{"version":3,"file":"js/npm.index-e3d5d3f4-0f33e08e17231ab2669b.js","mappings":";48DAsBa,MAWAA,EAAa,CAExBC,SAAU,eAEVC,OAAQ,aAERC,OAAQ,aAERC,SAAU,WAEVC,MAAO,QAEPC,QAAS,eA4CEC,EAAsB,CAEjCC,aAAc,eAEdC,eAAgB,iBAEhBC,cAAe,gBAEfC,8BAA+B,gCAE/BC,wBAAyB,0BAEzBC,aAAc,gBCkShB,SAASC,IAIP,MAAO,CACL,wCACE,0LAIN,CASO,MAAMC,EAjRb,WACE,MAAO,CACL,6BACE,uDACF,iBAAgC,GAChC,qBACE,6LAGF,oBACE,qJAGF,uBACE,kKAGF,eACE,+EAEF,oBAAmC,kCACnC,mBAAkC,iCAClC,4BACE,uEACF,wBACE,wDACF,wBACE,6GAEF,wCACE,0LAGF,6BACE,+FAEF,kCACE,wDACF,uBACE,0DACF,yBACE,gKAGF,sBAAkC,+BAClC,0BACE,mFACF,iBAAgC,sCAChC,yBACE,sIAEF,iBACE,qEACF,qBACE,sLAGF,qBAAoC,sCACpC,4BACE,wLAGF,uBACE,uDACF,gCACE,gOAIF,uBACE,wEACF,8BACE,4FACF,gBAA+B,wCAC/B,0BACE,qEACF,kBACE,sEACF,oBACE,kDACF,qBACE,4DACF,0BACE,+KAEF,+BACE,iFACF,yBACE,uGAEF,0BACE,0FAEF,sBACE,+IAEF,sBACE,2GAEF,iBACE,gEACF,2BACE,oFACF,uBACE,gPAIF,sBACE,wCACF,0BACE,4GAEF,iBACE,6KAEF,0BACE,2EACF,oBACE,4CACF,gBACE,4DACF,2BACE,2FACF,8BACE,8HAEF,yBACE,gIAEF,4BACE,6EACF,uBACE,kDACF,uBAAsC,sCACtC,wBACE,oEACF,2BACE,oKAGF,mBAAkC,wCAClC,4BACE,2CACF,+BACE,mEACF,uBACE,wEACF,0BACE,uEACF,cACE,iDACF,8BACE,2EACF,6BACE,yEACF,2CACE,wJAGF,yBACE,kGACF,gBAA+B,sCAC/B,mBACE,6DACF,YACE,0GAEF,wBACE,yJAGF,8CACE,kLAGF,gBACE,4FACF,uBACE,yEACF,0BACE,kEACF,iBACE,4DACF,6BACE,2EACF,6BACE,mDACF,sBACE,6DACF,+BACE,yDACF,uCACE,4EACF,qBACE,sEACF,QAAyB,+BACzB,qBACE,yEACF,oBACE,0FAEF,4BACE,2GAEF,2BACE,sHACF,+BACE,2EACF,+BACE,6DACF,mBACE,2CACF,iBACE,wEACF,iBACE,4FAEF,gBACE,0DACF,gBACE,+EACF,kBAAiC,GACjC,gBACE,kDACF,0BACE,+EACF,sBACE,oOAIF,0BACE,sEACF,0BACE,sEACF,2BACE,uEACF,wBACE,oEACF,sBACE,4EACF,4BACE,wEACF,mBAAkC,8BAClC,4BACE,wEAEN,EAkCaC,EAA6BF,EAuD7BG,EAA8B,IAAIC,EAAAA,GAG7C,OAAQ,WAlFD,CACL,wCACE,4LCvXAC,EAAY,IAAIC,EAAAA,GAAO,2BAuBbC,EAAUC,KAAgBC,GACpCJ,EAAUK,UAAYC,EAAAA,GAAAA,OACxBN,EAAUO,MAAM,SAASC,EAAAA,iBAAiBL,OAAUC,EAExD,UCWgBK,EACdC,KACGC,GAEH,MAAMC,EAAoBF,KAAeC,EAC3C,UAagBE,EACdH,KACGC,GAEH,OAAOC,EAAoBF,KAAeC,EAC5C,UAEgBG,EACdC,EACAC,EACAC,GAEA,MAAMC,EACAC,OAAAC,OAAAD,OAAAC,OAAA,GAAAvB,KAAoC,CACxC,CAACmB,GAAOC,IAOV,OALgB,IAAIlB,EAAAA,GAClB,OACA,WACAmB,GAEaG,OAAOL,EAAM,CAC1BM,QAASP,EAAKQ,MAElB,UAEgBC,EACdT,EACAU,EACAC,GAGA,KAAMD,aADsBC,GAM1B,MAN0BA,EAEFH,OAASE,EAAOE,YAAYJ,MAClDd,EAAMM,EAAM,kBAGRD,EACJC,EAEA,4BAAWU,EAAOE,YAAYJ,4FAIpC,CAEA,SAASX,EACPF,KACGC,GAEH,GAA0B,kBAAfD,EAAyB,CAClC,MAAMM,EAAOL,EAAK,GACZiB,EAAa,IAAIjB,EAAKkB,MAAM,IAKlC,OAJID,EAAW,KACbA,EAAW,GAAGN,QAAUZ,EAAWa,MAG7Bb,EAA4BoB,cAAcT,OAChDL,KACGY,EAEN,CAED,OAAO9B,EAA4BuB,OACjCX,KACIC,EAER,CAeM,SAAUoB,EACdC,EACAtB,KACGC,GAEH,IAAKqB,EACH,MAAMpB,EAAoBF,KAAeC,EAE7C,CA4FM,SAAUsB,EAAUC,GAGxB,MAAMjB,EAAuC,8BAAGiB,EAMhD,MALAhC,EAAUe,GAKJ,IAAIkB,MAAMlB,EAClB,CASgB,SAAAmB,EACdJ,EACAf,GAEKe,GACHC,EAAUhB,EAEd,UC7QgBoB,UACd,MAAwB,qBAATC,OAAqC,QAAbC,EAAAD,KAAKE,gBAAQ,IAAAD,OAAA,EAAAA,EAAEE,OAAS,EACjE,UAEgBC,IACd,MAA+B,UAAxBC,KAA2D,WAAxBA,GAC5C,UAEgBA,UACd,MAAwB,qBAATL,OAAqC,QAAbC,EAAAD,KAAKE,gBAAQ,IAAAD,OAAA,EAAAA,EAAEK,WAAa,IACrE,OCGaC,EAIXlB,YACmBmB,EACAC,GADA,KAAUD,WAAVA,EACA,KAASC,UAATA,EAGjBX,EACEW,EAAYD,EACZ,+CAEFE,KAAKC,UAAWC,EAAAA,EAAAA,QAAqBC,EAAAA,EAAAA,MAGvCC,MACE,MCtBqB,qBAAdC,WACPA,WACA,WAAYA,WACgB,mBAArBA,UAAUC,SAMhBZ,MAAoBa,EAAAA,EAAAA,OAAwB,eAAgBF,aAEtDA,UAAUC,ODaRE,KAAKC,IAAI,IAAkBT,KAAKF,YAMlCE,KAAKC,SAAWD,KAAKD,UAAYC,KAAKF,YEnCjC,SAAAY,EAAaC,EAAwBC,GACnDxB,EAAYuB,EAAOE,SAAU,sCAC7B,MAAM,IAAEC,GAAQH,EAAOE,SAEvB,OAAKD,EAIE,GAAGE,IAAMF,EAAKG,WAAW,KAAOH,EAAK/B,MAAM,GAAK+B,IAH9CE,CAIX,OCVaE,EAKXC,kBACEC,EACAC,EACAC,GAEApB,KAAKkB,UAAYA,EACbC,IACFnB,KAAKmB,YAAcA,GAEjBC,IACFpB,KAAKoB,aAAeA,GAIxBH,eACE,OAAIjB,KAAKkB,UACAlB,KAAKkB,UAEM,qBAAT5B,MAAwB,UAAWA,KACrCA,KAAK+B,WAEdpC,EACE,mHAIJgC,iBACE,OAAIjB,KAAKmB,YACAnB,KAAKmB,YAEM,qBAAT7B,MAAwB,YAAaA,KACvCA,KAAKgC,aAEdrC,EACE,qHAIJgC,kBACE,OAAIjB,KAAKoB,aACApB,KAAKoB,aAEM,qBAAT9B,MAAwB,aAAcA,KACxCA,KAAKiC,cAEdtC,EACE,uHC4DC,MAAMuC,EAAyD,CAEpE,oBAAoE,wBAEpE,qBAAgE,iBAGhE,mBAA6D,gBAE7D,qBAAgE,iBAGhE,iBAA8D,iBAE9D,iBAA8D,mBAG9D,aAAsD,uBACtD,wBAA0E,wBAG1E,qBAAsE,qBACtE,sBAAuE,qBACvE,iCACyC,4BAGzC,iBAA4D,iBAG5D,gBAAyD,iBACzD,4BAC2C,oBAE3C,iBAA8D,sBAC9D,iBAA8D,sBAE9D,iBAA4D,iBAG5D,+BAC8C,wBAC9C,iBAA0D,qBAC1D,cAAwD,qBACxD,eAAyD,qBAGzD,4BAC2C,oBAG3C,aAAsD,4BACtD,qBAAsE,0BACtE,wBAAyE,qBACzE,qBAAsE,0BACtE,gBAAyD,eAKzD,6BAC4C,2BAC5C,oBAAoE,4BAGpE,wBAA4E,0BAG5E,qBAAsE,6BAGtE,+BACmC,+BACnC,yBAAwE,8BACxE,0BAAuE,4BACvE,+BACmC,+BACnC,qBAC8C,+BAC9C,6BAC4C,uCAG5C,iCAA4E,iBAG5E,sBAAwE,wBACxE,wBAA4E,0BAC5E,wBAA4E,0BAC5E,yBACwC,2BACxC,oBAAoE,sBACpE,0BACyC,4BACzC,0BACyC,4BACzC,iBAA8D,oBC1InDC,EAAyB,IAAI5B,EAAM,IAAQ,KAExC,SAAA6B,EACd3D,EACA4D,GAEA,OAAI5D,EAAK6D,WAAaD,EAAQC,SAC5BzD,OAAAC,OAAAD,OAAAC,OAAA,GACKuD,GACH,CAAAC,SAAU7D,EAAK6D,WAGZD,CACT,CAEOE,eAAeC,EACpB/D,EACAgE,EACAnB,EACAe,EACAK,EAAuD,CAAC,GAExD,OAAOC,EAA+BlE,EAAMiE,GAAgBH,UAC1D,IAAIK,EAAO,CAAC,EACRC,EAAS,CAAC,EACVR,IACa,QAAXI,EACFI,EAASR,EAETO,EAAO,CACLA,KAAME,KAAKC,UAAUV,KAK3B,MAAMW,GAAQC,EAAAA,EAAAA,IAAWpE,OAAAC,OAAC,CACxBoE,IAAKzE,EAAK4C,OAAO8B,QACdN,IACFtD,MAAM,GAEH6D,QAAiB3E,EAAsB4E,wBAO7C,OANAD,EAAQ,gBAA2B,mBAE/B3E,EAAK6E,eACPF,EAAqC,qBAAG3E,EAAK6E,cAGxC5B,EAAcK,OAAdL,CACL6B,EAAgB9E,EAAMA,EAAK4C,OAAOmC,QAASlC,EAAM0B,GAAMnE,OAAAC,OAAA,CAErD2D,SACAW,UACAK,eAAgB,eACbb,GAEN,GAEL,CAEOL,eAAeI,EACpBlE,EACAiE,EACAgB,GAECjF,EAAsBkF,kBAAmB,EAC1C,MAAM/E,EAAgBC,OAAAC,OAAAD,OAAAC,OAAA,GAAAoD,GAAqBQ,GAC3C,IACE,MAAMkB,EAAiB,IAAIC,EAAyBpF,GAC9CqF,QAA2BC,QAAQC,KAAwB,CAC/DN,IACAE,EAAeK,UAKjBL,EAAeM,sBAEf,MAAMC,QAAaL,EAASK,OAC5B,GAAI,qBAAsBA,EACxB,MAAMC,EAAiB3F,EAAuC,2CAAA0F,GAGhE,GAAIL,EAASO,MAAQ,iBAAkBF,GACrC,OAAOA,EACF,CACL,MAAMG,EAAeR,EAASO,GAAKF,EAAKG,aAAeH,EAAKlG,MAAMU,SAC3D4F,EAAiBC,GAAsBF,EAAaG,MAAM,OACjE,GAAwB,qCAApBF,EACF,MAAMH,EACJ3F,EAEA,4BAAA0F,GAEG,GAAwB,iBAApBI,EACT,MAAMH,EAAiB3F,EAAkC,uBAAA0F,GACpD,GAAwB,kBAApBI,EACT,MAAMH,EAAiB3F,EAAmC,gBAAA0F,GAE5D,MAAMO,EACJ9F,EAAS2F,IACRA,EACEI,cACAC,QAAQ,UAAW,KACxB,GAAIJ,EACF,MAAMhG,EAAwBC,EAAMiG,EAAWF,GAE/CrG,EAAMM,EAAMiG,EAEf,CACF,CAAC,MAAOG,GACP,GAAIA,aAAaC,EAAAA,GACf,MAAMD,EAKR1G,EAAMM,EAA4C,0BAAE,QAAWsG,OAAOF,IACvE,CACH,CAEOtC,eAAeyC,EACpBvG,EACAgE,EACAnB,EACAe,EACAK,EAAuD,CAAC,GAExD,MAAMuC,QAAwBzC,EAC5B/D,EACAgE,EACAnB,EACAe,EACAK,GAQF,MANI,yBAA0BuC,GAC5B9G,EAAMM,EAAkC,8BACtCyG,gBAAiBD,IAIdA,CACT,CAEM,SAAU1B,EACd9E,EACA0G,EACA7D,EACA0B,GAEA,MAAMoC,EAAU,GAAAD,IAAO7D,KAAQ0B,IAE/B,OAAMvE,EAAsB4C,OAAOE,SAI5BH,EAAa3C,EAAK4C,OAA0B+D,GAH1C,GAAG3G,EAAK4C,OAAOgE,eAAeD,GAIzC,CAEA,MAAMvB,EAiBJxE,YAA6BZ,GAAA,KAAIA,KAAJA,EAbrB,KAAK6G,MAAe,KACnB,KAAOrB,QAAG,IAAIF,SAAW,CAACwB,EAAGC,KACpC9E,KAAK4E,MAAQG,YAAW,IACfD,EACLjH,EAAamC,KAAKjC,KAA2C,4BAE9D0D,EAAuBrB,MAAM,IAGlCoD,sBACEwB,aAAahF,KAAK4E,iBAWNlB,EACd3F,EACAC,EACAoF,GAEA,MAAM6B,EAAgC,CACpC3G,QAASP,EAAKQ,MAGZ6E,EAAS8B,QACXD,EAAYC,MAAQ9B,EAAS8B,OAE3B9B,EAAS+B,cACXF,EAAYE,YAAc/B,EAAS+B,aAGrC,MAAM5H,EAAQM,EAAaE,EAAMC,EAAMiH,GAIvC,OADC1H,EAAM6H,WAAwCC,eAAiBjC,EACzD7F,CACT,CCnRM,SAAU+H,EACdC,GAEA,GAAKA,EAGL,IAEE,MAAMC,EAAO,IAAIC,KAAKC,OAAOH,IAE7B,IAAKI,MAAMH,EAAKI,WAEd,OAAOJ,EAAKK,aAEf,CAAC,MAAO1B,IAIX,CCsDA,SAAS2B,EAA4BC,GACnC,OAAyB,IAAlBL,OAAOK,EAChB,CAEM,SAAUC,EAAYC,GAC1B,MAAOC,EAAWC,EAASC,GAAaH,EAAMlC,MAAM,KACpD,QACgBsC,IAAdH,QACYG,IAAZF,QACcE,IAAdD,EAGA,OADAlJ,EAAU,kDACH,KAGT,IACE,MAAMoJ,GAAUC,EAAAA,EAAAA,IAAaJ,GAC7B,OAAKG,EAIElE,KAAKoE,MAAMF,IAHhBpJ,EAAU,uCACH,KAGV,CAAC,MAAOiH,GAKP,OAJAjH,EACE,2CACC,OAAAiH,QAAA,IAAAA,OAAA,EAAAA,EAAasC,YAET,IACR,CACH,CChGO5E,eAAe6E,EACpBC,EACApD,EACAqD,GAAkB,GAElB,GAAIA,EACF,OAAOrD,EAET,IACE,aAAaA,CACd,CAAC,MAAOY,GAOP,MANIA,aAAaC,EAAAA,IAUrB,UAA2B,KAAEpG,IAC3B,MACW,uBAATA,GACS,4BAATA,CAEJ,CAfsC6I,CAAkB1C,IAC9CwC,EAAK5I,KAAK+I,cAAgBH,SACtBA,EAAK5I,KAAKgJ,UAId5C,CACP,CACH,OCba6C,EAUXrI,YAA6BgI,GAAA,KAAIA,KAAJA,EATrB,KAASM,WAAG,EAMZ,KAAOC,QAAe,KACtB,KAAAC,aAA0C,IAIlDC,SACMpH,KAAKiH,YAITjH,KAAKiH,WAAY,EACjBjH,KAAKqH,YAGPC,QACOtH,KAAKiH,YAIVjH,KAAKiH,WAAY,EACI,OAAjBjH,KAAKkH,SACPlC,aAAahF,KAAKkH,UAIdK,YAAYC,SAClB,GAAIA,EAAU,CACZ,MAAMC,EAAWzH,KAAKmH,aAKtB,OAJAnH,KAAKmH,aAAe3G,KAAKC,IACH,EAApBT,KAAKmH,aAAgB,MAGhBM,CACR,CAAM,CAELzH,KAAKmH,aAAe,IACpB,MACMM,GADsD,QAA5ClI,EAAAS,KAAK2G,KAAKe,gBAAgBC,sBAAkB,IAAApI,EAAAA,EAAA,GACjCkG,KAAKmC,MAAQ,IAExC,OAAOpH,KAAKqH,IAAI,EAAGJ,EACpB,EAGKJ,SAASG,GAAW,GAC1B,IAAKxH,KAAKiH,UAER,OAGF,MAAMQ,EAAWzH,KAAKuH,YAAYC,GAClCxH,KAAKkH,QAAUnC,YAAWlD,gBAClB7B,KAAK8H,WAAW,GACrBL,GAGG5F,kBACN,UACQ7B,KAAK2G,KAAKoB,YAAW,EAC5B,CAAC,MAAO5D,GASP,YALU,iCADY,OAAnBA,QAAA,IAAAA,OAAA,EAAAA,EAAqBnG,OAGtBgC,KAAKqH,UAAwB,GAIhC,CACDrH,KAAKqH,kBCnFIW,EAIXrJ,YACUsJ,EACAC,GADA,KAASD,UAATA,EACA,KAAWC,YAAXA,EAERlI,KAAKmI,kBAGCA,kBACNnI,KAAKoI,eAAiB9C,EAAyBtF,KAAKkI,aACpDlI,KAAKqI,aAAe/C,EAAyBtF,KAAKiI,WAGpDK,MAAMC,GACJvI,KAAKiI,UAAYM,EAASN,UAC1BjI,KAAKkI,YAAcK,EAASL,YAC5BlI,KAAKmI,kBAGPK,SACE,MAAO,CACLP,UAAWjI,KAAKiI,UAChBC,YAAalI,KAAKkI,cChBjBrG,eAAe4G,EAAqB9B,SACzC,MAAM5I,EAAO4I,EAAK5I,KACZ2K,QAAgB/B,EAAKoB,aACrB3E,QAAiBsD,EACrBC,ECsDG9E,eACL9D,EACA4D,GAEA,OAAOG,EACL/D,EAGA,6BAAA4D,EAEJ,CD/DIgH,CAAe5K,EAAM,CAAE2K,aAGzB3J,EAAQ,OAAAqE,QAAA,IAAAA,OAAA,EAAAA,EAAUwF,MAAMC,OAAQ9K,EAAM,kBAEtC,MAAM+K,EAAc1F,EAASwF,MAAM,GAEnCjC,EAAKoC,sBAAsBD,GAE3B,MAAME,GAA8C,QAA5BzJ,EAAAuJ,EAAYG,wBAAgB,IAAA1J,OAAA,EAAAA,EAAEsJ,QAC9BC,EAAYG,iBA4DnBC,KAAK3J,IAAA,eAAE4J,GAAyB5J,EAAV6J,GAAQC,EAAAA,EAAAA,IAAA9J,EAAzB,gBACpB,MAAO,CACL4J,aACAG,IAAKF,EAASG,OAAS,GACvBC,YAAaJ,EAASI,aAAe,KACrCtE,MAAOkE,EAASlE,OAAS,KACzBC,YAAaiE,EAASjE,aAAe,KACrCsE,SAAUL,EAASM,UAAY,KAChC,IAnEC,GAEJ,MAAMC,GA+CNC,EA/CuCjD,EAAKgD,aAgD5CE,EAhD0Db,EAqDnD,IAHSY,EAASE,QACvBC,IAAMF,EAAQG,MAAKC,GAAKA,EAAEd,aAAeY,EAAEZ,kBAEtBU,IAPzB,IACED,EACAC,EAzCA,MAAMK,EAAiBvD,EAAKwD,YACtBC,IACFzD,EAAKzB,OAAS4D,EAAYuB,iBAAkB,OAAAV,QAAY,IAAZA,OAAY,EAAZA,EAAcd,QACxDsB,IAAeD,GAAyBE,EAExCE,EAAiC,CACrChB,IAAKR,EAAYyB,QACjBf,YAAaV,EAAYU,aAAe,KACxCC,SAAUX,EAAYY,UAAY,KAClCxE,MAAO4D,EAAY5D,OAAS,KAC5BsF,cAAe1B,EAAY0B,gBAAiB,EAC5CrF,YAAa2D,EAAY3D,aAAe,KACxCvD,SAAUkH,EAAYlH,UAAY,KAClC+H,eACApB,SAAU,IAAIP,EAAac,EAAYb,UAAWa,EAAYZ,aAC9DiC,eAGFhM,OAAOC,OAAOuI,EAAM2D,EACtB,OElCaG,EAAb9L,cACE,KAAY+L,aAAkB,KAC9B,KAAWC,YAAkB,KAC7B,KAAchD,eAAkB,KAE5BiD,gBACF,OACG5K,KAAK2H,gBACNlC,KAAKmC,MAAQ5H,KAAK2H,eAAqC,IAI3DkD,yBACEzH,GAEArE,EAAQqE,EAASsF,QAAS,kBAC1B3J,EAC8B,qBAArBqE,EAASsF,QAAuB,kBAGzC3J,EACmC,qBAA1BqE,EAASsH,aAA4B,kBAG9C,MAAMI,EACJ,cAAe1H,GAA0C,qBAAvBA,EAAS0H,UACvCpF,OAAOtC,EAAS0H,WNyDpB,SAA0B7E,GAC9B,MAAM8E,EAAc/E,EAAYC,GAIhC,OAHAlH,EAAQgM,EAAa,kBACrBhM,EAAmC,qBAApBgM,EAAYC,IAAqB,kBAChDjM,EAAmC,qBAApBgM,EAAYE,IAAqB,kBACzCvF,OAAOqF,EAAYC,KAAOtF,OAAOqF,EAAYE,IACtD,CM9DUC,CAAgB9H,EAASsF,SAC/B1I,KAAKmL,0BACH/H,EAASsF,QACTtF,EAASsH,aACTI,GAIJjJ,eACE9D,EACAqN,GAAe,GAQf,OANArM,GACGiB,KAAK2K,aAAe3K,KAAK0K,aAC1B3M,EAAI,sBAIDqN,IAAgBpL,KAAK2K,aAAgB3K,KAAK4K,UAI3C5K,KAAK0K,oBACD1K,KAAKqL,QAAQtN,EAAMiC,KAAK0K,cACvB1K,KAAK2K,aAGP,KARE3K,KAAK2K,YAWhBW,oBACEtL,KAAK0K,aAAe,KAGd7I,cAAc9D,EAAoBwN,GACxC,MAAM,YAAEZ,EAAW,aAAED,EAAY,UAAEI,SCtDhCjJ,eACL9D,EACA2M,GAEA,MAAMtH,QACEnB,EACJlE,EACA,CAAC,GACD8D,UACE,MAAMK,GAAOK,EAAAA,EAAAA,IAAY,CACvB,WAAc,gBACd,cAAiBmI,IAChB7L,MAAM,IACH,aAAE2M,EAAY,OAAE/I,GAAW1E,EAAK4C,OAChCG,EAAM+B,EACV9E,EACAyN,EAAY,YAEL,OAAA/I,KAGHC,QAAiB3E,EAAsB4E,wBAG7C,OAFAD,EAAQ,gBAA2B,oCAE5B1B,EAAcK,OAAdL,CAAsBF,EAAK,CAChCiB,OAAuB,OACvBW,UACAR,QACA,IAKR,MAAO,CACLyI,YAAavH,EAASqI,aACtBX,UAAW1H,EAASsI,WACpBhB,aAActH,EAASuI,cAE3B,CDgB2DC,CACrD7N,EACAwN,GAEFvL,KAAKmL,0BACHR,EACAD,EACAhF,OAAOoF,IAIHK,0BACNR,EACAD,EACAmB,GAEA7L,KAAK0K,aAAeA,GAAgB,KACpC1K,KAAK2K,YAAcA,GAAe,KAClC3K,KAAK2H,eAAiBlC,KAAKmC,MAAuB,IAAfiE,EAGrC5K,gBAAgB3C,EAAiBG,GAC/B,MAAM,aAAEiM,EAAY,YAAEC,EAAW,eAAEhD,GAAmBlJ,EAEhDqN,EAAU,IAAIrB,EAuBpB,OAtBIC,IACF3L,EAAgC,kBAAjB2L,EAAyD,kBACtEpM,YAEFwN,EAAQpB,aAAeA,GAErBC,IACF5L,EAA+B,kBAAhB4L,EAAwD,kBACrErM,YAEFwN,EAAQnB,YAAcA,GAEpBhD,IACF5I,EAC4B,kBAAnB4I,EAEP,kBACErJ,YAGJwN,EAAQnE,eAAiBA,GAEpBmE,EAGTtD,SACE,MAAO,CACLkC,aAAc1K,KAAK0K,aACnBC,YAAa3K,KAAK2K,YAClBhD,eAAgB3H,KAAK2H,gBAIzBoE,QAAQrE,GACN1H,KAAK2K,YAAcjD,EAAgBiD,YACnC3K,KAAK0K,aAAehD,EAAgBgD,aACpC1K,KAAK2H,eAAiBD,EAAgBC,eAGxCqE,SACE,OAAO7N,OAAOC,OAAO,IAAIqM,EAAmBzK,KAAKwI,UAGnDyD,kBACE,OAAOhN,EAAU,oBEhIrB,SAASiN,EACPlN,EACAV,GAEAS,EACuB,kBAAdC,GAA+C,qBAAdA,EAExC,kBAAEV,WAEN,OAEa6N,EAwBXxN,YAAYY,OAAA,IAAE+J,EAAG,KAAEvL,EAAI,gBAAE2J,GAAenI,EAAK6M,GAAjC/C,EAAAA,EAAAA,IAAA9J,EAAA,kCAtBH,KAAA4J,WAAiC,WAoBzB,KAAAkD,iBAAmB,IAAIrF,EAAiBhH,MA6CjD,KAAcsM,eAAuB,KACrC,KAAcC,eAA+B,KA3CnDvM,KAAKsJ,IAAMA,EACXtJ,KAAKjC,KAAOA,EACZiC,KAAK0H,gBAAkBA,EACvB1H,KAAK2K,YAAcjD,EAAgBiD,YACnC3K,KAAKwJ,YAAc4C,EAAI5C,aAAe,KACtCxJ,KAAKkF,MAAQkH,EAAIlH,OAAS,KAC1BlF,KAAKwK,cAAgB4B,EAAI5B,gBAAiB,EAC1CxK,KAAKmF,YAAciH,EAAIjH,aAAe,KACtCnF,KAAKyJ,SAAW2C,EAAI3C,UAAY,KAChCzJ,KAAKmK,YAAciC,EAAIjC,cAAe,EACtCnK,KAAK4B,SAAWwK,EAAIxK,UAAY,KAChC5B,KAAK2J,aAAeyC,EAAIzC,aAAe,IAAIyC,EAAIzC,cAAgB,GAC/D3J,KAAKuI,SAAW,IAAIP,EAClBoE,EAAInE,gBAAa5B,EACjB+F,EAAIlE,kBAAe7B,GAIvBxE,iBAAiBuJ,GACf,MAAMT,QAAoBjE,EACxB1G,KACAA,KAAK0H,gBAAgB8E,SAASxM,KAAKjC,KAAMqN,IAU3C,OARArM,EAAQ4L,EAAa3K,KAAKjC,KAAM,kBAE5BiC,KAAK2K,cAAgBA,IACvB3K,KAAK2K,YAAcA,QACb3K,KAAKjC,KAAK0O,sBAAsBzM,MACtCA,KAAKjC,KAAK2O,0BAA0B1M,OAG/B2K,EAGTgC,iBAAiBvB,GACf,OR5DGvJ,eACL8E,EACAyE,GAAe,GAEf,MAAMwB,GAAeC,EAAAA,EAAAA,IAAmBlG,GAClCV,QAAc2G,EAAa7E,WAAWqD,GACtC0B,EAAS9G,EAAYC,GAE3BlH,EACE+N,GAAUA,EAAO9B,KAAO8B,EAAOC,WAAaD,EAAO7B,IACnD2B,EAAa7O,KAAI,kBAGnB,MAAMiP,EACuB,kBAApBF,EAAOE,SAAwBF,EAAOE,cAAW3G,EAEpD4G,EAAqC,OAAAD,QAAQ,IAARA,OAAQ,EAARA,EAA6B,iBAExE,MAAO,CACLF,SACA7G,QACAiH,SAAU5H,EACRQ,EAA4BgH,EAAOC,YAErCI,aAAc7H,EACZQ,EAA4BgH,EAAO7B,MAErCtD,eAAgBrC,EACdQ,EAA4BgH,EAAO9B,MAErCiC,eAAgBA,GAAkB,KAClCG,oBAAoB,OAAAJ,QAAA,IAAAA,OAAA,EAAAA,EAAkC,wBAAK,KAE/D,CQ2BWL,CAAiB3M,KAAMoL,GAGhCiC,SACE,OJnCGxL,eAAsB8E,GAC3B,MAAMiG,GAA6BC,EAAAA,EAAAA,IAAmBlG,SAChD8B,EAAqBmE,SAKrBA,EAAa7O,KAAK0O,sBAAsBG,GAC9CA,EAAa7O,KAAK2O,0BAA0BE,EAC9C,CI0BWS,CAAOrN,MAMhB+L,QAAQpF,GACF3G,OAAS2G,IAGb5H,EAAQiB,KAAKsJ,MAAQ3C,EAAK2C,IAAKtJ,KAAKjC,KAAM,kBAC1CiC,KAAKwJ,YAAc7C,EAAK6C,YACxBxJ,KAAKyJ,SAAW9C,EAAK8C,SACrBzJ,KAAKkF,MAAQyB,EAAKzB,MAClBlF,KAAKwK,cAAgB7D,EAAK6D,cAC1BxK,KAAKmF,YAAcwB,EAAKxB,YACxBnF,KAAKmK,YAAcxD,EAAKwD,YACxBnK,KAAK4B,SAAW+E,EAAK/E,SACrB5B,KAAK2J,aAAehD,EAAKgD,aAAaT,KAAIoE,GAAQnP,OAAAC,OAAA,GAAUkP,KAC5DtN,KAAKuI,SAASD,MAAM3B,EAAK4B,UACzBvI,KAAK0H,gBAAgBqE,QAAQpF,EAAKe,kBAGpCsE,OAAOjO,GACL,MAAMwP,EAAU,IAAIpB,EACfhO,OAAAC,OAAAD,OAAAC,OAAA,GAAA4B,MAAI,CACPjC,OACA2J,gBAAiB1H,KAAK0H,gBAAgBsE,YAGxC,OADAuB,EAAQhF,SAASD,MAAMtI,KAAKuI,UACrBgF,EAGTC,UAAUC,GAER1O,GAASiB,KAAKuM,eAAgBvM,KAAKjC,KAAM,kBACzCiC,KAAKuM,eAAiBkB,EAClBzN,KAAKsM,iBACPtM,KAAK+I,sBAAsB/I,KAAKsM,gBAChCtM,KAAKsM,eAAiB,MAI1BvD,sBAAsBuE,GAChBtN,KAAKuM,eACPvM,KAAKuM,eAAee,GAGpBtN,KAAKsM,eAAiBgB,EAI1BI,yBACE1N,KAAKqM,iBAAiBjF,SAGxBuG,wBACE3N,KAAKqM,iBAAiB/E,QAGxBzF,+BACEuB,EACAiK,GAAS,GAET,IAAIO,GAAkB,EAEpBxK,EAASsF,SACTtF,EAASsF,UAAY1I,KAAK0H,gBAAgBiD,cAE1C3K,KAAK0H,gBAAgBmD,yBAAyBzH,GAC9CwK,GAAkB,GAGhBP,SACI5E,EAAqBzI,YAGvBA,KAAKjC,KAAK0O,sBAAsBzM,MAClC4N,GACF5N,KAAKjC,KAAK2O,0BAA0B1M,MAIxC6B,eACE,MAAM6G,QAAgB1I,KAAK+H,aAO3B,aANMrB,EAAqB1G,KHlLxB6B,eACL9D,EACA4D,GAEA,OAAOG,EACL/D,EAGA,6BAAA4D,EAEJ,CGwKqCkM,CAAc7N,KAAKjC,KAAM,CAAE2K,aAC5D1I,KAAK0H,gBAAgB4D,oBAKdtL,KAAKjC,KAAKgJ,UAGnByB,SACE,OAAArK,OAAAC,OAAAD,OAAAC,OAAA,CACEkL,IAAKtJ,KAAKsJ,IACVpE,MAAOlF,KAAKkF,YAASmB,EACrBmE,cAAexK,KAAKwK,cACpBhB,YAAaxJ,KAAKwJ,kBAAenD,EACjC8D,YAAanK,KAAKmK,YAClBV,SAAUzJ,KAAKyJ,eAAYpD,EAC3BlB,YAAanF,KAAKmF,kBAAekB,EACjCzE,SAAU5B,KAAK4B,eAAYyE,EAC3BsD,aAAc3J,KAAK2J,aAAaT,KAAIoE,GAAQnP,OAAAC,OAAA,GAAUkP,KACtD5F,gBAAiB1H,KAAK0H,gBAAgBc,SAGtCsF,iBAAkB9N,KAAK8N,kBACpB9N,KAAKuI,SAASC,UAAQ,CAGzB/F,OAAQzC,KAAKjC,KAAK4C,OAAO8B,OACzBnE,QAAS0B,KAAKjC,KAAKQ,OAMnBmM,mBACF,OAAO1K,KAAK0H,gBAAgBgD,cAAgB,GAG9CzJ,iBAAiBlD,EAAoBU,uBACnC,MAAM+K,EAAgC,QAAlBjK,EAAAd,EAAO+K,mBAAW,IAAAjK,EAAAA,OAAI8G,EACpCnB,EAAoB,QAAZ6I,EAAAtP,EAAOyG,aAAK,IAAA6I,EAAAA,OAAI1H,EACxBlB,EAAgC,QAAlB6I,EAAAvP,EAAO0G,mBAAW,IAAA6I,EAAAA,OAAI3H,EACpCoD,EAA0B,QAAfwE,EAAAxP,EAAOgL,gBAAQ,IAAAwE,EAAAA,OAAI5H,EAC9BzE,EAA0B,QAAfsM,EAAAzP,EAAOmD,gBAAQ,IAAAsM,EAAAA,OAAI7H,EAC9ByH,EAA0C,QAAvBK,EAAA1P,EAAOqP,wBAAgB,IAAAK,EAAAA,OAAI9H,EAC9C4B,EAA4B,QAAhBmG,EAAA3P,EAAOwJ,iBAAS,IAAAmG,EAAAA,OAAI/H,EAChC6B,EAAgC,QAAlBmG,EAAA5P,EAAOyJ,mBAAW,IAAAmG,EAAAA,OAAIhI,GACpC,IACJiD,EAAG,cACHkB,EAAa,YACbL,EAAW,aACXR,EACAjC,gBAAiB4G,GACf7P,EAEJM,EAAQuK,GAAOgF,EAAyBvQ,EAAM,kBAE9C,MAAM2J,EAAkB+C,EAAgB8D,SACtCvO,KAAKzB,KACL+P,GAGFvP,EAAuB,kBAARuK,EAAkBvL,EAAM,kBACvCmO,EAAwB1C,EAAazL,EAAKQ,MAC1C2N,EAAwBhH,EAAOnH,EAAKQ,MACpCQ,EAC2B,mBAAlByL,EACPzM,EAAI,kBAGNgB,EACyB,mBAAhBoL,EACPpM,EAAI,kBAGNmO,EAAwB/G,EAAapH,EAAKQ,MAC1C2N,EAAwBzC,EAAU1L,EAAKQ,MACvC2N,EAAwBtK,EAAU7D,EAAKQ,MACvC2N,EAAwB4B,EAAkB/P,EAAKQ,MAC/C2N,EAAwBjE,EAAWlK,EAAKQ,MACxC2N,EAAwBhE,EAAanK,EAAKQ,MAC1C,MAAMoI,EAAO,IAAIwF,EAAS,CACxB7C,MACAvL,OACAmH,QACAsF,gBACAhB,cACAW,cACAV,WACAtE,cACAvD,WACA8F,kBACAO,YACAC,gBAWF,OARIyB,GAAgB6E,MAAMC,QAAQ9E,KAChChD,EAAKgD,aAAeA,EAAaT,KAAIoE,GAAYnP,OAAAC,OAAC,CAAC,EAAIkP,MAGrDQ,IACFnH,EAAKmH,iBAAmBA,GAGnBnH,EAQT1F,kCACElD,EACA2Q,EACAvE,GAAuB,GAEvB,MAAMzC,EAAkB,IAAI+C,EAC5B/C,EAAgBmD,yBAAyB6D,GAGzC,MAAM/H,EAAO,IAAIwF,EAAS,CACxB7C,IAAKoF,EAAgBnE,QACrBxM,OACA2J,kBACAyC,gBAKF,aADM1B,EAAqB9B,GACpBA,GC/SX,MAAMgI,EAAuC,IAAIC,IAE3C,SAAUC,EAAgBC,GAC9B1P,EAAY0P,aAAeC,SAAU,+BACrC,IAAIrQ,EAAWiQ,EAAcvO,IAAI0O,GAEjC,OAAIpQ,GACFU,EACEV,aAAoBoQ,EACpB,kDAEKpQ,IAGTA,EAAW,IAAKoQ,EAChBH,EAAcK,IAAIF,EAAKpQ,GAChBA,EACT,OCrBauQ,EAAbtQ,cAEW,KAAAuQ,KAA4B,OACrC,KAAOC,QAAqC,CAAC,EAE7CtN,qBACE,OAAO,EAGTA,WAAWW,EAAa4M,GACtBpP,KAAKmP,QAAQ3M,GAAO4M,EAGtBvN,WAAuCW,GACrC,MAAM4M,EAAQpP,KAAKmP,QAAQ3M,GAC3B,YAAiB6D,IAAV+I,EAAsB,KAAQA,EAGvCvN,cAAcW,UACLxC,KAAKmP,QAAQ3M,GAGtB6M,aAAaC,EAAcC,IAK3BC,gBAAgBF,EAAcC,KA1BvBN,EAAIC,KAAW,OAqCjB,MAAMO,EAAmCR,WC9BhCS,EACdlN,EACAC,EACAnE,GAEA,MAAO,YAA4BkE,KAAOC,KAAUnE,GACtD,OAEaqR,GAKXhR,YACSiR,EACU7R,EACA8R,GAFV,KAAWD,YAAXA,EACU,KAAI7R,KAAJA,EACA,KAAO8R,QAAPA,EAEjB,MAAM,OAAElP,EAAM,KAAEpC,GAASyB,KAAKjC,KAC9BiC,KAAK8P,YAAcJ,EAAoB1P,KAAK6P,QAASlP,EAAO8B,OAAQlE,GACpEyB,KAAK+P,mBAAqBL,EAAoB,cAE5C/O,EAAO8B,OACPlE,GAEFyB,KAAKgQ,kBAAoBjS,EAAKkS,gBAAgBC,KAAKnS,GACnDiC,KAAK4P,YAAYP,aAAarP,KAAK8P,YAAa9P,KAAKgQ,mBAGvDG,eAAexJ,GACb,OAAO3G,KAAK4P,YAAYQ,KAAKpQ,KAAK8P,YAAanJ,EAAK6B,UAGtD3G,uBACE,MAAMwO,QAAarQ,KAAK4P,YAAYU,KAAoBtQ,KAAK8P,aAC7D,OAAOO,EAAOlE,EAASoE,UAAUvQ,KAAKjC,KAAMsS,GAAQ,KAGtDG,oBACE,OAAOxQ,KAAK4P,YAAYa,QAAQzQ,KAAK8P,aAGvCY,6BACE,OAAO1Q,KAAK4P,YAAYQ,KACtBpQ,KAAK+P,mBACL/P,KAAK4P,YAAYV,MAIrBrN,qBAAqB8O,GACnB,GAAI3Q,KAAK4P,cAAgBe,EACvB,OAGF,MAAM7J,QAAoB9G,KAAK4Q,iBAK/B,aAJM5Q,KAAKwQ,oBAEXxQ,KAAK4P,YAAce,EAEf7J,EACK9G,KAAKmQ,eAAerJ,QAD7B,EAKF+J,SACE7Q,KAAK4P,YAAYJ,gBAAgBxP,KAAK8P,YAAa9P,KAAKgQ,mBAG1D/O,oBACElD,EACA+S,EACAjB,EAA2B,YAE3B,IAAKiB,EAAqBjI,OACxB,OAAO,IAAI8G,GACTd,EAAaY,GACb1R,EACA8R,GAKJ,MAAMkB,SACE1N,QAAQ2N,IACZF,EAAqB5H,KAAIrH,UACvB,SAAU+N,EAAYqB,eACpB,OAAOrB,CAEO,MAGpB9F,QAAO8F,GAAeA,IAGxB,IAAIsB,EACFH,EAAsB,IACtBlC,EAAkCY,GAEpC,MAAMjN,EAAMkN,EAAoBG,EAAS9R,EAAK4C,OAAO8B,OAAQ1E,EAAKQ,MAIlE,IAAI4S,EAAqC,KAIzC,IAAK,MAAMvB,KAAekB,EACxB,IACE,MAAMT,QAAaT,EAAYU,KAAoB9N,GACnD,GAAI6N,EAAM,CACR,MAAM1J,EAAOwF,EAASoE,UAAUxS,EAAMsS,GAClCT,IAAgBsB,IAClBC,EAAgBxK,GAElBuK,EAAsBtB,EACtB,KACD,CACF,CAAC,MAAArQ,GAAO,CAKX,MAAM6R,EAAqBL,EAAsBjH,QAC/CuH,GAAKA,EAAEC,wBAIT,OACGJ,EAAoBI,uBACpBF,EAAmBvI,QAKtBqI,EAAsBE,EAAmB,GACrCD,SAGID,EAAoBd,KAAK5N,EAAK2O,EAAc3I,gBAK9CnF,QAAQ2N,IACZF,EAAqB5H,KAAIrH,UACvB,GAAI+N,IAAgBsB,EAClB,UACQtB,EAAYa,QAAQjO,EAC3B,CAAC,MAAAjD,GAAO,CACV,KAGE,IAAIoQ,GAAuBuB,EAAqBnT,EAAM8R,IArBpD,IAAIF,GAAuBuB,EAAqBnT,EAAM8R,ICrH7D,SAAU0B,GAAgBC,GAC9B,MAAMC,EAAKD,EAAUvN,cACrB,GAAIwN,EAAGC,SAAS,WAAaD,EAAGC,SAAS,SAAWD,EAAGC,SAAS,UAC9D,MAAyB,QACpB,GAAIC,GAAYF,GAErB,MAA4B,WACvB,GAAIA,EAAGC,SAAS,SAAWD,EAAGC,SAAS,YAC5C,MAAsB,KACjB,GAAID,EAAGC,SAAS,SACrB,MAAwB,OACnB,GAAIE,GAAWH,GACpB,MAA2B,UACtB,GAAIA,EAAGC,SAAS,SACrB,MAAwB,OACnB,GAAIG,GAAcJ,GAEvB,MAA8B,aACzB,GAAIK,GAASL,GAElB,MAAyB,QACpB,GAAIM,GAAUN,GACnB,MAA0B,SACrB,IACJA,EAAGC,SAAS,YAAcM,GAAaP,MACvCA,EAAGC,SAAS,SAEb,MAA0B,SACrB,GAAIO,GAAWR,GAEpB,MAA2B,UACtB,CAEL,MAAMS,EAAK,kCACLC,EAAUX,EAAUY,MAAMF,GAChC,GAAwB,KAAb,OAAPC,QAAO,IAAPA,OAAO,EAAPA,EAAStJ,QACX,OAAOsJ,EAAQ,EAElB,CACD,MAAyB,OAC3B,UAEgBP,GAAWH,GAAKY,EAAAA,EAAAA,OAC9B,MAAO,aAAaC,KAAKb,EAC3B,UAEgBM,GAAUP,GAAYa,EAAAA,EAAAA,OACpC,MAAMZ,EAAKD,EAAUvN,cACrB,OACEwN,EAAGC,SAAS,aACXD,EAAGC,SAAS,aACZD,EAAGC,SAAS,YACZD,EAAGC,SAAS,UAEjB,UAEgBM,GAAaP,GAAKY,EAAAA,EAAAA,OAChC,MAAO,WAAWC,KAAKb,EACzB,UAEgBE,GAAYF,GAAKY,EAAAA,EAAAA,OAC/B,MAAO,YAAYC,KAAKb,EAC1B,UAEgBQ,GAAWR,GAAKY,EAAAA,EAAAA,OAC9B,MAAO,WAAWC,KAAKb,EACzB,UAEgBI,GAAcJ,GAAKY,EAAAA,EAAAA,OACjC,MAAO,cAAcC,KAAKb,EAC5B,UAEgBK,GAASL,GAAKY,EAAAA,EAAAA,OAC5B,MAAO,SAASC,KAAKb,EACvB,UAEgBc,GAAOd,GAAKY,EAAAA,EAAAA,OAC1B,MACE,oBAAoBC,KAAKb,IACxB,aAAaa,KAAKb,IAAO,UAAUa,KAAKb,EAE7C,UAEgBe,GAAWf,GAAKY,EAAAA,EAAAA,OAC9B,MACE,+BAA+BC,KAAKb,IACpC,+BAA+Ba,KAAKb,EAExC,CAUgB,SAAAgB,GAAiBhB,GAAaY,EAAAA,EAAAA,OAE5C,OACEE,GAAOd,IACPQ,GAAWR,IACXK,GAASL,IACTI,GAAcJ,IACd,iBAAiBa,KAAKb,IACtBE,GAAYF,EAEhB,UCrHgBiB,GACdC,EACAC,EAAgC,IAEhC,IAAIC,EACJ,OAAQF,GACN,IAAK,UAEHE,EAAmBtB,IAAgBc,EAAAA,EAAAA,OACnC,MACF,IAAK,SAIHQ,EAAsB,GAAAtB,IAAgBc,EAAAA,EAAAA,UAAYM,IAClD,MACF,QACEE,EAAmBF,EAEvB,MAAMG,EAAqBF,EAAW/J,OAClC+J,EAAWG,KAAK,KAChB,mBACJ,MAAO,GAAGF,YAAiDrV,EAAAA,eAAesV,GAC5E,CCFOjR,eAAemR,GACpBjV,EACA4D,GAEA,OAAOG,EAIL/D,EAGA,4BAAA2D,EAAmB3D,EAAM4D,GAE7B,CC7CM,SAAUsR,GACdC,GAEA,YACiB7M,IAAf6M,QAC0C7M,IAAzC6M,EAAyBC,WAE9B,CAsBM,SAAUC,GACdF,GAEA,YACiB7M,IAAf6M,QACkD7M,IAAjD6M,EAAkCG,UAEvC,OASaC,GAWX3U,YAAYyE,GACV,GARF,KAAOmQ,QAAW,GAKlB,KAAoBC,sBAAY,OAGAnN,IAA1BjD,EAASqQ,aACX,MAAM,IAAItU,MAAM,0BAGlBa,KAAKuT,QAAUnQ,EAASqQ,aAAa1P,MAAM,KAAK,GAChD/D,KAAKwT,qBAAuBpQ,EAASsQ,0BAA0B1J,MAC7D2J,GACgC,4BAA9BA,EAAiBvK,UACqB,QAAtCuK,EAAiBA,oBCrEnB,SAAUC,GAAQ9S,GAEtB,OAAO,IAAIuC,SAAQ,CAACwQ,EAAS/O,KAC3B,MAAMgP,EAAKC,SAASC,cAAc,UAPtC,QAQIF,EAAGG,aAAa,MAAOnT,GACvBgT,EAAGI,OAASL,EACZC,EAAGK,QAAUhQ,IACX,MAAM5G,EAAQM,EAAa,kBAC3BN,EAAM6H,WAAajB,EACnBW,EAAOvH,EAAM,EAEfuW,EAAG5E,KAAO,kBACV4E,EAAGM,QAAU,SAfkC,QAA1CrG,EAAwC,QAAxCxO,EAAAwU,SAASM,qBAAqB,eAAU,IAAA9U,OAAA,EAAAA,EAAA,UAAE,IAAAwO,EAAAA,EAAIgG,UAgB1BO,YAAYR,EAAG,GAE5C,CAEM,SAAUS,GAAsBC,GACpC,MAAY,KAAAA,IAAShU,KAAKiU,MAAsB,IAAhBjU,KAAKkU,WACvC,OCNaC,GAaXhW,YAAYiW,GATH,KAAI1F,KAPmC,uBAiB9ClP,KAAKjC,KAAO8W,GAAUD,GAQxB/S,aACEiT,EAAiB,SACjB1J,GAAe,GAuCf,SAAS2J,EACPxB,EACAM,EACA/O,GAEA,MAAMoO,EAAa8B,OAAO9B,WACtBE,GAAaF,GACfA,EAAWG,WAAW4B,OAAM,KAC1B/B,EAAWG,WACR6B,QAAQ3B,EAAS,CAAEuB,WACnBK,MAAKlP,IACJ4N,EAAQ5N,EAAM,IAEfmP,OAAM,KACLvB,EA/EY,eA+EO,GACnB,IAGN/O,EAAO3F,MAAM,2CAIjB,OAAO,IAAIkE,SAAgB,CAACwQ,EAAS/O,MA3DrCjD,eAA+B9D,GAC7B,IAAKqN,EAAc,CACjB,GAAqB,MAAjBrN,EAAK6D,UAAkD,MAA9B7D,EAAKsX,sBAChC,OAAOtX,EAAKsX,sBAAsB9B,QAEpC,GACmB,MAAjBxV,EAAK6D,eAC2CyE,IAAhDtI,EAAKuX,wBAAwBvX,EAAK6D,UAElC,OAAO7D,EAAKuX,wBAAwBvX,EAAK6D,UAAU2R,OAEtD,CAED,OAAO,IAAIlQ,SAAgBxB,MAAOgS,EAAS/O,KACzCkO,GAAmBjV,EAAM,CACvBwX,WAAmC,kBACnCC,QAAoC,yBAEnCL,MAAK/R,IACJ,QAA8BiD,IAA1BjD,EAASqQ,aAEN,CACL,MAAM9S,EAAS,IAAI2S,GAAgBlQ,GAMnC,OALqB,MAAjBrF,EAAK6D,SACP7D,EAAKsX,sBAAwB1U,EAE7B5C,EAAKuX,wBAAwBvX,EAAK6D,UAAYjB,EAEzCkT,EAAQlT,EAAO4S,QACvB,CATCzO,EAAO,IAAI3F,MAAM,2CASlB,IAEFiW,OAAM7X,IACLuH,EAAOvH,EAAM,GACb,KA2BNkY,CAAgBzV,KAAKjC,MAClBoX,MAAK5B,IACJ,IAAKnI,GAAgBgI,GAAa4B,OAAO9B,YACvC6B,EAAuBxB,EAASM,EAAS/O,OACpC,CACL,GAAsB,qBAAXkQ,OAIT,YAHAlQ,EACE,IAAI3F,MAAM,mDAIdyU,GAtGV,yDAuGgDL,GACnC4B,MAAK,KACJJ,EAAuBxB,EAASM,EAAS/O,EAAO,IAEjDsQ,OAAM7X,IACLuH,EAAOvH,EAAM,GAElB,KAEF6X,OAAM7X,IACLuH,EAAOvH,EAAM,GACb,KAKHsE,eAAe6T,GACpB3X,EACA4D,EACAmT,EACAa,GAAc,GAEd,MAAMC,EAAW,IAAIjB,GAA4B5W,GACjD,IAAI8X,EACJ,IACEA,QAAwBD,EAASE,OAAOhB,EACzC,CAAC,MAAOvX,GACPsY,QAAwBD,EAASE,OAAOhB,GAAQ,EACjD,CACD,MAAMiB,EAAU5X,OAAAC,OAAA,GAAQuD,GAUxB,OATKgU,EAGHxX,OAAOC,OAAO2X,EAAY,CAAE,YAAeF,IAF3C1X,OAAOC,OAAO2X,EAAY,CAAEF,oBAI9B1X,OAAOC,OAAO2X,EAAY,CAAE,WAAc,oBAC1C5X,OAAOC,OAAO2X,EAAY,CACxB,iBAA+C,yBAE1CA,CACT,OCrJaC,GAGXrX,YAA6BZ,GAAA,KAAIA,KAAJA,EAFZ,KAAKkY,MAAsB,GAI5CC,aACEzI,EACA0I,GAIA,MAAMC,EACJzP,GAEA,IAAItD,SAAQ,CAACwQ,EAAS/O,KACpB,IAIE+O,EAHepG,EAAS9G,GAIzB,CAAC,MAAOxC,GAEPW,EAAOX,EACR,KAGLiS,EAAgBD,QAAUA,EAC1BnW,KAAKiW,MAAMI,KAAKD,GAEhB,MAAME,EAAQtW,KAAKiW,MAAMpN,OAAS,EAClC,MAAO,KAGL7I,KAAKiW,MAAMK,GAAS,IAAMjT,QAAQwQ,SAAS,EAI/ChS,oBAAoB0U,GAClB,GAAIvW,KAAKjC,KAAK+I,cAAgByP,EAC5B,OAMF,MAAMC,EAAkC,GACxC,IACE,IAAK,MAAMC,KAAuBzW,KAAKiW,YAC/BQ,EAAoBF,GAGtBE,EAAoBN,SACtBK,EAAaH,KAAKI,EAAoBN,QAG3C,CAAC,MAAOhS,GAGPqS,EAAaE,UACb,IAAK,MAAMP,KAAWK,EACpB,IACEL,GACD,CAAC,MAAOtR,IAKX,MAAM7E,KAAKjC,KAAKe,cAAcT,OAAoC,iBAChEsY,gBAA6B,OAAXxS,QAAA,IAAAA,OAAA,EAAAA,EAAalG,SAElC,SChBQ2Y,GAkCXjY,YACkBkY,EACCC,EACAC,EACDpW,GAHA,KAAGkW,IAAHA,EACC,KAAwBC,yBAAxBA,EACA,KAAuBC,wBAAvBA,EACD,KAAMpW,OAANA,EArClB,KAAWmG,YAAgB,KAC3B,KAAckQ,eAA0B,KAChC,KAAAC,WAAa5T,QAAQwQ,UAGrB,KAAAqD,sBAAwB,IAAIC,GAAmBnX,MAC/C,KAAAoX,oBAAsB,IAAID,GAAmBnX,MACpC,KAAAqX,iBAAmB,IAAIrB,GAAoBhW,MACpD,KAAYsX,aAAwB,KACpC,KAAyBC,2BAAG,EAIpC,KAAgBtU,kBAAG,EACnB,KAAcuU,gBAAG,EACjB,KAAQC,UAAG,EACX,KAAsBC,uBAAyB,KAC/C,KAAsBC,uBAAyC,KAC/D,KAAa7Y,cACXhC,EACF,KAAqBuY,sBAA2B,KAChD,KAAuBC,wBAAoC,CAAC,EAMpD,KAAesC,qBAA8BvR,EAErD,KAAYzD,aAAkB,KAC9B,KAAQhB,SAAkB,KAC1B,KAAAiW,SAAyB,CAAEC,mCAAmC,GAohBtD,KAAUlF,WAAa,GA5gB7B5S,KAAKzB,KAAOsY,EAAItY,KAChByB,KAAK+X,cAAgBpX,EAAOqX,iBAG9BC,2BACEnH,EACAoH,GA2CA,OAzCIA,IACFlY,KAAK2X,uBAAyB9I,EAAaqJ,IAK7ClY,KAAK0X,uBAAyB1X,KAAKiW,OAAMpU,kBACvC,IAAI7B,KAAKyX,WAITzX,KAAKmY,yBAA2BxI,GAAuBtR,OACrD2B,KACA8Q,IAGE9Q,KAAKyX,UAAT,CAMA,GAA+B,QAA3BlY,EAAAS,KAAK2X,8BAAsB,IAAApY,OAAA,EAAAA,EAAE6Y,uBAE/B,UACQpY,KAAK2X,uBAAuBU,YAAYrY,KAC/C,CAAC,MAAOmE,UAKLnE,KAAKsY,sBAAsBJ,GACjClY,KAAK4X,iBAAoC,QAAlB7J,EAAA/N,KAAK8G,mBAAa,IAAAiH,OAAA,EAAAA,EAAAzE,MAAO,KAE5CtJ,KAAKyX,WAITzX,KAAKwX,gBAAiB,EApBrB,CAoByB,IAGrBxX,KAAK0X,uBAMd7V,wBACE,GAAI7B,KAAKyX,SACP,OAGF,MAAM9Q,QAAa3G,KAAKuY,oBAAoB3H,iBAE5C,OAAK5Q,KAAK8G,aAAgBH,EAMtB3G,KAAK8G,aAAeH,GAAQ3G,KAAK8G,YAAYwC,MAAQ3C,EAAK2C,KAE5DtJ,KAAKwY,aAAazM,QAAQpF,cAGpB3G,KAAK8G,YAAYiB,yBAMnB/H,KAAKyY,mBAAmB9R,GAAqC,QAjBnE,EAoBM9E,4BACNqW,SAGA,MAAMQ,QACG1Y,KAAKuY,oBAAoB3H,iBAClC,IAAI+H,EAAoBD,EACpBE,GAAyB,EAC7B,GAAIV,GAAyBlY,KAAKW,OAAOkY,WAAY,OAC7C7Y,KAAK8Y,sCACX,MAAMC,EAAuC,QAAjBxZ,EAAAS,KAAKsX,oBAAY,IAAA/X,OAAA,EAAAA,EAAEuO,iBACzCkL,EAAqC,OAAjBL,QAAA,IAAAA,OAAA,EAAAA,EAAmB7K,iBACvCmL,QAAejZ,KAAKkZ,kBAAkBhB,GAOxCa,GAAuBA,IAAwBC,KAC3C,OAANC,QAAM,IAANA,OAAM,EAANA,EAAQtS,QAERgS,EAAoBM,EAAOtS,KAC3BiS,GAAyB,EAE5B,CAGD,IAAKD,EACH,OAAO3Y,KAAKmZ,uBAAuB,MAGrC,IAAKR,EAAkB7K,iBAAkB,CAGvC,GAAI8K,EACF,UACQ5Y,KAAKqX,iBAAiB+B,cAAcT,EAC3C,CAAC,MAAOxU,GACPwU,EAAoBD,EAGpB1Y,KAAK2X,uBAAwB0B,wBAAwBrZ,MAAM,IACzDqD,QAAQyB,OAAOX,IAElB,CAGH,OAAIwU,EACK3Y,KAAKsZ,+BAA+BX,GAEpC3Y,KAAKmZ,uBAAuB,KAEtC,CAQD,OANApa,EAAQiB,KAAK2X,uBAAwB3X,KAAM,wBACrCA,KAAK8Y,sCAMT9Y,KAAKsX,cACLtX,KAAKsX,aAAaxJ,mBAAqB6K,EAAkB7K,iBAElD9N,KAAKmZ,uBAAuBR,GAG9B3Y,KAAKsZ,+BAA+BX,GAGrC9W,wBACN0X,GAkBA,IAAIN,EAAgC,KACpC,IAGEA,QAAejZ,KAAK2X,uBAAwB6B,oBAC1CxZ,KACAuZ,GACA,EAEH,CAAC,MAAOpV,SAGDnE,KAAKyZ,iBAAiB,KAC7B,CAED,OAAOR,EAGDpX,qCACN8E,GAEA,UACQ8B,EAAqB9B,EAC5B,CAAC,MAAOxC,GACP,GAEU,iCADY,OAAnBA,QAAA,IAAAA,OAAA,EAAAA,EAAqBnG,MAKtB,OAAOgC,KAAKmZ,uBAAuB,KAEtC,CAED,OAAOnZ,KAAKmZ,uBAAuBxS,GAGrC+S,oBACE1Z,KAAK4C,wBzB/RP,GAAyB,qBAAdvC,UACT,OAAO,KAET,MAAMsZ,EAAuCtZ,UAC7C,OAEGsZ,EAAkBC,WAAaD,EAAkBC,UAAU,IAG5DD,EAAkBE,UAElB,IAEJ,CyBkRwBC,GAGtBjY,gBACE7B,KAAKyX,UAAW,EAGlB5V,wBAAwBkY,GAGtB,MAAMpT,EAAOoT,GACRlN,EAAAA,EAAAA,IAAmBkN,GACpB,KAQJ,OAPIpT,GACF5H,EACE4H,EAAK5I,KAAK4C,OAAO8B,SAAWzC,KAAKW,OAAO8B,OACxCzC,KAAI,sBAIDA,KAAKyY,mBAAmB9R,GAAQA,EAAKqF,OAAOhM,OAGrD6B,yBACE8E,EACAqT,GAAoC,GAEpC,IAAIha,KAAKyX,SAeT,OAZI9Q,GACF5H,EACEiB,KAAK4B,WAAa+E,EAAK/E,SACvB5B,KAAI,sBAKHga,SACGha,KAAKqX,iBAAiB+B,cAAczS,GAGrC3G,KAAKiW,OAAMpU,gBACV7B,KAAKmZ,uBAAuBxS,GAClC3G,KAAKia,qBAAqB,IAI9BpY,gBAUE,aARM7B,KAAKqX,iBAAiB+B,cAAc,OAEtCpZ,KAAKka,4BAA8Bla,KAAK2X,+BACpC3X,KAAKyZ,iBAAiB,MAKvBzZ,KAAKyY,mBAAmB,MAAqC,GAGtE0B,eAAevK,GACb,OAAO5P,KAAKiW,OAAMpU,gBACV7B,KAAKuY,oBAAoB4B,eAAetL,EAAae,GAAa,IAI5E/N,kCACE,MAAMuB,QAAiB4P,GAAmBhT,KAAM,CAC9CuV,WAAmC,kBACnCC,QAAoC,yBAGhC7U,EAAS,IAAI2S,GAAgBlQ,GAOnC,GANqB,MAAjBpD,KAAK4B,SACP5B,KAAKqV,sBAAwB1U,EAE7BX,KAAKsV,wBAAwBtV,KAAK4B,UAAYjB,EAG5CA,EAAO6S,qBAAsB,CACd,IAAImB,GAA4B3U,MACnC8V,QACf,EAGHsE,sBACE,OAAqB,MAAjBpa,KAAK4B,SACA5B,KAAKqV,sBAELrV,KAAKsV,wBAAwBtV,KAAK4B,UAI7CyY,kBACE,OAAOra,KAAKuY,oBAAoB3I,YAAYV,KAG9CoL,gBAAgBpc,GACd8B,KAAKlB,cAAgB,IAAI/B,EAAAA,GACvB,OACA,WACCmB,KAILqc,mBACEC,EACAjd,EACAkd,GAEA,OAAOza,KAAK0a,sBACV1a,KAAKkX,sBACLsD,EACAjd,EACAkd,GAIJE,uBACElN,EACA0I,GAEA,OAAOnW,KAAKqX,iBAAiBnB,aAAazI,EAAU0I,GAGtDyE,iBACEJ,EACAjd,EACAkd,GAEA,OAAOza,KAAK0a,sBACV1a,KAAKoX,oBACLoD,EACAjd,EACAkd,GAIJjS,eACE,MAAO,CACL/F,OAAQzC,KAAKW,OAAO8B,OACpBoW,WAAY7Y,KAAKW,OAAOkY,WACxBva,QAAS0B,KAAKzB,KACduI,YAA8B,QAAjBvH,EAAAS,KAAKwY,oBAAY,IAAAjZ,OAAA,EAAAA,EAAEiJ,UAIpC3G,uBACE8E,EACAuR,GAEA,MAAM2C,QAAwB7a,KAAK8Y,oCACjCZ,GAEF,OAAgB,OAATvR,EACHkU,EAAgBrK,oBAChBqK,EAAgB1K,eAAexJ,GAG7B9E,0CACNqW,GAEA,IAAKlY,KAAKka,2BAA4B,CACpC,MAAMY,EACH5C,GAAyBrJ,EAAaqJ,IACvClY,KAAK2X,uBACP5Y,EAAQ+b,EAAU9a,KAAM,kBACxBA,KAAKka,iCAAmCvK,GAAuBtR,OAC7D2B,KACA,CAAC6O,EAAaiM,EAASC,uBAAsB,gBAG/C/a,KAAKsX,mBACGtX,KAAKka,2BAA2BtJ,gBACzC,CAED,OAAO5Q,KAAKka,2BAGdrY,yBAAyBmZ,WAOvB,OAJIhb,KAAKwX,sBACDxX,KAAKiW,OAAMpU,eAGI,QAAnBtC,EAAAS,KAAKwY,oBAAc,IAAAjZ,OAAA,EAAAA,EAAAuO,oBAAqBkN,EACnChb,KAAKwY,cAGS,QAAnBzK,EAAA/N,KAAKsX,oBAAc,IAAAvJ,OAAA,EAAAA,EAAAD,oBAAqBkN,EACnChb,KAAKsX,aAGP,KAGTzV,4BAA4B8E,GAC1B,GAAIA,IAAS3G,KAAK8G,YAChB,OAAO9G,KAAKiW,OAAMpU,SAAY7B,KAAKmZ,uBAAuBxS,KAK9D+F,0BAA0B/F,GACpBA,IAAS3G,KAAK8G,aAChB9G,KAAKia,sBAIT3K,OACE,MAAO,GAAGtP,KAAKW,OAAOkY,cAAc7Y,KAAKW,OAAO8B,UAAUzC,KAAKzB,OAGjEmP,yBACE1N,KAAKuX,2BAA4B,EAC7BvX,KAAK8G,aACP9G,KAAKwY,aAAa9K,yBAItBC,wBACE3N,KAAKuX,2BAA4B,EAC7BvX,KAAK8G,aACP9G,KAAKwY,aAAa7K,wBAKlB6K,mBACF,OAAOxY,KAAK8G,YAGNmT,8BACN,IAAKja,KAAKwX,eACR,OAGFxX,KAAKoX,oBAAoB6D,KAAKjb,KAAK8G,aAEnC,MAAMoU,EAAsC,QAAzBnN,EAAkB,QAAlBxO,EAAAS,KAAK8G,mBAAa,IAAAvH,OAAA,EAAAA,EAAA+J,WAAO,IAAAyE,EAAAA,EAAA,KACxC/N,KAAK4X,kBAAoBsD,IAC3Blb,KAAK4X,gBAAkBsD,EACvBlb,KAAKkX,sBAAsB+D,KAAKjb,KAAK8G,cAIjC4T,sBACNS,EACAX,EACAjd,EACAkd,GAEA,GAAIza,KAAKyX,SACP,MAAO,OAGT,MAAM2D,EACsB,oBAAnBZ,EACHA,EACAA,EAAeS,KAAK/K,KAAKsK,GAEzBjX,EAAUvD,KAAKwX,eACjBnU,QAAQwQ,UACR7T,KAAK0X,uBAMT,OALA3Y,EAAQwE,EAASvD,KAAM,kBAGvBuD,EAAQ4R,MAAK,IAAMiG,EAAGpb,KAAK8G,eAEG,oBAAnB0T,EACFW,EAAaE,YAAYb,EAAgBjd,EAAOkd,GAEhDU,EAAaE,YAAYb,GAS5B3Y,6BACN8E,GAEI3G,KAAK8G,aAAe9G,KAAK8G,cAAgBH,GAC3C3G,KAAKwY,aAAa7K,wBAEhBhH,GAAQ3G,KAAKuX,2BACf5Q,EAAK+G,yBAGP1N,KAAK8G,YAAcH,EAEfA,QACI3G,KAAKuY,oBAAoBpI,eAAexJ,SAExC3G,KAAKuY,oBAAoB/H,oBAI3ByF,MAAMnB,GAIZ,OADA9U,KAAKiX,WAAajX,KAAKiX,WAAW9B,KAAKL,EAAQA,GACxC9U,KAAKiX,WAGFsB,0BAEV,OADAxZ,EAAQiB,KAAKmY,mBAAoBnY,KAAM,kBAChCA,KAAKmY,mBAKdmD,cAAcC,GACPA,IAAavb,KAAK4S,WAAWlB,SAAS6J,KAG3Cvb,KAAK4S,WAAWyD,KAAKkF,GAIrBvb,KAAK4S,WAAW4I,OAChBxb,KAAK+X,cAAgBrF,GACnB1S,KAAKW,OAAOgS,eACZ3S,KAAKyb,mBAGTA,iBACE,OAAOzb,KAAK4S,WAEd/Q,oCAEE,MAAMa,EAAkC,CACtC,mBAA+B1C,KAAK+X,eAGlC/X,KAAK6W,IAAI6E,QAAQC,QACnBjZ,EAAQ,oBAA+B1C,KAAK6W,IAAI6E,QAAQC,OAI1D,MAAMC,QAIF,QAJ2Brc,EAAAS,KAAK8W,yBACjC+E,aAAa,CACZC,UAAU,WAEV,IAAAvc,OAAA,EAAAA,EAAAwc,uBACAH,IACFlZ,EAAQ,qBAAgCkZ,GAI1C,MAAMI,QAAsBhc,KAAKic,oBAKjC,OAJID,IACFtZ,EAAQ,uBAAmCsZ,GAGtCtZ,EAGTb,gCACE,MAAMqa,QAEF,QAF8B3c,EAAAS,KAAK+W,wBACpC8E,aAAa,CAAEC,UAAU,WACxB,IAAAvc,OAAA,EAAAA,EAAAiN,YAUJ,OATI,OAAA0P,QAAmB,IAAnBA,OAAmB,EAAnBA,EAAqB3e,iB7BjpBJJ,KAAgBC,GACnCJ,EAAUK,UAAYC,EAAAA,GAAAA,MACxBN,EAAUmf,KAAK,SAAS3e,EAAAA,iBAAiBL,OAAUC,EAEvD,C6BkpBMgf,CAC6C,2CAAAF,EAAoB3e,SAG5D,OAAA2e,QAAmB,IAAnBA,OAAmB,EAAnBA,EAAqBjW,OAU1B,SAAU4O,GAAU9W,GACxB,OAAO8O,EAAAA,EAAAA,IAAmB9O,EAC5B,CAGA,MAAMoZ,GAMJxY,YAAqBZ,GAAA,KAAIA,KAAJA,EALb,KAAQse,SAA8B,KACrC,KAAAhB,aAAmCiB,EAAAA,EAAAA,KAC1CD,GAAarc,KAAKqc,SAAWA,IAK3BpB,WAEF,OADAlc,EAAQiB,KAAKqc,SAAUrc,KAAKjC,KAAM,kBAC3BiC,KAAKqc,SAASpB,KAAK/K,KAAKlQ,KAAKqc,oBC/qBxBE,GACdxe,EACA+C,EACA4a,GAEA,MAAMc,EAAe3H,GAAU9W,GAC/BgB,EACEyd,EAAavZ,iBACbuZ,EAAY,0BAIdzd,EACE,eAAeuT,KAAKxR,GACpB0b,EAAY,2BAId,MAAMC,KAAoB,OAAAf,QAAA,IAAAA,OAAA,EAAAA,EAASe,iBAE7B7c,EAAW8c,GAAgB5b,IAC3B,KAAE2D,EAAI,KAAEkY,GAuBhB,SAA4B7b,GAI1B,MAAMlB,EAAW8c,GAAgB5b,GAC3B8b,EAAY,mBAAmBC,KAAK/b,EAAIgc,OAAOld,EAASiJ,SAC9D,IAAK+T,EACH,MAAO,CAAEnY,KAAM,GAAIkY,KAAM,MAE3B,MAAMI,EAAcH,EAAU,GAAG7Y,MAAM,KAAKiZ,OAAS,GAC/CC,EAAgB,qBAAqBJ,KAAKE,GAChD,GAAIE,EAAe,CACjB,MAAMxY,EAAOwY,EAAc,GAC3B,MAAO,CAAExY,OAAMkY,KAAMO,GAAUH,EAAYD,OAAOrY,EAAKoE,OAAS,IACjE,CAAM,CACL,MAAOpE,EAAMkY,GAAQI,EAAYhZ,MAAM,KACvC,MAAO,CAAEU,OAAMkY,KAAMO,GAAUP,GAChC,CACH,CAzCyBQ,CAAmBrc,GACpCsc,EAAmB,OAATT,EAAgB,GAAS,IAAAA,IAGzCH,EAAa7b,OAAOE,SAAW,CAAEC,IAAQ,GAAAlB,MAAa6E,IAAO2Y,MAC7DZ,EAAa3E,SAASC,mCAAoC,EAC1D0E,EAAaxF,eAAiB7Y,OAAOkf,OAAO,CAC1C5Y,OACAkY,OACA/c,SAAUA,EAASsE,QAAQ,IAAK,IAChCwX,QAASvd,OAAOkf,OAAO,CAAEZ,sBAGtBA,GAyCP,WACE,SAASa,IACP,MAAMxJ,EAAKC,SAASC,cAAc,KAC5BuJ,EAAMzJ,EAAG0J,MACf1J,EAAG2J,UACD,oEACFF,EAAIG,SAAW,QACfH,EAAII,MAAQ,OACZJ,EAAIK,gBAAkB,UACtBL,EAAIM,OAAS,qBACbN,EAAIO,MAAQ,UACZP,EAAIQ,OAAS,MACbR,EAAIS,KAAO,MACXT,EAAIU,OAAS,MACbV,EAAIW,OAAS,QACbX,EAAIY,UAAY,SAChBrK,EAAGsK,UAAUC,IAAI,6BACjBtK,SAAS7R,KAAKoS,YAAYR,GAGL,qBAAZwK,SAAmD,oBAAjBA,QAAQC,MACnDD,QAAQC,KACN,gIAKkB,qBAAXvJ,QAA8C,qBAAbjB,WACd,YAAxBA,SAASyK,WACXxJ,OAAOyJ,iBAAiB,mBAAoBnB,GAE5CA,IAGN,CA1EIoB,EAEJ,CAEA,SAAShC,GAAgB5b,GACvB,MAAM6d,EAAc7d,EAAI8d,QAAQ,KAChC,OAAOD,EAAc,EAAI,GAAK7d,EAAIgc,OAAO,EAAG6B,EAAc,EAC5D,CAsBA,SAASzB,GAAUE,GACjB,IAAKA,EACH,OAAO,KAET,MAAMT,EAAOjX,OAAO0X,GACpB,OAAIzX,MAAMgX,GACD,KAEFA,CACT,OCtFakC,GAEXlgB,YAOWwK,EASA2V,GATA,KAAU3V,WAAVA,EASA,KAAY2V,aAAZA,EAQXtW,SACE,OAAOvJ,EAAU,mBAInB8f,oBAAoBC,GAClB,OAAO/f,EAAU,mBAGnBggB,eACED,EACAE,GAEA,OAAOjgB,EAAU,mBAGnBkgB,6BAA6BH,GAC3B,OAAO/f,EAAU,oBChCd4C,eAAeud,GACpBrhB,EACA4D,GAEA,OAAOG,EACL/D,EAGA,oCAAA2D,EAAmB3D,EAAM4D,GAE7B,CAUOE,eAAewd,GACpBthB,EACA4D,GAEA,OAAOG,EAGL/D,EAAkD,6BAAA4D,EACtD,CCxBOE,eAAeyd,GACpBvhB,EACA4D,GAEA,OAAO2C,EAILvG,EAGA,yCAAA2D,EAAmB3D,EAAM4D,GAE7B,CAoDAE,eAAe0d,GACbxhB,EACA4D,GAEA,OAAOG,EACL/D,EAGA,kCAAA2D,EAAmB3D,EAAM4D,GAE7B,CASOE,eAAe2d,GACpBzhB,EACA4D,GAEA,OAAO4d,GAAYxhB,EAAM4D,EAC3B,CAEOE,eAAe4d,GACpB1hB,EACA4D,GAEA,OAAO4d,GAAYxhB,EAAM4D,EAC3B,CChGM,MAAO+d,WAA4Bb,GAEvClgB,YAEWghB,EAEAC,EACTd,EAESe,EAA2B,MAEpCC,MAAM,WAAqBhB,GAPlB,KAAMa,OAANA,EAEA,KAASC,UAATA,EAGA,KAASC,UAATA,EAMX5e,6BACEiE,EACA6a,GAEA,OAAO,IAAIL,GACTxa,EACA6a,EAAQ,YAMZ9e,yBACEiE,EACA8a,EACApe,EAA0B,MAE1B,OAAO,IAAI8d,GACTxa,EACA8a,EAAO,YAEPpe,GAKJ4G,SACE,MAAO,CACLtD,MAAOlF,KAAK2f,OACZI,SAAU/f,KAAK4f,UACfd,aAAc9e,KAAK8e,aACnBld,SAAU5B,KAAK6f,WAYnB5e,gBAAgBwC,GACd,MAAMwc,EAAsB,kBAATxc,EAAoBrB,KAAKoE,MAAM/C,GAAQA,EAC1D,IAAO,OAAHwc,QAAG,IAAHA,OAAG,EAAHA,EAAK/a,SAAY,OAAH+a,QAAG,IAAHA,OAAG,EAAHA,EAAKF,UAAU,CAC/B,GAAyB,aAArBE,EAAInB,aACN,OAAO9e,KAAKkgB,sBAAsBD,EAAI/a,MAAO+a,EAAIF,UAC5C,GAAyB,cAArBE,EAAInB,aACb,OAAO9e,KAAKmgB,kBAAkBF,EAAI/a,MAAO+a,EAAIF,SAAUE,EAAIre,SAE9D,CACD,OAAO,KAITC,0BAA0B9D,SACxB,OAAQiC,KAAK8e,cACX,IAAK,WACH,MAAMnd,EAAqC,CACzCye,mBAAmB,EACnBlb,MAAOlF,KAAK2f,OACZI,SAAU/f,KAAK4f,UACfrK,WAAmC,mBAErC,GAA8B,QAA1BhW,EAAAxB,EAAKqc,6BAAqB,IAAA7a,OAAA,EAAAA,EAAEiU,qBAAsB,CACpD,MAAM6M,QAA6B3K,GACjC3X,EACA4D,EAAO,sBAGT,OAAO2d,GAAmBvhB,EAAMsiB,EACjC,CACC,OAAOf,GAAmBvhB,EAAM4D,GAASyT,OAAMvT,UAC7C,GACyB,iCAAvBtE,EAAMS,KACN,CACAsgB,QAAQgC,IACN,oKAEF,MAAMD,QAA6B3K,GACjC3X,EACA4D,EAAO,sBAGT,OAAO2d,GAAmBvhB,EAAMsiB,EACjC,CACC,OAAOhd,QAAQyB,OAAOvH,EACvB,IAGP,IAAK,YACH,OCnHDsE,eACL9D,EACA4D,GAEA,OAAO2C,EAILvG,EAGA,0CAAA2D,EAAmB3D,EAAM4D,GAE7B,CDsGe4e,CAAoBxiB,EAAM,CAC/BmH,MAAOlF,KAAK2f,OACZK,QAAShgB,KAAK4f,YAElB,QACEniB,EAAMM,EAAM,mBAKlB8D,qBACE9D,EACA2K,GAEA,OAAQ1I,KAAK8e,cACX,IAAK,WACH,OAAOO,GAAoBthB,EAAM,CAC/B2K,UACA0X,mBAAmB,EACnBlb,MAAOlF,KAAK2f,OACZI,SAAU/f,KAAK4f,YAEnB,IAAK,YACH,OCtHD/d,eACL9D,EACA4D,GAEA,OAAO2C,EAILvG,EAGA,0CAAA2D,EAAmB3D,EAAM4D,GAE7B,CDyGe6e,CAA8BziB,EAAM,CACzC2K,UACAxD,MAAOlF,KAAK2f,OACZK,QAAShgB,KAAK4f,YAElB,QACEniB,EAAMM,EAAM,mBAKlBohB,6BAA6BphB,GAC3B,OAAOiC,KAAK+e,oBAAoBhhB,IE1I7B8D,eAAe4e,GACpB1iB,EACA4D,GAEA,OAAO2C,EACLvG,EAGA,oCAAA2D,EAAmB3D,EAAM4D,GAE7B,CCDM,MAAO+e,WAAwB7B,GAArClgB,kCAqBU,KAAYgiB,aAAkB,KAGtC1f,mBAAmBkB,GACjB,MAAMye,EAAO,IAAIF,GAAgBve,EAAOgH,WAAYhH,EAAO2c,cA4B3D,OA1BI3c,EAAOuG,SAAWvG,EAAOwI,aAEvBxI,EAAOuG,UACTkY,EAAKlY,QAAUvG,EAAOuG,SAGpBvG,EAAOwI,cACTiW,EAAKjW,YAAcxI,EAAOwI,aAIxBxI,EAAO0e,QAAU1e,EAAOwe,eAC1BC,EAAKC,MAAQ1e,EAAO0e,OAGlB1e,EAAOwe,eACTC,EAAKD,aAAexe,EAAOwe,eAEpBxe,EAAO2e,YAAc3e,EAAO4e,kBAErCH,EAAKjW,YAAcxI,EAAO2e,WAC1BF,EAAKI,OAAS7e,EAAO4e,kBAErBtjB,EAAM,kBAGDmjB,EAITpY,SACE,MAAO,CACLE,QAAS1I,KAAK0I,QACdiC,YAAa3K,KAAK2K,YAClBqW,OAAQhhB,KAAKghB,OACbH,MAAO7gB,KAAK6gB,MACZF,aAAc3gB,KAAK2gB,aACnBxX,WAAYnJ,KAAKmJ,WACjB2V,aAAc9e,KAAK8e,cAavB7d,gBAAgBwC,GACd,MAAMwc,EAAsB,kBAATxc,EAAoBrB,KAAKoE,MAAM/C,GAAQA,GACpD,WAAE0F,EAAU,aAAE2V,GAAiDmB,EAAhCtiB,GAAgC0L,EAAAA,EAAAA,IAAA4W,EAA/D,+BACN,IAAK9W,IAAe2V,EAClB,OAAO,KAGT,MAAM8B,EAAO,IAAIF,GAAgBvX,EAAY2V,GAM7C,OALA8B,EAAKlY,QAAU/K,EAAK+K,cAAWrC,EAC/Bua,EAAKjW,YAAchN,EAAKgN,kBAAetE,EACvCua,EAAKI,OAASrjB,EAAKqjB,OACnBJ,EAAKC,MAAQljB,EAAKkjB,MAClBD,EAAKD,aAAehjB,EAAKgjB,cAAgB,KAClCC,EAIT7B,oBAAoBhhB,GAElB,OAAO0iB,GAAc1iB,EADLiC,KAAKihB,gBAKvBhC,eACElhB,EACA2K,GAEA,MAAM/G,EAAU3B,KAAKihB,eAErB,OADAtf,EAAQ+G,QAAUA,EACX+X,GAAc1iB,EAAM4D,GAI7Bwd,6BAA6BphB,GAC3B,MAAM4D,EAAU3B,KAAKihB,eAErB,OADAtf,EAAQuf,YAAa,EACdT,GAAc1iB,EAAM4D,GAGrBsf,eACN,MAAMtf,EAAgC,CACpCwf,WApJkB,mBAqJlBf,mBAAmB,GAGrB,GAAIpgB,KAAK2gB,aACPhf,EAAQgf,aAAe3gB,KAAK2gB,iBACvB,CACL,MAAMS,EAAmC,CAAC,EACtCphB,KAAK0I,UACP0Y,EAAmB,SAAIphB,KAAK0I,SAE1B1I,KAAK2K,cACPyW,EAAuB,aAAIphB,KAAK2K,aAE9B3K,KAAKghB,SACPI,EAA6B,mBAAIphB,KAAKghB,QAGxCI,EAAqB,WAAIphB,KAAKmJ,WAC1BnJ,KAAK6gB,QAAU7gB,KAAK2gB,eACtBS,EAAgB,MAAIphB,KAAK6gB,OAG3Blf,EAAQyf,UAAW7e,EAAAA,EAAAA,IAAY6e,EAChC,CAED,OAAOzf,GCrFX,MAAM0f,GAEF,CACF,eAAwD,kBC/EpD,MAAOC,WAA4BzC,GACvClgB,YAAqCwD,GACnC2d,MAAM,QAAD,SAD8B,KAAM3d,OAANA,EAKrClB,yBACEsgB,EACAC,GAEA,OAAO,IAAIF,GAAoB,CAAEC,iBAAgBC,qBAInDvgB,0BACEkE,EACAsc,GAEA,OAAO,IAAIH,GAAoB,CAAEnc,cAAasc,mBAIhD1C,oBAAoBhhB,GAClB,ODcG8D,eACL9D,EACA4D,GAEA,OAAO2C,EAILvG,EAGA,4CAAA2D,EAAmB3D,EAAM4D,GAE7B,CC3BW+f,CAAsB3jB,EAAMiC,KAAK2hB,4BAI1C1C,eACElhB,EACA2K,GAEA,ODqBG7G,eACL9D,EACA4D,GAEA,MAAMyB,QAAiBkB,EAIrBvG,EAAI,4CAGJ2D,EAAmB3D,EAAM4D,IAE3B,GAAIyB,EAASqe,eACX,MAAM/d,EAAiB3F,EAAuC,2CAAAqF,GAEhE,OAAOA,CACT,CCtCWwe,CAAoB7jB,EACzBI,OAAAC,OAAA,CAAAsK,WACG1I,KAAK2hB,6BAKZxC,6BAA6BphB,GAC3B,OD2CG8D,eACL9D,EACA4D,GAMA,OAAO2C,EAILvG,EAAI,4CAGJ2D,EAAmB3D,EAXLI,OAAAC,OAAAD,OAAAC,OAAA,GACXuD,GAAO,CACVkgB,UAAW,YAUXR,GAEJ,CC7DWS,CAA6B/jB,EAAMiC,KAAK2hB,4BAIjDA,2BACE,MAAM,eAAEF,EAAc,YAAEtc,EAAW,eAAEoc,EAAc,iBAAEC,GACnDxhB,KAAKmC,OACP,OAAIsf,GAAkBtc,EACb,CAAEsc,iBAAgBtc,eAGpB,CACL4c,YAAaR,EACbvjB,KAAMwjB,GAKVhZ,SACE,MAAMyX,EAA8B,CAClC9W,WAAYnJ,KAAKmJ,YAenB,OAbInJ,KAAKmC,OAAOgD,cACd8a,EAAI9a,YAAcnF,KAAKmC,OAAOgD,aAE5BnF,KAAKmC,OAAOsf,iBACdxB,EAAIwB,eAAiBzhB,KAAKmC,OAAOsf,gBAE/BzhB,KAAKmC,OAAOqf,mBACdvB,EAAIuB,iBAAmBxhB,KAAKmC,OAAOqf,kBAEjCxhB,KAAKmC,OAAOof,iBACdtB,EAAIsB,eAAiBvhB,KAAKmC,OAAOof,gBAG5BtB,EAIThf,gBAAgBwC,GACM,kBAATA,IACTA,EAAOrB,KAAKoE,MAAM/C,IAGpB,MAAM,eAAE8d,EAAc,iBAAEC,EAAgB,YAAErc,EAAW,eAAEsc,GACrDhe,EACF,OACG+d,GACAD,GACApc,GACAsc,EAKI,IAAIH,GAAoB,CAC7BC,iBACAC,mBACArc,cACAsc,mBAPO,YC7CAO,GAiCXrjB,YAAYsjB,mBACV,MAAMC,GAAeC,EAAAA,EAAAA,KAAkBC,EAAAA,EAAAA,IAAmBH,IACpDxf,EAAyC,QAAhClD,EAAA2iB,EAAgC,kBAAA3iB,EAAAA,EAAI,KAC7CvB,EAAoC,QAA7B+P,EAAAmU,EAA6B,mBAAAnU,EAAAA,EAAI,KACxC8T,EApFV,SAAmBQ,GACjB,OAAQA,GACN,IAAK,eACH,MAAyC,gBAC3C,IAAK,gBACH,MAA0C,iBAC5C,IAAK,SACH,MAAwC,eAC1C,IAAK,cACH,MAAwC,eAC1C,IAAK,uBACH,MAAmD,0BACrD,IAAK,6BACH,MAAyD,gCAC3D,QACE,OAAO,KAEb,CAmEsBC,CAAuC,QAA7BtU,EAAAkU,EAA6B,gBAAAlU,EAAAA,EAAI,MAE7DjP,EAAQ0D,GAAUzE,GAAQ6jB,EAAW,kBACrC7hB,KAAKyC,OAASA,EACdzC,KAAK6hB,UAAYA,EACjB7hB,KAAKhC,KAAOA,EACZgC,KAAKuiB,YAAmD,QAArCtU,EAAAiU,EAAqC,uBAAAjU,EAAAA,EAAI,KAC5DjO,KAAK4C,aAAqD,QAAtCsL,EAAAgU,EAAsC,wBAAAhU,EAAAA,EAAI,KAC9DlO,KAAK4B,SAA6C,QAAlCuM,EAAA+T,EAAkC,oBAAA/T,EAAAA,EAAI,KAYxDlN,iBAAiBuhB,GACf,MAAMP,EAjFV,SAAuBnhB,GACrB,MAAM0hB,GAAOL,EAAAA,EAAAA,KAAkBC,EAAAA,EAAAA,IAAmBthB,IAAY,KAGxD2hB,EAAiBD,GACnBL,EAAAA,EAAAA,KAAkBC,EAAAA,EAAAA,IAAmBI,IAAqB,aAC1D,KAEEE,GAAcP,EAAAA,EAAAA,KAAkBC,EAAAA,EAAAA,IAAmBthB,IACzC,aAKhB,OAH0B4hB,GACtBP,EAAAA,EAAAA,KAAkBC,EAAAA,EAAAA,IAAmBM,IAAoB,KACzD,OACwBA,GAAeD,GAAkBD,GAAQ1hB,CACvE,CAkEuB6hB,CAAcH,GACjC,IACE,OAAO,IAAIR,GAAcC,EAC1B,CAAC,MAAM1iB,GACN,OAAO,IACR,SCzHQqjB,GAAbjkB,cAkBW,KAAAwK,WAAayZ,GAAkBC,YAoBxC5hB,kBAAkBiE,EAAe6a,GAC/B,OAAOL,GAAoBQ,sBAAsBhb,EAAO6a,GAyB1D9e,0BACEiE,EACA4d,GAEA,MAAMC,EAAgBf,GAAcgB,UAAUF,GAG9C,OAFA/jB,EAAQgkB,EAAe,kBAEhBrD,GAAoBS,kBACzBjb,EACA6d,EAAc/kB,KACd+kB,EAAcnhB,WAtEFghB,GAAAC,YAA8C,WAI9CD,GAAAK,8BACc,WAIdL,GAAAM,0BACU,kBCXNC,GAWpBxkB,YAAqBwK,GAAA,KAAUA,WAAVA,EATrB,KAAmBia,oBAAkB,KAE7B,KAAgBC,iBAAqB,CAAC,EAc9CC,mBAAmB1gB,GACjB5C,KAAKojB,oBAAsBxgB,EAa7B2gB,oBAAoBC,GAElB,OADAxjB,KAAKqjB,iBAAmBG,EACjBxjB,KAMTyjB,sBACE,OAAOzjB,KAAKqjB,kBCZV,MAAgBK,WACZP,GADVxkB,kCAKU,KAAMglB,OAAa,GAO3BC,SAASC,GAKP,OAHK7jB,KAAK2jB,OAAOjS,SAASmS,IACxB7jB,KAAK2jB,OAAOtN,KAAKwN,GAEZ7jB,KAMT8jB,YACE,MAAO,IAAI9jB,KAAK2jB,SA4Cd,MAAOI,WAAsBL,GAKjCziB,0BAA0BwC,GACxB,MAAMwc,EAAsB,kBAATxc,EAAoBrB,KAAKoE,MAAM/C,GAAQA,EAK1D,OAJA1E,EACE,eAAgBkhB,GAAO,iBAAkBA,EAAG,kBAGvCS,GAAgBsD,YAAY/D,GAwBrCgE,WAAW9hB,GACT,OAAOnC,KAAKkkB,YAAW/lB,OAAAC,OAAAD,OAAAC,OAAC,CAAC,EAAI+D,GAAM,CAAE0e,MAAO1e,EAAOgiB,YAI7CD,YACN/hB,GAIA,OAFApD,EAAQoD,EAAOuG,SAAWvG,EAAOwI,YAAa,kBAEvC+V,GAAgBsD,YAAW7lB,OAAAC,OAAAD,OAAAC,OAAC,CAAC,EAC/B+D,GAAM,CACTgH,WAAYnJ,KAAKmJ,WACjB2V,aAAc9e,KAAKmJ,cASvBlI,4BACEmjB,GAEA,OAAOL,GAAcM,gCACnBD,GASJnjB,2BAA2B1D,GACzB,OAAOwmB,GAAcM,gCAClB9mB,EAAM6H,YAAc,CAAC,GAIlBnE,wCACNoE,eAAgBif,IAEhB,IAAKA,EACH,OAAO,KAGT,MAAM,aACJC,EAAY,iBACZC,EAAgB,iBAChBzD,EAAgB,aAChBJ,EAAY,MACZE,EAAK,WACL1X,GACEmb,EACJ,IACGE,IACAzD,IACAwD,IACA5D,EAED,OAAO,KAGT,IAAKxX,EACH,OAAO,KAGT,IACE,OAAO,IAAI4a,GAAc5a,GAAY+a,YAAY,CAC/Cxb,QAAS6b,EACT5Z,YAAa6Z,EACb3D,QACAF,gBAEH,CAAC,MAAOxc,GACP,OAAO,IACR,GClLC,MAAOsgB,WAA6Bf,GAOxC/kB,cACEmhB,MAAM,gBAeR7e,kBAAkB0J,GAChB,OAAO+V,GAAgBsD,YAAY,CACjC7a,WAAYsb,GAAqB5B,YACjC/D,aAAc2F,GAAqBC,wBACnC/Z,gBASJ1J,4BACEmjB,GAEA,OAAOK,GAAqBE,2BAC1BP,GAUJnjB,2BAA2B1D,GACzB,OAAOknB,GAAqBE,2BACzBpnB,EAAM6H,YAAc,CAAC,GAIlBnE,mCACNoE,eAAgBif,IAEhB,IAAKA,KAAmB,qBAAsBA,GAC5C,OAAO,KAGT,IAAKA,EAAcE,iBACjB,OAAO,KAGT,IACE,OAAOC,GAAqBR,WAAWK,EAAcE,iBACtD,CAAC,MAAMjlB,GACN,OAAO,IACR,GArEaklB,GAAAC,wBACQ,eAERD,GAAA5B,YAAkD,eCF9D,MAAO+B,WAA2BlB,GAMtC/kB,cACEmhB,MAAM,cACN9f,KAAK4jB,SAAS,WAgBhB3iB,kBACEyH,EACAiC,GAEA,OAAO+V,GAAgBsD,YAAY,CACjC7a,WAAYyb,GAAmB/B,YAC/B/D,aAAc8F,GAAmBC,sBACjCnc,UACAiC,gBASJ1J,4BACEmjB,GAEA,OAAOQ,GAAmBD,2BACxBP,GASJnjB,2BAA2B1D,GACzB,OAAOqnB,GAAmBD,2BACvBpnB,EAAM6H,YAAc,CAAC,GAIlBnE,mCACNoE,eAAgBif,IAEhB,IAAKA,EACH,OAAO,KAGT,MAAM,aAAEC,EAAY,iBAAEC,GACpBF,EACF,IAAKC,IAAiBC,EAEpB,OAAO,KAGT,IACE,OAAOI,GAAmBX,WAAWM,EAAcC,EACpD,CAAC,MAAMjlB,GACN,OAAO,IACR,GA5EaqlB,GAAAC,sBAA0D,aAE1DD,GAAA/B,YAA8C,aCJ1D,MAAOiC,WAA2BpB,GAMtC/kB,cACEmhB,MAAM,cAQR7e,kBAAkB0J,GAChB,OAAO+V,GAAgBsD,YAAY,CACjC7a,WAAY2b,GAAmBjC,YAC/B/D,aAAcgG,GAAmBC,sBACjCpa,gBASJ1J,4BACEmjB,GAEA,OAAOU,GAAmBH,2BACxBP,GAUJnjB,2BAA2B1D,GACzB,OAAOunB,GAAmBH,2BACvBpnB,EAAM6H,YAAc,CAAC,GAIlBnE,mCACNoE,eAAgBif,IAEhB,IAAKA,KAAmB,qBAAsBA,GAC5C,OAAO,KAGT,IAAKA,EAAcE,iBACjB,OAAO,KAGT,IACE,OAAOM,GAAmBb,WAAWK,EAAcE,iBACpD,CAAC,MAAMjlB,GACN,OAAO,IACR,GA7DaulB,GAAAC,sBAA0D,aAE1DD,GAAAjC,YAA8C,aCpC1D,MAAOmC,WAA2BnG,GAEtClgB,YACEwK,EACiBwX,GAEjBb,MAAM3W,EAAYA,GAFD,KAAYwX,aAAZA,EAMnB5B,oBAAoBhhB,GAElB,OAAO0iB,GAAc1iB,EADLiC,KAAKihB,gBAKvBhC,eACElhB,EACA2K,GAEA,MAAM/G,EAAU3B,KAAKihB,eAErB,OADAtf,EAAQ+G,QAAUA,EACX+X,GAAc1iB,EAAM4D,GAI7Bwd,6BAA6BphB,GAC3B,MAAM4D,EAAU3B,KAAKihB,eAErB,OADAtf,EAAQuf,YAAa,EACdT,GAAc1iB,EAAM4D,GAI7B6G,SACE,MAAO,CACLsW,aAAc9e,KAAK8e,aACnB3V,WAAYnJ,KAAKmJ,WACjBwX,aAAc3gB,KAAK2gB,cAavB1f,gBAAgBwC,GACd,MAAMwc,EAAsB,kBAATxc,EAAoBrB,KAAKoE,MAAM/C,GAAQA,GACpD,WAAE0F,EAAU,aAAE2V,EAAY,aAAE6B,GAChCV,EACF,OACG9W,GACA2V,GACA6B,GACDxX,IAAe2V,EAKV,IAAIkG,GAAmB7b,EAAYwX,GAHjC,KAWX1f,eAAekI,EAAoBwX,GACjC,OAAO,IAAIqE,GAAmB7b,EAAYwX,GAGpCM,eACN,MAAO,CACLE,WAlFkB,mBAmFlBf,mBAAmB,EACnBO,aAAc3gB,KAAK2gB,eChFnB,MAAOsE,WAAyB9B,GAKpCxkB,YAAYwK,GACVpK,EACEoK,EAAWpI,WAdY,SAcoB,kBAG7C+e,MAAM3W,GAmBRlI,4BACEmjB,GAEA,OAAOa,GAAiBC,+BACtBd,GAUJnjB,2BAA2B1D,GACzB,OAAO0nB,GAAiBC,+BACrB3nB,EAAM6H,YAAc,CAAC,GAQ1BnE,0BAA0BwC,GACxB,MAAMwgB,EAAae,GAAmBzW,SAAS9K,GAE/C,OADA1E,EAAQklB,EAAY,kBACbA,EAGDhjB,uCACNoE,eAAgBif,IAEhB,IAAKA,EACH,OAAO,KAGT,MAAM,aAAE3D,EAAY,WAAExX,GAAemb,EAErC,IAAK3D,IAAiBxX,EACpB,OAAO,KAGT,IACE,OAAO6b,GAAmBG,QAAQhc,EAAYwX,EAC/C,CAAC,MAAOxc,GACP,OAAO,IACR,GC5BC,MAAOihB,WAA4B1B,GAMvC/kB,cACEmhB,MAAM,eASR7e,kBAAkBgF,EAAe+a,GAC/B,OAAON,GAAgBsD,YAAY,CACjC7a,WAAYic,GAAoBvC,YAChC/D,aAAcsG,GAAoBC,uBAClCvE,WAAY7a,EACZ8a,iBAAkBC,IAStB/f,4BACEmjB,GAEA,OAAOgB,GAAoBT,2BACzBP,GAUJnjB,2BAA2B1D,GACzB,OAAO6nB,GAAoBT,2BACxBpnB,EAAM6H,YAAc,CAAC,GAIlBnE,mCACNoE,eAAgBif,IAEhB,IAAKA,EACH,OAAO,KAET,MAAM,iBAAEE,EAAgB,iBAAEzD,GACxBuD,EACF,IAAKE,IAAqBzD,EACxB,OAAO,KAGT,IACE,OAAOqE,GAAoBnB,WAAWO,EAAkBzD,EACzD,CAAC,MAAMxhB,GACN,OAAO,IACR,GC1GEsC,eAAeyjB,GACpBvnB,EACA4D,GAEA,OAAO2C,EACLvG,EAGA,6BAAA2D,EAAmB3D,EAAM4D,GAE7B,CDgCkByjB,GAAAC,uBAA6D,cAE7DD,GAAAvC,YAAgD,oBExDrD0C,GAQX5mB,YAAYwD,GACVnC,KAAK2G,KAAOxE,EAAOwE,KACnB3G,KAAKmJ,WAAahH,EAAOgH,WACzBnJ,KAAKqF,eAAiBlD,EAAOkD,eAC7BrF,KAAKwlB,cAAgBrjB,EAAOqjB,cAG9BvkB,kCACElD,EACAynB,EACA9W,EACAvE,GAAuB,GAEvB,MAAMxD,QAAawF,EAASsZ,qBAC1B1nB,EACA2Q,EACAvE,GAEIhB,EAAauc,GAAsBhX,GAOzC,OANiB,IAAI6W,GAAmB,CACtC5e,OACAwC,aACA9D,eAAgBqJ,EAChB8W,kBAKJvkB,2BACE0F,EACA6e,EACApiB,SAEMuD,EAAKgf,yBAAyBviB,GAAuB,GAC3D,MAAM+F,EAAauc,GAAsBtiB,GACzC,OAAO,IAAImiB,GAAmB,CAC5B5e,OACAwC,aACA9D,eAAgBjC,EAChBoiB,mBAKN,SAASE,GACPtiB,GAEA,OAAIA,EAAS+F,WACJ/F,EAAS+F,WAGd,gBAAiB/F,EACK,QAGnB,IACT,CC5DOvB,eAAe+jB,GAAkB7nB,SACtC,MAAMye,EAAe3H,GAAU9W,GAE/B,SADMye,EAAa9E,uBACS,QAAxBnY,EAAAid,EAAa1V,mBAAW,IAAAvH,OAAA,EAAAA,EAAE4K,YAE5B,OAAO,IAAIob,GAAmB,CAC5B5e,KAAM6V,EAAa1V,YACnBqC,WAAY,KACZqc,cAAoC,WAGxC,MAAMpiB,QAAiBkiB,GAAO9I,EAAc,CAC1C4D,mBAAmB,IAEfgE,QAAuBmB,GAAmBE,qBAC9CjJ,EAEA,SAAApZ,GACA,GAGF,aADMoZ,EAAa/D,mBAAmB2L,EAAezd,MAC9Cyd,CACT,CC1BM,MAAOyB,WACHzhB,EAAAA,GAKRzF,YACEZ,EACAR,EACSioB,EACA7e,SAETmZ,MAAMviB,EAAMS,KAAMT,EAAMU,SAHf,KAAaunB,cAAbA,EACA,KAAI7e,KAAJA,EAITxI,OAAO2nB,eAAe9lB,KAAM6lB,GAAiBE,WAC7C/lB,KAAKoF,WAAa,CAChB9G,QAASP,EAAKQ,KACdqD,SAAuB,QAAbrC,EAAAxB,EAAK6D,gBAAQ,IAAArC,EAAAA,OAAI8G,EAC3B7B,gBAAiBjH,EAAM6H,WAAYZ,gBACnCghB,iBAIJvkB,8BACElD,EACAR,EACAioB,EACA7e,GAEA,OAAO,IAAIkf,GAAiB9nB,EAAMR,EAAOioB,EAAe7e,IAItD,SAAUqf,GACdjoB,EACAynB,EACAvB,EACAtd,GAOA,OAJgD,mBAA9C6e,EACIvB,EAAW9E,6BAA6BphB,GACxCkmB,EAAWlF,oBAAoBhhB,IAEdqX,OAAM7X,IAC3B,GAA2B,oCAAvBA,EAAMS,KACR,MAAM6nB,GAAiBI,uBACrBloB,EACAR,EACAioB,EACA7e,GAIJ,MAAMpJ,CAAK,GAEf,CC/DM,SAAU2oB,GACdvc,GAEA,OAAO,IAAIwc,IACTxc,EACGT,KAAI,EAAGC,gBAAiBA,IACxBW,QAAOsc,KAASA,IAEvB,CCOOvkB,eAAewkB,GAAO1f,EAAYwC,GACvC,MAAMyD,GAAeC,EAAAA,EAAAA,IAAmBlG,SAClC2f,IAAoB,EAAM1Z,EAAczD,GAC9C,MAAM,iBAAEF,SxCaHpH,eACL9D,EACA4D,GAEA,OAAOG,EAGL/D,EAAkD,6BAAA4D,EACtD,CwCrBqC4kB,CAAqB3Z,EAAa7O,KAAM,CACzE2K,cAAekE,EAAa7E,aAC5Bye,eAAgB,CAACrd,KAGbsd,EAAgBP,GAAoBjd,GAAoB,IAU9D,OARA2D,EAAajD,aAAeiD,EAAajD,aAAaG,QAAO4c,GAC3DD,EAAcE,IAAID,EAAGvd,cAElBsd,EAAcE,IAAI,WACrB/Z,EAAazH,YAAc,YAGvByH,EAAa7O,KAAK0O,sBAAsBG,GACvCA,CACT,CAEO/K,eAAe+kB,GACpBjgB,EACAsd,EACArd,GAAkB,GAElB,MAAMxD,QAAiBsD,EACrBC,EACAsd,EAAWhF,eAAetY,EAAK5I,WAAY4I,EAAKoB,cAChDnB,GAEF,OAAO2e,GAAmBsB,cAAclgB,EAA0B,OAAAvD,EACpE,CAEOvB,eAAeykB,GACpBQ,EACAngB,EACAyC,SAEMX,EAAqB9B,GAC3B,MAEM3I,GACS,IAAb8oB,EACG,0BACD,mBACJ/nB,EANoBmnB,GAAoBvf,EAAKgD,cAMzBgd,IAAIvd,KAAc0d,EAAUngB,EAAK5I,KAAMC,EAC7D,CC1DO6D,eAAeklB,GACpBpgB,EACAsd,EACArd,GAAkB,GAElB,MAAM,KAAE7I,GAAS4I,EACX6e,EAAgB,iBAEtB,IACE,MAAMpiB,QAAiBsD,EACrBC,EACAqf,GACEjoB,EACAynB,EACAvB,EACAtd,GAEFC,GAEF7H,EAAQqE,EAASsF,QAAS3K,EAAM,kBAChC,MAAMipB,EAAShhB,EAAY5C,EAASsF,SACpC3J,EAAQioB,EAAQjpB,EAAM,kBAEtB,MAAQkpB,IAAK1c,GAAYyc,EAGzB,OAFAjoB,EAAQ4H,EAAK2C,MAAQiB,EAASxM,EAAM,iBAE7BwnB,GAAmBsB,cAAclgB,EAAM6e,EAAepiB,EAC9D,CAAC,MAAOe,GAKP,KAHmC,yBAA9B,OAAAA,QAAA,IAAAA,OAAA,EAAAA,EAAqBnG,OACxBP,EAAMM,EAAM,iBAERoG,CACP,CACH,CChCOtC,eAAeqlB,GACpBnpB,EACAkmB,EACArd,GAAkB,GAElB,MAAM4e,EAAgB,SAChBpiB,QAAiB4iB,GACrBjoB,EACAynB,EACAvB,GAEIG,QAAuBmB,GAAmBE,qBAC9C1nB,EACAynB,EACApiB,GAMF,OAHKwD,SACG7I,EAAK0a,mBAAmB2L,EAAezd,MAExCyd,CACT,CAaOviB,eAAeslB,GACpBppB,EACAkmB,GAEA,OAAOiD,GAAsBrS,GAAU9W,GAAOkmB,EAChD,CAaOpiB,eAAeulB,GACpBzgB,EACAsd,GAEA,MAAMrX,GAAeC,EAAAA,EAAAA,IAAmBlG,GAIxC,aAFM2f,IAAoB,EAAO1Z,EAAcqX,EAAW9a,YAEnDyd,GAAMha,EAAcqX,EAC7B,CAeOpiB,eAAewlB,GACpB1gB,EACAsd,GAEA,OAAO8C,IAAgBla,EAAAA,EAAAA,IAAmBlG,GAAuBsd,EACnE,CCtEOpiB,eAAeylB,GACpBvpB,EACAwpB,GAEA,MAAM/K,EAAe3H,GAAU9W,GACzBqF,QCZDvB,eACL9D,EACA4D,GAEA,OAAO2C,EAILvG,EAGA,4CAAA2D,EAAmB3D,EAAM4D,GAE7B,CDD0C6lB,CAAmBhL,EAAc,CACvEvW,MAAOshB,EACPnH,mBAAmB,IAEfQ,QAAa2E,GAAmBE,qBACpCjJ,EAAY,SAEZpZ,GAGF,aADMoZ,EAAa/D,mBAAmBmI,EAAKja,MACpCia,CACT,OEzBsB6G,GAKpB9oB,YAA+B+oB,EAAoBtkB,GAApB,KAAQskB,SAARA,EAC7B1nB,KAAKsJ,IAAMlG,EAASukB,gBACpB3nB,KAAK4nB,eAAiB,IAAIniB,KAAKrC,EAASykB,YAAYhiB,cACpD7F,KAAKwJ,YAAcpG,EAASoG,YAG9BvI,2BACElD,EACA+pB,GAEA,MAAI,cAAeA,EACVC,GAAyBC,oBAAoBjqB,EAAM+pB,GACjD,aAAcA,EAChBG,GAAwBD,oBAAoBjqB,EAAM+pB,GAEpDrqB,EAAMM,EAAM,mBAIjB,MAAOgqB,WACHN,GAKR9oB,YAAoByE,GAClB0c,MAAM,QAAgB1c,GACtBpD,KAAKmF,YAAc/B,EAAS8kB,UAG9BjnB,2BACE+d,EACA8I,GAEA,OAAO,IAAIC,GAAyBD,IAGlC,MAAOG,WACHR,GAGR9oB,YAAoByE,GAClB0c,MAAM,OAAe1c,GAGvBnC,2BACE+d,EACA8I,GAEA,OAAO,IAAIG,GAAwBH,aC/DvBK,GACdpqB,EACA4D,EACAymB,SAEArpB,GAC0B,QAAxBQ,EAAA6oB,EAAmBtnB,WAAK,IAAAvB,OAAA,EAAAA,EAAAsJ,QAAS,EACjC9K,EAAI,wBAGNgB,EACkD,qBAAzCqpB,EAAmBC,mBACxBD,EAAmBC,kBAAkBxf,OAAS,EAChD9K,EAAI,+BAIN4D,EAAQ4gB,YAAc6F,EAAmBtnB,IACzCa,EAAQ0mB,kBAAoBD,EAAmBC,kBAC/C1mB,EAAQ2mB,mBAAqBF,EAAmBG,gBAE5CH,EAAmBI,MACrBzpB,EACEqpB,EAAmBI,IAAIC,SAAS5f,OAAS,EACzC9K,EAAI,yBAGN4D,EAAQ+mB,YAAcN,EAAmBI,IAAIC,UAG3CL,EAAmBO,UACrB5pB,EACEqpB,EAAmBO,QAAQC,YAAY/f,OAAS,EAChD9K,EAAI,4BAGN4D,EAAQknB,kBAAoBT,EAAmBO,QAAQG,WACvDnnB,EAAQonB,0BACNX,EAAmBO,QAAQK,eAC7BrnB,EAAQsnB,mBAAqBb,EAAmBO,QAAQC,YAE5D,CCUO/mB,eAAeqnB,GACpBnrB,EACAmH,EACAkjB,SAEA,MAAM5L,EAAe3H,GAAU9W,GACzB4D,EAA+C,CACnDwnB,YAA+C,iBAC/CjkB,QACAqQ,WAAmC,mBAErC,GAAsC,QAAlChW,EAAAid,EAAapC,6BAAqB,IAAA7a,OAAA,EAAAA,EAAEiU,qBAAsB,CAC5D,MAAM6M,QAA6B3K,GACjC8G,EACA7a,EAAO,cAEP,GAEEymB,GACFD,GACE3L,EACA6D,EACA+H,SAGE5I,GACJhD,EACA6D,EAEH,MACK+H,GACFD,GACE3L,EACA7a,EACAymB,SAGE5I,GACoBhD,EAAc7a,GACrCyT,OAAMvT,UACL,GAA2B,iCAAvBtE,EAAMS,KAsBR,OAAOqF,QAAQyB,OAAOvH,GAtB4C,CAClE+gB,QAAQgC,IACN,oJAEF,MAAMD,QAA6B3K,GACjC8G,EACA7a,EAAO,cAEP,GAEEymB,GACFD,GACE3L,EACA6D,EACA+H,SAGE5I,GACJhD,EACA6D,EAEH,CAEA,GAGT,CAWOxe,eAAeunB,GACpBrrB,EACAiiB,EACAqJ,SAEMjK,IAAsBvS,EAAAA,EAAAA,IAAmB9O,GAAO,CACpDiiB,UACAqJ,eAGJ,CAUOxnB,eAAeynB,GACpBvrB,EACAiiB,S9B/FKne,eACL9D,EACA4D,GAEA,OAAOG,EACL/D,EAGA,6BAAA2D,EAAmB3D,EAAM4D,GAE7B,C8BuFQ4nB,EAAwB1c,EAAAA,EAAAA,IAAmB9O,GAAO,CAAEiiB,WAC5D,CAYOne,eAAe2nB,GACpBzrB,EACAiiB,GAEA,MAAMyJ,GAAc5c,EAAAA,EAAAA,IAAmB9O,GACjCqF,QAAiBgc,GAAsBqK,EAAa,CAAEzJ,YAQtD6B,EAAYze,EAAS+lB,YAE3B,OADApqB,EAAQ8iB,EAAW4H,EAAa,kBACxB5H,GACN,IAAK,eACH,MACF,IAAK,0BACH9iB,EAAQqE,EAASsmB,SAAUD,EAAa,kBACxC,MACF,IAAK,gCACH1qB,EAAQqE,EAASumB,QAASF,EAAa,kBAEzC,QACE1qB,EAAQqE,EAAS8B,MAAOukB,EAAa,kBAIzC,IAAIG,EAA8C,KAQlD,OAPIxmB,EAASumB,UACXC,EAAkBnC,GAAoBO,oBACpCnT,GAAU4U,GACVrmB,EAASumB,UAIN,CACLE,KAAM,CACJ3kB,OACuE,4BAApE9B,EAAS+lB,YACN/lB,EAASsmB,SACTtmB,EAAS8B,QAAU,KACzB4kB,eACuE,4BAApE1mB,EAAS+lB,YACN/lB,EAAS8B,MACT9B,EAASsmB,WAAa,KAC5BE,mBAEF/H,YAEJ,CAYOhgB,eAAekoB,GACpBhsB,EACAC,GAEA,MAAM,KAAE6rB,SAAeL,IAAgB3c,EAAAA,EAAAA,IAAmB9O,GAAOC,GAEjE,OAAO6rB,EAAK3kB,KACd,CAmBOrD,eAAemoB,GACpBjsB,EACAmH,EACA6a,SAEA,MAAMvD,EAAe3H,GAAU9W,GACzB4D,EAAyB,CAC7Bye,mBAAmB,EACnBlb,QACA6a,WACAxK,WAAmC,mBAErC,IAAI0U,EACJ,GAAsC,QAAlC1qB,EAAAid,EAAapC,6BAAqB,IAAA7a,OAAA,EAAAA,EAAEiU,qBAAsB,CAC5D,MAAM6M,QAA6B3K,GACjC8G,EACA7a,EAAO,kBAGTsoB,EAAiB3E,GAAO9I,EAAc6D,EACvC,MACC4J,EAAiB3E,GAAO9I,EAAc7a,GAASyT,OAAMvT,UACnD,GAA2B,iCAAvBtE,EAAMS,KAA0D,CAClEsgB,QAAQgC,IACN,oIAEF,MAAMD,QAA6B3K,GACjC8G,EACA7a,EAAO,kBAGT,OAAO2jB,GAAO9I,EAAc6D,EAC7B,CACC,OAAOhd,QAAQyB,OAAOvH,EACvB,IAIL,MAAM6F,QAAiB6mB,EAAe7U,OAAM7X,GACnC8F,QAAQyB,OAAOvH,KAGlB6mB,QAAuBmB,GAAmBE,qBAC9CjJ,EAAY,SAEZpZ,GAIF,aAFMoZ,EAAa/D,mBAAmB2L,EAAezd,MAE9Cyd,CACT,UAkBgB8F,GACdnsB,EACAmH,EACA6a,GAEA,OAAOoH,IACLta,EAAAA,EAAAA,IAAmB9O,GACnB6kB,GAAkBqB,WAAW/e,EAAO6a,GAExC,CCvROle,eAAesoB,GACpBpsB,EACAmH,EACAkjB,SAEA,MAAM5L,EAAe3H,GAAU9W,GACzB4D,EAAkC,CACtCwnB,YAA6C,eAC7CjkB,QACAqQ,WAAmC,mBAErC,SAAS6U,EACPzoB,EACAymB,GAEArpB,EACEqpB,EAAmBG,gBACnB/L,EAAY,kBAGV4L,GACFD,GACE3L,EACA7a,EACAymB,GAIN,GAAsC,QAAlC7oB,EAAAid,EAAapC,6BAAqB,IAAA7a,OAAA,EAAAA,EAAEiU,qBAAsB,CAC5D,MAAM6M,QAA6B3K,GACjC8G,EACA7a,EAAO,cAEP,GAEFyoB,EAAsB/J,EAAsB+H,SACtC3I,GAA0BjD,EAAc6D,EAC/C,MACC+J,EAAsBzoB,EAASymB,SACzB3I,GACmBjD,EAAc7a,GACpCyT,OAAMvT,UACL,GAA2B,iCAAvBtE,EAAMS,KAaR,OAAOqF,QAAQyB,OAAOvH,GAb4C,CAClE+gB,QAAQgC,IACN,+IAEF,MAAMD,QAA6B3K,GACjC8G,EACA7a,EAAO,cAEP,GAEFyoB,EAAsB/J,EAAsB+H,SACtC3I,GAA0BjD,EAAc6D,EAC/C,CAEA,GAGT,CAUgB,SAAAgK,GAAsBtsB,EAAY+kB,GAChD,MAAMC,EAAgBf,GAAcgB,UAAUF,GAC9C,MAA+B,kBAAxB,OAAAC,QAAa,IAAbA,OAAa,EAAbA,EAAelB,UACxB,CAuCOhgB,eAAeyoB,GACpBvsB,EACAmH,EACA4d,GAEA,MAAM2G,GAAc5c,EAAAA,EAAAA,IAAmB9O,GACjCkmB,EAAarB,GAAkB2H,mBACnCrlB,EACA4d,GAAazjB,KASf,OALAN,EACEklB,EAAWpE,aAAe4J,EAAY7nB,UAAY,MAClD6nB,EAAW,sBAGNtC,GAAqBsC,EAAaxF,EAC3C,CC5JOpiB,eAAe2oB,GACpBzsB,EACAmH,GAKA,MACMvD,EAAgC,CACpC8oB,WAAYvlB,EACZwlB,YAHkBhrB,IAAmBL,IAAmB,qBAMpD,cAAEsrB,SC1BH9oB,eACL9D,EACA4D,GAEA,OAAOG,EACL/D,EAGA,oCAAA2D,EAAmB3D,EAAM4D,GAE7B,CDgBkCipB,EAC9B/d,EAAAA,EAAAA,IAAmB9O,GACnB4D,GAGF,OAAOgpB,GAAiB,EAC1B,CAgCO9oB,eAAegpB,GACpBlkB,EACAyhB,GAEA,MAAMxb,GAAeC,EAAAA,EAAAA,IAAmBlG,GAElChF,EAAkC,CACtCwnB,YAA6C,eAC7CzgB,cAHoB/B,EAAKoB,cAKvBqgB,GACFD,GACEvb,EAAa7O,KACb4D,EACAymB,GAIJ,MAAM,MAAEljB,S/BKHrD,eACL9D,EACA4D,GAEA,OAAO4d,GAAYxhB,EAAM4D,EAC3B,C+BV0BmpB,CAA0Ble,EAAa7O,KAAM4D,GAEjEuD,IAAUyB,EAAKzB,aACXyB,EAAK0G,QAEf,CAoCOxL,eAAekpB,GACpBpkB,EACA+iB,EACAtB,GAEA,MAAMxb,GAAeC,EAAAA,EAAAA,IAAmBlG,GAElChF,EAA2C,CAC/CwnB,YAAwD,0BACxDzgB,cAHoB/B,EAAKoB,aAIzB2hB,YAEEtB,GACFD,GACEvb,EAAa7O,KACb4D,EACAymB,GAIJ,MAAM,MAAEljB,S/BnCHrD,eACL9D,EACA4D,GAEA,OAAO4d,GAAYxhB,EAAM4D,EAC3B,C+B8B0BqpB,CAAyBpe,EAAa7O,KAAM4D,GAEhEuD,IAAUyB,EAAKzB,aAGXyB,EAAK0G,QAEf,CEpJOxL,eAAeopB,GACpBtkB,GACA,YACE6C,EACAC,SAAUC,IAGZ,QAAoBrD,IAAhBmD,QAA0CnD,IAAbqD,EAC/B,OAGF,MAAMkD,GAAeC,EAAAA,EAAAA,IAAmBlG,GAElCukB,EAAiB,CACrBxiB,cAFoBkE,EAAa7E,aAGjCyB,cACAE,WACA0W,mBAAmB,GAEfhd,QAAiBsD,EACrBkG,ECxBG/K,eACL9D,EACA4D,GAEA,OAAOG,EACL/D,EAGA,6BAAA4D,EAEJ,CDeIwpB,CAAiBve,EAAa7O,KAAMmtB,IAGtCte,EAAapD,YAAcpG,EAASoG,aAAe,KACnDoD,EAAanD,SAAWrG,EAASsG,UAAY,KAG7C,MAAM0hB,EAAmBxe,EAAajD,aAAa0hB,MACjD,EAAGliB,gBAAgC,aAAfA,IAElBiiB,IACFA,EAAiB5hB,YAAcoD,EAAapD,YAC5C4hB,EAAiB3hB,SAAWmD,EAAanD,gBAGrCmD,EAAa+Y,yBAAyBviB,EAC9C,CAkBgB,SAAAkoB,GAAY3kB,EAAY+iB,GACtC,OAAO6B,IACL1e,EAAAA,EAAAA,IAAmBlG,GACnB+iB,EACA,KAEJ,CAegB,SAAA8B,GAAe7kB,EAAY0iB,GACzC,OAAOkC,IACL1e,EAAAA,EAAAA,IAAmBlG,GACnB,KACA0iB,EAEJ,CAEAxnB,eAAe0pB,GACb5kB,EACAzB,EACA6a,GAEA,MAAM,KAAEhiB,GAAS4I,EAEXhF,EAAsC,CAC1C+G,cAFoB/B,EAAKoB,aAGzBqY,mBAAmB,GAGjBlb,IACFvD,EAAQuD,MAAQA,GAGd6a,IACFpe,EAAQoe,SAAWA,GAGrB,MAAM3c,QAAiBsD,EACrBC,EACA0Y,GAAuBthB,EAAM4D,UAEzBgF,EAAKgf,yBAAyBviB,GAAuB,EAC7D,CEpEA,MAAMqoB,GACJ9sB,YACW+sB,EACAviB,EACAwiB,EAAmC,CAAC,GAFpC,KAASD,UAATA,EACA,KAAUviB,WAAVA,EACA,KAAOwiB,QAAPA,GAIb,MAAMC,WAAgDH,GACpD9sB,YACE+sB,EACAviB,EACAwiB,EACSE,GAET/L,MAAM4L,EAAWviB,EAAYwiB,GAFpB,KAAQE,SAARA,GAMb,MAAMC,WAAmCL,GACvC9sB,YAAY+sB,EAAoBC,GAC9B7L,MAAM4L,EAAgC,eAAAC,IAI1C,MAAMI,WAAiCH,GACrCjtB,YAAY+sB,EAAoBC,GAC9B7L,MACE4L,EAEA,aAAAC,EAC0B,kBAAZ,OAAPA,QAAO,IAAPA,OAAO,EAAPA,EAASK,OAA4B,OAAPL,QAAA,IAAAA,OAAA,EAAAA,EAASK,MAAQ,OAK5D,MAAMC,WAAiCR,GACrC9sB,YAAY+sB,EAAoBC,GAC9B7L,MAAM4L,EAA8B,aAAAC,IAIxC,MAAMO,WAAkCN,GACtCjtB,YACE+sB,EACAC,EACAQ,GAEArM,MAAM4L,EAAW,cAAoBC,EAASQ,IAW5C,SAAUC,GACdhI,GAEA,MAAM,KAAEzd,EAAI,eAAEtB,GAAmB+e,EACjC,OAAIzd,EAAKwD,cAAgB9E,EAGhB,CACL8D,WAAY,KACZuiB,WAAW,EACXC,QAAS,MAxHT,SACJjd,WAEA,IAAKA,EACH,OAAO,KAET,MAAM,WAAEvF,GAAeuF,EACjBid,EAAUjd,EAAgB2d,YAC5BjqB,KAAKoE,MAAMkI,EAAgB2d,aAC3B,CAAC,EACCX,EACJhd,EAAgBgd,WACS,0CAAzBhd,EAAgB4d,KAClB,IAAKnjB,IAA6B,OAAfuF,QAAe,IAAfA,OAAe,EAAfA,EAAiBhG,SAAS,CAC3C,MAAMuE,EACJ,QADqBc,EAAsC,QAAtCxO,EAAAyG,EAAY0I,EAAgBhG,gBAAU,IAAAnJ,OAAA,EAAAA,EAAAyN,gBAC3D,IAAAe,OAAA,EAAAA,EAAkB,iBAEpB,GAAId,EAOF,OAAO,IAAIwe,GAA0BC,EALI,cAAvCze,GACoC,WAApCA,EACKA,EACD,KAIT,CACD,IAAK9D,EACH,OAAO,KAET,OAAQA,GACN,IAAK,eACH,OAAO,IAAI2iB,GAA2BJ,EAAWC,GACnD,IAAK,aACH,OAAO,IAAII,GAAyBL,EAAWC,GACjD,IAAK,aACH,OAAO,IAAIM,GAAyBP,EAAWC,GACjD,IAAK,cACH,OAAO,IAAIO,GACTR,EACAC,EACAjd,EAAgByd,YAAc,MAElC,IAAuB,SACvB,IAAK,YACH,OAAO,IAAIV,GAA0BC,EAAW,MAClD,QACE,OAAO,IAAID,GAA0BC,EAAWviB,EAAYwiB,GAElE,CA2ESlG,CAAqBpgB,EAC9B,OCzHaknB,GACX5tB,YACWuQ,EACA+U,EACAlmB,GAFA,KAAImR,KAAJA,EACA,KAAU+U,WAAVA,EACA,KAAIlmB,KAAJA,EAGXkD,oBACEyH,EACA3K,GAEA,OAAO,IAAIwuB,GAAuB,SAEhC7jB,EACA3K,GAIJkD,iCACEurB,GAEA,OAAO,IAAID,GAET,SAAAC,GAIJhkB,SAKE,MAAO,CACLikB,mBAAoB,CAClB,CALyC,WAA3CzsB,KAAKkP,KACD,UACA,qBAGKlP,KAAKikB,aAKlBhjB,gBACEgf,WAEA,GAAI,OAAAA,QAAG,IAAHA,OAAG,EAAHA,EAAKwM,mBAAoB,CAC3B,GAA0B,QAAtBltB,EAAA0gB,EAAIwM,0BAAkB,IAAAltB,OAAA,EAAAA,EAAEmtB,kBAC1B,OAAOH,GAAuBI,0BAC5B1M,EAAIwM,mBAAmBC,mBAEpB,GAA0B,QAAtB3e,EAAAkS,EAAIwM,0BAAkB,IAAA1e,OAAA,EAAAA,EAAErF,QACjC,OAAO6jB,GAAuBK,aAC5B3M,EAAIwM,mBAAmB/jB,QAG5B,CACD,OAAO,YChDEmkB,GACXluB,YACWmuB,EACAC,EACQC,GAFR,KAAOF,QAAPA,EACA,KAAKC,MAALA,EACQ,KAAcC,eAAdA,EAMnB/rB,kBACE2T,EACArX,GAEA,MAAMQ,EAAO8W,GAAUD,GACjBrQ,EAAiBhH,EAAM6H,WAAWZ,gBAClCuoB,GAASxoB,EAAeolB,SAAW,IAAIzgB,KAAI4e,GAC/CL,GAAoBO,oBAAoBjqB,EAAM+pB,KAGhD/oB,EACEwF,EAAeioB,qBACfzuB,EAAI,kBAGN,MAAM+uB,EAAUP,GAAuBI,0BACrCpoB,EAAeioB,sBAGjB,OAAO,IAAIK,GACTC,EACAC,GACAlrB,UAGE,MAAMorB,QAAoBjuB,EAAUkuB,SAASnvB,EAAM+uB,UAE5CvoB,EAAeolB,eACfplB,EAAeioB,qBAGtB,MAAM9d,EACDvQ,OAAAC,OAAAD,OAAAC,OAAA,GAAAmG,GACH,CAAAmE,QAASukB,EAAYvkB,QACrBgC,aAAcuiB,EAAYviB,eAI5B,OAAQnN,EAAMioB,eACZ,IAAK,SACH,MAAMpB,QACEmB,GAAmBE,qBACvB1nB,EACAR,EAAMioB,cACN9W,GAGJ,aADM3Q,EAAK0a,mBAAmB2L,EAAezd,MACtCyd,EACT,IAAK,iBAEH,OADArlB,EAAQxB,EAAMoJ,KAAM5I,EAAM,kBACnBwnB,GAAmBsB,cACxBtpB,EAAMoJ,KACNpJ,EAAMioB,cACN9W,GAEJ,QACEjR,EAAMM,EAAM,kBAA8B,IAMpD8D,oBACEsrB,GAEA,MAAMnuB,EAAYmuB,EAClB,OAAOntB,KAAKgtB,eAAehuB,IAcf,SAAAouB,GACdrvB,EACAR,SAEA,MAAMksB,GAAc5c,EAAAA,EAAAA,IAAmB9O,GACjCsvB,EAAgB9vB,EAYtB,OAXAwB,EACExB,EAAM6H,WAAWogB,cACjBiE,EAAW,kBAGb1qB,EAC0C,QAAxCQ,EAAA8tB,EAAcjoB,WAAWZ,uBAAe,IAAAjF,OAAA,EAAAA,EAAEitB,qBAC1C/C,EAAW,kBAINoD,GAAwBS,WAAW7D,EAAa4D,EACzD,OChHaE,GAGX5uB,YAA6BgI,GAAA,KAAIA,KAAJA,EAF7B,KAAe6mB,gBAAsB,GAGnC7mB,EAAK6G,WAAUF,IACTA,EAASqc,UACX3pB,KAAKwtB,gBAAkBlgB,EAASqc,QAAQzgB,KAAI4e,GAC1CL,GAAoBO,oBAAoBrhB,EAAK5I,KAAM+pB,KAEtD,IAIL7mB,iBAAiB0F,GACf,OAAO,IAAI4mB,GAAoB5mB,GAGjC9E,mBACE,OAAO0qB,GAAuBK,mBACtB5sB,KAAK2G,KAAKoB,aAChB/H,KAAK2G,KAAK5I,MAId8D,aACEsrB,EACA3jB,GAEA,MAAMxK,EAAYmuB,EACZL,QAAiB9sB,KAAKytB,aACtBC,QAA4BhnB,EAChC1G,KAAK2G,KACL3H,EAAUkuB,SAASltB,KAAK2G,KAAK5I,KAAM+uB,EAAStjB,IAQ9C,aAJMxJ,KAAK2G,KAAKgf,yBAAyB+H,GAIlC1tB,KAAK2G,KAAK0G,SAGnBxL,eAAe8rB,GACb,MAAMhG,EACiB,kBAAdgG,EAAyBA,EAAYA,EAAUrkB,IAClDZ,QAAgB1I,KAAK2G,KAAKoB,aAChC,IACE,MAAM2G,QAAwBhI,EAC5B1G,KAAK2G,MCgGX5I,ED/FkBiC,KAAK2G,KAAK5I,KCgG5B4D,EDhGkC,CAC1B+G,UACAif,mBCgGD7lB,EACL/D,EAGA,6CAAA2D,EAAmB3D,EAAM4D,MDhGvB3B,KAAKwtB,gBAAkBxtB,KAAKwtB,gBAAgB1jB,QAC1C,EAAGR,SAAUA,IAAQqe,UAMjB3nB,KAAK2G,KAAKgf,yBAAyBjX,SACnC1O,KAAK2G,KAAK0G,QACjB,CAAC,MAAOlJ,GACP,MAAMA,CACP,CC6EW,IACdpG,EACA4D,GD3EF,MAAMisB,GAAuB,IAAIC,QAY3B,SAAUC,GAAYnnB,GAC1B,MAAMonB,GAAclhB,EAAAA,EAAAA,IAAmBlG,GAOvC,OANKinB,GAAqBjH,IAAIoH,IAC5BH,GAAqB5e,IACnB+e,EACAR,GAAoBS,UAAUD,IAG3BH,GAAqBxtB,IAAI2tB,EAClC,CE5FO,MAAME,GAAwB,cCLfC,GACpBvvB,YACqBwvB,EACVjf,GADU,KAAgBif,iBAAhBA,EACV,KAAIjf,KAAJA,EAGX+B,eACE,IACE,OAAKjR,KAAKmP,SAGVnP,KAAKmP,QAAQif,QAAQH,GAAuB,KAC5CjuB,KAAKmP,QAAQkf,WAAWJ,IACjB5qB,QAAQwQ,SAAQ,IAJdxQ,QAAQwQ,SAAQ,EAK1B,CAAC,MAAMtU,GACN,OAAO8D,QAAQwQ,SAAQ,EACxB,EAGHzD,KAAK5N,EAAa4M,GAEhB,OADApP,KAAKmP,QAAQif,QAAQ5rB,EAAKJ,KAAKC,UAAU+M,IAClC/L,QAAQwQ,UAGjBvD,KAAiC9N,GAC/B,MAAMiB,EAAOzD,KAAKmP,QAAQmf,QAAQ9rB,GAClC,OAAOa,QAAQwQ,QAAQpQ,EAAOrB,KAAKoE,MAAM/C,GAAQ,MAGnDgN,QAAQjO,GAEN,OADAxC,KAAKmP,QAAQkf,WAAW7rB,GACjBa,QAAQwQ,UAGH1E,cACZ,OAAOnP,KAAKmuB,oBChBhB,MAAMI,WACIL,GAKRvvB,cACEmhB,OAAM,IAAM9K,OAAOwZ,cAAc,SAGlB,KAAAxe,kBAAoB,CACnCye,EACAC,IACS1uB,KAAK2uB,eAAeF,EAAOC,GACrB,KAASE,UAA8C,CAAC,EACxD,KAAUC,WAAkC,CAAC,EAGtD,KAASC,UAAe,KAGf,KAAAC,4BAhCnB,WACE,MAAMtd,GAAKY,EAAAA,EAAAA,MACX,OAAON,GAAUN,IAAOc,GAAOd,EACjC,CA8BIud,erD2FF,IAGE,SAAUha,QAAUA,SAAWA,OAAOia,IACvC,CAAC,MAAO9qB,GACP,OAAO,CACR,CACH,CqDlGqC+qB,GAElB,KAAiBC,kBAAG1c,KAC5B,KAAqBnB,uBAAG,EAEzB8d,kBACNhU,GAGA,IAAK,MAAM5Y,KAAOrE,OAAOkxB,KAAKrvB,KAAK4uB,WAAY,CAE7C,MAAMU,EAAWtvB,KAAKmP,QAAQmf,QAAQ9rB,GAChC+sB,EAAWvvB,KAAK6uB,WAAWrsB,GAG7B8sB,IAAaC,GACfnU,EAAG5Y,EAAK+sB,EAAUD,EAErB,EAGKX,eAAeF,EAAqBC,GAAO,GAEjD,IAAKD,EAAMjsB,IAMT,YALAxC,KAAKovB,mBACH,CAAC5sB,EAAagtB,EAA0BF,KACtCtvB,KAAKyvB,gBAAgBjtB,EAAK8sB,EAAS,IAMzC,MAAM9sB,EAAMisB,EAAMjsB,IAgBlB,GAZIksB,EAGF1uB,KAAK0vB,iBAIL1vB,KAAK2vB,cAKH3vB,KAAK+uB,4BAA6B,CAEpC,MAAMa,EAAc5vB,KAAKmP,QAAQmf,QAAQ9rB,GAEzC,GAAIisB,EAAMa,WAAaM,EACE,OAAnBnB,EAAMa,SAERtvB,KAAKmP,QAAQif,QAAQ5rB,EAAKisB,EAAMa,UAGhCtvB,KAAKmP,QAAQkf,WAAW7rB,QAErB,GAAIxC,KAAK6uB,WAAWrsB,KAASisB,EAAMa,WAAaZ,EAErD,MAEH,CAED,MAAMmB,EAAmBA,KAGvB,MAAMD,EAAc5vB,KAAKmP,QAAQmf,QAAQ9rB,IACpCksB,GAAQ1uB,KAAK6uB,WAAWrsB,KAASotB,IAKtC5vB,KAAKyvB,gBAAgBjtB,EAAKotB,EAAY,EAGlCA,EAAc5vB,KAAKmP,QAAQmf,QAAQ9rB,IrDHpCstB,EAAAA,EAAAA,OAAkD,KAAvC/b,SAAsBgc,cqDMpCH,IAAgBnB,EAAMa,UACtBb,EAAMa,WAAab,EAAMc,SAMzBxqB,WAAW8qB,EAhHqB,IAkHhCA,IAIIJ,gBAAgBjtB,EAAa4M,GACnCpP,KAAK6uB,WAAWrsB,GAAO4M,EACvB,MAAMwf,EAAY5uB,KAAK4uB,UAAUpsB,GACjC,GAAIosB,EACF,IAAK,MAAMoB,KAAYxhB,MAAMyhB,KAAKrB,GAChCoB,EAAS5gB,EAAQhN,KAAKoE,MAAM4I,GAASA,GAKnC8gB,eACNlwB,KAAK2vB,cAEL3vB,KAAK8uB,UAAYqB,aAAY,KAC3BnwB,KAAKovB,mBACH,CAAC5sB,EAAa+sB,EAAyBD,KACrCtvB,KAAK2uB,eACH,IAAIyB,aAAa,UAAW,CAC1B5tB,MACA+sB,WACAD,cAES,EACZ,GAEJ,GAlJ6B,KAsJ1BK,cACF3vB,KAAK8uB,YACPuB,cAAcrwB,KAAK8uB,WACnB9uB,KAAK8uB,UAAY,MAIbwB,iBACNtb,OAAOyJ,iBAAiB,UAAWze,KAAKgQ,mBAGlC0f,iBACN1a,OAAOub,oBAAoB,UAAWvwB,KAAKgQ,mBAG7CX,aAAa7M,EAAawtB,GACmB,IAAvC7xB,OAAOkxB,KAAKrvB,KAAK4uB,WAAW/lB,SAK1B7I,KAAKmvB,kBACPnvB,KAAKkwB,eAELlwB,KAAKswB,kBAGJtwB,KAAK4uB,UAAUpsB,KAClBxC,KAAK4uB,UAAUpsB,GAAO,IAAI2jB,IAE1BnmB,KAAK6uB,WAAWrsB,GAAOxC,KAAKmP,QAAQmf,QAAQ9rB,IAE9CxC,KAAK4uB,UAAUpsB,GAAK6b,IAAI2R,GAG1BxgB,gBAAgBhN,EAAawtB,GACvBhwB,KAAK4uB,UAAUpsB,KACjBxC,KAAK4uB,UAAUpsB,GAAKqO,OAAOmf,GAEM,IAA7BhwB,KAAK4uB,UAAUpsB,GAAKguB,aACfxwB,KAAK4uB,UAAUpsB,IAIiB,IAAvCrE,OAAOkxB,KAAKrvB,KAAK4uB,WAAW/lB,SAC9B7I,KAAK0vB,iBACL1vB,KAAK2vB,eAMT9tB,WAAWW,EAAa4M,SAChB0Q,MAAM1P,KAAK5N,EAAK4M,GACtBpP,KAAK6uB,WAAWrsB,GAAOJ,KAAKC,UAAU+M,GAGxCvN,WAAuCW,GACrC,MAAM4M,QAAc0Q,MAAMxP,KAAQ9N,GAElC,OADAxC,KAAK6uB,WAAWrsB,GAAOJ,KAAKC,UAAU+M,GAC/BA,EAGTvN,cAAcW,SACNsd,MAAMrP,QAAQjO,UACbxC,KAAK6uB,WAAWrsB,IA9MlB+rB,GAAIrf,KAAY,QAwNlB,MAAMuhB,GAAuClC,GChPpD,MAAMmC,WACIxC,GAKRvvB,cACEmhB,OAAM,IAAM9K,OAAO2b,gBAAgB,WAGrCthB,aAAaC,EAAcC,IAK3BC,gBAAgBF,EAAcC,KAXvBmhB,GAAIxhB,KAAc,UAuBpB,MAAM0hB,GAAyCF,SCtBzCG,GAUXlyB,YAA6BmyB,GAAA,KAAWA,YAAXA,EANZ,KAAWC,YAIxB,CAAC,EAGH/wB,KAAKgQ,kBAAoBhQ,KAAKgxB,YAAY9gB,KAAKlQ,MASjDiB,oBAAoB6vB,GAIlB,MAAMG,EAAmBjxB,KAAKkxB,UAAU7F,MAAK8F,GAC3CA,EAASC,cAAcN,KAEzB,GAAIG,EACF,OAAOA,EAET,MAAMI,EAAc,IAAIR,GAASC,GAEjC,OADA9wB,KAAKkxB,UAAU7a,KAAKgb,GACbA,EAGDD,cAAcN,GACpB,OAAO9wB,KAAK8wB,cAAgBA,EAatBjvB,kBAGN4sB,GACA,MAAM6C,EAAe7C,GACf,QAAE8C,EAAO,UAAEC,EAAS,KAAE3H,GAASyH,EAAazH,KAE5C4H,EACJzxB,KAAK+wB,YAAYS,GACnB,KAAK,OAAAC,QAAQ,IAARA,OAAQ,EAARA,EAAUjB,MACb,OAGFc,EAAaI,MAAM,GAAGC,YAAY,CAChCC,OAAmB,MACnBL,UACAC,cAGF,MAAMK,EAAWrjB,MAAMyhB,KAAKwB,GAAUvoB,KAAIrH,SACxCiwB,EAAQR,EAAaS,OAAQlI,KAEzBzmB,QChEJ,SACJyuB,GAEA,OAAOxuB,QAAQ2N,IACb6gB,EAAS3oB,KAAIrH,UACX,IAEE,MAAO,CACLmwB,WAAW,EACX5iB,YAHkB7L,EAKrB,CAAC,MAAO0uB,GACP,MAAO,CACLD,WAAW,EACXC,SAEH,KAGP,CD6C2BC,CAAYL,GACnCP,EAAaI,MAAM,GAAGC,YAAY,CAChCC,OAAoB,OACpBL,UACAC,YACApuB,aAWJ+uB,WACEX,EACAY,GAE6C,IAAzCj0B,OAAOkxB,KAAKrvB,KAAK+wB,aAAaloB,QAChC7I,KAAK8wB,YAAYrS,iBAAiB,UAAWze,KAAKgQ,mBAG/ChQ,KAAK+wB,YAAYS,KACpBxxB,KAAK+wB,YAAYS,GAAa,IAAIrL,KAGpCnmB,KAAK+wB,YAAYS,GAAWnT,IAAI+T,GAUlCC,aACEb,EACAY,GAEIpyB,KAAK+wB,YAAYS,IAAcY,GACjCpyB,KAAK+wB,YAAYS,GAAW3gB,OAAOuhB,GAEhCA,GAAqD,IAArCpyB,KAAK+wB,YAAYS,GAAWhB,aACxCxwB,KAAK+wB,YAAYS,GAGmB,IAAzCrzB,OAAOkxB,KAAKrvB,KAAK+wB,aAAaloB,QAChC7I,KAAK8wB,YAAYP,oBAAoB,UAAWvwB,KAAKgQ,oBEvIrD,SAAUsiB,GAAiB9d,EAAS,GAAI+d,EAAS,IACrD,IAAI7d,EAAS,GACb,IAAK,IAAI8d,EAAI,EAAGA,EAAID,EAAQC,IAC1B9d,GAAUlU,KAAKiU,MAAsB,GAAhBjU,KAAKkU,UAE5B,OAAOF,EAASE,CAClB,CFS0Bmc,GAASK,UAAe,SGOrCuB,GAGX9zB,YAA6B+zB,GAAA,KAAMA,OAANA,EAFZ,KAAAjB,SAAW,IAAItL,IASxBwM,qBAAqBb,GACvBA,EAAQc,iBACVd,EAAQc,eAAeC,MAAMtC,oBAC3B,UACAuB,EAAQgB,WAEVhB,EAAQc,eAAeC,MAAME,SAE/B/yB,KAAKyxB,SAAS5gB,OAAOihB,GAgBvBjwB,YACE2vB,EACA3H,EACAmJ,EAA8B,IAE9B,MAAMJ,EACsB,qBAAnBK,eAAiC,IAAIA,eAAmB,KACjE,IAAKL,EACH,MAAM,IAAIzzB,MAAM,0BAMlB,IAAI+zB,EACApB,EACJ,OAAO,IAAIzuB,SAAqC,CAACwQ,EAAS/O,KACxD,MAAMysB,EAAUe,GAAiB,GAAI,IACrCM,EAAeC,MAAMM,QACrB,MAAMC,EAAWruB,YAAW,KAC1BD,EAAO,IAAI3F,MAAM,qBAAiC,GACjD6zB,GACHlB,EAAU,CACRc,iBACAE,UAAUrE,GACR,MAAM6C,EAAe7C,EACrB,GAAI6C,EAAazH,KAAK0H,UAAYA,EAGlC,OAAQD,EAAazH,KAAK+H,QACxB,IAAK,MAEH5sB,aAAaouB,GACbF,EAAkBnuB,YAAW,KAC3BD,EAAO,IAAI3F,MAAM,WAAuB,GACvC,KACH,MACF,IAAK,OAEH6F,aAAakuB,GACbrf,EAAQyd,EAAazH,KAAKzmB,UAC1B,MACF,QACE4B,aAAaouB,GACbpuB,aAAakuB,GACbpuB,EAAO,IAAI3F,MAAM,wBAKzBa,KAAKyxB,SAASpT,IAAIyT,GAClBc,EAAeC,MAAMpU,iBAAiB,UAAWqT,EAAQgB,WACzD9yB,KAAK0yB,OAAOf,YACV,CACEH,YACAD,UACA1H,QAEF,CAAC+I,EAAeS,OACjB,IACAC,SAAQ,KACLxB,GACF9xB,KAAK2yB,qBAAqBb,EAC3B,cC7FSyB,KACd,OAAOve,MACT,UC1BgBwe,KACd,MAC4C,qBAAnCD,KAA6B,mBACE,oBAA/BA,KAAyB,aAEpC,CCmBO,MAAME,GAAU,yBAEjBC,GAAsB,uBACtBC,GAAkB,YAaxB,MAAMC,GACJj1B,YAA6BgD,GAAA,KAAOA,QAAPA,EAE7BkyB,YACE,OAAO,IAAIxwB,SAAW,CAACwQ,EAAS/O,KAC9B9E,KAAK2B,QAAQ8c,iBAAiB,WAAW,KACvC5K,EAAQ7T,KAAK2B,QAAQsX,OAAO,IAE9BjZ,KAAK2B,QAAQ8c,iBAAiB,SAAS,KACrC3Z,EAAO9E,KAAK2B,QAAQpE,MAAM,GAC1B,KAKR,SAASu2B,GAAeC,EAAiBC,GACvC,OAAOD,EACJE,YAAY,CAACP,IAAsBM,EAAc,YAAc,YAC/DE,YAAYR,GACjB,UAYgBS,KACd,MAAMxyB,EAAUyyB,UAAUC,KAAKZ,GA/Cd,GAgDjB,OAAO,IAAIpwB,SAAQ,CAACwQ,EAAS/O,KAC3BnD,EAAQ8c,iBAAiB,SAAS,KAChC3Z,EAAOnD,EAAQpE,MAAM,IAGvBoE,EAAQ8c,iBAAiB,iBAAiB,KACxC,MAAMsV,EAAKpyB,EAAQsX,OAEnB,IACE8a,EAAGO,kBAAkBZ,GAAqB,CAAEa,QAASZ,IACtD,CAAC,MAAOxvB,GACPW,EAAOX,EACR,KAGHxC,EAAQ8c,iBAAiB,WAAW5c,UAClC,MAAMkyB,EAAkBpyB,EAAQsX,OAM3B8a,EAAGS,iBAAiBC,SAASf,IAMhC7f,EAAQkgB,IAJRA,EAAGhB,yBA9BT,MAAMpxB,EAAUyyB,UAAUM,eAAejB,IACzC,OAAO,IAAIG,GAAgBjyB,GAASkyB,WACtC,CA6Bcc,GACN9gB,QAAcsgB,MAGf,GACD,GAEN,CAEOtyB,eAAe+yB,GACpBb,EACAvxB,EACA4M,GAEA,MAAMzN,EAAUmyB,GAAeC,GAAI,GAAMc,IAAI,CAC3C,CAAClB,IAAkBnxB,EACnB4M,UAEF,OAAO,IAAIwkB,GAAgBjyB,GAASkyB,WACtC,CAWgB,SAAAiB,GAAcf,EAAiBvxB,GAC7C,MAAMb,EAAUmyB,GAAeC,GAAI,GAAMljB,OAAOrO,GAChD,OAAO,IAAIoxB,GAAgBjyB,GAASkyB,WACtC,CAKA,MAAMkB,GAqBJp2B,cAlBA,KAAAuQ,KAA6B,QAEpB,KAAqBoC,uBAAG,EAEhB,KAASsd,UAA8C,CAAC,EACxD,KAAUC,WAA4C,CAAC,EAGhE,KAASC,UAAe,KACxB,KAAakG,cAAG,EAEhB,KAAQ7D,SAAoB,KAC5B,KAAM8D,OAAkB,KACxB,KAA8BC,gCAAG,EACjC,KAAmBC,oBAAyB,KAMlDn1B,KAAKo1B,6BACHp1B,KAAKq1B,mCAAmClgB,MACtC,SACA,SAINtT,gBACE,OAAI7B,KAAK+zB,KAGT/zB,KAAK+zB,SAAWI,MAFPn0B,KAAK+zB,GAMhBlyB,mBAAsByzB,GACpB,IAAIC,EAAc,EAElB,OACE,IACE,MAAMxB,QAAW/zB,KAAKw1B,UACtB,aAAaF,EAAGvB,EACjB,CAAC,MAAO5vB,GACP,GAAIoxB,IAhD4B,EAiD9B,MAAMpxB,EAEJnE,KAAK+zB,KACP/zB,KAAK+zB,GAAGhB,QACR/yB,KAAK+zB,QAAK1tB,EAGb,EAQGxE,yCACN,OAAO2xB,KAAcxzB,KAAKy1B,qBAAuBz1B,KAAK01B,mBAMhD7zB,2BACN7B,KAAKmxB,SAAWN,GAAShiB,aDtLpB2kB,KAAel0B,KAAoC,MCwLxDU,KAAKmxB,SAASgB,WAAW,cAEvBtwB,MAAO8zB,EAAiB9L,KAEf,CACL+L,oBAFiB51B,KAAK61B,SAEHnkB,SAASmY,EAAKrnB,SAKvCxC,KAAKmxB,SAASgB,WAAW,QAEvBtwB,MAAO8zB,EAAiBG,IACf,CAAC,gBAYNj0B,iCAGN,GADA7B,KAAKm1B,0BDpOFtzB,iBACL,KAAK,OAAAxB,gBAAS,IAATA,eAAS,EAATA,UAAW01B,eACd,OAAO,KAET,IAEE,aAD2B11B,UAAU01B,cAAc9gB,OAC/B+gB,MACrB,CAAC,MAAMz2B,GACN,OAAO,IACR,CACH,CC0NqC02B,IAC5Bj2B,KAAKm1B,oBACR,OAEFn1B,KAAKi1B,OAAS,IAAIxC,GAAOzyB,KAAKm1B,qBAE9B,MAAMe,QAAgBl2B,KAAKi1B,OAAOkB,MAAK,OAErC,CAAC,EAAC,KAGCD,IAIO,QAAV32B,EAAA22B,EAAQ,UAAE,IAAA32B,OAAA,EAAAA,EAAEyyB,aACF,QAAVjkB,EAAAmoB,EAAQ,UAAE,IAAAnoB,OAAA,EAAAA,EAAEqB,MAAMsC,SAAgC,iBAElD1R,KAAKk1B,gCAAiC,GAalCrzB,0BAA0BW,SAChC,GACGxC,KAAKi1B,QACLj1B,KAAKm1B,uBDzPqB,QAAxB51B,EAAS,OAATc,gBAAS,IAATA,eAAS,EAATA,UAAW01B,qBAAa,IAAAx2B,OAAA,EAAAA,EAAE62B,aAAc,QC0PTp2B,KAAKm1B,oBAIzC,UACQn1B,KAAKi1B,OAAOkB,MAEhB,cAAE3zB,OAEFxC,KAAKk1B,+BACF,IACA,GAEN,CAAC,MAAM31B,KAKVsC,qBACE,IACE,IAAKuyB,UACH,OAAO,EAET,MAAML,QAAWI,KAGjB,aAFMS,GAAWb,EAAI9F,GAAuB,WACtC6G,GAAcf,EAAI9F,KACjB,CACR,CAAC,MAAA1uB,GAAO,CACT,OAAO,EAGDsC,wBAAwBw0B,GAC9Br2B,KAAKg1B,gBACL,UACQqB,GACP,SACCr2B,KAAKg1B,eACN,EAGHnzB,WAAWW,EAAa4M,GACtB,OAAOpP,KAAKs2B,mBAAkBz0B,gBACtB7B,KAAKu2B,cAAcxC,GAAoBa,GAAWb,EAAIvxB,EAAK4M,KACjEpP,KAAK6uB,WAAWrsB,GAAO4M,EAChBpP,KAAKw2B,oBAAoBh0B,MAIpCX,WAAuCW,GACrC,MAAMyd,QAAajgB,KAAKu2B,cAAcxC,GAxM1ClyB,eACEkyB,EACAvxB,GAEA,MAAMb,EAAUmyB,GAAeC,GAAI,GAAO3zB,IAAIoC,GACxCqnB,QAAa,IAAI+J,GAAgCjyB,GAASkyB,YAChE,YAAgBxtB,IAATwjB,EAAqB,KAAOA,EAAKza,KAC1C,CAkMMqnB,CAAU1C,EAAIvxB,KAGhB,OADAxC,KAAK6uB,WAAWrsB,GAAOyd,EAChBA,EAGTpe,cAAcW,GACZ,OAAOxC,KAAKs2B,mBAAkBz0B,gBACtB7B,KAAKu2B,cAAcxC,GAAoBe,GAAcf,EAAIvxB,YACxDxC,KAAK6uB,WAAWrsB,GAChBxC,KAAKw2B,oBAAoBh0B,MAI5BX,cAEN,MAAMoX,QAAejZ,KAAKu2B,cAAcxC,IACtC,MAAM2C,EAAgB5C,GAAeC,GAAI,GAAO4C,SAChD,OAAO,IAAI/C,GAA6B8C,GAAe7C,WAAW,IAGpE,IAAK5a,EACH,MAAO,GAIT,GAA2B,IAAvBjZ,KAAKg1B,cACP,MAAO,GAGT,MAAM3F,EAAO,GACPuH,EAAe,IAAIzQ,IACzB,IAAK,MAAQ0Q,UAAWr0B,EAAG,MAAE4M,KAAW6J,EACtC2d,EAAavY,IAAI7b,GACbJ,KAAKC,UAAUrC,KAAK6uB,WAAWrsB,MAAUJ,KAAKC,UAAU+M,KAC1DpP,KAAKyvB,gBAAgBjtB,EAAK4M,GAC1BigB,EAAKhZ,KAAK7T,IAGd,IAAK,MAAMs0B,KAAY34B,OAAOkxB,KAAKrvB,KAAK6uB,YAClC7uB,KAAK6uB,WAAWiI,KAAcF,EAAajQ,IAAImQ,KAEjD92B,KAAKyvB,gBAAgBqH,EAAU,MAC/BzH,EAAKhZ,KAAKygB,IAGd,OAAOzH,EAGDI,gBACNjtB,EACA8sB,GAEAtvB,KAAK6uB,WAAWrsB,GAAO8sB,EACvB,MAAMV,EAAY5uB,KAAK4uB,UAAUpsB,GACjC,GAAIosB,EACF,IAAK,MAAMoB,KAAYxhB,MAAMyhB,KAAKrB,GAChCoB,EAASV,GAKPY,eACNlwB,KAAK2vB,cAEL3vB,KAAK8uB,UAAYqB,aACftuB,SAAY7B,KAAK61B,SA7Pa,KAkQ1BlG,cACF3vB,KAAK8uB,YACPuB,cAAcrwB,KAAK8uB,WACnB9uB,KAAK8uB,UAAY,MAIrBzf,aAAa7M,EAAawtB,GACmB,IAAvC7xB,OAAOkxB,KAAKrvB,KAAK4uB,WAAW/lB,QAC9B7I,KAAKkwB,eAEFlwB,KAAK4uB,UAAUpsB,KAClBxC,KAAK4uB,UAAUpsB,GAAO,IAAI2jB,IAErBnmB,KAAKsQ,KAAK9N,IAEjBxC,KAAK4uB,UAAUpsB,GAAK6b,IAAI2R,GAG1BxgB,gBAAgBhN,EAAawtB,GACvBhwB,KAAK4uB,UAAUpsB,KACjBxC,KAAK4uB,UAAUpsB,GAAKqO,OAAOmf,GAEM,IAA7BhwB,KAAK4uB,UAAUpsB,GAAKguB,aACfxwB,KAAK4uB,UAAUpsB,IAIiB,IAAvCrE,OAAOkxB,KAAKrvB,KAAK4uB,WAAW/lB,QAC9B7I,KAAK2vB,eA3RFoF,GAAI7lB,KAAY,QAsSlB,MAAM6nB,GAAyChC,GCta/C,MAEMiC,GAAmB,WAQnBC,GAIXt4B,YAA6BZ,GAAA,KAAIA,KAAJA,EAHrB,KAAOm5B,QAAGF,GAClB,KAAAG,SAAW,IAAIvoB,IAIfwoB,OACEC,EACAC,GAEA,MAAMtc,EAAKhb,KAAKk3B,QAMhB,OALAl3B,KAAKm3B,SAASnoB,IACZgM,EACA,IAAIuc,GAAWF,EAAWr3B,KAAKjC,KAAKQ,KAAM+4B,GAAc,CAAC,IAE3Dt3B,KAAKk3B,UACElc,EAGTwc,MAAMC,SACJ,MAAMzc,EAAKyc,GAAeT,GACA,QAArBz3B,EAAAS,KAAKm3B,SAAS/2B,IAAI4a,UAAG,IAAAzb,GAAAA,EAAEsR,SAC5B7Q,KAAKm3B,SAAStmB,OAAOmK,GAGvB7H,YAAYskB,SACV,MAAMzc,EAAKyc,GAAeT,GAC1B,OAA8B,QAAvBz3B,EAAAS,KAAKm3B,SAAS/2B,IAAI4a,UAAK,IAAAzb,OAAA,EAAAA,EAAA4T,gBAAiB,GAGjDtR,cAAc41B,SACZ,MAAMzc,EAAcyc,GAA0BT,GAE9C,OAD0B,QAArBz3B,EAAAS,KAAKm3B,SAAS/2B,IAAI4a,UAAG,IAAAzb,GAAAA,EAAE2V,UACrB,UA+CEqiB,GAUX54B,YACE+4B,EACAp5B,EACiB6D,GAAA,KAAMA,OAANA,EAVX,KAAO+E,QAAkB,KACzB,KAAOywB,SAAG,EACV,KAAaC,cAAkB,KACtB,KAAYC,aAAG,KAC9B73B,KAAKkV,SAAS,EAQd,MAAMmiB,EACqB,kBAAlBK,EACH3jB,SAAS+jB,eAAeJ,GACxBA,EACN34B,EAAQs4B,EAAW,iBAA8B,CAAE/4B,YAEnD0B,KAAKq3B,UAAYA,EACjBr3B,KAAK+3B,UAAiC,cAArB/3B,KAAKmC,OAAOquB,KACzBxwB,KAAK+3B,UACP/3B,KAAKkV,UAELlV,KAAKq3B,UAAU5Y,iBAAiB,QAASze,KAAK63B,cAIlD1kB,cAEE,OADAnT,KAAKg4B,iBACEh4B,KAAK43B,cAGd/mB,SACE7Q,KAAKg4B,iBACLh4B,KAAK23B,SAAU,EACX33B,KAAKkH,UACPlC,aAAahF,KAAKkH,SAClBlH,KAAKkH,QAAU,MAEjBlH,KAAKq3B,UAAU9G,oBAAoB,QAASvwB,KAAK63B,cAGnD3iB,UACElV,KAAKg4B,iBACDh4B,KAAKkH,UAITlH,KAAKkH,QAAU8N,OAAOjQ,YAAW,KAC/B/E,KAAK43B,cA+BX,SAA0CK,GACxC,MAAMC,EAAQ,GACRC,EACJ,iEACF,IAAK,IAAI3F,EAAI,EAAGA,EAAIyF,EAAKzF,IACvB0F,EAAM7hB,KACJ8hB,EAAaC,OAAO53B,KAAKiU,MAAMjU,KAAKkU,SAAWyjB,EAAatvB,UAGhE,OAAOqvB,EAAMnlB,KAAK,GACpB,CAzC2BslB,CAAiC,IACtD,MAAM,SAAE5qB,EAAU,mBAAoB6qB,GAAoBt4B,KAAKmC,OAC/D,GAAIsL,EACF,IACEA,EAASzN,KAAK43B,cACf,CAAC,MAAOzzB,GAAI,CAGfnE,KAAKkH,QAAU8N,OAAOjQ,YAAW,KAG/B,GAFA/E,KAAKkH,QAAU,KACflH,KAAK43B,cAAgB,KACjBU,EACF,IACEA,GACD,CAAC,MAAOn0B,GAAI,CAGXnE,KAAK+3B,WACP/3B,KAAKkV,SACN,GAhK0B,IAiKN,GAlKC,MAsKpB8iB,iBACN,GAAIh4B,KAAK23B,QACP,MAAM,IAAIx4B,MAAM,wCCtKf,MAAMo5B,GAAmBhkB,GAAgC,OAC1DikB,GAAwB,IAAI34B,EAAM,IAAO,WAiBlC44B,GAAb95B,oBACU,KAAY+5B,aAAG,GACf,KAAOxB,QAAG,EAMD,KAAAyB,2BAAgD,QAApBp5B,EAAAg0B,KAAUrgB,kBAAU,IAAA3T,OAAA,EAAAA,EAAE63B,QAEnEwB,KAAK76B,EAAoB86B,EAAK,IAG5B,OAFA95B,EAoEJ,SAA6B85B,GAC3B,OAAOA,EAAGhwB,QAAU,GAAK,yBAAyByJ,KAAKumB,EACzD,CAtEYC,CAAoBD,GAAK96B,EAAM,kBAEnCiC,KAAK+4B,yBAAyBF,IAAO5lB,GAAKsgB,KAAUrgB,YAC/C7P,QAAQwQ,QAAQ0f,KAAUrgB,YAE5B,IAAI7P,SAAmB,CAACwQ,EAAS/O,KACtC,MAAM5B,EAAiBqwB,KAAUxuB,YAAW,KAC1CD,EAAOjH,EAAaE,EAAM,0BAAsC,GAC/Dy6B,GAAsBp4B,OAEzBmzB,KAAUgF,IAAoB,KAC5BhF,KAAUvuB,aAAa9B,UAChBqwB,KAAUgF,IAEjB,MAAMS,EAAYzF,KAAUrgB,WAE5B,IAAK8lB,IAAc/lB,GAAK+lB,GAEtB,YADAl0B,EAAOjH,EAAaE,EAAM,mBAM5B,MAAMq5B,EAAS4B,EAAU5B,OACzB4B,EAAU5B,OAAS,CAACC,EAAWl1B,KAC7B,MAAM82B,EAAW7B,EAAOC,EAAWl1B,GAEnC,OADAnC,KAAKk3B,UACE+B,CAAQ,EAGjBj5B,KAAK04B,aAAeG,EACpBhlB,EAAQmlB,EAAU,EASpBplB,GANY,6CAAqBrR,EAAAA,EAAAA,IAAY,CAC3C2R,OAAQqkB,GACRnB,OAAQ,WACRyB,UAGqBzjB,OAAM,KAC3BpQ,aAAa9B,GACb4B,EAAOjH,EAAaE,EAAM,kBAA8B,GACxD,IAINm7B,qBACEl5B,KAAKk3B,UAGC6B,yBAAyBF,SAQ/B,SAC0B,QAAtBt5B,EAAAg0B,KAAUrgB,kBAAY,IAAA3T,OAAA,EAAAA,EAAA63B,UACvByB,IAAO74B,KAAK04B,cACX14B,KAAKk3B,QAAU,GACfl3B,KAAK24B,gCASAQ,GACXt3B,WAAW9D,GACT,OAAO,IAAIk5B,GAAcl5B,GAG3Bm7B,qBAAkB,ECtGb,MAAME,GAA0B,YAEjCC,GAAsC,CAC1CC,MAAO,QACPpqB,KAAM,eAUKqqB,GAwCX56B,YACE+4B,EACiBJ,EAAAn5B,OAAAC,OAAA,GACZi7B,IAELzkB,GAHiB,KAAU0iB,WAAVA,EAnCV,KAAIpoB,KAAGkqB,GACR,KAASI,WAAG,EACZ,KAAQP,SAAkB,KAGjB,KAAAQ,qBAAuB,IAAItT,IACpC,KAAauT,cAA2B,KAKxC,KAASV,UAAqB,KA6BpCh5B,KAAKjC,KAAO8W,GAAUD,GACtB5U,KAAK25B,YAAuC,cAAzB35B,KAAKs3B,WAAW9G,KACnCzxB,EACsB,qBAAbgV,SACP/T,KAAKjC,KAAI,+CAGX,MAAMs5B,EACqB,kBAAlBK,EACH3jB,SAAS+jB,eAAeJ,GACxBA,EACN34B,EAAQs4B,EAAWr3B,KAAKjC,KAAM,kBAE9BiC,KAAKq3B,UAAYA,EACjBr3B,KAAKs3B,WAAW7pB,SAAWzN,KAAK45B,kBAAkB55B,KAAKs3B,WAAW7pB,UAElEzN,KAAK65B,iBAAmB75B,KAAKjC,KAAK8Z,SAASC,kCACvC,IAAIqhB,GACJ,IAAIV,GAERz4B,KAAK85B,wBASPj4B,eACE7B,KAAK+5B,qBACL,MAAM/e,QAAWhb,KAAKo3B,SAChB4B,EAAYh5B,KAAKg6B,uBAEjB52B,EAAW41B,EAAU7lB,YAAY6H,GACvC,OAAI5X,GAIG,IAAIC,SAAgBwQ,IACzB,MAAMomB,EAAeh0B,IACdA,IAGLjG,KAAKy5B,qBAAqB5oB,OAAOopB,GACjCpmB,EAAQ5N,GAAM,EAGhBjG,KAAKy5B,qBAAqBpb,IAAI4b,GAC1Bj6B,KAAK25B,aACPX,EAAU9jB,QAAQ8F,EACnB,IASLoc,SACE,IACEp3B,KAAK+5B,oBACN,CAAC,MAAO51B,GAIP,OAAOd,QAAQyB,OAAOX,EACvB,CAED,OAAInE,KAAK05B,gBAIT15B,KAAK05B,cAAgB15B,KAAKk6B,oBAAoB9kB,OAAMjR,IAElD,MADAnE,KAAK05B,cAAgB,KACfv1B,CAAC,KALAnE,KAAK05B,cAYhBS,SACEn6B,KAAK+5B,qBACiB,OAAlB/5B,KAAKi5B,UACPj5B,KAAKg6B,uBAAuBxC,MAAMx3B,KAAKi5B,UAO3CmB,QACEp6B,KAAK+5B,qBACL/5B,KAAKw5B,WAAY,EACjBx5B,KAAK65B,iBAAiBX,qBACjBl5B,KAAK25B,aACR35B,KAAKq3B,UAAUgD,WAAWC,SAAQC,IAChCv6B,KAAKq3B,UAAUmD,YAAYD,EAAK,IAK9BT,wBACN/6B,GAASiB,KAAKs3B,WAAWmD,QAASz6B,KAAKjC,KAAM,kBAC7CgB,EACEiB,KAAK25B,cAAgB35B,KAAKq3B,UAAUqD,gBACpC16B,KAAKjC,KAAI,kBAGXgB,EACsB,qBAAbgV,SACP/T,KAAKjC,KAAI,+CAKL67B,kBACNe,GAEA,OAAO10B,IAEL,GADAjG,KAAKy5B,qBAAqBa,SAAQtK,GAAYA,EAAS/pB,KAC/B,oBAAb00B,EACTA,EAAS10B,QACJ,GAAwB,kBAAb00B,EAAuB,CACvC,MAAMC,EAAarH,KAAUoH,GACH,oBAAfC,GACTA,EAAW30B,EAEd,GAIG8zB,qBACNh7B,GAASiB,KAAKw5B,UAAWx5B,KAAKjC,KAAM,kBAG9B8D,0BAEN,SADM7B,KAAK66B,QACN76B,KAAKi5B,SAAU,CAClB,IAAI5B,EAAYr3B,KAAKq3B,UACrB,IAAKr3B,KAAK25B,YAAa,CACrB,MAAMmB,EAAkB/mB,SAASC,cAAc,OAC/CqjB,EAAU/iB,YAAYwmB,GACtBzD,EAAYyD,CACb,CAED96B,KAAKi5B,SAAWj5B,KAAKg6B,uBAAuB5C,OAC1CC,EACAr3B,KAAKs3B,WAER,CAED,OAAOt3B,KAAKi5B,SAGNp3B,aACN9C,EACEW,MAAqB8zB,KACrBxzB,KAAKjC,KAAI,wBAqBf,WACE,IAAI+c,EAAgC,KACpC,OAAO,IAAIzX,SAAcwQ,IACK,aAAxBE,SAASyK,YAQb1D,EAAWA,IAAMjH,IACjBmB,OAAOyJ,iBAAiB,OAAQ3D,IAR9BjH,GAQuC,IACxCuB,OAAMjR,IAKP,MAJI2W,GACF9F,OAAOub,oBAAoB,OAAQzV,GAG/B3W,CAAC,GAEX,CArCU42B,GACN/6B,KAAKg5B,gBAAkBh5B,KAAK65B,iBAAiBjB,KAC3C54B,KAAKjC,KACLiC,KAAKjC,KAAK6E,mBAAgByD,GAG5B,MAAMkN,Q9D1OH1R,eAAkC9D,GACvC,aAEU+D,EACJ/D,EAGD,8BACDi9B,kBAAoB,EAE1B,C8DgO0BC,CAAmBj7B,KAAKjC,MAC9CgB,EAAQwU,EAASvT,KAAKjC,KAAM,kBAC5BiC,KAAKs3B,WAAWmD,QAAUlnB,EAGpBymB,uBAEN,OADAj7B,EAAQiB,KAAKg5B,UAAWh5B,KAAKjC,KAAM,kBAC5BiC,KAAKg5B,WC1NhB,MAAMkC,GACJv8B,YACW4iB,EACQ4Z,GADR,KAAc5Z,eAAdA,EACQ,KAAc4Z,eAAdA,EAGnBC,QAAQ5Z,GACN,MAAM6Z,EAAiB/Z,GAAoBga,kBACzCt7B,KAAKuhB,eACLC,GAEF,OAAOxhB,KAAKm7B,eAAeE,IAkCxBx5B,eAAe05B,GACpBx9B,EACAoH,EACAq2B,GAEA,MAAMhf,EAAe3H,GAAU9W,GACzBwjB,QAAuBka,GAC3Bjf,EACArX,GACA0H,EAAAA,EAAAA,IAAmB2uB,IAErB,OAAO,IAAIN,GAAuB3Z,GAAgBX,GAChDuG,GAAqB3K,EAAcoE,IAEvC,CAWO/e,eAAe65B,GACpB/0B,EACAxB,EACAq2B,GAEA,MAAM5uB,GAAeC,EAAAA,EAAAA,IAAmBlG,SAClC2f,IAAoB,EAAO1Z,EAAc,SAC/C,MAAM2U,QAAuBka,GAC3B7uB,EAAa7O,KACboH,GACA0H,EAAAA,EAAAA,IAAmB2uB,IAErB,OAAO,IAAIN,GAAuB3Z,GAAgBX,GAChDwG,GAAmBxa,EAAcgU,IAErC,CAaO/e,eAAe85B,GACpBh1B,EACAxB,EACAq2B,GAEA,MAAM5uB,GAAeC,EAAAA,EAAAA,IAAmBlG,GAClC4a,QAAuBka,GAC3B7uB,EAAa7O,KACboH,GACA0H,EAAAA,EAAAA,IAAmB2uB,IAErB,OAAO,IAAIN,GAAuB3Z,GAAgBX,GAChDyG,GAA6Bza,EAAcgU,IAE/C,CAMO/e,eAAe45B,GACpB19B,EACA2d,EACA9F,SAEA,MAAMgmB,QAAuBhmB,EAASE,SAEtC,IAYE,IAAI+lB,EAUJ,GArBA98B,EAC4B,kBAAnB68B,EACP79B,EAAI,kBAGNgB,EACE6W,EAAS1G,OAASkqB,GAClBr7B,EAAI,kBAOJ89B,EADqB,kBAAZngB,EACU,CACjBvW,YAAauW,GAGIA,EAGjB,YAAamgB,EAAkB,CACjC,MAAM/O,EAAU+O,EAAiB/O,QAEjC,GAAI,gBAAiB+O,EAAkB,CACrC98B,EACmB,WAAjB+tB,EAAQ5d,KACRnR,EAAI,kBAGN,MAAMqF,Qf9IE,SACdrF,EACA4D,GAEA,OAAOG,EAIL/D,EAGA,0CAAA2D,EAAmB3D,EAAM4D,GAE7B,CeiI+Bm6B,CAAoB/9B,EAAM,CAC/C2K,QAASokB,EAAQ7I,WACjB8X,oBAAqB,CACnB52B,YAAa02B,EAAiB12B,YAC9By2B,oBAGJ,OAAOx4B,EAAS44B,iBAAiBja,WAClC,CAAM,CACLhjB,EACmB,WAAjB+tB,EAAQ5d,KACRnR,EAAI,kBAGN,MAAM4pB,GAC4B,QAAhCpoB,EAAAs8B,EAAiBI,uBAAe,IAAA18B,OAAA,EAAAA,EAAE+J,MAClCuyB,EAAiBK,eACnBn9B,EAAQ4oB,EAAiB5pB,EAAM,6BAC/B,MAAMqF,QCxKE,SACdrF,EACA4D,GAEA,OAAOG,EAIL/D,EAGA,sCAAA2D,EAAmB3D,EAAM4D,GAE7B,CD2J+Bw6B,CAAoBp+B,EAAM,CAC/CyuB,qBAAsBM,EAAQ7I,WAC9B0D,kBACAyU,gBAAiB,CACfR,oBAGJ,OAAOx4B,EAASi5B,kBAAkBta,WACnC,CACF,CAAM,CACL,MAAM,YAAEA,SjDtMPlgB,eACL9D,EACA4D,GAEA,OAAOG,EAIL/D,EAGA,2CAAA2D,EAAmB3D,EAAM4D,GAE7B,CiDyLoC26B,CAA0Bv+B,EAAM,CAC5DoH,YAAa02B,EAAiB12B,YAC9By2B,mBAEF,OAAO7Z,CACR,CACF,SACCnM,EAASukB,QACV,CACH,CAqBOt4B,eAAe06B,GACpB51B,EACAsd,SAEM2C,IAAM/Z,EAAAA,EAAAA,IAAmBlG,GAAuBsd,EACxD,OE7NauY,GAcX79B,YAAYZ,GAPH,KAAAoL,WAAaqzB,GAAkB3Z,YAQtC7iB,KAAKjC,KAAO8W,GAAU9W,GAkCxB0+B,kBACEC,EACAC,GAEA,OAAOlB,GACLz7B,KAAKjC,KACL2+B,GACA7vB,EAAAA,EAAAA,IAAmB8vB,IA+BvB17B,kBACEsgB,EACAC,GAEA,OAAOF,GAAoBga,kBACzB/Z,EACAC,GAQJvgB,4BACEmjB,GAEA,MAAMH,EAAaG,EACnB,OAAOoY,GAAkB7X,2BAA2BV,GAmCtDhjB,2BAA2B1D,GACzB,OAAOi/B,GAAkB7X,2BACtBpnB,EAAM6H,YAAc,CAAC,GAIlBnE,mCACNoE,eAAgBif,IAEhB,IAAKA,EACH,OAAO,KAET,MAAM,YAAEnf,EAAW,eAAEsc,GACnB6C,EACF,OAAInf,GAAesc,EACVH,GAAoBsb,mBACzBz3B,EACAsc,GAGG,MCvLK,SAAAob,GACd9+B,EACA++B,GAEA,OAAIA,EACKjuB,EAAaiuB,IAGtB/9B,EAAQhB,EAAK4Z,uBAAwB5Z,EAAM,kBAEpCA,EAAK4Z,uBACd,CDckB6kB,GAAA3Z,YAAwC,QAExC2Z,GAAAO,qBAAmD,QERrE,MAAMC,WAAsBne,GAC1BlgB,YAAqBwD,GACnB2d,MAAM,SAAD,UADc,KAAM3d,OAANA,EAIrB4c,oBAAoBhhB,GAClB,OAAO0iB,GAAc1iB,EAAMiC,KAAKi9B,oBAGlChe,eACElhB,EACA2K,GAEA,OAAO+X,GAAc1iB,EAAMiC,KAAKi9B,iBAAiBv0B,IAGnDyW,6BAA6BphB,GAC3B,OAAO0iB,GAAc1iB,EAAMiC,KAAKi9B,oBAG1BA,iBAAiBv0B,GACvB,MAAM/G,EAAgC,CACpCwf,WAAYnhB,KAAKmC,OAAOgf,WACxB+b,UAAWl9B,KAAKmC,OAAO+6B,UACvB9b,SAAUphB,KAAKmC,OAAOif,SACtBxf,SAAU5B,KAAKmC,OAAOP,SACtB+e,aAAc3gB,KAAKmC,OAAOwe,aAC1BP,mBAAmB,EACnB+c,qBAAqB,GAOvB,OAJIz0B,IACF/G,EAAQ+G,QAAUA,GAGb/G,GAIL,SAAUy7B,GACdj7B,GAEA,OAAO+kB,GACL/kB,EAAOpE,KACP,IAAIi/B,GAAc76B,GAClBA,EAAOyE,gBAEX,CAEM,SAAUy2B,GACdl7B,GAEA,MAAM,KAAEpE,EAAI,KAAE4I,GAASxE,EAEvB,OADApD,EAAQ4H,EAAM5I,EAAM,kBACbgpB,GACLpgB,EACA,IAAIq2B,GAAc76B,GAClBA,EAAOyE,gBAEX,CAEO/E,eAAey7B,GACpBn7B,GAEA,MAAM,KAAEpE,EAAI,KAAE4I,GAASxE,EAEvB,OADApD,EAAQ4H,EAAM5I,EAAM,kBACb6oB,GAAUjgB,EAAM,IAAIq2B,GAAc76B,GAASA,EAAOyE,gBAC3D,OCpEsB22B,GASpB5+B,YACqBZ,EACnB+L,EACmBgR,EACTnU,EACSC,GAAkB,GAJlB,KAAI7I,KAAJA,EAEA,KAAQ+c,SAARA,EACT,KAAInU,KAAJA,EACS,KAAeC,gBAAfA,EAXb,KAAc42B,eAA0B,KACxC,KAAYC,aAAwB,KAY1Cz9B,KAAK8J,OAAS0E,MAAMC,QAAQ3E,GAAUA,EAAS,CAACA,GAKlDoL,UACE,OAAO,IAAI7R,SACTxB,MAAOgS,EAAS/O,KACd9E,KAAKw9B,eAAiB,CAAE3pB,UAAS/O,UAEjC,IACE9E,KAAKy9B,mBAAqBz9B,KAAK8a,SAASzC,YAAYrY,KAAKjC,YACnDiC,KAAK09B,cACX19B,KAAKy9B,aAAaE,iBAAiB39B,KACpC,CAAC,MAAOmE,GACPnE,KAAK8E,OAAOX,EACb,KAKPtC,kBAAkB4sB,GAChB,MAAM,YAAEmP,EAAW,UAAEV,EAAS,SAAE9b,EAAQ,SAAExf,EAAQ,MAAErE,EAAK,KAAE2R,GAASuf,EACpE,GAAIlxB,EAEF,YADAyC,KAAK8E,OAAOvH,GAId,MAAM4E,EAAwB,CAC5BpE,KAAMiC,KAAKjC,KACXojB,WAAYyc,EACZV,UAAWA,EACXt7B,SAAUA,QAAYyE,EACtB+a,SAAUA,QAAY/a,EACtBM,KAAM3G,KAAK2G,KACXC,gBAAiB5G,KAAK4G,iBAGxB,IACE5G,KAAK6T,cAAc7T,KAAK69B,WAAW3uB,EAAhBlP,CAAsBmC,GAC1C,CAAC,MAAOgC,GACPnE,KAAK8E,OAAOX,EACb,EAGH25B,QAAQvgC,GACNyC,KAAK8E,OAAOvH,GAGNsgC,WAAW3uB,GACjB,OAAQA,GACN,IAAqC,iBACrC,IAAK,oBACH,OAAOkuB,GACT,IAAkC,eAClC,IAAK,kBACH,OAAOE,GACT,IAAoC,iBACpC,IAAK,oBACH,OAAOD,GACT,QACE5/B,EAAMuC,KAAKjC,KAAM,mBAIb8V,QAAQ+M,GAChBxhB,EAAYY,KAAKw9B,eAAgB,iCACjCx9B,KAAKw9B,eAAe3pB,QAAQ+M,GAC5B5gB,KAAK+9B,uBAGGj5B,OAAOvH,GACf6B,EAAYY,KAAKw9B,eAAgB,iCACjCx9B,KAAKw9B,eAAe14B,OAAOvH,GAC3ByC,KAAK+9B,uBAGCA,uBACF/9B,KAAKy9B,cACPz9B,KAAKy9B,aAAaO,mBAAmBh+B,MAGvCA,KAAKw9B,eAAiB,KACtBx9B,KAAKi+B,WC1FF,MAAMC,GAA6B,IAAIr+B,EAAM,IAAM,KA+BnDgC,eAAes8B,GACpBpgC,EACAqL,EACA0R,GAEA,MAAM0B,EAAe3H,GAAU9W,GAC/BS,EAAkBT,EAAMqL,EAAU+Z,IAClC,MAAMib,EAAmBvB,GAAqBrgB,EAAc1B,GAO5D,OANe,IAAIujB,GACjB7hB,EAAY,iBAEZpT,EACAg1B,GAEYE,gBAChB,CA2BOz8B,eAAe08B,GACpB53B,EACAyC,EACA0R,GAEA,MAAMlO,GAAeC,EAAAA,EAAAA,IAAmBlG,GACxCnI,EAAkBoO,EAAa7O,KAAMqL,EAAU+Z,IAC/C,MAAMib,EAAmBvB,GAAqBjwB,EAAa7O,KAAM+c,GAQjE,OAPe,IAAIujB,GACjBzxB,EAAa7O,KAAI,iBAEjBqL,EACAg1B,EACAxxB,GAEY0xB,gBAChB,CA0BOz8B,eAAe28B,GACpB73B,EACAyC,EACA0R,GAEA,MAAMlO,GAAeC,EAAAA,EAAAA,IAAmBlG,GACxCnI,EAAkBoO,EAAa7O,KAAMqL,EAAU+Z,IAC/C,MAAMib,EAAmBvB,GAAqBjwB,EAAa7O,KAAM+c,GASjE,OAPe,IAAIujB,GACjBzxB,EAAa7O,KAAI,eAEjBqL,EACAg1B,EACAxxB,GAEY0xB,gBAChB,CAOA,MAAMD,WAAuBd,GAO3B5+B,YACEZ,EACA+L,EACiBV,EACjB0R,EACAnU,GAEAmZ,MAAM/hB,EAAM+L,EAAQgR,EAAUnU,GAJb,KAAQyC,SAARA,EANX,KAAUq1B,WAAqB,KAC/B,KAAMC,OAAkB,KAU1BL,GAAeM,oBACjBN,GAAeM,mBAAmBC,SAGpCP,GAAeM,mBAAqB3+B,KAGtC6B,uBACE,MAAMoX,QAAejZ,KAAKkV,UAE1B,OADAnW,EAAQka,EAAQjZ,KAAKjC,KAAM,kBACpBkb,EAGTpX,oBACEzC,EACyB,IAAvBY,KAAK8J,OAAOjB,OACZ,0CAEF,MAAM0oB,EAAUe,KAChBtyB,KAAKy+B,iBAAmBz+B,KAAK8a,SAAS+jB,WACpC7+B,KAAKjC,KACLiC,KAAKoJ,SACLpJ,KAAK8J,OAAO,GACZynB,GAEFvxB,KAAKy+B,WAAWK,gBAAkBvN,EASlCvxB,KAAK8a,SAASikB,kBAAkB/+B,KAAKjC,MAAMqX,OAAMjR,IAC/CnE,KAAK8E,OAAOX,EAAE,IAGhBnE,KAAK8a,SAASkkB,6BAA6Bh/B,KAAKjC,MAAMkhC,IAC/CA,GACHj/B,KAAK8E,OACHjH,EAAamC,KAAKjC,KAA4C,2BAEjE,IAIHiC,KAAKk/B,uBAGH3N,oBACF,OAAwB,QAAjBhyB,EAAAS,KAAKy+B,kBAAY,IAAAl/B,OAAA,EAAAA,EAAAu/B,kBAAmB,KAG7CF,SACE5+B,KAAK8E,OAAOjH,EAAamC,KAAKjC,KAA0C,4BAG1EkgC,UACMj+B,KAAKy+B,YACPz+B,KAAKy+B,WAAW1L,QAGd/yB,KAAK0+B,QACP1pB,OAAOhQ,aAAahF,KAAK0+B,QAG3B1+B,KAAKy+B,WAAa,KAClBz+B,KAAK0+B,OAAS,KACdL,GAAeM,mBAAqB,KAG9BO,uBACN,MAAMxQ,EAAOA,cACkB,QAAzB3gB,EAAiB,QAAjBxO,EAAAS,KAAKy+B,kBAAY,IAAAl/B,OAAA,EAAAA,EAAAyV,cAAQ,IAAAjH,OAAA,EAAAA,EAAAoxB,QAM3Bn/B,KAAK0+B,OAAS1pB,OAAOjQ,YAAW,KAC9B/E,KAAK0+B,OAAS,KACd1+B,KAAK8E,OACHjH,EAAamC,KAAKjC,KAAyC,wBAC5D,GACA,KAILiC,KAAK0+B,OAAS1pB,OAAOjQ,WAAW2pB,EAAMwP,GAA2B99B,MAAM,EAGzEsuB,KAxGa2P,GAAkBM,mBAA0B,KCzK7D,MAAMS,GAAuB,kBAIvBC,GAGF,IAAIzwB,IAEF,MAAO0wB,WAAuB/B,GAGlC5+B,YACEZ,EACA+c,EACAlU,GAAkB,GAElBkZ,MACE/hB,EACA,CAAC,oBAAD,iDAMA+c,OACAzU,EACAO,GAjBJ,KAAO2qB,QAAG,KAyBV1vB,gBACE,IAAI09B,EAAeF,GAAmBj/B,IAAIJ,KAAKjC,KAAKuR,QACpD,IAAKiwB,EAAc,CACjB,IACE,MAIMtmB,QA2CPpX,eACLiZ,EACA/c,GAEA,MAAMyE,EAAMg9B,GAAmBzhC,GACzB6R,EAAc6vB,GAAoB3kB,GACxC,UAAYlL,EAAYqB,eACtB,OAAO,EAET,MAAMyuB,EAAuD,eAA3B9vB,EAAYU,KAAK9N,GAEnD,aADMoN,EAAYa,QAAQjO,GACnBk9B,CACT,CA3DyCC,CAC/B3/B,KAAK8a,SACL9a,KAAKjC,YAEmC+hB,MAAM5K,UAAY,KAC5DqqB,EAAeA,IAAMl8B,QAAQwQ,QAAQoF,EACtC,CAAC,MAAO9U,GACPo7B,EAAeA,IAAMl8B,QAAQyB,OAAOX,EACrC,CAEDk7B,GAAmBrwB,IAAIhP,KAAKjC,KAAKuR,OAAQiwB,EAC1C,CAQD,OAJKv/B,KAAK4G,iBACRy4B,GAAmBrwB,IAAIhP,KAAKjC,KAAKuR,QAAQ,IAAMjM,QAAQwQ,QAAQ,QAG1D0rB,IAGT19B,kBAAkB4sB,GAChB,GAAmB,sBAAfA,EAAMvf,KACR,OAAO4Q,MAAM8f,YAAYnR,GACpB,GAAmB,YAAfA,EAAMvf,MAMjB,GAAIuf,EAAM8C,QAAS,CACjB,MAAM5qB,QAAa3G,KAAKjC,KAAK8hC,mBAAmBpR,EAAM8C,SACtD,GAAI5qB,EAEF,OADA3G,KAAK2G,KAAOA,EACLmZ,MAAM8f,YAAYnR,GAEzBzuB,KAAK6T,QAAQ,KAEhB,OAZC7T,KAAK6T,QAAQ,MAejBhS,oBAAiB,CAEjBo8B,UAAO,EAiBFp8B,eAAei+B,GACpBhlB,EACA/c,GAEA,OAAO0hC,GAAoB3kB,GAAU1K,KAAKovB,GAAmBzhC,GAAO,OACtE,UAEgBgiC,KACdV,GAAmBjF,OACrB,CAEgB,SAAA/gB,GACdtb,EACAkb,GAEAomB,GAAmBrwB,IAAIjR,EAAKuR,OAAQ2J,EACtC,CAEA,SAASwmB,GACP3kB,GAEA,OAAOjM,EAAaiM,EAASC,qBAC/B,CAEA,SAASykB,GAAmBzhC,GAC1B,OAAO2R,EACL0vB,GACArhC,EAAK4C,OAAO8B,OACZ1E,EAAKQ,KAET,UC/EgByhC,GACdjiC,EACAqL,EACA0R,GAEA,OAGKjZ,eACL9D,EACAqL,EACA0R,GAEA,MAAM0B,EAAe3H,GAAU9W,GAC/BS,EAAkBT,EAAMqL,EAAU+Z,UAI5B3G,EAAa9E,uBACnB,MAAM0mB,EAAmBvB,GAAqBrgB,EAAc1B,GAG5D,aAFMglB,GAA0B1B,EAAkB5hB,GAE3C4hB,EAAiB6B,cACtBzjB,EACApT,EAAQ,oBAGZ,CAtBS82B,CAAoBniC,EAAMqL,EAAU0R,EAC7C,UAuDgBqlB,GACdx5B,EACAyC,EACA0R,GAEA,OAMKjZ,eACL8E,EACAyC,EACA0R,GAEA,MAAMlO,GAAeC,EAAAA,EAAAA,IAAmBlG,GACxCnI,EAAkBoO,EAAa7O,KAAMqL,EAAU+Z,UAIzCvW,EAAa7O,KAAK2Z,uBAExB,MAAM0mB,EAAmBvB,GAAqBjwB,EAAa7O,KAAM+c,SAC3DglB,GAA0B1B,EAAkBxxB,EAAa7O,MAE/D,MAAMwzB,QAAgB6O,GAAuBxzB,GAC7C,OAAOwxB,EAAiB6B,cACtBrzB,EAAa7O,KACbqL,EAAQ,oBAERmoB,EAEJ,CA5BS8O,CACL15B,EACAyC,EACA0R,EAEJ,UAsDgBwlB,GACd35B,EACAyC,EACA0R,GAEA,OAEKjZ,eACL8E,EACAyC,EACA0R,GAEA,MAAMlO,GAAeC,EAAAA,EAAAA,IAAmBlG,GACxCnI,EAAkBoO,EAAa7O,KAAMqL,EAAU+Z,UAIzCvW,EAAa7O,KAAK2Z,uBAExB,MAAM0mB,EAAmBvB,GAAqBjwB,EAAa7O,KAAM+c,SAC3DwL,IAAoB,EAAO1Z,EAAcxD,EAASD,kBAClD22B,GAA0B1B,EAAkBxxB,EAAa7O,MAE/D,MAAMwzB,QAAgB6O,GAAuBxzB,GAC7C,OAAOwxB,EAAiB6B,cACtBrzB,EAAa7O,KACbqL,EAAQ,kBAERmoB,EAEJ,CAzBSgP,CAAkB55B,EAAMyC,EAAU0R,EAC3C,CAgEOjZ,eAAe2+B,GACpBziC,EACA+c,GAGA,aADMjG,GAAU9W,GAAM2Z,uBACf+oB,GAAmB1iC,EAAM+c,GAAU,EAC5C,CAEOjZ,eAAe4+B,GACpB1iC,EACA2iC,EACA95B,GAAkB,GAElB,MAAM4V,EAAe3H,GAAU9W,GACzB+c,EAAW+hB,GAAqBrgB,EAAckkB,GAC9C5rB,EAAS,IAAIwqB,GAAe9iB,EAAc1