!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(y,s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)||"string"!=typeof y&&!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(y.toString(),s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,i.logDebugMessage)("XHRInterceptor.open: Trying shouldDoInterceptionBasedOnUrl with location.origin"),T=!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(a.default.getReferenceOrThrow().windowHandler.location.getOrigin(),s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)}h((function(){m.push((function(e){e.open.apply(e,r)})),n.open.apply(n,r)}))},b.send=function(e){A(n,v=e)},b.setRequestHeader=function(e,t){var a=this;(0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: Called with ".concat(e)),T?h((function(){return n.setRequestHeader(e,t)})):"anti-csrf"!==e&&h((function(){return r(a,void 0,void 0,(function(){var r,a;return o(this,(function(o){switch(o.label){case 0:return"authorization"!==e.toLowerCase()?[3,3]:((0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: checking if user provided auth header matches local token"),[4,(0,s.getTokenForHeaderAuth)("access")]);case 1:return r=o.sent(),[4,(0,s.getTokenForHeaderAuth)("refresh")];case 2:if(a=o.sent(),void 0!==r&&void 0!==a&&t==="Bearer ".concat(r))return(0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: skipping Authorization from user provided headers because it contains our access token"),[2];o.label=3;case 3:return m.push((function(n){n.setRequestHeader(e,t)})),w.push({name:e,value:t}),n.setRequestHeader(e,t),[2]}}))}))}))};var x=void 0;function M(e,n,r){var o,s=["load","loadend","readystatechange"];(0,i.logDebugMessage)("XHRInterceptor.setUpXHR called");for(var a=function(e){(0,i.logDebugMessage)("XHRInterceptor added listener for event ".concat(e)),n.addEventListener(e,(function(t){(0,i.logDebugMessage)("XHRInterceptor got event ".concat(e)),s.includes(e)||R(e,t)}))},u=0,l=c;u<l.length;u++)a(l[u]);if(n.onload=function(t){void 0===o&&(o=E(n)),o.then((function(n){n&&(e.onload&&e.onload(t),R("load",t))}))},n.onreadystatechange=function(r){n.readyState===t.DONE?(void 0===o&&(o=E(n)),o.then((function(t){t&&(e.onreadystatechange&&e.onreadystatechange(r),R("readystatechange",r))}))):(e.onreadystatechange&&e.onreadystatechange(r),R("readystatechange",r))},n.onloadend=function(t){void 0===o&&(o=E(n)),o.then((function(n){n&&(e.onloadend&&e.onloadend(t),R("loadend",t))}))},e.getAllResponseHeaders=function(){var e;return p?(e="",p.forEach((function(t,n){return e+="".concat(n,": ").concat(t,"\r\n")}))):e=n.getAllResponseHeaders(),e+"x-supertokens-xhr-intercepted: true\r\n"},e.getResponseHeader=function(e){return"x-supertokens-xhr-intercepted"===e?"true":p?p.get(e):n.getResponseHeader(e)},void 0===x)for(var d in x=[],n)d in e||x.push(d);for(var f=function(t){"function"==typeof n[t]?Object.defineProperty(e,t,{configurable:!0,value:function(){var e=arguments;return r||m.push((function(n){n[t].apply(n,e)})),n[t].apply(n,e)}}):Object.defineProperty(e,t,{configurable:!0,get:function(){return void 0!==k[t]?k[t]:n[t]},set:function(e){r||m.push((function(n){n[t]=e})),(0,i.logDebugMessage)("XHRInterceptor.set[".concat(t,"] = ").concat(e)),n[t]=e}})},g=0,h=x;g<h.length;g++)f(d=h[g])}function A(e,t){var n=this;if((0,i.logDebugMessage)("XHRInterceptor.send: called"),(0,i.logDebugMessage)("XHRInterceptor.send: Value of doNotDoInterception: "+T),T)return(0,i.logDebugMessage)("XHRInterceptor.send: Returning without interception"),void h((function(){return e.send(t)}));(0,i.logDebugMessage)("XHRInterceptor.send: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),h((function(){return r(n,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return[4,(0,s.getLocalSessionState)(!0)];case 1:return"EXISTS"!==(I=o.sent()).status?[3,3]:[4,s.AntiCsrfToken.getToken(I.lastAccessTokenUpdate)];case 2:void 0!==(n=o.sent())&&((0,i.logDebugMessage)("XHRInterceptor.send: Adding anti-csrf token to request"),e.setRequestHeader("anti-csrf",n)),o.label=3;case 3:return s.default.config.autoAddCredentials&&((0,i.logDebugMessage)("XHRInterceptor.send: Adding credentials include"),b.withCredentials=!0),w.some((function(e){return"rid"===e.name}))?(0,i.logDebugMessage)("XHRInterceptor.send: rid header was already there in request"):((0,i.logDebugMessage)("XHRInterceptor.send: Adding rid header: anti-csrf"),e.setRequestHeader("rid","anti-csrf")),r=s.default.config.tokenTransferMethod,w.some((function(e){return"st-auth-mode"===e.name}))?(0,i.logDebugMessage)("XHRInterceptor.send: st-auth-mode header was already there in request"):((0,i.logDebugMessage)("XHRInterceptor.send: Adding st-auth-mode header: "+r),e.setRequestHeader("st-auth-mode",r)),[4,d(e,w)];case 4:return o.sent(),(0,i.logDebugMessage)("XHRInterceptor.send: Making user's http call"),[2,e.send(t)]}}))}))}))}M(b,n,!1)},XMLHttpRequest.__interceptedBySuperTokens=!0,XMLHttpRequest.__original=t}},895:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){e.done?o(e.value):new n((function(t){t(e.value)})).