diff --git a/CHANGELOG.md b/CHANGELOG.md
index 08af2671..fbaa62e8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [17.0.6] - 2024-01-11
+
+### Changes
+
+- Added `getClockSkewInMillis` as an overrideable function in the recipe interface and dateProvider as config option, both aimed at resolving clock skew issues.
+
 ## [17.0.5] - 2024-01-03
 
 ### Fixes
diff --git a/bundle/bundle.js b/bundle/bundle.js
index 59c80718..1b373954 100644
--- a/bundle/bundle.js
+++ b/bundle/bundle.js
@@ -1 +1 @@
-var supertokens;(()=>{"use strict";var e={759:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.responseErrorInterceptor=t.responseInterceptor=t.interceptorFunctionRequestFulfilled=void 0;var i=n(600),a=n(379),u=n(743),c=n(958),l=n(845);function d(e){var t=void 0===e.url?"":e.url,n=e.baseURL;return void 0!==n&&(t="/"===t.charAt(0)&&"/"===n.charAt(n.length-1)?n+t.substr(1):"/"!==t.charAt(0)&&"/"!==n.charAt(n.length-1)?n+"/"+t:n+t),t}t.interceptorFunctionRequestFulfilled=function(e){return o(this,void 0,void 0,(function(){var t,n,o,i,f,h;return s(this,(function(s){switch(s.label){case 0:(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: started axios interception"),t=d(e),n=!1;try{n="string"==typeof t&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(t,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Trying shouldDoInterceptionBasedOnUrl with location.origin"),n=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)}return(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Value of doNotDoInterception: "+n),n?((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Returning config unchanged"),[2,e]):((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Modifying config"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),[4,(0,a.getLocalSessionState)(!0)]);case 1:return o=s.sent(),i=e,"EXISTS"!==o.status?[3,3]:[4,a.AntiCsrfToken.getToken(o.lastAccessTokenUpdate)];case 2:void 0!==(f=s.sent())&&((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding anti-csrf token to request"),i=r(r({},i),{headers:void 0===i?{"anti-csrf":f}:r(r({},i.headers),{"anti-csrf":f})})),s.label=3;case 3:return a.default.config.autoAddCredentials&&void 0===i.withCredentials&&((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding credentials include"),i=r(r({},i),{withCredentials:!0})),(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding rid header: anti-csrf (it may be overriden by the user's provided rid)"),i=r(r({},i),{headers:void 0===i?{rid:"anti-csrf"}:r({rid:"anti-csrf"},i.headers)}),h=a.default.config.tokenTransferMethod,(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding st-auth-mode header: "+h),i.headers["st-auth-mode"]=h,[4,p(i)];case 4:return[4,g(i=s.sent())];case 5:return s.sent(),(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: returning modified config"),[2,i]}}))}))},t.responseInterceptor=function(e){var t=this;return function(n){return o(t,void 0,void 0,(function(){var t,r,o,i,g;return s(this,(function(s){switch(s.label){case 0:t=!1,s.label=1;case 1:if(s.trys.push([1,,8,14]),!a.default.initCalled)throw new Error("init function not called");(0,l.logDebugMessage)("responseInterceptor: started"),(0,l.logDebugMessage)("responseInterceptor: already intercepted: "+n.headers["x-supertokens-xhr-intercepted"]),r=d(n.config);try{t="string"==typeof r&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(r,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)||!!n.headers["x-supertokens-xhr-intercepted"]}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("responseInterceptor: Trying shouldDoInterceptionBasedOnUrl with location.origin"),t=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)||!!n.headers["x-supertokens-xhr-intercepted"]}return(0,l.logDebugMessage)("responseInterceptor: Value of doNotDoInterception: "+t),t?((0,l.logDebugMessage)("responseInterceptor: Returning without interception"),[2,n]):((0,l.logDebugMessage)("responseInterceptor: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_RESPONSE),[4,(0,a.getLocalSessionState)(!1)]);case 2:return o=s.sent(),[4,h(n)];case 3:return s.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===o.status,n.status,n.headers["front-token"]),n.status!==a.default.config.sessionExpiredStatusCode?[3,4]:((0,l.logDebugMessage)("responseInterceptor: Status code is: "+n.status),i=n.config,[2,f.doRequest((function(t){return e(t)}),i,r,n,void 0,!0)]);case 4:return n.status!==a.default.config.invalidClaimStatusCode?[3,6]:[4,(0,a.onInvalidClaimResponse)(n)];case 5:s.sent(),s.label=6;case 6:return[2,n];case 7:return[3,14];case 8:return(g=!t)?[4,(0,a.getLocalSessionState)(!0)]:[3,10];case 9:g=!("EXISTS"===s.sent().status),s.label=10;case 10:return g?((0,l.logDebugMessage)("responseInterceptor: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,a.AntiCsrfToken.removeToken()]):[3,13];case 11:return s.sent(),[4,a.FrontToken.removeToken()];case 12:s.sent(),s.label=13;case 13:return[7];case 14:return[2]}}))}))}},t.responseErrorInterceptor=function(e){var t=this;return function(n){return o(t,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:if((0,l.logDebugMessage)("responseErrorInterceptor: called"),(0,l.logDebugMessage)("responseErrorInterceptor: already intercepted: "+(n.response&&n.response.headers["x-supertokens-xhr-intercepted"])),n.response.headers["x-supertokens-xhr-intercepted"])throw n;return void 0===n.response||n.response.status!==a.default.config.sessionExpiredStatusCode?[3,1]:((0,l.logDebugMessage)("responseErrorInterceptor: Status code is: "+n.response.status),t=n.config,[2,f.doRequest((function(t){return e(t)}),t,d(t),void 0,n,!0)]);case 1:return void 0===n.response||n.response.status!==a.default.config.invalidClaimStatusCode?[3,3]:[4,(0,a.onInvalidClaimResponse)(n.response)];case 2:r.sent(),r.label=3;case 3:throw n}}))}))}};var f=function(){function e(){}var t;return t=e,e.doRequest=function(e,n,u,d,f,v){return void 0===v&&(v=!1),o(void 0,void 0,void 0,(function(){var o,b,m,k,y,w,S,T,I,R,D,E,x,M;return s(t,(function(t){switch(t.label){case 0:if(!a.default.initCalled)throw Error("init function not called");(0,l.logDebugMessage)("doRequest: called"),o=!1;try{o="string"==typeof u&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(u,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)&&v}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("doRequest: Trying shouldDoInterceptionBasedOnUrl with location.origin"),o=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)&&v}if((0,l.logDebugMessage)("doRequest: Value of doNotDoInterception: "+o),!o)return[3,2];if((0,l.logDebugMessage)("doRequest: Returning without interception"),void 0!==f)throw f;return void 0!==d?[2,d]:[4,e(n)];case 1:return[2,t.sent()];case 2:return(0,l.logDebugMessage)("doRequest: Interception started"),[4,p(n)];case 3:n=t.sent(),t.label=4;case 4:t.trys.push([4,,40,45]),b=void 0,t.label=5;case 5:return[4,(0,a.getLocalSessionState)(!0)];case 6:return m=t.sent(),k=n,"EXISTS"!==m.status?[3,8]:[4,a.AntiCsrfToken.getToken(m.lastAccessTokenUpdate)];case 7:void 0!==(y=t.sent())&&((0,l.logDebugMessage)("doRequest: Adding anti-csrf token to request"),k=r(r({},k),{headers:void 0===k?{"anti-csrf":y}:r(r({},k.headers),{"anti-csrf":y})})),t.label=8;case 8:return a.default.config.autoAddCredentials&&void 0===k.withCredentials&&((0,l.logDebugMessage)("doRequest: Adding credentials include"),k=r(r({},k),{withCredentials:!0})),(0,l.logDebugMessage)("doRequest: Adding rid header: anti-csrf (May get overriden by user's rid)"),k=r(r({},k),{headers:void 0===k?{rid:"anti-csrf"}:r({rid:"anti-csrf"},k.headers)}),w=a.default.config.tokenTransferMethod,(0,l.logDebugMessage)("doRequest: Adding st-auth-mode header: "+w),k.headers["st-auth-mode"]=w,[4,g(k)];case 9:t.sent(),t.label=10;case 10:if(t.trys.push([10,25,,38]),S=f,T=d,f=void 0,d=void 0,void 0!==S)throw(0,l.logDebugMessage)("doRequest: Not making call because localPrevError is not undefined"),S;return void 0!==T?(0,l.logDebugMessage)("doRequest: Not making call because localPrevResponse is not undefined"):(0,l.logDebugMessage)("doRequest: Making user's http call"),void 0!==T?[3,12]:[4,e(k)];case 11:return I=t.sent(),[3,13];case 12:I=T,t.label=13;case 13:return E=I,(0,l.logDebugMessage)("doRequest: User's http call ended"),[4,h(E)];case 14:return t.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===m.status,E.status,E.headers["front-token"]),E.status!==a.default.config.sessionExpiredStatusCode?[3,21]:((0,l.logDebugMessage)("doRequest: Status code is: "+E.status),[4,(0,a.onUnauthorisedResponse)(m)]);case 15:return"RETRY"===(x=t.sent()).result?[3,20]:((0,l.logDebugMessage)("doRequest: Not retrying original request"),x.error?[4,(0,i.createAxiosErrorFromFetchResp)(x.error)]:[3,17]);case 16:return R=t.sent(),[3,19];case 17:return[4,(0,i.createAxiosErrorFromAxiosResp)(E)];case 18:R=t.sent(),t.label=19;case 19:return b=R,[3,39];case 20:return(0,l.logDebugMessage)("doRequest: Retrying original request"),[3,24];case 21:return E.status!==a.default.config.invalidClaimStatusCode?[3,23]:[4,(0,a.onInvalidClaimResponse)(E)];case 22:t.sent(),t.label=23;case 23:return[2,E];case 24:return[3,38];case 25:return D=t.sent(),void 0===(E=D.response)?[3,36]:[4,h(E)];case 26:return t.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===m.status,E.status,E.headers["front-token"]),E.status!==a.default.config.sessionExpiredStatusCode?[3,32]:((0,l.logDebugMessage)("doRequest: Status code is: "+E.status),[4,(0,a.onUnauthorisedResponse)(m)]);case 27:return"RETRY"===(x=t.sent()).result?[3,31]:((0,l.logDebugMessage)("doRequest: Not retrying original request"),void 0===x.error?[3,29]:[4,(0,i.createAxiosErrorFromFetchResp)(x.error)]);case 28:return M=t.sent(),[3,30];case 29:M=D,t.label=30;case 30:return b=M,[3,39];case 31:return(0,l.logDebugMessage)("doRequest: Retrying original request"),[3,35];case 32:return E.status!==a.default.config.invalidClaimStatusCode?[3,34]:[4,(0,a.onInvalidClaimResponse)(E)];case 33:t.sent(),t.label=34;case 34:throw D;case 35:return[3,37];case 36:throw D;case 37:return[3,38];case 38:return[3,5];case 39:throw b;case 40:return[4,(0,a.getLocalSessionState)(!1)];case 41:return"NOT_EXISTS"!==t.sent().status?[3,44]:((0,l.logDebugMessage)("doRequest: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,a.AntiCsrfToken.removeToken()]);case 42:return t.sent(),[4,a.FrontToken.removeToken()];case 43:t.sent(),t.label=44;case 44:return[7];case 45:return[2]}}))}))},e}();function g(e){return o(this,void 0,void 0,(function(){var t,n;return s(this,(function(o){switch(o.label){case 0:return void 0===e.headers&&(e.headers={}),(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: adding existing tokens as header"),[4,(0,a.getTokenForHeaderAuth)("access")];case 1:return t=o.sent(),[4,(0,a.getTokenForHeaderAuth)("refresh")];case 2:return n=o.sent(),void 0!==t&&void 0!==n?void 0!==e.headers.Authorization||void 0!==e.headers.authorization?(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):((0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.headers=r(r({},e.headers),{Authorization:"Bearer ".concat(t)}),e.__supertokensAddedAuthHeader=!0):(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"),[2]}}))}))}function h(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i;return s(this,(function(s){switch(s.label){case 0:return(0,l.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response"),void 0===(t=e.headers["st-refresh-token"])?[3,2]:((0,l.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,(0,a.setToken)("refresh",t)]);case 1:s.sent(),s.label=2;case 2:return void 0===(n=e.headers["st-access-token"])?[3,4]:((0,l.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,(0,a.setToken)("access",n)]);case 3:s.sent(),s.label=4;case 4:return void 0===(r=e.headers["front-token"])?[3,6]:((0,l.logDebugMessage)("doRequest: Setting sFrontToken: "+r),[4,a.FrontToken.setItem(r)]);case 5:s.sent(),s.label=6;case 6:return void 0===(o=e.headers["anti-csrf"])?[3,9]:[4,(0,a.getLocalSessionState)(!0)];case 7:return"EXISTS"!==(i=s.sent()).status?[3,9]:((0,l.logDebugMessage)("doRequest: Setting anti-csrf token"),[4,a.AntiCsrfToken.setItem(i.lastAccessTokenUpdate,o)]);case 8:s.sent(),s.label=9;case 9:return[2]}}))}))}function p(e){return o(this,void 0,void 0,(function(){var t,n,o,i;return s(this,(function(s){switch(s.label){case 0:return[4,(0,a.getTokenForHeaderAuth)("access")];case 1:return t=s.sent(),[4,(0,a.getTokenForHeaderAuth)("refresh")];case 2:return n=s.sent(),o=e.headers.Authorization||e.headers.authorization,void 0===t||void 0===n||o!=="Bearer ".concat(t)&&!("__supertokensAddedAuthHeader"in e)?[2,e]:((0,l.logDebugMessage)("removeAuthHeaderIfMatchesLocalToken: Removing Authorization from user provided headers because it contains our access token"),delete(i=r(r({},e),{headers:r({},e.headers)})).headers.authorization,delete i.headers.Authorization,[2,i])}}))}))}t.default=f},600:function(e,t){var n=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},r=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};function o(e,t,n,r,o){return e.config=t,n&&(e.code=n),e.request=r,e.response=o,e.isAxiosError=!0,e.toJSON=function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:this.config,code:this.code}},e}Object.defineProperty(t,"__esModule",{value:!0}),t.createAxiosErrorFromAxiosResp=t.createAxiosErrorFromFetchResp=void 0,t.createAxiosErrorFromFetchResp=function(e){return n(this,void 0,void 0,(function(){var t,n,s,i;return r(this,(function(r){switch(r.label){case 0:if(t={url:e.url,headers:e.headers},null!==(n=e.headers.get("content-type")))return[3,5];r.label=1;case 1:return r.trys.push([1,3,,4]),[4,e.text()];case 2:return s=r.sent(),[3,4];case 3:return r.sent(),s="",[3,4];case 4:return[3,11];case 5:return n.includes("application/json")?[4,e.json()]:[3,7];case 6:return s=r.sent(),[3,11];case 7:return n.includes("text/")?[4,e.text()]:[3,9];case 8:return s=r.sent(),[3,11];case 9:return[4,e.blob()];case 10:s=r.sent(),r.label=11;case 11:return i={data:s,status:e.status,statusText:e.statusText,headers:e.headers,config:t,request:void 0},[2,o(new Error("Request failed with status code "+e.status),t,void 0,void 0,i)]}}))}))},t.createAxiosErrorFromAxiosResp=function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o(new Error("Request failed with status code "+e.status),e.config,void 0,e.request,e)]}))}))}},280:function(e,t,n){var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){void 0===r&&(r=n);var o=Object.getOwnPropertyDescriptor(t,n);o&&!("get"in o?!t.__esModule:o.writable||o.configurable)||(o={enumerable:!0,get:function(){return t[n]}}),Object.defineProperty(e,r,o)}:function(e,t,n,r){void 0===r&&(r=n),e[r]=t[n]}),o=this&&this.__exportStar||function(e,t){for(var n in e)"default"===n||Object.prototype.hasOwnProperty.call(t,n)||r(t,e,n)};Object.defineProperty(t,"__esModule",{value:!0}),o(n(569),t)},491:function(e,t,n){var r,o=this&&this.__extends||(r=function(e,t){return r=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},r(e,t)},function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}r(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}),s=this&&this.__assign||function(){return s=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},s.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.BooleanClaim=void 0;var i=function(e){function t(t){var n=e.call(this,t)||this;return n.validators=s(s({},n.validators),{isTrue:function(e){return n.validators.hasValue(!0,e)},isFalse:function(e){return n.validators.hasValue(!1,e)}}),n}return o(t,e),t}(n(911).PrimitiveClaim);t.BooleanClaim=i},748:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.PrimitiveArrayClaim=void 0;var s=n(671),i=function(){function e(e){var t=this;this.validators={includes:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:t.includes(e)?[2,{isValid:!0}]:[2,{isValid:!1,reason:{message:"wrong value",expectedToInclude:e,actualValue:t}}])}))}))}}},excludes:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToNotInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:t.includes(e)?[2,{isValid:!1,reason:{message:"wrong value",expectedToNotInclude:e,actualValue:t}}]:[2,{isValid:!0}])}))}))}}},includesAll:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.every((function(e){return u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToInclude:e,actualValue:t}}]))}))}))}}},includesAny:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.some((function(e){return u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToIncludeAtLeastOneOf:e,actualValue:t}}]))}))}))}}},excludesAll:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToNotInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.every((function(e){return!u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToNotInclude:e,actualValue:t}}]))}))}))}}}},this.id=e.id,this.refresh=e.refresh,this.defaultMaxAgeInSeconds=e.defaultMaxAgeInSeconds}return e.prototype.getValueFromPayload=function(e,t){return void 0!==e[this.id]?e[this.id].v:void 0},e.prototype.getLastFetchedTime=function(e,t){return void 0!==e[this.id]?e[this.id].t:void 0},e}();t.PrimitiveArrayClaim=i},911:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.PrimitiveClaim=void 0;var r=n(671),o=function(){function e(e){var t=this;this.validators={hasValue:function(e,n,o){void 0===n&&(n=t.defaultMaxAgeInSeconds);var s=r.default.getReferenceOrThrow().dateProvider;return{id:void 0!==o?o:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<s.now()-1e3*n},validate:function(r,o){var i=t.getValueFromPayload(r,o);if(void 0===i)return{isValid:!1,reason:{message:"value does not exist",expectedValue:e,actualValue:i}};var a=(s.now()-t.getLastFetchedTime(r,o))/1e3;return void 0!==n&&a>n?{isValid:!1,reason:{message:"expired",ageInSeconds:a,maxAgeInSeconds:n}}:i!==e?{isValid:!1,reason:{message:"wrong value",expectedValue:e,actualValue:i}}:{isValid:!0}}}}},this.id=e.id,this.refresh=e.refresh,this.defaultMaxAgeInSeconds=e.defaultMaxAgeInSeconds}return e.prototype.getValueFromPayload=function(e,t){return void 0!==e[this.id]?e[this.id].v:void 0},e.prototype.getLastFetchedTime=function(e,t){return void 0!==e[this.id]?e[this.id].t:void 0},e}();t.PrimitiveClaim=o},173:function(e,t){var n,r=this&&this.__extends||(n=function(e,t){return n=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},n(e,t)},function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}n(e,t),e.prototype=null===t?Object.create(t):(r.prototype=t.prototype,new r)});Object.defineProperty(t,"__esModule",{value:!0}),t.STGeneralError=void 0;var o=function(e){function t(t){var n=e.call(this,t)||this;return n.isSuperTokensGeneralError=!0,n}return r(t,e),t.isThisError=function(e){return!0===e.isSuperTokensGeneralError},t}(Error);t.STGeneralError=o},379:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.updateClientClockUsingFrontToken=t.fireSessionUpdateEventsIfNecessary=t.setFrontToken=t.getFrontToken=t.setAntiCSRF=t.saveLastAccessTokenUpdate=t.getTokenForHeaderAuth=t.setToken=t.getStorageNameForToken=t.getLocalSessionState=t.onInvalidClaimResponse=t.onTokenUpdate=t.onUnauthorisedResponse=t.FrontToken=t.AntiCsrfToken=void 0;var i=n(743),a=n(255),u=n(501),c=n(958),l=n(941),d=n(845),f=function(){function e(){}return e.getToken=function(t){return o(this,void 0,void 0,(function(){var n;return s(this,(function(r){switch(r.label){case 0:return(0,d.logDebugMessage)("AntiCsrfToken.getToken: called"),void 0===t?(e.tokenInfo=void 0,(0,d.logDebugMessage)("AntiCsrfToken.getToken: returning undefined"),[2,void 0]):void 0!==e.tokenInfo?[3,2]:[4,A()];case 1:return null===(n=r.sent())?((0,d.logDebugMessage)("AntiCsrfToken.getToken: returning undefined"),[2,void 0]):(e.tokenInfo={antiCsrf:n,associatedAccessTokenUpdate:t},[3,4]);case 2:return e.tokenInfo.associatedAccessTokenUpdate===t?[3,4]:(e.tokenInfo=void 0,[4,e.getToken(t)]);case 3:return[2,r.sent()];case 4:return(0,d.logDebugMessage)("AntiCsrfToken.getToken: returning: "+e.tokenInfo.antiCsrf),[2,e.tokenInfo.antiCsrf]}}))}))},e.removeToken=function(){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("AntiCsrfToken.removeToken: called"),e.tokenInfo=void 0,[4,C(void 0)];case 1:return t.sent(),[2]}}))}))},e.setItem=function(t,n){return o(this,void 0,void 0,(function(){return s(this,(function(r){switch(r.label){case 0:return void 0===t?(e.tokenInfo=void 0,[2]):((0,d.logDebugMessage)("AntiCsrfToken.setItem: called"),[4,C(n)]);case 1:return r.sent(),e.tokenInfo={antiCsrf:n,associatedAccessTokenUpdate:t},[2]}}))}))},e}();t.AntiCsrfToken=f;var g=function(){function e(){}return e.getTokenInfo=function(){return o(this,void 0,void 0,(function(){var t,n;return s(this,(function(r){switch(r.label){case 0:return(0,d.logDebugMessage)("FrontToken.getTokenInfo: called"),[4,P()];case 1:return null!==(t=r.sent())?[3,5]:[4,w(!1)];case 2:return"EXISTS"!==r.sent().status?[3,4]:[4,new Promise((function(t){e.waiters.push(t)}))];case 3:return r.sent(),[2,e.getTokenInfo()];case 4:return[2,void 0];case 5:return n=O(t),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning ate: "+n.ate),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning uid: "+n.uid),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning up: "+n.up),[2,n]}}))}))},e.removeToken=function(){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("FrontToken.removeToken: called"),[4,F(void 0)];case 1:return t.sent(),[4,T("access","")];case 2:return t.sent(),[4,T("refresh","")];case 3:return t.sent(),e.waiters.forEach((function(e){return e(void 0)})),e.waiters=[],[2]}}))}))},e.setItem=function(t){return o(this,void 0,void 0,(function(){return s(this,(function(n){switch(n.label){case 0:return[4,M()];case 1:return n.sent(),"remove"===t?[2,e.removeToken()]:((0,d.logDebugMessage)("FrontToken.setItem: called"),[4,F(t)]);case 2:return n.sent(),e.waiters.forEach((function(e){return e(void 0)})),e.waiters=[],[2]}}))}))},e.doesTokenExists=function(){return o(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,_()];case 1:return[2,null!==e.sent()]}}))}))},e.waiters=[],e}();t.FrontToken=g;var h=function(){function e(){}var a;return e.init=function(t,r){(0,d.logDebugMessage)("init: called"),(0,d.logDebugMessage)("init: Input apiBasePath: "+t.apiBasePath),(0,d.logDebugMessage)("init: Input apiDomain: "+t.apiDomain),(0,d.logDebugMessage)("init: Input autoAddCredentials: "+t.autoAddCredentials),(0,d.logDebugMessage)("init: Input sessionTokenBackendDomain: "+t.sessionTokenBackendDomain),(0,d.logDebugMessage)("init: Input isInIframe: "+t.isInIframe),(0,d.logDebugMessage)("init: Input sessionExpiredStatusCode: "+t.sessionExpiredStatusCode),(0,d.logDebugMessage)("init: Input sessionTokenFrontendDomain: "+t.sessionTokenFrontendDomain),(0,d.logDebugMessage)("init: Input tokenTransferMethod: "+t.tokenTransferMethod);var o=c.default.getReferenceOrThrow().windowHandler.getWindowUnsafe();e.env=void 0===o||void 0===o.fetch?n.g:o,e.refreshTokenUrl=t.apiDomain+t.apiBasePath+"/session/refresh",e.signOutUrl=t.apiDomain+t.apiBasePath+"/signout",e.rid="session",e.config=t,void 0===e.env.__supertokensOriginalFetch&&((0,d.logDebugMessage)("init: __supertokensOriginalFetch is undefined"),e.env.__supertokensOriginalFetch=e.env.fetch.bind(e.env),e.env.__supertokensSessionRecipe=r,e.env.fetch=e.env.__supertokensSessionRecipe.addFetchInterceptorsAndReturnModifiedFetch({originalFetch:e.env.__supertokensOriginalFetch,userContext:{}}),e.env.__supertokensSessionRecipe.addXMLHttpRequestInterceptor({userContext:{}})),e.recipeImpl=e.env.__supertokensSessionRecipe,e.initCalled=!0},a=e,e.initCalled=!1,e.doRequest=function(n,u,l){return o(void 0,void 0,void 0,(function(){var o,h,p,v,b,k,S,T,I,D,M,A,C,_,O,P;return s(a,(function(s){switch(s.label){case 0:if(!e.initCalled)throw Error("init function not called");(0,d.logDebugMessage)("doRequest: start of fetch interception"),o=!1;try{h=void 0,"string"==typeof l?h=l:"object"==typeof l&&("string"==typeof l.url?h=l.url:"string"==typeof l.href&&(h=l.href)),o=!e.recipeImpl.shouldDoInterceptionBasedOnUrl(h,e.config.apiDomain,e.config.sessionTokenBackendDomain)}catch(t){if("Please provide a valid domain name"!==t.message)throw t;(0,d.logDebugMessage)("doRequest: Trying shouldDoInterceptionBasedOnUrl with location.origin"),o=!e.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),e.config.apiDomain,e.config.sessionTokenBackendDomain)}return(0,d.logDebugMessage)("doRequest: Value of doNotDoInterception: "+o),o?((0,d.logDebugMessage)("doRequest: Returning without interception"),[4,n(u)]):[3,2];case 1:return[2,s.sent()];case 2:return(p=new Headers(void 0!==u&&void 0!==u.headers?u.headers:l.headers)).has("Authorization")?[4,R("access")]:[3,5];case 3:return v=s.sent(),[4,R("refresh")];case 4:b=s.sent(),void 0!==v&&void 0!==b&&p.get("Authorization")==="Bearer ".concat(v)&&((0,d.logDebugMessage)("doRequest: Removing Authorization from user provided headers because it contains our access token"),p.delete("Authorization")),s.label=5;case 5:(0,d.logDebugMessage)("doRequest: Interception started"),i.ProcessState.getInstance().addState(i.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),s.label=6;case 6:s.trys.push([6,,20,25]),k=void 0,s.label=7;case 7:return[4,w(!0)];case 8:return S=s.sent(),T=new Headers(p),I=r(r({},u),{headers:T}),"EXISTS"!==S.status?[3,10]:[4,f.getToken(S.lastAccessTokenUpdate)];case 9:void 0!==(D=s.sent())&&((0,d.logDebugMessage)("doRequest: Adding anti-csrf token to request"),T.set("anti-csrf",D)),s.label=10;case 10:return e.config.autoAddCredentials&&((0,d.logDebugMessage)("doRequest: Adding credentials include"),void 0===I?I={credentials:"include"}:void 0===I.credentials&&(I=r(r({},I),{credentials:"include"}))),T.has("rid")?(0,d.logDebugMessage)("doRequest: rid header was already there in request"):((0,d.logDebugMessage)("doRequest: Adding rid header: anti-csrf"),T.set("rid","anti-csrf")),M=e.config.tokenTransferMethod,(0,d.logDebugMessage)("doRequest: Adding st-auth-mode header: "+M),T.set("st-auth-mode",M),[4,E(T)];case 11:return s.sent(),(0,d.logDebugMessage)("doRequest: Making user's http call"),A=Date.now(),[4,n(I)];case 12:return C=s.sent(),_=Date.now(),(0,d.logDebugMessage)("doRequest: User's http call ended"),[4,x(C)];case 13:return s.sent(),O=C.headers.get("front-token"),(0,t.updateClientClockUsingFrontToken)({frontToken:O,roundTripTime:_-A}),H("EXISTS"===S.status,C.status,O),C.status!==e.config.sessionExpiredStatusCode?[3,15]:((0,d.logDebugMessage)("doRequest: Status code is: "+C.status),[4,m(S)]);case 14:return"RETRY"!==(P=s.sent()).result?((0,d.logDebugMessage)("doRequest: Not retrying original request"),k=void 0!==P.error?P.error:C,[3,19]):((0,d.logDebugMessage)("doRequest: Retrying original request"),[3,18]);case 15:return C.status!==e.config.invalidClaimStatusCode?[3,17]:[4,y(C)];case 16:s.sent(),s.label=17;case 17:return[2,C];case 18:return[3,7];case 19:return[2,k];case 20:return[4,w(!1)];case 21:return"NOT_EXISTS"!==s.sent().status?[3,24]:((0,d.logDebugMessage)("doRequest: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,f.removeToken()]);case 22:return s.sent(),[4,g.removeToken()];case 23:s.sent(),s.label=24;case 24:return[7];case 25:return[2]}}))}))},e.attemptRefreshingSession=function(){return o(void 0,void 0,void 0,(function(){var t;return s(a,(function(n){switch(n.label){case 0:if(!e.initCalled)throw Error("init function not called");return[4,w(!1)];case 1:return[4,m(n.sent())];case 2:if("API_ERROR"===(t=n.sent()).result)throw t.error;return[2,"RETRY"===t.result]}}))}))},e}();t.default=h;var p="st-last-access-token-update",v="sAntiCsrf",b="sFrontToken";function m(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,u,c,p,v,b;return s(this,(function(s){switch(s.label){case 0:return[4,l.default.getReferenceOrThrow().lockFactory()];case 1:t=s.sent(),s.label=2;case 2:return(0,d.logDebugMessage)("onUnauthorisedResponse: trying to acquire lock"),[4,t.acquireLock("REFRESH_TOKEN_USE",1e3)];case 3:if(!s.sent())return[3,22];(0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired"),s.label=4;case 4:return s.trys.push([4,14,16,22]),[4,w(!1)];case 5:return"NOT_EXISTS"===(n=s.sent()).status?((0,d.logDebugMessage)("onUnauthorisedResponse: Not refreshing because local session state is NOT_EXISTS"),h.config.onHandleEvent({action:"UNAUTHORISED",sessionExpiredOrRevoked:!1,userContext:{}}),[2,{result:"SESSION_EXPIRED"}]):n.status!==e.status||"EXISTS"===n.status&&"EXISTS"===e.status&&n.lastAccessTokenUpdate!==e.lastAccessTokenUpdate?((0,d.logDebugMessage)("onUnauthorisedResponse: Retrying early because pre and post lastAccessTokenUpdate don't match"),[2,{result:"RETRY"}]):(r=new Headers,"EXISTS"!==e.status?[3,7]:[4,f.getToken(e.lastAccessTokenUpdate)]);case 6:void 0!==(o=s.sent())&&((0,d.logDebugMessage)("onUnauthorisedResponse: Adding anti-csrf token to refresh API call"),r.set("anti-csrf",o)),s.label=7;case 7:return(0,d.logDebugMessage)("onUnauthorisedResponse: Adding rid and fdi-versions to refresh call header"),r.set("rid",h.rid),r.set("fdi-version",a.supported_fdi.join(",")),i=h.config.tokenTransferMethod,(0,d.logDebugMessage)("onUnauthorisedResponse: Adding st-auth-mode header: "+i),r.set("st-auth-mode",i),[4,E(r,!0)];case 8:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Calling refresh pre API hook"),[4,h.config.preAPIHook({action:"REFRESH_SESSION",requestInit:{method:"post",credentials:"include",headers:r},url:h.refreshTokenUrl,userContext:{}})];case 9:return u=s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Making refresh call"),[4,h.env.__supertokensOriginalFetch(u.url,u.requestInit)];case 10:return c=s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Refresh call ended"),[4,x(c)];case 11:if(s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Refresh status code is: "+c.status),(p=c.status===h.config.sessionExpiredStatusCode)&&null===c.headers.get("front-token")&&g.setItem("remove"),H("EXISTS"===e.status,c.status,p&&null===c.headers.get("front-token")?"remove":c.headers.get("front-token")),c.status>=300)throw c;return[4,h.config.postAPIHook({action:"REFRESH_SESSION",fetchResponse:c.clone(),requestInit:u.requestInit,url:u.url,userContext:{}})];case 12:return s.sent(),[4,w(!1)];case 13:return"NOT_EXISTS"===s.sent().status?((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so returning session expired"),[2,{result:"SESSION_EXPIRED"}]):(h.config.onHandleEvent({action:"REFRESH_SESSION",userContext:{}}),(0,d.logDebugMessage)("onUnauthorisedResponse: Sending RETRY signal"),[2,{result:"RETRY"}]);case 14:return v=s.sent(),[4,w(!1)];case 15:return"NOT_EXISTS"===s.sent().status?((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so returning session expired"),[2,{result:"SESSION_EXPIRED",error:v}]):((0,d.logDebugMessage)("onUnauthorisedResponse: sending API_ERROR"),[2,{result:"API_ERROR",error:v}]);case 16:return[4,t.releaseLock("REFRESH_TOKEN_USE")];case 17:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Released lock"),[4,w(!1)];case 18:return"NOT_EXISTS"!==s.sent().status?[3,21]:((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,f.removeToken()]);case 19:return s.sent(),[4,g.removeToken()];case 20:s.sent(),s.label=21;case 21:return[7];case 22:return[4,w(!1)];case 23:return"NOT_EXISTS"===(b=s.sent()).status?((0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired failed and local session doesn't exist, so sending SESSION_EXPIRED"),[2,{result:"SESSION_EXPIRED"}]):b.status!==e.status||"EXISTS"===b.status&&"EXISTS"===e.status&&b.lastAccessTokenUpdate!==e.lastAccessTokenUpdate?