B,EAAUlU,GACpDqS,QAAenE,EAAOI,UAQ5B,OANI+D,IAAWrS,WACNqS,EAAOtS,KAAKmH,uBACb0O,EAAa/P,sBAAsBwM,EAAOtS,YAC1C6V,EAAa/C,iBAAiB,KAAMinB,IAGrCznB,CACT,CAEApX,eAAeu+B,GAAuBz5B,GACpC,MAAM4qB,EAAUe,GAAiB,GAAG3rB,EAAK2C,UAIzC,OAHA3C,EAAKmH,iBAAmByjB,QAClB5qB,EAAK5I,KAAK0b,iBAAiB9S,SAC3BA,EAAK5I,KAAK0O,sBAAsB9F,GAC/B4qB,CACT,OCrRaoP,GAOXhiC,YAA6BZ,GAAA,KAAIA,KAAJA,EANZ,KAAA6iC,gBAA+B,IAAIza,IACnC,KAAA0a,UAAoC,IAAI1a,IAC/C,KAAmB2a,oBAAqB,KACxC,KAA2BC,6BAAG,EAChC,KAAAC,uBAAyBv7B,KAAKmC,MAItC+1B,iBAAiBsD,GACfjhC,KAAK6gC,UAAUxiB,IAAI4iB,GAGjBjhC,KAAK8gC,qBACL9gC,KAAKkhC,mBAAmBlhC,KAAK8gC,oBAAqBG,KAElDjhC,KAAKmhC,eAAenhC,KAAK8gC,oBAAqBG,GAC9CjhC,KAAKohC,iBAAiBphC,KAAK8gC,qBAC3B9gC,KAAK8gC,oBAAsB,MAI/B9C,mBAAmBiD,GACjBjhC,KAAK6gC,UAAUhwB,OAAOowB,GAGxBI,QAAQ5S,GAEN,GAAIzuB,KAAKshC,oBAAoB7S,GAC3B,OAAO,EAGT,IAAI8S,GAAU,EASd,OARAvhC,KAAK6gC,UAAUvG,SAAQkH,IACjBxhC,KAAKkhC,mBAAmBzS,EAAO+S,KACjCD,GAAU,EACVvhC,KAAKmhC,eAAe1S,EAAO+S,GAC3BxhC,KAAKohC,iBAAiB3S,GACvB,IAGCzuB,KAAK+gC,8BAkEb,SAAyBtS,GACvB,OAAQA,EAAMvf,MACZ,IAAwC,oBACxC,IAAqC,kBACrC,IAAK,oBACH,OAAO,EACT,IAAK,UACH,OAAOuyB,GAAoBhT,GAC7B,QACE,OAAO,EAEb,CA7E6CiT,CAAgBjT,KAMzDzuB,KAAK+gC,6BAA8B,EAG9BQ,IACHvhC,KAAK8gC,oBAAsBrS,EAC3B8S,GAAU,IARHA,EAcHJ,eAAe1S,EAAkB+S,SACvC,GAAI/S,EAAMlxB,QAAUkkC,GAAoBhT,GAAQ,CAC9C,MAAMzwB,GACa,QAAhBuB,EAAAkvB,EAAMlxB,MAAMS,YAAI,IAAAuB,OAAA,EAAAA,EAAEwE,MAAM,SAAS,KAAoB,iBAExDy9B,EAAS1D,QAAQjgC,EAAamC,KAAKjC,KAAMC,GAC1C,MACCwjC,EAAS5B,YAAYnR,GAIjByS,mBACNzS,EACA+S,GAEA,MAAMG,EACiB,OAArBH,EAASjQ,WACN9C,EAAM8C,SAAW9C,EAAM8C,UAAYiQ,EAASjQ,QACjD,OAAOiQ,EAAS13B,OAAO4H,SAAS+c,EAAMvf,OAASyyB,EAGzCL,oBAAoB7S,GAQ1B,OANEhpB,KAAKmC,MAAQ5H,KAAKghC,wBAnFoB,KAsFtChhC,KAAK4gC,gBAAgBxG,QAGhBp6B,KAAK4gC,gBAAgBja,IAAIib,GAASnT,IAGnC2S,iBAAiB3S,GACvBzuB,KAAK4gC,gBAAgBviB,IAAIujB,GAASnT,IAClCzuB,KAAKghC,uBAAyBv7B,KAAKmC,OAIvC,SAASg6B,GAASz9B,GAChB,MAAO,CAACA,EAAE+K,KAAM/K,EAAEotB,QAASptB,EAAE+4B,UAAW/4B,EAAEvC,UAAUkI,QAAO+3B,GAAKA,IAAG9uB,KAAK,IAC1E,CAEA,SAAS0uB,IAAoB,KAAEvyB,EAAI,MAAE3R,IACnC,MACgC,YAA9B2R,GACwB,wBAAnB,OAAL3R,QAAK,IAALA,OAAK,EAALA,EAAOS,KAEX,CC3GO6D,eAAeigC,GACpB/jC,EACA4D,EAAmC,CAAC,GAEpC,OAAOG,EACL/D,EAGA,qBAAA4D,EAEJ,CChBA,MAAMogC,GAAmB,uCACnBC,GAAa,UAwBnB,SAASC,GAAYnb,GACnB,MAAMob,EAAa7iC,KACb,SAAEO,EAAQ,SAAEuiC,GAAa,IAAIC,IAAIF,GACvC,GAAIpb,EAAS/lB,WAAW,uBAAwB,CAC9C,MAAMshC,EAAQ,IAAID,IAAItb,GAEtB,MAAuB,KAAnBub,EAAMF,UAAgC,KAAbA,EAGZ,sBAAbviC,GACAknB,EAAS5iB,QAAQ,sBAAuB,MACtCg+B,EAAWh+B,QAAQ,sBAAuB,IAI5B,sBAAbtE,GAAoCyiC,EAAMF,WAAaA,CAC/D,CAED,IAAKH,GAAW1vB,KAAK1S,GACnB,OAAO,EAGT,GAAImiC,GAAiBzvB,KAAKwU,GAGxB,OAAOqb,IAAarb,EAItB,MAAMwb,EAAuBxb,EAAS5iB,QAAQ,MAAO,OAOrD,OAJW,IAAIq+B,OACb,UAAYD,EAAuB,IAAMA,EAAuB,KAChE,KAEQhwB,KAAK6vB,EACjB,CC7DA,MAAMK,GAAkB,IAAI3iC,EAAM,IAAO,KAMzC,SAAS4iC,KAIP,MAAMC,EAASnP,KAAUoP,OAEzB,GAAI,OAAAD,QAAM,IAANA,OAAM,EAANA,EAAQE,EAEV,IAAK,MAAMC,KAAQ1kC,OAAOkxB,KAAKqT,EAAOE,GAQpC,GANAF,EAAOE,EAAEC,GAAMC,EAAIJ,EAAOE,EAAEC,GAAMC,GAAK,GAEvCJ,EAAOE,EAAEC,GAAME,EAAIL,EAAOE,EAAEC,GAAME,GAAK,GAEvCL,EAAOE,EAAEC,GAAMC,EAAI,IAAIJ,EAAOE,EAAEC,GAAME,GAElCL,EAAOM,GACT,IAAK,IAAIxQ,EAAI,EAAGA,EAAIkQ,EAAOM,GAAGn6B,OAAQ2pB,IAEpCkQ,EAAOM,GAAGxQ,GAAK,IAKzB,CA8DA,IAAIyQ,GAAyD,KACvD,SAAUC,GAAUnlC,GAExB,OADAklC,GAAmBA,IA9DrB,SAAkBllC,GAChB,OAAO,IAAIsF,SAA8B,CAACwQ,EAAS/O,eAEjD,SAASq+B,IAGPV,KACAW,KAAKxK,KAAK,eAAgB,CACxBnrB,SAAUA,KACRoG,EAAQuvB,KAAKC,QAAQC,aAAa,EAEpCC,UAAWA,KAOTd,KACA39B,EAAOjH,EAAaE,EAAM,0BAAsC,EAElEi1B,QAASwP,GAAgBpiC,QAI7B,GAA6B,QAAzB2N,EAAgB,QAAhBxO,EAAAg0B,KAAU6P,YAAM,IAAA7jC,OAAA,EAAAA,EAAA8jC,eAAS,IAAAt1B,OAAA,EAAAA,EAAAy1B,OAE3B3vB,EAAQuvB,KAAKC,QAAQC,kBAChB,MAAoB,QAAdt1B,EAAAulB,KAAU6P,YAAI,IAAAp1B,OAAA,EAAAA,EAAE4qB,MAGtB,CAML,MAAM6K,EAASlvB,GAAyB,aAYxC,OAVAgf,KAAUkQ,GAAU,KAEZL,KAAKxK,KACTuK,IAGAr+B,EAAOjH,EAAaE,EAAM,0BAC3B,EAGI6V,GACI,4CAA4C6vB,KACpDruB,OAAMjR,GAAKW,EAAOX,IACtB,CAtBCg/B,GAsBD,KACA/tB,OAAM7X,IAGP,MADA0lC,GAAmB,KACb1lC,CAAK,GAEf,CAIyCmmC,CAAS3lC,GACzCklC,EACT,CC3FA,MAAMU,GAAe,IAAI9jC,EAAM,IAAM,MAC/B+jC,GAAc,iBACdC,GAAuB,uBAEvBC,GAAoB,CACxBtmB,MAAO,CACLE,SAAU,WACVuR,IAAK,SACLtR,MAAO,MACPomB,OAAQ,OAEV,cAAe,OACfC,SAAU,MAKNC,GAAmB,IAAIr1B,IAAI,CAC/B,CAAC,iCAAwB,KACzB,CAAC,iDAAkD,KACnD,CAAC,8CAA+C,OAGlD,SAASs1B,GAAanmC,GACpB,MAAM4C,EAAS5C,EAAK4C,OACpB5B,EAAQ4B,EAAOkY,WAAY9a,EAAM,+BACjC,MAAM+C,EAAMH,EAAOE,SACfH,EAAaC,EAAQkjC,IACV,WAAA9lC,EAAK4C,OAAOkY,cAAc+qB,KAEnCzhC,EAAiC,CACrCM,OAAQ9B,EAAO8B,OACfnE,QAASP,EAAKQ,KACdsjC,EAAGrkC,EAAAA,aAEC2mC,EAAMF,GAAiB7jC,IAAIrC,EAAK4C,OAAOmC,SACzCqhC,IACFhiC,EAAOgiC,IAAMA,GAEf,MAAMvxB,EAAa7U,EAAK0d,iBAIxB,OAHI7I,EAAW/J,SACb1G,EAAOiiC,GAAKxxB,EAAWG,KAAK,MAEpB,GAAAjS,MAAOyB,EAAAA,EAAAA,IAAYJ,GAAQtD,MAAM,IAC7C,CC7CA,MAAMwlC,GAAqB,CACzB7kC,SAAU,MACV8kC,UAAW,MACXC,UAAW,MACXC,QAAS,YASEC,GAGX9lC,YAAqBqW,GAAA,KAAMA,OAANA,EAFrB,KAAe8pB,gBAAkB,KAIjC/L,QACE,GAAI/yB,KAAKgV,OACP,IACEhV,KAAKgV,OAAO+d,OACb,CAAC,MAAO5uB,GAAI,GAKH,SAAAugC,GACd3mC,EACA+C,EACAvC,EACAof,EAxBoB,IAyBpBomB,EAxBqB,KA0BrB,MAAM9U,EAAMzuB,KAAKqH,KAAKmN,OAAO2vB,OAAOC,YAAcb,GAAU,EAAG,GAAGt9B,WAC5DuX,EAAOxd,KAAKqH,KAAKmN,OAAO2vB,OAAOE,WAAalnB,GAAS,EAAG,GAAGlX,WACjE,IAAIisB,EAAS,GAEb,MAAMhX,EACDvd,OAAAC,OAAAD,OAAAC,OAAA,GAAAimC,IAAkB,CACrB1mB,MAAOA,EAAMlX,WACbs9B,OAAQA,EAAOt9B,WACfwoB,MACAjR,SAKIvM,GAAKY,EAAAA,EAAAA,MAAQpO,cAEf1F,IACFm0B,EAAS1gB,GAAaP,GA1CL,SA0C0BlT,GAGzCqT,GAAWH,KAEb3Q,EAAMA,GA7CgB,mBAgDtB4a,EAAQopB,WAAa,OAGvB,MAAMC,EAAgB5mC,OAAO6mC,QAAQtpB,GAASupB,QAC5C,CAACC,GAAQ1iC,EAAK4M,KAAW,GAAG81B,IAAQ1iC,KAAO4M,MAC3C,IAGF,Y/E2C+BqC,GAAKY,EAAAA,EAAAA,aACpC,OAAOE,GAAOd,OAAoD,QAA3ClS,EAACyV,OAAO3U,iBAAmC,IAAAd,OAAA,EAAAA,EAAA4lC,WACpE,C+E7CMC,CAAiB3zB,IAAkB,UAAXihB,EAE1B,OAgBJ,SAA4B5xB,EAAa4xB,GACvC,MAAM5e,EAAKC,SAASC,cAAc,KAClCF,EAAGrU,KAAOqB,EACVgT,EAAG4e,OAASA,EACZ,MAAM2S,EAAQtxB,SAASuxB,YAAY,cACnCD,EAAME,eACJ,SACA,GACA,EACAvwB,OACA,EACA,EACA,EACA,EACA,GACA,GACA,GACA,GACA,EACA,EACA,MAEFlB,EAAG0xB,cAAcH,EACnB,CAxCII,CAAmB3kC,GAAO,GAAI4xB,GACvB,IAAI+R,GAAU,MAKvB,MAAMiB,EAAS1wB,OAAOqf,KAAKvzB,GAAO,GAAI4xB,EAAQqS,GAC9ChmC,EAAQ2mC,EAAQ3nC,EAAM,iBAGtB,IACE2nC,EAAOC,OACR,CAAC,MAAOxhC,GAAI,CAEb,OAAO,IAAIsgC,GAAUiB,EACvB,CC9EA,MAAME,GAAc,kBAOdC,GAAuB,wBAOvBC,GAAiCC,mBAAmB,OAgBnDlkC,eAAemkC,GACpBjoC,EACAqL,EACA68B,EACAC,EACA3U,EACA4U,GAEApnC,EAAQhB,EAAK4C,OAAOkY,WAAY9a,EAAM,+BACtCgB,EAAQhB,EAAK4C,OAAO8B,OAAQ1E,EAAM,mBAElC,MAAMoE,EAAuB,CAC3BM,OAAQ1E,EAAK4C,OAAO8B,OACpBnE,QAASP,EAAKQ,KACd0nC,WACAC,cACArE,EAAGrkC,EAAAA,YACH+zB,WAGF,GAAInoB,aAAoB+Z,GAAuB,CAC7C/Z,EAASka,mBAAmBvlB,EAAK6E,cACjCT,EAAOgH,WAAaC,EAASD,YAAc,IACtCi9B,EAAAA,EAAAA,IAAQh9B,EAASqa,yBACpBthB,EAAOkhB,iBAAmBjhB,KAAKC,UAAU+G,EAASqa,wBAIpD,IAAK,MAAOjhB,EAAK4M,KAAUjR,OAAO6mC,QAAQmB,GAAoB,CAAC,GAC7DhkC,EAAOK,GAAO4M,CAEjB,CAED,GAAIhG,aAAoBsa,GAAmB,CACzC,MAAMC,EAASva,EAAS0a,YAAYha,QAAO+Z,GAAmB,KAAVA,IAChDF,EAAO9a,OAAS,IAClB1G,EAAOwhB,OAASA,EAAO5Q,KAAK,KAE/B,CAEGhV,EAAK6D,WACPO,EAAOkkC,IAAMtoC,EAAK6D,UAMpB,MAAM0kC,EAAankC,EACnB,IAAK,MAAMK,KAAOrE,OAAOkxB,KAAKiX,QACJjgC,IAApBigC,EAAW9jC,WACN8jC,EAAW9jC,GAKtB,MAAMwZ,QAAsBje,EAAKke,oBAC3BsqB,EAAwBvqB,EAC1B,IAAI8pB,MAAkCC,mBAAmB/pB,KACzD,GAGJ,MAAO,GAKT,UAAwB,OAAErb,IACxB,IAAKA,EAAOE,SACV,MAAO,WAAWF,EAAOkY,cAAc+sB,KAGzC,OAAOllC,EAAaC,EAAQklC,GAC9B,CAXYW,CAAezoC,OAASwE,EAAAA,EAAAA,IAAY+jC,GAAYznC,MACxD,KACE0nC,GACN,CCjFA,MAAME,GAA0B,oBAoJzB,MAAMC,GAzIb,MAAA/nC,cACmB,KAAagoC,cAAqC,CAAC,EACnD,KAAOtD,QAAwC,CAAC,EAChD,KAAwBuD,yBAAkC,CAAC,EAEnE,KAAoB7rB,qBAAG6V,GAyHhC,KAAmBpX,oBAAGinB,GAEtB,KAAuBpnB,wBAAGA,GAvH1BxX,iBACE9D,EACAqL,EACA68B,EACA1U,SAEAnyB,EACmC,QAAjCG,EAAAS,KAAK2mC,cAAc5oC,EAAKuR,eAAS,IAAA/P,OAAA,EAAAA,EAAAuM,QACjC,gDAUF,OAAO44B,GAAM3mC,QAPKioC,GAChBjoC,EACAqL,EACA68B,EACA5mC,IACAkyB,GAEsBe,MAG1BzwB,oBACE9D,EACAqL,EACA68B,EACA1U,SAEMvxB,KAAK++B,kBAAkBhhC,GAS7B,OtBvDE,SAA6B+C,GACjCyyB,KAAU/zB,SAASC,KAAOqB,CAC5B,CsBoDI+lC,OAPkBb,GAChBjoC,EACAqL,EACA68B,EACA5mC,IACAkyB,IAGK,IAAIluB,SAAQ,SAGrBgV,YAAYta,GACV,MAAMyE,EAAMzE,EAAKuR,OACjB,GAAItP,KAAK2mC,cAAcnkC,GAAM,CAC3B,MAAM,QAAEsJ,EAAO,QAAEvI,GAAYvD,KAAK2mC,cAAcnkC,GAChD,OAAIsJ,EACKzI,QAAQwQ,QAAQ/H,IAEvB1M,EAAYmE,EAAS,4CACdA,EAEV,CAED,MAAMA,EAAUvD,KAAK8mC,kBAAkB/oC,GASvC,OARAiC,KAAK2mC,cAAcnkC,GAAO,CAAEe,WAI5BA,EAAQ6R,OAAM,YACLpV,KAAK2mC,cAAcnkC,EAAI,IAGzBe,EAGD1B,wBAAwB9D,GAC9B,MAAMgpC,QHvDHllC,eACL9D,GAEA,MAAMipC,QAAgB9D,GAAqBnlC,GACrCqlC,EAAO7P,KAAU6P,KAEvB,OADArkC,EAAQqkC,EAAMrlC,EAAM,kBACbipC,EAAQ3S,KACb,CACE4S,MAAOlzB,SAAS7R,KAChBpB,IAAKojC,GAAanmC,GAClBmpC,sBAAuB9D,EAAKC,QAAQ8D,4BACpCC,WAAYtD,GACZuD,WAAW,IAEZN,GACC,IAAI1jC,SAAQxB,MAAOgS,EAAS/O,WACpBiiC,EAAOO,QAAQ,CAEnBC,gBAAgB,IAGlB,MAAMC,EAAe3pC,EACnBE,EAAI,0BAKA0pC,EAAoBlU,KAAUxuB,YAAW,KAC7CD,EAAO0iC,EAAa,GACnB7D,GAAavjC,OAEhB,SAASsnC,IACPnU,KAAUvuB,aAAayiC,GACvB5zB,EAAQkzB,GAIVA,EAAOY,KAAKD,GAAsBvyB,KAAKuyB,GAAsB,KAC3D5iC,EAAO0iC,EAAa,GACpB,KAGV,CGayBI,CAAY7pC,GAC3B+N,EAAU,IAAI60B,GAAiB5iC,GAerC,OAdAgpC,EAAOc,SACL,aACCC,IACC/oC,EAAmB,OAAX+oC,QAAW,IAAXA,OAAW,EAAXA,EAAaC,UAAWhqC,EAAM,sBAItC,MAAO,CAAE6zB,OADO9lB,EAAQu1B,QAAQyG,EAAYC,WACD,MAAmB,QAAE,GAElE3E,KAAKC,QAAQ8D,6BAGfnnC,KAAK2mC,cAAc5oC,EAAKuR,QAAU,CAAExD,WACpC9L,KAAKqjC,QAAQtlC,EAAKuR,QAAUy3B,EACrBj7B,EAGTkzB,6BACEjhC,EACAqd,GAEepb,KAAKqjC,QAAQtlC,EAAKuR,QAC1B04B,KACLvB,GACA,CAAEv3B,KAAMu3B,KACRxtB,UACE,MAAMgmB,EAA4B,QAAd1/B,EAAM,OAAN0Z,QAAM,IAANA,OAAM,EAANA,EAAS,UAAK,IAAA1Z,OAAA,EAAAA,EAAAknC,SACdpgC,IAAhB44B,GACF7jB,IAAK6jB,GAGPxhC,EAAMM,EAAM,iBAA6B,GAE3CqlC,KAAKC,QAAQ8D,6BAIjBpI,kBAAkBhhC,GAChB,MAAMyE,EAAMzE,EAAKuR,OAKjB,OAJKtP,KAAK4mC,yBAAyBpkC,KACjCxC,KAAK4mC,yBAAyBpkC,GLlJ7BX,eAA+B9D,GAEpC,GAAIA,EAAK4C,OAAOE,SACd,OAGF,MAAM,kBAAEonC,SAA4BnG,GAAkB/jC,GAEtD,IAAK,MAAMmqC,KAAUD,EACnB,IACE,GAAIhG,GAAYiG,GACd,MAEH,CAAC,MAAM3oC,IAMV9B,EAAMM,EAAM,sBACd,CK8H2CoqC,CAAgBpqC,IAGhDiC,KAAK4mC,yBAAyBpkC,GAGnC4V,6BAEF,OAAO3F,MAAsBV,MAAeQ,aC9J1B61B,GACpBzpC,YAA+B+oB,GAAA,KAAQA,SAARA,EAE/BwF,SACEnvB,EACA+uB,EACAtjB,GAEA,OAAQsjB,EAAQ5d,MACd,IAAK,SACH,OAAOlP,KAAKqoC,gBAAgBtqC,EAAM+uB,EAAQ7I,WAAYza,GACxD,IAAK,SACH,OAAOxJ,KAAKsoC,gBAAgBvqC,EAAM+uB,EAAQ7I,YAC5C,QACE,OAAOhlB,EAAU,uCCDnB,MAAOspC,WACHH,GAGRzpC,YAAqCslB,GACnCnE,MAAM,SAD6B,KAAUmE,WAAVA,EAKrChjB,uBACEgjB,GAEA,OAAO,IAAIskB,GAA8BtkB,GAI3CokB,gBACEtqC,EACA2K,EACAc,GAEA,OjCqCY,SACdzL,EACA4D,GAEA,OAAOG,EAIL/D,EAGA,6CAAA2D,EAAmB3D,EAAM4D,GAE7B,CiClDW6mC,CAAuBzqC,EAAM,CAClC2K,UACAc,cACAi/B,sBAAuBzoC,KAAKikB,WAAWtC,6BAK3C2mB,gBACEvqC,EACAyuB,GAEA,OjB2BY,SACdzuB,EACA4D,GAEA,OAAOG,EAIL/D,EAGA,yCAAA2D,EAAmB3D,EAAM4D,GAE7B,CiBxCW+mC,CAAuB3qC,EAAM,CAClCyuB,uBACAic,sBAAuBzoC,KAAKikB,WAAWtC,oCAUhCgnB,GACXhqC,cAAA,CASAsC,iBAAiBgjB,GACf,OAAOskB,GAA8BK,gBAAgB3kB,IAMhD0kB,GAASE,UAAG,kDCpERC,GAIXnqC,YAA6BZ,GAAA,KAAIA,KAAJA,EAHZ,KAAAgrC,kBACf,IAAIn6B,IAINo6B,eAEE,OADAhpC,KAAKipC,wBACyB,QAAvB1pC,EAAAS,KAAKjC,KAAK+I,mBAAa,IAAAvH,OAAA,EAAAA,EAAA+J,MAAO,KAGvCzH,eACEuJ,GAIA,GAFApL,KAAKipC,6BACCjpC,KAAKjC,KAAK2Z,wBACX1X,KAAKjC,KAAK+I,YACb,OAAO,KAIT,MAAO,CAAE6D,kBADiB3K,KAAKjC,KAAK+I,YAAYiB,WAAWqD,IAI7D89B,qBAAqBlZ,GAEnB,GADAhwB,KAAKipC,uBACDjpC,KAAK+oC,kBAAkBpiB,IAAIqJ,GAC7B,OAGF,MAAMmZ,EAAcnpC,KAAKjC,KAAK6c,kBAAiBjU,IAC7CqpB,GAC+B,OAA5BrpB,QAAA,IAAAA,OAAA,EAAAA,EAA8Be,gBAAgBiD,cAAe,KAC/D,IAEH3K,KAAK+oC,kBAAkB/5B,IAAIghB,EAAUmZ,GACrCnpC,KAAKopC,yBAGPC,wBAAwBrZ,GACtBhwB,KAAKipC,uBACL,MAAME,EAAcnpC,KAAK+oC,kBAAkB3oC,IAAI4vB,GAC1CmZ,IAILnpC,KAAK+oC,kBAAkBl4B,OAAOmf,GAC9BmZ,IACAnpC,KAAKopC,0BAGCH,uBACNlqC,EACEiB,KAAKjC,KAAK2Z,uBAAsB,yCAK5B0xB,yBACFppC,KAAK+oC,kBAAkBvY,KAAO,EAChCxwB,KAAKjC,KAAK2P,yBAEV1N,KAAKjC,KAAK4P,0BCvDd27B,EAAAA,EAAAA,IAAuB,qBCqBnB,IAAuB32B,MDgDhB,WC/CX42B,EAAAA,EAAAA,oBACE,IAAIC,EAAAA,GAAU,QAEZ,CAACnS,GAAa3b,QAAS+tB,MACrB,MAAM5yB,EAAMwgB,EAAUqS,YAAY,OAAO7tB,eACnC/E,EACJugB,EAAUqS,YAAyB,aAC/B3yB,EACJsgB,EAAUqS,YAAkC,uBACxC,OAAEjnC,EAAM,WAAEoW,GAAehC,EAAI6E,QAEnC3c,EACE0D,IAAWA,EAAOiP,SAAS,KAE3B,mBAAEpT,QAASuY,EAAItY,OAGjB,MAAMoC,EAAyB,CAC7B8B,SACAoW,aACAlG,kBACA7P,QAA+B,iCAC/B0I,aAA0C,6BAC1C7G,UAAmC,QACnCqT,iBAAkBtF,GAAkBC,KAGhCg3B,EAAe,IAAI/yB,GACvBC,EACAC,EACAC,EACApW,GAIF,OCvBQ,SACd5C,EACA0rC,GAEA,MAAM75B,GAAc,OAAA65B,QAAA,IAAAA,OAAA,EAAAA,EAAM75B,cAAe,GACnCg6B,GACJp7B,MAAMC,QAAQmB,GAAeA,EAAc,CAACA,IAC5C1G,IAAyB2F,IACvB,OAAA46B,QAAI,IAAJA,OAAI,EAAJA,EAAMvrC,WACRH,EAAKuc,gBAAgBmvB,EAAKvrC,UAM5BH,EAAKka,2BAA2B2xB,EAAW,OAAAH,QAAA,IAAAA,OAAA,EAAAA,EAAMvxB,sBACnD,CDKQ2xB,CAAwBF,EAAcF,GAE/BE,CAAY,GAGtB,UAKEG,qBAAgD,YAKhDC,4BACC,CAAC1S,EAAW2S,EAAqBC,KACF5S,EAAUqS,YAAY,iBAG9BQ,YAAY,MAKzCX,EAAAA,EAAAA,oBACE,IAAIC,EAAAA,GAEF,iBAAAnS,GAIS,CAACt5B,GAAQ,IAAI+qC,GAAY/qC,GAAzB,CAHM8W,GACXwiB,EAAUqS,YAAY,QAAqB7tB,kBAKhD,WAACiuB,qBAAqB,cAGzBK,EAAAA,EAAAA,iBAAgB5rC,GAAMiX,GA1FxB,SACE7C,GAEA,OAAQA,GACN,IAAK,OACH,MAAO,OACT,IAAK,cACH,MAAO,KACT,IAAK,SACH,MAAO,YACT,IAAK,UACH,MAAO,UACT,QACE,OAEN,CA2EiCy3B,CAAsBz3B,MAErDw3B,EAAAA,EAAAA,iBAAgB5rC,GAAMiX,GAAS","sources":["webpack://app/../../src/model/enum_maps.ts","webpack://app/../../src/core/errors.ts","webpack://app/../../src/core/util/log.ts","webpack://app/../../src/core/util/assert.ts","webpack://app/../../src/core/util/location.ts","webpack://app/../../src/core/util/delay.ts","webpack://app/../../src/core/util/navigator.ts","webpack://app/../../src/core/util/emulator.ts","webpack://app/../../src/core/util/fetch_provider.ts","webpack://app/../../src/api/errors.ts","webpack://app/../../src/api/index.ts","webpack://app/../../src/core/util/time.ts","webpack://app/../../src/core/user/id_token_result.ts","webpack://app/../../src/core/user/invalidation.ts","webpack://app/../../src/core/user/proactive_refresh.ts","webpack://app/../../src/core/user/user_metadata.ts","webpack://app/../../src/core/user/reload.ts","webpack://app/../../src/api/account_management/account.ts","webpack://app/../../src/core/user/token_manager.ts","webpack://app/../../src/api/authentication/token.ts","webpack://app/../../src/core/user/user_impl.ts","webpack://app/../../src/core/util/instantiator.ts","webpack://app/../../src/core/persistence/in_memory.ts","webpack://app/../../src/core/persistence/persistence_user_manager.ts","webpack://app/../../src/core/util/browser.ts","webpack://app/../../src/core/util/version.ts","webpack://app/../../src/api/authentication/recaptcha.ts","webpack://app/../../src/platform_browser/recaptcha/recaptcha.ts","webpack://app/../../src/platform_browser/load_js.ts","webpack://app/../../src/platform_browser/recaptcha/recaptcha_enterprise_verifier.ts","webpack://app/../../src/core/auth/middleware.ts","webpack://app/../../src/core/auth/auth_impl.ts","webpack://app/../../src/core/auth/emulator.ts","webpack://app/../../src/core/credentials/auth_credential.ts","webpack://app/../../src/api/account_management/email_and_password.ts","webpack://app/../../src/api/authentication/email_and_password.ts","webpack://app/../../src/core/credentials/email.ts","webpack://app/../../src/api/authentication/email_link.ts","webpack://app/../../src/api/authentication/idp.ts","webpack://app/../../src/core/credentials/oauth.ts","webpack://app/../../src/api/authentication/sms.ts","webpack://app/../../src/core/credentials/phone.ts","webpack://app/../../src/core/action_code_url.ts","webpack://app/../../src/core/providers/email.ts","webpack://app/../../src/core/providers/federated.ts","webpack://app/../../src/core/providers/oauth.ts","webpack://app/../../src/core/providers/facebook.ts","webpack://app/../../src/core/providers/google.ts","webpack://app/../../src/core/providers/github.ts","webpack://app/../../src/core/credentials/saml.ts","webpack://app/../../src/core/providers/saml.ts","webpack://app/../../src/core/providers/twitter.ts","webpack://app/../../src/api/authentication/sign_up.ts","webpack://app/../../src/core/user/user_credential_impl.ts","webpack://app/../../src/core/strategies/anonymous.ts","webpack://app/../../src/mfa/mfa_error.ts","webpack://app/../../src/core/util/providers.ts","webpack://app/../../src/core/user/link_unlink.ts","webpack://app/../../src/core/user/reauthenticate.ts","webpack://app/../../src/core/strategies/credential.ts","webpack://app/../../src/core/strategies/custom_token.ts","webpack://app/../../src/api/authentication/custom_token.ts","webpack://app/../../src/mfa/mfa_info.ts","webpack://app/../../src/core/strategies/action_code_settings.ts","webpack://app/../../src/core/strategies/email_and_password.ts","webpack://app/../../src/core/strategies/email_link.ts","webpack://app/../../src/core/strategies/email.ts","webpack://app/../../src/api/authentication/create_auth_uri.ts","webpack://app/../../src/core/user/account_info.ts","webpack://app/../../src/api/account_management/profile.ts","webpack://app/../../src/core/user/additional_user_info.ts","webpack://app/../../src/mfa/mfa_session.ts","webpack://app/../../src/mfa/mfa_resolver.ts","webpack://app/../../src/mfa/mfa_user.ts","webpack://app/../../src/api/account_management/mfa.ts","webpack://app/../../src/core/persistence/index.ts","webpack://app/../../src/platform_browser/persistence/browser.ts","webpack://app/../../src/platform_browser/persistence/local_storage.ts","webpack://app/../../src/platform_browser/persistence/session_storage.ts","webpack://app/../../src/platform_browser/messagechannel/receiver.ts","webpack://app/../../src/platform_browser/messagechannel/promise.ts","webpack://app/../../src/core/util/event_id.ts","webpack://app/../../src/platform_browser/messagechannel/sender.ts","webpack://app/../../src/platform_browser/auth_window.ts","webpack://app/../../src/platform_browser/util/worker.ts","webpack://app/../../src/platform_browser/persistence/indexed_db.ts","webpack://app/../../src/platform_browser/recaptcha/recaptcha_mock.ts","webpack://app/../../src/platform_browser/recaptcha/recaptcha_loader.ts","webpack://app/../../src/platform_browser/recaptcha/recaptcha_verifier.ts","webpack://app/../../src/platform_browser/strategies/phone.ts","webpack://app/../../src/api/authentication/mfa.ts","webpack://app/../../src/platform_browser/providers/phone.ts","webpack://app/../../src/core/util/resolver.ts","webpack://app/../../src/core/strategies/idp.ts","webpack://app/../../src/core/strategies/abstract_popup_redirect_operation.ts","webpack://app/../../src/platform_browser/strategies/popup.ts","webpack://app/../../src/core/strategies/redirect.ts","webpack://app/../../src/platform_browser/strategies/redirect.ts","webpack://app/../../src/core/auth/auth_event_manager.ts","webpack://app/../../src/api/project_config/get_project_config.ts","webpack://app/../../src/core/util/validate_origin.ts","webpack://app/../../src/platform_browser/iframe/gapi.ts","webpack://app/../../src/platform_browser/iframe/iframe.ts","webpack://app/../../src/platform_browser/util/popup.ts","webpack://app/../../src/core/util/handler.ts","webpack://app/../../src/platform_browser/popup_redirect.ts","webpack://app/../../src/mfa/mfa_assertion.ts","webpack://app/../../src/platform_browser/mfa/assertions/phone.ts","webpack://app/../../src/core/auth/firebase_internal.ts","webpack://app/../../src/platform_browser/index.ts","webpack://app/../../src/core/auth/register.ts","webpack://app/../../src/core/auth/initialize.ts"],"sourcesContent":["/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/**\n * An enum of factors that may be used for multifactor authentication.\n *\n * @public\n */\nexport const FactorId = {\n  /** Phone as second factor */\n  PHONE: 'phone',\n  TOTP: 'totp'\n} as const;\n\n/**\n * Enumeration of supported providers.\n *\n * @public\n */\nexport const ProviderId = {\n  /** Facebook provider ID */\n  FACEBOOK: 'facebook.com',\n  /** GitHub provider ID */\n  GITHUB: 'github.com',\n  /** Google provider ID */\n  GOOGLE: 'google.com',\n  /** Password provider */\n  PASSWORD: 'password',\n  /** Phone provider */\n  PHONE: 'phone',\n  /** Twitter provider ID */\n  TWITTER: 'twitter.com'\n} as const;\n\n/**\n * Enumeration of supported sign-in methods.\n *\n * @public\n */\nexport const SignInMethod = {\n  /** Email link sign in method */\n  EMAIL_LINK: 'emailLink',\n  /** Email/password sign in method */\n  EMAIL_PASSWORD: 'password',\n  /** Facebook sign in method */\n  FACEBOOK: 'facebook.com',\n  /** GitHub sign in method */\n  GITHUB: 'github.com',\n  /** Google sign in method */\n  GOOGLE: 'google.com',\n  /** Phone sign in method */\n  PHONE: 'phone',\n  /** Twitter sign in method */\n  TWITTER: 'twitter.com'\n} as const;\n\n/**\n * Enumeration of supported operation types.\n *\n * @public\n */\nexport const OperationType = {\n  /** Operation involving linking an additional provider to an already signed-in user. */\n  LINK: 'link',\n  /** Operation involving using a provider to reauthenticate an already signed-in user. */\n  REAUTHENTICATE: 'reauthenticate',\n  /** Operation involving signing in a user. */\n  SIGN_IN: 'signIn'\n} as const;\n\n/**\n * An enumeration of the possible email action types.\n *\n * @public\n */\nexport const ActionCodeOperation = {\n  /** The email link sign-in action. */\n  EMAIL_SIGNIN: 'EMAIL_SIGNIN',\n  /** The password reset action. */\n  PASSWORD_RESET: 'PASSWORD_RESET',\n  /** The email revocation action. */\n  RECOVER_EMAIL: 'RECOVER_EMAIL',\n  /** The revert second factor addition email action. */\n  REVERT_SECOND_FACTOR_ADDITION: 'REVERT_SECOND_FACTOR_ADDITION',\n  /** The revert second factor addition email action. */\n  VERIFY_AND_CHANGE_EMAIL: 'VERIFY_AND_CHANGE_EMAIL',\n  /** The email verification action. */\n  VERIFY_EMAIL: 'VERIFY_EMAIL'\n} as const;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorMap, User } from '../model/public_types';\nimport { ErrorFactory, ErrorMap } from '@firebase/util';\n\nimport { IdTokenMfaResponse } from '../api/authentication/mfa';\nimport { AppName } from '../model/auth';\nimport { AuthCredential } from './credentials';\n\n/**\n * Enumeration of Firebase Auth error codes.\n *\n * @internal\n */\nexport const enum AuthErrorCode {\n  ADMIN_ONLY_OPERATION = 'admin-restricted-operation',\n  ARGUMENT_ERROR = 'argument-error',\n  APP_NOT_AUTHORIZED = 'app-not-authorized',\n  APP_NOT_INSTALLED = 'app-not-installed',\n  CAPTCHA_CHECK_FAILED = 'captcha-check-failed',\n  CODE_EXPIRED = 'code-expired',\n  CORDOVA_NOT_READY = 'cordova-not-ready',\n  CORS_UNSUPPORTED = 'cors-unsupported',\n  CREDENTIAL_ALREADY_IN_USE = 'credential-already-in-use',\n  CREDENTIAL_MISMATCH = 'custom-token-mismatch',\n  CREDENTIAL_TOO_OLD_LOGIN_AGAIN = 'requires-recent-login',\n  DEPENDENT_SDK_INIT_BEFORE_AUTH = 'dependent-sdk-initialized-before-auth',\n  DYNAMIC_LINK_NOT_ACTIVATED = 'dynamic-link-not-activated',\n  EMAIL_CHANGE_NEEDS_VERIFICATION = 'email-change-needs-verification',\n  EMAIL_EXISTS = 'email-already-in-use',\n  EMULATOR_CONFIG_FAILED = 'emulator-config-failed',\n  EXPIRED_OOB_CODE = 'expired-action-code',\n  EXPIRED_POPUP_REQUEST = 'cancelled-popup-request',\n  INTERNAL_ERROR = 'internal-error',\n  INVALID_API_KEY = 'invalid-api-key',\n  INVALID_APP_CREDENTIAL = 'invalid-app-credential',\n  INVALID_APP_ID = 'invalid-app-id',\n  INVALID_AUTH = 'invalid-user-token',\n  INVALID_AUTH_EVENT = 'invalid-auth-event',\n  INVALID_CERT_HASH = 'invalid-cert-hash',\n  INVALID_CODE = 'invalid-verification-code',\n  INVALID_CONTINUE_URI = 'invalid-continue-uri',\n  INVALID_CORDOVA_CONFIGURATION = 'invalid-cordova-configuration',\n  INVALID_CUSTOM_TOKEN = 'invalid-custom-token',\n  INVALID_DYNAMIC_LINK_DOMAIN = 'invalid-dynamic-link-domain',\n  INVALID_EMAIL = 'invalid-email',\n  INVALID_EMULATOR_SCHEME = 'invalid-emulator-scheme',\n  INVALID_IDP_RESPONSE = 'invalid-credential',\n  INVALID_MESSAGE_PAYLOAD = 'invalid-message-payload',\n  INVALID_MFA_SESSION = 'invalid-multi-factor-session',\n  INVALID_OAUTH_CLIENT_ID = 'invalid-oauth-client-id',\n  INVALID_OAUTH_PROVIDER = 'invalid-oauth-provider',\n  INVALID_OOB_CODE = 'invalid-action-code',\n  INVALID_ORIGIN = 'unauthorized-domain',\n  INVALID_PASSWORD = 'wrong-password',\n  INVALID_PERSISTENCE = 'invalid-persistence-type',\n  INVALID_PHONE_NUMBER = 'invalid-phone-number',\n  INVALID_PROVIDER_ID = 'invalid-provider-id',\n  INVALID_RECIPIENT_EMAIL = 'invalid-recipient-email',\n  INVALID_SENDER = 'invalid-sender',\n  INVALID_SESSION_INFO = 'invalid-verification-id',\n  INVALID_TENANT_ID = 'invalid-tenant-id',\n  LOGIN_BLOCKED = 'login-blocked',\n  MFA_INFO_NOT_FOUND = 'multi-factor-info-not-found',\n  MFA_REQUIRED = 'multi-factor-auth-required',\n  MISSING_ANDROID_PACKAGE_NAME = 'missing-android-pkg-name',\n  MISSING_APP_CREDENTIAL = 'missing-app-credential',\n  MISSING_AUTH_DOMAIN = 'auth-domain-config-required',\n  MISSING_CODE = 'missing-verification-code',\n  MISSING_CONTINUE_URI = 'missing-continue-uri',\n  MISSING_IFRAME_START = 'missing-iframe-start',\n  MISSING_IOS_BUNDLE_ID = 'missing-ios-bundle-id',\n  MISSING_OR_INVALID_NONCE = 'missing-or-invalid-nonce',\n  MISSING_MFA_INFO = 'missing-multi-factor-info',\n  MISSING_MFA_SESSION = 'missing-multi-factor-session',\n  MISSING_PHONE_NUMBER = 'missing-phone-number',\n  MISSING_PASSWORD = 'missing-password',\n  MISSING_SESSION_INFO = 'missing-verification-id',\n  MODULE_DESTROYED = 'app-deleted',\n  NEED_CONFIRMATION = 'account-exists-with-different-credential',\n  NETWORK_REQUEST_FAILED = 'network-request-failed',\n  NULL_USER = 'null-user',\n  NO_AUTH_EVENT = 'no-auth-event',\n  NO_SUCH_PROVIDER = 'no-such-provider',\n  OPERATION_NOT_ALLOWED = 'operation-not-allowed',\n  OPERATION_NOT_SUPPORTED = 'operation-not-supported-in-this-environment',\n  POPUP_BLOCKED = 'popup-blocked',\n  POPUP_CLOSED_BY_USER = 'popup-closed-by-user',\n  PROVIDER_ALREADY_LINKED = 'provider-already-linked',\n  QUOTA_EXCEEDED = 'quota-exceeded',\n  REDIRECT_CANCELLED_BY_USER = 'redirect-cancelled-by-user',\n  REDIRECT_OPERATION_PENDING = 'redirect-operation-pending',\n  REJECTED_CREDENTIAL = 'rejected-credential',\n  SECOND_FACTOR_ALREADY_ENROLLED = 'second-factor-already-in-use',\n  SECOND_FACTOR_LIMIT_EXCEEDED = 'maximum-second-factor-count-exceeded',\n  TENANT_ID_MISMATCH = 'tenant-id-mismatch',\n  TIMEOUT = 'timeout',\n  TOKEN_EXPIRED = 'user-token-expired',\n  TOO_MANY_ATTEMPTS_TRY_LATER = 'too-many-requests',\n  UNAUTHORIZED_DOMAIN = 'unauthorized-continue-uri',\n  UNSUPPORTED_FIRST_FACTOR = 'unsupported-first-factor',\n  UNSUPPORTED_PERSISTENCE = 'unsupported-persistence-type',\n  UNSUPPORTED_TENANT_OPERATION = 'unsupported-tenant-operation',\n  UNVERIFIED_EMAIL = 'unverified-email',\n  USER_CANCELLED = 'user-cancelled',\n  USER_DELETED = 'user-not-found',\n  USER_DISABLED = 'user-disabled',\n  USER_MISMATCH = 'user-mismatch',\n  USER_SIGNED_OUT = 'user-signed-out',\n  WEAK_PASSWORD = 'weak-password',\n  WEB_STORAGE_UNSUPPORTED = 'web-storage-unsupported',\n  ALREADY_INITIALIZED = 'already-initialized',\n  RECAPTCHA_NOT_ENABLED = 'recaptcha-not-enabled',\n  MISSING_RECAPTCHA_TOKEN = 'missing-recaptcha-token',\n  INVALID_RECAPTCHA_TOKEN = 'invalid-recaptcha-token',\n  INVALID_RECAPTCHA_ACTION = 'invalid-recaptcha-action',\n  MISSING_CLIENT_TYPE = 'missing-client-type',\n  MISSING_RECAPTCHA_VERSION = 'missing-recaptcha-version',\n  INVALID_RECAPTCHA_VERSION = 'invalid-recaptcha-version',\n  INVALID_REQ_TYPE = 'invalid-req-type'\n}\n\nfunction _debugErrorMap(): ErrorMap<AuthErrorCode> {\n  return {\n    [AuthErrorCode.ADMIN_ONLY_OPERATION]:\n      'This operation is restricted to administrators only.',\n    [AuthErrorCode.ARGUMENT_ERROR]: '',\n    [AuthErrorCode.APP_NOT_AUTHORIZED]:\n      \"This app, identified by the domain where it's hosted, is not \" +\n      'authorized to use Firebase Authentication with the provided API key. ' +\n      'Review your key configuration in the Google API console.',\n    [AuthErrorCode.APP_NOT_INSTALLED]:\n      'The requested mobile application corresponding to the identifier (' +\n      'Android package name or iOS bundle ID) provided is not installed on ' +\n      'this device.',\n    [AuthErrorCode.CAPTCHA_CHECK_FAILED]:\n      'The reCAPTCHA response token provided is either invalid, expired, ' +\n      'already used or the domain associated with it does not match the list ' +\n      'of whitelisted domains.',\n    [AuthErrorCode.CODE_EXPIRED]:\n      'The SMS code has expired. Please re-send the verification code to try ' +\n      'again.',\n    [AuthErrorCode.CORDOVA_NOT_READY]: 'Cordova framework is not ready.',\n    [AuthErrorCode.CORS_UNSUPPORTED]: 'This browser is not supported.',\n    [AuthErrorCode.CREDENTIAL_ALREADY_IN_USE]:\n      'This credential is already associated with a different user account.',\n    [AuthErrorCode.CREDENTIAL_MISMATCH]:\n      'The custom token corresponds to a different audience.',\n    [AuthErrorCode.CREDENTIAL_TOO_OLD_LOGIN_AGAIN]:\n      'This operation is sensitive and requires recent authentication. Log in ' +\n      'again before retrying this request.',\n    [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]:\n      'Another Firebase SDK was initialized and is trying to use Auth before Auth is ' +\n      'initialized. Please be sure to call `initializeAuth` or `getAuth` before ' +\n      'starting any other Firebase SDK.',\n    [AuthErrorCode.DYNAMIC_LINK_NOT_ACTIVATED]:\n      'Please activate Dynamic Links in the Firebase Console and agree to the terms and ' +\n      'conditions.',\n    [AuthErrorCode.EMAIL_CHANGE_NEEDS_VERIFICATION]:\n      'Multi-factor users must always have a verified email.',\n    [AuthErrorCode.EMAIL_EXISTS]:\n      'The email address is already in use by another account.',\n    [AuthErrorCode.EMULATOR_CONFIG_FAILED]:\n      'Auth instance has already been used to make a network call. Auth can ' +\n      'no longer be configured to use the emulator. Try calling ' +\n      '\"connectAuthEmulator()\" sooner.',\n    [AuthErrorCode.EXPIRED_OOB_CODE]: 'The action code has expired.',\n    [AuthErrorCode.EXPIRED_POPUP_REQUEST]:\n      'This operation has been cancelled due to another conflicting popup being opened.',\n    [AuthErrorCode.INTERNAL_ERROR]: 'An internal AuthError has occurred.',\n    [AuthErrorCode.INVALID_APP_CREDENTIAL]:\n      'The phone verification request contains an invalid application verifier.' +\n      ' The reCAPTCHA token response is either invalid or expired.',\n    [AuthErrorCode.INVALID_APP_ID]:\n      'The mobile app identifier is not registed for the current project.',\n    [AuthErrorCode.INVALID_AUTH]:\n      \"This user's credential isn't valid for this project. This can happen \" +\n      \"if the user's token has been tampered with, or if the user isn't for \" +\n      'the project associated with this API key.',\n    [AuthErrorCode.INVALID_AUTH_EVENT]: 'An internal AuthError has occurred.',\n    [AuthErrorCode.INVALID_CODE]:\n      'The SMS verification code used to create the phone auth credential is ' +\n      'invalid. Please resend the verification code sms and be sure to use the ' +\n      'verification code provided by the user.',\n    [AuthErrorCode.INVALID_CONTINUE_URI]:\n      'The continue URL provided in the request is invalid.',\n    [AuthErrorCode.INVALID_CORDOVA_CONFIGURATION]:\n      'The following Cordova plugins must be installed to enable OAuth sign-in: ' +\n      'cordova-plugin-buildinfo, cordova-universal-links-plugin, ' +\n      'cordova-plugin-browsertab, cordova-plugin-inappbrowser and ' +\n      'cordova-plugin-customurlscheme.',\n    [AuthErrorCode.INVALID_CUSTOM_TOKEN]:\n      'The custom token format is incorrect. Please check the documentation.',\n    [AuthErrorCode.INVALID_DYNAMIC_LINK_DOMAIN]:\n      'The provided dynamic link domain is not configured or authorized for the current project.',\n    [AuthErrorCode.INVALID_EMAIL]: 'The email address is badly formatted.',\n    [AuthErrorCode.INVALID_EMULATOR_SCHEME]:\n      'Emulator URL must start with a valid scheme (http:// or https://).',\n    [AuthErrorCode.INVALID_API_KEY]:\n      'Your API key is invalid, please check you have copied it correctly.',\n    [AuthErrorCode.INVALID_CERT_HASH]:\n      'The SHA-1 certificate hash provided is invalid.',\n    [AuthErrorCode.INVALID_IDP_RESPONSE]:\n      'The supplied auth credential is malformed or has expired.',\n    [AuthErrorCode.INVALID_MESSAGE_PAYLOAD]:\n      'The email template corresponding to this action contains invalid characters in its message. ' +\n      'Please fix by going to the Auth email templates section in the Firebase Console.',\n    [AuthErrorCode.INVALID_MFA_SESSION]:\n      'The request does not contain a valid proof of first factor successful sign-in.',\n    [AuthErrorCode.INVALID_OAUTH_PROVIDER]:\n      'EmailAuthProvider is not supported for this operation. This operation ' +\n      'only supports OAuth providers.',\n    [AuthErrorCode.INVALID_OAUTH_CLIENT_ID]:\n      'The OAuth client ID provided is either invalid or does not match the ' +\n      'specified API key.',\n    [AuthErrorCode.INVALID_ORIGIN]:\n      'This domain is not authorized for OAuth operations for your Firebase ' +\n      'project. Edit the list of authorized domains from the Firebase console.',\n    [AuthErrorCode.INVALID_OOB_CODE]:\n      'The action code is invalid. This can happen if the code is malformed, ' +\n      'expired, or has already been used.',\n    [AuthErrorCode.INVALID_PASSWORD]:\n      'The password is invalid or the user does not have a password.',\n    [AuthErrorCode.INVALID_PERSISTENCE]:\n      'The specified persistence type is invalid. It can only be local, session or none.',\n    [AuthErrorCode.INVALID_PHONE_NUMBER]:\n      'The format of the phone number provided is incorrect. Please enter the ' +\n      'phone number in a format that can be parsed into E.164 format. E.164 ' +\n      'phone numbers are written in the format [+][country code][subscriber ' +\n      'number including area code].',\n    [AuthErrorCode.INVALID_PROVIDER_ID]:\n      'The specified provider ID is invalid.',\n    [AuthErrorCode.INVALID_RECIPIENT_EMAIL]:\n      'The email corresponding to this action failed to send as the provided ' +\n      'recipient email address is invalid.',\n    [AuthErrorCode.INVALID_SENDER]:\n      'The email template corresponding to this action contains an invalid sender email or name. ' +\n      'Please fix by going to the Auth email templates section in the Firebase Console.',\n    [AuthErrorCode.INVALID_SESSION_INFO]:\n      'The verification ID used to create the phone auth credential is invalid.',\n    [AuthErrorCode.INVALID_TENANT_ID]:\n      \"The Auth instance's tenant ID is invalid.\",\n    [AuthErrorCode.LOGIN_BLOCKED]:\n      'Login blocked by user-provided method: {$originalMessage}',\n    [AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME]:\n      'An Android Package Name must be provided if the Android App is required to be installed.',\n    [AuthErrorCode.MISSING_AUTH_DOMAIN]:\n      'Be sure to include authDomain when calling firebase.initializeApp(), ' +\n      'by following the instructions in the Firebase console.',\n    [AuthErrorCode.MISSING_APP_CREDENTIAL]:\n      'The phone verification request is missing an application verifier ' +\n      'assertion. A reCAPTCHA response token needs to be provided.',\n    [AuthErrorCode.MISSING_CODE]:\n      'The phone auth credential was created with an empty SMS verification code.',\n    [AuthErrorCode.MISSING_CONTINUE_URI]:\n      'A continue URL must be provided in the request.',\n    [AuthErrorCode.MISSING_IFRAME_START]: 'An internal AuthError has occurred.',\n    [AuthErrorCode.MISSING_IOS_BUNDLE_ID]:\n      'An iOS Bundle ID must be provided if an App Store ID is provided.',\n    [AuthErrorCode.MISSING_OR_INVALID_NONCE]:\n      'The request does not contain a valid nonce. This can occur if the ' +\n      'SHA-256 hash of the provided raw nonce does not match the hashed nonce ' +\n      'in the ID token payload.',\n    [AuthErrorCode.MISSING_PASSWORD]: 'A non-empty password must be provided',\n    [AuthErrorCode.MISSING_MFA_INFO]:\n      'No second factor identifier is provided.',\n    [AuthErrorCode.MISSING_MFA_SESSION]:\n      'The request is missing proof of first factor successful sign-in.',\n    [AuthErrorCode.MISSING_PHONE_NUMBER]:\n      'To send verification codes, provide a phone number for the recipient.',\n    [AuthErrorCode.MISSING_SESSION_INFO]:\n      'The phone auth credential was created with an empty verification ID.',\n    [AuthErrorCode.MODULE_DESTROYED]:\n      'This instance of FirebaseApp has been deleted.',\n    [AuthErrorCode.MFA_INFO_NOT_FOUND]:\n      'The user does not have a second factor matching the identifier provided.',\n    [AuthErrorCode.MFA_REQUIRED]:\n      'Proof of ownership of a second factor is required to complete sign-in.',\n    [AuthErrorCode.NEED_CONFIRMATION]:\n      'An account already exists with the same email address but different ' +\n      'sign-in credentials. Sign in using a provider associated with this ' +\n      'email address.',\n    [AuthErrorCode.NETWORK_REQUEST_FAILED]:\n      'A network AuthError (such as timeout, interrupted connection or unreachable host) has occurred.',\n    [AuthErrorCode.NO_AUTH_EVENT]: 'An internal AuthError has occurred.',\n    [AuthErrorCode.NO_SUCH_PROVIDER]:\n      'User was not linked to an account with the given provider.',\n    [AuthErrorCode.NULL_USER]:\n      'A null user object was provided as the argument for an operation which ' +\n      'requires a non-null user object.',\n    [AuthErrorCode.OPERATION_NOT_ALLOWED]:\n      'The given sign-in provider is disabled for this Firebase project. ' +\n      'Enable it in the Firebase console, under the sign-in method tab of the ' +\n      'Auth section.',\n    [AuthErrorCode.OPERATION_NOT_SUPPORTED]:\n      'This operation is not supported in the environment this application is ' +\n      'running on. \"location.protocol\" must be http, https or chrome-extension' +\n      ' and web storage must be enabled.',\n    [AuthErrorCode.POPUP_BLOCKED]:\n      'Unable to establish a connection with the popup. It may have been blocked by the browser.',\n    [AuthErrorCode.POPUP_CLOSED_BY_USER]:\n      'The popup has been closed by the user before finalizing the operation.',\n    [AuthErrorCode.PROVIDER_ALREADY_LINKED]:\n      'User can only be linked to one identity for the given provider.',\n    [AuthErrorCode.QUOTA_EXCEEDED]:\n      \"The project's quota for this operation has been exceeded.\",\n    [AuthErrorCode.REDIRECT_CANCELLED_BY_USER]:\n      'The redirect operation has been cancelled by the user before finalizing.',\n    [AuthErrorCode.REDIRECT_OPERATION_PENDING]:\n      'A redirect sign-in operation is already pending.',\n    [AuthErrorCode.REJECTED_CREDENTIAL]:\n      'The request contains malformed or mismatching credentials.',\n    [AuthErrorCode.SECOND_FACTOR_ALREADY_ENROLLED]:\n      'The second factor is already enrolled on this account.',\n    [AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED]:\n      'The maximum allowed number of second factors on a user has been exceeded.',\n    [AuthErrorCode.TENANT_ID_MISMATCH]:\n      \"The provided tenant ID does not match the Auth instance's tenant ID\",\n    [AuthErrorCode.TIMEOUT]: 'The operation has timed out.',\n    [AuthErrorCode.TOKEN_EXPIRED]:\n      \"The user's credential is no longer valid. The user must sign in again.\",\n    [AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER]:\n      'We have blocked all requests from this device due to unusual activity. ' +\n      'Try again later.',\n    [AuthErrorCode.UNAUTHORIZED_DOMAIN]:\n      'The domain of the continue URL is not whitelisted.  Please whitelist ' +\n      'the domain in the Firebase console.',\n    [AuthErrorCode.UNSUPPORTED_FIRST_FACTOR]:\n      'Enrolling a second factor or signing in with a multi-factor account requires sign-in with a supported first factor.',\n    [AuthErrorCode.UNSUPPORTED_PERSISTENCE]:\n      'The current environment does not support the specified persistence type.',\n    [AuthErrorCode.UNSUPPORTED_TENANT_OPERATION]:\n      'This operation is not supported in a multi-tenant context.',\n    [AuthErrorCode.UNVERIFIED_EMAIL]:\n      'The operation requires a verified email.',\n    [AuthErrorCode.USER_CANCELLED]:\n      'The user did not grant your application the permissions it requested.',\n    [AuthErrorCode.USER_DELETED]:\n      'There is no user record corresponding to this identifier. The user may ' +\n      'have been deleted.',\n    [AuthErrorCode.USER_DISABLED]:\n      'The user account has been disabled by an administrator.',\n    [AuthErrorCode.USER_MISMATCH]:\n      'The supplied credentials do not correspond to the previously signed in user.',\n    [AuthErrorCode.USER_SIGNED_OUT]: '',\n    [AuthErrorCode.WEAK_PASSWORD]:\n      'The password must be 6 characters long or more.',\n    [AuthErrorCode.WEB_STORAGE_UNSUPPORTED]:\n      'This browser is not supported or 3rd party cookies and data may be disabled.',\n    [AuthErrorCode.ALREADY_INITIALIZED]:\n      'initializeAuth() has already been called with ' +\n      'different options. To avoid this error, call initializeAuth() with the ' +\n      'same options as when it was originally called, or call getAuth() to return the' +\n      ' already initialized instance.',\n    [AuthErrorCode.MISSING_RECAPTCHA_TOKEN]:\n      'The reCAPTCHA token is missing when sending request to the backend.',\n    [AuthErrorCode.INVALID_RECAPTCHA_TOKEN]:\n      'The reCAPTCHA token is invalid when sending request to the backend.',\n    [AuthErrorCode.INVALID_RECAPTCHA_ACTION]:\n      'The reCAPTCHA action is invalid when sending request to the backend.',\n    [AuthErrorCode.RECAPTCHA_NOT_ENABLED]:\n      'reCAPTCHA Enterprise integration is not enabled for this project.',\n    [AuthErrorCode.MISSING_CLIENT_TYPE]:\n      'The reCAPTCHA client type is missing when sending request to the backend.',\n    [AuthErrorCode.MISSING_RECAPTCHA_VERSION]:\n      'The reCAPTCHA version is missing when sending request to the backend.',\n    [AuthErrorCode.INVALID_REQ_TYPE]: 'Invalid request parameters.',\n    [AuthErrorCode.INVALID_RECAPTCHA_VERSION]:\n      'The reCAPTCHA version is invalid when sending request to the backend.'\n  };\n}\n\nexport interface ErrorMapRetriever extends AuthErrorMap {\n  (): ErrorMap<AuthErrorCode>;\n}\n\nfunction _prodErrorMap(): ErrorMap<AuthErrorCode> {\n  // We will include this one message in the prod error map since by the very\n  // nature of this error, developers will never be able to see the message\n  // using the debugErrorMap (which is installed during auth initialization).\n  return {\n    [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]:\n      'Another Firebase SDK was initialized and is trying to use Auth before Auth is ' +\n      'initialized. Please be sure to call `initializeAuth` or `getAuth` before ' +\n      'starting any other Firebase SDK.'