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}},s=this;Object.defineProperty(t,"__esModule",{value:!0});var i=n(142),a="browser-tabs-lock-key",u={key:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},getItem:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},clear:function(){return r(s,void 0,void 0,(function(){return o(this,(function(e){return[2,window.localStorage.clear()]}))}))},removeItem:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},setItem:function(e,t){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},keySync:function(e){return window.localStorage.key(e)},getItemSync:function(e){return window.localStorage.getItem(e)},clearSync:function(){return window.localStorage.clear()},removeItemSync:function(e){return window.localStorage.removeItem(e)},setItemSync:function(e,t){return window.localStorage.setItem(e,t)}};function c(e){return new Promise((function(t){return setTimeout(t,e)}))}function l(e){for(var t="0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz",n="",r=0;r<e;r++)n+=t[Math.floor(Math.random()*t.length)];return n}var d=function(){function e(t){this.acquiredIatSet=new Set,this.storageHandler=void 0,this.id=Date.now().toString()+l(15),this.acquireLock=this.acquireLock.bind(this),this.releaseLock=this.releaseLock.bind(this),this.releaseLock__private__=this.releaseLock__private__.bind(this),this.waitForSomethingToChange=this.waitForSomethingToChange.bind(this),this.refreshLockWhileAcquired=this.refreshLockWhileAcquired.bind(this),this.storageHandler=t,void 0===e.waiters&&(e.waiters=[])}return e.prototype.acquireLock=function(t,n){return void 0===n&&(n=5e3),r(this,void 0,void 0,(function(){var r,s,i,d,f,g,h;return o(this,(function(o){switch(o.label){case 0:r=Date.now()+l(4),s=Date.now()+n,i=a+"-"+t,d=void 0===this.storageHandler?u:this.storageHandler,o.label=1;case 1:return Date.now()<s?[4,c(30)]:[3,8];case 2:return o.sent(),null!==d.getItemSync(i)?[3,5]:(f=this.id+"-"+t+"-"+r,[4,c(Math.floor(25*Math.random()))]);case 3:return o.sent(),d.setItemSync(i,JSON.stringify({id:this.id,iat:r,timeoutKey:f,timeAcquired:Date.now(),timeRefreshed:Date.now()})),[4,c(30)];case 4:return o.sent(),null!==(g=d.getItemSync(i))&&(h=JSON.parse(g)).id===this.id&&h.iat===r?(this.acquiredIatSet.add(r),this.refreshLockWhileAcquired(i,r),[2,!0]):[3,7];case 5:return e.lockCorrector(void 0===this.storageHandler?u:this.storageHandler),[4,this.waitForSomethingToChange(s)];case 6:o.sent(),o.label=7;case 7:return r=Date.now()+l(4),[3,1];case 8:return[2,!1]}}))}))},e.prototype.refreshLockWhileAcquired=function(e,t){return r(this,void 0,void 0,(function(){var n=this;return o(this,(function(s){return setTimeout((function(){return r(n,void 0,void 0,(function(){var n,r,s;return o(this,(function(o){switch(o.label){case 0:return[4,i.default().lock(t)];case 1:return o.sent(),this.acquiredIatSet.has(t)?(n=void 0===this.storageHandler?u:this.storageHandler,null===(r=n.getItemSync(e))?(i.default().unlock(t),[2]):((s=JSON.parse(r)).timeRefreshed=Date.now(),n.setItemSync(e,JSON.stringify(s)),i.default().unlock(t),this.refreshLockWhileAcquired(e,t),[2])):(i.default().unlock(t),[2])}}))}))}),1e3),[2]}))}))},e.prototype.waitForSomethingToChange=function(t){return r(this,void 0,void 0,(function(){return o(this,(function(n){switch(n.label){case 0:return[4,new Promise((function(n){var r=!1,o=Date.now(),s=!1;function i(){if(s||(window.removeEventListener("storage",i),e.removeFromWaiting(i),clearTimeout(a),s=!0),!r){r=!0;var t=50-(Date.now()-o);t>0?setTimeout(n,t):n(null)}}window.addEventListener("storage",i),e.addToWaiting(i);var a=setTimeout(i,Math.max(0,t-Date.now()))}))];case 1:return n.sent(),[2]}}))}))},e.addToWaiting=function(t){this.removeFromWaiting(t),void 0!==e.waiters&&e.waiters.push(t)},e.removeFromWaiting=function(t){void 0!==e.waiters&&(e.waiters=e.waiters.filter((function(e){return e!==t})))},e.notifyWaiters=function(){void 0!==e.waiters&&e.waiters.slice().forEach((function(e){return e()}))},e.prototype.releaseLock=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){switch(t.label){case 0:return[4,this.releaseLock__private__(e)];case 1:return[2,t.sent()]}}))}))},e.prototype.releaseLock__private__=function(t){return r(this,void 0,void 0,(function(){var n,r,s,c;return o(this,(function(o){switch(o.label){case 0:return n=void 0===this.storageHandler?u:this.storageHandler,r=a+"-"+t,null===(s=n.getItemSync(r))?[2]:(c=JSON.parse(s)).id!==this.id?[3,2]:[4,i.default().lock(c.iat)];case 1:o.sent(),this.acquiredIatSet.delete(c.iat),n.removeItemSync(r),i.default().unlock(c.iat),e.notifyWaiters(),o.label=2;case 2:return[2]}}))}))},e.lockCorrector=function(t){for(var n=Date.now()-5e3,r=t,o=[],s=0;;){var i=r.keySync(s);if(null===i)break;o.push(i),s++}for(var u=!1,c=0;c<o.length;c++){var l=o[c];if(l.includes(a)){var d=r.getItemSync(l);if(null!==d){var f=JSON.parse(d);(void 0===f.timeRefreshed&&f.timeAcquired<n||void 0!==f.timeRefreshed&&f.timeRefreshed<n)&&(r.removeItemSync(l),u=!0)}}}u&&e.notifyWaiters()},e.waiters=void 0,e}();t.default=d},142:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});var n=function(){function e(){var e=this;this.locked=new Map,this.addToLocked=function(t,n){var r=e.locked.get(t);void 0===r?void 0===n?e.locked.set(t,[]):e.locked.set(t,[n]):void 0!==n&&(r.unshift(n),e.locked.set(t,r))},this.isLocked=function(t){return e.locked.has(t)},this.lock=function(t){return new Promise((function(n,r){e.isLocked(t)?e.addToLocked(t,n):(e.addToLocked(t),n())}))},this.unlock=function(t){var n=e.locked.get(t);if(void 0!==n&&0!==n.length){var r=n.pop();e.locked.set(t,n),void 0!==r&&setTimeout(r,0)}else e.locked.delete(t)}}return e.getInstance=function(){return void 0===e.instance&&(e.instance=new e),e.instance},e}();t.default=function(){return n.getInstance()}},225:function(e,t){var n=this&&this.__assign||function(){return n=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},n.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.getProxyObject=void 0,t.getProxyObject=function(e){for(var t=n(n({},e),{_call:function(e,t){throw new Error("This function should only be called through the recipe object")}}),r=function(e){"_call"!