((0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired failed and retrying early because pre and post lastAccessTokenUpdate don't match"),[2,{result:"RETRY"}]):[3,2];case 24:return[2]}}))}))}function k(){(0,d.logDebugMessage)("onTokenUpdate: firing ACCESS_TOKEN_PAYLOAD_UPDATED event"),h.config.onHandleEvent({action:"ACCESS_TOKEN_PAYLOAD_UPDATED",userContext:{}})}function y(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,h.recipeImpl.getInvalidClaimsFromResponse({response:e,userContext:{}})];case 1:return(t=n.sent())&&h.config.onHandleEvent({action:"API_INVALID_CLAIM",claimValidationErrors:t,userContext:{}}),[3,3];case 2:return n.sent(),[3,3];case 3:return[2]}}))}))}function w(e){return o(this,void 0,void 0,(function(){var t,n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("getLocalSessionState: called"),[4,D(p)];case 1:return t=o.sent(),[4,g.doesTokenExists()];case 2:return o.sent()&&void 0!==t?((0,d.logDebugMessage)("getLocalSessionState: returning EXISTS since both frontToken and lastAccessTokenUpdate exists"),[2,{status:"EXISTS",lastAccessTokenUpdate:t}]):[3,3];case 3:return t?((0,d.logDebugMessage)("getLocalSessionState: returning NOT_EXISTS since frontToken was cleared but lastAccessTokenUpdate exists"),[2,{status:"NOT_EXISTS"}]):[3,4];case 4:return n={status:"MAY_EXIST"},e?((0,d.logDebugMessage)("getLocalSessionState: trying to refresh"),[4,m(n)]):[3,7];case 5:return"RETRY"!==(r=o.sent()).result?((0,d.logDebugMessage)("getLocalSessionState: return NOT_EXISTS in case error from backend"+r.result),[2,{status:"NOT_EXISTS"}]):((0,d.logDebugMessage)("getLocalSessionState: Retrying post refresh"),[4,w(e)]);case 6:return[2,o.sent()];case 7:return(0,d.logDebugMessage)("getLocalSessionState: returning: "+n.status),[2,n]}}))}))}function S(e){switch(e){case"access":return"st-access-token";case"refresh":return"st-refresh-token"}}function T(e,t){var n=S(e);return""!==t?((0,d.logDebugMessage)("setToken: saved ".concat(e," token into cookies")),I(n,t,Date.now()+31536e5)):((0,d.logDebugMessage)("setToken: cleared ".concat(e," token from cookies")),I(n,t,0))}function I(e,t,n){var r="Fri, 31 Dec 9999 23:59:59 GMT";n!==Number.MAX_SAFE_INTEGER&&(r=new Date(n).toUTCString());var o=h.config.sessionTokenFrontendDomain;return"localhost"===o||o===c.default.getReferenceOrThrow().windowHandler.location.getHostName()?u.default.getReferenceOrThrow().cookieHandler.setCookie("".concat(e,"=").concat(t,";expires=").concat(r,";path=/;samesite=").concat(h.config.isInIframe?"none;secure":"lax")):u.default.getReferenceOrThrow().cookieHandler.setCookie("".concat(e,"=").concat(t,";expires=").concat(r,";domain=").concat(o,";path=/;samesite=").concat(h.config.isInIframe?"none;secure":"lax"))}function R(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){return[2,D(S(e))]}))}))}function D(e){return o(this,void 0,void 0,(function(){var t,n,r,o;return s(this,(function(s){switch(s.label){case 0:return n="; ",[4,u.default.getReferenceOrThrow().cookieHandler.getCookie()];case 1:return t=n+s.sent(),(r=t.split("; "+e+"=")).length>=2&&void 0!==(o=r.pop())?[2,o.split(";").shift()]:[2,void 0]}}))}))}function E(e,t){return void 0===t&&(t=!1),o(this,void 0,void 0,(function(){var n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("setTokenHeaders: adding existing tokens as header"),[4,R("access")];case 1:return n=o.sent(),[4,R("refresh")];case 2:return r=o.sent(),!t&&void 0===n||void 0===r?(0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"):e.has("Authorization")?(0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):((0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.set("Authorization","Bearer ".concat(t?r:n))),[2]}}))}))}function x(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i;return s(this,(function(s){switch(s.label){case 0:return(0,d.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response headers"),null===(t=e.headers.get("st-refresh-token"))?[3,2]:((0,d.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,T("refresh",t)]);case 1:s.sent(),s.label=2;case 2:return null===(n=e.headers.get("st-access-token"))?[3,4]:((0,d.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,T("access",n)]);case 3:s.sent(),s.label=4;case 4:return null===(r=e.headers.get("front-token"))?[3,6]:((0,d.logDebugMessage)("saveTokensFromHeaders: Setting sFrontToken: "+r),[4,g.setItem(r)]);case 5:s.sent(),s.label=6;case 6:return null===(o=e.headers.get("anti-csrf"))?[3,9]:[4,w(!0)];case 7:return"EXISTS"!==(i=s.sent()).status?[3,9]:((0,d.logDebugMessage)("saveTokensFromHeaders: Setting anti-csrf token"),[4,f.setItem(i.lastAccessTokenUpdate,o)]);case 8:s.sent(),s.label=9;case 9:return[2]}}))}))}function M(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("saveLastAccessTokenUpdate: called"),e=Date.now().toString(),(0,d.logDebugMessage)("saveLastAccessTokenUpdate: setting "+e),[4,I(p,e,Number.MAX_SAFE_INTEGER)];case 1:return t.sent(),[4,I("sIRTFrontend","",0)];case 2:return t.sent(),[2]}}))}))}function A(){return o(this,void 0,void 0,(function(){function e(){return o(this,void 0,void 0,(function(){var e,t,n,r,o;return s(this,(function(s){switch(s.label){case 0:return t="; ",[4,u.default.getReferenceOrThrow().cookieHandler.getCookie()];case 1:return e=t+s.sent(),(n=e.split("; sAntiCsrf=")).length>=2&&void 0!==(r=n.pop())?void 0===(o=r.split(";").shift())?[2,null]:[2,o]:[2,null]}}))}))}var t;return s(this,(function(n){switch(n.label){case 0:return(0,d.logDebugMessage)("getAntiCSRFToken: called"),[4,w(!0)];case 1:return"EXISTS"!==n.sent().status?((0,d.logDebugMessage)("getAntiCSRFToken: Returning because local session state != EXISTS"),[2,null]):[4,e()];case 2:return t=n.sent(),(0,d.logDebugMessage)("getAntiCSRFToken: returning: "+t),[2,t]}}))}))}function C(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("setAntiCSRF: called: "+e),void 0===e?[3,2]:[4,I(v,e,Number.MAX_SAFE_INTEGER)];case 1:return t.sent(),[3,4];case 2:return[4,I(v,"",0)];case 3:t.sent(),t.label=4;case 4:return[2]}}))}))}function _(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("getFrontTokenFromCookie: called"),[4,D(b)];case 1:return[2,void 0===(e=t.sent())?null:e]}}))}))}function O(e){return JSON.parse(decodeURIComponent(escape(atob(e))))}function P(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("getFrontToken: called"),[4,w(!0)];case 1:return"EXISTS"!==t.sent().status?((0,d.logDebugMessage)("getFrontToken: Returning because sIRTFrontend != EXISTS"),[2,null]):[4,_()];case 2:return e=t.sent(),(0,d.logDebugMessage)("getFrontToken: returning: "+e),[2,e]}}))}))}function F(e){return o(this,void 0,void 0,(function(){var t,n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("setFrontToken: called"),[4,_()];case 1:return null!==(t=o.sent())&&void 0!==e&&(n=O(t).up,r=O(e).up,JSON.stringify(n)!==JSON.stringify(r)&&k()),void 0!==e?[3,3]:[4,I(b,"",0)];case 2:return o.sent(),[3,5];case 3:return[4,I(b,e,Number.MAX_SAFE_INTEGER)];case 4:o.sent(),o.label=5;case 5:return[2]}}))}))}function H(e,t,n){if(null!=n){var r="remove"!==n;(0,d.logDebugMessage)("fireSessionUpdateEventsIfNecessary wasLoggedIn: ".concat(e," frontTokenExistsAfter: ").concat(r," status: ").concat(t)),e?r||(t===h.config.sessionExpiredStatusCode?((0,d.logDebugMessage)("onUnauthorisedResponse: firing UNAUTHORISED event"),h.config.onHandleEvent({action:"UNAUTHORISED",sessionExpiredOrRevoked:!0,userContext:{}})):((0,d.logDebugMessage)("onUnauthorisedResponse: firing SIGN_OUT event"),h.config.onHandleEvent({action:"SIGN_OUT",userContext:{}}))):r&&((0,d.logDebugMessage)("onUnauthorisedResponse: firing SESSION_CREATED event"),h.config.onHandleEvent({action:"SESSION_CREATED",userContext:{}}))}else(0,d.logDebugMessage)("fireSessionUpdateEventsIfNecessary returning early because the front token was not updated")}t.onUnauthorisedResponse=m,t.onTokenUpdate=k,t.onInvalidClaimResponse=y,t.getLocalSessionState=w,t.getStorageNameForToken=S,t.setToken=T,t.getTokenForHeaderAuth=R,t.saveLastAccessTokenUpdate=M,t.setAntiCSRF=C,t.getFrontToken=P,t.setFrontToken=F,t.fireSessionUpdateEventsIfNecessary=H,t.updateClientClockUsingFrontToken=function(e){var t,n=e.frontToken,r=e.roundTripTime;if((0,d.logDebugMessage)("updateClientClockUsingFrontToken: frontToken: "+n+" roundTripTime: "+r),null!==n&&"remove"!==n){var o=null===(t=O(n).up)||void 0===t?void 0:t.iat;if(void 0!==o&&"number"==typeof o){var s=1e3*o+Math.floor(r/2)-Date.now();h.recipeImpl.updateClientClockDeviation(s),(0,d.logDebugMessage)("updateClientClockUsingFrontToken: Client clock synchronized successfully")}else(0,d.logDebugMessage)("updateClientClockUsingFrontToken: FrontToken iat is undefined or not a number, skipping update")}else(0,d.logDebugMessage)("updateClientClockUsingFrontToken: frontToken is either null or is being removed, skipping update")}},569:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.BooleanClaim=t.PrimitiveArrayClaim=t.PrimitiveClaim=t.getInvalidClaimsFromResponse=t.getClaimValue=t.validateClaims=t.signOut=t.addAxiosInterceptors=t.doesSessionExist=t.attemptRefreshingSession=t.getAccessToken=t.getAccessTokenPayloadSecurely=t.getUserId=t.init=void 0;var s=n(379),i=n(994),a=n(333),u=n(318),c=n(501),l=n(958),d=n(941),f=n(153),g=n(845),h=function(){function e(){}var t;return e.init=function(t){c.default.init(t.cookieHandler),l.default.init(t.windowHandler),d.default.init(t.lockFactory,l.default.getReferenceOrThrow().windowHandler.localStorage);var n=(0,u.validateAndNormaliseInputOrThrowError)(t);void 0!==t.enableDebugLogs&&t.enableDebugLogs&&(0,g.enableLogging)();var r=new a.default((0,i.default)({onHandleEvent:n.onHandleEvent,preAPIHook:n.preAPIHook,postAPIHook:n.postAPIHook,sessionExpiredStatusCode:n.sessionExpiredStatusCode})).override(n.override.functions).build();s.default.init(n,r),e.axiosInterceptorQueue.forEach((function(e){e()})),e.axiosInterceptorQueue=[]},e.getUserId=function(e){return s.default.recipeImpl.getUserId({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.getAccessTokenPayloadSecurely=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return[2,s.default.recipeImpl.getAccessTokenPayloadSecurely({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})]}))}))},t=e,e.axiosInterceptorQueue=[],e.attemptRefreshingSession=function(){return r(void 0,void 0,void 0,(function(){return o(t,(function(e){return[2,s.default.attemptRefreshingSession()]}))}))},e.doesSessionExist=function(e){return s.default.recipeImpl.doesSessionExist({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.addAxiosInterceptors=function(t,n){s.default.initCalled?s.default.recipeImpl.addAxiosInterceptors({axiosInstance:t,userContext:(0,u.getNormalisedUserContext)(n)}):e.axiosInterceptorQueue.push((function(){s.default.recipeImpl.addAxiosInterceptors({axiosInstance:t,userContext:(0,u.getNormalisedUserContext)(n)})}))},e.signOut=function(e){return s.default.recipeImpl.signOut({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.getInvalidClaimsFromResponse=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return[2,s.default.recipeImpl.getInvalidClaimsFromResponse({response:e.response,userContext:(0,u.getNormalisedUserContext)(e.userContext)})]}))}))},e.getClaimValue=function(t){return r(this,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return n=(0,u.getNormalisedUserContext)(void 0===t?void 0:t.userContext),[4,e.getAccessTokenPayloadSecurely({userContext:n})];case 1:return r=o.sent(),[2,t.claim.getValueFromPayload(r,n)]}}))}))},e.validateClaims=function(e,t){var n=(0,u.getNormalisedUserContext)(t),r=f.SessionClaimValidatorStore.getClaimValidatorsAddedByOtherRecipes(),o=s.default.recipeImpl.getGlobalClaimValidators({claimValidatorsAddedByOtherRecipes:r,userContext:n}),i=void 0!==e?e(o,n):o;return 0===i.length?[]:s.default.recipeImpl.validateClaims({claimValidators:i,userContext:(0,u.getNormalisedUserContext)(t)})},e.getAccessToken=function(e){return r(void 0,void 0,void 0,(function(){return o(t,(function(t){switch(t.label){case 0:return[4,s.default.recipeImpl.doesSessionExist({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})];case 1:return t.sent()?[2,(0,s.getTokenForHeaderAuth)("access")]:[2,void 0]}}))}))},e}();t.default=h,t.init=h.init,t.getUserId=h.getUserId,t.getAccessTokenPayloadSecurely=h.getAccessTokenPayloadSecurely,t.getAccessToken=h.getAccessToken,t.attemptRefreshingSession=h.attemptRefreshingSession,t.doesSessionExist=h.doesSessionExist,t.addAxiosInterceptors=h.addAxiosInterceptors,t.signOut=h.signOut,t.validateClaims=h.validateClaims,t.getClaimValue=h.getClaimValue,t.getInvalidClaimsFromResponse=h.getInvalidClaimsFromResponse;var p=n(911);Object.defineProperty(t,"PrimitiveClaim",{enumerable:!0,get:function(){return p.PrimitiveClaim}});var v=n(748);Object.defineProperty(t,"PrimitiveArrayClaim",{enumerable:!0,get:function(){return v.PrimitiveArrayClaim}});var b=n(491);Object.defineProperty(t,"BooleanClaim",{enumerable:!0,get:function(){return b.BooleanClaim}})},845:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.logDebugMessage=t.disableLogging=t.enableLogging=void 0;var r=n(255),o=!1;t.enableLogging=function(){o=!0},t.disableLogging=function(){o=!1},t.logDebugMessage=function(e){o&&console.log("".concat("com.supertokens",' {t: "').concat((new Date).toISOString(),'", message: "').concat(e,'", supertokens-website-ver: "').concat(r.package_version,'"}'))}},992:(e,t)=>{function n(e){return/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/.test(e)}Object.defineProperty(t,"__esModule",{value:!0}),t.isAnIpAddress=void 0,t.isAnIpAddress=n;function r(e,t){void 0===t&&(t=!1),e=e.trim();try{if(!e.startsWith("http://")&&!e.startsWith("https://"))throw new Error("converting to proper URL");var o=new URL(e);return t?o.hostname.startsWith("localhost")||n(o.hostname)?"http://"+o.host:"https://"+o.host:o.protocol+"//"+o.host}catch(e){}if(e.startsWith("/"))throw new Error("Please provide a valid domain name");if(0===e.indexOf(".")&&(e=e.substr(1)),(-1!==e.indexOf(".")||e.startsWith("localhost"))&&!e.startsWith("http://")&&!e.startsWith("https://")){e="https://"+e;try{return new URL(e),r(e,!0)}catch(e){}}throw new Error("Please provide a valid domain name")}t.default=function(e){var t=this;this.getAsStringDangerous=function(){return t.value},this.value=r(e)}},260:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});function n(e){e=e.trim();try{if(!e.startsWith("http://")&&!e.startsWith("https://"))throw new Error("converting to proper URL");return"/"===(e=new URL(e).pathname).charAt(e.length-1)?e.substr(0,e.length-1):e}catch(e){}if((function(e){if(-1===e.indexOf(".")||e.startsWith("/"))return!1;try{return-1!==new URL(e).hostname.indexOf(".")}catch(e){}try{return-1!==new URL("http://"+e).hostname.indexOf(".")}catch(e){}return!1}(e)||e.startsWith("localhost"))&&!e.startsWith("http://")&&!e.startsWith("https://"))return n(e="http://"+e);"/"!==e.charAt(0)&&(e="/"+e);try{return new URL("http://example.com"+e),n("http://example.com"+e)}catch(e){throw new Error("Please provide a valid URL path")}}t.default=function e(t){var r=this;this.startsWith=function(e){return r.value.startsWith(e.value)},this.appendPath=function(t){return new e(r.value+t.value)},this.getAsStringDangerous=function(){return r.value},this.value=n(t)}},743:function(e,t){var n,r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.ProcessState=t.PROCESS_STATE=void 0,(n=t.PROCESS_STATE||(t.PROCESS_STATE={}))[n.CALLING_INTERCEPTION_REQUEST=0]="CALLING_INTERCEPTION_REQUEST",n[n.CALLING_INTERCEPTION_RESPONSE=1]="CALLING_INTERCEPTION_RESPONSE";var s=function(){function e(){var e=this;this.history=[],this.addState=function(t){try{void 0!==process&&void 0!==process.env&&"testing"===process.env.TEST_MODE&&e.history.push(t)}catch(e){}},this.getEventByLastEventByName=function(t){for(var n=e.history.length-1;n>=0;n--)if(e.history[n]==t)return e.history[n]},this.reset=function(){e.history=[]},this.waitForEvent=function(t,n){return void 0===n&&(n=7e3),r(e,void 0,void 0,(function(){var e,r=this;return o(this,(function(o){return e=Date.now(),[2,new Promise((function(o){var s=r;!function r(){var i=s.getEventByLastEventByName(t);void 0===i?Date.now()-e>n?o(void 0):setTimeout(r,1e3):o(i)}()}))]}))}))}}return e.getInstance=function(){return null==e.instance&&(e.instance=new e),e.instance},e}();t.ProcessState=s},994:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0});var i=n(379),a=n(759),u=n(255),c=n(845),l=n(173),d=n(648),f=n(318),g=n(671);t.default=function(e){return{addXMLHttpRequestInterceptor:function(e){(0,c.logDebugMessage)("addXMLHttpRequestInterceptorAndReturnModified: called"),(0,d.addInterceptorsToXMLHttpRequest)()},addFetchInterceptorsAndReturnModifiedFetch:function(e){return(0,c.logDebugMessage)("addFetchInterceptorsAndReturnModifiedFetch: called"),function(t,n){return o(this,void 0,void 0,(function(){return s(this,(function(o){switch(o.label){case 0:return[4,i.default.doRequest((function(n){return e.originalFetch("object"==typeof t&&"clone"in t?t.clone():t,r({},n))}),n,t)];case 1:return[2,o.sent()]}}))}))}},addAxiosInterceptors:function(e){if((0,c.logDebugMessage)("addAxiosInterceptors: called"),XMLHttpRequest.__interceptedBySuperTokens)return console.warn("Not adding axios interceptor since XMLHttpRequest is already added. This is just a warning."),console.warn("Our axios and XMLHttpRequest interceptors cannot be used at the same time."),console.warn("Since XMLHttpRequest is added automatically and supports axios by default, you can just remove addAxiosInterceptors from your code."),console.warn("If you want to continue using our axios interceptor, you can override addXMLHttpRequestInterceptor with an empty function."),void(0,c.logDebugMessage)("addAxiosInterceptors: not adding, because XHR interceptors are already in place");for(var t=e.axiosInstance.interceptors.request,n=0;n<t.handlers.length;n++)if(t.handlers[n].fulfilled===a.interceptorFunctionRequestFulfilled)return void(0,c.logDebugMessage)("addAxiosInterceptors: not adding because already added on this instance");e.axiosInstance.interceptors.request.use(a.interceptorFunctionRequestFulfilled,(function(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){throw e}))}))})),e.axiosInstance.interceptors.response.use((0,a.responseInterceptor)(e.axiosInstance),(0,a.responseErrorInterceptor)(e.axiosInstance))},getUserId:function(e){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,c.logDebugMessage)("getUserId: called"),[4,i.FrontToken.getTokenInfo()];case 1:if(void 0===(e=t.sent()))throw new Error("No session exists");return(0,c.logDebugMessage)("getUserId: returning: "+e.uid),[2,e.uid]}}))}))},getAccessTokenPayloadSecurely:function(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return(0,c.logDebugMessage)("getAccessTokenPayloadSecurely: called"),[4,i.FrontToken.getTokenInfo()];case 1:if(void 0===(t=n.sent()))throw new Error("No session exists");return t.ate<Date.now()?((0,c.logDebugMessage)("getAccessTokenPayloadSecurely: access token expired. Refreshing session"),[4,i.default.attemptRefreshingSession()]):[3,5];case 2:return n.sent()?[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})]:[3,4];case 3:return[2,n.sent()];case 4:throw new Error("Could not refresh session");case 5:return(0,c.logDebugMessage)("getAccessTokenPayloadSecurely: returning: "+JSON.stringify(t.up)),[2,t.up]}}))}))},doesSessionExist:function(e){return o(this,void 0,void 0,(function(){var e,t;return s(this,(function(n){switch(n.label){case 0:return(0,c.logDebugMessage)("doesSessionExist: called"),[4,i.FrontToken.getTokenInfo()];case 1:return void 0===(e=n.sent())?((0,c.logDebugMessage)("doesSessionExist: access token does not exist locally"),[2,!1]):e.ate<Date.now()?((0,c.logDebugMessage)("doesSessionExist: access token expired. Refreshing session"),[4,(0,i.getLocalSessionState)(!1)]):[3,4];case 2:return t=n.sent(),[4,(0,i.onUnauthorisedResponse)(t)];case 3:return[2,"RETRY"===n.sent().result];case 4:return[2,!0]}}))}))},signOut:function(t){return o(this,void 0,void 0,(function(){var n,r,o,a;return s(this,(function(s){switch(s.label){case 0:return(0,c.logDebugMessage)("signOut: called"),[4,this.doesSessionExist(t)];case 1:return s.sent()?((0,c.logDebugMessage)("signOut: Calling refresh pre API hook"),[4,e.preAPIHook({action:"SIGN_OUT",requestInit:{method:"post",headers:{"fdi-version":u.supported_fdi.join(","),rid:i.default.rid}},url:i.default.signOutUrl,userContext:t.userContext})]):((0,c.logDebugMessage)("signOut: exiting early because session does not exist"),(0,c.logDebugMessage)("signOut: firing SIGN_OUT event"),e.onHandleEvent({action:"SIGN_OUT",userContext:t.userContext}),[2]);case 2:return n=s.sent(),(0,c.logDebugMessage)("signOut: Calling API"),[4,fetch(n.url,n.requestInit)];case 3:if(r=s.sent(),(0,c.logDebugMessage)("signOut: API ended"),(0,c.logDebugMessage)("signOut: API responded with status code: "+r.status),r.status===e.sessionExpiredStatusCode)return[2];if(r.status>=300)throw r;return[4,e.postAPIHook({action:"SIGN_OUT",requestInit:n.requestInit,url:n.url,fetchResponse:r.clone(),userContext:t.userContext})];case 4:return s.sent(),[4,r.clone().json()];case 5:if("GENERAL_ERROR"===(o=s.sent()).status)throw(0,c.logDebugMessage)("doRequest: Throwing general error"),a=void 0===o.message?"No Error Message Provided":o.message,new l.STGeneralError(a);return[2]}}))}))},getInvalidClaimsFromResponse:function(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return"body"in e.response?[4,e.response.clone().json()]:[3,2];case 1:return t=n.sent(),[3,3];case 2:t="string"==typeof e.response.data?JSON.parse(e.response.data):e.response.data,n.label=3;case 3:return[2,t.claimValidationErrors]}}))}))},getGlobalClaimValidators:function(e){return e.claimValidatorsAddedByOtherRecipes},validateClaims:function(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,a,u,c,l;return s(this,(function(s){switch(s.label){case 0:return[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})];case 1:t=s.sent(),n=0,r=e.claimValidators,s.label=2;case 2:return n<r.length?[4,(c=r[n]).shouldRefresh(t,e.userContext)]:[3,10];case 3:if(!s.sent())return[3,9];s.label=4;case 4:return s.trys.push([4,6,,7]),[4,c.refresh(e.userContext)];case 5:return s.sent(),[3,7];case 6:return o=s.sent(),console.error("Encountered an error while refreshing validator ".concat(c.id),o),[3,7];case 7:return[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})];case 8:t=s.sent(),s.label=9;case 9:return n++,[3,2];case 10:i=[],a=0,u=e.claimValidators,s.label=11;case 11:return a<u.length?[4,(c=u[a]).validate(t,e.userContext)]:[3,14];case 12:(l=s.sent()).isValid||i.push({validatorId:c.id,reason:l.reason}),s.label=13;case 13:return a++,[3,11];case 14:return[2,i]}}))}))},shouldDoInterceptionBasedOnUrl:function(e,t,n){if((0,c.logDebugMessage)("shouldDoInterceptionBasedOnUrl: toCheckUrl: "+e+" apiDomain: "+t+" sessionTokenBackendDomain: "+n),e.includes("superTokensDoNotDoInterception"))return!1;e=(0,f.normaliseURLDomainOrThrowError)(e);var r=new URL(e),o=r.hostname;if(void 0===n){o=""===r.port?o:o+":"+r.port,t=(0,f.normaliseURLDomainOrThrowError)(t);var s=new URL(t);return o===(""===s.port?s.hostname:s.hostname+":"+s.port)}var i,a=(0,f.normaliseSessionScopeOrThrowError)(n);if(n.split(":").length>1){var u=n.split(":")[n.split(":").length-1];"string"!=typeof(i=u)||isNaN(i)||isNaN(parseFloat(i))||(a+=":"+u,o=""===r.port?o:o+":"+r.port)}return n.startsWith(".")?("."+o).endsWith(a):o===a},updateClientClockDeviation:function(e){(0,c.logDebugMessage)("updateClientClockDeviation: clientClockDeviationInMillis: "+e),g.default.getReferenceOrThrow().dateProvider.setClientClockDeviationInMillis(e)}}}},272:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.defaultCookieHandlerImplementation=void 0;var s=n(958);t.defaultCookieHandlerImplementation={getCookie:function(){return r(this,void 0,void 0,(function(){return o(this,(function(e){return[2,s.default.getReferenceOrThrow().windowHandler.getWindowUnsafe().document.cookie]}))}))},setCookie:function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return s.default.getReferenceOrThrow().windowHandler.getWindowUnsafe().document.cookie=e,[2]}))}))}}},501:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.CookieHandlerReference=void 0;var r=n(272),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.cookieHandler=t(r.defaultCookieHandlerImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensCookieHandler must be initialized before calling this method.");return e.instance},e}();t.CookieHandlerReference=o,t.default=o},812:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.defaultDateProviderImplementation=void 0;var n=function(){function e(){this.clientClockDeviationInMillis=0}return e.prototype.setClientClockDeviationInMillis=function(e){this.clientClockDeviationInMillis=e},e.prototype.getClientClockDeviationInMills=function(){return this.clientClockDeviationInMillis},e.prototype.now=function(){return Date.now()+this.clientClockDeviationInMillis},e}();t.defaultDateProviderImplementation=new n},671:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DateProviderReference=void 0;var r=n(812),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.dateProvider=t(r.defaultDateProviderImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensDateProvider must be initialized before calling this method.");return e.instance},e}();t.DateProviderReference=o,t.default=o},318:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.getNormalisedUserContext=t.validateAndNormaliseInputOrThrowError=t.normaliseSessionScopeOrThrowError=t.normaliseURLPathOrThrowError=t.normaliseURLDomainOrThrowError=void 0;var i=n(992),a=n(260),u=n(958);function c(e){return new i.default(e).getAsStringDangerous()}function l(e){return new a.default(e).getAsStringDangerous()}function d(e){var t=function(e){(e=e.trim().toLowerCase()).startsWith(".")&&(e=e.substr(1)),e.startsWith("http://")||e.startsWith("https://")||(e="http://"+e);try{return(e=new URL(e).hostname).startsWith(".")&&(e=e.substr(1)),e}catch(e){throw new Error("Please provide a valid sessionTokenFrontendDomain")}}(e);return"localhost"===t||(0,i.isAnIpAddress)(t)?t:e.startsWith(".")?"."+t:t}t.normaliseURLDomainOrThrowError=c,t.normaliseURLPathOrThrowError=l,t.normaliseSessionScopeOrThrowError=d,t.validateAndNormaliseInputOrThrowError=function(e){var t=this,n=c(e.apiDomain),i=l("/auth");void 0!==e.apiBasePath&&(i=l(e.apiBasePath));var a=u.default.getReferenceOrThrow().windowHandler.location.getHostName(),f=d(void 0!==e&&void 0!==e.sessionTokenFrontendDomain?e.sessionTokenFrontendDomain:a),g=401;void 0!==e.sessionExpiredStatusCode&&(g=e.sessionExpiredStatusCode);var h=403;if(void 0!==e.invalidClaimStatusCode&&(h=e.invalidClaimStatusCode),g===h)throw new Error("sessionExpiredStatusCode and invalidClaimStatusCode cannot be the same.");var p=!0;void 0!==e.autoAddCredentials&&(p=e.autoAddCredentials);var v=!1;void 0!==e.isInIframe&&(v=e.isInIframe);var b=void 0;void 0!==e.sessionTokenBackendDomain&&(b=d(e.sessionTokenBackendDomain));var m=function(e){return o(t,void 0,void 0,(function(){return s(this,(function(t){return[2,{url:e.url,requestInit:e.requestInit}]}))}))};void 0!==e.preAPIHook&&(m=e.preAPIHook);var k=function(){return o(t,void 0,void 0,(function(){return s(this,(function(e){return[2]}))}))};void 0!==e.postAPIHook&&(k=e.postAPIHook);var y=function(){};void 0!==e.onHandleEvent&&(y=e.onHandleEvent);var w=r({functions:function(e){return e}},e.override);return{apiDomain:n,apiBasePath:i,sessionTokenFrontendDomain:f,sessionExpiredStatusCode:g,invalidClaimStatusCode:h,autoAddCredentials:p,isInIframe:v,tokenTransferMethod:void 0!==e.tokenTransferMethod?e.tokenTransferMethod:"cookie",sessionTokenBackendDomain:b,preAPIHook:m,postAPIHook:k,onHandleEvent:y,override:w}},t.getNormalisedUserContext=function(e){return void 0===e?{}:e}},941:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.LockFactoryReference=void 0;var r=n(895),o=function(){function e(e){this.lockFactory=e}return e.init=function(t,n){void 0===this.instance&&(this.instance=new e(null!=t?t:function(e){return function(){return Promise.resolve(new r.default(e))}}(n)))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensLockReference must be initialized before calling this method.");return e.instance},e}();t.LockFactoryReference=o,t.default=o},153:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.SessionClaimValidatorStore=void 0;var n=function(){function e(){}return e.claimValidatorsAddedByOtherRecipes=[],e.addClaimValidatorFromOtherRecipe=function(t){e.claimValidatorsAddedByOtherRecipes.push(t)},e.getClaimValidatorsAddedByOtherRecipes=function(){return e.claimValidatorsAddedByOtherRecipes},e}();t.SessionClaimValidatorStore=n,t.default=n},586:function(e,t){var n=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},r=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};function o(){if("undefined"==typeof window)throw Error("If you are using this package with server-side rendering, please make sure that you are checking if the window object is defined.");return window}Object.defineProperty(t,"__esModule",{value:!0}),t.defaultWindowHandlerImplementation=void 0;var s={key:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.key(e)]}))}))},clear:function(){return n(this,void 0,void 0,(function(){return r(this,(function(e){return[2,o().localStorage.clear()]}))}))},getItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.getItem(e)]}))}))},removeItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.removeItem(e)]}))}))},setItem:function(e,t){return n(this,void 0,void 0,(function(){return r(this,(function(n){return[2,o().localStorage.setItem(e,t)]}))}))},keySync:function(e){return o().localStorage.key(e)},clearSync:function(){return o().localStorage.clear()},getItemSync:function(e){return o().localStorage.getItem(e)},removeItemSync:function(e){return o().localStorage.removeItem(e)},setItemSync:function(e,t){return o().localStorage.setItem(e,t)}},i={key:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.key(e)]}))}))},clear:function(){return n(this,void 0,void 0,(function(){return r(this,(function(e){return[2,o().sessionStorage.clear()]}))}))},getItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.getItem(e)]}))}))},removeItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.removeItem(e)]}))}))},setItem:function(e,t){return n(this,void 0,void 0,(function(){return r(this,(function(n){return[2,o().sessionStorage.setItem(e,t)]}))}))},keySync:function(e){return o().sessionStorage.key(e)},clearSync:function(){return o().sessionStorage.clear()},getItemSync:function(e){return o().sessionStorage.getItem(e)},removeItemSync:function(e){return o().sessionStorage.removeItem(e)},setItemSync:function(e,t){return o().sessionStorage.setItem(e,t)}};t.defaultWindowHandlerImplementation={history:{replaceState:function(e,t,n){return o().history.replaceState(e,t,n)},getState:function(){return o().history.state}},location:{getHref:function(){return o().location.href},setHref:function(e){o().location.href=e},getSearch:function(){return o().location.search},getHash:function(){return o().location.hash},getPathName:function(){return o().location.pathname},assign:function(e){o().location.assign(e)},getHostName:function(){return o().location.hostname},getHost:function(){return o().location.host},getOrigin:function(){return o().location.origin}},getDocument:function(){return o().document},getWindowUnsafe:function(){return o().window},localStorage:s,sessionStorage:i}},958:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.WindowHandlerReference=void 0;var r=n(586),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.windowHandler=t(r.defaultWindowHandlerImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensWindowHandler must be initialized before calling this method.");return e.instance},e}();t.WindowHandlerReference=o,t.default=o},255:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.supported_fdi=t.package_version=void 0,t.package_version="17.0.5",t.supported_fdi=["1.16","1.17","1.18"]},648:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.addInterceptorsToXMLHttpRequest=void 0;var s=n(379),i=n(845),a=n(958),u=n(743),c=["readystatechange","abort","error","load","loadend","loadstart","progress","timeout"];function l(e){return r(this,void 0,void 0,(function(){var t,n,r,s,i;return o(this,(function(o){switch(o.label){case 0:if(t=e.headers.get("content-type"),n="",r="text",null!