\n  } as ErrorMap<AuthErrorCode>;\n}\n\n/**\n * A verbose error map with detailed descriptions for most error codes.\n *\n * See discussion at {@link AuthErrorMap}\n *\n * @public\n */\nexport const debugErrorMap: AuthErrorMap = _debugErrorMap;\n\n/**\n * A minimal error map with all verbose error messages stripped.\n *\n * See discussion at {@link AuthErrorMap}\n *\n * @public\n */\nexport const prodErrorMap: AuthErrorMap = _prodErrorMap;\n\nexport interface NamedErrorParams {\n  appName: AppName;\n  credential?: AuthCredential;\n  email?: string;\n  phoneNumber?: string;\n  tenantId?: string;\n  user?: User;\n  _serverResponse?: object;\n}\n\n/**\n * @internal\n */\ntype GenericAuthErrorParams = {\n  [key in Exclude<\n    AuthErrorCode,\n    | AuthErrorCode.ARGUMENT_ERROR\n    | AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH\n    | AuthErrorCode.INTERNAL_ERROR\n    | AuthErrorCode.MFA_REQUIRED\n    | AuthErrorCode.NO_AUTH_EVENT\n    | AuthErrorCode.OPERATION_NOT_SUPPORTED\n  >]: {\n    appName?: AppName;\n    email?: string;\n    phoneNumber?: string;\n    message?: string;\n  };\n};\n\n/**\n * @internal\n */\nexport interface AuthErrorParams extends GenericAuthErrorParams {\n  [AuthErrorCode.ARGUMENT_ERROR]: { appName?: AppName };\n  [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]: { appName?: AppName };\n  [AuthErrorCode.INTERNAL_ERROR]: { appName?: AppName };\n  [AuthErrorCode.LOGIN_BLOCKED]: {\n    appName?: AppName;\n    originalMessage?: string;\n  };\n  [AuthErrorCode.OPERATION_NOT_SUPPORTED]: { appName?: AppName };\n  [AuthErrorCode.NO_AUTH_EVENT]: { appName?: AppName };\n  [AuthErrorCode.MFA_REQUIRED]: {\n    appName: AppName;\n    _serverResponse: IdTokenMfaResponse;\n  };\n  [AuthErrorCode.INVALID_CORDOVA_CONFIGURATION]: {\n    appName: AppName;\n    missingPlugin?: string;\n  };\n}\n\nexport const _DEFAULT_AUTH_ERROR_FACTORY = new ErrorFactory<\n  AuthErrorCode,\n  AuthErrorParams\n>('auth', 'Firebase', _prodErrorMap());\n\n/**\n * A map of potential `Auth` error codes, for easier comparison with errors\n * thrown by the SDK.\n *\n * @remarks\n * Note that you can't tree-shake individual keys\n * in the map, so by using the map you might substantially increase your\n * bundle size.\n *\n * @public\n */\nexport const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {\n  ADMIN_ONLY_OPERATION: 'auth/admin-restricted-operation',\n  ARGUMENT_ERROR: 'auth/argument-error',\n  APP_NOT_AUTHORIZED: 'auth/app-not-authorized',\n  APP_NOT_INSTALLED: 'auth/app-not-installed',\n  CAPTCHA_CHECK_FAILED: 'auth/captcha-check-failed',\n  CODE_EXPIRED: 'auth/code-expired',\n  CORDOVA_NOT_READY: 'auth/cordova-not-ready',\n  CORS_UNSUPPORTED: 'auth/cors-unsupported',\n  CREDENTIAL_ALREADY_IN_USE: 'auth/credential-already-in-use',\n  CREDENTIAL_MISMATCH: 'auth/custom-token-mismatch',\n  CREDENTIAL_TOO_OLD_LOGIN_AGAIN: 'auth/requires-recent-login',\n  DEPENDENT_SDK_INIT_BEFORE_AUTH: 'auth/dependent-sdk-initialized-before-auth',\n  DYNAMIC_LINK_NOT_ACTIVATED: 'auth/dynamic-link-not-activated',\n  EMAIL_CHANGE_NEEDS_VERIFICATION: 'auth/email-change-needs-verification',\n  EMAIL_EXISTS: 'auth/email-already-in-use',\n  EMULATOR_CONFIG_FAILED: 'auth/emulator-config-failed',\n  EXPIRED_OOB_CODE: 'auth/expired-action-code',\n  EXPIRED_POPUP_REQUEST: 'auth/cancelled-popup-request',\n  INTERNAL_ERROR: 'auth/internal-error',\n  INVALID_API_KEY: 'auth/invalid-api-key',\n  INVALID_APP_CREDENTIAL: 'auth/invalid-app-credential',\n  INVALID_APP_ID: 'auth/invalid-app-id',\n  INVALID_AUTH: 'auth/invalid-user-token',\n  INVALID_AUTH_EVENT: 'auth/invalid-auth-event',\n  INVALID_CERT_HASH: 'auth/invalid-cert-hash',\n  INVALID_CODE: 'auth/invalid-verification-code',\n  INVALID_CONTINUE_URI: 'auth/invalid-continue-uri',\n  INVALID_CORDOVA_CONFIGURATION: 'auth/invalid-cordova-configuration',\n  INVALID_CUSTOM_TOKEN: 'auth/invalid-custom-token',\n  INVALID_DYNAMIC_LINK_DOMAIN: 'auth/invalid-dynamic-link-domain',\n  INVALID_EMAIL: 'auth/invalid-email',\n  INVALID_EMULATOR_SCHEME: 'auth/invalid-emulator-scheme',\n  INVALID_IDP_RESPONSE: 'auth/invalid-credential',\n  INVALID_MESSAGE_PAYLOAD: 'auth/invalid-message-payload',\n  INVALID_MFA_SESSION: 'auth/invalid-multi-factor-session',\n  INVALID_OAUTH_CLIENT_ID: 'auth/invalid-oauth-client-id',\n  INVALID_OAUTH_PROVIDER: 'auth/invalid-oauth-provider',\n  INVALID_OOB_CODE: 'auth/invalid-action-code',\n  INVALID_ORIGIN: 'auth/unauthorized-domain',\n  INVALID_PASSWORD: 'auth/wrong-password',\n  INVALID_PERSISTENCE: 'auth/invalid-persistence-type',\n  INVALID_PHONE_NUMBER: 'auth/invalid-phone-number',\n  INVALID_PROVIDER_ID: 'auth/invalid-provider-id',\n  INVALID_RECIPIENT_EMAIL: 'auth/invalid-recipient-email',\n  INVALID_SENDER: 'auth/invalid-sender',\n  INVALID_SESSION_INFO: 'auth/invalid-verification-id',\n  INVALID_TENANT_ID: 'auth/invalid-tenant-id',\n  MFA_INFO_NOT_FOUND: 'auth/multi-factor-info-not-found',\n  MFA_REQUIRED: 'auth/multi-factor-auth-required',\n  MISSING_ANDROID_PACKAGE_NAME: 'auth/missing-android-pkg-name',\n  MISSING_APP_CREDENTIAL: 'auth/missing-app-credential',\n  MISSING_AUTH_DOMAIN: 'auth/auth-domain-config-required',\n  MISSING_CODE: 'auth/missing-verification-code',\n  MISSING_CONTINUE_URI: 'auth/missing-continue-uri',\n  MISSING_IFRAME_START: 'auth/missing-iframe-start',\n  MISSING_IOS_BUNDLE_ID: 'auth/missing-ios-bundle-id',\n  MISSING_OR_INVALID_NONCE: 'auth/missing-or-invalid-nonce',\n  MISSING_MFA_INFO: 'auth/missing-multi-factor-info',\n  MISSING_MFA_SESSION: 'auth/missing-multi-factor-session',\n  MISSING_PHONE_NUMBER: 'auth/missing-phone-number',\n  MISSING_SESSION_INFO: 'auth/missing-verification-id',\n  MODULE_DESTROYED: 'auth/app-deleted',\n  NEED_CONFIRMATION: 'auth/account-exists-with-different-credential',\n  NETWORK_REQUEST_FAILED: 'auth/network-request-failed',\n  NULL_USER: 'auth/null-user',\n  NO_AUTH_EVENT: 'auth/no-auth-event',\n  NO_SUCH_PROVIDER: 'auth/no-such-provider',\n  OPERATION_NOT_ALLOWED: 'auth/operation-not-allowed',\n  OPERATION_NOT_SUPPORTED: 'auth/operation-not-supported-in-this-environment',\n  POPUP_BLOCKED: 'auth/popup-blocked',\n  POPUP_CLOSED_BY_USER: 'auth/popup-closed-by-user',\n  PROVIDER_ALREADY_LINKED: 'auth/provider-already-linked',\n  QUOTA_EXCEEDED: 'auth/quota-exceeded',\n  REDIRECT_CANCELLED_BY_USER: 'auth/redirect-cancelled-by-user',\n  REDIRECT_OPERATION_PENDING: 'auth/redirect-operation-pending',\n  REJECTED_CREDENTIAL: 'auth/rejected-credential',\n  SECOND_FACTOR_ALREADY_ENROLLED: 'auth/second-factor-already-in-use',\n  SECOND_FACTOR_LIMIT_EXCEEDED: 'auth/maximum-second-factor-count-exceeded',\n  TENANT_ID_MISMATCH: 'auth/tenant-id-mismatch',\n  TIMEOUT: 'auth/timeout',\n  TOKEN_EXPIRED: 'auth/user-token-expired',\n  TOO_MANY_ATTEMPTS_TRY_LATER: 'auth/too-many-requests',\n  UNAUTHORIZED_DOMAIN: 'auth/unauthorized-continue-uri',\n  UNSUPPORTED_FIRST_FACTOR: 'auth/unsupported-first-factor',\n  UNSUPPORTED_PERSISTENCE: 'auth/unsupported-persistence-type',\n  UNSUPPORTED_TENANT_OPERATION: 'auth/unsupported-tenant-operation',\n  UNVERIFIED_EMAIL: 'auth/unverified-email',\n  USER_CANCELLED: 'auth/user-cancelled',\n  USER_DELETED: 'auth/user-not-found',\n  USER_DISABLED: 'auth/user-disabled',\n  USER_MISMATCH: 'auth/user-mismatch',\n  USER_SIGNED_OUT: 'auth/user-signed-out',\n  WEAK_PASSWORD: 'auth/weak-password',\n  WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported',\n  ALREADY_INITIALIZED: 'auth/already-initialized',\n  RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled',\n  MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token',\n  INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token',\n  INVALID_RECAPTCHA_ACTION: 'auth/invalid-recaptcha-action',\n  MISSING_CLIENT_TYPE: 'auth/missing-client-type',\n  MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version',\n  INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version',\n  INVALID_REQ_TYPE: 'auth/invalid-req-type'\n} as const;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Logger, LogLevel } from '@firebase/logger';\nimport { SDK_VERSION } from '@firebase/app';\n\nexport { LogLevel };\n\nconst logClient = new Logger('@firebase/auth');\n\n// Helper methods are needed because variables can't be exported as read/write\nexport function _getLogLevel(): LogLevel {\n  return logClient.logLevel;\n}\n\nexport function _setLogLevel(newLevel: LogLevel): void {\n  logClient.logLevel = newLevel;\n}\n\nexport function _logDebug(msg: string, ...args: string[]): void {\n  if (logClient.logLevel <= LogLevel.DEBUG) {\n    logClient.debug(`Auth (${SDK_VERSION}): ${msg}`, ...args);\n  }\n}\n\nexport function _logWarn(msg: string, ...args: string[]): void {\n  if (logClient.logLevel <= LogLevel.WARN) {\n    logClient.warn(`Auth (${SDK_VERSION}): ${msg}`, ...args);\n  }\n}\n\nexport function _logError(msg: string, ...args: string[]): void {\n  if (logClient.logLevel <= LogLevel.ERROR) {\n    logClient.error(`Auth (${SDK_VERSION}): ${msg}`, ...args);\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Auth } from '../../model/public_types';\nimport { ErrorFactory, FirebaseError } from '@firebase/util';\nimport { AuthInternal } from '../../model/auth';\nimport {\n  _DEFAULT_AUTH_ERROR_FACTORY,\n  AuthErrorCode,\n  AuthErrorParams,\n  prodErrorMap,\n  ErrorMapRetriever\n} from '../errors';\nimport { _logError } from './log';\n\ntype AuthErrorListParams<K> = K extends keyof AuthErrorParams\n  ? [AuthErrorParams[K]]\n  : [];\ntype LessAppName<K extends AuthErrorCode> = Omit<AuthErrorParams[K], 'appName'>;\n\n/**\n * Unconditionally fails, throwing a developer facing INTERNAL_ERROR\n *\n * @example\n * ```javascript\n * fail(auth, AuthErrorCode.MFA_REQUIRED);  // Error: the MFA_REQUIRED error needs more params than appName\n * fail(auth, AuthErrorCode.MFA_REQUIRED, {serverResponse});  // Compiles\n * fail(AuthErrorCode.INTERNAL_ERROR);  // Compiles; internal error does not need appName\n * fail(AuthErrorCode.USER_DELETED);  // Error: USER_DELETED requires app name\n * fail(auth, AuthErrorCode.USER_DELETED);  // Compiles; USER_DELETED _only_ needs app name\n * ```\n *\n * @param appName App name for tagging the error\n * @throws FirebaseError\n */\nexport function _fail<K extends AuthErrorCode>(\n  code: K,\n  ...data: {} extends AuthErrorParams[K]\n    ? [AuthErrorParams[K]?]\n    : [AuthErrorParams[K]]\n): never;\nexport function _fail<K extends AuthErrorCode>(\n  auth: Auth,\n  code: K,\n  ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]\n): never;\nexport function _fail<K extends AuthErrorCode>(\n  authOrCode: Auth | K,\n  ...rest: unknown[]\n): never {\n  throw createErrorInternal(authOrCode, ...rest);\n}\n\nexport function _createError<K extends AuthErrorCode>(\n  code: K,\n  ...data: {} extends AuthErrorParams[K]\n    ? [AuthErrorParams[K]?]\n    : [AuthErrorParams[K]]\n): FirebaseError;\nexport function _createError<K extends AuthErrorCode>(\n  auth: Auth,\n  code: K,\n  ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]\n): FirebaseError;\nexport function _createError<K extends AuthErrorCode>(\n  authOrCode: Auth | K,\n  ...rest: unknown[]\n): FirebaseError {\n  return createErrorInternal(authOrCode, ...rest);\n}\n\nexport function _errorWithCustomMessage(\n  auth: Auth,\n  code: AuthErrorCode,\n  message: string\n): FirebaseError {\n  const errorMap = {\n    ...(prodErrorMap as ErrorMapRetriever)(),\n    [code]: message\n  };\n  const factory = new ErrorFactory<AuthErrorCode, AuthErrorParams>(\n    'auth',\n    'Firebase',\n    errorMap\n  );\n  return factory.create(code, {\n    appName: auth.name\n  });\n}\n\nexport function _assertInstanceOf(\n  auth: Auth,\n  object: object,\n  instance: unknown\n): void {\n  const constructorInstance = instance as { new (...args: unknown[]): unknown };\n  if (!(object instanceof constructorInstance)) {\n    if (constructorInstance.name !== object.constructor.name) {\n      _fail(auth, AuthErrorCode.ARGUMENT_ERROR);\n    }\n\n    throw _errorWithCustomMessage(\n      auth,\n      AuthErrorCode.ARGUMENT_ERROR,\n      `Type of ${object.constructor.name} does not match expected instance.` +\n        `Did you pass a reference from a different Auth SDK?`\n    );\n  }\n}\n\nfunction createErrorInternal<K extends AuthErrorCode>(\n  authOrCode: Auth | K,\n  ...rest: unknown[]\n): FirebaseError {\n  if (typeof authOrCode !== 'string') {\n    const code = rest[0] as K;\n    const fullParams = [...rest.slice(1)] as AuthErrorListParams<K>;\n    if (fullParams[0]) {\n      fullParams[0].appName = authOrCode.name;\n    }\n\n    return (authOrCode as AuthInternal)._errorFactory.create(\n      code,\n      ...fullParams\n    );\n  }\n\n  return _DEFAULT_AUTH_ERROR_FACTORY.create(\n    authOrCode,\n    ...(rest as AuthErrorListParams<K>)\n  );\n}\n\nexport function _assert<K extends AuthErrorCode>(\n  assertion: unknown,\n  code: K,\n  ...data: {} extends AuthErrorParams[K]\n    ? [AuthErrorParams[K]?]\n    : [AuthErrorParams[K]]\n): asserts assertion;\nexport function _assert<K extends AuthErrorCode>(\n  assertion: unknown,\n  auth: Auth,\n  code: K,\n  ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]\n): asserts assertion;\nexport function _assert<K extends AuthErrorCode>(\n  assertion: unknown,\n  authOrCode: Auth | K,\n  ...rest: unknown[]\n): asserts assertion {\n  if (!assertion) {\n    throw createErrorInternal(authOrCode, ...rest);\n  }\n}\n\n// We really do want to accept literally any function type here\n// eslint-disable-next-line @typescript-eslint/ban-types\ntype TypeExpectation = Function | string | MapType;\n\ninterface MapType extends Record<string, TypeExpectation | Optional> {}\n\nclass Optional {\n  constructor(readonly type: TypeExpectation) {}\n}\n\nexport function opt(type: TypeExpectation): Optional {\n  return new Optional(type);\n}\n\n/**\n * Asserts the runtime types of arguments. The 'expected' field can be one of\n * a class, a string (representing a \"typeof\" call), or a record map of name\n * to type. Furthermore, the opt() function can be used to mark a field as\n * optional. For example:\n *\n * function foo(auth: Auth, profile: {displayName?: string}, update = false) {\n *   assertTypes(arguments, [AuthImpl, {displayName: opt('string')}, opt('boolean')]);\n * }\n *\n * opt() can be used for any type:\n * function foo(auth?: Auth) {\n *   assertTypes(arguments, [opt(AuthImpl)]);\n * }\n *\n * The string types can be or'd together, and you can use \"null\" as well (note\n * that typeof null === 'object'; this is an edge case). For example:\n *\n * function foo(profile: {displayName?: string | null}) {\n *   assertTypes(arguments, [{displayName: opt('string|null')}]);\n * }\n *\n * @param args\n * @param expected\n */\nexport function assertTypes(\n  args: Omit<IArguments, 'callee'>,\n  ...expected: Array<TypeExpectation | Optional>\n): void {\n  if (args.length > expected.length) {\n    _fail(AuthErrorCode.ARGUMENT_ERROR, {});\n  }\n\n  for (let i = 0; i < expected.length; i++) {\n    let expect = expected[i];\n    const arg = args[i];\n\n    if (expect instanceof Optional) {\n      // If the arg is undefined, then it matches \"optional\" and we can move to\n      // the next arg\n      if (typeof arg === 'undefined') {\n        continue;\n      }\n      expect = expect.type;\n    }\n\n    if (typeof expect === 'string') {\n      // Handle the edge case for null because typeof null === 'object'\n      if (expect.includes('null') && arg === null) {\n        continue;\n      }\n\n      const required = expect.split('|');\n      _assert(required.includes(typeof arg), AuthErrorCode.ARGUMENT_ERROR, {});\n    } else if (typeof expect === 'object') {\n      // Recursively check record arguments\n      const record = arg as Record<string, unknown>;\n      const map = expect as MapType;\n      const keys = Object.keys(expect);\n\n      assertTypes(\n        keys.map(k => record[k]),\n        ...keys.map(k => map[k])\n      );\n    } else {\n      _assert(arg instanceof expect, AuthErrorCode.ARGUMENT_ERROR, {});\n    }\n  }\n}\n\n/**\n * Unconditionally fails, throwing an internal error with the given message.\n *\n * @param failure type of failure encountered\n * @throws Error\n */\nexport function debugFail(failure: string): never {\n  // Log the failure in addition to throw an exception, just in case the\n  // exception is swallowed.\n  const message = `INTERNAL ASSERTION FAILED: ` + failure;\n  _logError(message);\n\n  // NOTE: We don't use FirebaseError here because these are internal failures\n  // that cannot be handled by the user. (Also it would create a circular\n  // dependency between the error and assert modules which doesn't work.)\n  throw new Error(message);\n}\n\n/**\n * Fails if the given assertion condition is false, throwing an Error with the\n * given message if it did.\n *\n * @param assertion\n * @param message\n */\nexport function debugAssert(\n  assertion: unknown,\n  message: string\n): asserts assertion {\n  if (!assertion) {\n    debugFail(message);\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport function _getCurrentUrl(): string {\n  return (typeof self !== 'undefined' && self.location?.href) || '';\n}\n\nexport function _isHttpOrHttps(): boolean {\n  return _getCurrentScheme() === 'http:' || _getCurrentScheme() === 'https:';\n}\n\nexport function _getCurrentScheme(): string | null {\n  return (typeof self !== 'undefined' && self.location?.protocol) || null;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { isMobileCordova, isReactNative } from '@firebase/util';\nimport { _isOnline } from './navigator';\nimport { debugAssert } from './assert';\n\nexport const enum DelayMin {\n  OFFLINE = 5000\n}\n\n/**\n * A structure to help pick between a range of long and short delay durations\n * depending on the current environment. In general, the long delay is used for\n * mobile environments whereas short delays are used for desktop environments.\n */\nexport class Delay {\n  // The default value for the offline delay timeout in ms.\n\n  private readonly isMobile: boolean;\n  constructor(\n    private readonly shortDelay: number,\n    private readonly longDelay: number\n  ) {\n    // Internal error when improperly initialized.\n    debugAssert(\n      longDelay > shortDelay,\n      'Short delay should be less than long delay!'\n    );\n    this.isMobile = isMobileCordova() || isReactNative();\n  }\n\n  get(): number {\n    if (!_isOnline()) {\n      // Pick the shorter timeout.\n      return Math.min(DelayMin.OFFLINE, this.shortDelay);\n    }\n    // If running in a mobile environment, return the long delay, otherwise\n    // return the short delay.\n    // This could be improved in the future to dynamically change based on other\n    // variables instead of just reading the current environment.\n    return this.isMobile ? this.longDelay : this.shortDelay;\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { isBrowserExtension } from '@firebase/util';\nimport { _isHttpOrHttps } from './location';\n\n/**\n * Determine whether the browser is working online\n */\nexport function _isOnline(): boolean {\n  if (\n    typeof navigator !== 'undefined' &&\n    navigator &&\n    'onLine' in navigator &&\n    typeof navigator.onLine === 'boolean' &&\n    // Apply only for traditional web apps and Chrome extensions.\n    // This is especially true for Cordova apps which have unreliable\n    // navigator.onLine behavior unless cordova-plugin-network-information is\n    // installed which overwrites the native navigator.onLine value and\n    // defines navigator.connection.\n    (_isHttpOrHttps() || isBrowserExtension() || 'connection' in navigator)\n  ) {\n    return navigator.onLine;\n  }\n  // If we can't determine the state, assume it is online.\n  return true;\n}\n\nexport function _getUserLanguage(): string | null {\n  if (typeof navigator === 'undefined') {\n    return null;\n  }\n  const navigatorLanguage: NavigatorLanguage = navigator;\n  return (\n    // Most reliable, but only supported in Chrome/Firefox.\n    (navigatorLanguage.languages && navigatorLanguage.languages[0]) ||\n    // Supported in most browsers, but returns the language of the browser\n    // UI, not the language set in browser settings.\n    navigatorLanguage.language ||\n    // Couldn't determine language.\n    null\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ConfigInternal } from '../../model/auth';\nimport { debugAssert } from './assert';\n\nexport function _emulatorUrl(config: ConfigInternal, path?: string): string {\n  debugAssert(config.emulator, 'Emulator should always be set here');\n  const { url } = config.emulator;\n\n  if (!path) {\n    return url;\n  }\n\n  return `${url}${path.startsWith('/') ? path.slice(1) : path}`;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { debugFail } from './assert';\n\nexport class FetchProvider {\n  private static fetchImpl: typeof fetch | null;\n  private static headersImpl: typeof Headers | null;\n  private static responseImpl: typeof Response | null;\n\n  static initialize(\n    fetchImpl: typeof fetch,\n    headersImpl?: typeof Headers,\n    responseImpl?: typeof Response\n  ): void {\n    this.fetchImpl = fetchImpl;\n    if (headersImpl) {\n      this.headersImpl = headersImpl;\n    }\n    if (responseImpl) {\n      this.responseImpl = responseImpl;\n    }\n  }\n\n  static fetch(): typeof fetch {\n    if (this.fetchImpl) {\n      return this.fetchImpl;\n    }\n    if (typeof self !== 'undefined' && 'fetch' in self) {\n      return self.fetch;\n    }\n    debugFail(\n      'Could not find fetch implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'\n    );\n  }\n\n  static headers(): typeof Headers {\n    if (this.headersImpl) {\n      return this.headersImpl;\n    }\n    if (typeof self !== 'undefined' && 'Headers' in self) {\n      return self.Headers;\n    }\n    debugFail(\n      'Could not find Headers implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'\n    );\n  }\n\n  static response(): typeof Response {\n    if (this.responseImpl) {\n      return this.responseImpl;\n    }\n    if (typeof self !== 'undefined' && 'Response' in self) {\n      return self.Response;\n    }\n    debugFail(\n      'Could not find Response implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'\n    );\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorCode } from '../core/errors';\n\n/**\n * Errors that can be returned by the backend\n */\nexport const enum ServerError {\n  ADMIN_ONLY_OPERATION = 'ADMIN_ONLY_OPERATION',\n  BLOCKING_FUNCTION_ERROR_RESPONSE = 'BLOCKING_FUNCTION_ERROR_RESPONSE',\n  CAPTCHA_CHECK_FAILED = 'CAPTCHA_CHECK_FAILED',\n  CORS_UNSUPPORTED = 'CORS_UNSUPPORTED',\n  CREDENTIAL_MISMATCH = 'CREDENTIAL_MISMATCH',\n  CREDENTIAL_TOO_OLD_LOGIN_AGAIN = 'CREDENTIAL_TOO_OLD_LOGIN_AGAIN',\n  DYNAMIC_LINK_NOT_ACTIVATED = 'DYNAMIC_LINK_NOT_ACTIVATED',\n  EMAIL_CHANGE_NEEDS_VERIFICATION = 'EMAIL_CHANGE_NEEDS_VERIFICATION',\n  EMAIL_EXISTS = 'EMAIL_EXISTS',\n  EMAIL_NOT_FOUND = 'EMAIL_NOT_FOUND',\n  EXPIRED_OOB_CODE = 'EXPIRED_OOB_CODE',\n  FEDERATED_USER_ID_ALREADY_LINKED = 'FEDERATED_USER_ID_ALREADY_LINKED',\n  INVALID_APP_CREDENTIAL = 'INVALID_APP_CREDENTIAL',\n  INVALID_APP_ID = 'INVALID_APP_ID',\n  INVALID_CERT_HASH = 'INVALID_CERT_HASH',\n  INVALID_CODE = 'INVALID_CODE',\n  INVALID_CONTINUE_URI = 'INVALID_CONTINUE_URI',\n  INVALID_CUSTOM_TOKEN = 'INVALID_CUSTOM_TOKEN',\n  INVALID_DYNAMIC_LINK_DOMAIN = 'INVALID_DYNAMIC_LINK_DOMAIN',\n  INVALID_EMAIL = 'INVALID_EMAIL',\n  INVALID_ID_TOKEN = 'INVALID_ID_TOKEN',\n  INVALID_IDP_RESPONSE = 'INVALID_IDP_RESPONSE',\n  INVALID_IDENTIFIER = 'INVALID_IDENTIFIER',\n  INVALID_MESSAGE_PAYLOAD = 'INVALID_MESSAGE_PAYLOAD',\n  INVALID_MFA_PENDING_CREDENTIAL = 'INVALID_MFA_PENDING_CREDENTIAL',\n  INVALID_OAUTH_CLIENT_ID = 'INVALID_OAUTH_CLIENT_ID',\n  INVALID_OOB_CODE = 'INVALID_OOB_CODE',\n  INVALID_PASSWORD = 'INVALID_PASSWORD',\n  INVALID_PENDING_TOKEN = 'INVALID_PENDING_TOKEN',\n  INVALID_PHONE_NUMBER = 'INVALID_PHONE_NUMBER',\n  INVALID_PROVIDER_ID = 'INVALID_PROVIDER_ID',\n  INVALID_RECIPIENT_EMAIL = 'INVALID_RECIPIENT_EMAIL',\n  INVALID_SENDER = 'INVALID_SENDER',\n  INVALID_SESSION_INFO = 'INVALID_SESSION_INFO',\n  INVALID_TEMPORARY_PROOF = 'INVALID_TEMPORARY_PROOF',\n  INVALID_TENANT_ID = 'INVALID_TENANT_ID',\n  MFA_ENROLLMENT_NOT_FOUND = 'MFA_ENROLLMENT_NOT_FOUND',\n  MISSING_ANDROID_PACKAGE_NAME = 'MISSING_ANDROID_PACKAGE_NAME',\n  MISSING_APP_CREDENTIAL = 'MISSING_APP_CREDENTIAL',\n  MISSING_CODE = 'MISSING_CODE',\n  MISSING_CONTINUE_URI = 'MISSING_CONTINUE_URI',\n  MISSING_CUSTOM_TOKEN = 'MISSING_CUSTOM_TOKEN',\n  MISSING_IOS_BUNDLE_ID = 'MISSING_IOS_BUNDLE_ID',\n  MISSING_MFA_ENROLLMENT_ID = 'MISSING_MFA_ENROLLMENT_ID',\n  MISSING_MFA_PENDING_CREDENTIAL = 'MISSING_MFA_PENDING_CREDENTIAL',\n  MISSING_OOB_CODE = 'MISSING_OOB_CODE',\n  MISSING_OR_INVALID_NONCE = 'MISSING_OR_INVALID_NONCE',\n  MISSING_PASSWORD = 'MISSING_PASSWORD',\n  MISSING_REQ_TYPE = 'MISSING_REQ_TYPE',\n  MISSING_PHONE_NUMBER = 'MISSING_PHONE_NUMBER',\n  MISSING_SESSION_INFO = 'MISSING_SESSION_INFO',\n  OPERATION_NOT_ALLOWED = 'OPERATION_NOT_ALLOWED',\n  PASSWORD_LOGIN_DISABLED = 'PASSWORD_LOGIN_DISABLED',\n  QUOTA_EXCEEDED = 'QUOTA_EXCEEDED',\n  RESET_PASSWORD_EXCEED_LIMIT = 'RESET_PASSWORD_EXCEED_LIMIT',\n  REJECTED_CREDENTIAL = 'REJECTED_CREDENTIAL',\n  SECOND_FACTOR_EXISTS = 'SECOND_FACTOR_EXISTS',\n  SECOND_FACTOR_LIMIT_EXCEEDED = 'SECOND_FACTOR_LIMIT_EXCEEDED',\n  SESSION_EXPIRED = 'SESSION_EXPIRED',\n  TENANT_ID_MISMATCH = 'TENANT_ID_MISMATCH',\n  TOKEN_EXPIRED = 'TOKEN_EXPIRED',\n  TOO_MANY_ATTEMPTS_TRY_LATER = 'TOO_MANY_ATTEMPTS_TRY_LATER',\n  UNSUPPORTED_FIRST_FACTOR = 'UNSUPPORTED_FIRST_FACTOR',\n  UNSUPPORTED_TENANT_OPERATION = 'UNSUPPORTED_TENANT_OPERATION',\n  UNAUTHORIZED_DOMAIN = 'UNAUTHORIZED_DOMAIN',\n  UNVERIFIED_EMAIL = 'UNVERIFIED_EMAIL',\n  USER_CANCELLED = 'USER_CANCELLED',\n  USER_DISABLED = 'USER_DISABLED',\n  USER_NOT_FOUND = 'USER_NOT_FOUND',\n  WEAK_PASSWORD = 'WEAK_PASSWORD',\n  RECAPTCHA_NOT_ENABLED = 'RECAPTCHA_NOT_ENABLED',\n  MISSING_RECAPTCHA_TOKEN = 'MISSING_RECAPTCHA_TOKEN',\n  INVALID_RECAPTCHA_TOKEN = 'INVALID_RECAPTCHA_TOKEN',\n  INVALID_RECAPTCHA_ACTION = 'INVALID_RECAPTCHA_ACTION',\n  MISSING_CLIENT_TYPE = 'MISSING_CLIENT_TYPE',\n  MISSING_RECAPTCHA_VERSION = 'MISSING_RECAPTCHA_VERSION',\n  INVALID_RECAPTCHA_VERSION = 'INVALID_RECAPTCHA_VERSION',\n  INVALID_REQ_TYPE = 'INVALID_REQ_TYPE'\n}\n\n/**\n * API Response in the event of an error\n */\nexport interface JsonError {\n  error: {\n    code: number;\n    message: string;\n    errors?: [\n      {\n        message: ServerError;\n        domain: string;\n        reason: string;\n      }\n    ];\n  };\n}\n\n/**\n * Type definition for a map from server errors to developer visible errors\n */\nexport declare type ServerErrorMap<ApiError extends string> = {\n  readonly [K in ApiError]: AuthErrorCode;\n};\n\n/**\n * Map from errors returned by the server to errors to developer visible errors\n */\nexport const SERVER_ERROR_MAP: Partial<ServerErrorMap<ServerError>> = {\n  // Custom token errors.\n  [ServerError.CREDENTIAL_MISMATCH]: AuthErrorCode.CREDENTIAL_MISMATCH,\n  // This can only happen if the SDK sends a bad request.\n  [ServerError.MISSING_CUSTOM_TOKEN]: AuthErrorCode.INTERNAL_ERROR,\n\n  // Create Auth URI errors.\n  [ServerError.INVALID_IDENTIFIER]: AuthErrorCode.INVALID_EMAIL,\n  // This can only happen if the SDK sends a bad request.\n  [ServerError.MISSING_CONTINUE_URI]: AuthErrorCode.INTERNAL_ERROR,\n\n  // Sign in with email and password errors (some apply to sign up too).\n  [ServerError.INVALID_PASSWORD]: AuthErrorCode.INVALID_PASSWORD,\n  // This can only happen if the SDK sends a bad request.\n  [ServerError.MISSING_PASSWORD]: AuthErrorCode.MISSING_PASSWORD,\n\n  // Sign up with email and password errors.\n  [ServerError.EMAIL_EXISTS]: AuthErrorCode.EMAIL_EXISTS,\n  [ServerError.PASSWORD_LOGIN_DISABLED]: AuthErrorCode.OPERATION_NOT_ALLOWED,\n\n  // Verify assertion for sign in with credential errors:\n  [ServerError.INVALID_IDP_RESPONSE]: AuthErrorCode.INVALID_IDP_RESPONSE,\n  [ServerError.INVALID_PENDING_TOKEN]: AuthErrorCode.INVALID_IDP_RESPONSE,\n  [ServerError.FEDERATED_USER_ID_ALREADY_LINKED]:\n    AuthErrorCode.CREDENTIAL_ALREADY_IN_USE,\n\n  // This can only happen if the SDK sends a bad request.\n  [ServerError.MISSING_REQ_TYPE]: AuthErrorCode.INTERNAL_ERROR,\n\n  // Send Password reset email errors:\n  [ServerError.EMAIL_NOT_FOUND]: AuthErrorCode.USER_DELETED,\n  [ServerError.RESET_PASSWORD_EXCEED_LIMIT]:\n    AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER,\n\n  [ServerError.EXPIRED_OOB_CODE]: AuthErrorCode.EXPIRED_OOB_CODE,\n  [ServerError.INVALID_OOB_CODE]: AuthErrorCode.INVALID_OOB_CODE,\n  // This can only happen if the SDK sends a bad request.\n  [ServerError.MISSING_OOB_CODE]: AuthErrorCode.INTERNAL_ERROR,\n\n  // Operations that require ID token in request:\n  [ServerError.CREDENTIAL_TOO_OLD_LOGIN_AGAIN]:\n    AuthErrorCode.CREDENTIAL_TOO_OLD_LOGIN_AGAIN,\n  [ServerError.INVALID_ID_TOKEN]: AuthErrorCode.INVALID_AUTH,\n  [ServerError.TOKEN_EXPIRED]: AuthErrorCode.TOKEN_EXPIRED,\n  [ServerError.USER_NOT_FOUND]: AuthErrorCode.TOKEN_EXPIRED,\n\n  // Other errors.\n  [ServerError.TOO_MANY_ATTEMPTS_TRY_LATER]:\n    AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER,\n\n  // Phone Auth related errors.\n  [ServerError.INVALID_CODE]: AuthErrorCode.INVALID_CODE,\n  [ServerError.INVALID_SESSION_INFO]: AuthErrorCode.INVALID_SESSION_INFO,\n  [ServerError.INVALID_TEMPORARY_PROOF]: AuthErrorCode.INVALID_IDP_RESPONSE,\n  [ServerError.MISSING_SESSION_INFO]: AuthErrorCode.MISSING_SESSION_INFO,\n  [ServerError.SESSION_EXPIRED]: AuthErrorCode.CODE_EXPIRED,\n\n  // Other action code errors when additional settings passed.\n  // MISSING_CONTINUE_URI is getting mapped to INTERNAL_ERROR above.\n  // This is OK as this error will be caught by client side validation.\n  [ServerError.MISSING_ANDROID_PACKAGE_NAME]:\n    AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME,\n  [ServerError.UNAUTHORIZED_DOMAIN]: AuthErrorCode.UNAUTHORIZED_DOMAIN,\n\n  // getProjectConfig errors when clientId is passed.\n  [ServerError.INVALID_OAUTH_CLIENT_ID]: AuthErrorCode.INVALID_OAUTH_CLIENT_ID,\n\n  // User actions (sign-up or deletion) disabled errors.\n  [ServerError.ADMIN_ONLY_OPERATION]: AuthErrorCode.ADMIN_ONLY_OPERATION,\n\n  // Multi factor related errors.\n  [ServerError.INVALID_MFA_PENDING_CREDENTIAL]:\n    AuthErrorCode.INVALID_MFA_SESSION,\n  [ServerError.MFA_ENROLLMENT_NOT_FOUND]: AuthErrorCode.MFA_INFO_NOT_FOUND,\n  [ServerError.MISSING_MFA_ENROLLMENT_ID]: AuthErrorCode.MISSING_MFA_INFO,\n  [ServerError.MISSING_MFA_PENDING_CREDENTIAL]:\n    AuthErrorCode.MISSING_MFA_SESSION,\n  [ServerError.SECOND_FACTOR_EXISTS]:\n    AuthErrorCode.SECOND_FACTOR_ALREADY_ENROLLED,\n  [ServerError.SECOND_FACTOR_LIMIT_EXCEEDED]:\n    AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED,\n\n  // Blocking functions related errors.\n  [ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE]: AuthErrorCode.INTERNAL_ERROR,\n\n  // Recaptcha related errors.\n  [ServerError.RECAPTCHA_NOT_ENABLED]: AuthErrorCode.RECAPTCHA_NOT_ENABLED,\n  [ServerError.MISSING_RECAPTCHA_TOKEN]: AuthErrorCode.MISSING_RECAPTCHA_TOKEN,\n  [ServerError.INVALID_RECAPTCHA_TOKEN]: AuthErrorCode.INVALID_RECAPTCHA_TOKEN,\n  [ServerError.INVALID_RECAPTCHA_ACTION]:\n    AuthErrorCode.INVALID_RECAPTCHA_ACTION,\n  [ServerError.MISSING_CLIENT_TYPE]: AuthErrorCode.MISSING_CLIENT_TYPE,\n  [ServerError.MISSING_RECAPTCHA_VERSION]:\n    AuthErrorCode.MISSING_RECAPTCHA_VERSION,\n  [ServerError.INVALID_RECAPTCHA_VERSION]:\n    AuthErrorCode.INVALID_RECAPTCHA_VERSION,\n  [ServerError.INVALID_REQ_TYPE]: AuthErrorCode.INVALID_REQ_TYPE\n};\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError, querystring } from '@firebase/util';\n\nimport { AuthErrorCode, NamedErrorParams } from '../core/errors';\nimport {\n  _createError,\n  _errorWithCustomMessage,\n  _fail\n} from '../core/util/assert';\nimport { Delay } from '../core/util/delay';\nimport { _emulatorUrl } from '../core/util/emulator';\nimport { FetchProvider } from '../core/util/fetch_provider';\nimport { Auth } from '../model/public_types';\nimport { AuthInternal, ConfigInternal } from '../model/auth';\nimport { IdTokenResponse, TaggedWithTokenResponse } from '../model/id_token';\nimport { IdTokenMfaResponse } from './authentication/mfa';\nimport { SERVER_ERROR_MAP, ServerError, ServerErrorMap } from './errors';\n\nexport const enum HttpMethod {\n  POST = 'POST',\n  GET = 'GET'\n}\n\nexport const enum HttpHeader {\n  CONTENT_TYPE = 'Content-Type',\n  X_FIREBASE_LOCALE = 'X-Firebase-Locale',\n  X_CLIENT_VERSION = 'X-Client-Version',\n  X_FIREBASE_GMPID = 'X-Firebase-gmpid',\n  X_FIREBASE_CLIENT = 'X-Firebase-Client',\n  X_FIREBASE_APP_CHECK = 'X-Firebase-AppCheck'\n}\n\nexport const enum Endpoint {\n  CREATE_AUTH_URI = '/v1/accounts:createAuthUri',\n  DELETE_ACCOUNT = '/v1/accounts:delete',\n  RESET_PASSWORD = '/v1/accounts:resetPassword',\n  SIGN_UP = '/v1/accounts:signUp',\n  SIGN_IN_WITH_CUSTOM_TOKEN = '/v1/accounts:signInWithCustomToken',\n  SIGN_IN_WITH_EMAIL_LINK = '/v1/accounts:signInWithEmailLink',\n  SIGN_IN_WITH_IDP = '/v1/accounts:signInWithIdp',\n  SIGN_IN_WITH_PASSWORD = '/v1/accounts:signInWithPassword',\n  SIGN_IN_WITH_PHONE_NUMBER = '/v1/accounts:signInWithPhoneNumber',\n  SEND_VERIFICATION_CODE = '/v1/accounts:sendVerificationCode',\n  SEND_OOB_CODE = '/v1/accounts:sendOobCode',\n  SET_ACCOUNT_INFO = '/v1/accounts:update',\n  GET_ACCOUNT_INFO = '/v1/accounts:lookup',\n  GET_RECAPTCHA_PARAM = '/v1/recaptchaParams',\n  START_MFA_ENROLLMENT = '/v2/accounts/mfaEnrollment:start',\n  FINALIZE_MFA_ENROLLMENT = '/v2/accounts/mfaEnrollment:finalize',\n  START_MFA_SIGN_IN = '/v2/accounts/mfaSignIn:start',\n  FINALIZE_MFA_SIGN_IN = '/v2/accounts/mfaSignIn:finalize',\n  WITHDRAW_MFA = '/v2/accounts/mfaEnrollment:withdraw',\n  GET_PROJECT_CONFIG = '/v1/projects',\n  GET_RECAPTCHA_CONFIG = '/v2/recaptchaConfig'\n}\n\nexport const enum RecaptchaClientType {\n  WEB = 'CLIENT_TYPE_WEB',\n  ANDROID = 'CLIENT_TYPE_ANDROID',\n  IOS = 'CLIENT_TYPE_IOS'\n}\n\nexport const enum RecaptchaVersion {\n  ENTERPRISE = 'RECAPTCHA_ENTERPRISE'\n}\n\nexport const enum RecaptchaActionName {\n  SIGN_IN_WITH_PASSWORD = 'signInWithPassword',\n  GET_OOB_CODE = 'getOobCode',\n  SIGN_UP_PASSWORD = 'signUpPassword'\n}\n\nexport const DEFAULT_API_TIMEOUT_MS = new Delay(30_000, 60_000);\n\nexport function _addTidIfNecessary<T extends { tenantId?: string }>(\n  auth: Auth,\n  request: T\n): T {\n  if (auth.tenantId && !request.tenantId) {\n    return {\n      ...request,\n      tenantId: auth.tenantId\n    };\n  }\n  return request;\n}\n\nexport async function _performApiRequest<T, V>(\n  auth: Auth,\n  method: HttpMethod,\n  path: Endpoint,\n  request?: T,\n  customErrorMap: Partial<ServerErrorMap<ServerError>> = {}\n): Promise<V> {\n  return _performFetchWithErrorHandling(auth, customErrorMap, async () => {\n    let body = {};\n    let params = {};\n    if (request) {\n      if (method === HttpMethod.GET) {\n        params = request;\n      } else {\n        body = {\n          body: JSON.stringify(request)\n        };\n      }\n    }\n\n    const query = querystring({\n      key: auth.config.apiKey,\n      ...params\n    }).slice(1);\n\n    const headers = await (auth as AuthInternal)._getAdditionalHeaders();\n    headers[HttpHeader.CONTENT_TYPE] = 'application/json';\n\n    if (auth.languageCode) {\n      headers[HttpHeader.X_FIREBASE_LOCALE] = auth.languageCode;\n    }\n\n    return FetchProvider.fetch()(\n      _getFinalTarget(auth, auth.config.apiHost, path, query),\n      {\n        method,\n        headers,\n        referrerPolicy: 'no-referrer',\n        ...body\n      }\n    );\n  });\n}\n\nexport async function _performFetchWithErrorHandling<V>(\n  auth: Auth,\n  customErrorMap: Partial<ServerErrorMap<ServerError>>,\n  fetchFn: () => Promise<Response>\n): Promise<V> {\n  (auth as AuthInternal)._canInitEmulator = false;\n  const errorMap = { ...SERVER_ERROR_MAP, ...customErrorMap };\n  try {\n    const networkTimeout = new NetworkTimeout<Response>(auth);\n    const response: Response = await Promise.race<Promise<Response>>([\n      fetchFn(),\n      networkTimeout.promise\n    ]);\n\n    // If we've reached this point, the fetch succeeded and the networkTimeout\n    // didn't throw; clear the network timeout delay so that Node won't hang\n    networkTimeout.clearNetworkTimeout();\n\n    const json = await response.json();\n    if ('needConfirmation' in json) {\n      throw _makeTaggedError(auth, AuthErrorCode.NEED_CONFIRMATION, json);\n    }\n\n    if (response.ok && !('errorMessage' in json)) {\n      return json;\n    } else {\n      const errorMessage = response.ok ? json.errorMessage : json.error.message;\n      const [serverErrorCode, serverErrorMessage] = errorMessage.split(' : ');\n      if (serverErrorCode === ServerError.FEDERATED_USER_ID_ALREADY_LINKED) {\n        throw _makeTaggedError(\n          auth,\n          AuthErrorCode.CREDENTIAL_ALREADY_IN_USE,\n          json\n        );\n      } else if (serverErrorCode === ServerError.EMAIL_EXISTS) {\n        throw _makeTaggedError(auth, AuthErrorCode.EMAIL_EXISTS, json);\n      } else if (serverErrorCode === ServerError.USER_DISABLED) {\n        throw _makeTaggedError(auth, AuthErrorCode.USER_DISABLED, json);\n      }\n      const authError =\n        errorMap[serverErrorCode as ServerError] ||\n        (serverErrorCode\n          .toLowerCase()\n          .replace(/[_\\s]+/g, '-') as unknown as AuthErrorCode);\n      if (serverErrorMessage) {\n        throw _errorWithCustomMessage(auth, authError, serverErrorMessage);\n      } else {\n        _fail(auth, authError);\n      }\n    }\n  } catch (e) {\n    if (e instanceof FirebaseError) {\n      throw e;\n    }\n    // Changing this to a different error code will log user out when there is a network error\n    // because we treat any error other than NETWORK_REQUEST_FAILED as token is invalid.\n    // https://github.com/firebase/firebase-js-sdk/blob/4fbc73610d70be4e0852e7de63a39cb7897e8546/packages/auth/src/core/auth/auth_impl.ts#L309-L316\n    _fail(auth, AuthErrorCode.NETWORK_REQUEST_FAILED, { 'message': String(e) });\n  }\n}\n\nexport async function _performSignInRequest<T, V extends IdTokenResponse>(\n  auth: Auth,\n  method: HttpMethod,\n  path: Endpoint,\n  request?: T,\n  customErrorMap: Partial<ServerErrorMap<ServerError>> = {}\n): Promise<V> {\n  const serverResponse = (await _performApiRequest<T, V | IdTokenMfaResponse>(\n    auth,\n    method,\n    path,\n    request,\n    customErrorMap\n  )) as V;\n  if ('mfaPendingCredential' in serverResponse) {\n    _fail(auth, AuthErrorCode.MFA_REQUIRED, {\n      _serverResponse: serverResponse\n    });\n  }\n\n  return serverResponse;\n}\n\nexport function _getFinalTarget(\n  auth: Auth,\n  host: string,\n  path: string,\n  query: string\n): string {\n  const base = `${host}${path}?${query}`;\n\n  if (!(auth as AuthInternal).config.emulator) {\n    return `${auth.config.apiScheme}://${base}`;\n  }\n\n  return _emulatorUrl(auth.config as ConfigInternal, base);\n}\n\nclass NetworkTimeout<T> {\n  // Node timers and browser timers are fundamentally incompatible, but we\n  // don't care about the value here\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  private timer: any | null = null;\n  readonly promise = new Promise<T>((_, reject) => {\n    this.timer = setTimeout(() => {\n      return reject(\n        _createError(this.auth, AuthErrorCode.NETWORK_REQUEST_FAILED)\n      );\n    }, DEFAULT_API_TIMEOUT_MS.get());\n  });\n\n  clearNetworkTimeout(): void {\n    clearTimeout(this.timer);\n  }\n\n  constructor(private readonly auth: Auth) {}\n}\n\ninterface PotentialResponse extends IdTokenResponse {\n  email?: string;\n  phoneNumber?: string;\n}\n\nexport function _makeTaggedError(\n  auth: Auth,\n  code: AuthErrorCode,\n  response: PotentialResponse\n): FirebaseError {\n  const errorParams: NamedErrorParams = {\n    appName: auth.name\n  };\n\n  if (response.email) {\n    errorParams.email = response.email;\n  }\n  if (response.phoneNumber) {\n    errorParams.phoneNumber = response.phoneNumber;\n  }\n\n  const error = _createError(auth, code, errorParams);\n\n  // We know customData is defined on error because errorParams is defined\n  (error.customData! as TaggedWithTokenResponse)._tokenResponse = response;\n  return error;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport function utcTimestampToDateString(\n  utcTimestamp?: string | number\n): string | undefined {\n  if (!utcTimestamp) {\n    return undefined;\n  }\n  try {\n    // Convert to date object.\n    const date = new Date(Number(utcTimestamp));\n    // Test date is valid.\n    if (!isNaN(date.getTime())) {\n      // Convert to UTC date string.\n      return date.toUTCString();\n    }\n  } catch (e) {\n    // Do nothing. undefined will be returned.\n  }\n  return undefined;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { IdTokenResult, ParsedToken, User } from '../../model/public_types';\nimport { base64Decode, getModularInstance } from '@firebase/util';\n\nimport { UserInternal } from '../../model/user';\nimport { _assert } from '../util/assert';\nimport { _logError } from '../util/log';\nimport { utcTimestampToDateString } from '../util/time';\nimport { AuthErrorCode } from '../errors';\n\n/**\n * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.\n *\n * @remarks\n * Returns the current token if it has not expired or if it will not expire in the next five\n * minutes. Otherwise, this will refresh the token and return a new one.\n *\n * @param user - The user.\n * @param forceRefresh - Force refresh regardless of token expiration.\n *\n * @public\n */\nexport function getIdToken(user: User, forceRefresh = false): Promise<string> {\n  return getModularInstance(user).getIdToken(forceRefresh);\n}\n\n/**\n * Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service.\n *\n * @remarks\n * Returns the current token if it has not expired or if it will not expire in the next five\n * minutes. Otherwise, this will refresh the token and return a new one.