==e&&(t[e]=function(){for(var t=[],n=0;n<arguments.length;n++)t[n]=arguments[n];return this._call(e,t)})},o=0,s=Object.keys(t);o<s.length;o++)r(s[o]);return t}},333:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OverrideableBuilder=void 0;var r=n(225),o=function(){function e(e){this.layers=[e],this.proxies=[]}return e.prototype.override=function(e){for(var t=(0,r.getProxyObject)(this.layers[0]),n=e(t,this),o=0,s=Object.keys(this.layers[0]);o<s.length;o++){var i=s[o];n[i]===t[i]||"_call"===i?delete n[i]:void 0===n[i]&&(n[i]=null)}return this.layers.push(n),this.proxies.push(t),this},e.prototype.build=function(){var e=this;if(this.result)return this.result;this.result={};for(var t=0,n=this.layers;t<n.length;t++)for(var r=n[t],o=0,s=Object.keys(r);o<s.length;o++){var i=s[o],a=r[i];void 0!==a&&(this.result[i]=null===a?void 0:"function"==typeof a?a.bind(this.result):a)}for(var u=function(t){c.proxies[t]._call=function(n,r){for(var o=t;o>=0;--o){var s=e.layers[o][n];if(null!=s)return s.bind(e.result).apply(void 0,r)}}},c=this,l=0;l<this.proxies.length;++l)u(l);return this.result},e}();t.OverrideableBuilder=o,t.default=o}},t={};function n(r){var o=t[r];if(void 0!==o)return o.exports;var s=t[r]={exports:{}};return e[r].call(s.exports,s,s.exports,n),s.exports}n.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}();var r=n(280);supertokens=r})();
\ No newline at end of file
diff --git a/lib/build/recipeImplementation.js b/lib/build/recipeImplementation.js
index 47feb57f..679b1d7f 100644
--- a/lib/build/recipeImplementation.js
+++ b/lib/build/recipeImplementation.js
@@ -501,12 +501,6 @@ function RecipeImplementation(recipeImplInput) {
                     " sessionTokenBackendDomain: " +
                     sessionTokenBackendDomain
             );
-            function isNumeric(str) {
-                if (typeof str != "string") return false; // we only process strings!
-                return (
-                    !isNaN(str) && !isNaN(parseFloat(str)) // use type coercion to parse the _entirety_ of the string (`parseFloat` alone does not do this)...
-                ); // ...and ensure strings of whitespace fail
-            }
             // The safest/best way to add this is the hash as the browser strips it before sending
             // but we don't have a reason to limit checking to that part.
             if (toCheckUrl.includes("superTokensDoNotDoInterception")) {
@@ -515,28 +509,20 @@ function RecipeImplementation(recipeImplInput) {
             toCheckUrl = (0, utils_1.normaliseURLDomainOrThrowError)(toCheckUrl);
             var urlObj = new URL(toCheckUrl);
             var domain = urlObj.hostname;
-            if (sessionTokenBackendDomain === undefined) {
-                domain = urlObj.port === "" ? domain : domain + ":" + urlObj.port;
+            var apiDomainAndInputDomainMatch = false;
+            if (apiDomain !== "") {
+                // we have the "" check cause in tests, we pass "" in lots of cases.
                 apiDomain = (0, utils_1.normaliseURLDomainOrThrowError)(apiDomain);
                 var apiUrlObj = new URL(apiDomain);
-                return (
-                    domain === (apiUrlObj.port === "" ? apiUrlObj.hostname : apiUrlObj.hostname + ":" + apiUrlObj.port)
-                );
+                apiDomainAndInputDomainMatch = domain === apiUrlObj.hostname;
+            }
+            if (sessionTokenBackendDomain === undefined || apiDomainAndInputDomainMatch) {
+                // even if sessionTokenBackendDomain !== undefined, if there is an exact match
+                // of api domain, ignoring the port, we return true
+                return apiDomainAndInputDomainMatch;
             } else {
                 var normalisedsessionDomain = (0, utils_1.normaliseSessionScopeOrThrowError)(sessionTokenBackendDomain);
-                if (sessionTokenBackendDomain.split(":").length > 1) {
-                    // means port may provided
-                    var portStr = sessionTokenBackendDomain.split(":")[sessionTokenBackendDomain.split(":").length - 1];
-                    if (isNumeric(portStr)) {
-                        normalisedsessionDomain += ":" + portStr;
-                        domain = urlObj.port === "" ? domain : domain + ":" + urlObj.port;
-                    }
-                }
-                if (sessionTokenBackendDomain.startsWith(".")) {
-                    return ("." + domain).endsWith(normalisedsessionDomain);
-                } else {
-                    return domain === normalisedsessionDomain;
-                }
+                return (0, utils_1.matchesDomainOrSubdomain)(domain, normalisedsessionDomain);
             }
         },
         calculateClockSkewInMillis: function (_a) {
diff --git a/lib/build/utils/index.d.ts b/lib/build/utils/index.d.ts
index 62b6d5b6..13363fc2 100644
--- a/lib/build/utils/index.d.ts
+++ b/lib/build/utils/index.d.ts
@@ -1,6 +1,14 @@
 import { InputType, NormalisedInputType } from "../types";
 export declare function normaliseURLDomainOrThrowError(input: string): string;
 export declare function normaliseURLPathOrThrowError(input: string): string;
-export declare function normaliseSessionScopeOrThrowError(sessionTokenFrontendDomain: string): string;
+export declare function normaliseSessionScopeOrThrowError(sessionScope: string): string;
 export declare function validateAndNormaliseInputOrThrowError(options: InputType): NormalisedInputType;
 export declare function getNormalisedUserContext(userContext?: any): any;
+/**
+ * Checks if a given string matches any subdomain or the main domain of a specified hostname.
+ *