==t)return[3,5];o.label=1;case 1:return o.trys.push([1,3,,4]),[4,e.text()];case 2:return n=o.sent(),[3,4];case 3:return o.sent(),n="",[3,4];case 4:return[3,9];case 5:return t.includes("application/json")?(r="json",i=(s=JSON).stringify,[4,e.json()]):[3,7];case 6:return n=i.apply(s,[o.sent()]),[3,9];case 7:return t.includes("text/")?[4,e.text()]:[3,9];case 8:n=o.sent(),o.label=9;case 9:return[2,{status:e.status,responseText:n,statusText:e.statusText,responseType:r,headers:e.headers}]}}))}))}function d(e,t){return r(this,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: adding existing tokens as header"),[4,(0,s.getTokenForHeaderAuth)("access")];case 1:return n=o.sent(),[4,(0,s.getTokenForHeaderAuth)("refresh")];case 2:return r=o.sent(),void 0!==n&&void 0!==r?t.some((function(e){return"authorization"===e.name.toLowerCase()}))?(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):void 0!==n&&((0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.setRequestHeader("Authorization","Bearer ".concat(n))):(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"),[2]}}))}))}function f(e){return r(this,void 0,void 0,(function(){var t,n,r,a,u;return o(this,(function(o){switch(o.label){case 0:return(0,i.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response"),null===(t=e.get("st-refresh-token"))?[3,2]:((0,i.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,(0,s.setToken)("refresh",t)]);case 1:o.sent(),o.label=2;case 2:return null===(n=e.get("st-access-token"))?[3,4]:((0,i.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,(0,s.setToken)("access",n)]);case 3:o.sent(),o.label=4;case 4:return null===(r=e.get("front-token"))?[3,6]:((0,i.logDebugMessage)("saveTokensFromHeaders: Setting sFrontToken: "+r),[4,s.FrontToken.setItem(r)]);case 5:o.sent(),o.label=6;case 6:return null===(a=e.get("anti-csrf"))?[3,9]:[4,(0,s.getLocalSessionState)(!0)];case 7:return"EXISTS"!==(u=o.sent()).status?[3,9]:((0,i.logDebugMessage)("saveTokensFromHeaders: Setting anti-csrf token"),[4,s.AntiCsrfToken.setItem(u.lastAccessTokenUpdate,a)]);case 8:o.sent(),o.label=9;case 9:return[2]}}))}))}t.addInterceptorsToXMLHttpRequest=function(){var e=new Promise((function(e){return setTimeout(e,0)})),t=XMLHttpRequest;(0,i.logDebugMessage)("addInterceptorsToXMLHttpRequest called"),XMLHttpRequest=function(){var n=new t,g=e;function h(e){g=g.finally((function(){var t;return null===(t=e())||void 0===t?void 0:t.catch(console.error)}))}var p,v,b=this,m=[],k=[],y={},w=new Map,S="",T=!1,I=void 0;function R(e,t){var n=w.get(e);(0,i.logDebugMessage)("XHRInterceptor dispatching ".concat(t.type," to ").concat(n?n.size:0," listeners")),n&&Array.from(n).forEach((function(e){return e.apply(b,[t])}))}function D(){return r(this,void 0,void 0,(function(){var e,n;return o(this,(function(r){switch(r.label){case 0:if(void 0===I)throw new Error("Should never come here..");return(0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: preRequestLSS "+I.status),[4,(0,s.onUnauthorisedResponse)(I)];case 1:if("RETRY"!==(e=r.sent()).result){if((0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: Not retrying original request "+!!e.error),void 0!==e.error)throw e.error;return[2,!0]}return(0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: Retrying original request"),n=new t,M(b,n,!0),m.forEach((function(e){e(n)})),A(n,v),[2,!1]}}))}))}function E(e){return r(this,void 0,void 0,(function(){var t,n,r,a;return o(this,(function(o){switch(o.label){case 0:if(T)return(0,i.logDebugMessage)("XHRInterceptor.handleResponse: Returning without interception"),[2,!0];o.label=1;case 1:o.trys.push([1,14,,18]),o.label=2;case 2:return o.trys.push([2,,8,13]),(0,i.logDebugMessage)("XHRInterceptor.handleResponse: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_RESPONSE),t=e.status,n=function(e){return new Headers(e.getAllResponseHeaders().split("\r\n").map((function(e){var t=e.indexOf(": ");return-1===t?["",""]:[e.slice(0,t),e.slice(t+2)]})).filter((function(e){return 0!==e[0].length})))}(e),[4,f(n)];case 3:return o.sent(),(0,s.fireSessionUpdateEventsIfNecessary)("EXISTS"===I.status,t,n.get("front-token")),t!==s.default.config.sessionExpiredStatusCode?[3,5]:((0,i.logDebugMessage)("responseInterceptor: Status code is: "+t),[4,D()]);case 4:return[2,o.sent()];case 5:return t!==s.default.config.invalidClaimStatusCode?[3,7]:[4,(0,s.onInvalidClaimResponse)({data:JSON.parse(e.responseText)})];case 6:o.sent(),o.label=7;case 7:return[2,!0];case 8:return(0,i.logDebugMessage)("XHRInterceptor.handleResponse: doFinallyCheck running"),[4,(0,s.getLocalSessionState)(!1)];case 9:return"EXISTS"===o.sent().status?[3,12]:((0,i.logDebugMessage)("XHRInterceptor.handleResponse: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,s.AntiCsrfToken.removeToken()]);case 10:return o.sent(),[4,s.FrontToken.removeToken()];case 11:o.sent(),o.label=12;case 12:return[7];case 13:return[3,18];case 14:return r=o.sent(),(0,i.logDebugMessage)("XHRInterceptor.handleResponse: caught error"),void 0===r.status?[3,16]:[4,l(r)];case 15:if(a=o.sent(),y.status=a.status,y.statusText=a.statusText,y.responseType=a.responseType,p=a.headers,"json"===a.responseType)try{y.response=JSON.parse(a.responseText)}catch(e){y.response=a.responseText}else y.response=a.responseText;return y.responseText=a.responseText,[3,17];case 16:R("error",new Event("error")),o.label=17;case 17:return[2,!0];case 18:return[2]}}))}))}b.onload=null,b.onreadystatechange=null,b.onloadend=null,b.addEventListener=function(e,t,n){var r=w.get(e);void 0===r&&(r=new Set,w.set(e,r)),r.add(t)},b.removeEventListener=function(e,t){var n=w.get(e);void 0===n&&(n=new Set,w.set(e,n)),n.delete(t)},b.open=function(e,t){(0,i.logDebugMessage)("XHRInterceptor.open called");var r=arguments;S=t;try{T="string"==typeof S&&!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(S,s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)||"string"!=typeof S&&!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(S.toString(),s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,i.logDebugMessage)("XHRInterceptor.open: Trying shouldDoInterceptionBasedOnUrl with location.origin"),T=!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(a.default.getReferenceOrThrow().windowHandler.location.getOrigin(),s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)}h((function(){m.push((function(e){e.open.apply(e,r)})),n.open.apply(n,r)}))},b.send=function(e){A(n,v=e)},b.setRequestHeader=function(e,t){var a=this;(0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: Called with ".concat(e)),T?h((function(){return n.setRequestHeader(e,t)})):"anti-csrf"!==e&&h((function(){return r(a,void 0,void 0,(function(){var r,a;return o(this,(function(o){switch(o.label){case 0:return"authorization"!==e.toLowerCase()?[3,3]:((0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: checking if user provided auth header matches local token"),[4,(0,s.getTokenForHeaderAuth)("access")]);case 1:return r=o.sent(),[4,(0,s.getTokenForHeaderAuth)("refresh")];case 2:if(a=o.sent(),void 0!==r&&void 0!==a&&t==="Bearer ".concat(r))return(0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: skipping Authorization from user provided headers because it contains our access token"),[2];o.label=3;case 3:return m.push((function(n){n.setRequestHeader(e,t)})),k.push({name:e,value:t}),n.setRequestHeader(e,t),[2]}}))}))}))};var x=void 0;function M(e,n,r){var o,s=["load","loadend","readystatechange"];(0,i.logDebugMessage)("XHRInterceptor.setUpXHR called");for(var a=function(e){(0,i.logDebugMessage)("XHRInterceptor added listener for event ".concat(e)),n.addEventListener(e,(function(t){(0,i.logDebugMessage)("XHRInterceptor got event ".concat(e)),s.includes(e)||R(e,t)}))},u=0,l=c;u<l.length;u++)a(l[u]);if(n.onload=function(t){void 0===o&&(o=E(n)),o.then((function(n){n&&(e.onload&&e.onload(t),R("load",t))}))},n.onreadystatechange=function(r){n.readyState===t.DONE?(void 0===o&&(o=E(n)),o.then((function(t){t&&(e.onreadystatechange&&e.onreadystatechange(r),R("readystatechange",r))}))):(e.onreadystatechange&&e.onreadystatechange(r),R("readystatechange",r))},n.onloadend=function(t){void 0===o&&(o=E(n)),o.then((function(n){n&&(e.onloadend&&e.onloadend(t),R("loadend",t))}))},e.getAllResponseHeaders=function(){var e;return p?(e="",p.forEach((function(t,n){return e+="".concat(n,": ").concat(t,"\r\n")}))):e=n.getAllResponseHeaders(),e+"x-supertokens-xhr-intercepted: true\r\n"},e.getResponseHeader=function(e){return"x-supertokens-xhr-intercepted"===e?"true":p?p.get(e):n.getResponseHeader(e)},void 0===x)for(var d in x=[],n)d in e||x.push(d);for(var f=function(t){"function"==typeof n[t]?Object.defineProperty(e,t,{configurable:!0,value:function(){var e=arguments;return r||m.push((function(n){n[t].apply(n,e)})),n[t].apply(n,e)}}):Object.defineProperty(e,t,{configurable:!0,get:function(){return void 0!==y[t]?y[t]:n[t]},set:function(e){r||m.push((function(n){n[t]=e})),(0,i.logDebugMessage)("XHRInterceptor.set[".concat(t,"] = ").concat(e)),n[t]=e}})},g=0,h=x;g<h.length;g++)f(d=h[g])}function A(e,t){var n=this;if((0,i.logDebugMessage)("XHRInterceptor.send: called"),(0,i.logDebugMessage)("XHRInterceptor.send: Value of doNotDoInterception: "+T),T)return(0,i.logDebugMessage)("XHRInterceptor.send: Returning without interception"),void h((function(){return e.send(t)}));(0,i.logDebugMessage)("XHRInterceptor.send: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),h((function(){return r(n,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return[4,(0,s.getLocalSessionState)(!0)];case 1:return"EXISTS"!==(I=o.sent()).status?[3,3]:[4,s.AntiCsrfToken.getToken(I.lastAccessTokenUpdate)];case 2:void 0!==(n=o.sent())&&((0,i.logDebugMessage)("XHRInterceptor.send: Adding anti-csrf token to request"),e.setRequestHeader("anti-csrf",n)),o.label=3;case 3:return s.default.config.autoAddCredentials&&((0,i.logDebugMessage)("XHRInterceptor.send: Adding credentials include"),b.withCredentials=!0),k.some((function(e){return"rid"===e.name}))?(0,i.logDebugMessage)("XHRInterceptor.send: rid header was already there in request"):((0,i.logDebugMessage)("XHRInterceptor.send: Adding rid header: anti-csrf"),e.setRequestHeader("rid","anti-csrf")),r=s.default.config.tokenTransferMethod,k.some((function(e){return"st-auth-mode"===e.name}))?(0,i.logDebugMessage)("XHRInterceptor.send: st-auth-mode header was already there in request"):((0,i.logDebugMessage)("XHRInterceptor.send: Adding st-auth-mode header: "+r),e.setRequestHeader("st-auth-mode",r)),[4,d(e,k)];case 4:return o.sent(),(0,i.logDebugMessage)("XHRInterceptor.send: Making user's http call"),[2,e.send(t)]}}))}))}))}M(b,n,!1)},XMLHttpRequest.__interceptedBySuperTokens=!0,XMLHttpRequest.__original=t}},895:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){e.done?o(e.value):new n((function(t){t(e.value)})).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}},s=this;Object.defineProperty(t,"__esModule",{value:!0});var i=n(142),a="browser-tabs-lock-key",u={key:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},getItem:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},clear:function(){return r(s,void 0,void 0,(function(){return o(this,(function(e){return[2,window.localStorage.clear()]}))}))},removeItem:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},setItem:function(e,t){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},keySync:function(e){return window.localStorage.key(e)},getItemSync:function(e){return window.localStorage.getItem(e)},clearSync:function(){return window.localStorage.clear()},removeItemSync:function(e){return window.localStorage.removeItem(e)},setItemSync:function(e,t){return window.localStorage.setItem(e,t)}};function c(e){return new Promise((function(t){return setTimeout(t,e)}))}function l(e){for(var t="0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz",n="",r=0;r<e;r++)n+=t[Math.floor(Math.random()*t.length)];return n}var d=function(){function e(t){this.acquiredIatSet=new Set,this.storageHandler=void 0,this.id=Date.now().toString()+l(15),this.acquireLock=this.acquireLock.bind(this),this.releaseLock=this.releaseLock.bind(this),this.releaseLock__private__=this.releaseLock__private__.bind(this),this.waitForSomethingToChange=this.waitForSomethingToChange.bind(this),this.refreshLockWhileAcquired=this.refreshLockWhileAcquired.bind(this),this.storageHandler=t,void 0===e.waiters&&(e.waiters=[])}return e.prototype.acquireLock=function(t,n){return void 0===n&&(n=5e3),r(this,void 0,void 0,(function(){var r,s,i,d,f,g,h;return o(this,(function(o){switch(o.label){case 0:r=Date.now()+l(4),s=Date.now()+n,i=a+"-"+t,d=void 0===this.storageHandler?u:this.storageHandler,o.label=1;case 1:return Date.now()<s?[4,c(30)]:[3,8];case 2:return o.sent(),null!==d.getItemSync(i)?[3,5]:(f=this.id+"-"+t+"-"+r,[4,c(Math.floor(25*Math.random()))]);case 3:return o.sent(),d.setItemSync(i,JSON.stringify({id:this.id,iat:r,timeoutKey:f,timeAcquired:Date.now(),timeRefreshed:Date.now()})),[4,c(30)];case 4:return o.sent(),null!==(g=d.getItemSync(i))&&(h=JSON.parse(g)).id===this.id&&h.iat===r?(this.acquiredIatSet.add(r),this.refreshLockWhileAcquired(i,r),[2,!0]):[3,7];case 5:return e.lockCorrector(void 0===this.storageHandler?u:this.storageHandler),[4,this.waitForSomethingToChange(s)];case 6:o.sent(),o.label=7;case 7:return r=Date.now()+l(4),[3,1];case 8:return[2,!1]}}))}))},e.prototype.refreshLockWhileAcquired=function(e,t){return r(this,void 0,void 0,(function(){var n=this;return o(this,(function(s){return setTimeout((function(){return r(n,void 0,void 0,(function(){var n,r,s;return o(this,(function(o){switch(o.label){case 0:return[4,i.default().lock(t)];case 1:return o.sent(),this.acquiredIatSet.has(t)?(n=void 0===this.storageHandler?u:this.storageHandler,null===(r=n.getItemSync(e))?(i.default().unlock(t),[2]):((s=JSON.parse(r)).timeRefreshed=Date.now(),n.setItemSync(e,JSON.stringify(s)),i.default().unlock(t),this.refreshLockWhileAcquired(e,t),[2])):(i.default().unlock(t),[2])}}))}))}),1e3),[2]}))}))},e.prototype.waitForSomethingToChange=function(t){return r(this,void 0,void 0,(function(){return o(this,(function(n){switch(n.label){case 0:return[4,new Promise((function(n){var r=!1,o=Date.now(),s=!1;function i(){if(s||(window.removeEventListener("storage",i),e.removeFromWaiting(i),clearTimeout(a),s=!0),!r){r=!0;var t=50-(Date.now()-o);t>0?setTimeout(n,t):n(null)}}window.addEventListener("storage",i),e.addToWaiting(i);var a=setTimeout(i,Math.max(0,t-Date.now()))}))];case 1:return n.sent(),[2]}}))}))},e.addToWaiting=function(t){this.removeFromWaiting(t),void 0!==e.waiters&&e.waiters.push(t)},e.removeFromWaiting=function(t){void 0!==e.waiters&&(e.waiters=e.waiters.filter((function(e){return e!==t})))},e.notifyWaiters=function(){void 0!==e.waiters&&e.waiters.slice().forEach((function(e){return e()}))},e.prototype.releaseLock=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){switch(t.label){case 0:return[4,this.releaseLock__private__(e)];case 1:return[2,t.sent()]}}))}))},e.prototype.releaseLock__private__=function(t){return r(this,void 0,void 0,(function(){var n,r,s,c;return o(this,(function(o){switch(o.label){case 0:return n=void 0===this.storageHandler?u:this.storageHandler,r=a+"-"+t,null===(s=n.getItemSync(r))?[2]:(c=JSON.parse(s)).id!==this.id?[3,2]:[4,i.default().lock(c.iat)];case 1:o.sent(),this.acquiredIatSet.delete(c.iat),n.removeItemSync(r),i.default().unlock(c.iat),e.notifyWaiters(),o.label=2;case 2:return[2]}}))}))},e.lockCorrector=function(t){for(var n=Date.now()-5e3,r=t,o=[],s=0;;){var i=r.keySync(s);if(null===i)break;o.push(i),s++}for(var u=!1,c=0;c<o.length;c++){var l=o[c];if(l.includes(a)){var d=r.getItemSync(l);if(null!==d){var f=JSON.parse(d);(void 0===f.timeRefreshed&&f.timeAcquired<n||void 0!==f.timeRefreshed&&f.timeRefreshed<n)&&(r.removeItemSync(l),u=!0)}}}u&&e.notifyWaiters()},e.waiters=void 0,e}();t.default=d},142:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});var n=function(){function e(){var e=this;this.locked=new Map,this.addToLocked=function(t,n){var r=e.locked.get(t);void 0===r?void 0===n?e.locked.set(t,[]):e.locked.set(t,[n]):void 0!==n&&(r.unshift(n),e.locked.set(t,r))},this.isLocked=function(t){return e.locked.has(t)},this.lock=function(t){return new Promise((function(n,r){e.isLocked(t)?e.addToLocked(t,n):(e.addToLocked(t),n())}))},this.unlock=function(t){var n=e.locked.get(t);if(void 0!==n&&0!==n.length){var r=n.pop();e.locked.set(t,n),void 0!==r&&setTimeout(r,0)}else e.locked.delete(t)}}return e.getInstance=function(){return void 0===e.instance&&(e.instance=new e),e.instance},e}();t.default=function(){return n.getInstance()}},225:function(e,t){var n=this&&this.__assign||function(){return n=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},n.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.getProxyObject=void 0,t.getProxyObject=function(e){for(var t=n(n({},e),{_call:function(e,t){throw new Error("This function should only be called through the recipe object")}}),r=function(e){"_call"!==e&&(t[e]=function(){for(var t=[],n=0;n<arguments.length;n++)t[n]=arguments[n];return this._call(e,t)})},o=0,s=Object.keys(t);o<s.length;o++)r(s[o]);return t}},333:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OverrideableBuilder=void 0;var r=n(225),o=function(){function e(e){this.layers=[e],this.proxies=[]}return e.prototype.override=function(e){for(var t=(0,r.getProxyObject)(this.layers[0]),n=e(t,this),o=0,s=Object.keys(this.layers[0]);o<s.length;o++){var i=s[o];n[i]===t[i]||"_call"===i?delete n[i]:void 0===n[i]&&(n[i]=null)}return this.layers.push(n),this.proxies.push(t),this},e.prototype.build=function(){var e=this;if(this.result)return this.result;this.result={};for(var t=0,n=this.layers;t<n.length;t++)for(var r=n[t],o=0,s=Object.keys(r);o<s.length;o++){var i=s[o],a=r[i];void 0!==a&&(this.result[i]=null===a?void 0:"function"==typeof a?a.bind(this.result):a)}for(var u=function(t){c.proxies[t]._call=function(n,r){for(var o=t;o>=0;--o){var s=e.layers[o][n];if(null!=s)return s.bind(e.result).apply(void 0,r)}}},c=this,l=0;l<this.proxies.length;++l)u(l);return this.result},e}();t.OverrideableBuilder=o,t.default=o}},t={};function n(r){var o=t[r];if(void 0!==o)return o.exports;var s=t[r]={exports:{}};return e[r].call(s.exports,s,s.exports,n),s.exports}n.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}();var r=n(280);supertokens=r})();
\ No newline at end of file
+var supertokens;(()=>{"use strict";var e={759:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.responseErrorInterceptor=t.responseInterceptor=t.interceptorFunctionRequestFulfilled=void 0;var i=n(600),a=n(379),u=n(743),c=n(958),l=n(845);function d(e){var t=void 0===e.url?"":e.url,n=e.baseURL;return void 0!==n&&(t="/"===t.charAt(0)&&"/"===n.charAt(n.length-1)?n+t.substr(1):"/"!==t.charAt(0)&&"/"!==n.charAt(n.length-1)?n+"/"+t:n+t),t}t.interceptorFunctionRequestFulfilled=function(e){return o(this,void 0,void 0,(function(){var t,n,o,i,f,h;return s(this,(function(s){switch(s.label){case 0:(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: started axios interception"),t=d(e),n=!1;try{n="string"==typeof t&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(t,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Trying shouldDoInterceptionBasedOnUrl with location.origin"),n=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)}return(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Value of doNotDoInterception: "+n),n?((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Returning config unchanged"),[2,e]):((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Modifying config"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),[4,(0,a.getLocalSessionState)(!0)]);case 1:return o=s.sent(),i=e,"EXISTS"!==o.status?[3,3]:[4,a.AntiCsrfToken.getToken(o.lastAccessTokenUpdate)];case 2:void 0!==(f=s.sent())&&((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding anti-csrf token to request"),i=r(r({},i),{headers:void 0===i?{"anti-csrf":f}:r(r({},i.headers),{"anti-csrf":f})})),s.label=3;case 3:return a.default.config.autoAddCredentials&&void 0===i.withCredentials&&((0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding credentials include"),i=r(r({},i),{withCredentials:!0})),(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding rid header: anti-csrf (it may be overriden by the user's provided rid)"),i=r(r({},i),{headers:void 0===i?{rid:"anti-csrf"}:r({rid:"anti-csrf"},i.headers)}),h=a.default.config.tokenTransferMethod,(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: Adding st-auth-mode header: "+h),i.headers["st-auth-mode"]=h,[4,p(i)];case 4:return[4,g(i=s.sent())];case 5:return s.sent(),(0,l.logDebugMessage)("interceptorFunctionRequestFulfilled: returning modified config"),[2,i]}}))}))},t.responseInterceptor=function(e){var t=this;return function(n){return o(t,void 0,void 0,(function(){var t,r,o,i,g,p,v;return s(this,(function(s){switch(s.label){case 0:t=!1,s.label=1;case 1:if(s.trys.push([1,,8,14]),!a.default.initCalled)throw new Error("init function not called");(0,l.logDebugMessage)("responseInterceptor: started"),(0,l.logDebugMessage)("responseInterceptor: already intercepted: "+n.headers["x-supertokens-xhr-intercepted"]),r=d(n.config);try{t="string"==typeof r&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(r,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)||!!n.headers["x-supertokens-xhr-intercepted"]}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("responseInterceptor: Trying shouldDoInterceptionBasedOnUrl with location.origin"),t=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)||!!n.headers["x-supertokens-xhr-intercepted"]}return(0,l.logDebugMessage)("responseInterceptor: Value of doNotDoInterception: "+t),t?((0,l.logDebugMessage)("responseInterceptor: Returning without interception"),[2,n]):((0,l.logDebugMessage)("responseInterceptor: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_RESPONSE),[4,(0,a.getLocalSessionState)(!1)]);case 2:return o=s.sent(),[4,h(n)];case 3:return s.sent(),i=n.headers["front-token"],g=new Headers,Object.entries(n.headers).forEach((function(e){var t=e[0],n=e[1];Array.isArray(n)?n.forEach((function(e){return g.append(t,e)})):g.append(t,n)})),(0,a.updateClockSkewUsingFrontToken)({frontToken:i,responseHeaders:g}),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===o.status,n.status,n.headers["front-token"]),n.status!==a.default.config.sessionExpiredStatusCode?[3,4]:((0,l.logDebugMessage)("responseInterceptor: Status code is: "+n.status),p=n.config,[2,f.doRequest((function(t){return e(t)}),p,r,n,void 0,!0)]);case 4:return n.status!==a.default.config.invalidClaimStatusCode?[3,6]:[4,(0,a.onInvalidClaimResponse)(n)];case 5:s.sent(),s.label=6;case 6:return[2,n];case 7:return[3,14];case 8:return(v=!t)?[4,(0,a.getLocalSessionState)(!0)]:[3,10];case 9:v=!("EXISTS"===s.sent().status),s.label=10;case 10:return v?((0,l.logDebugMessage)("responseInterceptor: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,a.AntiCsrfToken.removeToken()]):[3,13];case 11:return s.sent(),[4,a.FrontToken.removeToken()];case 12:s.sent(),s.label=13;case 13:return[7];case 14:return[2]}}))}))}},t.responseErrorInterceptor=function(e){var t=this;return function(n){return o(t,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:if((0,l.logDebugMessage)("responseErrorInterceptor: called"),(0,l.logDebugMessage)("responseErrorInterceptor: already intercepted: "+(n.response&&n.response.headers["x-supertokens-xhr-intercepted"])),n.response.headers["x-supertokens-xhr-intercepted"])throw n;return void 0===n.response||n.response.status!==a.default.config.sessionExpiredStatusCode?[3,1]:((0,l.logDebugMessage)("responseErrorInterceptor: Status code is: "+n.response.status),t=n.config,[2,f.doRequest((function(t){return e(t)}),t,d(t),void 0,n,!0)]);case 1:return void 0===n.response||n.response.status!==a.default.config.invalidClaimStatusCode?[3,3]:[4,(0,a.onInvalidClaimResponse)(n.response)];case 2:r.sent(),r.label=3;case 3:throw n}}))}))}};var f=function(){function e(){}var t;return t=e,e.doRequest=function(e,n,u,d,f,v){return void 0===v&&(v=!1),o(void 0,void 0,void 0,(function(){var o,b,m,k,w,y,S,T,I,R,D,E,M,x;return s(t,(function(t){switch(t.label){case 0:if(!a.default.initCalled)throw Error("init function not called");(0,l.logDebugMessage)("doRequest: called"),o=!1;try{o="string"==typeof u&&!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(u,a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)&&v}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,l.logDebugMessage)("doRequest: Trying shouldDoInterceptionBasedOnUrl with location.origin"),o=!a.default.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),a.default.config.apiDomain,a.default.config.sessionTokenBackendDomain)&&v}if((0,l.logDebugMessage)("doRequest: Value of doNotDoInterception: "+o),!o)return[3,2];if((0,l.logDebugMessage)("doRequest: Returning without interception"),void 0!==f)throw f;return void 0!==d?[2,d]:[4,e(n)];case 1:return[2,t.sent()];case 2:return(0,l.logDebugMessage)("doRequest: Interception started"),[4,p(n)];case 3:n=t.sent(),t.label=4;case 4:t.trys.push([4,,40,45]),b=void 0,t.label=5;case 5:return[4,(0,a.getLocalSessionState)(!0)];case 6:return m=t.sent(),k=n,"EXISTS"!==m.status?[3,8]:[4,a.AntiCsrfToken.getToken(m.lastAccessTokenUpdate)];case 7:void 0!==(w=t.sent())&&((0,l.logDebugMessage)("doRequest: Adding anti-csrf token to request"),k=r(r({},k),{headers:void 0===k?{"anti-csrf":w}:r(r({},k.headers),{"anti-csrf":w})})),t.label=8;case 8:return a.default.config.autoAddCredentials&&void 0===k.withCredentials&&((0,l.logDebugMessage)("doRequest: Adding credentials include"),k=r(r({},k),{withCredentials:!0})),(0,l.logDebugMessage)("doRequest: Adding rid header: anti-csrf (May get overriden by user's rid)"),k=r(r({},k),{headers:void 0===k?{rid:"anti-csrf"}:r({rid:"anti-csrf"},k.headers)}),y=a.default.config.tokenTransferMethod,(0,l.logDebugMessage)("doRequest: Adding st-auth-mode header: "+y),k.headers["st-auth-mode"]=y,[4,g(k)];case 9:t.sent(),t.label=10;case 10:if(t.trys.push([10,25,,38]),S=f,T=d,f=void 0,d=void 0,void 0!==S)throw(0,l.logDebugMessage)("doRequest: Not making call because localPrevError is not undefined"),S;return void 0!==T?(0,l.logDebugMessage)("doRequest: Not making call because localPrevResponse is not undefined"):(0,l.logDebugMessage)("doRequest: Making user's http call"),void 0!==T?[3,12]:[4,e(k)];case 11:return I=t.sent(),[3,13];case 12:I=T,t.label=13;case 13:return E=I,(0,l.logDebugMessage)("doRequest: User's http call ended"),[4,h(E)];case 14:return t.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===m.status,E.status,E.headers["front-token"]),E.status!==a.default.config.sessionExpiredStatusCode?[3,21]:((0,l.logDebugMessage)("doRequest: Status code is: "+E.status),[4,(0,a.onUnauthorisedResponse)(m)]);case 15:return"RETRY"===(M=t.sent()).result?[3,20]:((0,l.logDebugMessage)("doRequest: Not retrying original request"),M.error?[4,(0,i.createAxiosErrorFromFetchResp)(M.error)]:[3,17]);case 16:return R=t.sent(),[3,19];case 17:return[4,(0,i.createAxiosErrorFromAxiosResp)(E)];case 18:R=t.sent(),t.label=19;case 19:return b=R,[3,39];case 20:return(0,l.logDebugMessage)("doRequest: Retrying original request"),[3,24];case 21:return E.status!==a.default.config.invalidClaimStatusCode?[3,23]:[4,(0,a.onInvalidClaimResponse)(E)];case 22:t.sent(),t.label=23;case 23:return[2,E];case 24:return[3,38];case 25:return D=t.sent(),void 0===(E=D.response)?[3,36]:[4,h(E)];case 26:return t.sent(),(0,a.fireSessionUpdateEventsIfNecessary)("EXISTS"===m.status,E.status,E.headers["front-token"]),E.status!==a.default.config.sessionExpiredStatusCode?[3,32]:((0,l.logDebugMessage)("doRequest: Status code is: "+E.status),[4,(0,a.onUnauthorisedResponse)(m)]);case 27:return"RETRY"===(M=t.sent()).result?[3,31]:((0,l.logDebugMessage)("doRequest: Not retrying original request"),void 0===M.error?[3,29]:[4,(0,i.createAxiosErrorFromFetchResp)(M.error)]);case 28:return x=t.sent(),[3,30];case 29:x=D,t.label=30;case 30:return b=x,[3,39];case 31:return(0,l.logDebugMessage)("doRequest: Retrying original request"),[3,35];case 32:return E.status!==a.default.config.invalidClaimStatusCode?[3,34]:[4,(0,a.onInvalidClaimResponse)(E)];case 33:t.sent(),t.label=34;case 34:throw D;case 35:return[3,37];case 36:throw D;case 37:return[3,38];case 38:return[3,5];case 39:throw b;case 40:return[4,(0,a.getLocalSessionState)(!1)];case 41:return"NOT_EXISTS"!==t.sent().status?[3,44]:((0,l.logDebugMessage)("doRequest: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,a.AntiCsrfToken.removeToken()]);case 42:return t.sent(),[4,a.FrontToken.removeToken()];case 43:t.sent(),t.label=44;case 44:return[7];case 45:return[2]}}))}))},e}();function g(e){return o(this,void 0,void 0,(function(){var t,n;return s(this,(function(o){switch(o.label){case 0:return void 0===e.headers&&(e.headers={}),(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: adding existing tokens as header"),[4,(0,a.getTokenForHeaderAuth)("access")];case 1:return t=o.sent(),[4,(0,a.getTokenForHeaderAuth)("refresh")];case 2:return n=o.sent(),void 0!==t&&void 0!==n?void 0!==e.headers.Authorization||void 0!==e.headers.authorization?(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):((0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.headers=r(r({},e.headers),{Authorization:"Bearer ".concat(t)}),e.__supertokensAddedAuthHeader=!0):(0,l.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"),[2]}}))}))}function h(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i;return s(this,(function(s){switch(s.label){case 0:return(0,l.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response"),void 0===(t=e.headers["st-refresh-token"])?[3,2]:((0,l.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,(0,a.setToken)("refresh",t)]);case 1:s.sent(),s.label=2;case 2:return void 0===(n=e.headers["st-access-token"])?[3,4]:((0,l.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,(0,a.setToken)("access",n)]);case 3:s.sent(),s.label=4;case 4:return void 0===(r=e.headers["front-token"])?[3,6]:((0,l.logDebugMessage)("doRequest: Setting sFrontToken: "+r),[4,a.FrontToken.setItem(r)]);case 5:s.sent(),s.label=6;case 6:return void 0===(o=e.headers["anti-csrf"])?[3,9]:[4,(0,a.getLocalSessionState)(!0)];case 7:return"EXISTS"!==(i=s.sent()).status?[3,9]:((0,l.logDebugMessage)("doRequest: Setting anti-csrf token"),[4,a.AntiCsrfToken.setItem(i.lastAccessTokenUpdate,o)]);case 8:s.sent(),s.label=9;case 9:return[2]}}))}))}function p(e){return o(this,void 0,void 0,(function(){var t,n,o,i;return s(this,(function(s){switch(s.label){case 0:return[4,(0,a.getTokenForHeaderAuth)("access")];case 1:return t=s.sent(),[4,(0,a.getTokenForHeaderAuth)("refresh")];case 2:return n=s.sent(),o=e.headers.Authorization||e.headers.authorization,void 0===t||void 0===n||o!