\n *\n * @param user - The user.\n * @param forceRefresh - Force refresh regardless of token expiration.\n *\n * @public\n */\nexport async function getIdTokenResult(\n  user: User,\n  forceRefresh = false\n): Promise<IdTokenResult> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  const token = await userInternal.getIdToken(forceRefresh);\n  const claims = _parseToken(token);\n\n  _assert(\n    claims && claims.exp && claims.auth_time && claims.iat,\n    userInternal.auth,\n    AuthErrorCode.INTERNAL_ERROR\n  );\n  const firebase =\n    typeof claims.firebase === 'object' ? claims.firebase : undefined;\n\n  const signInProvider: string | undefined = firebase?.['sign_in_provider'];\n\n  return {\n    claims,\n    token,\n    authTime: utcTimestampToDateString(\n      secondsStringToMilliseconds(claims.auth_time)\n    )!,\n    issuedAtTime: utcTimestampToDateString(\n      secondsStringToMilliseconds(claims.iat)\n    )!,\n    expirationTime: utcTimestampToDateString(\n      secondsStringToMilliseconds(claims.exp)\n    )!,\n    signInProvider: signInProvider || null,\n    signInSecondFactor: firebase?.['sign_in_second_factor'] || null\n  };\n}\n\nfunction secondsStringToMilliseconds(seconds: string): number {\n  return Number(seconds) * 1000;\n}\n\nexport function _parseToken(token: string): ParsedToken | null {\n  const [algorithm, payload, signature] = token.split('.');\n  if (\n    algorithm === undefined ||\n    payload === undefined ||\n    signature === undefined\n  ) {\n    _logError('JWT malformed, contained fewer than 3 sections');\n    return null;\n  }\n\n  try {\n    const decoded = base64Decode(payload);\n    if (!decoded) {\n      _logError('Failed to decode base64 JWT payload');\n      return null;\n    }\n    return JSON.parse(decoded);\n  } catch (e) {\n    _logError(\n      'Caught error parsing JWT payload as JSON',\n      (e as Error)?.toString()\n    );\n    return null;\n  }\n}\n\n/**\n * Extract expiresIn TTL from a token by subtracting the expiration from the issuance.\n */\nexport function _tokenExpiresIn(token: string): number {\n  const parsedToken = _parseToken(token);\n  _assert(parsedToken, AuthErrorCode.INTERNAL_ERROR);\n  _assert(typeof parsedToken.exp !== 'undefined', AuthErrorCode.INTERNAL_ERROR);\n  _assert(typeof parsedToken.iat !== 'undefined', AuthErrorCode.INTERNAL_ERROR);\n  return Number(parsedToken.exp) - Number(parsedToken.iat);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\n\nimport { UserInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\n\nexport async function _logoutIfInvalidated<T>(\n  user: UserInternal,\n  promise: Promise<T>,\n  bypassAuthState = false\n): Promise<T> {\n  if (bypassAuthState) {\n    return promise;\n  }\n  try {\n    return await promise;\n  } catch (e) {\n    if (e instanceof FirebaseError && isUserInvalidated(e)) {\n      if (user.auth.currentUser === user) {\n        await user.auth.signOut();\n      }\n    }\n\n    throw e;\n  }\n}\n\nfunction isUserInvalidated({ code }: FirebaseError): boolean {\n  return (\n    code === `auth/${AuthErrorCode.USER_DISABLED}` ||\n    code === `auth/${AuthErrorCode.TOKEN_EXPIRED}`\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\nimport { UserInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\n\n// Refresh the token five minutes before expiration\nexport const enum Duration {\n  OFFSET = 5 * 1000 * 60,\n  RETRY_BACKOFF_MIN = 30 * 1000,\n  RETRY_BACKOFF_MAX = 16 * 60 * 1000\n}\n\nexport class ProactiveRefresh {\n  private isRunning = false;\n\n  // Node timers and browser timers return fundamentally different types.\n  // We don't actually care what the value is but TS won't accept unknown and\n  // we can't cast properly in both environments.\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  private timerId: any | null = null;\n  private errorBackoff = Duration.RETRY_BACKOFF_MIN;\n\n  constructor(private readonly user: UserInternal) {}\n\n  _start(): void {\n    if (this.isRunning) {\n      return;\n    }\n\n    this.isRunning = true;\n    this.schedule();\n  }\n\n  _stop(): void {\n    if (!this.isRunning) {\n      return;\n    }\n\n    this.isRunning = false;\n    if (this.timerId !== null) {\n      clearTimeout(this.timerId);\n    }\n  }\n\n  private getInterval(wasError: boolean): number {\n    if (wasError) {\n      const interval = this.errorBackoff;\n      this.errorBackoff = Math.min(\n        this.errorBackoff * 2,\n        Duration.RETRY_BACKOFF_MAX\n      );\n      return interval;\n    } else {\n      // Reset the error backoff\n      this.errorBackoff = Duration.RETRY_BACKOFF_MIN;\n      const expTime = this.user.stsTokenManager.expirationTime ?? 0;\n      const interval = expTime - Date.now() - Duration.OFFSET;\n\n      return Math.max(0, interval);\n    }\n  }\n\n  private schedule(wasError = false): void {\n    if (!this.isRunning) {\n      // Just in case...\n      return;\n    }\n\n    const interval = this.getInterval(wasError);\n    this.timerId = setTimeout(async () => {\n      await this.iteration();\n    }, interval);\n  }\n\n  private async iteration(): Promise<void> {\n    try {\n      await this.user.getIdToken(true);\n    } catch (e) {\n      // Only retry on network errors\n      if (\n        (e as FirebaseError)?.code ===\n        `auth/${AuthErrorCode.NETWORK_REQUEST_FAILED}`\n      ) {\n        this.schedule(/* wasError */ true);\n      }\n\n      return;\n    }\n    this.schedule();\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserMetadata as UserMetadataType } from '../../model/public_types';\n\nimport { utcTimestampToDateString } from '../util/time';\n\nexport class UserMetadata implements UserMetadataType {\n  creationTime?: string;\n  lastSignInTime?: string;\n\n  constructor(\n    private createdAt?: string | number,\n    private lastLoginAt?: string | number\n  ) {\n    this._initializeTime();\n  }\n\n  private _initializeTime(): void {\n    this.lastSignInTime = utcTimestampToDateString(this.lastLoginAt);\n    this.creationTime = utcTimestampToDateString(this.createdAt);\n  }\n\n  _copy(metadata: UserMetadata): void {\n    this.createdAt = metadata.createdAt;\n    this.lastLoginAt = metadata.lastLoginAt;\n    this._initializeTime();\n  }\n\n  toJSON(): object {\n    return {\n      createdAt: this.createdAt,\n      lastLoginAt: this.lastLoginAt\n    };\n  }\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { User, UserInfo } from '../../model/public_types';\n\nimport {\n  getAccountInfo,\n  ProviderUserInfo\n} from '../../api/account_management/account';\nimport { UserInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { UserMetadata } from './user_metadata';\nimport { getModularInstance } from '@firebase/util';\n\nexport async function _reloadWithoutSaving(user: UserInternal): Promise<void> {\n  const auth = user.auth;\n  const idToken = await user.getIdToken();\n  const response = await _logoutIfInvalidated(\n    user,\n    getAccountInfo(auth, { idToken })\n  );\n\n  _assert(response?.users.length, auth, AuthErrorCode.INTERNAL_ERROR);\n\n  const coreAccount = response.users[0];\n\n  user._notifyReloadListener(coreAccount);\n\n  const newProviderData = coreAccount.providerUserInfo?.length\n    ? extractProviderData(coreAccount.providerUserInfo)\n    : [];\n\n  const providerData = mergeProviderData(user.providerData, newProviderData);\n\n  // Preserves the non-nonymous status of the stored user, even if no more\n  // credentials (federated or email/password) are linked to the user. If\n  // the user was previously anonymous, then use provider data to update.\n  // On the other hand, if it was not anonymous before, it should never be\n  // considered anonymous now.\n  const oldIsAnonymous = user.isAnonymous;\n  const newIsAnonymous =\n    !(user.email && coreAccount.passwordHash) && !providerData?.length;\n  const isAnonymous = !oldIsAnonymous ? false : newIsAnonymous;\n\n  const updates: Partial<UserInternal> = {\n    uid: coreAccount.localId,\n    displayName: coreAccount.displayName || null,\n    photoURL: coreAccount.photoUrl || null,\n    email: coreAccount.email || null,\n    emailVerified: coreAccount.emailVerified || false,\n    phoneNumber: coreAccount.phoneNumber || null,\n    tenantId: coreAccount.tenantId || null,\n    providerData,\n    metadata: new UserMetadata(coreAccount.createdAt, coreAccount.lastLoginAt),\n    isAnonymous\n  };\n\n  Object.assign(user, updates);\n}\n\n/**\n * Reloads user account data, if signed in.\n *\n * @param user - The user.\n *\n * @public\n */\nexport async function reload(user: User): Promise<void> {\n  const userInternal: UserInternal = getModularInstance(user) as UserInternal;\n  await _reloadWithoutSaving(userInternal);\n\n  // Even though the current user hasn't changed, update\n  // current user will trigger a persistence update w/ the\n  // new info.\n  await userInternal.auth._persistUserIfCurrent(userInternal);\n  userInternal.auth._notifyListenersIfCurrent(userInternal);\n}\n\nfunction mergeProviderData(\n  original: UserInfo[],\n  newData: UserInfo[]\n): UserInfo[] {\n  const deduped = original.filter(\n    o => !newData.some(n => n.providerId === o.providerId)\n  );\n  return [...deduped, ...newData];\n}\n\nfunction extractProviderData(providers: ProviderUserInfo[]): UserInfo[] {\n  return providers.map(({ providerId, ...provider }) => {\n    return {\n      providerId,\n      uid: provider.rawId || '',\n      displayName: provider.displayName || null,\n      email: provider.email || null,\n      phoneNumber: provider.phoneNumber || null,\n      photoURL: provider.photoUrl || null\n    };\n  });\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Endpoint, HttpMethod, _performApiRequest } from '../index';\nimport { MfaEnrollment } from './mfa';\nimport { Auth } from '../../model/public_types';\n\nexport interface DeleteAccountRequest {\n  idToken: string;\n}\n\nexport async function deleteAccount(\n  auth: Auth,\n  request: DeleteAccountRequest\n): Promise<void> {\n  return _performApiRequest<DeleteAccountRequest, void>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.DELETE_ACCOUNT,\n    request\n  );\n}\n\nexport interface ProviderUserInfo {\n  providerId: string;\n  rawId?: string;\n  email?: string;\n  displayName?: string;\n  photoUrl?: string;\n  phoneNumber?: string;\n}\n\nexport interface DeleteLinkedAccountsRequest {\n  idToken: string;\n  deleteProvider: string[];\n}\n\nexport interface DeleteLinkedAccountsResponse {\n  providerUserInfo: ProviderUserInfo[];\n}\n\nexport async function deleteLinkedAccounts(\n  auth: Auth,\n  request: DeleteLinkedAccountsRequest\n): Promise<DeleteLinkedAccountsResponse> {\n  return _performApiRequest<\n    DeleteLinkedAccountsRequest,\n    DeleteLinkedAccountsResponse\n  >(auth, HttpMethod.POST, Endpoint.SET_ACCOUNT_INFO, request);\n}\n\nexport interface APIUserInfo {\n  localId?: string;\n  displayName?: string;\n  photoUrl?: string;\n  email?: string;\n  emailVerified?: boolean;\n  phoneNumber?: string;\n  lastLoginAt?: number;\n  createdAt?: number;\n  tenantId?: string;\n  passwordHash?: string;\n  providerUserInfo?: ProviderUserInfo[];\n  mfaInfo?: MfaEnrollment[];\n}\n\nexport interface GetAccountInfoRequest {\n  idToken: string;\n}\n\nexport interface GetAccountInfoResponse {\n  users: APIUserInfo[];\n}\n\nexport async function getAccountInfo(\n  auth: Auth,\n  request: GetAccountInfoRequest\n): Promise<GetAccountInfoResponse> {\n  return _performApiRequest<GetAccountInfoRequest, GetAccountInfoResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.GET_ACCOUNT_INFO,\n    request\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FinalizeMfaResponse } from '../../api/authentication/mfa';\nimport { requestStsToken } from '../../api/authentication/token';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthErrorCode } from '../errors';\nimport { PersistedBlob } from '../persistence';\nimport { _assert, debugFail } from '../util/assert';\nimport { _tokenExpiresIn } from './id_token_result';\n\n/**\n * The number of milliseconds before the official expiration time of a token\n * to refresh that token, to provide a buffer for RPCs to complete.\n */\nexport const enum Buffer {\n  TOKEN_REFRESH = 30_000\n}\n\n/**\n * We need to mark this class as internal explicitly to exclude it in the public typings, because\n * it references AuthInternal which has a circular dependency with UserInternal.\n *\n * @internal\n */\nexport class StsTokenManager {\n  refreshToken: string | null = null;\n  accessToken: string | null = null;\n  expirationTime: number | null = null;\n\n  get isExpired(): boolean {\n    return (\n      !this.expirationTime ||\n      Date.now() > this.expirationTime - Buffer.TOKEN_REFRESH\n    );\n  }\n\n  updateFromServerResponse(\n    response: IdTokenResponse | FinalizeMfaResponse\n  ): void {\n    _assert(response.idToken, AuthErrorCode.INTERNAL_ERROR);\n    _assert(\n      typeof response.idToken !== 'undefined',\n      AuthErrorCode.INTERNAL_ERROR\n    );\n    _assert(\n      typeof response.refreshToken !== 'undefined',\n      AuthErrorCode.INTERNAL_ERROR\n    );\n    const expiresIn =\n      'expiresIn' in response && typeof response.expiresIn !== 'undefined'\n        ? Number(response.expiresIn)\n        : _tokenExpiresIn(response.idToken);\n    this.updateTokensAndExpiration(\n      response.idToken,\n      response.refreshToken,\n      expiresIn\n    );\n  }\n\n  async getToken(\n    auth: AuthInternal,\n    forceRefresh = false\n  ): Promise<string | null> {\n    _assert(\n      !this.accessToken || this.refreshToken,\n      auth,\n      AuthErrorCode.TOKEN_EXPIRED\n    );\n\n    if (!forceRefresh && this.accessToken && !this.isExpired) {\n      return this.accessToken;\n    }\n\n    if (this.refreshToken) {\n      await this.refresh(auth, this.refreshToken!);\n      return this.accessToken;\n    }\n\n    return null;\n  }\n\n  clearRefreshToken(): void {\n    this.refreshToken = null;\n  }\n\n  private async refresh(auth: AuthInternal, oldToken: string): Promise<void> {\n    const { accessToken, refreshToken, expiresIn } = await requestStsToken(\n      auth,\n      oldToken\n    );\n    this.updateTokensAndExpiration(\n      accessToken,\n      refreshToken,\n      Number(expiresIn)\n    );\n  }\n\n  private updateTokensAndExpiration(\n    accessToken: string,\n    refreshToken: string,\n    expiresInSec: number\n  ): void {\n    this.refreshToken = refreshToken || null;\n    this.accessToken = accessToken || null;\n    this.expirationTime = Date.now() + expiresInSec * 1000;\n  }\n\n  static fromJSON(appName: string, object: PersistedBlob): StsTokenManager {\n    const { refreshToken, accessToken, expirationTime } = object;\n\n    const manager = new StsTokenManager();\n    if (refreshToken) {\n      _assert(typeof refreshToken === 'string', AuthErrorCode.INTERNAL_ERROR, {\n        appName\n      });\n      manager.refreshToken = refreshToken;\n    }\n    if (accessToken) {\n      _assert(typeof accessToken === 'string', AuthErrorCode.INTERNAL_ERROR, {\n        appName\n      });\n      manager.accessToken = accessToken;\n    }\n    if (expirationTime) {\n      _assert(\n        typeof expirationTime === 'number',\n        AuthErrorCode.INTERNAL_ERROR,\n        {\n          appName\n        }\n      );\n      manager.expirationTime = expirationTime;\n    }\n    return manager;\n  }\n\n  toJSON(): object {\n    return {\n      refreshToken: this.refreshToken,\n      accessToken: this.accessToken,\n      expirationTime: this.expirationTime\n    };\n  }\n\n  _assign(stsTokenManager: StsTokenManager): void {\n    this.accessToken = stsTokenManager.accessToken;\n    this.refreshToken = stsTokenManager.refreshToken;\n    this.expirationTime = stsTokenManager.expirationTime;\n  }\n\n  _clone(): StsTokenManager {\n    return Object.assign(new StsTokenManager(), this.toJSON());\n  }\n\n  _performRefresh(): never {\n    return debugFail('not implemented');\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/* eslint-disable camelcase */\n\nimport { querystring } from '@firebase/util';\n\nimport {\n  _getFinalTarget,\n  _performFetchWithErrorHandling,\n  HttpMethod,\n  HttpHeader\n} from '../index';\nimport { FetchProvider } from '../../core/util/fetch_provider';\nimport { Auth } from '../../model/public_types';\nimport { AuthInternal } from '../../model/auth';\n\nexport const enum Endpoint {\n  TOKEN = '/v1/token'\n}\n\n/** The server responses with snake_case; we convert to camelCase */\ninterface RequestStsTokenServerResponse {\n  access_token: string;\n  expires_in: string;\n  refresh_token: string;\n}\n\nexport interface RequestStsTokenResponse {\n  accessToken: string;\n  expiresIn: string;\n  refreshToken: string;\n}\n\nexport async function requestStsToken(\n  auth: Auth,\n  refreshToken: string\n): Promise<RequestStsTokenResponse> {\n  const response =\n    await _performFetchWithErrorHandling<RequestStsTokenServerResponse>(\n      auth,\n      {},\n      async () => {\n        const body = querystring({\n          'grant_type': 'refresh_token',\n          'refresh_token': refreshToken\n        }).slice(1);\n        const { tokenApiHost, apiKey } = auth.config;\n        const url = _getFinalTarget(\n          auth,\n          tokenApiHost,\n          Endpoint.TOKEN,\n          `key=${apiKey}`\n        );\n\n        const headers = await (auth as AuthInternal)._getAdditionalHeaders();\n        headers[HttpHeader.CONTENT_TYPE] = 'application/x-www-form-urlencoded';\n\n        return FetchProvider.fetch()(url, {\n          method: HttpMethod.POST,\n          headers,\n          body\n        });\n      }\n    );\n\n  // The response comes back in snake_case. Convert to camel:\n  return {\n    accessToken: response.access_token,\n    expiresIn: response.expires_in,\n    refreshToken: response.refresh_token\n  };\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { IdTokenResult } from '../../model/public_types';\nimport { NextFn } from '@firebase/util';\n\nimport {\n  APIUserInfo,\n  deleteAccount\n} from '../../api/account_management/account';\nimport { FinalizeMfaResponse } from '../../api/authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport {\n  MutableUserInfo,\n  UserInternal,\n  UserParameters\n} from '../../model/user';\nimport { AuthErrorCode } from '../errors';\nimport { PersistedBlob } from '../persistence';\nimport { _assert } from '../util/assert';\nimport { getIdTokenResult } from './id_token_result';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { ProactiveRefresh } from './proactive_refresh';\nimport { _reloadWithoutSaving, reload } from './reload';\nimport { StsTokenManager } from './token_manager';\nimport { UserMetadata } from './user_metadata';\nimport { ProviderId } from '../../model/enums';\n\nfunction assertStringOrUndefined(\n  assertion: unknown,\n  appName: string\n): asserts assertion is string | undefined {\n  _assert(\n    typeof assertion === 'string' || typeof assertion === 'undefined',\n    AuthErrorCode.INTERNAL_ERROR,\n    { appName }\n  );\n}\n\nexport class UserImpl implements UserInternal {\n  // For the user object, provider is always Firebase.\n  readonly providerId = ProviderId.FIREBASE;\n  stsTokenManager: StsTokenManager;\n  // Last known accessToken so we know when it changes\n  private accessToken: string | null;\n\n  uid: string;\n  auth: AuthInternal;\n  emailVerified: boolean;\n  isAnonymous: boolean;\n  tenantId: string | null;\n  readonly metadata: UserMetadata;\n  providerData: MutableUserInfo[];\n\n  // Optional fields from UserInfo\n  displayName: string | null;\n  email: string | null;\n  phoneNumber: string | null;\n  photoURL: string | null;\n\n  _redirectEventId?: string;\n  private readonly proactiveRefresh = new ProactiveRefresh(this);\n\n  constructor({ uid, auth, stsTokenManager, ...opt }: UserParameters) {\n    this.uid = uid;\n    this.auth = auth;\n    this.stsTokenManager = stsTokenManager;\n    this.accessToken = stsTokenManager.accessToken;\n    this.displayName = opt.displayName || null;\n    this.email = opt.email || null;\n    this.emailVerified = opt.emailVerified || false;\n    this.phoneNumber = opt.phoneNumber || null;\n    this.photoURL = opt.photoURL || null;\n    this.isAnonymous = opt.isAnonymous || false;\n    this.tenantId = opt.tenantId || null;\n    this.providerData = opt.providerData ? [...opt.providerData] : [];\n    this.metadata = new UserMetadata(\n      opt.createdAt || undefined,\n      opt.lastLoginAt || undefined\n    );\n  }\n\n  async getIdToken(forceRefresh?: boolean): Promise<string> {\n    const accessToken = await _logoutIfInvalidated(\n      this,\n      this.stsTokenManager.getToken(this.auth, forceRefresh)\n    );\n    _assert(accessToken, this.auth, AuthErrorCode.INTERNAL_ERROR);\n\n    if (this.accessToken !== accessToken) {\n      this.accessToken = accessToken;\n      await this.auth._persistUserIfCurrent(this);\n      this.auth._notifyListenersIfCurrent(this);\n    }\n\n    return accessToken;\n  }\n\n  getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult> {\n    return getIdTokenResult(this, forceRefresh);\n  }\n\n  reload(): Promise<void> {\n    return reload(this);\n  }\n\n  private reloadUserInfo: APIUserInfo | null = null;\n  private reloadListener: NextFn<APIUserInfo> | null = null;\n\n  _assign(user: UserInternal): void {\n    if (this === user) {\n      return;\n    }\n    _assert(this.uid === user.uid, this.auth, AuthErrorCode.INTERNAL_ERROR);\n    this.displayName = user.displayName;\n    this.photoURL = user.photoURL;\n    this.email = user.email;\n    this.emailVerified = user.emailVerified;\n    this.phoneNumber = user.phoneNumber;\n    this.isAnonymous = user.isAnonymous;\n    this.tenantId = user.tenantId;\n    this.providerData = user.providerData.map(userInfo => ({ ...userInfo }));\n    this.metadata._copy(user.metadata);\n    this.stsTokenManager._assign(user.stsTokenManager);\n  }\n\n  _clone(auth: AuthInternal): UserInternal {\n    const newUser = new UserImpl({\n      ...this,\n      auth,\n      stsTokenManager: this.stsTokenManager._clone()\n    });\n    newUser.metadata._copy(this.metadata);\n    return newUser;\n  }\n\n  _onReload(callback: NextFn<APIUserInfo>): void {\n    // There should only ever be one listener, and that is a single instance of MultiFactorUser\n    _assert(!this.reloadListener, this.auth, AuthErrorCode.INTERNAL_ERROR);\n    this.reloadListener = callback;\n    if (this.reloadUserInfo) {\n      this._notifyReloadListener(this.reloadUserInfo);\n      this.reloadUserInfo = null;\n    }\n  }\n\n  _notifyReloadListener(userInfo: APIUserInfo): void {\n    if (this.reloadListener) {\n      this.reloadListener(userInfo);\n    } else {\n      // If no listener is subscribed yet, save the result so it's available when they do subscribe\n      this.reloadUserInfo = userInfo;\n    }\n  }\n\n  _startProactiveRefresh(): void {\n    this.proactiveRefresh._start();\n  }\n\n  _stopProactiveRefresh(): void {\n    this.proactiveRefresh._stop();\n  }\n\n  async _updateTokensIfNecessary(\n    response: IdTokenResponse | FinalizeMfaResponse,\n    reload = false\n  ): Promise<void> {\n    let tokensRefreshed = false;\n    if (\n      response.idToken &&\n      response.idToken !== this.stsTokenManager.accessToken\n    ) {\n      this.stsTokenManager.updateFromServerResponse(response);\n      tokensRefreshed = true;\n    }\n\n    if (reload) {\n      await _reloadWithoutSaving(this);\n    }\n\n    await this.auth._persistUserIfCurrent(this);\n    if (tokensRefreshed) {\n      this.auth._notifyListenersIfCurrent(this);\n    }\n  }\n\n  async delete(): Promise<void> {\n    const idToken = await this.getIdToken();\n    await _logoutIfInvalidated(this, deleteAccount(this.auth, { idToken }));\n    this.stsTokenManager.clearRefreshToken();\n\n    // TODO: Determine if cancellable-promises are necessary to use in this class so that delete()\n    //       cancels pending actions...\n\n    return this.auth.signOut();\n  }\n\n  toJSON(): PersistedBlob {\n    return {\n      uid: this.uid,\n      email: this.email || undefined,\n      emailVerified: this.emailVerified,\n      displayName: this.displayName || undefined,\n      isAnonymous: this.isAnonymous,\n      photoURL: this.photoURL || undefined,\n      phoneNumber: this.phoneNumber || undefined,\n      tenantId: this.tenantId || undefined,\n      providerData: this.providerData.map(userInfo => ({ ...userInfo })),\n      stsTokenManager: this.stsTokenManager.toJSON(),\n      // Redirect event ID must be maintained in case there is a pending\n      // redirect event.\n      _redirectEventId: this._redirectEventId,\n      ...this.metadata.toJSON(),\n\n      // Required for compatibility with the legacy SDK (go/firebase-auth-sdk-persistence-parsing):\n      apiKey: this.auth.config.apiKey,\n      appName: this.auth.name\n      // Missing authDomain will be tolerated by the legacy SDK.\n      // stsTokenManager.apiKey isn't actually required (despite the legacy SDK persisting it).\n    };\n  }\n\n  get refreshToken(): string {\n    return this.stsTokenManager.refreshToken || '';\n  }\n\n  static _fromJSON(auth: AuthInternal, object: PersistedBlob): UserInternal {\n    const displayName = object.displayName ?? undefined;\n    const email = object.email ?? undefined;\n    const phoneNumber = object.phoneNumber ?? undefined;\n    const photoURL = object.photoURL ?? undefined;\n    const tenantId = object.tenantId ?? undefined;\n    const _redirectEventId = object._redirectEventId ?? undefined;\n    const createdAt = object.createdAt ?? undefined;\n    const lastLoginAt = object.lastLoginAt ?? undefined;\n    const {\n      uid,\n      emailVerified,\n      isAnonymous,\n      providerData,\n      stsTokenManager: plainObjectTokenManager\n    } = object;\n\n    _assert(uid && plainObjectTokenManager, auth, AuthErrorCode.INTERNAL_ERROR);\n\n    const stsTokenManager = StsTokenManager.fromJSON(\n      this.name,\n      plainObjectTokenManager as PersistedBlob\n    );\n\n    _assert(typeof uid === 'string', auth, AuthErrorCode.INTERNAL_ERROR);\n    assertStringOrUndefined(displayName, auth.name);\n    assertStringOrUndefined(email, auth.name);\n    _assert(\n      typeof emailVerified === 'boolean',\n      auth,\n      AuthErrorCode.INTERNAL_ERROR\n    );\n    _assert(\n      typeof isAnonymous === 'boolean',\n      auth,\n      AuthErrorCode.INTERNAL_ERROR\n    );\n    assertStringOrUndefined(phoneNumber, auth.name);\n    assertStringOrUndefined(photoURL, auth.name);\n    assertStringOrUndefined(tenantId, auth.name);\n    assertStringOrUndefined(_redirectEventId, auth.name);\n    assertStringOrUndefined(createdAt, auth.name);\n    assertStringOrUndefined(lastLoginAt, auth.name);\n    const user = new UserImpl({\n      uid,\n      auth,\n      email,\n      emailVerified,\n      displayName,\n      isAnonymous,\n      photoURL,\n      phoneNumber,\n      tenantId,\n      stsTokenManager,\n      createdAt,\n      lastLoginAt\n    });\n\n    if (providerData && Array.isArray(providerData)) {\n      user.providerData = providerData.map(userInfo => ({ ...userInfo }));\n    }\n\n    if (_redirectEventId) {\n      user._redirectEventId = _redirectEventId;\n    }\n\n    return user;\n  }\n\n  /**\n   * Initialize a User from an idToken server response\n   * @param auth\n   * @param idTokenResponse\n   */\n  static async _fromIdTokenResponse(\n    auth: AuthInternal,\n    idTokenResponse: IdTokenResponse,\n    isAnonymous: boolean = false\n  ): Promise<UserInternal> {\n    const stsTokenManager = new StsTokenManager();\n    stsTokenManager.updateFromServerResponse(idTokenResponse);\n\n    // Initialize the Firebase Auth user.\n    const user = new UserImpl({\n      uid: idTokenResponse.localId,\n      auth,\n      stsTokenManager,\n      isAnonymous\n    });\n\n    // Updates the user info and data and resolves with a user instance.\n    await _reloadWithoutSaving(user);\n    return user;\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { debugAssert } from './assert';\n\n/**\n * Our API has a lot of one-off constants that are used to do things.\n * Unfortunately we can't export these as classes instantiated directly since\n * the constructor may side effect and therefore can't be proven to be safely\n * culled. Instead, we export these classes themselves as a lowerCamelCase\n * constant, and instantiate them under the hood.\n */\nexport interface SingletonInstantiator<T> {\n  new (): T;\n}\n\nconst instanceCache: Map<unknown, unknown> = new Map();\n\nexport function _getInstance<T>(cls: unknown): T {\n  debugAssert(cls instanceof Function, 'Expected a class definition');\n  let instance = instanceCache.get(cls) as T | undefined;\n\n  if (instance) {\n    debugAssert(\n      instance instanceof cls,\n      'Instance stored in cache mismatched with class'\n    );\n    return instance;\n  }\n\n  instance = new (cls as SingletonInstantiator<T>)();\n  instanceCache.set(cls, instance);\n  return instance;\n}\n\nexport function _clearInstanceMap(): void {\n  instanceCache.clear();\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Persistence } from '../../model/public_types';\n\nimport {\n  PersistenceInternal,\n  PersistenceType,\n  PersistenceValue,\n  StorageEventListener\n} from '../persistence';\n\nexport class InMemoryPersistence implements PersistenceInternal {\n  static type: 'NONE' = 'NONE';\n  readonly type = PersistenceType.NONE;\n  storage: Record<string, PersistenceValue> = {};\n\n  async _isAvailable(): Promise<boolean> {\n    return true;\n  }\n\n  async _set(key: string, value: PersistenceValue): Promise<void> {\n    this.storage[key] = value;\n  }\n\n  async _get<T extends PersistenceValue>(key: string): Promise<T | null> {\n    const value = this.storage[key];\n    return value === undefined ? null : (value as T);\n  }\n\n  async _remove(key: string): Promise<void> {\n    delete this.storage[key];\n  }\n\n  _addListener(_key: string, _listener: StorageEventListener): void {\n    // Listeners are not supported for in-memory storage since it cannot be shared across windows/workers\n    return;\n  }\n\n  _removeListener(_key: string, _listener: StorageEventListener): void {\n    // Listeners are not supported for in-memory storage since it cannot be shared across windows/workers\n    return;\n  }\n}\n\n/**\n * An implementation of {@link Persistence} of type 'NONE'.\n *\n * @public\n */\nexport const inMemoryPersistence: Persistence = InMemoryPersistence;\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ApiKey, AppName, AuthInternal } from '../../model/auth';\nimport { UserInternal } from '../../model/user';\nimport { PersistedBlob, PersistenceInternal } from '../persistence';\nimport { UserImpl } from '../user/user_impl';\nimport { _getInstance } from '../util/instantiator';\nimport { inMemoryPersistence } from './in_memory';\n\nexport const enum KeyName {\n  AUTH_USER = 'authUser',\n  AUTH_EVENT = 'authEvent',\n  REDIRECT_USER = 'redirectUser',\n  PERSISTENCE_USER = 'persistence'\n}\nexport const enum Namespace {\n  PERSISTENCE = 'firebase'\n}\n\nexport function _persistenceKeyName(\n  key: string,\n  apiKey: ApiKey,\n  appName: AppName\n): string {\n  return `${Namespace.PERSISTENCE}:${key}:${apiKey}:${appName}`;\n}\n\nexport class PersistenceUserManager {\n  private readonly fullUserKey: string;\n  private readonly fullPersistenceKey: string;\n  private readonly boundEventHandler: () => void;\n\n  private constructor(\n    public persistence: PersistenceInternal,\n    private readonly auth: AuthInternal,\n    private readonly userKey: string\n  ) {\n    const { config, name } = this.auth;\n    this.fullUserKey = _persistenceKeyName(this.userKey, config.apiKey, name);\n    this.fullPersistenceKey = _persistenceKeyName(\n      KeyName.PERSISTENCE_USER,\n      config.apiKey,\n      name\n    );\n    this.boundEventHandler = auth._onStorageEvent.bind(auth);\n    this.persistence._addListener(this.fullUserKey, this.boundEventHandler);\n  }\n\n  setCurrentUser(user: UserInternal): Promise<void> {\n    return this.persistence._set(this.fullUserKey, user.toJSON());\n  }\n\n  async getCurrentUser(): Promise<UserInternal | null> {\n    const blob = await this.persistence._get<PersistedBlob>(this.fullUserKey);\n    return blob ? UserImpl._fromJSON(this.auth, blob) : null;\n  }\n\n  removeCurrentUser(): Promise<void> {\n    return this.persistence._remove(this.fullUserKey);\n  }\n\n  savePersistenceForRedirect(): Promise<void> {\n    return this.persistence._set(\n      this.fullPersistenceKey,\n      this.persistence.type\n    );\n  }\n\n  async setPersistence(newPersistence: PersistenceInternal): Promise<void> {\n    if (this.persistence === newPersistence) {\n      return;\n    }\n\n    const currentUser = await this.getCurrentUser();\n    await this.removeCurrentUser();\n\n    this.persistence = newPersistence;\n\n    if (currentUser) {\n      return this.setCurrentUser(currentUser);\n    }\n  }\n\n  delete(): void {\n    this.persistence._removeListener(this.fullUserKey, this.boundEventHandler);\n  }\n\n  static async create(\n    auth: AuthInternal,\n    persistenceHierarchy: PersistenceInternal[],\n    userKey = KeyName.AUTH_USER\n  ): Promise<PersistenceUserManager> {\n    if (!persistenceHierarchy.length) {\n      return new PersistenceUserManager(\n        _getInstance(inMemoryPersistence),\n        auth,\n        userKey\n      );\n    }\n\n    // Eliminate any persistences that are not available\n    const availablePersistences = (\n      await Promise.all(\n        persistenceHierarchy.map(async persistence => {\n          if (await persistence._isAvailable()) {\n            return persistence;\n          }\n          return undefined;\n        })\n      )\n    ).filter(persistence => persistence) as PersistenceInternal[];\n\n    // Fall back to the first persistence listed, or in memory if none available\n    let selectedPersistence =\n      availablePersistences[0] ||\n      _getInstance<PersistenceInternal>(inMemoryPersistence);\n\n    const key = _persistenceKeyName(userKey, auth.config.apiKey, auth.name);\n\n    // Pull out the existing user, setting the chosen persistence to that\n    // persistence if the user exists.\n    let userToMigrate: UserInternal | null = null;\n    // Note, here we check for a user in _all_ persistences, not just the\n    // ones deemed available. If we can migrate a user out of a broken\n    // persistence, we will (but only if that persistence supports migration).\n    for (const persistence of persistenceHierarchy) {\n      try {\n        const blob = await persistence._get<PersistedBlob>(key);\n        if (blob) {\n          const user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format)\n          if (persistence !== selectedPersistence) {\n            userToMigrate = user;\n          }\n          selectedPersistence = persistence;\n          break;\n        }\n      } catch {}\n    }\n\n    // If we find the user in a persistence that does support migration, use\n    // that migration path (of only persistences that support migration)\n    const migrationHierarchy = availablePersistences.filter(\n      p => p._shouldAllowMigration\n    );\n\n    // If the persistence does _not_ allow migration, just finish off here\n    if (\n      !selectedPersistence._shouldAllowMigration ||\n      !migrationHierarchy.length\n    ) {\n      return new PersistenceUserManager(selectedPersistence, auth, userKey);\n    }\n\n    selectedPersistence = migrationHierarchy[0];\n    if (userToMigrate) {\n      // This normally shouldn't throw since chosenPersistence.isAvailable() is true, but if it does\n      // we'll just let it bubble to surface the error.\n      await selectedPersistence._set(key, userToMigrate.toJSON());\n    }\n\n    // Attempt to clear the key in other persistences but ignore errors. This helps prevent issues\n    // such as users getting stuck with a previous account after signing out and refreshing the tab.\n    await Promise.all(\n      persistenceHierarchy.map(async persistence => {\n        if (persistence !== selectedPersistence) {\n          try {\n            await persistence._remove(key);\n          } catch {}\n        }\n      })\n    );\n    return new PersistenceUserManager(selectedPersistence, auth, userKey);\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { isIE, getUA } from '@firebase/util';\n\ninterface NavigatorStandalone extends Navigator {\n  standalone?: unknown;\n}\n\ninterface Document {\n  documentMode?: number;\n}\n\n/**\n * Enums for Browser name.\n */\nexport const enum BrowserName {\n  ANDROID = 'Android',\n  BLACKBERRY = 'Blackberry',\n  EDGE = 'Edge',\n  FIREFOX = 'Firefox',\n  IE = 'IE',\n  IEMOBILE = 'IEMobile',\n  OPERA = 'Opera',\n  OTHER = 'Other',\n  CHROME = 'Chrome',\n  SAFARI = 'Safari',\n  SILK = 'Silk',\n  WEBOS = 'Webos'\n}\n\n/**\n * Determine the browser for the purposes of reporting usage to the API\n */\nexport function _getBrowserName(userAgent: string): BrowserName | string {\n  const ua = userAgent.toLowerCase();\n  if (ua.includes('opera/') || ua.includes('opr/') || ua.includes('opios/')) {\n    return BrowserName.OPERA;\n  } else if (_isIEMobile(ua)) {\n    // Windows phone IEMobile browser.\n    return BrowserName.IEMOBILE;\n  } else if (ua.includes('msie') || ua.includes('trident/')) {\n    return BrowserName.IE;\n  } else if (ua.includes('edge/')) {\n    return BrowserName.EDGE;\n  } else if (_isFirefox(ua)) {\n    return BrowserName.FIREFOX;\n  } else if (ua.includes('silk/')) {\n    return BrowserName.SILK;\n  } else if (_isBlackBerry(ua)) {\n    // Blackberry browser.\n    return BrowserName.BLACKBERRY;\n  } else if (_isWebOS(ua)) {\n    // WebOS default browser.\n    return BrowserName.WEBOS;\n  } else if (_isSafari(ua)) {\n    return BrowserName.SAFARI;\n  } else if (\n    (ua.includes('chrome/') || _isChromeIOS(ua)) &&\n    !ua.includes('edge/')\n  ) {\n    return BrowserName.CHROME;\n  } else if (_isAndroid(ua)) {\n    // Android stock browser.\n    return BrowserName.ANDROID;\n  } else {\n    // Most modern browsers have name/version at end of user agent string.\n    const re = /([a-zA-Z\\d\\.]+)\\/[a-zA-Z\\d\\.]*$/;\n    const matches = userAgent.match(re);\n    if (matches?.length === 2) {\n      return matches[1];\n    }\n  }\n  return BrowserName.OTHER;\n}\n\nexport function _isFirefox(ua = getUA()): boolean {\n  return /firefox\\//i.test(ua);\n}\n\nexport function _isSafari(userAgent = getUA()): boolean {\n  const ua = userAgent.toLowerCase();\n  return (\n    ua.includes('safari/') &&\n    !ua.includes('chrome/') &&\n    !ua.includes('crios/') &&\n    !ua.includes('android')\n  );\n}\n\nexport function _isChromeIOS(ua = getUA()): boolean {\n  return /crios\\//i.test(ua);\n}\n\nexport function _isIEMobile(ua = getUA()): boolean {\n  return /iemobile/i.test(ua);\n}\n\nexport function _isAndroid(ua = getUA()): boolean {\n  return /android/i.test(ua);\n}\n\nexport function _isBlackBerry(ua = getUA()): boolean {\n  return /blackberry/i.test(ua);\n}\n\nexport function _isWebOS(ua = getUA()): boolean {\n  return /webos/i.test(ua);\n}\n\nexport function _isIOS(ua = getUA()): boolean {\n  return (\n    /iphone|ipad|ipod/i.test(ua) ||\n    (/macintosh/i.test(ua) && /mobile/i.test(ua))\n  );\n}\n\nexport function _isIOS7Or8(ua = getUA()): boolean {\n  return (\n    /(iPad|iPhone|iPod).*OS 7_\\d/i.test(ua) ||\n    /(iPad|iPhone|iPod).*OS 8_\\d/i.test(ua)\n  );\n}\n\nexport function _isIOSStandalone(ua = getUA()): boolean {\n  return _isIOS(ua) && !!(window.navigator as NavigatorStandalone)?.standalone;\n}\n\nexport function _isIE10(): boolean {\n  return isIE() && (document as Document).documentMode === 10;\n}\n\nexport function _isMobileBrowser(ua: string = getUA()): boolean {\n  // TODO: implement getBrowserName equivalent for OS.\n  return (\n    _isIOS(ua) ||\n    _isAndroid(ua) ||\n    _isWebOS(ua) ||\n    _isBlackBerry(ua) ||\n    /windows phone/i.test(ua) ||\n    _isIEMobile(ua)\n  );\n}\n\nexport function _isIframe(): boolean {\n  try {\n    // Check that the current window is not the top window.\n    // If so, return true.\n    return !!(window && window !== window.top);\n  } catch (e) {\n    return false;\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { SDK_VERSION } from '@firebase/app';\nimport { _getBrowserName } from './browser';\nimport { getUA } from '@firebase/util';\n\nexport const enum ClientImplementation {\n  CORE = 'JsCore'\n}\n\n/**\n * @internal\n */\nexport const enum ClientPlatform {\n  BROWSER = 'Browser',\n  NODE = 'Node',\n  REACT_NATIVE = 'ReactNative',\n  CORDOVA = 'Cordova',\n  WORKER = 'Worker'\n}\n\n/*\n * Determine the SDK version string\n */\nexport function _getClientVersion(\n  clientPlatform: ClientPlatform,\n  frameworks: readonly string[] = []\n): string {\n  let reportedPlatform: string;\n  switch (clientPlatform) {\n    case ClientPlatform.BROWSER:\n      // In a browser environment, report the browser name.\n      reportedPlatform = _getBrowserName(getUA());\n      break;\n    case ClientPlatform.WORKER:\n      // Technically a worker runs from a browser but we need to differentiate a\n      // worker from a browser.\n      // For example: Chrome-Worker/JsCore/4.9.1/FirebaseCore-web.\n      reportedPlatform = `${_getBrowserName(getUA())}-${clientPlatform}`;\n      break;\n    default:\n      reportedPlatform = clientPlatform;\n  }\n  const reportedFrameworks = frameworks.length\n    ? frameworks.join(',')\n    : 'FirebaseCore-web'; /* default value if no other framework is used */\n  return `${reportedPlatform}/${ClientImplementation.CORE}/${SDK_VERSION}/${reportedFrameworks}`;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Endpoint,\n  HttpMethod,\n  RecaptchaClientType,\n  RecaptchaVersion,\n  _performApiRequest,\n  _addTidIfNecessary\n} from '../index';\nimport { Auth } from '../../model/public_types';\n\ninterface GetRecaptchaParamResponse {\n  recaptchaSiteKey?: string;\n}\n\nexport async function getRecaptchaParams(auth: Auth): Promise<string> {\n  return (\n    (\n      await _performApiRequest<void, GetRecaptchaParamResponse>(\n        auth,\n        HttpMethod.GET,\n        Endpoint.GET_RECAPTCHA_PARAM\n      )\n    ).recaptchaSiteKey || ''\n  );\n}\n\n// The following functions are for reCAPTCHA enterprise integration.