+ * @param {string} hostname - The hostname to derive subdomains from.
+ * @param {string} str - The string to compare against the subdomains.
+ * @returns {boolean} True if the string matches any subdomain or the main domain, otherwise false.
+ */
+export declare function matchesDomainOrSubdomain(hostname: string, str: string): boolean;
diff --git a/lib/build/utils/index.js b/lib/build/utils/index.js
index dd81f15f..5e7029d7 100644
--- a/lib/build/utils/index.js
+++ b/lib/build/utils/index.js
@@ -159,7 +159,8 @@ var __generator =
         }
     };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getNormalisedUserContext =
+exports.matchesDomainOrSubdomain =
+    exports.getNormalisedUserContext =
     exports.validateAndNormaliseInputOrThrowError =
     exports.normaliseSessionScopeOrThrowError =
     exports.normaliseURLPathOrThrowError =
@@ -177,33 +178,29 @@ function normaliseURLPathOrThrowError(input) {
     return new normalisedURLPath_1.default(input).getAsStringDangerous();
 }
 exports.normaliseURLPathOrThrowError = normaliseURLPathOrThrowError;
-function normaliseSessionScopeOrThrowError(sessionTokenFrontendDomain) {
-    function helper(sessionTokenFrontendDomain) {
-        sessionTokenFrontendDomain = sessionTokenFrontendDomain.trim().toLowerCase();
+function normaliseSessionScopeOrThrowError(sessionScope) {
+    function helper(sessionScope) {
+        sessionScope = sessionScope.trim().toLowerCase();
         // first we convert it to a URL so that we can use the URL class
-        if (sessionTokenFrontendDomain.startsWith(".")) {
-            sessionTokenFrontendDomain = sessionTokenFrontendDomain.substr(1);
+        if (sessionScope.startsWith(".")) {
+            sessionScope = sessionScope.substr(1);
         }
-        if (!sessionTokenFrontendDomain.startsWith("http://") && !sessionTokenFrontendDomain.startsWith("https://")) {
-            sessionTokenFrontendDomain = "http://" + sessionTokenFrontendDomain;
+        if (!sessionScope.startsWith("http://") && !sessionScope.startsWith("https://")) {
+            sessionScope = "http://" + sessionScope;
         }
         try {
-            var urlObj = new URL(sessionTokenFrontendDomain);
-            sessionTokenFrontendDomain = urlObj.hostname;
-            // remove leading dot
-            if (sessionTokenFrontendDomain.startsWith(".")) {
-                sessionTokenFrontendDomain = sessionTokenFrontendDomain.substr(1);
-            }
-            return sessionTokenFrontendDomain;
+            var urlObj = new URL(sessionScope);
+            sessionScope = urlObj.hostname;
+            return sessionScope;
         } catch (err) {
-            throw new Error("Please provide a valid sessionTokenFrontendDomain");
+            throw new Error("Please provide a valid sessionScope");
         }
     }
-    var noDotNormalised = helper(sessionTokenFrontendDomain);
+    var noDotNormalised = helper(sessionScope);
     if (noDotNormalised === "localhost" || (0, normalisedURLDomain_1.isAnIpAddress)(noDotNormalised)) {
         return noDotNormalised;
     }
-    if (sessionTokenFrontendDomain.startsWith(".")) {
+    if (sessionScope.startsWith(".")) {
         return "." + noDotNormalised;
     }
     return noDotNormalised;
@@ -302,3 +299,21 @@ function getNormalisedUserContext(userContext) {
     return userContext;
 }
 exports.getNormalisedUserContext = getNormalisedUserContext;
+/**
+ * Checks if a given string matches any subdomain or the main domain of a specified hostname.
+ *
+ * @param {string} hostname - The hostname to derive subdomains from.
+ * @param {string} str - The string to compare against the subdomains.
+ * @returns {boolean} True if the string matches any subdomain or the main domain, otherwise false.
+ */
+function matchesDomainOrSubdomain(hostname, str) {
+    var parts = hostname.split(".");
+    for (var i = 0; i < parts.length; i++) {
+        var subdomainCandidate = parts.slice(i).join(".");
+        if (subdomainCandidate === str || ".".concat(subdomainCandidate) === str) {
+            return true;
+        }
+    }
+    return false;
+}
+exports.matchesDomainOrSubdomain = matchesDomainOrSubdomain;
diff --git a/lib/build/version.d.ts b/lib/build/version.d.ts
index bc3d558f..86e27f6a 100644
--- a/lib/build/version.d.ts
+++ b/lib/build/version.d.ts
@@ -1,2 +1,2 @@
-export declare const package_version = "19.0.1";
+export declare const package_version = "20.0.0";
 export declare const supported_fdi: string[];
diff --git a/lib/build/version.js b/lib/build/version.js
index bf44ca86..21520b55 100644
--- a/lib/build/version.js
+++ b/lib/build/version.js
@@ -15,5 +15,5 @@ exports.supported_fdi = exports.package_version = void 0;
  * License for the specific language governing permissions and limitations
  * under the License.
  */
-exports.package_version = "19.0.1";
+exports.package_version = "20.0.0";
 exports.supported_fdi = ["1.16", "1.17", "1.18", "1.19"];
diff --git a/lib/ts/recipeImplementation.ts b/lib/ts/recipeImplementation.ts
index 31ebe699..63b50ca0 100644
--- a/lib/ts/recipeImplementation.ts
+++ b/lib/ts/recipeImplementation.ts
@@ -13,7 +13,7 @@ import { supported_fdi } from "./version";
 import { logDebugMessage } from "./logger";
 import { STGeneralError } from "./error";
 import { addInterceptorsToXMLHttpRequest } from "./xmlhttprequest";
-import { normaliseSessionScopeOrThrowError, normaliseURLDomainOrThrowError } from "./utils";
+import { matchesDomainOrSubdomain, normaliseSessionScopeOrThrowError, normaliseURLDomainOrThrowError } from "./utils";
 import DateProviderReference from "./utils/dateProvider";
 