=="Bearer ".concat(t)&&!("__supertokensAddedAuthHeader"in e)?[2,e]:((0,l.logDebugMessage)("removeAuthHeaderIfMatchesLocalToken: Removing Authorization from user provided headers because it contains our access token"),delete(i=r(r({},e),{headers:r({},e.headers)})).headers.authorization,delete i.headers.Authorization,[2,i])}}))}))}t.default=f},600:function(e,t){var n=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},r=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};function o(e,t,n,r,o){return e.config=t,n&&(e.code=n),e.request=r,e.response=o,e.isAxiosError=!0,e.toJSON=function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:this.config,code:this.code}},e}Object.defineProperty(t,"__esModule",{value:!0}),t.createAxiosErrorFromAxiosResp=t.createAxiosErrorFromFetchResp=void 0,t.createAxiosErrorFromFetchResp=function(e){return n(this,void 0,void 0,(function(){var t,n,s,i;return r(this,(function(r){switch(r.label){case 0:if(t={url:e.url,headers:e.headers},null!==(n=e.headers.get("content-type")))return[3,5];r.label=1;case 1:return r.trys.push([1,3,,4]),[4,e.text()];case 2:return s=r.sent(),[3,4];case 3:return r.sent(),s="",[3,4];case 4:return[3,11];case 5:return n.includes("application/json")?[4,e.json()]:[3,7];case 6:return s=r.sent(),[3,11];case 7:return n.includes("text/")?[4,e.text()]:[3,9];case 8:return s=r.sent(),[3,11];case 9:return[4,e.blob()];case 10:s=r.sent(),r.label=11;case 11:return i={data:s,status:e.status,statusText:e.statusText,headers:e.headers,config:t,request:void 0},[2,o(new Error("Request failed with status code "+e.status),t,void 0,void 0,i)]}}))}))},t.createAxiosErrorFromAxiosResp=function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o(new Error("Request failed with status code "+e.status),e.config,void 0,e.request,e)]}))}))}},280:function(e,t,n){var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){void 0===r&&(r=n);var o=Object.getOwnPropertyDescriptor(t,n);o&&!("get"in o?!t.__esModule:o.writable||o.configurable)||(o={enumerable:!0,get:function(){return t[n]}}),Object.defineProperty(e,r,o)}:function(e,t,n,r){void 0===r&&(r=n),e[r]=t[n]}),o=this&&this.__exportStar||function(e,t){for(var n in e)"default"===n||Object.prototype.hasOwnProperty.call(t,n)||r(t,e,n)};Object.defineProperty(t,"__esModule",{value:!0}),o(n(569),t)},491:function(e,t,n){var r,o=this&&this.__extends||(r=function(e,t){return r=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},r(e,t)},function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}r(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}),s=this&&this.__assign||function(){return s=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},s.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.BooleanClaim=void 0;var i=function(e){function t(t){var n=e.call(this,t)||this;return n.validators=s(s({},n.validators),{isTrue:function(e){return n.validators.hasValue(!0,e)},isFalse:function(e){return n.validators.hasValue(!1,e)}}),n}return o(t,e),t}(n(911).PrimitiveClaim);t.BooleanClaim=i},748:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.PrimitiveArrayClaim=void 0;var s=n(671),i=function(){function e(e){var t=this;this.validators={includes:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:t.includes(e)?[2,{isValid:!0}]:[2,{isValid:!1,reason:{message:"wrong value",expectedToInclude:e,actualValue:t}}])}))}))}}},excludes:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToNotInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:t.includes(e)?[2,{isValid:!1,reason:{message:"wrong value",expectedToNotInclude:e,actualValue:t}}]:[2,{isValid:!0}])}))}))}}},includesAll:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.every((function(e){return u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToInclude:e,actualValue:t}}]))}))}))}}},includesAny:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.some((function(e){return u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToIncludeAtLeastOneOf:e,actualValue:t}}]))}))}))}}},excludesAll:function(e,n,i){void 0===n&&(n=t.defaultMaxAgeInSeconds);var a=s.default.getReferenceOrThrow().dateProvider;return{id:void 0!==i?i:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<a.now()-1e3*n},validate:function(s,i){return r(t,void 0,void 0,(function(){var t,r,u,c;return o(this,(function(o){return void 0===(t=this.getValueFromPayload(s,i))?[2,{isValid:!1,reason:{message:"value does not exist",expectedToNotInclude:e,actualValue:t}}]:(r=(a.now()-this.getLastFetchedTime(s,i))/1e3,void 0!==n&&r>n?[2,{isValid:!1,reason:{message:"expired",ageInSeconds:r,maxAgeInSeconds:n}}]:(u=new Set(t),[2,(c=e.every((function(e){return!u.has(e)})))?{isValid:c}:{isValid:c,reason:{message:"wrong value",expectedToNotInclude:e,actualValue:t}}]))}))}))}}}},this.id=e.id,this.refresh=e.refresh,this.defaultMaxAgeInSeconds=e.defaultMaxAgeInSeconds}return e.prototype.getValueFromPayload=function(e,t){return void 0!==e[this.id]?e[this.id].v:void 0},e.prototype.getLastFetchedTime=function(e,t){return void 0!==e[this.id]?e[this.id].t:void 0},e}();t.PrimitiveArrayClaim=i},911:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.PrimitiveClaim=void 0;var r=n(671),o=function(){function e(e){var t=this;this.validators={hasValue:function(e,n,o){void 0===n&&(n=t.defaultMaxAgeInSeconds);var s=r.default.getReferenceOrThrow().dateProvider;return{id:void 0!==o?o:t.id,refresh:function(e){return t.refresh(e)},shouldRefresh:function(e,r){return void 0===t.getValueFromPayload(e,r)||void 0!==n&&e[t.id].t<s.now()-1e3*n},validate:function(r,o){var i=t.getValueFromPayload(r,o);if(void 0===i)return{isValid:!1,reason:{message:"value does not exist",expectedValue:e,actualValue:i}};var a=(s.now()-t.getLastFetchedTime(r,o))/1e3;return void 0!==n&&a>n?{isValid:!1,reason:{message:"expired",ageInSeconds:a,maxAgeInSeconds:n}}:i!==e?{isValid:!1,reason:{message:"wrong value",expectedValue:e,actualValue:i}}:{isValid:!0}}}}},this.id=e.id,this.refresh=e.refresh,this.defaultMaxAgeInSeconds=e.defaultMaxAgeInSeconds}return e.prototype.getValueFromPayload=function(e,t){return void 0!==e[this.id]?e[this.id].v:void 0},e.prototype.getLastFetchedTime=function(e,t){return void 0!==e[this.id]?e[this.id].t:void 0},e}();t.PrimitiveClaim=o},173:function(e,t){var n,r=this&&this.__extends||(n=function(e,t){return n=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},n(e,t)},function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}n(e,t),e.prototype=null===t?Object.create(t):(r.prototype=t.prototype,new r)});Object.defineProperty(t,"__esModule",{value:!0}),t.STGeneralError=void 0;var o=function(e){function t(t){var n=e.call(this,t)||this;return n.isSuperTokensGeneralError=!0,n}return r(t,e),t.isThisError=function(e){return!0===e.isSuperTokensGeneralError},t}(Error);t.STGeneralError=o},379:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.updateClockSkewUsingFrontToken=t.fireSessionUpdateEventsIfNecessary=t.setFrontToken=t.getFrontToken=t.setAntiCSRF=t.saveLastAccessTokenUpdate=t.getTokenForHeaderAuth=t.setToken=t.getStorageNameForToken=t.getLocalSessionState=t.onInvalidClaimResponse=t.onTokenUpdate=t.onUnauthorisedResponse=t.FrontToken=t.AntiCsrfToken=void 0;var i=n(743),a=n(255),u=n(501),c=n(958),l=n(941),d=n(845),f=n(671),g=function(){function e(){}return e.getToken=function(t){return o(this,void 0,void 0,(function(){var n;return s(this,(function(r){switch(r.label){case 0:return(0,d.logDebugMessage)("AntiCsrfToken.getToken: called"),void 0===t?(e.tokenInfo=void 0,(0,d.logDebugMessage)("AntiCsrfToken.getToken: returning undefined"),[2,void 0]):void 0!==e.tokenInfo?[3,2]:[4,_()];case 1:return null===(n=r.sent())?((0,d.logDebugMessage)("AntiCsrfToken.getToken: returning undefined"),[2,void 0]):(e.tokenInfo={antiCsrf:n,associatedAccessTokenUpdate:t},[3,4]);case 2:return e.tokenInfo.associatedAccessTokenUpdate===t?[3,4]:(e.tokenInfo=void 0,[4,e.getToken(t)]);case 3:return[2,r.sent()];case 4:return(0,d.logDebugMessage)("AntiCsrfToken.getToken: returning: "+e.tokenInfo.antiCsrf),[2,e.tokenInfo.antiCsrf]}}))}))},e.removeToken=function(){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("AntiCsrfToken.removeToken: called"),e.tokenInfo=void 0,[4,C(void 0)];case 1:return t.sent(),[2]}}))}))},e.setItem=function(t,n){return o(this,void 0,void 0,(function(){return s(this,(function(r){switch(r.label){case 0:return void 0===t?(e.tokenInfo=void 0,[2]):((0,d.logDebugMessage)("AntiCsrfToken.setItem: called"),[4,C(n)]);case 1:return r.sent(),e.tokenInfo={antiCsrf:n,associatedAccessTokenUpdate:t},[2]}}))}))},e}();t.AntiCsrfToken=g;var h=function(){function e(){}return e.getTokenInfo=function(){return o(this,void 0,void 0,(function(){var t,n;return s(this,(function(r){switch(r.label){case 0:return(0,d.logDebugMessage)("FrontToken.getTokenInfo: called"),[4,H()];case 1:return null!==(t=r.sent())?[3,5]:[4,S(!1)];case 2:return"EXISTS"!==r.sent().status?[3,4]:[4,new Promise((function(t){e.waiters.push(t)}))];case 3:return r.sent(),[2,e.getTokenInfo()];case 4:return[2,void 0];case 5:return n=P(t),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning ate: "+n.ate),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning uid: "+n.uid),(0,d.logDebugMessage)("FrontToken.getTokenInfo: returning up: "+n.up),[2,n]}}))}))},e.removeToken=function(){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("FrontToken.removeToken: called"),[4,F(void 0)];case 1:return t.sent(),[4,I("access","")];case 2:return t.sent(),[4,I("refresh","")];case 3:return t.sent(),e.waiters.forEach((function(e){return e(void 0)})),e.waiters=[],[2]}}))}))},e.setItem=function(t){return o(this,void 0,void 0,(function(){return s(this,(function(n){switch(n.label){case 0:return[4,A()];case 1:return n.sent(),"remove"===t?[2,e.removeToken()]:((0,d.logDebugMessage)("FrontToken.setItem: called"),[4,F(t)]);case 2:return n.sent(),e.waiters.forEach((function(e){return e(void 0)})),e.waiters=[],[2]}}))}))},e.doesTokenExists=function(){return o(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,O()];case 1:return[2,null!==e.sent()]}}))}))},e.waiters=[],e}();t.FrontToken=h;var p=function(){function e(){}var a;return e.init=function(t,r){(0,d.logDebugMessage)("init: called"),(0,d.logDebugMessage)("init: Input apiBasePath: "+t.apiBasePath),(0,d.logDebugMessage)("init: Input apiDomain: "+t.apiDomain),(0,d.logDebugMessage)("init: Input autoAddCredentials: "+t.autoAddCredentials),(0,d.logDebugMessage)("init: Input sessionTokenBackendDomain: "+t.sessionTokenBackendDomain),(0,d.logDebugMessage)("init: Input isInIframe: "+t.isInIframe),(0,d.logDebugMessage)("init: Input sessionExpiredStatusCode: "+t.sessionExpiredStatusCode),(0,d.logDebugMessage)("init: Input sessionTokenFrontendDomain: "+t.sessionTokenFrontendDomain),(0,d.logDebugMessage)("init: Input tokenTransferMethod: "+t.tokenTransferMethod);var o=c.default.getReferenceOrThrow().windowHandler.getWindowUnsafe();e.env=void 0===o||void 0===o.fetch?n.g:o,e.refreshTokenUrl=t.apiDomain+t.apiBasePath+"/session/refresh",e.signOutUrl=t.apiDomain+t.apiBasePath+"/signout",e.rid="session",e.config=t,void 0===e.env.__supertokensOriginalFetch&&((0,d.logDebugMessage)("init: __supertokensOriginalFetch is undefined"),e.env.__supertokensOriginalFetch=e.env.fetch.bind(e.env),e.env.__supertokensSessionRecipe=r,e.env.fetch=e.env.__supertokensSessionRecipe.addFetchInterceptorsAndReturnModifiedFetch({originalFetch:e.env.__supertokensOriginalFetch,userContext:{}}),e.env.__supertokensSessionRecipe.addXMLHttpRequestInterceptor({userContext:{}})),e.recipeImpl=e.env.__supertokensSessionRecipe,e.initCalled=!0},a=e,e.initCalled=!1,e.doRequest=function(n,u,l){return o(void 0,void 0,void 0,(function(){var o,f,p,v,b,m,w,T,I,R,E,A,_,C;return s(a,(function(s){switch(s.label){case 0:if(!e.initCalled)throw Error("init function not called");(0,d.logDebugMessage)("doRequest: start of fetch interception"),o=!1;try{f=void 0,"string"==typeof l?f=l:"object"==typeof l&&("string"==typeof l.url?f=l.url:"string"==typeof l.href&&(f=l.href)),o=!e.recipeImpl.shouldDoInterceptionBasedOnUrl(f,e.config.apiDomain,e.config.sessionTokenBackendDomain)}catch(t){if("Please provide a valid domain name"!==t.message)throw t;(0,d.logDebugMessage)("doRequest: Trying shouldDoInterceptionBasedOnUrl with location.origin"),o=!e.recipeImpl.shouldDoInterceptionBasedOnUrl(c.default.getReferenceOrThrow().windowHandler.location.getOrigin(),e.config.apiDomain,e.config.sessionTokenBackendDomain)}return(0,d.logDebugMessage)("doRequest: Value of doNotDoInterception: "+o),o?((0,d.logDebugMessage)("doRequest: Returning without interception"),[4,n(u)]):[3,2];case 1:return[2,s.sent()];case 2:return(p=new Headers(void 0!==u&&void 0!==u.headers?u.headers:l.headers)).has("Authorization")?[4,D("access")]:[3,5];case 3:return v=s.sent(),[4,D("refresh")];case 4:b=s.sent(),void 0!==v&&void 0!==b&&p.get("Authorization")==="Bearer ".concat(v)&&((0,d.logDebugMessage)("doRequest: Removing Authorization from user provided headers because it contains our access token"),p.delete("Authorization")),s.label=5;case 5:(0,d.logDebugMessage)("doRequest: Interception started"),i.ProcessState.getInstance().addState(i.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),s.label=6;case 6:s.trys.push([6,,20,25]),m=void 0,s.label=7;case 7:return[4,S(!0)];case 8:return w=s.sent(),T=new Headers(p),I=r(r({},u),{headers:T}),"EXISTS"!==w.status?[3,10]:[4,g.getToken(w.lastAccessTokenUpdate)];case 9:void 0!==(R=s.sent())&&((0,d.logDebugMessage)("doRequest: Adding anti-csrf token to request"),T.set("anti-csrf",R)),s.label=10;case 10:return e.config.autoAddCredentials&&((0,d.logDebugMessage)("doRequest: Adding credentials include"),void 0===I?I={credentials:"include"}:void 0===I.credentials&&(I=r(r({},I),{credentials:"include"}))),T.has("rid")?(0,d.logDebugMessage)("doRequest: rid header was already there in request"):((0,d.logDebugMessage)("doRequest: Adding rid header: anti-csrf"),T.set("rid","anti-csrf")),E=e.config.tokenTransferMethod,(0,d.logDebugMessage)("doRequest: Adding st-auth-mode header: "+E),T.set("st-auth-mode",E),[4,M(T)];case 11:return s.sent(),(0,d.logDebugMessage)("doRequest: Making user's http call"),[4,n(I)];case 12:return A=s.sent(),(0,d.logDebugMessage)("doRequest: User's http call ended"),[4,x(A)];case 13:return s.sent(),_=A.headers.get("front-token"),(0,t.updateClockSkewUsingFrontToken)({frontToken:_,responseHeaders:A.headers}),U("EXISTS"===w.status,A.status,_),A.status!==e.config.sessionExpiredStatusCode?[3,15]:((0,d.logDebugMessage)("doRequest: Status code is: "+A.status),[4,k(w)]);case 14:return"RETRY"!==(C=s.sent()).result?((0,d.logDebugMessage)("doRequest: Not retrying original request"),m=void 0!==C.error?C.error:A,[3,19]):((0,d.logDebugMessage)("doRequest: Retrying original request"),[3,18]);case 15:return A.status!==e.config.invalidClaimStatusCode?[3,17]:[4,y(A)];case 16:s.sent(),s.label=17;case 17:return[2,A];case 18:return[3,7];case 19:return[2,m];case 20:return[4,S(!1)];case 21:return"NOT_EXISTS"!==s.sent().status?[3,24]:((0,d.logDebugMessage)("doRequest: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,g.removeToken()]);case 22:return s.sent(),[4,h.removeToken()];case 23:s.sent(),s.label=24;case 24:return[7];case 25:return[2]}}))}))},e.attemptRefreshingSession=function(){return o(void 0,void 0,void 0,(function(){var t;return s(a,(function(n){switch(n.label){case 0:if(!e.initCalled)throw Error("init function not called");return[4,S(!1)];case 1:return[4,k(n.sent())];case 2:if("API_ERROR"===(t=n.sent()).result)throw t.error;return[2,"RETRY"===t.result]}}))}))},e}();t.default=p;var v="st-last-access-token-update",b="sAntiCsrf",m="sFrontToken";function k(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,u,c,f,v,b;return s(this,(function(s){switch(s.label){case 0:return[4,l.default.getReferenceOrThrow().lockFactory()];case 1:t=s.sent(),s.label=2;case 2:return(0,d.logDebugMessage)("onUnauthorisedResponse: trying to acquire lock"),[4,t.acquireLock("REFRESH_TOKEN_USE",1e3)];case 3:if(!s.sent())return[3,22];(0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired"),s.label=4;case 4:return s.trys.push([4,14,16,22]),[4,S(!1)];case 5:return"NOT_EXISTS"===(n=s.sent()).status?((0,d.logDebugMessage)("onUnauthorisedResponse: Not refreshing because local session state is NOT_EXISTS"),p.config.onHandleEvent({action:"UNAUTHORISED",sessionExpiredOrRevoked:!1,userContext:{}}),[2,{result:"SESSION_EXPIRED"}]):n.status!==e.status||"EXISTS"===n.status&&"EXISTS"===e.status&&n.lastAccessTokenUpdate!==e.lastAccessTokenUpdate?((0,d.logDebugMessage)("onUnauthorisedResponse: Retrying early because pre and post lastAccessTokenUpdate don't match"),[2,{result:"RETRY"}]):(r=new Headers,"EXISTS"!==e.status?[3,7]:[4,g.getToken(e.lastAccessTokenUpdate)]);case 6:void 0!==(o=s.sent())&&((0,d.logDebugMessage)("onUnauthorisedResponse: Adding anti-csrf token to refresh API call"),r.set("anti-csrf",o)),s.label=7;case 7:return(0,d.logDebugMessage)("onUnauthorisedResponse: Adding rid and fdi-versions to refresh call header"),r.set("rid",p.rid),r.set("fdi-version",a.supported_fdi.join(",")),i=p.config.tokenTransferMethod,(0,d.logDebugMessage)("onUnauthorisedResponse: Adding st-auth-mode header: "+i),r.set("st-auth-mode",i),[4,M(r,!0)];case 8:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Calling refresh pre API hook"),[4,p.config.preAPIHook({action:"REFRESH_SESSION",requestInit:{method:"post",credentials:"include",headers:r},url:p.refreshTokenUrl,userContext:{}})];case 9:return u=s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Making refresh call"),[4,p.env.__supertokensOriginalFetch(u.url,u.requestInit)];case 10:return c=s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Refresh call ended"),[4,x(c)];case 11:if(s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Refresh status code is: "+c.status),(f=c.status===p.config.sessionExpiredStatusCode)&&null===c.headers.get("front-token")&&h.setItem("remove"),U("EXISTS"===e.status,c.status,f&&null===c.headers.get("front-token")?"remove":c.headers.get("front-token")),c.status>=300)throw c;return[4,p.config.postAPIHook({action:"REFRESH_SESSION",fetchResponse:c.clone(),requestInit:u.requestInit,url:u.url,userContext:{}})];case 12:return s.sent(),[4,S(!1)];case 13:return"NOT_EXISTS"===s.sent().status?((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so returning session expired"),[2,{result:"SESSION_EXPIRED"}]):(p.config.onHandleEvent({action:"REFRESH_SESSION",userContext:{}}),(0,d.logDebugMessage)("onUnauthorisedResponse: Sending RETRY signal"),[2,{result:"RETRY"}]);case 14:return v=s.sent(),[4,S(!1)];case 15:return"NOT_EXISTS"===s.sent().status?((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so returning session expired"),[2,{result:"SESSION_EXPIRED",error:v}]):((0,d.logDebugMessage)("onUnauthorisedResponse: sending API_ERROR"),[2,{result:"API_ERROR",error:v}]);case 16:return[4,t.releaseLock("REFRESH_TOKEN_USE")];case 17:return s.sent(),(0,d.logDebugMessage)("onUnauthorisedResponse: Released lock"),[4,S(!1)];case 18:return"NOT_EXISTS"!==s.sent().status?[3,21]:((0,d.logDebugMessage)("onUnauthorisedResponse: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,g.removeToken()]);case 19:return s.sent(),[4,h.removeToken()];case 20:s.sent(),s.label=21;case 21:return[7];case 22:return[4,S(!1)];case 23:return"NOT_EXISTS"===(b=s.sent()).status?((0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired failed and local session doesn't exist, so sending SESSION_EXPIRED"),[2,{result:"SESSION_EXPIRED"}]):b.status!==e.status||"EXISTS"===b.status&&"EXISTS"===e.status&&b.lastAccessTokenUpdate!==e.lastAccessTokenUpdate?((0,d.logDebugMessage)("onUnauthorisedResponse: lock acquired failed and retrying early because pre and post lastAccessTokenUpdate don't match"),[2,{result:"RETRY"}]):[3,2];case 24:return[2]}}))}))}function w(){(0,d.logDebugMessage)("onTokenUpdate: firing ACCESS_TOKEN_PAYLOAD_UPDATED event"),p.config.onHandleEvent({action:"ACCESS_TOKEN_PAYLOAD_UPDATED",userContext:{}})}function y(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,p.recipeImpl.getInvalidClaimsFromResponse({response:e,userContext:{}})];case 1:return(t=n.sent())&&p.config.onHandleEvent({action:"API_INVALID_CLAIM",claimValidationErrors:t,userContext:{}}),[3,3];case 2:return n.sent(),[3,3];case 3:return[2]}}))}))}function S(e){return o(this,void 0,void 0,(function(){var t,n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("getLocalSessionState: called"),[4,E(v)];case 1:return t=o.sent(),[4,h.doesTokenExists()];case 2:return o.sent()&&void 0!==t?((0,d.logDebugMessage)("getLocalSessionState: returning EXISTS since both frontToken and lastAccessTokenUpdate exists"),[2,{status:"EXISTS",lastAccessTokenUpdate:t}]):[3,3];case 3:return t?((0,d.logDebugMessage)("getLocalSessionState: returning NOT_EXISTS since frontToken was cleared but lastAccessTokenUpdate exists"),[2,{status:"NOT_EXISTS"}]):[3,4];case 4:return n={status:"MAY_EXIST"},e?((0,d.logDebugMessage)("getLocalSessionState: trying to refresh"),[4,k(n)]):[3,7];case 5:return"RETRY"!==(r=o.sent()).result?((0,d.logDebugMessage)("getLocalSessionState: return NOT_EXISTS in case error from backend"+r.result),[2,{status:"NOT_EXISTS"}]):((0,d.logDebugMessage)("getLocalSessionState: Retrying post refresh"),[4,S(e)]);case 6:return[2,o.sent()];case 7:return(0,d.logDebugMessage)("getLocalSessionState: returning: "+n.status),[2,n]}}))}))}function T(e){switch(e){case"access":return"st-access-token";case"refresh":return"st-refresh-token"}}function I(e,t){var n=T(e);return""!==t?((0,d.logDebugMessage)("setToken: saved ".concat(e," token into cookies")),R(n,t,Date.now()+31536e5)):((0,d.logDebugMessage)("setToken: cleared ".concat(e," token from cookies")),R(n,t,0))}function R(e,t,n){var r="Fri, 31 Dec 9999 23:59:59 GMT";n!==Number.MAX_SAFE_INTEGER&&(r=new Date(n).toUTCString());var o=p.config.sessionTokenFrontendDomain;return"localhost"===o||o===c.default.getReferenceOrThrow().windowHandler.location.getHostName()?u.default.getReferenceOrThrow().cookieHandler.setCookie("".concat(e,"=").concat(t,";expires=").concat(r,";path=/;samesite=").concat(p.config.isInIframe?"none;secure":"lax")):u.default.getReferenceOrThrow().cookieHandler.setCookie("".concat(e,"=").concat(t,";expires=").concat(r,";domain=").concat(o,";path=/;samesite=").concat(p.config.isInIframe?"none;secure":"lax"))}function D(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){return[2,E(T(e))]}))}))}function E(e){return o(this,void 0,void 0,(function(){var t,n,r,o;return s(this,(function(s){switch(s.label){case 0:return n="; ",[4,u.default.getReferenceOrThrow().cookieHandler.getCookie()];case 1:return t=n+s.sent(),(r=t.split("; "+e+"=")).length>=2&&void 0!==(o=r.pop())?[2,o.split(";").shift()]:[2,void 0]}}))}))}function M(e,t){return void 0===t&&(t=!1),o(this,void 0,void 0,(function(){var n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("setTokenHeaders: adding existing tokens as header"),[4,D("access")];case 1:return n=o.sent(),[4,D("refresh")];case 2:return r=o.sent(),!t&&void 0===n||void 0===r?(0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"):e.has("Authorization")?(0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):((0,d.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.set("Authorization","Bearer ".concat(t?r:n))),[2]}}))}))}function x(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i;return s(this,(function(s){switch(s.label){case 0:return(0,d.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response headers"),null===(t=e.headers.get("st-refresh-token"))?[3,2]:((0,d.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,I("refresh",t)]);case 1:s.sent(),s.label=2;case 2:return null===(n=e.headers.get("st-access-token"))?[3,4]:((0,d.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,I("access",n)]);case 3:s.sent(),s.label=4;case 4:return null===(r=e.headers.get("front-token"))?[3,6]:((0,d.logDebugMessage)("saveTokensFromHeaders: Setting sFrontToken: "+r),[4,h.setItem(r)]);case 5:s.sent(),s.label=6;case 6:return null===(o=e.headers.get("anti-csrf"))?[3,9]:[4,S(!0)];case 7:return"EXISTS"!==(i=s.sent()).status?[3,9]:((0,d.logDebugMessage)("saveTokensFromHeaders: Setting anti-csrf token"),[4,g.setItem(i.lastAccessTokenUpdate,o)]);case 8:s.sent(),s.label=9;case 9:return[2]}}))}))}function A(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("saveLastAccessTokenUpdate: called"),e=Date.now().toString(),(0,d.logDebugMessage)("saveLastAccessTokenUpdate: setting "+e),[4,R(v,e,Number.MAX_SAFE_INTEGER)];case 1:return t.sent(),[4,R("sIRTFrontend","",0)];case 2:return t.sent(),[2]}}))}))}function _(){return o(this,void 0,void 0,(function(){function e(){return o(this,void 0,void 0,(function(){var e,t,n,r,o;return s(this,(function(s){switch(s.label){case 0:return t="; ",[4,u.default.getReferenceOrThrow().cookieHandler.getCookie()];case 1:return e=t+s.sent(),(n=e.split("; sAntiCsrf=")).length>=2&&void 0!==(r=n.pop())?void 0===(o=r.split(";").shift())?[2,null]:[2,o]:[2,null]}}))}))}var t;return s(this,(function(n){switch(n.label){case 0:return(0,d.logDebugMessage)("getAntiCSRFToken: called"),[4,S(!0)];case 1:return"EXISTS"!==n.sent().status?((0,d.logDebugMessage)("getAntiCSRFToken: Returning because local session state != EXISTS"),[2,null]):[4,e()];case 2:return t=n.sent(),(0,d.logDebugMessage)("getAntiCSRFToken: returning: "+t),[2,t]}}))}))}function C(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("setAntiCSRF: called: "+e),void 0===e?[3,2]:[4,R(b,e,Number.MAX_SAFE_INTEGER)];case 1:return t.sent(),[3,4];case 2:return[4,R(b,"",0)];case 3:t.sent(),t.label=4;case 4:return[2]}}))}))}function O(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("getFrontTokenFromCookie: called"),[4,E(m)];case 1:return[2,void 0===(e=t.sent())?null:e]}}))}))}function P(e){return JSON.parse(decodeURIComponent(escape(atob(e))))}function H(){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,d.logDebugMessage)("getFrontToken: called"),[4,S(!0)];case 1:return"EXISTS"!==t.sent().status?((0,d.logDebugMessage)("getFrontToken: Returning because sIRTFrontend != EXISTS"),[2,null]):[4,O()];case 2:return e=t.sent(),(0,d.logDebugMessage)("getFrontToken: returning: "+e),[2,e]}}))}))}function F(e){return o(this,void 0,void 0,(function(){var t,n,r;return s(this,(function(o){switch(o.label){case 0:return(0,d.logDebugMessage)("setFrontToken: called"),[4,O()];case 1:return null!==(t=o.sent())&&void 0!==e&&(n=P(t).up,r=P(e).up,JSON.stringify(n)!==JSON.stringify(r)&&w()),void 0!==e?[3,3]:[4,R(m,"",0)];case 2:return o.sent(),[3,5];case 3:return[4,R(m,e,Number.MAX_SAFE_INTEGER)];case 4:o.sent(),o.label=5;case 5:return[2]}}))}))}function U(e,t,n){if(null!=n){var r="remove"!==n;(0,d.logDebugMessage)("fireSessionUpdateEventsIfNecessary wasLoggedIn: ".concat(e," frontTokenExistsAfter: ").concat(r," status: ").concat(t)),e?r||(t===p.config.sessionExpiredStatusCode?((0,d.logDebugMessage)("onUnauthorisedResponse: firing UNAUTHORISED event"),p.config.onHandleEvent({action:"UNAUTHORISED",sessionExpiredOrRevoked:!0,userContext:{}})):((0,d.logDebugMessage)("onUnauthorisedResponse: firing SIGN_OUT event"),p.config.onHandleEvent({action:"SIGN_OUT",userContext:{}}))):r&&((0,d.logDebugMessage)("onUnauthorisedResponse: firing SESSION_CREATED event"),p.config.onHandleEvent({action:"SESSION_CREATED",userContext:{}}))}else(0,d.logDebugMessage)("fireSessionUpdateEventsIfNecessary returning early because the front token was not updated")}t.onUnauthorisedResponse=k,t.onTokenUpdate=w,t.onInvalidClaimResponse=y,t.getLocalSessionState=S,t.getStorageNameForToken=T,t.setToken=I,t.getTokenForHeaderAuth=D,t.saveLastAccessTokenUpdate=A,t.setAntiCSRF=C,t.getFrontToken=H,t.setFrontToken=F,t.fireSessionUpdateEventsIfNecessary=U,t.updateClockSkewUsingFrontToken=function(e){var t=e.frontToken,n=e.responseHeaders;if((0,d.logDebugMessage)("updateClockSkewUsingFrontToken: frontToken: "+t),null!==t&&"remove"!==t){var r=P(t),o=p.recipeImpl.getClockSkewInMillis({accessTokenPayload:r.up,responseHeaders:n});console.log("clockSkewInMillis",o),f.default.getReferenceOrThrow().dateProvider.setClientClockSkewInMillis(o),(0,d.logDebugMessage)("updateClockSkewUsingFrontToken: Client clock synchronized successfully")}else(0,d.logDebugMessage)("updateClockSkewUsingFrontToken: frontToken is either null or is being removed, skipping update")}},569:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.BooleanClaim=t.PrimitiveArrayClaim=t.PrimitiveClaim=t.getInvalidClaimsFromResponse=t.getClaimValue=t.validateClaims=t.signOut=t.addAxiosInterceptors=t.doesSessionExist=t.attemptRefreshingSession=t.getAccessToken=t.getAccessTokenPayloadSecurely=t.getUserId=t.init=void 0;var s=n(379),i=n(994),a=n(333),u=n(318),c=n(501),l=n(958),d=n(941),f=n(153),g=n(845),h=n(671),p=function(){function e(){}var t;return e.init=function(t){c.default.init(t.cookieHandler),l.default.init(t.windowHandler),h.default.init(t.dateProvider),d.default.init(t.lockFactory,l.default.getReferenceOrThrow().windowHandler.localStorage);var n=(0,u.validateAndNormaliseInputOrThrowError)(t);void 0!==t.enableDebugLogs&&t.enableDebugLogs&&(0,g.enableLogging)();var r=new a.default((0,i.default)({onHandleEvent:n.onHandleEvent,preAPIHook:n.preAPIHook,postAPIHook:n.postAPIHook,sessionExpiredStatusCode:n.sessionExpiredStatusCode})).override(n.override.functions).build();s.default.init(n,r),e.axiosInterceptorQueue.forEach((function(e){e()})),e.axiosInterceptorQueue=[]},e.getUserId=function(e){return s.default.recipeImpl.getUserId({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.getAccessTokenPayloadSecurely=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return[2,s.default.recipeImpl.getAccessTokenPayloadSecurely({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})]}))}))},t=e,e.axiosInterceptorQueue=[],e.attemptRefreshingSession=function(){return r(void 0,void 0,void 0,(function(){return o(t,(function(e){return[2,s.default.attemptRefreshingSession()]}))}))},e.doesSessionExist=function(e){return s.default.recipeImpl.doesSessionExist({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.addAxiosInterceptors=function(t,n){s.default.initCalled?s.default.recipeImpl.addAxiosInterceptors({axiosInstance:t,userContext:(0,u.getNormalisedUserContext)(n)}):e.axiosInterceptorQueue.push((function(){s.default.recipeImpl.addAxiosInterceptors({axiosInstance:t,userContext:(0,u.getNormalisedUserContext)(n)})}))},e.signOut=function(e){return s.default.recipeImpl.signOut({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})},e.getInvalidClaimsFromResponse=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return[2,s.default.recipeImpl.getInvalidClaimsFromResponse({response:e.response,userContext:(0,u.getNormalisedUserContext)(e.userContext)})]}))}))},e.getClaimValue=function(t){return r(this,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return n=(0,u.getNormalisedUserContext)(void 0===t?void 0:t.userContext),[4,e.getAccessTokenPayloadSecurely({userContext:n})];case 1:return r=o.sent(),[2,t.claim.getValueFromPayload(r,n)]}}))}))},e.validateClaims=function(e,t){var n=(0,u.getNormalisedUserContext)(t),r=f.SessionClaimValidatorStore.getClaimValidatorsAddedByOtherRecipes(),o=s.default.recipeImpl.getGlobalClaimValidators({claimValidatorsAddedByOtherRecipes:r,userContext:n}),i=void 0!==e?e(o,n):o;return 0===i.length?