\ninterface GetRecaptchaConfigRequest {\n  tenantId?: string;\n  clientType?: RecaptchaClientType;\n  version?: RecaptchaVersion;\n}\n\ninterface RecaptchaEnforcementState {\n  provider: string;\n  enforcementState: string;\n}\n\nexport interface GetRecaptchaConfigResponse {\n  recaptchaKey: string;\n  recaptchaEnforcementState: RecaptchaEnforcementState[];\n}\n\nexport async function getRecaptchaConfig(\n  auth: Auth,\n  request: GetRecaptchaConfigRequest\n): Promise<GetRecaptchaConfigResponse> {\n  return _performApiRequest<\n    GetRecaptchaConfigRequest,\n    GetRecaptchaConfigResponse\n  >(\n    auth,\n    HttpMethod.GET,\n    Endpoint.GET_RECAPTCHA_CONFIG,\n    _addTidIfNecessary(auth, request)\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { RecaptchaParameters } from '../../model/public_types';\nimport { GetRecaptchaConfigResponse } from '../../api/authentication/recaptcha';\n\n// reCAPTCHA v2 interface\nexport interface Recaptcha {\n  render: (container: HTMLElement, parameters: RecaptchaParameters) => number;\n  getResponse: (id: number) => string;\n  execute: (id: number) => unknown;\n  reset: (id: number) => unknown;\n}\n\nexport function isV2(\n  grecaptcha: Recaptcha | GreCAPTCHA | undefined\n): grecaptcha is Recaptcha {\n  return (\n    grecaptcha !== undefined &&\n    (grecaptcha as Recaptcha).getResponse !== undefined\n  );\n}\n\n// reCAPTCHA Enterprise & v3 shared interface\nexport interface GreCAPTCHATopLevel extends GreCAPTCHA {\n  enterprise: GreCAPTCHA;\n}\n\n// reCAPTCHA Enterprise interface\nexport interface GreCAPTCHA {\n  ready: (callback: () => void) => void;\n  execute: (siteKey: string, options: { action: string }) => Promise<string>;\n  render: (\n    container: string | HTMLElement,\n    parameters: GreCAPTCHARenderOption\n  ) => string;\n}\n\nexport interface GreCAPTCHARenderOption {\n  sitekey: string;\n  size: 'invisible';\n}\n\nexport function isEnterprise(\n  grecaptcha: Recaptcha | GreCAPTCHA | undefined\n): grecaptcha is GreCAPTCHATopLevel {\n  return (\n    grecaptcha !== undefined &&\n    (grecaptcha as GreCAPTCHATopLevel).enterprise !== undefined\n  );\n}\n\n// TODO(chuanr): Replace this with the AuthWindow after resolving the dependency issue in Node.js env.\ndeclare global {\n  interface Window {\n    grecaptcha?: Recaptcha | GreCAPTCHATopLevel;\n  }\n}\n\nexport class RecaptchaConfig {\n  /**\n   * The reCAPTCHA site key.\n   */\n  siteKey: string = '';\n\n  /**\n   * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.\n   */\n  emailPasswordEnabled: boolean = false;\n\n  constructor(response: GetRecaptchaConfigResponse) {\n    if (response.recaptchaKey === undefined) {\n      throw new Error('recaptchaKey undefined');\n    }\n    // Example response.recaptchaKey: \"projects/proj123/keys/sitekey123\"\n    this.siteKey = response.recaptchaKey.split('/')[3];\n    this.emailPasswordEnabled = response.recaptchaEnforcementState.some(\n      enforcementState =>\n        enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&\n        enforcementState.enforcementState !== 'OFF'\n    );\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorCode } from '../core/errors';\nimport { _createError } from '../core/util/assert';\n\nfunction getScriptParentElement(): HTMLDocument | HTMLHeadElement {\n  return document.getElementsByTagName('head')?.[0] ?? document;\n}\n\nexport function _loadJS(url: string): Promise<Event> {\n  // TODO: consider adding timeout support & cancellation\n  return new Promise((resolve, reject) => {\n    const el = document.createElement('script');\n    el.setAttribute('src', url);\n    el.onload = resolve;\n    el.onerror = e => {\n      const error = _createError(AuthErrorCode.INTERNAL_ERROR);\n      error.customData = e as unknown as Record<string, unknown>;\n      reject(error);\n    };\n    el.type = 'text/javascript';\n    el.charset = 'UTF-8';\n    getScriptParentElement().appendChild(el);\n  });\n}\n\nexport function _generateCallbackName(prefix: string): string {\n  return `__${prefix}${Math.floor(Math.random() * 1000000)}`;\n}\n","/* eslint-disable @typescript-eslint/no-require-imports */\n/**\n * @license\n * Copyright 2022 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { isEnterprise, RecaptchaConfig } from './recaptcha';\nimport { getRecaptchaConfig } from '../../api/authentication/recaptcha';\nimport {\n  RecaptchaClientType,\n  RecaptchaVersion,\n  RecaptchaActionName\n} from '../../api';\n\nimport { Auth } from '../../model/public_types';\nimport { AuthInternal } from '../../model/auth';\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport * as jsHelpers from '../load_js';\n\nconst RECAPTCHA_ENTERPRISE_URL =\n  'https://www.google.com/recaptcha/enterprise.js?render=';\n\nexport const RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';\nexport const FAKE_TOKEN = 'NO_RECAPTCHA';\n\nexport class RecaptchaEnterpriseVerifier {\n  /**\n   * Identifies the type of application verifier (e.g. \"recaptcha-enterprise\").\n   */\n  readonly type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;\n\n  private readonly auth: AuthInternal;\n\n  /**\n   *\n   * @param authExtern - The corresponding Firebase {@link Auth} instance.\n   *\n   */\n  constructor(authExtern: Auth) {\n    this.auth = _castAuth(authExtern);\n  }\n\n  /**\n   * Executes the verification process.\n   *\n   * @returns A Promise for a token that can be used to assert the validity of a request.\n   */\n  async verify(\n    action: string = 'verify',\n    forceRefresh = false\n  ): Promise<string> {\n    async function retrieveSiteKey(auth: AuthInternal): Promise<string> {\n      if (!forceRefresh) {\n        if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {\n          return auth._agentRecaptchaConfig.siteKey;\n        }\n        if (\n          auth.tenantId != null &&\n          auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined\n        ) {\n          return auth._tenantRecaptchaConfigs[auth.tenantId].siteKey;\n        }\n      }\n\n      return new Promise<string>(async (resolve, reject) => {\n        getRecaptchaConfig(auth, {\n          clientType: RecaptchaClientType.WEB,\n          version: RecaptchaVersion.ENTERPRISE\n        })\n          .then(response => {\n            if (response.recaptchaKey === undefined) {\n              reject(new Error('recaptcha Enterprise site key undefined'));\n            } else {\n              const config = new RecaptchaConfig(response);\n              if (auth.tenantId == null) {\n                auth._agentRecaptchaConfig = config;\n              } else {\n                auth._tenantRecaptchaConfigs[auth.tenantId] = config;\n              }\n              return resolve(config.siteKey);\n            }\n          })\n          .catch(error => {\n            reject(error);\n          });\n      });\n    }\n\n    function retrieveRecaptchaToken(\n      siteKey: string,\n      resolve: (value: string | PromiseLike<string>) => void,\n      reject: (reason?: unknown) => void\n    ): void {\n      const grecaptcha = window.grecaptcha;\n      if (isEnterprise(grecaptcha)) {\n        grecaptcha.enterprise.ready(() => {\n          grecaptcha.enterprise\n            .execute(siteKey, { action })\n            .then(token => {\n              resolve(token);\n            })\n            .catch(() => {\n              resolve(FAKE_TOKEN);\n            });\n        });\n      } else {\n        reject(Error('No reCAPTCHA enterprise script loaded.'));\n      }\n    }\n\n    return new Promise<string>((resolve, reject) => {\n      retrieveSiteKey(this.auth)\n        .then(siteKey => {\n          if (!forceRefresh && isEnterprise(window.grecaptcha)) {\n            retrieveRecaptchaToken(siteKey, resolve, reject);\n          } else {\n            if (typeof window === 'undefined') {\n              reject(\n                new Error('RecaptchaVerifier is only supported in browser')\n              );\n              return;\n            }\n            jsHelpers\n              ._loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)\n              .then(() => {\n                retrieveRecaptchaToken(siteKey, resolve, reject);\n              })\n              .catch(error => {\n                reject(error);\n              });\n          }\n        })\n        .catch(error => {\n          reject(error);\n        });\n    });\n  }\n}\n\nexport async function injectRecaptchaFields<T>(\n  auth: AuthInternal,\n  request: T,\n  action: RecaptchaActionName,\n  captchaResp = false\n): Promise<T> {\n  const verifier = new RecaptchaEnterpriseVerifier(auth);\n  let captchaResponse;\n  try {\n    captchaResponse = await verifier.verify(action);\n  } catch (error) {\n    captchaResponse = await verifier.verify(action, true);\n  }\n  const newRequest = { ...request };\n  if (!captchaResp) {\n    Object.assign(newRequest, { captchaResponse });\n  } else {\n    Object.assign(newRequest, { 'captchaResp': captchaResponse });\n  }\n  Object.assign(newRequest, { 'clientType': RecaptchaClientType.WEB });\n  Object.assign(newRequest, {\n    'recaptchaVersion': RecaptchaVersion.ENTERPRISE\n  });\n  return newRequest;\n}\n","/**\n * @license\n * Copyright 2022 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthInternal } from '../../model/auth';\nimport { Unsubscribe, User } from '../../model/public_types';\nimport { AuthErrorCode } from '../errors';\n\ninterface MiddlewareEntry {\n  (user: User | null): Promise<void>;\n  onAbort?: () => void;\n}\n\nexport class AuthMiddlewareQueue {\n  private readonly queue: MiddlewareEntry[] = [];\n\n  constructor(private readonly auth: AuthInternal) {}\n\n  pushCallback(\n    callback: (user: User | null) => void | Promise<void>,\n    onAbort?: () => void\n  ): Unsubscribe {\n    // The callback could be sync or async. Wrap it into a\n    // function that is always async.\n    const wrappedCallback: MiddlewareEntry = (\n      user: User | null\n    ): Promise<void> =>\n      new Promise((resolve, reject) => {\n        try {\n          const result = callback(user);\n          // Either resolve with existing promise or wrap a non-promise\n          // return value into a promise.\n          resolve(result);\n        } catch (e) {\n          // Sync callback throws.\n          reject(e);\n        }\n      });\n    // Attach the onAbort if present\n    wrappedCallback.onAbort = onAbort;\n    this.queue.push(wrappedCallback);\n\n    const index = this.queue.length - 1;\n    return () => {\n      // Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb\n      // indexing of other elements.\n      this.queue[index] = () => Promise.resolve();\n    };\n  }\n\n  async runMiddleware(nextUser: User | null): Promise<void> {\n    if (this.auth.currentUser === nextUser) {\n      return;\n    }\n\n    // While running the middleware, build a temporary stack of onAbort\n    // callbacks to call if one middleware callback rejects.\n\n    const onAbortStack: Array<() => void> = [];\n    try {\n      for (const beforeStateCallback of this.queue) {\n        await beforeStateCallback(nextUser);\n\n        // Only push the onAbort if the callback succeeds\n        if (beforeStateCallback.onAbort) {\n          onAbortStack.push(beforeStateCallback.onAbort);\n        }\n      }\n    } catch (e) {\n      // Run all onAbort, with separate try/catch to ignore any errors and\n      // continue\n      onAbortStack.reverse();\n      for (const onAbort of onAbortStack) {\n        try {\n          onAbort();\n        } catch (_) {\n          /* swallow error */\n        }\n      }\n\n      throw this.auth._errorFactory.create(AuthErrorCode.LOGIN_BLOCKED, {\n        originalMessage: (e as Error)?.message\n      });\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _FirebaseService, FirebaseApp } from '@firebase/app';\nimport { Provider } from '@firebase/component';\nimport { AppCheckInternalComponentName } from '@firebase/app-check-interop-types';\nimport {\n  Auth,\n  AuthErrorMap,\n  AuthSettings,\n  EmulatorConfig,\n  NextOrObserver,\n  Persistence,\n  PopupRedirectResolver,\n  User,\n  UserCredential,\n  CompleteFn,\n  ErrorFn,\n  NextFn,\n  Unsubscribe\n} from '../../model/public_types';\nimport {\n  createSubscribe,\n  ErrorFactory,\n  FirebaseError,\n  getModularInstance,\n  Observer,\n  Subscribe\n} from '@firebase/util';\n\nimport { AuthInternal, ConfigInternal } from '../../model/auth';\nimport { PopupRedirectResolverInternal } from '../../model/popup_redirect';\nimport { UserInternal } from '../../model/user';\nimport {\n  AuthErrorCode,\n  AuthErrorParams,\n  ErrorMapRetriever,\n  _DEFAULT_AUTH_ERROR_FACTORY\n} from '../errors';\nimport { PersistenceInternal } from '../persistence';\nimport {\n  KeyName,\n  PersistenceUserManager\n} from '../persistence/persistence_user_manager';\nimport { _reloadWithoutSaving } from '../user/reload';\nimport { _assert } from '../util/assert';\nimport { _getInstance } from '../util/instantiator';\nimport { _getUserLanguage } from '../util/navigator';\nimport { _getClientVersion } from '../util/version';\nimport { HttpHeader, RecaptchaClientType, RecaptchaVersion } from '../../api';\nimport { getRecaptchaConfig } from '../../api/authentication/recaptcha';\nimport { RecaptchaEnterpriseVerifier } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';\nimport { AuthMiddlewareQueue } from './middleware';\nimport { RecaptchaConfig } from '../../platform_browser/recaptcha/recaptcha';\nimport { _logWarn } from '../util/log';\n\ninterface AsyncAction {\n  (): Promise<void>;\n}\n\nexport const enum DefaultConfig {\n  TOKEN_API_HOST = 'securetoken.googleapis.com',\n  API_HOST = 'identitytoolkit.googleapis.com',\n  API_SCHEME = 'https'\n}\n\nexport class AuthImpl implements AuthInternal, _FirebaseService {\n  currentUser: User | null = null;\n  emulatorConfig: EmulatorConfig | null = null;\n  private operations = Promise.resolve();\n  private persistenceManager?: PersistenceUserManager;\n  private redirectPersistenceManager?: PersistenceUserManager;\n  private authStateSubscription = new Subscription<User>(this);\n  private idTokenSubscription = new Subscription<User>(this);\n  private readonly beforeStateQueue = new AuthMiddlewareQueue(this);\n  private redirectUser: UserInternal | null = null;\n  private isProactiveRefreshEnabled = false;\n\n  // Any network calls will set this to true and prevent subsequent emulator\n  // initialization\n  _canInitEmulator = true;\n  _isInitialized = false;\n  _deleted = false;\n  _initializationPromise: Promise<void> | null = null;\n  _popupRedirectResolver: PopupRedirectResolverInternal | null = null;\n  _errorFactory: ErrorFactory<AuthErrorCode, AuthErrorParams> =\n    _DEFAULT_AUTH_ERROR_FACTORY;\n  _agentRecaptchaConfig: RecaptchaConfig | null = null;\n  _tenantRecaptchaConfigs: Record<string, RecaptchaConfig> = {};\n  readonly name: string;\n\n  // Tracks the last notified UID for state change listeners to prevent\n  // repeated calls to the callbacks. Undefined means it's never been\n  // called, whereas null means it's been called with a signed out user\n  private lastNotifiedUid: string | null | undefined = undefined;\n\n  languageCode: string | null = null;\n  tenantId: string | null = null;\n  settings: AuthSettings = { appVerificationDisabledForTesting: false };\n\n  constructor(\n    public readonly app: FirebaseApp,\n    private readonly heartbeatServiceProvider: Provider<'heartbeat'>,\n    private readonly appCheckServiceProvider: Provider<AppCheckInternalComponentName>,\n    public readonly config: ConfigInternal\n  ) {\n    this.name = app.name;\n    this.clientVersion = config.sdkClientVersion;\n  }\n\n  _initializeWithPersistence(\n    persistenceHierarchy: PersistenceInternal[],\n    popupRedirectResolver?: PopupRedirectResolver\n  ): Promise<void> {\n    if (popupRedirectResolver) {\n      this._popupRedirectResolver = _getInstance(popupRedirectResolver);\n    }\n\n    // Have to check for app deletion throughout initialization (after each\n    // promise resolution)\n    this._initializationPromise = this.queue(async () => {\n      if (this._deleted) {\n        return;\n      }\n\n      this.persistenceManager = await PersistenceUserManager.create(\n        this,\n        persistenceHierarchy\n      );\n\n      if (this._deleted) {\n        return;\n      }\n\n      // Initialize the resolver early if necessary (only applicable to web:\n      // this will cause the iframe to load immediately in certain cases)\n      if (this._popupRedirectResolver?._shouldInitProactively) {\n        // If this fails, don't halt auth loading\n        try {\n          await this._popupRedirectResolver._initialize(this);\n        } catch (e) {\n          /* Ignore the error */\n        }\n      }\n\n      await this.initializeCurrentUser(popupRedirectResolver);\n      this.lastNotifiedUid = this.currentUser?.uid || null;\n\n      if (this._deleted) {\n        return;\n      }\n\n      this._isInitialized = true;\n    });\n\n    return this._initializationPromise;\n  }\n\n  /**\n   * If the persistence is changed in another window, the user manager will let us know\n   */\n  async _onStorageEvent(): Promise<void> {\n    if (this._deleted) {\n      return;\n    }\n\n    const user = await this.assertedPersistence.getCurrentUser();\n\n    if (!this.currentUser && !user) {\n      // No change, do nothing (was signed out and remained signed out).\n      return;\n    }\n\n    // If the same user is to be synchronized.\n    if (this.currentUser && user && this.currentUser.uid === user.uid) {\n      // Data update, simply copy data changes.\n      this._currentUser._assign(user);\n      // If tokens changed from previous user tokens, this will trigger\n      // notifyAuthListeners_.\n      await this.currentUser.getIdToken();\n      return;\n    }\n\n    // Update current Auth state. Either a new login or logout.\n    // Skip blocking callbacks, they should not apply to a change in another tab.\n    await this._updateCurrentUser(user, /* skipBeforeStateCallbacks */ true);\n  }\n\n  private async initializeCurrentUser(\n    popupRedirectResolver?: PopupRedirectResolver\n  ): Promise<void> {\n    // First check to see if we have a pending redirect event.\n    const previouslyStoredUser =\n      (await this.assertedPersistence.getCurrentUser()) as UserInternal | null;\n    let futureCurrentUser = previouslyStoredUser;\n    let needsTocheckMiddleware = false;\n    if (popupRedirectResolver && this.config.authDomain) {\n      await this.getOrInitRedirectPersistenceManager();\n      const redirectUserEventId = this.redirectUser?._redirectEventId;\n      const storedUserEventId = futureCurrentUser?._redirectEventId;\n      const result = await this.tryRedirectSignIn(popupRedirectResolver);\n\n      // If the stored user (i.e. the old \"currentUser\") has a redirectId that\n      // matches the redirect user, then we want to initially sign in with the\n      // new user object from result.\n      // TODO(samgho): More thoroughly test all of this\n      if (\n        (!redirectUserEventId || redirectUserEventId === storedUserEventId) &&\n        result?.user\n      ) {\n        futureCurrentUser = result.user as UserInternal;\n        needsTocheckMiddleware = true;\n      }\n    }\n\n    // If no user in persistence, there is no current user. Set to null.\n    if (!futureCurrentUser) {\n      return this.directlySetCurrentUser(null);\n    }\n\n    if (!futureCurrentUser._redirectEventId) {\n      // This isn't a redirect link operation, we can reload and bail.\n      // First though, ensure that we check the middleware is happy.\n      if (needsTocheckMiddleware) {\n        try {\n          await this.beforeStateQueue.runMiddleware(futureCurrentUser);\n        } catch (e) {\n          futureCurrentUser = previouslyStoredUser;\n          // We know this is available since the bit is only set when the\n          // resolver is available\n          this._popupRedirectResolver!._overrideRedirectResult(this, () =>\n            Promise.reject(e)\n          );\n        }\n      }\n\n      if (futureCurrentUser) {\n        return this.reloadAndSetCurrentUserOrClear(futureCurrentUser);\n      } else {\n        return this.directlySetCurrentUser(null);\n      }\n    }\n\n    _assert(this._popupRedirectResolver, this, AuthErrorCode.ARGUMENT_ERROR);\n    await this.getOrInitRedirectPersistenceManager();\n\n    // If the redirect user's event ID matches the current user's event ID,\n    // DO NOT reload the current user, otherwise they'll be cleared from storage.\n    // This is important for the reauthenticateWithRedirect() flow.\n    if (\n      this.redirectUser &&\n      this.redirectUser._redirectEventId === futureCurrentUser._redirectEventId\n    ) {\n      return this.directlySetCurrentUser(futureCurrentUser);\n    }\n\n    return this.reloadAndSetCurrentUserOrClear(futureCurrentUser);\n  }\n\n  private async tryRedirectSignIn(\n    redirectResolver: PopupRedirectResolver\n  ): Promise<UserCredential | null> {\n    // The redirect user needs to be checked (and signed in if available)\n    // during auth initialization. All of the normal sign in and link/reauth\n    // flows call back into auth and push things onto the promise queue. We\n    // need to await the result of the redirect sign in *inside the promise\n    // queue*. This presents a problem: we run into deadlock. See:\n    //    ┌> [Initialization] ─────┐\n    //    ┌> [<other queue tasks>] │\n    //    └─ [getRedirectResult] <─┘\n    //    where [] are tasks on the queue and arrows denote awaits\n    // Initialization will never complete because it's waiting on something\n    // that's waiting for initialization to complete!\n    //\n    // Instead, this method calls getRedirectResult() (stored in\n    // _completeRedirectFn) with an optional parameter that instructs all of\n    // the underlying auth operations to skip anything that mutates auth state.\n\n    let result: UserCredential | null = null;\n    try {\n      // We know this._popupRedirectResolver is set since redirectResolver\n      // is passed in. The _completeRedirectFn expects the unwrapped extern.\n      result = await this._popupRedirectResolver!._completeRedirectFn(\n        this,\n        redirectResolver,\n        true\n      );\n    } catch (e) {\n      // Swallow any errors here; the code can retrieve them in\n      // getRedirectResult().\n      await this._setRedirectUser(null);\n    }\n\n    return result;\n  }\n\n  private async reloadAndSetCurrentUserOrClear(\n    user: UserInternal\n  ): Promise<void> {\n    try {\n      await _reloadWithoutSaving(user);\n    } catch (e) {\n      if (\n        (e as FirebaseError)?.code !==\n        `auth/${AuthErrorCode.NETWORK_REQUEST_FAILED}`\n      ) {\n        // Something's wrong with the user's token. Log them out and remove\n        // them from storage\n        return this.directlySetCurrentUser(null);\n      }\n    }\n\n    return this.directlySetCurrentUser(user);\n  }\n\n  useDeviceLanguage(): void {\n    this.languageCode = _getUserLanguage();\n  }\n\n  async _delete(): Promise<void> {\n    this._deleted = true;\n  }\n\n  async updateCurrentUser(userExtern: User | null): Promise<void> {\n    // The public updateCurrentUser method needs to make a copy of the user,\n    // and also check that the project matches\n    const user = userExtern\n      ? (getModularInstance(userExtern) as UserInternal)\n      : null;\n    if (user) {\n      _assert(\n        user.auth.config.apiKey === this.config.apiKey,\n        this,\n        AuthErrorCode.INVALID_AUTH\n      );\n    }\n    return this._updateCurrentUser(user && user._clone(this));\n  }\n\n  async _updateCurrentUser(\n    user: User | null,\n    skipBeforeStateCallbacks: boolean = false\n  ): Promise<void> {\n    if (this._deleted) {\n      return;\n    }\n    if (user) {\n      _assert(\n        this.tenantId === user.tenantId,\n        this,\n        AuthErrorCode.TENANT_ID_MISMATCH\n      );\n    }\n\n    if (!skipBeforeStateCallbacks) {\n      await this.beforeStateQueue.runMiddleware(user);\n    }\n\n    return this.queue(async () => {\n      await this.directlySetCurrentUser(user as UserInternal | null);\n      this.notifyAuthListeners();\n    });\n  }\n\n  async signOut(): Promise<void> {\n    // Run first, to block _setRedirectUser() if any callbacks fail.\n    await this.beforeStateQueue.runMiddleware(null);\n    // Clear the redirect user when signOut is called\n    if (this.redirectPersistenceManager || this._popupRedirectResolver) {\n      await this._setRedirectUser(null);\n    }\n\n    // Prevent callbacks from being called again in _updateCurrentUser, as\n    // they were already called in the first line.\n    return this._updateCurrentUser(null, /* skipBeforeStateCallbacks */ true);\n  }\n\n  setPersistence(persistence: Persistence): Promise<void> {\n    return this.queue(async () => {\n      await this.assertedPersistence.setPersistence(_getInstance(persistence));\n    });\n  }\n\n  async initializeRecaptchaConfig(): Promise<void> {\n    const response = await getRecaptchaConfig(this, {\n      clientType: RecaptchaClientType.WEB,\n      version: RecaptchaVersion.ENTERPRISE\n    });\n\n    const config = new RecaptchaConfig(response);\n    if (this.tenantId == null) {\n      this._agentRecaptchaConfig = config;\n    } else {\n      this._tenantRecaptchaConfigs[this.tenantId] = config;\n    }\n\n    if (config.emailPasswordEnabled) {\n      const verifier = new RecaptchaEnterpriseVerifier(this);\n      void verifier.verify();\n    }\n  }\n\n  _getRecaptchaConfig(): RecaptchaConfig | null {\n    if (this.tenantId == null) {\n      return this._agentRecaptchaConfig;\n    } else {\n      return this._tenantRecaptchaConfigs[this.tenantId];\n    }\n  }\n\n  _getPersistence(): string {\n    return this.assertedPersistence.persistence.type;\n  }\n\n  _updateErrorMap(errorMap: AuthErrorMap): void {\n    this._errorFactory = new ErrorFactory<AuthErrorCode, AuthErrorParams>(\n      'auth',\n      'Firebase',\n      (errorMap as ErrorMapRetriever)()\n    );\n  }\n\n  onAuthStateChanged(\n    nextOrObserver: NextOrObserver<User>,\n    error?: ErrorFn,\n    completed?: CompleteFn\n  ): Unsubscribe {\n    return this.registerStateListener(\n      this.authStateSubscription,\n      nextOrObserver,\n      error,\n      completed\n    );\n  }\n\n  beforeAuthStateChanged(\n    callback: (user: User | null) => void | Promise<void>,\n    onAbort?: () => void\n  ): Unsubscribe {\n    return this.beforeStateQueue.pushCallback(callback, onAbort);\n  }\n\n  onIdTokenChanged(\n    nextOrObserver: NextOrObserver<User>,\n    error?: ErrorFn,\n    completed?: CompleteFn\n  ): Unsubscribe {\n    return this.registerStateListener(\n      this.idTokenSubscription,\n      nextOrObserver,\n      error,\n      completed\n    );\n  }\n\n  toJSON(): object {\n    return {\n      apiKey: this.config.apiKey,\n      authDomain: this.config.authDomain,\n      appName: this.name,\n      currentUser: this._currentUser?.toJSON()\n    };\n  }\n\n  async _setRedirectUser(\n    user: UserInternal | null,\n    popupRedirectResolver?: PopupRedirectResolver\n  ): Promise<void> {\n    const redirectManager = await this.getOrInitRedirectPersistenceManager(\n      popupRedirectResolver\n    );\n    return user === null\n      ? redirectManager.removeCurrentUser()\n      : redirectManager.setCurrentUser(user);\n  }\n\n  private async getOrInitRedirectPersistenceManager(\n    popupRedirectResolver?: PopupRedirectResolver\n  ): Promise<PersistenceUserManager> {\n    if (!this.redirectPersistenceManager) {\n      const resolver: PopupRedirectResolverInternal | null =\n        (popupRedirectResolver && _getInstance(popupRedirectResolver)) ||\n        this._popupRedirectResolver;\n      _assert(resolver, this, AuthErrorCode.ARGUMENT_ERROR);\n      this.redirectPersistenceManager = await PersistenceUserManager.create(\n        this,\n        [_getInstance(resolver._redirectPersistence)],\n        KeyName.REDIRECT_USER\n      );\n      this.redirectUser =\n        await this.redirectPersistenceManager.getCurrentUser();\n    }\n\n    return this.redirectPersistenceManager;\n  }\n\n  async _redirectUserForId(id: string): Promise<UserInternal | null> {\n    // Make sure we've cleared any pending persistence actions if we're not in\n    // the initializer\n    if (this._isInitialized) {\n      await this.queue(async () => {});\n    }\n\n    if (this._currentUser?._redirectEventId === id) {\n      return this._currentUser;\n    }\n\n    if (this.redirectUser?._redirectEventId === id) {\n      return this.redirectUser;\n    }\n\n    return null;\n  }\n\n  async _persistUserIfCurrent(user: UserInternal): Promise<void> {\n    if (user === this.currentUser) {\n      return this.queue(async () => this.directlySetCurrentUser(user));\n    }\n  }\n\n  /** Notifies listeners only if the user is current */\n  _notifyListenersIfCurrent(user: UserInternal): void {\n    if (user === this.currentUser) {\n      this.notifyAuthListeners();\n    }\n  }\n\n  _key(): string {\n    return `${this.config.authDomain}:${this.config.apiKey}:${this.name}`;\n  }\n\n  _startProactiveRefresh(): void {\n    this.isProactiveRefreshEnabled = true;\n    if (this.currentUser) {\n      this._currentUser._startProactiveRefresh();\n    }\n  }\n\n  _stopProactiveRefresh(): void {\n    this.isProactiveRefreshEnabled = false;\n    if (this.currentUser) {\n      this._currentUser._stopProactiveRefresh();\n    }\n  }\n\n  /** Returns the current user cast as the internal type */\n  get _currentUser(): UserInternal {\n    return this.currentUser as UserInternal;\n  }\n\n  private notifyAuthListeners(): void {\n    if (!this._isInitialized) {\n      return;\n    }\n\n    this.idTokenSubscription.next(this.currentUser);\n\n    const currentUid = this.currentUser?.uid ?? null;\n    if (this.lastNotifiedUid !== currentUid) {\n      this.lastNotifiedUid = currentUid;\n      this.authStateSubscription.next(this.currentUser);\n    }\n  }\n\n  private registerStateListener(\n    subscription: Subscription<User>,\n    nextOrObserver: NextOrObserver<User>,\n    error?: ErrorFn,\n    completed?: CompleteFn\n  ): Unsubscribe {\n    if (this._deleted) {\n      return () => {};\n    }\n\n    const cb =\n      typeof nextOrObserver === 'function'\n        ? nextOrObserver\n        : nextOrObserver.next.bind(nextOrObserver);\n\n    const promise = this._isInitialized\n      ? Promise.resolve()\n      : this._initializationPromise;\n    _assert(promise, this, AuthErrorCode.INTERNAL_ERROR);\n    // The callback needs to be called asynchronously per the spec.\n    // eslint-disable-next-line @typescript-eslint/no-floating-promises\n    promise.then(() => cb(this.currentUser));\n\n    if (typeof nextOrObserver === 'function') {\n      return subscription.addObserver(nextOrObserver, error, completed);\n    } else {\n      return subscription.addObserver(nextOrObserver);\n    }\n  }\n\n  /**\n   * Unprotected (from race conditions) method to set the current user. This\n   * should only be called from within a queued callback. This is necessary\n   * because the queue shouldn't rely on another queued callback.\n   */\n  private async directlySetCurrentUser(\n    user: UserInternal | null\n  ): Promise<void> {\n    if (this.currentUser && this.currentUser !== user) {\n      this._currentUser._stopProactiveRefresh();\n    }\n    if (user && this.isProactiveRefreshEnabled) {\n      user._startProactiveRefresh();\n    }\n\n    this.currentUser = user;\n\n    if (user) {\n      await this.assertedPersistence.setCurrentUser(user);\n    } else {\n      await this.assertedPersistence.removeCurrentUser();\n    }\n  }\n\n  private queue(action: AsyncAction): Promise<void> {\n    // In case something errors, the callback still should be called in order\n    // to keep the promise chain alive\n    this.operations = this.operations.then(action, action);\n    return this.operations;\n  }\n\n  private get assertedPersistence(): PersistenceUserManager {\n    _assert(this.persistenceManager, this, AuthErrorCode.INTERNAL_ERROR);\n    return this.persistenceManager;\n  }\n\n  private frameworks: string[] = [];\n  private clientVersion: string;\n  _logFramework(framework: string): void {\n    if (!framework || this.frameworks.includes(framework)) {\n      return;\n    }\n    this.frameworks.push(framework);\n\n    // Sort alphabetically so that \"FirebaseCore-web,FirebaseUI-web\" and\n    // \"FirebaseUI-web,FirebaseCore-web\" aren't viewed as different.\n    this.frameworks.sort();\n    this.clientVersion = _getClientVersion(\n      this.config.clientPlatform,\n      this._getFrameworks()\n    );\n  }\n  _getFrameworks(): readonly string[] {\n    return this.frameworks;\n  }\n  async _getAdditionalHeaders(): Promise<Record<string, string>> {\n    // Additional headers on every request\n    const headers: Record<string, string> = {\n      [HttpHeader.X_CLIENT_VERSION]: this.clientVersion\n    };\n\n    if (this.app.options.appId) {\n      headers[HttpHeader.X_FIREBASE_GMPID] = this.app.options.appId;\n    }\n\n    // If the heartbeat service exists, add the heartbeat string\n    const heartbeatsHeader = await this.heartbeatServiceProvider\n      .getImmediate({\n        optional: true\n      })\n      ?.getHeartbeatsHeader();\n    if (heartbeatsHeader) {\n      headers[HttpHeader.X_FIREBASE_CLIENT] = heartbeatsHeader;\n    }\n\n    // If the App Check service exists, add the App Check token in the headers\n    const appCheckToken = await this._getAppCheckToken();\n    if (appCheckToken) {\n      headers[HttpHeader.X_FIREBASE_APP_CHECK] = appCheckToken;\n    }\n\n    return headers;\n  }\n\n  async _getAppCheckToken(): Promise<string | undefined> {\n    const appCheckTokenResult = await this.appCheckServiceProvider\n      .getImmediate({ optional: true })\n      ?.getToken();\n    if (appCheckTokenResult?.error) {\n      // Context: appCheck.getToken() will never throw even if an error happened.\n      // In the error case, a dummy token will be returned along with an error field describing\n      // the error. In general, we shouldn't care about the error condition and just use\n      // the token (actual or dummy) to send requests.\n      _logWarn(\n        `Error while retrieving App Check token: ${appCheckTokenResult.error}`\n      );\n    }\n    return appCheckTokenResult?.token;\n  }\n}\n\n/**\n * Method to be used to cast down to our private implmentation of Auth.\n * It will also handle unwrapping from the compat type if necessary\n *\n * @param auth Auth object passed in from developer\n */\nexport function _castAuth(auth: Auth): AuthInternal {\n  return getModularInstance(auth) as AuthInternal;\n}\n\n/** Helper class to wrap subscriber logic */\nclass Subscription<T> {\n  private observer: Observer<T | null> | null = null;\n  readonly addObserver: Subscribe<T | null> = createSubscribe(\n    observer => (this.observer = observer)\n  );\n\n  constructor(readonly auth: AuthInternal) {}\n\n  get next(): NextFn<T | null> {\n    _assert(this.observer, this.auth, AuthErrorCode.INTERNAL_ERROR);\n    return this.observer.next.bind(this.observer);\n  }\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { Auth } from '../../model/public_types';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { _castAuth } from './auth_impl';\n\n/**\n * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production\n * Firebase Auth services.\n *\n * @remarks\n * This must be called synchronously immediately following the first call to\n * {@link initializeAuth}.  Do not use with production credentials as emulator\n * traffic is not encrypted.\n *\n *\n * @example\n * ```javascript\n * connectAuthEmulator(auth, 'http://127.0.0.1:9099', { disableWarnings: true });\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param url - The URL at which the emulator is running (eg, 'http://localhost:9099').\n * @param options - Optional. `options.disableWarnings` defaults to `false`. Set it to\n * `true` to disable the warning banner attached to the DOM.\n *\n * @public\n */\nexport function connectAuthEmulator(\n  auth: Auth,\n  url: string,\n  options?: { disableWarnings: boolean }\n): void {\n  const authInternal = _castAuth(auth);\n  _assert(\n    authInternal._canInitEmulator,\n    authInternal,\n    AuthErrorCode.EMULATOR_CONFIG_FAILED\n  );\n\n  _assert(\n    /^https?:\\/\\//.test(url),\n    authInternal,\n    AuthErrorCode.INVALID_EMULATOR_SCHEME\n  );\n\n  const disableWarnings = !!options?.disableWarnings;\n\n  const protocol = extractProtocol(url);\n  const { host, port } = extractHostAndPort(url);\n  const portStr = port === null ? '' : `:${port}`;\n\n  // Always replace path with \"/\" (even if input url had no path at all, or had a different one).\n  authInternal.config.emulator = { url: `${protocol}//${host}${portStr}/` };\n  authInternal.settings.appVerificationDisabledForTesting = true;\n  authInternal.emulatorConfig = Object.freeze({\n    host,\n    port,\n    protocol: protocol.replace(':', ''),\n    options: Object.freeze({ disableWarnings })\n  });\n\n  if (!disableWarnings) {\n    emitEmulatorWarning();\n  }\n}\n\nfunction extractProtocol(url: string): string {\n  const protocolEnd = url.indexOf(':');\n  return protocolEnd < 0 ? '' : url.substr(0, protocolEnd + 1);\n}\n\nfunction extractHostAndPort(url: string): {\n  host: string;\n  port: number | null;\n} {\n  const protocol = extractProtocol(url);\n  const authority = /(\\/\\/)?([^?#/]+)/.exec(url.substr(protocol.length)); // Between // and /, ? or #.\n  if (!authority) {\n    return { host: '', port: null };\n  }\n  const hostAndPort = authority[2].split('@').pop() || ''; // Strip out \"username:password@\".\n  const bracketedIPv6 = /^(\\[[^\\]]+\\])(:|$)/.exec(hostAndPort);\n  if (bracketedIPv6) {\n    const host = bracketedIPv6[1];\n    return { host, port: parsePort(hostAndPort.substr(host.length + 1)) };\n  } else {\n    const [host, port] = hostAndPort.split(':');\n    return { host, port: parsePort(port) };\n  }\n}\n\nfunction parsePort(portStr: string): number | null {\n  if (!portStr) {\n    return null;\n  }\n  const port = Number(portStr);\n  if (isNaN(port)) {\n    return null;\n  }\n  return port;\n}\n\nfunction emitEmulatorWarning(): void {\n  function attachBanner(): void {\n    const el = document.createElement('p');\n    const sty = el.style;\n    el.innerText =\n      'Running in emulator mode. Do not use with production credentials.';\n    sty.position = 'fixed';\n    sty.width = '100%';\n    sty.backgroundColor = '#ffffff';\n    sty.border = '.1em solid #000000';\n    sty.color = '#b50000';\n    sty.bottom = '0px';\n    sty.left = '0px';\n    sty.margin = '0px';\n    sty.zIndex = '10000';\n    sty.textAlign = 'center';\n    el.classList.add('firebase-emulator-warning');\n    document.body.appendChild(el);\n  }\n\n  if (typeof console !== 'undefined' && typeof console.info === 'function') {\n    console.info(\n      'WARNING: You are using the Auth Emulator,' +\n        ' which is intended for local testing only.  Do not use with' +\n        ' production credentials.'\n    );\n  }\n  if (typeof window !== 'undefined' && typeof document !== 'undefined') {\n    if (document.readyState === 'loading') {\n      window.addEventListener('DOMContentLoaded', attachBanner);\n    } else {\n      attachBanner();\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { debugFail } from '../util/assert';\n\n/**\n * Interface that represents the credentials returned by an {@link AuthProvider}.\n *\n * @remarks\n * Implementations specify the details about each auth provider's credential requirements.\n *\n * @public\n */\nexport class AuthCredential {\n  /** @internal */\n  protected constructor(\n    /**\n     * The authentication provider ID for the credential.\n     *\n     * @remarks\n     * For example, 'facebook.com', or 'google.com'.\n     */\n    readonly providerId: string,\n    /**\n     * The authentication sign in method for the credential.\n     *\n     * @remarks\n     * For example, {@link SignInMethod}.EMAIL_PASSWORD, or\n     * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method\n     * identifier as returned in {@link fetchSignInMethodsForEmail}.\n     */\n    readonly signInMethod: string\n  ) {}\n\n  /**\n   * Returns a JSON-serializable representation of this object.\n   *\n   * @returns a JSON-serializable representation of this object.