 export default function RecipeImplementation(recipeImplInput: {
@@ -270,12 +270,6 @@ export default function RecipeImplementation(recipeImplInput: {
                     " sessionTokenBackendDomain: " +
                     sessionTokenBackendDomain
             );
-            function isNumeric(str: any) {
-                if (typeof str != "string") return false; // we only process strings!
-                return (
-                    !isNaN(str as any) && !isNaN(parseFloat(str)) // use type coercion to parse the _entirety_ of the string (`parseFloat` alone does not do this)...
-                ); // ...and ensure strings of whitespace fail
-            }
 
             // The safest/best way to add this is the hash as the browser strips it before sending
             // but we don't have a reason to limit checking to that part.
@@ -286,28 +280,20 @@ export default function RecipeImplementation(recipeImplInput: {
             toCheckUrl = normaliseURLDomainOrThrowError(toCheckUrl);
             let urlObj = new URL(toCheckUrl);
             let domain = urlObj.hostname;
-            if (sessionTokenBackendDomain === undefined) {
-                domain = urlObj.port === "" ? domain : domain + ":" + urlObj.port;
+            let apiDomainAndInputDomainMatch = false;
+            if (apiDomain !== "") {
+                // we have the "" check cause in tests, we pass "" in lots of cases.
                 apiDomain = normaliseURLDomainOrThrowError(apiDomain);
                 let apiUrlObj = new URL(apiDomain);
-                return (
-                    domain === (apiUrlObj.port === "" ? apiUrlObj.hostname : apiUrlObj.hostname + ":" + apiUrlObj.port)
-                );
+                apiDomainAndInputDomainMatch = domain === apiUrlObj.hostname;
+            }
+            if (sessionTokenBackendDomain === undefined || apiDomainAndInputDomainMatch) {
+                // even if sessionTokenBackendDomain !== undefined, if there is an exact match
+                // of api domain, ignoring the port, we return true
+                return apiDomainAndInputDomainMatch;
             } else {
                 let normalisedsessionDomain = normaliseSessionScopeOrThrowError(sessionTokenBackendDomain);
-                if (sessionTokenBackendDomain.split(":").length > 1) {
-                    // means port may provided
-                    let portStr = sessionTokenBackendDomain.split(":")[sessionTokenBackendDomain.split(":").length - 1];
-                    if (isNumeric(portStr)) {
-                        normalisedsessionDomain += ":" + portStr;
-                        domain = urlObj.port === "" ? domain : domain + ":" + urlObj.port;
-                    }
-                }
-                if (sessionTokenBackendDomain.startsWith(".")) {
-                    return ("." + domain).endsWith(normalisedsessionDomain);
-                } else {
-                    return domain === normalisedsessionDomain;
-                }
+                return matchesDomainOrSubdomain(domain, normalisedsessionDomain);
             }
         },
 