[]:s.default.recipeImpl.validateClaims({claimValidators:i,userContext:(0,u.getNormalisedUserContext)(t)})},e.getAccessToken=function(e){return r(void 0,void 0,void 0,(function(){return o(t,(function(t){switch(t.label){case 0:return[4,s.default.recipeImpl.doesSessionExist({userContext:(0,u.getNormalisedUserContext)(void 0===e?void 0:e.userContext)})];case 1:return t.sent()?[2,(0,s.getTokenForHeaderAuth)("access")]:[2,void 0]}}))}))},e}();t.default=p,t.init=p.init,t.getUserId=p.getUserId,t.getAccessTokenPayloadSecurely=p.getAccessTokenPayloadSecurely,t.getAccessToken=p.getAccessToken,t.attemptRefreshingSession=p.attemptRefreshingSession,t.doesSessionExist=p.doesSessionExist,t.addAxiosInterceptors=p.addAxiosInterceptors,t.signOut=p.signOut,t.validateClaims=p.validateClaims,t.getClaimValue=p.getClaimValue,t.getInvalidClaimsFromResponse=p.getInvalidClaimsFromResponse;var v=n(911);Object.defineProperty(t,"PrimitiveClaim",{enumerable:!0,get:function(){return v.PrimitiveClaim}});var b=n(748);Object.defineProperty(t,"PrimitiveArrayClaim",{enumerable:!0,get:function(){return b.PrimitiveArrayClaim}});var m=n(491);Object.defineProperty(t,"BooleanClaim",{enumerable:!0,get:function(){return m.BooleanClaim}})},845:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.logDebugMessage=t.disableLogging=t.enableLogging=void 0;var r=n(255),o=!1;t.enableLogging=function(){o=!0},t.disableLogging=function(){o=!1},t.logDebugMessage=function(e){o&&console.log("".concat("com.supertokens",' {t: "').concat((new Date).toISOString(),'", message: "').concat(e,'", supertokens-website-ver: "').concat(r.package_version,'"}'))}},992:(e,t)=>{function n(e){return/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/.test(e)}Object.defineProperty(t,"__esModule",{value:!0}),t.isAnIpAddress=void 0,t.isAnIpAddress=n;function r(e,t){void 0===t&&(t=!1),e=e.trim();try{if(!e.startsWith("http://")&&!e.startsWith("https://"))throw new Error("converting to proper URL");var o=new URL(e);return t?o.hostname.startsWith("localhost")||n(o.hostname)?"http://"+o.host:"https://"+o.host:o.protocol+"//"+o.host}catch(e){}if(e.startsWith("/"))throw new Error("Please provide a valid domain name");if(0===e.indexOf(".")&&(e=e.substr(1)),(-1!==e.indexOf(".")||e.startsWith("localhost"))&&!e.startsWith("http://")&&!e.startsWith("https://")){e="https://"+e;try{return new URL(e),r(e,!0)}catch(e){}}throw new Error("Please provide a valid domain name")}t.default=function(e){var t=this;this.getAsStringDangerous=function(){return t.value},this.value=r(e)}},260:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});function n(e){e=e.trim();try{if(!e.startsWith("http://")&&!e.startsWith("https://"))throw new Error("converting to proper URL");return"/"===(e=new URL(e).pathname).charAt(e.length-1)?e.substr(0,e.length-1):e}catch(e){}if((function(e){if(-1===e.indexOf(".")||e.startsWith("/"))return!1;try{return-1!==new URL(e).hostname.indexOf(".")}catch(e){}try{return-1!==new URL("http://"+e).hostname.indexOf(".")}catch(e){}return!1}(e)||e.startsWith("localhost"))&&!e.startsWith("http://")&&!e.startsWith("https://"))return n(e="http://"+e);"/"!==e.charAt(0)&&(e="/"+e);try{return new URL("http://example.com"+e),n("http://example.com"+e)}catch(e){throw new Error("Please provide a valid URL path")}}t.default=function e(t){var r=this;this.startsWith=function(e){return r.value.startsWith(e.value)},this.appendPath=function(t){return new e(r.value+t.value)},this.getAsStringDangerous=function(){return r.value},this.value=n(t)}},743:function(e,t){var n,r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.ProcessState=t.PROCESS_STATE=void 0,(n=t.PROCESS_STATE||(t.PROCESS_STATE={}))[n.CALLING_INTERCEPTION_REQUEST=0]="CALLING_INTERCEPTION_REQUEST",n[n.CALLING_INTERCEPTION_RESPONSE=1]="CALLING_INTERCEPTION_RESPONSE";var s=function(){function e(){var e=this;this.history=[],this.addState=function(t){try{void 0!==process&&void 0!==process.env&&"testing"===process.env.TEST_MODE&&e.history.push(t)}catch(e){}},this.getEventByLastEventByName=function(t){for(var n=e.history.length-1;n>=0;n--)if(e.history[n]==t)return e.history[n]},this.reset=function(){e.history=[]},this.waitForEvent=function(t,n){return void 0===n&&(n=7e3),r(e,void 0,void 0,(function(){var e,r=this;return o(this,(function(o){return e=Date.now(),[2,new Promise((function(o){var s=r;!function r(){var i=s.getEventByLastEventByName(t);void 0===i?Date.now()-e>n?o(void 0):setTimeout(r,1e3):o(i)}()}))]}))}))}}return e.getInstance=function(){return null==e.instance&&(e.instance=new e),e.instance},e}();t.ProcessState=s},994:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0});var i=n(379),a=n(759),u=n(255),c=n(845),l=n(173),d=n(648),f=n(318);t.default=function(e){return{addXMLHttpRequestInterceptor:function(e){(0,c.logDebugMessage)("addXMLHttpRequestInterceptorAndReturnModified: called"),(0,d.addInterceptorsToXMLHttpRequest)()},addFetchInterceptorsAndReturnModifiedFetch:function(e){return(0,c.logDebugMessage)("addFetchInterceptorsAndReturnModifiedFetch: called"),function(t,n){return o(this,void 0,void 0,(function(){return s(this,(function(o){switch(o.label){case 0:return[4,i.default.doRequest((function(n){return e.originalFetch("object"==typeof t&&"clone"in t?t.clone():t,r({},n))}),n,t)];case 1:return[2,o.sent()]}}))}))}},addAxiosInterceptors:function(e){if((0,c.logDebugMessage)("addAxiosInterceptors: called"),XMLHttpRequest.__interceptedBySuperTokens)return console.warn("Not adding axios interceptor since XMLHttpRequest is already added. This is just a warning."),console.warn("Our axios and XMLHttpRequest interceptors cannot be used at the same time."),console.warn("Since XMLHttpRequest is added automatically and supports axios by default, you can just remove addAxiosInterceptors from your code."),console.warn("If you want to continue using our axios interceptor, you can override addXMLHttpRequestInterceptor with an empty function."),void(0,c.logDebugMessage)("addAxiosInterceptors: not adding, because XHR interceptors are already in place");for(var t=e.axiosInstance.interceptors.request,n=0;n<t.handlers.length;n++)if(t.handlers[n].fulfilled===a.interceptorFunctionRequestFulfilled)return void(0,c.logDebugMessage)("addAxiosInterceptors: not adding because already added on this instance");e.axiosInstance.interceptors.request.use(a.interceptorFunctionRequestFulfilled,(function(e){return o(this,void 0,void 0,(function(){return s(this,(function(t){throw e}))}))})),e.axiosInstance.interceptors.response.use((0,a.responseInterceptor)(e.axiosInstance),(0,a.responseErrorInterceptor)(e.axiosInstance))},getUserId:function(e){return o(this,void 0,void 0,(function(){var e;return s(this,(function(t){switch(t.label){case 0:return(0,c.logDebugMessage)("getUserId: called"),[4,i.FrontToken.getTokenInfo()];case 1:if(void 0===(e=t.sent()))throw new Error("No session exists");return(0,c.logDebugMessage)("getUserId: returning: "+e.uid),[2,e.uid]}}))}))},getAccessTokenPayloadSecurely:function(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return(0,c.logDebugMessage)("getAccessTokenPayloadSecurely: called"),[4,i.FrontToken.getTokenInfo()];case 1:if(void 0===(t=n.sent()))throw new Error("No session exists");return t.ate<Date.now()?((0,c.logDebugMessage)("getAccessTokenPayloadSecurely: access token expired. Refreshing session"),[4,i.default.attemptRefreshingSession()]):[3,5];case 2:return n.sent()?[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})]:[3,4];case 3:return[2,n.sent()];case 4:throw new Error("Could not refresh session");case 5:return(0,c.logDebugMessage)("getAccessTokenPayloadSecurely: returning: "+JSON.stringify(t.up)),[2,t.up]}}))}))},doesSessionExist:function(e){return o(this,void 0,void 0,(function(){var e,t;return s(this,(function(n){switch(n.label){case 0:return(0,c.logDebugMessage)("doesSessionExist: called"),[4,i.FrontToken.getTokenInfo()];case 1:return void 0===(e=n.sent())?((0,c.logDebugMessage)("doesSessionExist: access token does not exist locally"),[2,!1]):e.ate<Date.now()?((0,c.logDebugMessage)("doesSessionExist: access token expired. Refreshing session"),[4,(0,i.getLocalSessionState)(!1)]):[3,4];case 2:return t=n.sent(),[4,(0,i.onUnauthorisedResponse)(t)];case 3:return[2,"RETRY"===n.sent().result];case 4:return[2,!0]}}))}))},signOut:function(t){return o(this,void 0,void 0,(function(){var n,r,o,a;return s(this,(function(s){switch(s.label){case 0:return(0,c.logDebugMessage)("signOut: called"),[4,this.doesSessionExist(t)];case 1:return s.sent()?((0,c.logDebugMessage)("signOut: Calling refresh pre API hook"),[4,e.preAPIHook({action:"SIGN_OUT",requestInit:{method:"post",headers:{"fdi-version":u.supported_fdi.join(","),rid:i.default.rid}},url:i.default.signOutUrl,userContext:t.userContext})]):((0,c.logDebugMessage)("signOut: exiting early because session does not exist"),(0,c.logDebugMessage)("signOut: firing SIGN_OUT event"),e.onHandleEvent({action:"SIGN_OUT",userContext:t.userContext}),[2]);case 2:return n=s.sent(),(0,c.logDebugMessage)("signOut: Calling API"),[4,fetch(n.url,n.requestInit)];case 3:if(r=s.sent(),(0,c.logDebugMessage)("signOut: API ended"),(0,c.logDebugMessage)("signOut: API responded with status code: "+r.status),r.status===e.sessionExpiredStatusCode)return[2];if(r.status>=300)throw r;return[4,e.postAPIHook({action:"SIGN_OUT",requestInit:n.requestInit,url:n.url,fetchResponse:r.clone(),userContext:t.userContext})];case 4:return s.sent(),[4,r.clone().json()];case 5:if("GENERAL_ERROR"===(o=s.sent()).status)throw(0,c.logDebugMessage)("doRequest: Throwing general error"),a=void 0===o.message?"No Error Message Provided":o.message,new l.STGeneralError(a);return[2]}}))}))},getInvalidClaimsFromResponse:function(e){return o(this,void 0,void 0,(function(){var t;return s(this,(function(n){switch(n.label){case 0:return"body"in e.response?[4,e.response.clone().json()]:[3,2];case 1:return t=n.sent(),[3,3];case 2:t="string"==typeof e.response.data?JSON.parse(e.response.data):e.response.data,n.label=3;case 3:return[2,t.claimValidationErrors]}}))}))},getGlobalClaimValidators:function(e){return e.claimValidatorsAddedByOtherRecipes},validateClaims:function(e){return o(this,void 0,void 0,(function(){var t,n,r,o,i,a,u,c,l;return s(this,(function(s){switch(s.label){case 0:return[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})];case 1:t=s.sent(),n=0,r=e.claimValidators,s.label=2;case 2:return n<r.length?[4,(c=r[n]).shouldRefresh(t,e.userContext)]:[3,10];case 3:if(!s.sent())return[3,9];s.label=4;case 4:return s.trys.push([4,6,,7]),[4,c.refresh(e.userContext)];case 5:return s.sent(),[3,7];case 6:return o=s.sent(),console.error("Encountered an error while refreshing validator ".concat(c.id),o),[3,7];case 7:return[4,this.getAccessTokenPayloadSecurely({userContext:e.userContext})];case 8:t=s.sent(),s.label=9;case 9:return n++,[3,2];case 10:i=[],a=0,u=e.claimValidators,s.label=11;case 11:return a<u.length?[4,(c=u[a]).validate(t,e.userContext)]:[3,14];case 12:(l=s.sent()).isValid||i.push({validatorId:c.id,reason:l.reason}),s.label=13;case 13:return a++,[3,11];case 14:return[2,i]}}))}))},shouldDoInterceptionBasedOnUrl:function(e,t,n){if((0,c.logDebugMessage)("shouldDoInterceptionBasedOnUrl: toCheckUrl: "+e+" apiDomain: "+t+" sessionTokenBackendDomain: "+n),e.includes("superTokensDoNotDoInterception"))return!1;e=(0,f.normaliseURLDomainOrThrowError)(e);var r=new URL(e),o=r.hostname;if(void 0===n){o=""===r.port?o:o+":"+r.port,t=(0,f.normaliseURLDomainOrThrowError)(t);var s=new URL(t);return o===(""===s.port?s.hostname:s.hostname+":"+s.port)}var i,a=(0,f.normaliseSessionScopeOrThrowError)(n);if(n.split(":").length>1){var u=n.split(":")[n.split(":").length-1];"string"!=typeof(i=u)||isNaN(i)||isNaN(parseFloat(i))||(a+=":"+u,o=""===r.port?o:o+":"+r.port)}return n.startsWith(".")?("."+o).endsWith(a):o===a},getClockSkewInMillis:function(e){var t=e.accessTokenPayload;(0,c.logDebugMessage)("getClockSkewInMillis: called");var n=null==t?void 0:t.iat;if(void 0===n||"number"!=typeof n)return(0,c.logDebugMessage)("getClockSkewInMillis: payload iat is undefined or not a number, returning 0"),0;var r=1e3*n-Date.now();return(0,c.logDebugMessage)("getClockSkewInMillis: returning "+r),r}}}},272:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.defaultCookieHandlerImplementation=void 0;var s=n(958);t.defaultCookieHandlerImplementation={getCookie:function(){return r(this,void 0,void 0,(function(){return o(this,(function(e){return[2,s.default.getReferenceOrThrow().windowHandler.getWindowUnsafe().document.cookie]}))}))},setCookie:function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){return s.default.getReferenceOrThrow().windowHandler.getWindowUnsafe().document.cookie=e,[2]}))}))}}},501:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.CookieHandlerReference=void 0;var r=n(272),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.cookieHandler=t(r.defaultCookieHandlerImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensCookieHandler must be initialized before calling this method.");return e.instance},e}();t.CookieHandlerReference=o,t.default=o},812:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.defaultDateProviderImplementation=void 0;var r=n(958),o=function(){function e(){}return e.prototype.setClientClockSkewInMillis=function(t){r.default.getReferenceOrThrow().windowHandler.localStorage.setItemSync(e.CLOCK_SKEW_KEY,String(t))},e.prototype.getClientClockSkewInMillis=function(){var t=r.default.getReferenceOrThrow().windowHandler.localStorage;return parseInt(t.getItemSync(e.CLOCK_SKEW_KEY)||"0",10)},e.prototype.now=function(){return Date.now()+this.getClientClockSkewInMillis()},e.CLOCK_SKEW_KEY="__st_clockSkewInMillis",e}();t.defaultDateProviderImplementation=new o},671:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DateProviderReference=void 0;var r=n(812),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.dateProvider=t(r.defaultDateProviderImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensDateProvider must be initialized before calling this method.");return e.instance},e}();t.DateProviderReference=o,t.default=o},318:function(e,t,n){var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)},o=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},s=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.getNormalisedUserContext=t.validateAndNormaliseInputOrThrowError=t.normaliseSessionScopeOrThrowError=t.normaliseURLPathOrThrowError=t.normaliseURLDomainOrThrowError=void 0;var i=n(992),a=n(260),u=n(958);function c(e){return new i.default(e).getAsStringDangerous()}function l(e){return new a.default(e).getAsStringDangerous()}function d(e){var t=function(e){(e=e.trim().toLowerCase()).startsWith(".")&&(e=e.substr(1)),e.startsWith("http://")||e.startsWith("https://")||(e="http://"+e);try{return(e=new URL(e).hostname).startsWith(".")&&(e=e.substr(1)),e}catch(e){throw new Error("Please provide a valid sessionTokenFrontendDomain")}}(e);return"localhost"===t||(0,i.isAnIpAddress)(t)?t:e.startsWith(".")?"."+t:t}t.normaliseURLDomainOrThrowError=c,t.normaliseURLPathOrThrowError=l,t.normaliseSessionScopeOrThrowError=d,t.validateAndNormaliseInputOrThrowError=function(e){var t=this,n=c(e.apiDomain),i=l("/auth");void 0!==e.apiBasePath&&(i=l(e.apiBasePath));var a=u.default.getReferenceOrThrow().windowHandler.location.getHostName(),f=d(void 0!==e&&void 0!==e.sessionTokenFrontendDomain?e.sessionTokenFrontendDomain:a),g=401;void 0!==e.sessionExpiredStatusCode&&(g=e.sessionExpiredStatusCode);var h=403;if(void 0!==e.invalidClaimStatusCode&&(h=e.invalidClaimStatusCode),g===h)throw new Error("sessionExpiredStatusCode and invalidClaimStatusCode cannot be the same.");var p=!0;void 0!==e.autoAddCredentials&&(p=e.autoAddCredentials);var v=!1;void 0!==e.isInIframe&&(v=e.isInIframe);var b=void 0;void 0!==e.sessionTokenBackendDomain&&(b=d(e.sessionTokenBackendDomain));var m=function(e){return o(t,void 0,void 0,(function(){return s(this,(function(t){return[2,{url:e.url,requestInit:e.requestInit}]}))}))};void 0!==e.preAPIHook&&(m=e.preAPIHook);var k=function(){return o(t,void 0,void 0,(function(){return s(this,(function(e){return[2]}))}))};void 0!==e.postAPIHook&&(k=e.postAPIHook);var w=function(){};void 0!==e.onHandleEvent&&(w=e.onHandleEvent);var y=r({functions:function(e){return e}},e.override);return{apiDomain:n,apiBasePath:i,sessionTokenFrontendDomain:f,sessionExpiredStatusCode:g,invalidClaimStatusCode:h,autoAddCredentials:p,isInIframe:v,tokenTransferMethod:void 0!==e.tokenTransferMethod?e.tokenTransferMethod:"cookie",sessionTokenBackendDomain:b,preAPIHook:m,postAPIHook:k,onHandleEvent:w,override:y}},t.getNormalisedUserContext=function(e){return void 0===e?{}:e}},941:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.LockFactoryReference=void 0;var r=n(895),o=function(){function e(e){this.lockFactory=e}return e.init=function(t,n){void 0===this.instance&&(this.instance=new e(null!=t?t:function(e){return function(){return Promise.resolve(new r.default(e))}}(n)))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensLockReference must be initialized before calling this method.");return e.instance},e}();t.LockFactoryReference=o,t.default=o},153:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.SessionClaimValidatorStore=void 0;var n=function(){function e(){}return e.claimValidatorsAddedByOtherRecipes=[],e.addClaimValidatorFromOtherRecipe=function(t){e.claimValidatorsAddedByOtherRecipes.push(t)},e.getClaimValidatorsAddedByOtherRecipes=function(){return e.claimValidatorsAddedByOtherRecipes},e}();t.SessionClaimValidatorStore=n,t.default=n},586:function(e,t){var n=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},r=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};function o(){if("undefined"==typeof window)throw Error("If you are using this package with server-side rendering, please make sure that you are checking if the window object is defined.");return window}Object.defineProperty(t,"__esModule",{value:!0}),t.defaultWindowHandlerImplementation=void 0;var s={key:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.key(e)]}))}))},clear:function(){return n(this,void 0,void 0,(function(){return r(this,(function(e){return[2,o().localStorage.clear()]}))}))},getItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.getItem(e)]}))}))},removeItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().localStorage.removeItem(e)]}))}))},setItem:function(e,t){return n(this,void 0,void 0,(function(){return r(this,(function(n){return[2,o().localStorage.setItem(e,t)]}))}))},keySync:function(e){return o().localStorage.key(e)},clearSync:function(){return o().localStorage.clear()},getItemSync:function(e){return o().localStorage.getItem(e)},removeItemSync:function(e){return o().localStorage.removeItem(e)},setItemSync:function(e,t){return o().localStorage.setItem(e,t)}},i={key:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.key(e)]}))}))},clear:function(){return n(this,void 0,void 0,(function(){return r(this,(function(e){return[2,o().sessionStorage.clear()]}))}))},getItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.getItem(e)]}))}))},removeItem:function(e){return n(this,void 0,void 0,(function(){return r(this,(function(t){return[2,o().sessionStorage.removeItem(e)]}))}))},setItem:function(e,t){return n(this,void 0,void 0,(function(){return r(this,(function(n){return[2,o().sessionStorage.setItem(e,t)]}))}))},keySync:function(e){return o().sessionStorage.key(e)},clearSync:function(){return o().sessionStorage.clear()},getItemSync:function(e){return o().sessionStorage.getItem(e)},removeItemSync:function(e){return o().sessionStorage.removeItem(e)},setItemSync:function(e,t){return o().sessionStorage.setItem(e,t)}};t.defaultWindowHandlerImplementation={history:{replaceState:function(e,t,n){return o().history.replaceState(e,t,n)},getState:function(){return o().history.state}},location:{getHref:function(){return o().location.href},setHref:function(e){o().location.href=e},getSearch:function(){return o().location.search},getHash:function(){return o().location.hash},getPathName:function(){return o().location.pathname},assign:function(e){o().location.assign(e)},getHostName:function(){return o().location.hostname},getHost:function(){return o().location.host},getOrigin:function(){return o().location.origin}},getDocument:function(){return o().document},getWindowUnsafe:function(){return o().window},localStorage:s,sessionStorage:i}},958:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.WindowHandlerReference=void 0;var r=n(586),o=function(){function e(e){var t=function(e){return e};void 0!==e&&(t=e),this.windowHandler=t(r.defaultWindowHandlerImplementation)}return e.init=function(t){void 0===e.instance&&(e.instance=new e(t))},e.getReferenceOrThrow=function(){if(void 0===e.instance)throw new Error("SuperTokensWindowHandler must be initialized before calling this method.");return e.instance},e}();t.WindowHandlerReference=o,t.default=o},255:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.supported_fdi=t.package_version=void 0,t.package_version="17.0.6",t.supported_fdi=["1.16","1.17","1.18"]},648:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}};Object.defineProperty(t,"__esModule",{value:!0}),t.addInterceptorsToXMLHttpRequest=void 0;var s=n(379),i=n(845),a=n(958),u=n(743),c=["readystatechange","abort","error","load","loadend","loadstart","progress","timeout"];function l(e){return r(this,void 0,void 0,(function(){var t,n,r,s,i;return o(this,(function(o){switch(o.label){case 0:if(t=e.headers.get("content-type"),n="",r="text",null!==t)return[3,5];o.label=1;case 1:return o.trys.push([1,3,,4]),[4,e.text()];case 2:return n=o.sent(),[3,4];case 3:return o.sent(),n="",[3,4];case 4:return[3,9];case 5:return t.includes("application/json")?(r="json",i=(s=JSON).stringify,[4,e.json()]):[3,7];case 6:return n=i.apply(s,[o.sent()]),[3,9];case 7:return t.includes("text/")?[4,e.text()]:[3,9];case 8:n=o.sent(),o.label=9;case 9:return[2,{status:e.status,responseText:n,statusText:e.statusText,responseType:r,headers:e.headers}]}}))}))}function d(e,t){return r(this,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: adding existing tokens as header"),[4,(0,s.getTokenForHeaderAuth)("access")];case 1:return n=o.sent(),[4,(0,s.getTokenForHeaderAuth)("refresh")];case 2:return r=o.sent(),void 0!==n&&void 0!==r?t.some((function(e){return"authorization"===e.name.toLowerCase()}))?(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: Authorization header defined by the user, not adding"):void 0!==n&&((0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: added authorization header"),e.setRequestHeader("Authorization","Bearer ".concat(n))):(0,i.logDebugMessage)("setAuthorizationHeaderIfRequired: token for header based auth not found"),[2]}}))}))}function f(e){return r(this,void 0,void 0,(function(){var t,n,r,a,u;return o(this,(function(o){switch(o.label){case 0:return(0,i.logDebugMessage)("saveTokensFromHeaders: Saving updated tokens from the response"),null===(t=e.get("st-refresh-token"))?[3,2]:((0,i.logDebugMessage)("saveTokensFromHeaders: saving new refresh token"),[4,(0,s.setToken)("refresh",t)]);case 1:o.sent(),o.label=2;case 2:return null===(n=e.get("st-access-token"))?[3,4]:((0,i.logDebugMessage)("saveTokensFromHeaders: saving new access token"),[4,(0,s.setToken)("access",n)]);case 3:o.sent(),o.label=4;case 4:return null===(r=e.get("front-token"))?[3,6]:((0,i.logDebugMessage)("saveTokensFromHeaders: Setting sFrontToken: "+r),[4,s.FrontToken.setItem(r)]);case 5:o.sent(),o.label=6;case 6:return null===(a=e.get("anti-csrf"))?[3,9]:[4,(0,s.getLocalSessionState)(!0)];case 7:return"EXISTS"!==(u=o.sent()).status?[3,9]:((0,i.logDebugMessage)("saveTokensFromHeaders: Setting anti-csrf token"),[4,s.AntiCsrfToken.setItem(u.lastAccessTokenUpdate,a)]);case 8:o.sent(),o.label=9;case 9:return[2]}}))}))}t.addInterceptorsToXMLHttpRequest=function(){var e=new Promise((function(e){return setTimeout(e,0)})),t=XMLHttpRequest;(0,i.logDebugMessage)("addInterceptorsToXMLHttpRequest called"),XMLHttpRequest=function(){var n=new t,g=e;function h(e){g=g.finally((function(){var t;return null===(t=e())||void 0===t?void 0:t.catch(console.error)}))}var p,v,b=this,m=[],k=[],w={},y=new Map,S="",T=!1,I=void 0;function R(e,t){var n=y.get(e);(0,i.logDebugMessage)("XHRInterceptor dispatching ".concat(t.type," to ").concat(n?n.size:0," listeners")),n&&Array.from(n).forEach((function(e){return e.apply(b,[t])}))}function D(){return r(this,void 0,void 0,(function(){var e,n;return o(this,(function(r){switch(r.label){case 0:if(void 0===I)throw new Error("Should never come here..");return(0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: preRequestLSS "+I.status),[4,(0,s.onUnauthorisedResponse)(I)];case 1:if("RETRY"!==(e=r.sent()).result){if((0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: Not retrying original request "+!!e.error),void 0!==e.error)throw e.error;return[2,!0]}return(0,i.logDebugMessage)("XHRInterceptor.handleRetryPostRefreshing: Retrying original request"),n=new t,x(b,n,!0),m.forEach((function(e){e(n)})),A(n,v),[2,!1]}}))}))}function E(e){return r(this,void 0,void 0,(function(){var t,n,r,a,c;return o(this,(function(o){switch(o.label){case 0:if(T)return(0,i.logDebugMessage)("XHRInterceptor.handleResponse: Returning without interception"),[2,!0];o.label=1;case 1:o.trys.push([1,14,,18]),o.label=2;case 2:return o.trys.push([2,,8,13]),(0,i.logDebugMessage)("XHRInterceptor.handleResponse: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_RESPONSE),t=e.status,n=function(e){return new Headers(e.getAllResponseHeaders().split("\r\n").map((function(e){var t=e.indexOf(": ");return-1===t?["",""]:[e.slice(0,t),e.slice(t+2)]})).filter((function(e){return 0!==e[0].length})))}(e),[4,f(n)];case 3:return o.sent(),r=n.get("front-token"),(0,s.updateClockSkewUsingFrontToken)({frontToken:r,responseHeaders:n}),(0,s.fireSessionUpdateEventsIfNecessary)("EXISTS"===I.status,t,r),t!==s.default.config.sessionExpiredStatusCode?[3,5]:((0,i.logDebugMessage)("responseInterceptor: Status code is: "+t),[4,D()]);case 4:return[2,o.sent()];case 5:return t!==s.default.config.invalidClaimStatusCode?[3,7]:[4,(0,s.onInvalidClaimResponse)({data:JSON.parse(e.responseText)})];case 6:o.sent(),o.label=7;case 7:return[2,!0];case 8:return(0,i.logDebugMessage)("XHRInterceptor.handleResponse: doFinallyCheck running"),[4,(0,s.getLocalSessionState)(!1)];case 9:return"EXISTS"===o.sent().status?[3,12]:((0,i.logDebugMessage)("XHRInterceptor.handleResponse: local session doesn't exist, so removing anti-csrf and sFrontToken"),[4,s.AntiCsrfToken.removeToken()]);case 10:return o.sent(),[4,s.FrontToken.removeToken()];case 11:o.sent(),o.label=12;case 12:return[7];case 13:return[3,18];case 14:return a=o.sent(),(0,i.logDebugMessage)("XHRInterceptor.handleResponse: caught error"),void 0===a.status?[3,16]:[4,l(a)];case 15:if(c=o.sent(),w.status=c.status,w.statusText=c.statusText,w.responseType=c.responseType,p=c.headers,"json"===c.responseType)try{w.response=JSON.parse(c.responseText)}catch(e){w.response=c.responseText}else w.response=c.responseText;return w.responseText=c.responseText,[3,17];case 16:R("error",new Event("error")),o.label=17;case 17:return[2,!0];case 18:return[2]}}))}))}b.onload=null,b.onreadystatechange=null,b.onloadend=null,b.addEventListener=function(e,t,n){var r=y.get(e);void 0===r&&(r=new Set,y.set(e,r)),r.add(t)},b.removeEventListener=function(e,t){var n=y.get(e);void 0===n&&(n=new Set,y.set(e,n)),n.delete(t)},b.open=function(e,t){(0,i.logDebugMessage)("XHRInterceptor.open called");var r=arguments;S=t;try{T="string"==typeof S&&!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(S,s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)||"string"!=typeof S&&!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(S.toString(),s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)}catch(e){if("Please provide a valid domain name"!==e.message)throw e;(0,i.logDebugMessage)("XHRInterceptor.open: Trying shouldDoInterceptionBasedOnUrl with location.origin"),T=!s.default.recipeImpl.shouldDoInterceptionBasedOnUrl(a.default.getReferenceOrThrow().windowHandler.location.getOrigin(),s.default.config.apiDomain,s.default.config.sessionTokenBackendDomain)}h((function(){m.push((function(e){e.open.apply(e,r)})),n.open.apply(n,r)}))},b.send=function(e){A(n,v=e)},b.setRequestHeader=function(e,t){var a=this;(0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: Called with ".concat(e)),T?h((function(){return n.setRequestHeader(e,t)})):"anti-csrf"!==e&&h((function(){return r(a,void 0,void 0,(function(){var r,a;return o(this,(function(o){switch(o.label){case 0:return"authorization"!==e.toLowerCase()?[3,3]:((0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: checking if user provided auth header matches local token"),[4,(0,s.getTokenForHeaderAuth)("access")]);case 1:return r=o.sent(),[4,(0,s.getTokenForHeaderAuth)("refresh")];case 2:if(a=o.sent(),void 0!==r&&void 0!==a&&t==="Bearer ".concat(r))return(0,i.logDebugMessage)("XHRInterceptor.setRequestHeader: skipping Authorization from user provided headers because it contains our access token"),[2];o.label=3;case 3:return m.push((function(n){n.setRequestHeader(e,t)})),k.push({name:e,value:t}),n.setRequestHeader(e,t),[2]}}))}))}))};var M=void 0;function x(e,n,r){var o,s=["load","loadend","readystatechange"];(0,i.logDebugMessage)("XHRInterceptor.setUpXHR called");for(var a=function(e){(0,i.logDebugMessage)("XHRInterceptor added listener for event ".concat(e)),n.addEventListener(e,(function(t){(0,i.logDebugMessage)("XHRInterceptor got event ".concat(e)),s.includes(e)||R(e,t)}))},u=0,l=c;u<l.length;u++)a(l[u]);if(n.onload=function(t){void 0===o&&(o=E(n)),o.then((function(n){n&&(e.onload&&e.onload(t),R("load",t))}))},n.onreadystatechange=function(r){n.readyState===t.DONE?(void 0===o&&(o=E(n)),o.then((function(t){t&&(e.onreadystatechange&&e.onreadystatechange(r),R("readystatechange",r))}))):(e.onreadystatechange&&e.onreadystatechange(r),R("readystatechange",r))},n.onloadend=function(t){void 0===o&&(o=E(n)),o.then((function(n){n&&(e.onloadend&&e.onloadend(t),R("loadend",t))}))},e.getAllResponseHeaders=function(){var e;return p?(e="",p.forEach((function(t,n){return e+="".concat(n,": ").concat(t,"\r\n")}))):e=n.getAllResponseHeaders(),e+"x-supertokens-xhr-intercepted: true\r\n"},e.getResponseHeader=function(e){return"x-supertokens-xhr-intercepted"===e?"true":p?p.get(e):n.getResponseHeader(e)},void 0===M)for(var d in M=[],n)d in e||M.push(d);for(var f=function(t){"function"==typeof n[t]?Object.defineProperty(e,t,{configurable:!0,value:function(){var e=arguments;return r||m.push((function(n){n[t].apply(n,e)})),n[t].apply(n,e)}}):Object.defineProperty(e,t,{configurable:!0,get:function(){return void 0!==w[t]?w[t]:n[t]},set:function(e){r||m.push((function(n){n[t]=e})),(0,i.logDebugMessage)("XHRInterceptor.set[".concat(t,"] = ").concat(e)),n[t]=e}})},g=0,h=M;g<h.length;g++)f(d=h[g])}function A(e,t){var n=this;if((0,i.logDebugMessage)("XHRInterceptor.send: called"),(0,i.logDebugMessage)("XHRInterceptor.send: Value of doNotDoInterception: "+T),T)return(0,i.logDebugMessage)("XHRInterceptor.send: Returning without interception"),void h((function(){return e.send(t)}));(0,i.logDebugMessage)("XHRInterceptor.send: Interception started"),u.ProcessState.getInstance().addState(u.PROCESS_STATE.CALLING_INTERCEPTION_REQUEST),h((function(){return r(n,void 0,void 0,(function(){var n,r;return o(this,(function(o){switch(o.label){case 0:return[4,(0,s.getLocalSessionState)(!0)];case 1:return"EXISTS"!