\n   */\n  toJSON(): object {\n    return debugFail('not implemented');\n  }\n\n  /** @internal */\n  _getIdTokenResponse(_auth: AuthInternal): Promise<PhoneOrOauthTokenResponse> {\n    return debugFail('not implemented');\n  }\n  /** @internal */\n  _linkToIdToken(\n    _auth: AuthInternal,\n    _idToken: string\n  ): Promise<IdTokenResponse> {\n    return debugFail('not implemented');\n  }\n  /** @internal */\n  _getReauthenticationResolver(_auth: AuthInternal): Promise<IdTokenResponse> {\n    return debugFail('not implemented');\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ActionCodeOperation, Auth } from '../../model/public_types';\n\nimport {\n  Endpoint,\n  HttpMethod,\n  _addTidIfNecessary,\n  _performApiRequest\n} from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { MfaEnrollment } from './mfa';\n\nexport interface ResetPasswordRequest {\n  oobCode: string;\n  newPassword?: string;\n  tenantId?: string;\n}\n\nexport interface ResetPasswordResponse {\n  email: string;\n  newEmail?: string;\n  requestType?: ActionCodeOperation;\n  mfaInfo?: MfaEnrollment;\n}\n\nexport async function resetPassword(\n  auth: Auth,\n  request: ResetPasswordRequest\n): Promise<ResetPasswordResponse> {\n  return _performApiRequest<ResetPasswordRequest, ResetPasswordResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.RESET_PASSWORD,\n    _addTidIfNecessary(auth, request)\n  );\n}\nexport interface UpdateEmailPasswordRequest {\n  idToken: string;\n  returnSecureToken?: boolean;\n  email?: string;\n  password?: string;\n}\n\nexport interface UpdateEmailPasswordResponse extends IdTokenResponse {}\n\nexport async function updateEmailPassword(\n  auth: Auth,\n  request: UpdateEmailPasswordRequest\n): Promise<UpdateEmailPasswordResponse> {\n  return _performApiRequest<\n    UpdateEmailPasswordRequest,\n    UpdateEmailPasswordResponse\n  >(auth, HttpMethod.POST, Endpoint.SET_ACCOUNT_INFO, request);\n}\n\nexport interface ApplyActionCodeRequest {\n  oobCode: string;\n  tenantId?: string;\n}\n\nexport interface ApplyActionCodeResponse {}\n\nexport async function applyActionCode(\n  auth: Auth,\n  request: ApplyActionCodeRequest\n): Promise<ApplyActionCodeResponse> {\n  return _performApiRequest<ApplyActionCodeRequest, ApplyActionCodeResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SET_ACCOUNT_INFO,\n    _addTidIfNecessary(auth, request)\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ActionCodeOperation, Auth } from '../../model/public_types';\n\nimport {\n  Endpoint,\n  HttpMethod,\n  RecaptchaClientType,\n  RecaptchaVersion,\n  _addTidIfNecessary,\n  _performApiRequest,\n  _performSignInRequest\n} from '../index';\nimport { IdToken, IdTokenResponse } from '../../model/id_token';\n\nexport interface SignInWithPasswordRequest {\n  returnSecureToken?: boolean;\n  email: string;\n  password: string;\n  tenantId?: string;\n  captchaResponse?: string;\n  clientType?: RecaptchaClientType;\n  recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface SignInWithPasswordResponse extends IdTokenResponse {\n  email: string;\n  displayName: string;\n}\n\nexport async function signInWithPassword(\n  auth: Auth,\n  request: SignInWithPasswordRequest\n): Promise<SignInWithPasswordResponse> {\n  return _performSignInRequest<\n    SignInWithPasswordRequest,\n    SignInWithPasswordResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_IN_WITH_PASSWORD,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport interface GetOobCodeRequest {\n  email?: string; // Everything except VERIFY_AND_CHANGE_EMAIL\n  continueUrl?: string;\n  iOSBundleId?: string;\n  iosAppStoreId?: string;\n  androidPackageName?: string;\n  androidInstallApp?: boolean;\n  androidMinimumVersionCode?: string;\n  canHandleCodeInApp?: boolean;\n  dynamicLinkDomain?: string;\n  tenantId?: string;\n  targetProjectid?: string;\n}\n\nexport interface VerifyEmailRequest extends GetOobCodeRequest {\n  requestType: ActionCodeOperation.VERIFY_EMAIL;\n  idToken: IdToken;\n}\n\nexport interface PasswordResetRequest extends GetOobCodeRequest {\n  requestType: ActionCodeOperation.PASSWORD_RESET;\n  email: string;\n  captchaResp?: string;\n  clientType?: RecaptchaClientType;\n  recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface EmailSignInRequest extends GetOobCodeRequest {\n  requestType: ActionCodeOperation.EMAIL_SIGNIN;\n  email: string;\n  captchaResp?: string;\n  clientType?: RecaptchaClientType;\n  recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface VerifyAndChangeEmailRequest extends GetOobCodeRequest {\n  requestType: ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL;\n  idToken: IdToken;\n  newEmail: string;\n}\n\ninterface GetOobCodeResponse {\n  email: string;\n}\n\nexport interface VerifyEmailResponse extends GetOobCodeResponse {}\nexport interface PasswordResetResponse extends GetOobCodeResponse {}\nexport interface EmailSignInResponse extends GetOobCodeResponse {}\nexport interface VerifyAndChangeEmailResponse extends GetOobCodeRequest {}\n\nasync function sendOobCode(\n  auth: Auth,\n  request: GetOobCodeRequest\n): Promise<GetOobCodeResponse> {\n  return _performApiRequest<GetOobCodeRequest, GetOobCodeResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SEND_OOB_CODE,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport async function sendEmailVerification(\n  auth: Auth,\n  request: VerifyEmailRequest\n): Promise<VerifyEmailResponse> {\n  return sendOobCode(auth, request);\n}\n\nexport async function sendPasswordResetEmail(\n  auth: Auth,\n  request: PasswordResetRequest\n): Promise<PasswordResetResponse> {\n  return sendOobCode(auth, request);\n}\n\nexport async function sendSignInLinkToEmail(\n  auth: Auth,\n  request: EmailSignInRequest\n): Promise<EmailSignInResponse> {\n  return sendOobCode(auth, request);\n}\n\nexport async function verifyAndChangeEmail(\n  auth: Auth,\n  request: VerifyAndChangeEmailRequest\n): Promise<VerifyAndChangeEmailResponse> {\n  return sendOobCode(auth, request);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\nimport { updateEmailPassword } from '../../api/account_management/email_and_password';\nimport {\n  signInWithPassword,\n  SignInWithPasswordRequest\n} from '../../api/authentication/email_and_password';\nimport {\n  signInWithEmailLink,\n  signInWithEmailLinkForLinking\n} from '../../api/authentication/email_link';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthErrorCode } from '../errors';\nimport { _fail } from '../util/assert';\nimport { AuthCredential } from './auth_credential';\nimport { injectRecaptchaFields } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';\nimport { RecaptchaActionName, RecaptchaClientType } from '../../api';\n/**\n * Interface that represents the credentials returned by {@link EmailAuthProvider} for\n * {@link ProviderId}.PASSWORD\n *\n * @remarks\n * Covers both {@link SignInMethod}.EMAIL_PASSWORD and\n * {@link SignInMethod}.EMAIL_LINK.\n *\n * @public\n */\nexport class EmailAuthCredential extends AuthCredential {\n  /** @internal */\n  private constructor(\n    /** @internal */\n    readonly _email: string,\n    /** @internal */\n    readonly _password: string,\n    signInMethod: SignInMethod,\n    /** @internal */\n    readonly _tenantId: string | null = null\n  ) {\n    super(ProviderId.PASSWORD, signInMethod);\n  }\n\n  /** @internal */\n  static _fromEmailAndPassword(\n    email: string,\n    password: string\n  ): EmailAuthCredential {\n    return new EmailAuthCredential(\n      email,\n      password,\n      SignInMethod.EMAIL_PASSWORD\n    );\n  }\n\n  /** @internal */\n  static _fromEmailAndCode(\n    email: string,\n    oobCode: string,\n    tenantId: string | null = null\n  ): EmailAuthCredential {\n    return new EmailAuthCredential(\n      email,\n      oobCode,\n      SignInMethod.EMAIL_LINK,\n      tenantId\n    );\n  }\n\n  /** {@inheritdoc AuthCredential.toJSON} */\n  toJSON(): object {\n    return {\n      email: this._email,\n      password: this._password,\n      signInMethod: this.signInMethod,\n      tenantId: this._tenantId\n    };\n  }\n\n  /**\n   * Static method to deserialize a JSON representation of an object into an {@link  AuthCredential}.\n   *\n   * @param json - Either `object` or the stringified representation of the object. When string is\n   * provided, `JSON.parse` would be called first.\n   *\n   * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned.\n   */\n  static fromJSON(json: object | string): EmailAuthCredential | null {\n    const obj = typeof json === 'string' ? JSON.parse(json) : json;\n    if (obj?.email && obj?.password) {\n      if (obj.signInMethod === SignInMethod.EMAIL_PASSWORD) {\n        return this._fromEmailAndPassword(obj.email, obj.password);\n      } else if (obj.signInMethod === SignInMethod.EMAIL_LINK) {\n        return this._fromEmailAndCode(obj.email, obj.password, obj.tenantId);\n      }\n    }\n    return null;\n  }\n\n  /** @internal */\n  async _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse> {\n    switch (this.signInMethod) {\n      case SignInMethod.EMAIL_PASSWORD:\n        const request: SignInWithPasswordRequest = {\n          returnSecureToken: true,\n          email: this._email,\n          password: this._password,\n          clientType: RecaptchaClientType.WEB\n        };\n        if (auth._getRecaptchaConfig()?.emailPasswordEnabled) {\n          const requestWithRecaptcha = await injectRecaptchaFields(\n            auth,\n            request,\n            RecaptchaActionName.SIGN_IN_WITH_PASSWORD\n          );\n          return signInWithPassword(auth, requestWithRecaptcha);\n        } else {\n          return signInWithPassword(auth, request).catch(async error => {\n            if (\n              error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`\n            ) {\n              console.log(\n                'Sign-in with email address and password is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.'\n              );\n              const requestWithRecaptcha = await injectRecaptchaFields(\n                auth,\n                request,\n                RecaptchaActionName.SIGN_IN_WITH_PASSWORD\n              );\n              return signInWithPassword(auth, requestWithRecaptcha);\n            } else {\n              return Promise.reject(error);\n            }\n          });\n        }\n      case SignInMethod.EMAIL_LINK:\n        return signInWithEmailLink(auth, {\n          email: this._email,\n          oobCode: this._password\n        });\n      default:\n        _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n    }\n  }\n\n  /** @internal */\n  async _linkToIdToken(\n    auth: AuthInternal,\n    idToken: string\n  ): Promise<IdTokenResponse> {\n    switch (this.signInMethod) {\n      case SignInMethod.EMAIL_PASSWORD:\n        return updateEmailPassword(auth, {\n          idToken,\n          returnSecureToken: true,\n          email: this._email,\n          password: this._password\n        });\n      case SignInMethod.EMAIL_LINK:\n        return signInWithEmailLinkForLinking(auth, {\n          idToken,\n          email: this._email,\n          oobCode: this._password\n        });\n      default:\n        _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n    }\n  }\n\n  /** @internal */\n  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n    return this._getIdTokenResponse(auth);\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  _performSignInRequest,\n  Endpoint,\n  HttpMethod,\n  _addTidIfNecessary\n} from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface SignInWithEmailLinkRequest {\n  email: string;\n  oobCode: string;\n  tenantId?: string;\n}\n\nexport interface SignInWithEmailLinkResponse extends IdTokenResponse {\n  email: string;\n  isNewUser: boolean;\n}\n\nexport async function signInWithEmailLink(\n  auth: Auth,\n  request: SignInWithEmailLinkRequest\n): Promise<SignInWithEmailLinkResponse> {\n  return _performSignInRequest<\n    SignInWithEmailLinkRequest,\n    SignInWithEmailLinkResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_IN_WITH_EMAIL_LINK,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport interface SignInWithEmailLinkForLinkingRequest\n  extends SignInWithEmailLinkRequest {\n  idToken: string;\n}\n\nexport async function signInWithEmailLinkForLinking(\n  auth: Auth,\n  request: SignInWithEmailLinkForLinkingRequest\n): Promise<SignInWithEmailLinkResponse> {\n  return _performSignInRequest<\n    SignInWithEmailLinkForLinkingRequest,\n    SignInWithEmailLinkResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_IN_WITH_EMAIL_LINK,\n    _addTidIfNecessary(auth, request)\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Endpoint,\n  HttpMethod,\n  _addTidIfNecessary,\n  _performSignInRequest\n} from '../index';\nimport { IdToken, IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface SignInWithIdpRequest {\n  requestUri: string;\n  postBody?: string;\n  sessionId?: string;\n  tenantId?: string;\n  returnSecureToken: boolean;\n  returnIdpCredential?: boolean;\n  idToken?: IdToken;\n  autoCreate?: boolean;\n  pendingToken?: string;\n}\n\n/**\n * @internal\n */\nexport interface SignInWithIdpResponse extends IdTokenResponse {\n  oauthAccessToken?: string;\n  oauthTokenSecret?: string;\n  nonce?: string;\n  oauthIdToken?: string;\n  pendingToken?: string;\n}\n\nexport async function signInWithIdp(\n  auth: Auth,\n  request: SignInWithIdpRequest\n): Promise<SignInWithIdpResponse> {\n  return _performSignInRequest<SignInWithIdpRequest, SignInWithIdpResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_IN_WITH_IDP,\n    _addTidIfNecessary(auth, request)\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { querystring } from '@firebase/util';\n\nimport {\n  signInWithIdp,\n  SignInWithIdpRequest\n} from '../../api/authentication/idp';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthErrorCode } from '../errors';\nimport { _fail } from '../util/assert';\nimport { AuthCredential } from './auth_credential';\n\nconst IDP_REQUEST_URI = 'http://localhost';\n\nexport interface OAuthCredentialParams {\n  // OAuth 2 uses either id token or access token\n  idToken?: string | null;\n  accessToken?: string | null;\n\n  // These fields are used with OAuth 1\n  oauthToken?: string;\n  secret?: string;\n  oauthTokenSecret?: string;\n\n  // Nonce is only set if pendingToken is not present\n  nonce?: string;\n  pendingToken?: string;\n\n  // Utilities\n  providerId: string;\n  signInMethod: string;\n}\n\n/**\n * Represents the OAuth credentials returned by an {@link OAuthProvider}.\n *\n * @remarks\n * Implementations specify the details about each auth provider's credential requirements.\n *\n * @public\n */\nexport class OAuthCredential extends AuthCredential {\n  /**\n   * The OAuth ID token associated with the credential if it belongs to an OIDC provider,\n   * such as `google.com`.\n   * @readonly\n   */\n  idToken?: string;\n  /**\n   * The OAuth access token associated with the credential if it belongs to an\n   * {@link OAuthProvider}, such as `facebook.com`, `twitter.com`, etc.\n   * @readonly\n   */\n  accessToken?: string;\n  /**\n   * The OAuth access token secret associated with the credential if it belongs to an OAuth 1.0\n   * provider, such as `twitter.com`.\n   * @readonly\n   */\n  secret?: string;\n\n  private nonce?: string;\n  private pendingToken: string | null = null;\n\n  /** @internal */\n  static _fromParams(params: OAuthCredentialParams): OAuthCredential {\n    const cred = new OAuthCredential(params.providerId, params.signInMethod);\n\n    if (params.idToken || params.accessToken) {\n      // OAuth 2 and either ID token or access token.\n      if (params.idToken) {\n        cred.idToken = params.idToken;\n      }\n\n      if (params.accessToken) {\n        cred.accessToken = params.accessToken;\n      }\n\n      // Add nonce if available and no pendingToken is present.\n      if (params.nonce && !params.pendingToken) {\n        cred.nonce = params.nonce;\n      }\n\n      if (params.pendingToken) {\n        cred.pendingToken = params.pendingToken;\n      }\n    } else if (params.oauthToken && params.oauthTokenSecret) {\n      // OAuth 1 and OAuth token with token secret\n      cred.accessToken = params.oauthToken;\n      cred.secret = params.oauthTokenSecret;\n    } else {\n      _fail(AuthErrorCode.ARGUMENT_ERROR);\n    }\n\n    return cred;\n  }\n\n  /** {@inheritdoc AuthCredential.toJSON}  */\n  toJSON(): object {\n    return {\n      idToken: this.idToken,\n      accessToken: this.accessToken,\n      secret: this.secret,\n      nonce: this.nonce,\n      pendingToken: this.pendingToken,\n      providerId: this.providerId,\n      signInMethod: this.signInMethod\n    };\n  }\n\n  /**\n   * Static method to deserialize a JSON representation of an object into an\n   * {@link  AuthCredential}.\n   *\n   * @param json - Input can be either Object or the stringified representation of the object.\n   * When string is provided, JSON.parse would be called first.\n   *\n   * @returns If the JSON input does not represent an {@link  AuthCredential}, null is returned.\n   */\n  static fromJSON(json: string | object): OAuthCredential | null {\n    const obj = typeof json === 'string' ? JSON.parse(json) : json;\n    const { providerId, signInMethod, ...rest }: OAuthCredentialParams = obj;\n    if (!providerId || !signInMethod) {\n      return null;\n    }\n\n    const cred = new OAuthCredential(providerId, signInMethod);\n    cred.idToken = rest.idToken || undefined;\n    cred.accessToken = rest.accessToken || undefined;\n    cred.secret = rest.secret;\n    cred.nonce = rest.nonce;\n    cred.pendingToken = rest.pendingToken || null;\n    return cred;\n  }\n\n  /** @internal */\n  _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse> {\n    const request = this.buildRequest();\n    return signInWithIdp(auth, request);\n  }\n\n  /** @internal */\n  _linkToIdToken(\n    auth: AuthInternal,\n    idToken: string\n  ): Promise<IdTokenResponse> {\n    const request = this.buildRequest();\n    request.idToken = idToken;\n    return signInWithIdp(auth, request);\n  }\n\n  /** @internal */\n  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n    const request = this.buildRequest();\n    request.autoCreate = false;\n    return signInWithIdp(auth, request);\n  }\n\n  private buildRequest(): SignInWithIdpRequest {\n    const request: SignInWithIdpRequest = {\n      requestUri: IDP_REQUEST_URI,\n      returnSecureToken: true\n    };\n\n    if (this.pendingToken) {\n      request.pendingToken = this.pendingToken;\n    } else {\n      const postBody: Record<string, string> = {};\n      if (this.idToken) {\n        postBody['id_token'] = this.idToken;\n      }\n      if (this.accessToken) {\n        postBody['access_token'] = this.accessToken;\n      }\n      if (this.secret) {\n        postBody['oauth_token_secret'] = this.secret;\n      }\n\n      postBody['providerId'] = this.providerId;\n      if (this.nonce && !this.pendingToken) {\n        postBody['nonce'] = this.nonce;\n      }\n\n      request.postBody = querystring(postBody);\n    }\n\n    return request;\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Endpoint,\n  HttpMethod,\n  _addTidIfNecessary,\n  _makeTaggedError,\n  _performApiRequest,\n  _performSignInRequest\n} from '../index';\nimport { AuthErrorCode } from '../../core/errors';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { ServerError, ServerErrorMap } from '../errors';\nimport { Auth } from '../../model/public_types';\n\nexport interface SendPhoneVerificationCodeRequest {\n  phoneNumber: string;\n  recaptchaToken: string;\n  tenantId?: string;\n}\n\nexport interface SendPhoneVerificationCodeResponse {\n  sessionInfo: string;\n}\n\nexport async function sendPhoneVerificationCode(\n  auth: Auth,\n  request: SendPhoneVerificationCodeRequest\n): Promise<SendPhoneVerificationCodeResponse> {\n  return _performApiRequest<\n    SendPhoneVerificationCodeRequest,\n    SendPhoneVerificationCodeResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SEND_VERIFICATION_CODE,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\n/**\n * @internal\n */\nexport interface SignInWithPhoneNumberRequest {\n  temporaryProof?: string;\n  phoneNumber?: string;\n  sessionInfo?: string;\n  code?: string;\n  tenantId?: string;\n}\n\nexport interface LinkWithPhoneNumberRequest\n  extends SignInWithPhoneNumberRequest {\n  idToken: string;\n}\n\n/**\n * @internal\n */\nexport interface SignInWithPhoneNumberResponse extends IdTokenResponse {\n  temporaryProof?: string;\n  phoneNumber?: string;\n}\n\nexport async function signInWithPhoneNumber(\n  auth: Auth,\n  request: SignInWithPhoneNumberRequest\n): Promise<SignInWithPhoneNumberResponse> {\n  return _performSignInRequest<\n    SignInWithPhoneNumberRequest,\n    SignInWithPhoneNumberResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_IN_WITH_PHONE_NUMBER,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport async function linkWithPhoneNumber(\n  auth: Auth,\n  request: LinkWithPhoneNumberRequest\n): Promise<SignInWithPhoneNumberResponse> {\n  const response = await _performSignInRequest<\n    LinkWithPhoneNumberRequest,\n    SignInWithPhoneNumberResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_IN_WITH_PHONE_NUMBER,\n    _addTidIfNecessary(auth, request)\n  );\n  if (response.temporaryProof) {\n    throw _makeTaggedError(auth, AuthErrorCode.NEED_CONFIRMATION, response);\n  }\n  return response;\n}\n\ninterface VerifyPhoneNumberForExistingRequest\n  extends SignInWithPhoneNumberRequest {\n  operation: 'REAUTH';\n}\n\nconst VERIFY_PHONE_NUMBER_FOR_EXISTING_ERROR_MAP_: Partial<\n  ServerErrorMap<ServerError>\n> = {\n  [ServerError.USER_NOT_FOUND]: AuthErrorCode.USER_DELETED\n};\n\nexport async function verifyPhoneNumberForExisting(\n  auth: Auth,\n  request: SignInWithPhoneNumberRequest\n): Promise<SignInWithPhoneNumberResponse> {\n  const apiRequest: VerifyPhoneNumberForExistingRequest = {\n    ...request,\n    operation: 'REAUTH'\n  };\n  return _performSignInRequest<\n    VerifyPhoneNumberForExistingRequest,\n    SignInWithPhoneNumberResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_IN_WITH_PHONE_NUMBER,\n    _addTidIfNecessary(auth, apiRequest),\n    VERIFY_PHONE_NUMBER_FOR_EXISTING_ERROR_MAP_\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport {\n  linkWithPhoneNumber,\n  signInWithPhoneNumber,\n  SignInWithPhoneNumberRequest,\n  verifyPhoneNumberForExisting\n} from '../../api/authentication/sms';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthCredential } from './auth_credential';\n\nexport interface PhoneAuthCredentialParameters {\n  verificationId?: string;\n  verificationCode?: string;\n  phoneNumber?: string;\n  temporaryProof?: string;\n}\n\n/**\n * Represents the credentials returned by {@link PhoneAuthProvider}.\n *\n * @public\n */\nexport class PhoneAuthCredential extends AuthCredential {\n  private constructor(private readonly params: PhoneAuthCredentialParameters) {\n    super(ProviderId.PHONE, SignInMethod.PHONE);\n  }\n\n  /** @internal */\n  static _fromVerification(\n    verificationId: string,\n    verificationCode: string\n  ): PhoneAuthCredential {\n    return new PhoneAuthCredential({ verificationId, verificationCode });\n  }\n\n  /** @internal */\n  static _fromTokenResponse(\n    phoneNumber: string,\n    temporaryProof: string\n  ): PhoneAuthCredential {\n    return new PhoneAuthCredential({ phoneNumber, temporaryProof });\n  }\n\n  /** @internal */\n  _getIdTokenResponse(auth: AuthInternal): Promise<PhoneOrOauthTokenResponse> {\n    return signInWithPhoneNumber(auth, this._makeVerificationRequest());\n  }\n\n  /** @internal */\n  _linkToIdToken(\n    auth: AuthInternal,\n    idToken: string\n  ): Promise<IdTokenResponse> {\n    return linkWithPhoneNumber(auth, {\n      idToken,\n      ...this._makeVerificationRequest()\n    });\n  }\n\n  /** @internal */\n  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n    return verifyPhoneNumberForExisting(auth, this._makeVerificationRequest());\n  }\n\n  /** @internal */\n  _makeVerificationRequest(): SignInWithPhoneNumberRequest {\n    const { temporaryProof, phoneNumber, verificationId, verificationCode } =\n      this.params;\n    if (temporaryProof && phoneNumber) {\n      return { temporaryProof, phoneNumber };\n    }\n\n    return {\n      sessionInfo: verificationId,\n      code: verificationCode\n    };\n  }\n\n  /** {@inheritdoc AuthCredential.toJSON} */\n  toJSON(): object {\n    const obj: Record<string, string> = {\n      providerId: this.providerId\n    };\n    if (this.params.phoneNumber) {\n      obj.phoneNumber = this.params.phoneNumber;\n    }\n    if (this.params.temporaryProof) {\n      obj.temporaryProof = this.params.temporaryProof;\n    }\n    if (this.params.verificationCode) {\n      obj.verificationCode = this.params.verificationCode;\n    }\n    if (this.params.verificationId) {\n      obj.verificationId = this.params.verificationId;\n    }\n\n    return obj;\n  }\n\n  /** Generates a phone credential based on a plain object or a JSON string. */\n  static fromJSON(json: object | string): PhoneAuthCredential | null {\n    if (typeof json === 'string') {\n      json = JSON.parse(json);\n    }\n\n    const { verificationId, verificationCode, phoneNumber, temporaryProof } =\n      json as { [key: string]: string };\n    if (\n      !verificationCode &&\n      !verificationId &&\n      !phoneNumber &&\n      !temporaryProof\n    ) {\n      return null;\n    }\n\n    return new PhoneAuthCredential({\n      verificationId,\n      verificationCode,\n      phoneNumber,\n      temporaryProof\n    });\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { extractQuerystring, querystringDecode } from '@firebase/util';\nimport { ActionCodeOperation } from '../model/public_types';\nimport { AuthErrorCode } from './errors';\nimport { _assert } from './util/assert';\n\n/**\n * Enums for fields in URL query string.\n *\n * @enum {string}\n */\nconst enum QueryField {\n  API_KEY = 'apiKey',\n  CODE = 'oobCode',\n  CONTINUE_URL = 'continueUrl',\n  LANGUAGE_CODE = 'languageCode',\n  MODE = 'mode',\n  TENANT_ID = 'tenantId'\n}\n\n/**\n * Maps the mode string in action code URL to Action Code Info operation.\n *\n * @param mode\n */\nfunction parseMode(mode: string | null): ActionCodeOperation | null {\n  switch (mode) {\n    case 'recoverEmail':\n      return ActionCodeOperation.RECOVER_EMAIL;\n    case 'resetPassword':\n      return ActionCodeOperation.PASSWORD_RESET;\n    case 'signIn':\n      return ActionCodeOperation.EMAIL_SIGNIN;\n    case 'verifyEmail':\n      return ActionCodeOperation.VERIFY_EMAIL;\n    case 'verifyAndChangeEmail':\n      return ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL;\n    case 'revertSecondFactorAddition':\n      return ActionCodeOperation.REVERT_SECOND_FACTOR_ADDITION;\n    default:\n      return null;\n  }\n}\n\n/**\n * Helper to parse FDL links\n *\n * @param url\n */\nfunction parseDeepLink(url: string): string {\n  const link = querystringDecode(extractQuerystring(url))['link'];\n\n  // Double link case (automatic redirect).\n  const doubleDeepLink = link\n    ? querystringDecode(extractQuerystring(link))['deep_link_id']\n    : null;\n  // iOS custom scheme links.\n  const iOSDeepLink = querystringDecode(extractQuerystring(url))[\n    'deep_link_id'\n  ];\n  const iOSDoubleDeepLink = iOSDeepLink\n    ? querystringDecode(extractQuerystring(iOSDeepLink))['link']\n    : null;\n  return iOSDoubleDeepLink || iOSDeepLink || doubleDeepLink || link || url;\n}\n\n/**\n * A utility class to parse email action URLs such as password reset, email verification,\n * email link sign in, etc.\n *\n * @public\n */\nexport class ActionCodeURL {\n  /**\n   * The API key of the email action link.\n   */\n  readonly apiKey: string;\n  /**\n   * The action code of the email action link.\n   */\n  readonly code: string;\n  /**\n   * The continue URL of the email action link. Null if not provided.\n   */\n  readonly continueUrl: string | null;\n  /**\n   * The language code of the email action link. Null if not provided.\n   */\n  readonly languageCode: string | null;\n  /**\n   * The action performed by the email action link. It returns from one of the types from\n   * {@link ActionCodeInfo}\n   */\n  readonly operation: string;\n  /**\n   * The tenant ID of the email action link. Null if the email action is from the parent project.\n   */\n  readonly tenantId: string | null;\n\n  /**\n   * @param actionLink - The link from which to extract the URL.\n   * @returns The {@link ActionCodeURL} object, or null if the link is invalid.\n   *\n   * @internal\n   */\n  constructor(actionLink: string) {\n    const searchParams = querystringDecode(extractQuerystring(actionLink));\n    const apiKey = searchParams[QueryField.API_KEY] ?? null;\n    const code = searchParams[QueryField.CODE] ?? null;\n    const operation = parseMode(searchParams[QueryField.MODE] ?? null);\n    // Validate API key, code and mode.\n    _assert(apiKey && code && operation, AuthErrorCode.ARGUMENT_ERROR);\n    this.apiKey = apiKey;\n    this.operation = operation;\n    this.code = code;\n    this.continueUrl = searchParams[QueryField.CONTINUE_URL] ?? null;\n    this.languageCode = searchParams[QueryField.LANGUAGE_CODE] ?? null;\n    this.tenantId = searchParams[QueryField.TENANT_ID] ?? null;\n  }\n\n  /**\n   * Parses the email action link string and returns an {@link ActionCodeURL} if the link is valid,\n   * otherwise returns null.\n   *\n   * @param link  - The email action link string.\n   * @returns The {@link ActionCodeURL} object, or null if the link is invalid.\n   *\n   * @public\n   */\n  static parseLink(link: string): ActionCodeURL | null {\n    const actionLink = parseDeepLink(link);\n    try {\n      return new ActionCodeURL(actionLink);\n    } catch {\n      return null;\n    }\n  }\n}\n\n/**\n * Parses the email action link string and returns an {@link ActionCodeURL} if\n * the link is valid, otherwise returns null.\n *\n * @public\n */\nexport function parseActionCodeURL(link: string): ActionCodeURL | null {\n  return ActionCodeURL.parseLink(link);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ProviderId, SignInMethod } from '../../model/enums';\nimport { AuthProvider } from '../../model/public_types';\n\nimport { ActionCodeURL } from '../action_code_url';\nimport { EmailAuthCredential } from '../credentials/email';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\n\n/**\n * Provider for generating {@link EmailAuthCredential}.\n *\n * @public\n */\nexport class EmailAuthProvider implements AuthProvider {\n  /**\n   * Always set to {@link ProviderId}.PASSWORD, even for email link.\n   */\n  static readonly PROVIDER_ID: 'password' = ProviderId.PASSWORD;\n  /**\n   * Always set to {@link SignInMethod}.EMAIL_PASSWORD.\n   */\n  static readonly EMAIL_PASSWORD_SIGN_IN_METHOD: 'password' =\n    SignInMethod.EMAIL_PASSWORD;\n  /**\n   * Always set to {@link SignInMethod}.EMAIL_LINK.\n   */\n  static readonly EMAIL_LINK_SIGN_IN_METHOD: 'emailLink' =\n    SignInMethod.EMAIL_LINK;\n  /**\n   * Always set to {@link ProviderId}.PASSWORD, even for email link.\n   */\n  readonly providerId = EmailAuthProvider.PROVIDER_ID;\n\n  /**\n   * Initialize an {@link AuthCredential} using an email and password.\n   *\n   * @example\n   * ```javascript\n   * const authCredential = EmailAuthProvider.credential(email, password);\n   * const userCredential = await signInWithCredential(auth, authCredential);\n   * ```\n   *\n   * @example\n   * ```javascript\n   * const userCredential = await signInWithEmailAndPassword(auth, email, password);\n   * ```\n   *\n   * @param email - Email address.\n   * @param password - User account password.\n   * @returns The auth provider credential.\n   */\n  static credential(email: string, password: string): EmailAuthCredential {\n    return EmailAuthCredential._fromEmailAndPassword(email, password);\n  }\n\n  /**\n   * Initialize an {@link AuthCredential} using an email and an email link after a sign in with\n   * email link operation.\n   *\n   * @example\n   * ```javascript\n   * const authCredential = EmailAuthProvider.credentialWithLink(auth, email, emailLink);\n   * const userCredential = await signInWithCredential(auth, authCredential);\n   * ```\n   *\n   * @example\n   * ```javascript\n   * await sendSignInLinkToEmail(auth, email);\n   * // Obtain emailLink from user.\n   * const userCredential = await signInWithEmailLink(auth, email, emailLink);\n   * ```\n   *\n   * @param auth - The {@link Auth} instance used to verify the link.\n   * @param email - Email address.\n   * @param emailLink - Sign-in email link.\n   * @returns - The auth provider credential.\n   */\n  static credentialWithLink(\n    email: string,\n    emailLink: string\n  ): EmailAuthCredential {\n    const actionCodeUrl = ActionCodeURL.parseLink(emailLink);\n    _assert(actionCodeUrl, AuthErrorCode.ARGUMENT_ERROR);\n\n    return EmailAuthCredential._fromEmailAndCode(\n      email,\n      actionCodeUrl.code,\n      actionCodeUrl.tenantId\n    );\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthProvider } from '../../model/public_types';\n\n/**\n * Map of OAuth Custom Parameters.\n *\n * @public\n */\nexport type CustomParameters = Record<string, string>;\n\n/**\n * The base class for all Federated providers (OAuth (including OIDC), SAML).\n *\n * This class is not meant to be instantiated directly.\n *\n * @public\n */\nexport abstract class FederatedAuthProvider implements AuthProvider {\n  /** @internal */\n  defaultLanguageCode: string | null = null;\n  /** @internal */\n  private customParameters: CustomParameters = {};\n\n  /**\n   * Constructor for generic OAuth providers.\n   *\n   * @param providerId - Provider for which credentials should be generated.\n   */\n  constructor(readonly providerId: string) {}\n\n  /**\n   * Set the language gode.\n   *\n   * @param languageCode - language code\n   */\n  setDefaultLanguage(languageCode: string | null): void {\n    this.defaultLanguageCode = languageCode;\n  }\n\n  /**\n   * Sets the OAuth custom parameters to pass in an OAuth request for popup and redirect sign-in\n   * operations.\n   *\n   * @remarks\n   * For a detailed list, check the reserved required OAuth 2.0 parameters such as `client_id`,\n   * `redirect_uri`, `scope`, `response_type`, and `state` are not allowed and will be ignored.\n   *\n   * @param customOAuthParameters - The custom OAuth parameters to pass in the OAuth request.\n   */\n  setCustomParameters(customOAuthParameters: CustomParameters): AuthProvider {\n    this.customParameters = customOAuthParameters;\n    return this;\n  }\n\n  /**\n   * Retrieve the current list of {@link CustomParameters}.\n   */\n  getCustomParameters(): CustomParameters {\n    return this.customParameters;\n  }\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthProvider, UserCredential } from '../../model/public_types';\n\nimport { _assert } from '../util/assert';\nimport { AuthErrorCode } from '../errors';\n\nimport { OAuthCredential, OAuthCredentialParams } from '../credentials/oauth';\nimport { UserCredentialInternal } from '../../model/user';\nimport { FirebaseError } from '@firebase/util';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { SignInWithIdpResponse } from '../../../internal';\nimport { FederatedAuthProvider } from './federated';\n\n/**\n * Defines the options for initializing an {@link OAuthCredential}.\n *\n * @remarks\n * For ID tokens with nonce claim, the raw nonce has to also be provided.\n *\n * @public\n */\nexport interface OAuthCredentialOptions {\n  /**\n   * The OAuth ID token used to initialize the {@link OAuthCredential}.\n   */\n  idToken?: string;\n  /**\n   * The OAuth access token used to initialize the {@link OAuthCredential}.\n   */\n  accessToken?: string;\n  /**\n   * The raw nonce associated with the ID token.\n   *\n   * @remarks\n   * It is required when an ID token with a nonce field is provided. The SHA-256 hash of the\n   * raw nonce must match the nonce field in the ID token.\n   */\n  rawNonce?: string;\n}\n\n/**\n * Common code to all OAuth providers. This is separate from the\n * {@link OAuthProvider} so that child providers (like\n * {@link GoogleAuthProvider}) don't inherit the `credential` instance method.\n * Instead, they rely on a static `credential` method.\n */\nexport abstract class BaseOAuthProvider\n  extends FederatedAuthProvider\n  implements AuthProvider\n{\n  /** @internal */\n  private scopes: string[] = [];\n\n  /**\n   * Add an OAuth scope to the credential.\n   *\n   * @param scope - Provider OAuth scope to add.\n   */\n  addScope(scope: string): AuthProvider {\n    // If not already added, add scope to list.\n    if (!this.scopes.includes(scope)) {\n      this.scopes.push(scope);\n    }\n    return this;\n  }\n\n  /**\n   * Retrieve the current list of OAuth scopes.\n   */\n  getScopes(): string[] {\n    return [...this.scopes];\n  }\n}\n\n/**\n * Provider for generating generic {@link OAuthCredential}.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new OAuthProvider('google.com');\n * // Start a sign in process for an unauthenticated user.\n * provider.addScope('profile');\n * provider.addScope('email');\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a OAuth Access Token for the provider.\n *   const credential = provider.credentialFromResult(auth, result);\n *   const token = credential.accessToken;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new OAuthProvider('google.com');\n * provider.addScope('profile');\n * provider.addScope('email');\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a OAuth Access Token for the provider.\n * const credential = provider.credentialFromResult(auth, result);\n * const token = credential.accessToken;\n * ```\n * @public\n */\nexport class OAuthProvider extends BaseOAuthProvider {\n  /**\n   * Creates an {@link OAuthCredential} from a JSON string or a plain object.\n   * @param json - A plain object or a JSON string\n   */\n  static credentialFromJSON(json: object | string): OAuthCredential {\n    const obj = typeof json === 'string' ? JSON.parse(json) : json;\n    _assert(\n      'providerId' in obj && 'signInMethod' in obj,\n      AuthErrorCode.ARGUMENT_ERROR\n    );\n    return OAuthCredential._fromParams(obj);\n  }\n\n  /**\n   * Creates a {@link OAuthCredential} from a generic OAuth provider's access token or ID token.\n   *\n   * @remarks\n   * The raw nonce is required when an ID token with a nonce field is provided. The SHA-256 hash of\n   * the raw nonce must match the nonce field in the ID token.\n   *\n   * @example\n   * ```javascript\n   * // `googleUser` from the onsuccess Google Sign In callback.\n   * // Initialize a generate OAuth provider with a `google.com` providerId.\n   * const provider = new OAuthProvider('google.com');\n   * const credential = provider.credential({\n   *   idToken: googleUser.getAuthResponse().id_token,\n   * });\n   * const result = await signInWithCredential(credential);\n   * ```\n   *\n   * @param params - Either the options object containing the ID token, access token and raw nonce\n   * or the ID token string.\n   */\n  credential(params: OAuthCredentialOptions): OAuthCredential {\n    return this._credential({ ...params, nonce: params.rawNonce });\n  }\n\n  /** An internal credential method that accepts more permissive options */\n  private _credential(\n    params: Omit<OAuthCredentialParams, 'signInMethod' | 'providerId'>\n  ): OAuthCredential {\n    _assert(params.idToken || params.accessToken, AuthErrorCode.ARGUMENT_ERROR);\n    // For OAuthCredential, sign in method is same as providerId.\n    return OAuthCredential._fromParams({\n      ...params,\n      providerId: this.providerId,\n      signInMethod: this.providerId\n    });\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromResult(\n    userCredential: UserCredential\n  ): OAuthCredential | null {\n    return OAuthProvider.oauthCredentialFromTaggedObject(\n      userCredential as UserCredentialInternal\n    );\n  }\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n   * thrown during a sign-in, link, or reauthenticate operation.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromError(error: FirebaseError): OAuthCredential | null {\n    return OAuthProvider.oauthCredentialFromTaggedObject(\n      (error.customData || {}) as TaggedWithTokenResponse\n    );\n  }\n\n  private static oauthCredentialFromTaggedObject({\n    _tokenResponse: tokenResponse\n  }: TaggedWithTokenResponse): OAuthCredential | null {\n    if (!tokenResponse) {\n      return null;\n    }\n\n    const {\n      oauthIdToken,\n      oauthAccessToken,\n      oauthTokenSecret,\n      pendingToken,\n      nonce,\n      providerId\n    } = tokenResponse as SignInWithIdpResponse;\n    if (\n      !oauthAccessToken &&\n      !oauthTokenSecret &&\n      !oauthIdToken &&\n      !pendingToken\n    ) {\n      return null;\n    }\n\n    if (!providerId) {\n      return null;\n    }\n\n    try {\n      return new OAuthProvider(providerId)._credential({\n        idToken: oauthIdToken,\n        accessToken: oauthAccessToken,\n        nonce,\n        pendingToken\n      });\n    } catch (e) {\n      return null;\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential } from '../../model/public_types';\nimport { FirebaseError } from '@firebase/util';\n\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredentialInternal } from '../../model/user';\nimport { OAuthCredential } from '../credentials/oauth';\nimport { BaseOAuthProvider } from './oauth';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.FACEBOOK.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * // Start a sign in process for an unauthenticated user.\n * provider.addScope('user_birthday');\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a Facebook Access Token.\n *   const credential = FacebookAuthProvider.credentialFromResult(result);\n *   const token = credential.accessToken;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new FacebookAuthProvider();\n * provider.addScope('user_birthday');\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a Facebook Access Token.\n * const credential = FacebookAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * ```\n *\n * @public\n */\nexport class FacebookAuthProvider extends BaseOAuthProvider {\n  /** Always set to {@link SignInMethod}.FACEBOOK. */\n  static readonly FACEBOOK_SIGN_IN_METHOD: 'facebook.com' =\n    SignInMethod.FACEBOOK;\n  /** Always set to {@link ProviderId}.FACEBOOK. */\n  static readonly PROVIDER_ID: 'facebook.com' = ProviderId.FACEBOOK;\n\n  constructor() {\n    super(ProviderId.FACEBOOK);\n  }\n\n  /**\n   * Creates a credential for Facebook.\n   *\n   * @example\n   * ```javascript\n   * // `event` from the Facebook auth.authResponseChange callback.\n   * const credential = FacebookAuthProvider.credential(event.authResponse.accessToken);\n   * const result = await signInWithCredential(credential);\n   * ```\n   *\n   * @param accessToken - Facebook access token.\n   */\n  static credential(accessToken: string): OAuthCredential {\n    return OAuthCredential._fromParams({\n      providerId: FacebookAuthProvider.PROVIDER_ID,\n      signInMethod: FacebookAuthProvider.FACEBOOK_SIGN_IN_METHOD,\n      accessToken\n    });\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromResult(\n    userCredential: UserCredential\n  ): OAuthCredential | null {\n    return FacebookAuthProvider.credentialFromTaggedObject(\n      userCredential as UserCredentialInternal\n    );\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n   * thrown during a sign-in, link, or reauthenticate operation.