diff --git a/lib/ts/utils/index.ts b/lib/ts/utils/index.ts
index b4bf0a06..0332c7b6 100644
--- a/lib/ts/utils/index.ts
+++ b/lib/ts/utils/index.ts
@@ -34,41 +34,36 @@ export function normaliseURLPathOrThrowError(input: string): string {
     return new NormalisedURLPath(input).getAsStringDangerous();
 }
 
-export function normaliseSessionScopeOrThrowError(sessionTokenFrontendDomain: string): string {
-    function helper(sessionTokenFrontendDomain: string): string {
-        sessionTokenFrontendDomain = sessionTokenFrontendDomain.trim().toLowerCase();
+export function normaliseSessionScopeOrThrowError(sessionScope: string): string {
+    function helper(sessionScope: string): string {
+        sessionScope = sessionScope.trim().toLowerCase();
 
         // first we convert it to a URL so that we can use the URL class
-        if (sessionTokenFrontendDomain.startsWith(".")) {
-            sessionTokenFrontendDomain = sessionTokenFrontendDomain.substr(1);
+        if (sessionScope.startsWith(".")) {
+            sessionScope = sessionScope.substr(1);
         }
 
-        if (!sessionTokenFrontendDomain.startsWith("http://") && !sessionTokenFrontendDomain.startsWith("https://")) {
-            sessionTokenFrontendDomain = "http://" + sessionTokenFrontendDomain;
+        if (!sessionScope.startsWith("http://") && !sessionScope.startsWith("https://")) {
+            sessionScope = "http://" + sessionScope;
         }
 
         try {
-            let urlObj = new URL(sessionTokenFrontendDomain);
-            sessionTokenFrontendDomain = urlObj.hostname;
+            let urlObj = new URL(sessionScope);
+            sessionScope = urlObj.hostname;
 
-            // remove leading dot
-            if (sessionTokenFrontendDomain.startsWith(".")) {
-                sessionTokenFrontendDomain = sessionTokenFrontendDomain.substr(1);
-            }
-
-            return sessionTokenFrontendDomain;
+            return sessionScope;
         } catch (err) {
-            throw new Error("Please provide a valid sessionTokenFrontendDomain");
+            throw new Error("Please provide a valid sessionScope");
         }
     }
 