==(I=o.sent()).status?[3,3]:[4,s.AntiCsrfToken.getToken(I.lastAccessTokenUpdate)];case 2:void 0!==(n=o.sent())&&((0,i.logDebugMessage)("XHRInterceptor.send: Adding anti-csrf token to request"),e.setRequestHeader("anti-csrf",n)),o.label=3;case 3:return s.default.config.autoAddCredentials&&((0,i.logDebugMessage)("XHRInterceptor.send: Adding credentials include"),b.withCredentials=!0),k.some((function(e){return"rid"===e.name}))?(0,i.logDebugMessage)("XHRInterceptor.send: rid header was already there in request"):((0,i.logDebugMessage)("XHRInterceptor.send: Adding rid header: anti-csrf"),e.setRequestHeader("rid","anti-csrf")),r=s.default.config.tokenTransferMethod,k.some((function(e){return"st-auth-mode"===e.name}))?(0,i.logDebugMessage)("XHRInterceptor.send: st-auth-mode header was already there in request"):((0,i.logDebugMessage)("XHRInterceptor.send: Adding st-auth-mode header: "+r),e.setRequestHeader("st-auth-mode",r)),[4,d(e,k)];case 4:return o.sent(),(0,i.logDebugMessage)("XHRInterceptor.send: Making user's http call"),[2,e.send(t)]}}))}))}))}x(b,n,!1)},XMLHttpRequest.__interceptedBySuperTokens=!0,XMLHttpRequest.__original=t}},895:function(e,t,n){var r=this&&this.__awaiter||function(e,t,n,r){return new(n||(n=Promise))((function(o,s){function i(e){try{u(r.next(e))}catch(e){s(e)}}function a(e){try{u(r.throw(e))}catch(e){s(e)}}function u(e){e.done?o(e.value):new n((function(t){t(e.value)})).then(i,a)}u((r=r.apply(e,t||[])).next())}))},o=this&&this.__generator||function(e,t){var n,r,o,s,i={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return s={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function a(s){return function(a){return function(s){if(n)throw new TypeError("Generator is already executing.");for(;i;)try{if(n=1,r&&(o=2&s[0]?r.return:s[0]?r.throw||((o=r.return)&&o.call(r),0):r.next)&&!(o=o.call(r,s[1])).done)return o;switch(r=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return i.label++,{value:s[1],done:!1};case 5:i.label++,r=s[1],s=[0];continue;case 7:s=i.ops.pop(),i.trys.pop();continue;default:if(!((o=(o=i.trys).length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){i=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){i.label=s[1];break}if(6===s[0]&&i.label<o[1]){i.label=o[1],o=s;break}if(o&&i.label<o[2]){i.label=o[2],i.ops.push(s);break}o[2]&&i.ops.pop(),i.trys.pop();continue}s=t.call(e,i)}catch(e){s=[6,e],r=0}finally{n=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,a])}}},s=this;Object.defineProperty(t,"__esModule",{value:!0});var i=n(142),a="browser-tabs-lock-key",u={key:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},getItem:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},clear:function(){return r(s,void 0,void 0,(function(){return o(this,(function(e){return[2,window.localStorage.clear()]}))}))},removeItem:function(e){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},setItem:function(e,t){return r(s,void 0,void 0,(function(){return o(this,(function(e){throw new Error("Unsupported")}))}))},keySync:function(e){return window.localStorage.key(e)},getItemSync:function(e){return window.localStorage.getItem(e)},clearSync:function(){return window.localStorage.clear()},removeItemSync:function(e){return window.localStorage.removeItem(e)},setItemSync:function(e,t){return window.localStorage.setItem(e,t)}};function c(e){return new Promise((function(t){return setTimeout(t,e)}))}function l(e){for(var t="0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz",n="",r=0;r<e;r++)n+=t[Math.floor(Math.random()*t.length)];return n}var d=function(){function e(t){this.acquiredIatSet=new Set,this.storageHandler=void 0,this.id=Date.now().toString()+l(15),this.acquireLock=this.acquireLock.bind(this),this.releaseLock=this.releaseLock.bind(this),this.releaseLock__private__=this.releaseLock__private__.bind(this),this.waitForSomethingToChange=this.waitForSomethingToChange.bind(this),this.refreshLockWhileAcquired=this.refreshLockWhileAcquired.bind(this),this.storageHandler=t,void 0===e.waiters&&(e.waiters=[])}return e.prototype.acquireLock=function(t,n){return void 0===n&&(n=5e3),r(this,void 0,void 0,(function(){var r,s,i,d,f,g,h;return o(this,(function(o){switch(o.label){case 0:r=Date.now()+l(4),s=Date.now()+n,i=a+"-"+t,d=void 0===this.storageHandler?u:this.storageHandler,o.label=1;case 1:return Date.now()<s?[4,c(30)]:[3,8];case 2:return o.sent(),null!==d.getItemSync(i)?[3,5]:(f=this.id+"-"+t+"-"+r,[4,c(Math.floor(25*Math.random()))]);case 3:return o.sent(),d.setItemSync(i,JSON.stringify({id:this.id,iat:r,timeoutKey:f,timeAcquired:Date.now(),timeRefreshed:Date.now()})),[4,c(30)];case 4:return o.sent(),null!==(g=d.getItemSync(i))&&(h=JSON.parse(g)).id===this.id&&h.iat===r?(this.acquiredIatSet.add(r),this.refreshLockWhileAcquired(i,r),[2,!0]):[3,7];case 5:return e.lockCorrector(void 0===this.storageHandler?u:this.storageHandler),[4,this.waitForSomethingToChange(s)];case 6:o.sent(),o.label=7;case 7:return r=Date.now()+l(4),[3,1];case 8:return[2,!1]}}))}))},e.prototype.refreshLockWhileAcquired=function(e,t){return r(this,void 0,void 0,(function(){var n=this;return o(this,(function(s){return setTimeout((function(){return r(n,void 0,void 0,(function(){var n,r,s;return o(this,(function(o){switch(o.label){case 0:return[4,i.default().lock(t)];case 1:return o.sent(),this.acquiredIatSet.has(t)?(n=void 0===this.storageHandler?u:this.storageHandler,null===(r=n.getItemSync(e))?(i.default().unlock(t),[2]):((s=JSON.parse(r)).timeRefreshed=Date.now(),n.setItemSync(e,JSON.stringify(s)),i.default().unlock(t),this.refreshLockWhileAcquired(e,t),[2])):(i.default().unlock(t),[2])}}))}))}),1e3),[2]}))}))},e.prototype.waitForSomethingToChange=function(t){return r(this,void 0,void 0,(function(){return o(this,(function(n){switch(n.label){case 0:return[4,new Promise((function(n){var r=!1,o=Date.now(),s=!1;function i(){if(s||(window.removeEventListener("storage",i),e.removeFromWaiting(i),clearTimeout(a),s=!0),!r){r=!0;var t=50-(Date.now()-o);t>0?setTimeout(n,t):n(null)}}window.addEventListener("storage",i),e.addToWaiting(i);var a=setTimeout(i,Math.max(0,t-Date.now()))}))];case 1:return n.sent(),[2]}}))}))},e.addToWaiting=function(t){this.removeFromWaiting(t),void 0!==e.waiters&&e.waiters.push(t)},e.removeFromWaiting=function(t){void 0!==e.waiters&&(e.waiters=e.waiters.filter((function(e){return e!==t})))},e.notifyWaiters=function(){void 0!==e.waiters&&e.waiters.slice().forEach((function(e){return e()}))},e.prototype.releaseLock=function(e){return r(this,void 0,void 0,(function(){return o(this,(function(t){switch(t.label){case 0:return[4,this.releaseLock__private__(e)];case 1:return[2,t.sent()]}}))}))},e.prototype.releaseLock__private__=function(t){return r(this,void 0,void 0,(function(){var n,r,s,c;return o(this,(function(o){switch(o.label){case 0:return n=void 0===this.storageHandler?u:this.storageHandler,r=a+"-"+t,null===(s=n.getItemSync(r))?[2]:(c=JSON.parse(s)).id!==this.id?[3,2]:[4,i.default().lock(c.iat)];case 1:o.sent(),this.acquiredIatSet.delete(c.iat),n.removeItemSync(r),i.default().unlock(c.iat),e.notifyWaiters(),o.label=2;case 2:return[2]}}))}))},e.lockCorrector=function(t){for(var n=Date.now()-5e3,r=t,o=[],s=0;;){var i=r.keySync(s);if(null===i)break;o.push(i),s++}for(var u=!1,c=0;c<o.length;c++){var l=o[c];if(l.includes(a)){var d=r.getItemSync(l);if(null!==d){var f=JSON.parse(d);(void 0===f.timeRefreshed&&f.timeAcquired<n||void 0!==f.timeRefreshed&&f.timeRefreshed<n)&&(r.removeItemSync(l),u=!0)}}}u&&e.notifyWaiters()},e.waiters=void 0,e}();t.default=d},142:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});var n=function(){function e(){var e=this;this.locked=new Map,this.addToLocked=function(t,n){var r=e.locked.get(t);void 0===r?void 0===n?e.locked.set(t,[]):e.locked.set(t,[n]):void 0!==n&&(r.unshift(n),e.locked.set(t,r))},this.isLocked=function(t){return e.locked.has(t)},this.lock=function(t){return new Promise((function(n,r){e.isLocked(t)?e.addToLocked(t,n):(e.addToLocked(t),n())}))},this.unlock=function(t){var n=e.locked.get(t);if(void 0!==n&&0!==n.length){var r=n.pop();e.locked.set(t,n),void 0!==r&&setTimeout(r,0)}else e.locked.delete(t)}}return e.getInstance=function(){return void 0===e.instance&&(e.instance=new e),e.instance},e}();t.default=function(){return n.getInstance()}},225:function(e,t){var n=this&&this.__assign||function(){return n=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},n.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.getProxyObject=void 0,t.getProxyObject=function(e){for(var t=n(n({},e),{_call:function(e,t){throw new Error("This function should only be called through the recipe object")}}),r=function(e){"_call"!==e&&(t[e]=function(){for(var t=[],n=0;n<arguments.length;n++)t[n]=arguments[n];return this._call(e,t)})},o=0,s=Object.keys(t);o<s.length;o++)r(s[o]);return t}},333:(e,t,n)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OverrideableBuilder=void 0;var r=n(225),o=function(){function e(e){this.layers=[e],this.proxies=[]}return e.prototype.override=function(e){for(var t=(0,r.getProxyObject)(this.layers[0]),n=e(t,this),o=0,s=Object.keys(this.layers[0]);o<s.length;o++){var i=s[o];n[i]===t[i]||"_call"===i?delete n[i]:void 0===n[i]&&(n[i]=null)}return this.layers.push(n),this.proxies.push(t),this},e.prototype.build=function(){var e=this;if(this.result)return this.result;this.result={};for(var t=0,n=this.layers;t<n.length;t++)for(var r=n[t],o=0,s=Object.keys(r);o<s.length;o++){var i=s[o],a=r[i];void 0!==a&&(this.result[i]=null===a?void 0:"function"==typeof a?a.bind(this.result):a)}for(var u=function(t){c.proxies[t]._call=function(n,r){for(var o=t;o>=0;--o){var s=e.layers[o][n];if(null!=s)return s.bind(e.result).apply(void 0,r)}}},c=this,l=0;l<this.proxies.length;++l)u(l);return this.result},e}();t.OverrideableBuilder=o,t.default=o}},t={};function n(r){var o=t[r];if(void 0!==o)return o.exports;var s=t[r]={exports:{}};return e[r].call(s.exports,s,s.exports,n),s.exports}n.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}();var r=n(280);supertokens=r})();
\ No newline at end of file
diff --git a/lib/build/axios.js b/lib/build/axios.js
index 2660a368..58d8102b 100644
--- a/lib/build/axios.js
+++ b/lib/build/axios.js
@@ -271,7 +271,7 @@ function responseInterceptor(axiosInstance) {
     var _this = this;
     return function (response) {
         return __awaiter(_this, void 0, void 0, function () {
-            var doNotDoInterception, url, preRequestLSS, config, _a;
+            var doNotDoInterception, url, preRequestLSS, frontToken, responseHeaders_1, config, _a;
             return __generator(this, function (_b) {
                 switch (_b.label) {
                     case 0:
@@ -330,6 +330,19 @@ function responseInterceptor(axiosInstance) {
                         return [4 /*yield*/, saveTokensFromHeaders(response)];
                     case 3:
                         _b.sent();
+                        frontToken = response.headers["front-token"];
+                        responseHeaders_1 = new Headers();
+                        Object.entries(response.headers).forEach(function (_a) {
+                            var key = _a[0],
+                                value = _a[1];
+                            Array.isArray(value)
+                                ? value.forEach(function (item) {
+                                      return responseHeaders_1.append(key, item);
+                                  })
+                                : responseHeaders_1.append(key, value);
+                        });
+                        (0,
+                        fetch_1.updateClockSkewUsingFrontToken)({ frontToken: frontToken, responseHeaders: responseHeaders_1 });
                         (0,
                         fetch_1.fireSessionUpdateEventsIfNecessary)(preRequestLSS.status === "EXISTS", response.status, response.headers["front-token"]);
                         if (!(response.status === fetch_1.default.config.sessionExpiredStatusCode))
diff --git a/lib/build/fetch.d.ts b/lib/build/fetch.d.ts
index 207fe36c..b61df155 100644
--- a/lib/build/fetch.d.ts
+++ b/lib/build/fetch.d.ts
@@ -65,13 +65,13 @@ export declare function getFrontToken(): Promise<string | null>;
 export declare function setFrontToken(frontToken: string | undefined): Promise<void>;
 export declare function fireSessionUpdateEventsIfNecessary(wasLoggedIn: boolean, status: number, frontTokenHeaderFromResponse: string | null | undefined): void;
 /**
- * Updates the client clock deviation based on the provided frontToken and round-trip time.
+ * Updates the clock skew based on the provided frontToken and theround-trip time.
  *
- * @param {Object} params - The parameters for updating the client clock deviation.
+ * @param {Object} params - The parameters for updating the clock skew.
  * @param {string | null} params.frontToken - The frontToken containing issued timestamp.
- * @param {number} params.roundTripTime - The round-trip time between the client and server.
+ * @param {string | null} params.responseHeaders - The headers for the response that returned the frontToken.
  */
-export declare const updateClientClockUsingFrontToken: ({ frontToken, roundTripTime }: {
+export declare const updateClockSkewUsingFrontToken: ({ frontToken, responseHeaders }: {
     frontToken: string | null;
-    roundTripTime: number;
+    responseHeaders: Headers;
 }) => void;
diff --git a/lib/build/fetch.js b/lib/build/fetch.js
index 895b6458..03641752 100644
--- a/lib/build/fetch.js
+++ b/lib/build/fetch.js
@@ -145,7 +145,7 @@ var __generator =
         }
     };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.updateClientClockUsingFrontToken =
+exports.updateClockSkewUsingFrontToken =
     exports.fireSessionUpdateEventsIfNecessary =
     exports.setFrontToken =
     exports.getFrontToken =
@@ -181,6 +181,7 @@ var cookieHandler_1 = require("./utils/cookieHandler");
 var windowHandler_1 = require("./utils/windowHandler");
 var lockFactory_1 = require("./utils/lockFactory");
 var logger_1 = require("./logger");
+var dateProvider_1 = require("./utils/dateProvider");
 var AntiCsrfToken = /** @class */ (function () {
     function AntiCsrfToken() {}
     AntiCsrfToken.getToken = function (associatedAccessTokenUpdate) {
@@ -453,9 +454,7 @@ var AuthHttpRequest = /** @class */ (function () {
                 configWithAntiCsrf,
                 antiCsrfToken,
                 transferMethod,
-                clientTimeBeforeRequest,
                 response,
-                clientTimeAfterRequest,
                 frontToken,
                 retry,
                 postRequestIdToken;
@@ -583,20 +582,16 @@ var AuthHttpRequest = /** @class */ (function () {
                     case 11:
                         _b.sent();
                         (0, logger_1.logDebugMessage)("doRequest: Making user's http call");
-                        clientTimeBeforeRequest = Date.now();
                         return [4 /*yield*/, httpCall(configWithAntiCsrf)];
                     case 12:
                         response = _b.sent();
-                        clientTimeAfterRequest = Date.now();
                         (0, logger_1.logDebugMessage)("doRequest: User's http call ended");
                         return [4 /*yield*/, saveTokensFromHeaders(response)];
                     case 13:
                         _b.sent();
                         frontToken = response.headers.get("front-token");
-                        (0, exports.updateClientClockUsingFrontToken)({
-                            frontToken: frontToken,
-                            roundTripTime: clientTimeAfterRequest - clientTimeBeforeRequest
-                        });
+                        (0,
+                        exports.updateClockSkewUsingFrontToken)({ frontToken: frontToken, responseHeaders: response.headers });
                         fireSessionUpdateEventsIfNecessary(
                             preRequestLSS.status === "EXISTS",
                             response.status,
@@ -1425,35 +1420,29 @@ function fireSessionUpdateEventsIfNecessary(wasLoggedIn, status, frontTokenHeade
 }
 exports.fireSessionUpdateEventsIfNecessary = fireSessionUpdateEventsIfNecessary;
 /**
- * Updates the client clock deviation based on the provided frontToken and round-trip time.
+ * Updates the clock skew based on the provided frontToken and theround-trip time.
  *
- * @param {Object} params - The parameters for updating the client clock deviation.
+ * @param {Object} params - The parameters for updating the clock skew.
  * @param {string | null} params.frontToken - The frontToken containing issued timestamp.
- * @param {number} params.roundTripTime - The round-trip time between the client and server.
+ * @param {string | null} params.responseHeaders - The headers for the response that returned the frontToken.
  */
-var updateClientClockUsingFrontToken = function (_b) {
-    var _c;
+var updateClockSkewUsingFrontToken = function (_b) {
     var frontToken = _b.frontToken,
-        roundTripTime = _b.roundTripTime;
-    (0, logger_1.logDebugMessage)(
-        "updateClientClockUsingFrontToken: frontToken: " + frontToken + " roundTripTime: " + roundTripTime
-    );
+        responseHeaders = _b.responseHeaders;
+    (0, logger_1.logDebugMessage)("updateClockSkewUsingFrontToken: frontToken: " + frontToken);
     if (frontToken === null || frontToken === "remove") {
         (0, logger_1.logDebugMessage)(
-            "updateClientClockUsingFrontToken: frontToken is either null or is being removed, skipping update"
+            "updateClockSkewUsingFrontToken: frontToken is either null or is being removed, skipping update"
         );
         return;
     }
-    var tokenIssuedAt = (_c = parseFrontToken(frontToken).up) === null || _c === void 0 ? void 0 : _c.iat;
-    if (tokenIssuedAt === undefined || typeof tokenIssuedAt !== "number") {
-        (0, logger_1.logDebugMessage)(
-            "updateClientClockUsingFrontToken: FrontToken iat is undefined or not a number, skipping update"
-        );
-        return;
-    }
-    var estimatedServerTimeNow = tokenIssuedAt * 1000 + Math.floor(roundTripTime / 2);
-    var clientClockDeviationInMillis = estimatedServerTimeNow - Date.now();
-    AuthHttpRequest.recipeImpl.updateClientClockDeviation(clientClockDeviationInMillis);
-    (0, logger_1.logDebugMessage)("updateClientClockUsingFrontToken: Client clock synchronized successfully");
+    var frontTokenPayload = parseFrontToken(frontToken);
+    var clockSkewInMillis = AuthHttpRequest.recipeImpl.getClockSkewInMillis({
+        accessTokenPayload: frontTokenPayload.up,
+        responseHeaders: responseHeaders
+    });
+    console.log("clockSkewInMillis", clockSkewInMillis);
+    dateProvider_1.default.getReferenceOrThrow().dateProvider.setClientClockSkewInMillis(clockSkewInMillis);
+    (0, logger_1.logDebugMessage)("updateClockSkewUsingFrontToken: Client clock synchronized successfully");
 };
-exports.updateClientClockUsingFrontToken = updateClientClockUsingFrontToken;
+exports.updateClockSkewUsingFrontToken = updateClockSkewUsingFrontToken;
diff --git a/lib/build/index.js b/lib/build/index.js
index ca4fae76..dce13146 100644
--- a/lib/build/index.js
+++ b/lib/build/index.js
@@ -169,11 +169,13 @@ var windowHandler_1 = require("./utils/windowHandler");
 var lockFactory_1 = require("./utils/lockFactory");
 var sessionClaimValidatorStore_1 = require("./utils/sessionClaimValidatorStore");
 var logger_1 = require("./logger");
+var dateProvider_1 = require("./utils/dateProvider");
 var AuthHttpRequest = /** @class */ (function () {
     function AuthHttpRequest() {}
     AuthHttpRequest.init = function (options) {
         cookieHandler_1.default.init(options.cookieHandler);
         windowHandler_1.default.init(options.windowHandler);
+        dateProvider_1.default.init(options.dateProvider);
         lockFactory_1.default.init(
             options.lockFactory,
             windowHandler_1.default.getReferenceOrThrow().windowHandler.localStorage
diff --git a/lib/build/recipeImplementation.js b/lib/build/recipeImplementation.js
index a0e04708..635e95d9 100644
--- a/lib/build/recipeImplementation.js
+++ b/lib/build/recipeImplementation.js
@@ -152,7 +152,6 @@ var logger_1 = require("./logger");
 var error_1 = require("./error");
 var xmlhttprequest_1 = require("./xmlhttprequest");
 var utils_1 = require("./utils");
-var dateProvider_1 = require("./utils/dateProvider");
 function RecipeImplementation(recipeImplInput) {
     return {
         addXMLHttpRequestInterceptor: function (_) {
@@ -537,13 +536,21 @@ function RecipeImplementation(recipeImplInput) {
                 }
             }
         },
-        updateClientClockDeviation: function (clientClockDeviationInMillis) {
-            (0, logger_1.logDebugMessage)(
-                "updateClientClockDeviation: clientClockDeviationInMillis: " + clientClockDeviationInMillis
-            );
-            dateProvider_1.default
-                .getReferenceOrThrow()
-                .dateProvider.setClientClockDeviationInMillis(clientClockDeviationInMillis);
+        getClockSkewInMillis: function (_a) {
+            var accessTokenPayload = _a.accessTokenPayload;
+            (0, logger_1.logDebugMessage)("getClockSkewInMillis: called");
+            var tokenIssuedAt =
+                accessTokenPayload === null || accessTokenPayload === void 0 ? void 0 : accessTokenPayload.iat;
+            if (tokenIssuedAt === undefined || typeof tokenIssuedAt !== "number") {
+                (0, logger_1.logDebugMessage)(
+                    "getClockSkewInMillis: payload iat is undefined or not a number, returning 0"
+                );
+                return 0;
+            }
+            var estimatedServerTimeNow = tokenIssuedAt * 1000;
+            var clockSkewInMillis = estimatedServerTimeNow - Date.now();
+            (0, logger_1.logDebugMessage)("getClockSkewInMillis: returning " + clockSkewInMillis);
+            return clockSkewInMillis;
         }
     };
 }
diff --git a/lib/build/types.d.ts b/lib/build/types.d.ts
index 3e4e5e7c..2ebf3eab 100644
--- a/lib/build/types.d.ts
+++ b/lib/build/types.d.ts
@@ -2,6 +2,7 @@ import OverrideableBuilder from "supertokens-js-override";
 import { CookieHandlerInput } from "./utils/cookieHandler/types";
 import { WindowHandlerInput } from "./utils/windowHandler/types";
 import { LockFactory } from "./utils/lockFactory/types";
+import { DateProviderInput } from "./utils/dateProvider/types";
 export declare type Event = {
     action: "SIGN_OUT" | "REFRESH_SESSION" | "SESSION_CREATED" | "ACCESS_TOKEN_PAYLOAD_UPDATED";
     userContext: any;
@@ -35,6 +36,7 @@ export declare type InputType = {
     sessionTokenBackendDomain?: string;
     cookieHandler?: CookieHandlerInput;
     windowHandler?: WindowHandlerInput;
+    dateProvider?: DateProviderInput;
     preAPIHook?: RecipePreAPIHookFunction;
     postAPIHook?: RecipePostAPIHookFunction;
     onHandleEvent?: EventHandler;
@@ -123,7 +125,10 @@ export declare type RecipeInterface = {
         userContext: any;
     }): SessionClaimValidator[];
     shouldDoInterceptionBasedOnUrl(toCheckUrl: string, apiDomain: string, sessionTokenBackendDomain: string | undefined): boolean;
-    updateClientClockDeviation(clientClockDeviationInMillis: number): void;
+    getClockSkewInMillis(params: {
+        accessTokenPayload: any;
+        responseHeaders: Headers;
+    }): number;
 };
 export declare type ClaimValidationResult = {
     isValid: true;
diff --git a/lib/build/utils/dateProvider/defaultImplementation.d.ts b/lib/build/utils/dateProvider/defaultImplementation.d.ts
index 7437f1ef..856d4b65 100644
--- a/lib/build/utils/dateProvider/defaultImplementation.d.ts
+++ b/lib/build/utils/dateProvider/defaultImplementation.d.ts
@@ -1,7 +1,7 @@
 declare class DateProvider {
-    private clientClockDeviationInMillis;
-    setClientClockDeviationInMillis(deviation: number): void;
-    getClientClockDeviationInMills(): number;
+    private static readonly CLOCK_SKEW_KEY;
+    setClientClockSkewInMillis(clockSkewInMillis: number): void;
+    getClientClockSkewInMillis(): number;
     now(): number;
 }
 export declare const defaultDateProviderImplementation: DateProvider;
diff --git a/lib/build/utils/dateProvider/defaultImplementation.js b/lib/build/utils/dateProvider/defaultImplementation.js
index a49f9a50..ff531fda 100644
--- a/lib/build/utils/dateProvider/defaultImplementation.js
+++ b/lib/build/utils/dateProvider/defaultImplementation.js
@@ -15,19 +15,23 @@
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.defaultDateProviderImplementation = void 0;
+var windowHandler_1 = require("../windowHandler");
+// To avoid potential issues with initializing clockSkewInMillis as a class variable in the constructor due to WindowHandlerReference not being initialized at DateProvider instance creation,
+// we read from localStorage each time `getClientClockSkewInMillis` is called.
 var DateProvider = /** @class */ (function () {
-    function DateProvider() {
-        this.clientClockDeviationInMillis = 0;
-    }
-    DateProvider.prototype.setClientClockDeviationInMillis = function (deviation) {
-        this.clientClockDeviationInMillis = deviation;
+    function DateProvider() {}
+    DateProvider.prototype.setClientClockSkewInMillis = function (clockSkewInMillis) {
+        var localStorage = windowHandler_1.default.getReferenceOrThrow().windowHandler.localStorage;
+        localStorage.setItemSync(DateProvider.CLOCK_SKEW_KEY, String(clockSkewInMillis));
     };
-    DateProvider.prototype.getClientClockDeviationInMills = function () {
-        return this.clientClockDeviationInMillis;
+    DateProvider.prototype.getClientClockSkewInMillis = function () {
+        var localStorage = windowHandler_1.default.getReferenceOrThrow().windowHandler.localStorage;
+        return parseInt(localStorage.getItemSync(DateProvider.CLOCK_SKEW_KEY) || "0", 10);
     };
     DateProvider.prototype.now = function () {
-        return Date.now() + this.clientClockDeviationInMillis;
+        return Date.now() + this.getClientClockSkewInMillis();
     };
+    DateProvider.CLOCK_SKEW_KEY = "__st_clockSkewInMillis";
     return DateProvider;
 })();
 exports.defaultDateProviderImplementation = new DateProvider();
diff --git a/lib/build/utils/dateProvider/index.d.ts b/lib/build/utils/dateProvider/index.d.ts
index b6b4a456..508c99bc 100644
--- a/lib/build/utils/dateProvider/index.d.ts
+++ b/lib/build/utils/dateProvider/index.d.ts
@@ -2,7 +2,7 @@ import { DateProviderInterface, DateProviderInput } from "./types";
 /**
  * A utility class for managing a reference to a DateProviderInterface, allowing customization of time-related operations.
  * This class is designed to address clock skew issues between the server and client by providing a consistent mechanism
- * for obtaining current time with the serverClockDeviation.
+ * for obtaining current time adjusted for clock skew.
  *
  * @class DateProviderReference
  */
diff --git a/lib/build/utils/dateProvider/index.js b/lib/build/utils/dateProvider/index.js
index e3f9e863..6e8464c6 100644
--- a/lib/build/utils/dateProvider/index.js
+++ b/lib/build/utils/dateProvider/index.js
@@ -19,7 +19,7 @@ var defaultImplementation_1 = require("./defaultImplementation");
 /**
  * A utility class for managing a reference to a DateProviderInterface, allowing customization of time-related operations.
  * This class is designed to address clock skew issues between the server and client by providing a consistent mechanism
- * for obtaining current time with the serverClockDeviation.
+ * for obtaining current time adjusted for clock skew.
  *
  * @class DateProviderReference
  */
diff --git a/lib/build/utils/dateProvider/types.d.ts b/lib/build/utils/dateProvider/types.d.ts
index 0dfc8c82..9f3f8beb 100644
--- a/lib/build/utils/dateProvider/types.d.ts
+++ b/lib/build/utils/dateProvider/types.d.ts
@@ -1,6 +1,6 @@
 export interface DateProviderInterface {
     now(): number;
-    setClientClockDeviationInMillis(deviation: number): void;
-    getClientClockDeviationInMills(): number;
+    setClientClockSkewInMillis(clockSkewInMillis: number): void;
+    getClientClockSkewInMillis(): number;
 }
 export declare type DateProviderInput = (original: DateProviderInterface) => DateProviderInterface;
diff --git a/lib/build/version.d.ts b/lib/build/version.d.ts
index c5ac7b3f..3e21a6ea 100644
--- a/lib/build/version.d.ts
+++ b/lib/build/version.d.ts
@@ -1,2 +1,2 @@
-export declare const package_version = "17.0.5";
+export declare const package_version = "17.0.6";
 export declare const supported_fdi: string[];
diff --git a/lib/build/version.js b/lib/build/version.js
index 503d8d9d..f915305c 100644
--- a/lib/build/version.js
+++ b/lib/build/version.js
@@ -15,5 +15,5 @@ exports.supported_fdi = exports.package_version = void 0;
  * License for the specific language governing permissions and limitations
  * under the License.
  */
-exports.package_version = "17.0.5";
+exports.package_version = "17.0.6";
 exports.supported_fdi = ["1.16", "1.17", "1.18"];
diff --git a/lib/build/xmlhttprequest.js b/lib/build/xmlhttprequest.js
index 563b4b7b..52cce50b 100644
--- a/lib/build/xmlhttprequest.js
+++ b/lib/build/xmlhttprequest.js
@@ -263,7 +263,7 @@ function addInterceptorsToXMLHttpRequest() {
         }
         function handleResponse(xhr) {
             return __awaiter(this, void 0, void 0, function () {
-                var status_1, headers, err_1, resp;
+                var status_1, headers, frontToken, err_1, resp;
                 return __generator(this, function (_a) {
                     switch (_a.label) {
                         case 0:
@@ -288,8 +288,11 @@ function addInterceptorsToXMLHttpRequest() {
                             return [4 /*yield*/, saveTokensFromHeaders(headers)];
                         case 3:
                             _a.sent();
+                            frontToken = headers.get("front-token");
                             (0,
-                            fetch_1.fireSessionUpdateEventsIfNecessary)(preRequestLSS.status === "EXISTS", status_1, headers.get("front-token"));
+                            fetch_1.updateClockSkewUsingFrontToken)({ frontToken: frontToken, responseHeaders: headers });
+                            (0,
+                            fetch_1.fireSessionUpdateEventsIfNecessary)(preRequestLSS.status === "EXISTS", status_1, frontToken);
                             if (!(status_1 === fetch_1.default.config.sessionExpiredStatusCode))
                                 return [3 /*break*/, 5];
                             (0, logger_1.logDebugMessage)("responseInterceptor: Status code is: " + status_1);
diff --git a/lib/ts/axios.ts b/lib/ts/axios.ts
index 3771c2d0..09ad73b5 100644
--- a/lib/ts/axios.ts
+++ b/lib/ts/axios.ts
@@ -23,7 +23,8 @@ import AuthHttpRequestFetch, {
     onInvalidClaimResponse,
     setToken,
     fireSessionUpdateEventsIfNecessary,
-    getTokenForHeaderAuth
+    getTokenForHeaderAuth,
+    updateClockSkewUsingFrontToken
 } from "./fetch";
 import { PROCESS_STATE, ProcessState } from "./processState";
 import WindowHandlerReference from "./utils/windowHandler";
@@ -188,6 +189,18 @@ export function responseInterceptor(axiosInstance: any) {
             const preRequestLSS = await getLocalSessionState(false);
             await saveTokensFromHeaders(response);
 
+            const frontToken = response.headers["front-token"];
+
+            // Converting axios headers to fetch headers to pass to updateClockSkewUsingFrontToken
+            const responseHeaders = new Headers();
+            Object.entries(response.headers).forEach(([key, value]) => {
+                Array.isArray(value)
+                    ? value.forEach(item => responseHeaders.append(key, item))
+                    : responseHeaders.append(key, value);
+            });
+
+            updateClockSkewUsingFrontToken({ frontToken, responseHeaders });
+
             fireSessionUpdateEventsIfNecessary(
                 preRequestLSS.status === "EXISTS",
                 response.status,
diff --git a/lib/ts/fetch.ts b/lib/ts/fetch.ts
index a103c9d2..3eaa88f5 100644
--- a/lib/ts/fetch.ts
+++ b/lib/ts/fetch.ts
@@ -19,6 +19,7 @@ import CookieHandlerReference from "./utils/cookieHandler";
 import WindowHandlerReference from "./utils/windowHandler";
 import LockFactoryReference from "./utils/lockFactory";
 import { logDebugMessage } from "./logger";
+import DateProviderReference from "./utils/dateProvider";
 
 export class AntiCsrfToken {
     private static tokenInfo:
@@ -327,19 +328,14 @@ export default class AuthHttpRequest {
                 await setAuthorizationHeaderIfRequired(clonedHeaders);
 