-    let noDotNormalised = helper(sessionTokenFrontendDomain);
+    let noDotNormalised = helper(sessionScope);
 
     if (noDotNormalised === "localhost" || isAnIpAddress(noDotNormalised)) {
         return noDotNormalised;
     }
 
-    if (sessionTokenFrontendDomain.startsWith(".")) {
+    if (sessionScope.startsWith(".")) {
         return "." + noDotNormalised;
     }
 
@@ -169,3 +164,23 @@ export function getNormalisedUserContext(userContext?: any): any {
 
     return userContext;
 }
+
+/**
+ * Checks if a given string matches any subdomain or the main domain of a specified hostname.
+ *
+ * @param {string} hostname - The hostname to derive subdomains from.
+ * @param {string} str - The string to compare against the subdomains.
+ * @returns {boolean} True if the string matches any subdomain or the main domain, otherwise false.
+ */
+export function matchesDomainOrSubdomain(hostname: string, str: string): boolean {
+    const parts = hostname.split(".");
+
+    for (let i = 0; i < parts.length; i++) {
+        const subdomainCandidate = parts.slice(i).join(".");
+        if (subdomainCandidate === str || `.${subdomainCandidate}` === str) {
+            return true;
+        }
+    }
+
+    return false;
+}
diff --git a/lib/ts/version.ts b/lib/ts/version.ts
index 66cf5ed3..6d66bbf2 100644
--- a/lib/ts/version.ts
+++ b/lib/ts/version.ts
@@ -12,6 +12,6 @@
  * License for the specific language governing permissions and limitations
  * under the License.
  */
-export const package_version = "19.0.1";
+export const package_version = "20.0.0";
 
 export const supported_fdi = ["1.16", "1.17", "1.18", "1.19"];
diff --git a/package-lock.json b/package-lock.json
index ba5de1ca..32003f85 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "supertokens-website",
-  "version": "19.0.1",
+  "version": "20.0.0",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "supertokens-website",
-      "version": "19.0.1",
+      "version": "20.0.0",
       "license": "Apache-2.0",
       "dependencies": {
         "browser-tabs-lock": "^1.3.0",
diff --git a/package.json b/package.json
index 5516360a..60ce49ad 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "supertokens-website",
-  "version": "19.0.1",
+  "version": "20.0.0",
   "description": "frontend sdk for website to be used for auth solution.",
   "main": "index.js",
   "dependencies": {
diff --git a/test/config.test.js b/test/config.test.js
index c30b3188..ee2a5078 100644
--- a/test/config.test.js
+++ b/test/config.test.js
@@ -54,6 +54,9 @@ describe("Config tests", function () {
         );
         assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "localhost:3000", undefined));
         assert(shouldDoInterceptionBasedOnUrl("https://localhost:3000", "https://localhost:3000", undefined));
+        assert(shouldDoInterceptionBasedOnUrl("https://localhost:3000", "https://localhost:3001", undefined));
+        assert(shouldDoInterceptionBasedOnUrl("http://localhost:3000", "http://localhost:3001", undefined));
+        assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "localhost:3001", undefined));
         assert(shouldDoInterceptionBasedOnUrl("http://localhost:3000", "http://localhost:3000", undefined));
         assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "https://localhost:3000", undefined));
         assert(shouldDoInterceptionBasedOnUrl("localhost", "https://localhost", undefined));
@@ -71,14 +74,22 @@ describe("Config tests", function () {
         assert(shouldDoInterceptionBasedOnUrl("api.example.com", "", "api.example.com"));
         assert(shouldDoInterceptionBasedOnUrl("http://api.example.com", "", "http://api.example.com"));
         assert(shouldDoInterceptionBasedOnUrl("api.example.com", "", ".example.com"));
+        assert(shouldDoInterceptionBasedOnUrl("api.example.com", "", "example.com"));
         assert(shouldDoInterceptionBasedOnUrl("https://api.example.com", "", "http://api.example.com"));
         assert(shouldDoInterceptionBasedOnUrl("https://api.example.com", "", "https://api.example.com"));
+        assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".sub.api.example.com"));
+        assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "sub.api.example.com"));
         assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".api.example.com"));
+        assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "api.example.com"));
         assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", ".example.com"));
+        assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com", "", "example.com"));
         assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".example.com:3000"));
+        assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "example.com:3000"));
         assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".example.com"));
+        assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "example.com"));
         assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "https://sub.api.example.com"));
         assert(shouldDoInterceptionBasedOnUrl("https://api.example.com:3000", "", ".api.example.com"));
+        assert(shouldDoInterceptionBasedOnUrl("https://api.example.com:3000", "", "api.example.com"));
         assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "", "localhost:3000"));
         assert(shouldDoInterceptionBasedOnUrl("https://localhost:3000", "", ".localhost:3000"));
         assert(shouldDoInterceptionBasedOnUrl("localhost", "", "localhost"));
@@ -96,31 +107,44 @@ describe("Config tests", function () {
         assert(shouldDoInterceptionBasedOnUrl("https://sub1.api.example.co.uk:3000", "", ".api.example.co.uk"));
         assert(shouldDoInterceptionBasedOnUrl("https://api.example.co.uk:3000", "", ".api.example.co.uk"));
         assert(shouldDoInterceptionBasedOnUrl("https://api.example.co.uk:3000", "", "api.example.co.uk"));
+        assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "localhost:8080", undefined));
+        assert(shouldDoInterceptionBasedOnUrl("localhost:3001", "localhost", undefined));
+        assert(
+            shouldDoInterceptionBasedOnUrl("https://api.example.com:3002", "https://api.example.com:3001", undefined)
+        );
+        assert(shouldDoInterceptionBasedOnUrl(window.location.hostname, "localhost.org:2000", undefined));
+        assert(shouldDoInterceptionBasedOnUrl(window.location.hostname, "localhost", "localhost.org"));
+        assert(shouldDoInterceptionBasedOnUrl("localhost", "localhost", "localhost.org"));
+        assert(shouldDoInterceptionBasedOnUrl("localhost", "", "localhost:8080"));
+        assert(shouldDoInterceptionBasedOnUrl("http://localhost:80", "", "localhost:8080"));
+        assert(shouldDoInterceptionBasedOnUrl("localhost:3000", "", "localhost:8080"));
+        assert(shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".example.com:3001"));
+        assert(shouldDoInterceptionBasedOnUrl("http://127.0.0.1:3000", "", "https://127.0.0.1:3010"));
 