                 logDebugMessage("doRequest: Making user's http call");
-                const clientTimeBeforeRequest = Date.now();
                 let response = await httpCall(configWithAntiCsrf);
-                const clientTimeAfterRequest = Date.now();
                 logDebugMessage("doRequest: User's http call ended");
 
                 await saveTokensFromHeaders(response);
 
                 const frontToken = response.headers.get("front-token");
 
-                updateClientClockUsingFrontToken({
-                    frontToken,
-                    roundTripTime: clientTimeAfterRequest - clientTimeBeforeRequest
-                });
+                updateClockSkewUsingFrontToken({ frontToken, responseHeaders: response.headers });
 
                 fireSessionUpdateEventsIfNecessary(preRequestLSS.status === "EXISTS", response.status, frontToken);
 
@@ -933,41 +929,36 @@ export function fireSessionUpdateEventsIfNecessary(
 }
 
 /**
- * Updates the client clock deviation based on the provided frontToken and round-trip time.
+ * Updates the clock skew based on the provided frontToken and theround-trip time.
  *
- * @param {Object} params - The parameters for updating the client clock deviation.
+ * @param {Object} params - The parameters for updating the clock skew.
  * @param {string | null} params.frontToken - The frontToken containing issued timestamp.
- * @param {number} params.roundTripTime - The round-trip time between the client and server.
+ * @param {string | null} params.responseHeaders - The headers for the response that returned the frontToken.
  */
-export const updateClientClockUsingFrontToken = ({
+export const updateClockSkewUsingFrontToken = ({
     frontToken,
-    roundTripTime
+    responseHeaders
 }: {
     frontToken: string | null;
-    roundTripTime: number;
+    responseHeaders: Headers;
 }): void => {
-    logDebugMessage("updateClientClockUsingFrontToken: frontToken: " + frontToken + " roundTripTime: " + roundTripTime);
+    logDebugMessage("updateClockSkewUsingFrontToken: frontToken: " + frontToken);
 
     if (frontToken === null || frontToken === "remove") {
         logDebugMessage(
-            "updateClientClockUsingFrontToken: frontToken is either null or is being removed, skipping update"
-        );
-        return;
-    }
-
-    const tokenIssuedAt = parseFrontToken(frontToken).up?.iat;
-
-    if (tokenIssuedAt === undefined || typeof tokenIssuedAt !== "number") {
-        logDebugMessage(
-            "updateClientClockUsingFrontToken: FrontToken iat is undefined or not a number, skipping update"
+            "updateClockSkewUsingFrontToken: frontToken is either null or is being removed, skipping update"
         );
         return;
     }
 
-    const estimatedServerTimeNow = tokenIssuedAt * 1000 + Math.floor(roundTripTime / 2);
-    const clientClockDeviationInMillis = estimatedServerTimeNow - Date.now();
+    const frontTokenPayload = parseFrontToken(frontToken);
+    const clockSkewInMillis = AuthHttpRequest.recipeImpl.getClockSkewInMillis({
+        accessTokenPayload: frontTokenPayload.up,
+        responseHeaders
+    });
 
-    AuthHttpRequest.recipeImpl.updateClientClockDeviation(clientClockDeviationInMillis);
+    console.log("clockSkewInMillis", clockSkewInMillis);
+    DateProviderReference.getReferenceOrThrow().dateProvider.setClientClockSkewInMillis(clockSkewInMillis);
 
-    logDebugMessage("updateClientClockUsingFrontToken: Client clock synchronized successfully");
+    logDebugMessage("updateClockSkewUsingFrontToken: Client clock synchronized successfully");
 };
diff --git a/lib/ts/index.ts b/lib/ts/index.ts
index 680d7425..4fd651c9 100644
--- a/lib/ts/index.ts
+++ b/lib/ts/index.ts
@@ -23,6 +23,7 @@ import WindowHandlerReference from "./utils/windowHandler";
 import LockFactoryReference from "./utils/lockFactory";
 import { SessionClaimValidatorStore } from "./utils/sessionClaimValidatorStore";
 import { enableLogging } from "./logger";
+import DateProviderReference from "./utils/dateProvider";
 
 export default class AuthHttpRequest {
     private static axiosInterceptorQueue: (() => void)[] = [];
@@ -30,6 +31,7 @@ export default class AuthHttpRequest {
     static init(options: InputType) {
         CookieHandlerReference.init(options.cookieHandler);
         WindowHandlerReference.init(options.windowHandler);
+        DateProviderReference.init(options.dateProvider);
         LockFactoryReference.init(
             options.lockFactory,
             WindowHandlerReference.getReferenceOrThrow().windowHandler.localStorage
diff --git a/lib/ts/recipeImplementation.ts b/lib/ts/recipeImplementation.ts
index 42281ba3..2990aceb 100644
--- a/lib/ts/recipeImplementation.ts
+++ b/lib/ts/recipeImplementation.ts
@@ -14,7 +14,6 @@ import { logDebugMessage } from "./logger";
 import { STGeneralError } from "./error";
 import { addInterceptorsToXMLHttpRequest } from "./xmlhttprequest";
 import { normaliseSessionScopeOrThrowError, normaliseURLDomainOrThrowError } from "./utils";
-import DateProviderReference from "./utils/dateProvider";
 
 export default function RecipeImplementation(recipeImplInput: {
     preAPIHook: RecipePreAPIHookFunction;
@@ -311,14 +310,25 @@ export default function RecipeImplementation(recipeImplInput: {
             }
         },
 
-        updateClientClockDeviation: function (clientClockDeviationInMillis: number): void {
-            logDebugMessage(
-                "updateClientClockDeviation: clientClockDeviationInMillis: " + clientClockDeviationInMillis
-            );
+        getClockSkewInMillis: function ({
+            accessTokenPayload
+        }: {
+            accessTokenPayload: any;
+            responseHeaders: Headers;
+        }): number {
+            logDebugMessage("getClockSkewInMillis: called");
 
-            DateProviderReference.getReferenceOrThrow().dateProvider.setClientClockDeviationInMillis(
-                clientClockDeviationInMillis
-            );
+            const tokenIssuedAt = accessTokenPayload?.iat;
+            if (tokenIssuedAt === undefined || typeof tokenIssuedAt !== "number") {
+                logDebugMessage("getClockSkewInMillis: payload iat is undefined or not a number, returning 0");
+                return 0;
+            }
+
+            const estimatedServerTimeNow = tokenIssuedAt * 1000;
+            const clockSkewInMillis = estimatedServerTimeNow - Date.now();
+            logDebugMessage("getClockSkewInMillis: returning " + clockSkewInMillis);
+
+            return clockSkewInMillis;
         }
     };
 }
diff --git a/lib/ts/types.ts b/lib/ts/types.ts
index 4fe18b11..8e6f9d1b 100644
--- a/lib/ts/types.ts
+++ b/lib/ts/types.ts
@@ -17,6 +17,7 @@ import OverrideableBuilder from "supertokens-js-override";
 import { CookieHandlerInput } from "./utils/cookieHandler/types";
 import { WindowHandlerInput } from "./utils/windowHandler/types";
 import { LockFactory } from "./utils/lockFactory/types";
+import { DateProviderInput } from "./utils/dateProvider/types";
 
 export type Event =
     | {
@@ -57,6 +58,7 @@ export type InputType = {
     sessionTokenBackendDomain?: string;
     cookieHandler?: CookieHandlerInput;
     windowHandler?: WindowHandlerInput;
+    dateProvider?: DateProviderInput;
     preAPIHook?: RecipePreAPIHookFunction;
     postAPIHook?: RecipePostAPIHookFunction;
     onHandleEvent?: EventHandler;
@@ -151,7 +153,7 @@ export type RecipeInterface = {
         sessionTokenBackendDomain: string | undefined
     ): boolean;
 
-    updateClientClockDeviation(clientClockDeviationInMillis: number): void;
+    getClockSkewInMillis(params: { accessTokenPayload: any; responseHeaders: Headers }): number;
 };
 
 export type ClaimValidationResult = { isValid: true } | { isValid: false; reason?: any };
diff --git a/lib/ts/utils/dateProvider/defaultImplementation.ts b/lib/ts/utils/dateProvider/defaultImplementation.ts
index 97a309c9..f736add2 100644
--- a/lib/ts/utils/dateProvider/defaultImplementation.ts
+++ b/lib/ts/utils/dateProvider/defaultImplementation.ts
@@ -13,19 +13,25 @@
  * under the License.
  */
 
+import WindowHandlerReference from "../windowHandler";
+
+// To avoid potential issues with initializing clockSkewInMillis as a class variable in the constructor due to WindowHandlerReference not being initialized at DateProvider instance creation,
+// we read from localStorage each time `getClientClockSkewInMillis` is called.
 class DateProvider {
-    private clientClockDeviationInMillis: number = 0;
+    private static readonly CLOCK_SKEW_KEY = "__st_clockSkewInMillis";
 
-    setClientClockDeviationInMillis(deviation: number): void {
-        this.clientClockDeviationInMillis = deviation;
+    setClientClockSkewInMillis(clockSkewInMillis: number): void {
+        const localStorage = WindowHandlerReference.getReferenceOrThrow().windowHandler.localStorage;
+        localStorage.setItemSync(DateProvider.CLOCK_SKEW_KEY, String(clockSkewInMillis));
     }
 
-    getClientClockDeviationInMills(): number {
-        return this.clientClockDeviationInMillis;
+    getClientClockSkewInMillis(): number {
+        const localStorage = WindowHandlerReference.getReferenceOrThrow().windowHandler.localStorage;
+        return parseInt(localStorage.getItemSync(DateProvider.CLOCK_SKEW_KEY) || "0", 10);
     }
 
     now(): number {
-        return Date.now() + this.clientClockDeviationInMillis;
+        return Date.now() + this.getClientClockSkewInMillis();
     }
 }
 
diff --git a/lib/ts/utils/dateProvider/index.ts b/lib/ts/utils/dateProvider/index.ts
index 9402716a..7047609a 100644
--- a/lib/ts/utils/dateProvider/index.ts
+++ b/lib/ts/utils/dateProvider/index.ts
@@ -19,7 +19,7 @@ import { DateProviderInterface, DateProviderInput } from "./types";
 /**
  * A utility class for managing a reference to a DateProviderInterface, allowing customization of time-related operations.
  * This class is designed to address clock skew issues between the server and client by providing a consistent mechanism
- * for obtaining current time with the serverClockDeviation.
+ * for obtaining current time adjusted for clock skew.
  *
  * @class DateProviderReference
  */
diff --git a/lib/ts/utils/dateProvider/types.ts b/lib/ts/utils/dateProvider/types.ts
index 2661d9f5..81b5f242 100644
--- a/lib/ts/utils/dateProvider/types.ts
+++ b/lib/ts/utils/dateProvider/types.ts
@@ -15,8 +15,8 @@
 
 export interface DateProviderInterface {
     now(): number;
-    setClientClockDeviationInMillis(deviation: number): void;
-    getClientClockDeviationInMills(): number;
+    setClientClockSkewInMillis(clockSkewInMillis: number): void;
+    getClientClockSkewInMillis(): number;
 }
 
 export type DateProviderInput = (original: DateProviderInterface) => DateProviderInterface;
diff --git a/lib/ts/version.ts b/lib/ts/version.ts
index 19dcc131..1a539ef1 100644
--- a/lib/ts/version.ts
+++ b/lib/ts/version.ts
@@ -12,6 +12,6 @@
  * License for the specific language governing permissions and limitations
  * under the License.
  */
-export const package_version = "17.0.5";
+export const package_version = "17.0.6";
 
 export const supported_fdi = ["1.16", "1.17", "1.18"];
diff --git a/lib/ts/xmlhttprequest.ts b/lib/ts/xmlhttprequest.ts
index 6090bdea..20933109 100644
--- a/lib/ts/xmlhttprequest.ts
+++ b/lib/ts/xmlhttprequest.ts
@@ -22,7 +22,8 @@ import AuthHttpRequestFetch, {
     getTokenForHeaderAuth,
     getLocalSessionState,
     LocalSessionState,
-    fireSessionUpdateEventsIfNecessary
+    fireSessionUpdateEventsIfNecessary,
+    updateClockSkewUsingFrontToken
 } from "./fetch";
 import { logDebugMessage } from "./logger";
 import WindowHandlerReference from "./utils/windowHandler";
@@ -170,11 +171,11 @@ export function addInterceptorsToXMLHttpRequest() {
 
                     await saveTokensFromHeaders(headers);
 
-                    fireSessionUpdateEventsIfNecessary(
-                        preRequestLSS!.status === "EXISTS",
-                        status,
-                        headers.get("front-token")
-                    );
+                    const frontToken = headers.get("front-token");
+
+                    updateClockSkewUsingFrontToken({ frontToken, responseHeaders: headers });
+
+                    fireSessionUpdateEventsIfNecessary(preRequestLSS!.status === "EXISTS", status, frontToken);
                     if (status === AuthHttpRequestFetch.config.sessionExpiredStatusCode) {
                         logDebugMessage("responseInterceptor: Status code is: " + status);
                         return await handleRetryPostRefreshing();
diff --git a/package-lock.json b/package-lock.json
index 21ca39b3..c789bc3a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "supertokens-website",
-  "version": "17.0.5",
+  "version": "17.0.6",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "supertokens-website",
-      "version": "17.0.5",
+      "version": "17.0.6",
       "license": "Apache-2.0",
       "dependencies": {
         "browser-tabs-lock": "^1.3.0",
diff --git a/package.json b/package.json
index 726196aa..0601a977 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "supertokens-website",
-  "version": "17.0.5",
+  "version": "17.0.6",
   "description": "frontend sdk for website to be used for auth solution.",
   "main": "index.js",
   "dependencies": {
diff --git a/test/interception.claims.test.js b/test/interception.claims.test.js
index 71708512..0826e1e2 100644
--- a/test/interception.claims.test.js
+++ b/test/interception.claims.test.js
@@ -191,5 +191,234 @@ addGenericTestCases((name, transferMethod, setupFunc, setupArgs = []) => {
                 await browser.close();
             }
         });
+
+        it("should call the claim refresh endpoint once for multiple `shouldRefresh` calls with adjusted clock skew", async function () {
+            await startST(2 * 60 * 60); // setting accessTokenValidity to 2 hours to avoid refresh issues due to clock skew
+            try {
+                let customClaimRefreshCalledCount = 0;
+
+                // Override Date.now() to return the current time plus 1 hour
+                await page.evaluate(() => {
+                    class MockDate extends Date {
+                        constructor(...args) {
+                            super(...args);
+                        }
+
+                        static now() {
+                            return super.now() + 60 * 60 * 1000;
+                        }
+                    }
+
+                    globalThis.__originalDate = globalThis.Date;
+                    globalThis.Date = MockDate;
+                });
+
+                await page.setRequestInterception(true);
+
+                page.on("request", req => {
+                    if (req.url() === `${BASE_URL}/refresh-custom-claim`) {
+                        customClaimRefreshCalledCount++;
+                    }
+                    req.continue();
+                });
+
+                await page.evaluate(async () => {
+                    const userId = "testing-supertokens-website";
+
+                    // Create a session
+                    const loginResponse = await toTest({
+                        url: `${BASE_URL}/login`,
+                        method: "post",
+                        headers: {
+                            Accept: "application/json",
+                            "Content-Type": "application/json"
+                        },
+                        body: JSON.stringify({ userId })
+                    });
+
+                    assertEqual(loginResponse.responseText, userId);
+
+                    const customSessionClaim = new supertokens.BooleanClaim({
+                        id: "st-custom",
+                        refresh: async () => {
+                            const resp = await toTest({
+                                url: `${BASE_URL}/refresh-custom-claim`,
+                                method: "post",
+                                headers: {
+                                    Accept: "application/json",
+                                    "Content-Type": "application/json"
+                                }
+                            });
+                        },
+                        defaultMaxAgeInSeconds: 300 /* 300 seconds */
+                    });
+
+                    const customSessionClaimValidator = customSessionClaim.validators.isTrue();
+
+                    await supertokens.validateClaims(() => [customSessionClaimValidator]);
+                    await supertokens.validateClaims(() => [customSessionClaimValidator]);
+                    await supertokens.validateClaims(() => [customSessionClaimValidator]);
+                });
+
+                assert.strictEqual(customClaimRefreshCalledCount, 1);
+            } finally {
+                await browser.close();
+            }
+        });
+    });
+});
+
+addGenericTestCases((name, transferMethod, setupFunc, setupArgs = []) => {
+    describe(`${name}: SessionClaimValidator Refresh With Clock Skew`, function () {
+        let browser;
+        let page;
+
+        let skipped = false;
+        let loggedEvents = [];
+
+        before(async function () {
+            spawn(
+                "./test/startServer",
+                [process.env.INSTALL_PATH, process.env.NODE_PORT === undefined ? 8080 : process.env.NODE_PORT],
+                {
+                    // stdio: "inherit"
+                }
+            );
+            await new Promise(r => setTimeout(r, 1000));
+            if (!(await checkSessionClaimsSupport())) {
+                skipped = true;
+                this.skip();
+            }
+        });
+
+        after(async function () {
+            let instance = axios.create();
+            if (!skipped) {
+                await instance.post(BASE_URL_FOR_ST + "/after");
+            }
+            try {
+                await instance.get(BASE_URL_FOR_ST + "/stop");
+            } catch (err) {}
+        });
+
+        beforeEach(async function () {
+            let instance = axios.create();
+            await instance.post(BASE_URL_FOR_ST + "/beforeeach");
+            await instance.post("http://localhost.org:8082/beforeeach"); // for cross domain
+            await instance.post(BASE_URL + "/beforeeach");
+
+            let launchRetries = 0;
+            while (browser === undefined && launchRetries++ < 3) {
+                try {
+                    browser = await puppeteer.launch({
+                        args: ["--no-sandbox", "--disable-setuid-sandbox"],
+                        headless: true
+                    });
+
+                    page = await browser.newPage();
+
+                    page.on("console", ev => {
+                        const text = ev.text();
+                        if (text.startsWith("TEST_EV$")) {
+                            loggedEvents.push(JSON.parse(text.substr(8)));
+                        }
+                    });
+                    await page.goto(BASE_URL + "/index.html", { waitUntil: "load" });
+                    await page.addScriptTag({ path: `./bundle/bundle.js`, type: "text/javascript" });
+                    page.evaluate(BASE_URL => (window.BASE_URL = BASE_URL), BASE_URL);
+
+                    await page.evaluate(
+                        setupFunc,
+                        {
+                            override: ["getClockSkewInMillis"]
+                        },
+                        ...setupArgs
+                    );
+                } catch {}
+            }
+
+            loggedEvents = [];
+        });
+
+        afterEach(async function () {
+            if (browser) {
+                await browser.close();
+                browser = undefined;
+            }
+        });
+
+        it("Should call the claim refresh endpoint for each `shouldRefresh` call without adjusting for DateProvider clock skew", async function () {
+            await startST(2 * 60 * 60); // setting accessTokenValidity to 2 hours to avoid refresh issues due to clock skew
+            try {
+                let customClaimRefreshCalledCount = 0;
+
+                // Override Date.now() to return the current time plus 1 hour
+                await page.evaluate(() => {
+                    class MockDate extends Date {
+                        constructor(...args) {
+                            super(...args);
+                        }
+
+                        static now() {
+                            return super.now() + 60 * 60 * 1000;
+                        }
+                    }
+
+                    globalThis.__originalDate = globalThis.Date;
+                    globalThis.Date = MockDate;
+                });
+
+                await page.setRequestInterception(true);
+
+                page.on("request", req => {
+                    if (req.url() === `${BASE_URL}/refresh-custom-claim`) {
+                        customClaimRefreshCalledCount++;
+                    }
+                    req.continue();
+                });
+
+                await page.evaluate(async () => {
+                    const userId = "testing-supertokens-website";
+
+                    // Create a session
+                    const loginResponse = await toTest({
+                        url: `${BASE_URL}/login`,
+                        method: "post",
+                        headers: {
+                            Accept: "application/json",
+                            "Content-Type": "application/json"
+                        },
+                        body: JSON.stringify({ userId })
+                    });
+
+                    assertEqual(loginResponse.responseText, userId);
+
+                    const customSessionClaim = new supertokens.BooleanClaim({
+                        id: "st-custom",
+                        refresh: async () => {
+                            const resp = await toTest({
+                                url: `${BASE_URL}/refresh-custom-claim`,
+                                method: "post",
+                                headers: {
+                                    Accept: "application/json",
+                                    "Content-Type": "application/json"
+                                }
+                            });
+                        },
+                        defaultMaxAgeInSeconds: 300 /* 300 seconds */
+                    });
+
+                    const customSessionClaimValidator = customSessionClaim.validators.isTrue();
+
+                    await supertokens.validateClaims(() => [customSessionClaimValidator]);
+                    await supertokens.validateClaims(() => [customSessionClaimValidator]);
+                    await supertokens.validateClaims(() => [customSessionClaimValidator]);
+                });
+
+                assert.strictEqual(customClaimRefreshCalledCount, 3);
+            } finally {
+                await browser.close();
+            }
+        });
     });
 });
diff --git a/test/interception.testgen.js b/test/interception.testgen.js
index 2ca80818..ab546c43 100644
--- a/test/interception.testgen.js
+++ b/test/interception.testgen.js
@@ -13,6 +13,12 @@ module.exports.addGenericTestCases = function (getTestCases) {
                                 shouldDoInterceptionBasedOnUrl: url => url.includes("doOverride")
                             }));
                         }
+                        if (reqOverride === "getClockSkewInMillis") {
+                            overrideFunctions.push(oI => ({
+                                ...oI,
+                                getClockSkewInMillis: () => 0
+                            }));
+                        }
                     }
                 }
                 supertokens.init({
@@ -57,6 +63,12 @@ module.exports.addGenericTestCases = function (getTestCases) {
                                 shouldDoInterceptionBasedOnUrl: url => url.includes("doOverride")
                             }));
                         }
+                        if (reqOverride === "getClockSkewInMillis") {
+                            overrideFunctions.push(oI => ({
+                                ...oI,
+                                getClockSkewInMillis: () => 0
+                            }));
+                        }
                     }
                 }
                 supertokens.init({
@@ -130,6 +142,12 @@ module.exports.addGenericTestCases = function (getTestCases) {
                                 shouldDoInterceptionBasedOnUrl: url => url.includes("doOverride")
                             }));
                         }
+                        if (reqOverride === "getClockSkewInMillis") {
+                            overrideFunctions.push(oI => ({
+                                ...oI,
+                                getClockSkewInMillis: () => 0
+                            }));
+                        }
                     }
                 }
 
@@ -189,6 +207,12 @@ module.exports.addGenericTestCases = function (getTestCases) {
                                 shouldDoInterceptionBasedOnUrl: url => url.includes("doOverride")
                             }));
                         }
+                        if (reqOverride === "getClockSkewInMillis") {
+                            overrideFunctions.push(oI => ({
+                                ...oI,
+                                getClockSkewInMillis: () => 0
+                            }));
+                        }
                     }
                 }
                 supertokens.init({
@@ -245,6 +269,12 @@ module.exports.addGenericTestCases = function (getTestCases) {
                                 shouldDoInterceptionBasedOnUrl: url => url.includes("doOverride")
                             }));
                         }
+                        if (reqOverride === "getClockSkewInMillis") {
+                            overrideFunctions.push(oI => ({
+                                ...oI,
+                                getClockSkewInMillis: () => 0
+                            }));
+                        }
                     }
                 }
                 supertokens.init({
diff --git a/test/server/index.js b/test/server/index.js
index dfecaddf..aa99d235 100644
--- a/test/server/index.js
+++ b/test/server/index.js
@@ -18,6 +18,7 @@ let SessionRecipeRaw = require("supertokens-node/lib/build/recipe/session/recipe
 let Querier = require("supertokens-node/lib/build/querier").Querier;
 let NormalisedURLPath = require("supertokens-node/lib/build/normalisedURLPath").default;
 let Session = require("supertokens-node/recipe/session");
+let { BooleanClaim } = require("supertokens-node/recipe/session/claims");
 let express = require("express");
 let cookieParser = require("cookie-parser");
 let bodyParser = require("body-parser");
@@ -437,6 +438,16 @@ app.post(
     }
 );
 
+app.post("/refresh-custom-claim", verifySession(), async (req, res) => {
+    const session = req.session;
+    const customSessionClaim = new BooleanClaim({
+        key: "st-custom",
+        fetch: async () => true
+    });
+    await session.setClaimValue(customSessionClaim, true);
+    res.json({});
+});
+
 app.post("/403-without-body", async (req, res) => {
     res.sendStatus(403);
 });
diff --git a/test/sessionClaimValidatorRefresh.test.js b/test/sessionClaimValidatorRefresh.test.js
index 26a2fe2a..8180032a 100644
--- a/test/sessionClaimValidatorRefresh.test.js
+++ b/test/sessionClaimValidatorRefresh.test.js
@@ -65,7 +65,7 @@ describe("SessionClaimValidator Refresh", () => {
             DateProviderReference.init();
         });
 
-        it("SessionClaimValidator.shouldRefresh should return true even after refreshing", function () {
+        it("SessionClaimValidator.shouldRefresh should return true even after calling refresh without adjusting for DateProvider clock skew", function () {
             const tokenPayload = {
                 "st-test": {
                     v: false,
@@ -94,7 +94,7 @@ describe("SessionClaimValidator Refresh", () => {
             });
         });
 
-        it("SessionClaimValidator.shouldRefresh should return false after refreshing", function () {
+        it("SessionClaimValidator.shouldRefresh should return false after calling refresh once - after adjusting for DateProvider clock skew", function () {
             const tokenPayload = {
                 "st-test": {
                     v: false,
@@ -105,6 +105,10 @@ describe("SessionClaimValidator Refresh", () => {
             const testClaim = new BooleanClaim({
                 id: "st-test",
                 refresh: () => {
+                    // Adjust DateProvider clock skew
+                    DateProviderReference.getReferenceOrThrow().dateProvider.setClientClockSkewInMillis(
+                        -ONE_HOUR_IN_MS
+                    );
                     tokenPayload["st-test"].t = Date.now();
                 },
                 defaultMaxAgeInSeconds: 10 /* 10 seconds */
@@ -112,9 +116,6 @@ describe("SessionClaimValidator Refresh", () => {
 
             const testClaimValidator = testClaim.validators.isTrue();
 
-            // Adjust DateProvider clientClockDeviation
-            DateProviderReference.getReferenceOrThrow().dateProvider.setClientClockDeviationInMillis(-ONE_HOUR_IN_MS);
-
             withFakeClock(Date.now() + ONE_HOUR_IN_MS, () => {
                 assert(testClaimValidator.shouldRefresh(tokenPayload) === true);
             });