         // false cases with api
-        assert(!shouldDoInterceptionBasedOnUrl("localhost:3001", "localhost:3000", undefined));
+        assert(!shouldDoInterceptionBasedOnUrl("localhost", "localhost.org"));
+        assert(!shouldDoInterceptionBasedOnUrl("google.com", "localhost.org"));
+        assert(!shouldDoInterceptionBasedOnUrl("http://google.com", "localhost.org"));
+        assert(!shouldDoInterceptionBasedOnUrl("https://google.com", "localhost.org"));
+        assert(!shouldDoInterceptionBasedOnUrl("https://google.com:8080", "localhost.org"));
         assert(!shouldDoInterceptionBasedOnUrl("localhost:3001", "example.com", undefined));
-        assert(!shouldDoInterceptionBasedOnUrl("localhost:3001", "localhost", undefined));
         assert(!shouldDoInterceptionBasedOnUrl("https://example.com", "https://api.example.com", undefined));
         assert(!shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://a.api.example.com", undefined));
+        assert(!shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://a.api.example.com:3000", undefined));
         assert(!shouldDoInterceptionBasedOnUrl("https://api.example.com", "https://example.com", undefined));
         assert(!shouldDoInterceptionBasedOnUrl("https://example.com:3001", "https://api.example.com:3001", undefined));
-        assert(
-            !shouldDoInterceptionBasedOnUrl("https://api.example.com:3002", "https://api.example.com:3001", undefined)
-        );
-        assert(!shouldDoInterceptionBasedOnUrl(window.location.hostname, "localhost.org:2000", undefined));
 
         // false cases with cookieDomain
-        assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", ".example.com:3001"));
-        assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "example.com"));
+        assert(!shouldDoInterceptionBasedOnUrl("localhost", "", "localhost.org"));
+        assert(!shouldDoInterceptionBasedOnUrl("google.com", "", "localhost.org"));
+        assert(!shouldDoInterceptionBasedOnUrl("http://google.com", "", "localhost.org"));
+        assert(!shouldDoInterceptionBasedOnUrl("https://google.com", "", "localhost.org"));
+        assert(!shouldDoInterceptionBasedOnUrl("https://google.com:8080", "", "localhost.org"));
         assert(!shouldDoInterceptionBasedOnUrl("https://api.example.com:3000", "", ".a.api.example.com"));
         assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.com:3000", "", "localhost"));
-        assert(!shouldDoInterceptionBasedOnUrl("http://127.0.0.1:3000", "", "https://127.0.0.1:3010"));
         assert(!shouldDoInterceptionBasedOnUrl(window.location.hostname, "", "localhost"));
         assert(!shouldDoInterceptionBasedOnUrl(window.location.hostname, "", ".localhost"));
         assert(!shouldDoInterceptionBasedOnUrl(window.location.hostname, "", "localhost:2000"));
-        assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.co.uk:3000", "", "api.example.co.uk"));
-        assert(!shouldDoInterceptionBasedOnUrl("https://sub.api.example.co.uk", "", "api.example.co.uk"));
 
         // errors in input
         try {
@@ -175,7 +199,7 @@ describe("Config tests", function () {
             normaliseSessionScopeOrThrowError("http://");
             assert(false);
         } catch (err) {
-            assert(err.message === "Please provide a valid sessionTokenFrontendDomain");
+            assert(err.message === "Please provide a valid sessionScope");
         }
     });