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromError(error: FirebaseError): OAuthCredential | null {\n    return FacebookAuthProvider.credentialFromTaggedObject(\n      (error.customData || {}) as TaggedWithTokenResponse\n    );\n  }\n\n  private static credentialFromTaggedObject({\n    _tokenResponse: tokenResponse\n  }: TaggedWithTokenResponse): OAuthCredential | null {\n    if (!tokenResponse || !('oauthAccessToken' in tokenResponse)) {\n      return null;\n    }\n\n    if (!tokenResponse.oauthAccessToken) {\n      return null;\n    }\n\n    try {\n      return FacebookAuthProvider.credential(tokenResponse.oauthAccessToken);\n    } catch {\n      return null;\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential } from '../../model/public_types';\nimport { FirebaseError } from '@firebase/util';\n\nimport { SignInWithIdpResponse } from '../../api/authentication/idp';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredentialInternal } from '../../model/user';\nimport { OAuthCredential } from '../credentials/oauth';\nimport { BaseOAuthProvider } from './oauth';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an an {@link OAuthCredential} for {@link ProviderId}.GOOGLE.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new GoogleAuthProvider();\n * // Start a sign in process for an unauthenticated user.\n * provider.addScope('profile');\n * provider.addScope('email');\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a Google Access Token.\n *   const credential = GoogleAuthProvider.credentialFromResult(result);\n *   const token = credential.accessToken;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new GoogleAuthProvider();\n * provider.addScope('profile');\n * provider.addScope('email');\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a Google Access Token.\n * const credential = GoogleAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * ```\n *\n * @public\n */\nexport class GoogleAuthProvider extends BaseOAuthProvider {\n  /** Always set to {@link SignInMethod}.GOOGLE. */\n  static readonly GOOGLE_SIGN_IN_METHOD: 'google.com' = SignInMethod.GOOGLE;\n  /** Always set to {@link ProviderId}.GOOGLE. */\n  static readonly PROVIDER_ID: 'google.com' = ProviderId.GOOGLE;\n\n  constructor() {\n    super(ProviderId.GOOGLE);\n    this.addScope('profile');\n  }\n\n  /**\n   * Creates a credential for Google. At least one of ID token and access token is required.\n   *\n   * @example\n   * ```javascript\n   * // \\`googleUser\\` from the onsuccess Google Sign In callback.\n   * const credential = GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token);\n   * const result = await signInWithCredential(credential);\n   * ```\n   *\n   * @param idToken - Google ID token.\n   * @param accessToken - Google access token.\n   */\n  static credential(\n    idToken?: string | null,\n    accessToken?: string | null\n  ): OAuthCredential {\n    return OAuthCredential._fromParams({\n      providerId: GoogleAuthProvider.PROVIDER_ID,\n      signInMethod: GoogleAuthProvider.GOOGLE_SIGN_IN_METHOD,\n      idToken,\n      accessToken\n    });\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromResult(\n    userCredential: UserCredential\n  ): OAuthCredential | null {\n    return GoogleAuthProvider.credentialFromTaggedObject(\n      userCredential as UserCredentialInternal\n    );\n  }\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n   * thrown during a sign-in, link, or reauthenticate operation.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromError(error: FirebaseError): OAuthCredential | null {\n    return GoogleAuthProvider.credentialFromTaggedObject(\n      (error.customData || {}) as TaggedWithTokenResponse\n    );\n  }\n\n  private static credentialFromTaggedObject({\n    _tokenResponse: tokenResponse\n  }: TaggedWithTokenResponse): OAuthCredential | null {\n    if (!tokenResponse) {\n      return null;\n    }\n\n    const { oauthIdToken, oauthAccessToken } =\n      tokenResponse as SignInWithIdpResponse;\n    if (!oauthIdToken && !oauthAccessToken) {\n      // This could be an oauth 1 credential or a phone credential\n      return null;\n    }\n\n    try {\n      return GoogleAuthProvider.credential(oauthIdToken, oauthAccessToken);\n    } catch {\n      return null;\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential } from '../../model/public_types';\nimport { FirebaseError } from '@firebase/util';\n\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredentialInternal } from '../../model/user';\nimport { OAuthCredential } from '../credentials/oauth';\nimport { BaseOAuthProvider } from './oauth';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GITHUB.\n *\n * @remarks\n * GitHub requires an OAuth 2.0 redirect, so you can either handle the redirect directly, or use\n * the {@link signInWithPopup} handler:\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new GithubAuthProvider();\n * // Start a sign in process for an unauthenticated user.\n * provider.addScope('repo');\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a Github Access Token.\n *   const credential = GithubAuthProvider.credentialFromResult(result);\n *   const token = credential.accessToken;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new GithubAuthProvider();\n * provider.addScope('repo');\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a Github Access Token.\n * const credential = GithubAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * ```\n * @public\n */\nexport class GithubAuthProvider extends BaseOAuthProvider {\n  /** Always set to {@link SignInMethod}.GITHUB. */\n  static readonly GITHUB_SIGN_IN_METHOD: 'github.com' = SignInMethod.GITHUB;\n  /** Always set to {@link ProviderId}.GITHUB. */\n  static readonly PROVIDER_ID: 'github.com' = ProviderId.GITHUB;\n\n  constructor() {\n    super(ProviderId.GITHUB);\n  }\n\n  /**\n   * Creates a credential for Github.\n   *\n   * @param accessToken - Github access token.\n   */\n  static credential(accessToken: string): OAuthCredential {\n    return OAuthCredential._fromParams({\n      providerId: GithubAuthProvider.PROVIDER_ID,\n      signInMethod: GithubAuthProvider.GITHUB_SIGN_IN_METHOD,\n      accessToken\n    });\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromResult(\n    userCredential: UserCredential\n  ): OAuthCredential | null {\n    return GithubAuthProvider.credentialFromTaggedObject(\n      userCredential as UserCredentialInternal\n    );\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n   * thrown during a sign-in, link, or reauthenticate operation.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromError(error: FirebaseError): OAuthCredential | null {\n    return GithubAuthProvider.credentialFromTaggedObject(\n      (error.customData || {}) as TaggedWithTokenResponse\n    );\n  }\n\n  private static credentialFromTaggedObject({\n    _tokenResponse: tokenResponse\n  }: TaggedWithTokenResponse): OAuthCredential | null {\n    if (!tokenResponse || !('oauthAccessToken' in tokenResponse)) {\n      return null;\n    }\n\n    if (!tokenResponse.oauthAccessToken) {\n      return null;\n    }\n\n    try {\n      return GithubAuthProvider.credential(tokenResponse.oauthAccessToken);\n    } catch {\n      return null;\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/**\n * Represents the SAML credentials returned by an {@link SAMLAuthProvider}.\n *\n * @public\n */\n\nimport {\n  signInWithIdp,\n  SignInWithIdpRequest\n} from '../../api/authentication/idp';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthCredential } from './auth_credential';\n\nconst IDP_REQUEST_URI = 'http://localhost';\n\n/**\n * @public\n */\nexport class SAMLAuthCredential extends AuthCredential {\n  /** @internal */\n  private constructor(\n    providerId: string,\n    private readonly pendingToken: string\n  ) {\n    super(providerId, providerId);\n  }\n\n  /** @internal */\n  _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse> {\n    const request = this.buildRequest();\n    return signInWithIdp(auth, request);\n  }\n\n  /** @internal */\n  _linkToIdToken(\n    auth: AuthInternal,\n    idToken: string\n  ): Promise<IdTokenResponse> {\n    const request = this.buildRequest();\n    request.idToken = idToken;\n    return signInWithIdp(auth, request);\n  }\n\n  /** @internal */\n  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n    const request = this.buildRequest();\n    request.autoCreate = false;\n    return signInWithIdp(auth, request);\n  }\n\n  /** {@inheritdoc AuthCredential.toJSON}  */\n  toJSON(): object {\n    return {\n      signInMethod: this.signInMethod,\n      providerId: this.providerId,\n      pendingToken: this.pendingToken\n    };\n  }\n\n  /**\n   * Static method to deserialize a JSON representation of an object into an\n   * {@link  AuthCredential}.\n   *\n   * @param json - Input can be either Object or the stringified representation of the object.\n   * When string is provided, JSON.parse would be called first.\n   *\n   * @returns If the JSON input does not represent an {@link  AuthCredential}, null is returned.\n   */\n  static fromJSON(json: string | object): SAMLAuthCredential | null {\n    const obj = typeof json === 'string' ? JSON.parse(json) : json;\n    const { providerId, signInMethod, pendingToken }: Record<string, string> =\n      obj;\n    if (\n      !providerId ||\n      !signInMethod ||\n      !pendingToken ||\n      providerId !== signInMethod\n    ) {\n      return null;\n    }\n\n    return new SAMLAuthCredential(providerId, pendingToken);\n  }\n\n  /**\n   * Helper static method to avoid exposing the constructor to end users.\n   *\n   * @internal\n   */\n  static _create(providerId: string, pendingToken: string): SAMLAuthCredential {\n    return new SAMLAuthCredential(providerId, pendingToken);\n  }\n\n  private buildRequest(): SignInWithIdpRequest {\n    return {\n      requestUri: IDP_REQUEST_URI,\n      returnSecureToken: true,\n      pendingToken: this.pendingToken\n    };\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\nimport { SignInWithIdpResponse } from '../../api/authentication/idp';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredential } from '../../model/public_types';\nimport { UserCredentialInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { SAMLAuthCredential } from '../credentials/saml';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { FederatedAuthProvider } from './federated';\n\nconst SAML_PROVIDER_PREFIX = 'saml.';\n\n/**\n * An {@link AuthProvider} for SAML.\n *\n * @public\n */\nexport class SAMLAuthProvider extends FederatedAuthProvider {\n  /**\n   * Constructor. The providerId must start with \"saml.\"\n   * @param providerId - SAML provider ID.\n   */\n  constructor(providerId: string) {\n    _assert(\n      providerId.startsWith(SAML_PROVIDER_PREFIX),\n      AuthErrorCode.ARGUMENT_ERROR\n    );\n    super(providerId);\n  }\n\n  /**\n   * Generates an {@link AuthCredential} from a {@link UserCredential} after a\n   * successful SAML flow completes.\n   *\n   * @remarks\n   *\n   * For example, to get an {@link AuthCredential}, you could write the\n   * following code:\n   *\n   * ```js\n   * const userCredential = await signInWithPopup(auth, samlProvider);\n   * const credential = SAMLAuthProvider.credentialFromResult(userCredential);\n   * ```\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromResult(\n    userCredential: UserCredential\n  ): AuthCredential | null {\n    return SAMLAuthProvider.samlCredentialFromTaggedObject(\n      userCredential as UserCredentialInternal\n    );\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n   * thrown during a sign-in, link, or reauthenticate operation.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromError(error: FirebaseError): AuthCredential | null {\n    return SAMLAuthProvider.samlCredentialFromTaggedObject(\n      (error.customData || {}) as TaggedWithTokenResponse\n    );\n  }\n\n  /**\n   * Creates an {@link AuthCredential} from a JSON string or a plain object.\n   * @param json - A plain object or a JSON string\n   */\n  static credentialFromJSON(json: string | object): AuthCredential {\n    const credential = SAMLAuthCredential.fromJSON(json);\n    _assert(credential, AuthErrorCode.ARGUMENT_ERROR);\n    return credential;\n  }\n\n  private static samlCredentialFromTaggedObject({\n    _tokenResponse: tokenResponse\n  }: TaggedWithTokenResponse): SAMLAuthCredential | null {\n    if (!tokenResponse) {\n      return null;\n    }\n\n    const { pendingToken, providerId } = tokenResponse as SignInWithIdpResponse;\n\n    if (!pendingToken || !providerId) {\n      return null;\n    }\n\n    try {\n      return SAMLAuthCredential._create(providerId, pendingToken);\n    } catch (e) {\n      return null;\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/**\n * @license\n * Copyright 2020 Twitter LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential } from '../../model/public_types';\nimport { FirebaseError } from '@firebase/util';\n\nimport { SignInWithIdpResponse } from '../../api/authentication/idp';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredentialInternal } from '../../model/user';\nimport { OAuthCredential } from '../credentials/oauth';\nimport { BaseOAuthProvider } from './oauth';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.TWITTER.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new TwitterAuthProvider();\n * // Start a sign in process for an unauthenticated user.\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a Twitter Access Token and Secret.\n *   const credential = TwitterAuthProvider.credentialFromResult(result);\n *   const token = credential.accessToken;\n *   const secret = credential.secret;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new TwitterAuthProvider();\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a Twitter Access Token and Secret.\n * const credential = TwitterAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * const secret = credential.secret;\n * ```\n *\n * @public\n */\nexport class TwitterAuthProvider extends BaseOAuthProvider {\n  /** Always set to {@link SignInMethod}.TWITTER. */\n  static readonly TWITTER_SIGN_IN_METHOD: 'twitter.com' = SignInMethod.TWITTER;\n  /** Always set to {@link ProviderId}.TWITTER. */\n  static readonly PROVIDER_ID: 'twitter.com' = ProviderId.TWITTER;\n\n  constructor() {\n    super(ProviderId.TWITTER);\n  }\n\n  /**\n   * Creates a credential for Twitter.\n   *\n   * @param token - Twitter access token.\n   * @param secret - Twitter secret.\n   */\n  static credential(token: string, secret: string): OAuthCredential {\n    return OAuthCredential._fromParams({\n      providerId: TwitterAuthProvider.PROVIDER_ID,\n      signInMethod: TwitterAuthProvider.TWITTER_SIGN_IN_METHOD,\n      oauthToken: token,\n      oauthTokenSecret: secret\n    });\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromResult(\n    userCredential: UserCredential\n  ): OAuthCredential | null {\n    return TwitterAuthProvider.credentialFromTaggedObject(\n      userCredential as UserCredentialInternal\n    );\n  }\n\n  /**\n   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n   * thrown during a sign-in, link, or reauthenticate operation.\n   *\n   * @param userCredential - The user credential.\n   */\n  static credentialFromError(error: FirebaseError): OAuthCredential | null {\n    return TwitterAuthProvider.credentialFromTaggedObject(\n      (error.customData || {}) as TaggedWithTokenResponse\n    );\n  }\n\n  private static credentialFromTaggedObject({\n    _tokenResponse: tokenResponse\n  }: TaggedWithTokenResponse): OAuthCredential | null {\n    if (!tokenResponse) {\n      return null;\n    }\n    const { oauthAccessToken, oauthTokenSecret } =\n      tokenResponse as SignInWithIdpResponse;\n    if (!oauthAccessToken || !oauthTokenSecret) {\n      return null;\n    }\n\n    try {\n      return TwitterAuthProvider.credential(oauthAccessToken, oauthTokenSecret);\n    } catch {\n      return null;\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Endpoint,\n  HttpMethod,\n  RecaptchaClientType,\n  RecaptchaVersion,\n  _addTidIfNecessary,\n  _performSignInRequest\n} from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface SignUpRequest {\n  returnSecureToken?: boolean;\n  email?: string;\n  password?: string;\n  tenantId?: string;\n  captchaResponse?: string;\n  clientType?: RecaptchaClientType;\n  recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface SignUpResponse extends IdTokenResponse {\n  displayName?: string;\n  email?: string;\n}\n\nexport async function signUp(\n  auth: Auth,\n  request: SignUpRequest\n): Promise<SignUpResponse> {\n  return _performSignInRequest<SignUpRequest, SignUpResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_UP,\n    _addTidIfNecessary(auth, request)\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { UserImpl } from './user_impl';\nimport { AuthInternal } from '../../model/auth';\nimport { OperationType, ProviderId } from '../../model/enums';\n\ninterface UserCredentialParams {\n  readonly user: UserInternal;\n  readonly providerId: ProviderId | string | null;\n  readonly _tokenResponse?: PhoneOrOauthTokenResponse;\n  readonly operationType: OperationType;\n}\n\nexport class UserCredentialImpl\n  implements UserCredentialInternal, UserCredentialParams\n{\n  readonly user: UserInternal;\n  readonly providerId: ProviderId | string | null;\n  readonly _tokenResponse: PhoneOrOauthTokenResponse | undefined;\n  readonly operationType: OperationType;\n\n  constructor(params: UserCredentialParams) {\n    this.user = params.user;\n    this.providerId = params.providerId;\n    this._tokenResponse = params._tokenResponse;\n    this.operationType = params.operationType;\n  }\n\n  static async _fromIdTokenResponse(\n    auth: AuthInternal,\n    operationType: OperationType,\n    idTokenResponse: IdTokenResponse,\n    isAnonymous: boolean = false\n  ): Promise<UserCredentialInternal> {\n    const user = await UserImpl._fromIdTokenResponse(\n      auth,\n      idTokenResponse,\n      isAnonymous\n    );\n    const providerId = providerIdForResponse(idTokenResponse);\n    const userCred = new UserCredentialImpl({\n      user,\n      providerId,\n      _tokenResponse: idTokenResponse,\n      operationType\n    });\n    return userCred;\n  }\n\n  static async _forOperation(\n    user: UserInternal,\n    operationType: OperationType,\n    response: PhoneOrOauthTokenResponse\n  ): Promise<UserCredentialImpl> {\n    await user._updateTokensIfNecessary(response, /* reload */ true);\n    const providerId = providerIdForResponse(response);\n    return new UserCredentialImpl({\n      user,\n      providerId,\n      _tokenResponse: response,\n      operationType\n    });\n  }\n}\n\nfunction providerIdForResponse(\n  response: IdTokenResponse\n): ProviderId | string | null {\n  if (response.providerId) {\n    return response.providerId;\n  }\n\n  if ('phoneNumber' in response) {\n    return ProviderId.PHONE;\n  }\n\n  return null;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Auth, UserCredential } from '../../model/public_types';\nimport { signUp } from '../../api/authentication/sign_up';\nimport { UserInternal } from '../../model/user';\nimport { UserCredentialImpl } from '../user/user_credential_impl';\nimport { _castAuth } from '../auth/auth_impl';\nimport { OperationType } from '../../model/enums';\n\n/**\n * Asynchronously signs in as an anonymous user.\n *\n * @remarks\n * If there is already an anonymous user signed in, that user will be returned; otherwise, a\n * new anonymous user identity will be created and returned.\n *\n * @param auth - The {@link Auth} instance.\n *\n * @public\n */\nexport async function signInAnonymously(auth: Auth): Promise<UserCredential> {\n  const authInternal = _castAuth(auth);\n  await authInternal._initializationPromise;\n  if (authInternal.currentUser?.isAnonymous) {\n    // If an anonymous user is already signed in, no need to sign them in again.\n    return new UserCredentialImpl({\n      user: authInternal.currentUser as UserInternal,\n      providerId: null,\n      operationType: OperationType.SIGN_IN\n    });\n  }\n  const response = await signUp(authInternal, {\n    returnSecureToken: true\n  });\n  const userCredential = await UserCredentialImpl._fromIdTokenResponse(\n    authInternal,\n    OperationType.SIGN_IN,\n    response,\n    true\n  );\n  await authInternal._updateCurrentUser(userCredential.user);\n  return userCredential;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { MultiFactorError as MultiFactorErrorPublic } from '../model/public_types';\nimport { FirebaseError } from '@firebase/util';\nimport { AuthInternal } from '../model/auth';\nimport { IdTokenResponse } from '../model/id_token';\nimport { AuthErrorCode } from '../core/errors';\nimport { UserInternal } from '../model/user';\nimport { AuthCredential } from '../core/credentials';\nimport { IdTokenMfaResponse } from '../api/authentication/mfa';\nimport { OperationType } from '../model/enums';\n\nexport type MultiFactorErrorData = MultiFactorErrorPublic['customData'] & {\n  _serverResponse: IdTokenMfaResponse;\n};\n\nexport class MultiFactorError\n  extends FirebaseError\n  implements MultiFactorErrorPublic\n{\n  readonly customData: MultiFactorErrorData;\n\n  private constructor(\n    auth: AuthInternal,\n    error: FirebaseError,\n    readonly operationType: OperationType,\n    readonly user?: UserInternal\n  ) {\n    super(error.code, error.message);\n    // https://github.com/Microsoft/TypeScript-wiki/blob/master/Breaking-Changes.md#extending-built-ins-like-error-array-and-map-may-no-longer-work\n    Object.setPrototypeOf(this, MultiFactorError.prototype);\n    this.customData = {\n      appName: auth.name,\n      tenantId: auth.tenantId ?? undefined,\n      _serverResponse: error.customData!._serverResponse as IdTokenMfaResponse,\n      operationType\n    };\n  }\n\n  static _fromErrorAndOperation(\n    auth: AuthInternal,\n    error: FirebaseError,\n    operationType: OperationType,\n    user?: UserInternal\n  ): MultiFactorError {\n    return new MultiFactorError(auth, error, operationType, user);\n  }\n}\n\nexport function _processCredentialSavingMfaContextIfNecessary(\n  auth: AuthInternal,\n  operationType: OperationType,\n  credential: AuthCredential,\n  user?: UserInternal\n): Promise<IdTokenResponse> {\n  const idTokenProvider =\n    operationType === OperationType.REAUTHENTICATE\n      ? credential._getReauthenticationResolver(auth)\n      : credential._getIdTokenResponse(auth);\n\n  return idTokenProvider.catch(error => {\n    if (error.code === `auth/${AuthErrorCode.MFA_REQUIRED}`) {\n      throw MultiFactorError._fromErrorAndOperation(\n        auth,\n        error,\n        operationType,\n        user\n      );\n    }\n\n    throw error;\n  });\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport interface ProviderAssociatedObject {\n  providerId?: string;\n}\n\n/**\n * Takes a set of UserInfo provider data and converts it to a set of names\n */\nexport function providerDataAsNames<T extends ProviderAssociatedObject>(\n  providerData: T[]\n): Set<string> {\n  return new Set(\n    providerData\n      .map(({ providerId }) => providerId)\n      .filter(pid => !!pid) as string[]\n  );\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { User } from '../../model/public_types';\n\nimport { deleteLinkedAccounts } from '../../api/account_management/account';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { providerDataAsNames } from '../util/providers';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { _reloadWithoutSaving } from './reload';\nimport { UserCredentialImpl } from './user_credential_impl';\nimport { getModularInstance } from '@firebase/util';\nimport { OperationType, ProviderId } from '../../model/enums';\n\n/**\n * Unlinks a provider from a user account.\n *\n * @param user - The user.\n * @param providerId - The provider to unlink.\n *\n * @public\n */\nexport async function unlink(user: User, providerId: string): Promise<User> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  await _assertLinkedStatus(true, userInternal, providerId);\n  const { providerUserInfo } = await deleteLinkedAccounts(userInternal.auth, {\n    idToken: await userInternal.getIdToken(),\n    deleteProvider: [providerId]\n  });\n\n  const providersLeft = providerDataAsNames(providerUserInfo || []);\n\n  userInternal.providerData = userInternal.providerData.filter(pd =>\n    providersLeft.has(pd.providerId)\n  );\n  if (!providersLeft.has(ProviderId.PHONE)) {\n    userInternal.phoneNumber = null;\n  }\n\n  await userInternal.auth._persistUserIfCurrent(userInternal);\n  return userInternal;\n}\n\nexport async function _link(\n  user: UserInternal,\n  credential: AuthCredential,\n  bypassAuthState = false\n): Promise<UserCredentialInternal> {\n  const response = await _logoutIfInvalidated(\n    user,\n    credential._linkToIdToken(user.auth, await user.getIdToken()),\n    bypassAuthState\n  );\n  return UserCredentialImpl._forOperation(user, OperationType.LINK, response);\n}\n\nexport async function _assertLinkedStatus(\n  expected: boolean,\n  user: UserInternal,\n  provider: string\n): Promise<void> {\n  await _reloadWithoutSaving(user);\n  const providerIds = providerDataAsNames(user.providerData);\n\n  const code =\n    expected === false\n      ? AuthErrorCode.PROVIDER_ALREADY_LINKED\n      : AuthErrorCode.NO_SUCH_PROVIDER;\n  _assert(providerIds.has(provider) === expected, user.auth, code);\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\nimport { _processCredentialSavingMfaContextIfNecessary } from '../../mfa/mfa_error';\nimport { OperationType } from '../../model/enums';\nimport { UserInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { AuthErrorCode } from '../errors';\nimport { _assert, _fail } from '../util/assert';\nimport { _parseToken } from './id_token_result';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { UserCredentialImpl } from './user_credential_impl';\n\nexport async function _reauthenticate(\n  user: UserInternal,\n  credential: AuthCredential,\n  bypassAuthState = false\n): Promise<UserCredentialImpl> {\n  const { auth } = user;\n  const operationType = OperationType.REAUTHENTICATE;\n\n  try {\n    const response = await _logoutIfInvalidated(\n      user,\n      _processCredentialSavingMfaContextIfNecessary(\n        auth,\n        operationType,\n        credential,\n        user\n      ),\n      bypassAuthState\n    );\n    _assert(response.idToken, auth, AuthErrorCode.INTERNAL_ERROR);\n    const parsed = _parseToken(response.idToken);\n    _assert(parsed, auth, AuthErrorCode.INTERNAL_ERROR);\n\n    const { sub: localId } = parsed;\n    _assert(user.uid === localId, auth, AuthErrorCode.USER_MISMATCH);\n\n    return UserCredentialImpl._forOperation(user, operationType, response);\n  } catch (e) {\n    // Convert user deleted error into user mismatch\n    if ((e as FirebaseError)?.code === `auth/${AuthErrorCode.USER_DELETED}`) {\n      _fail(auth, AuthErrorCode.USER_MISMATCH);\n    }\n    throw e;\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential, Auth, User } from '../../model/public_types';\n\nimport { _processCredentialSavingMfaContextIfNecessary } from '../../mfa/mfa_error';\nimport { AuthInternal } from '../../model/auth';\nimport { UserInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { _assertLinkedStatus, _link } from '../user/link_unlink';\nimport { _reauthenticate } from '../user/reauthenticate';\nimport { UserCredentialImpl } from '../user/user_credential_impl';\nimport { _castAuth } from '../auth/auth_impl';\nimport { getModularInstance } from '@firebase/util';\nimport { OperationType } from '../../model/enums';\n\nexport async function _signInWithCredential(\n  auth: AuthInternal,\n  credential: AuthCredential,\n  bypassAuthState = false\n): Promise<UserCredential> {\n  const operationType = OperationType.SIGN_IN;\n  const response = await _processCredentialSavingMfaContextIfNecessary(\n    auth,\n    operationType,\n    credential\n  );\n  const userCredential = await UserCredentialImpl._fromIdTokenResponse(\n    auth,\n    operationType,\n    response\n  );\n\n  if (!bypassAuthState) {\n    await auth._updateCurrentUser(userCredential.user);\n  }\n  return userCredential;\n}\n\n/**\n * Asynchronously signs in with the given credentials.\n *\n * @remarks\n * An {@link AuthProvider} can be used to generate the credential.\n *\n * @param auth - The {@link Auth} instance.\n * @param credential - The auth credential.\n *\n * @public\n */\nexport async function signInWithCredential(\n  auth: Auth,\n  credential: AuthCredential\n): Promise<UserCredential> {\n  return _signInWithCredential(_castAuth(auth), credential);\n}\n\n/**\n * Links the user account with the given credentials.\n *\n * @remarks\n * An {@link AuthProvider} can be used to generate the credential.\n *\n * @param user - The user.\n * @param credential - The auth credential.\n *\n * @public\n */\nexport async function linkWithCredential(\n  user: User,\n  credential: AuthCredential\n): Promise<UserCredential> {\n  const userInternal = getModularInstance(user) as UserInternal;\n\n  await _assertLinkedStatus(false, userInternal, credential.providerId);\n\n  return _link(userInternal, credential);\n}\n\n/**\n * Re-authenticates a user using a fresh credential.\n *\n * @remarks\n * Use before operations such as {@link updatePassword} that require tokens from recent sign-in\n * attempts. This method can be used to recover from a `CREDENTIAL_TOO_OLD_LOGIN_AGAIN` error\n * or a `TOKEN_EXPIRED` error.\n *\n * @param user - The user.\n * @param credential - The auth credential.\n *\n * @public\n */\nexport async function reauthenticateWithCredential(\n  user: User,\n  credential: AuthCredential\n): Promise<UserCredential> {\n  return _reauthenticate(getModularInstance(user) as UserInternal, credential);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Auth, UserCredential } from '../../model/public_types';\n\nimport { signInWithCustomToken as getIdTokenResponse } from '../../api/authentication/custom_token';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { UserCredentialImpl } from '../user/user_credential_impl';\nimport { _castAuth } from '../auth/auth_impl';\nimport { OperationType } from '../../model/enums';\n\n/**\n * Asynchronously signs in using a custom token.\n *\n * @remarks\n * Custom tokens are used to integrate Firebase Auth with existing auth systems, and must\n * be generated by an auth backend using the\n * {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#createcustomtoken | createCustomToken}\n * method in the {@link https://firebase.google.com/docs/auth/admin | Admin SDK} .\n *\n * Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.\n *\n * @param auth - The {@link Auth} instance.\n * @param customToken - The custom token to sign in with.\n *\n * @public\n */\nexport async function signInWithCustomToken(\n  auth: Auth,\n  customToken: string\n): Promise<UserCredential> {\n  const authInternal = _castAuth(auth);\n  const response: IdTokenResponse = await getIdTokenResponse(authInternal, {\n    token: customToken,\n    returnSecureToken: true\n  });\n  const cred = await UserCredentialImpl._fromIdTokenResponse(\n    authInternal,\n    OperationType.SIGN_IN,\n    response\n  );\n  await authInternal._updateCurrentUser(cred.user);\n  return cred;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Endpoint,\n  HttpMethod,\n  _addTidIfNecessary,\n  _performSignInRequest\n} from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface SignInWithCustomTokenRequest {\n  token: string;\n  returnSecureToken: boolean;\n  tenantId?: string;\n}\n\nexport interface SignInWithCustomTokenResponse extends IdTokenResponse {}\n\nexport async function signInWithCustomToken(\n  auth: Auth,\n  request: SignInWithCustomTokenRequest\n): Promise<SignInWithCustomTokenResponse> {\n  return _performSignInRequest<\n    SignInWithCustomTokenRequest,\n    SignInWithCustomTokenResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SIGN_IN_WITH_CUSTOM_TOKEN,\n    _addTidIfNecessary(auth, request)\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  FactorId,\n  MultiFactorInfo,\n  PhoneMultiFactorInfo,\n  TotpMultiFactorInfo\n} from '../model/public_types';\nimport {\n  PhoneMfaEnrollment,\n  MfaEnrollment,\n  TotpMfaEnrollment\n} from '../api/account_management/mfa';\nimport { AuthErrorCode } from '../core/errors';\nimport { _fail } from '../core/util/assert';\nimport { AuthInternal } from '../model/auth';\n\nexport abstract class MultiFactorInfoImpl implements MultiFactorInfo {\n  readonly uid: string;\n  readonly displayName?: string | null;\n  readonly enrollmentTime: string;\n\n  protected constructor(readonly factorId: FactorId, response: MfaEnrollment) {\n    this.uid = response.mfaEnrollmentId;\n    this.enrollmentTime = new Date(response.enrolledAt).toUTCString();\n    this.displayName = response.displayName;\n  }\n\n  static _fromServerResponse(\n    auth: AuthInternal,\n    enrollment: MfaEnrollment\n  ): MultiFactorInfoImpl {\n    if ('phoneInfo' in enrollment) {\n      return PhoneMultiFactorInfoImpl._fromServerResponse(auth, enrollment);\n    } else if ('totpInfo' in enrollment) {\n      return TotpMultiFactorInfoImpl._fromServerResponse(auth, enrollment);\n    }\n    return _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n  }\n}\n\nexport class PhoneMultiFactorInfoImpl\n  extends MultiFactorInfoImpl\n  implements PhoneMultiFactorInfo\n{\n  readonly phoneNumber: string;\n\n  private constructor(response: PhoneMfaEnrollment) {\n    super(FactorId.PHONE, response);\n    this.phoneNumber = response.phoneInfo;\n  }\n\n  static _fromServerResponse(\n    _auth: AuthInternal,\n    enrollment: MfaEnrollment\n  ): PhoneMultiFactorInfoImpl {\n    return new PhoneMultiFactorInfoImpl(enrollment as PhoneMfaEnrollment);\n  }\n}\nexport class TotpMultiFactorInfoImpl\n  extends MultiFactorInfoImpl\n  implements TotpMultiFactorInfo\n{\n  private constructor(response: TotpMfaEnrollment) {\n    super(FactorId.TOTP, response);\n  }\n\n  static _fromServerResponse(\n    _auth: AuthInternal,\n    enrollment: MfaEnrollment\n  ): TotpMultiFactorInfoImpl {\n    return new TotpMultiFactorInfoImpl(enrollment as TotpMfaEnrollment);\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ActionCodeSettings, Auth } from '../../model/public_types';\n\nimport { GetOobCodeRequest } from '../../api/authentication/email_and_password';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\n\nexport function _setActionCodeSettingsOnRequest(\n  auth: Auth,\n  request: GetOobCodeRequest,\n  actionCodeSettings: ActionCodeSettings\n): void {\n  _assert(\n    actionCodeSettings.url?.length > 0,\n    auth,\n    AuthErrorCode.INVALID_CONTINUE_URI\n  );\n  _assert(\n    typeof actionCodeSettings.dynamicLinkDomain === 'undefined' ||\n      actionCodeSettings.dynamicLinkDomain.length > 0,\n    auth,\n    AuthErrorCode.INVALID_DYNAMIC_LINK_DOMAIN\n  );\n\n  request.continueUrl = actionCodeSettings.url;\n  request.dynamicLinkDomain = actionCodeSettings.dynamicLinkDomain;\n  request.canHandleCodeInApp = actionCodeSettings.handleCodeInApp;\n\n  if (actionCodeSettings.iOS) {\n    _assert(\n      actionCodeSettings.iOS.bundleId.length > 0,\n      auth,\n      AuthErrorCode.MISSING_IOS_BUNDLE_ID\n    );\n    request.iOSBundleId = actionCodeSettings.iOS.bundleId;\n  }\n\n  if (actionCodeSettings.android) {\n    _assert(\n      actionCodeSettings.android.packageName.length > 0,\n      auth,\n      AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME\n    );\n    request.androidInstallApp = actionCodeSettings.android.installApp;\n    request.androidMinimumVersionCode =\n      actionCodeSettings.android.minimumVersion;\n    request.androidPackageName = actionCodeSettings.android.packageName;\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  ActionCodeInfo,\n  ActionCodeOperation,\n  ActionCodeSettings,\n  Auth,\n  UserCredential\n} from '../../model/public_types';\n\nimport * as account from '../../api/account_management/email_and_password';\nimport * as authentication from '../../api/authentication/email_and_password';\nimport { signUp, SignUpRequest } from '../../api/authentication/sign_up';\nimport { MultiFactorInfoImpl } from '../../mfa/mfa_info';\nimport { EmailAuthProvider } from '../providers/email';\nimport { UserCredentialImpl } from '../user/user_credential_impl';\nimport { _assert } from '../util/assert';\nimport { _setActionCodeSettingsOnRequest } from './action_code_settings';\nimport { signInWithCredential } from './credential';\nimport { _castAuth } from '../auth/auth_impl';\nimport { AuthErrorCode } from '../errors';\nimport { getModularInstance } from '@firebase/util';\nimport { OperationType } from '../../model/enums';\nimport { injectRecaptchaFields } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { RecaptchaActionName, RecaptchaClientType } from '../../api';\n\n/**\n * Sends a password reset email to the given email address.\n *\n * @remarks\n * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in\n * the email sent to the user, along with the new password specified by the user.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n *   url: 'https://www.example.com/?email=user@example.com',\n *   iOS: {\n *      bundleId: 'com.example.ios'\n *   },\n *   android: {\n *     packageName: 'com.example.android',\n *     installApp: true,\n *     minimumVersion: '12'\n *   },\n *   handleCodeInApp: true\n * };\n * await sendPasswordResetEmail(auth, 'user@example.com', actionCodeSettings);\n * // Obtain code from user.\n * await confirmPasswordReset('user@example.com', code);\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The user's email address.\n * @param actionCodeSettings - The {@link ActionCodeSettings}.\n *\n * @public\n */\nexport async function sendPasswordResetEmail(\n  auth: Auth,\n  email: string,\n  actionCodeSettings?: ActionCodeSettings\n): Promise<void> {\n  const authInternal = _castAuth(auth);\n  const request: authentication.PasswordResetRequest = {\n    requestType: ActionCodeOperation.PASSWORD_RESET,\n    email,\n    clientType: RecaptchaClientType.WEB\n  };\n  if (authInternal._getRecaptchaConfig()?.emailPasswordEnabled) {\n    const requestWithRecaptcha = await injectRecaptchaFields(\n      authInternal,\n      request,\n      RecaptchaActionName.GET_OOB_CODE,\n      true\n    );\n    if (actionCodeSettings) {\n      _setActionCodeSettingsOnRequest(\n        authInternal,\n        requestWithRecaptcha,\n        actionCodeSettings\n      );\n    }\n    await authentication.sendPasswordResetEmail(\n      authInternal,\n      requestWithRecaptcha\n    );\n  } else {\n    if (actionCodeSettings) {\n      _setActionCodeSettingsOnRequest(\n        authInternal,\n        request,\n        actionCodeSettings\n      );\n    }\n    await authentication\n      .sendPasswordResetEmail(authInternal, request)\n      .catch(async error => {\n        if (error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`) {\n          console.log(\n            'Password resets are protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the password reset flow.'\n          );\n          const requestWithRecaptcha = await injectRecaptchaFields(\n            authInternal,\n            request,\n            RecaptchaActionName.GET_OOB_CODE,\n            true\n          );\n          if (actionCodeSettings) {\n            _setActionCodeSettingsOnRequest(\n              authInternal,\n              requestWithRecaptcha,\n              actionCodeSettings\n            );\n          }\n          await authentication.sendPasswordResetEmail(\n            authInternal,\n            requestWithRecaptcha\n          );\n        } else {\n          return Promise.reject(error);\n        }\n      });\n  }\n}\n\n/**\n * Completes the password reset process, given a confirmation code and new password.\n *\n * @param auth - The {@link Auth} instance.\n * @param oobCode - A confirmation code sent to the user.\n * @param newPassword - The new password.\n *\n * @public\n */\nexport async function confirmPasswordReset(\n  auth: Auth,\n  oobCode: string,\n  newPassword: string\n): Promise<void> {\n  await account.resetPassword(getModularInstance(auth), {\n    oobCode,\n    newPassword\n  });\n  // Do not return the email.\n}\n\n/**\n * Applies a verification code sent to the user by email or other out-of-band mechanism.\n *\n * @param auth - The {@link Auth} instance.\n * @param oobCode - A verification code sent to the user.\n *\n * @public\n */\nexport async function applyActionCode(\n  auth: Auth,\n  oobCode: string\n): Promise<void> {\n  await account.applyActionCode(getModularInstance(auth), { oobCode });\n}\n\n/**\n * Checks a verification code sent to the user by email or other out-of-band mechanism.\n *\n * @returns metadata about the code.\n *\n * @param auth - The {@link Auth} instance.\n * @param oobCode - A verification code sent to the user.\n *\n * @public\n */\nexport async function checkActionCode(\n  auth: Auth,\n  oobCode: string\n): Promise<ActionCodeInfo> {\n  const authModular = getModularInstance(auth);\n  const response = await account.resetPassword(authModular, { oobCode });\n\n  // Email could be empty only if the request type is EMAIL_SIGNIN or\n  // VERIFY_AND_CHANGE_EMAIL.\n  // New email should not be empty if the request type is\n  // VERIFY_AND_CHANGE_EMAIL.\n  // Multi-factor info could not be empty if the request type is\n  // REVERT_SECOND_FACTOR_ADDITION.\n  const operation = response.requestType;\n  _assert(operation, authModular, AuthErrorCode.INTERNAL_ERROR);\n  switch (operation) {\n    case ActionCodeOperation.EMAIL_SIGNIN:\n      break;\n    case ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL:\n      _assert(response.newEmail, authModular, AuthErrorCode.INTERNAL_ERROR);\n      break;\n    case ActionCodeOperation.REVERT_SECOND_FACTOR_ADDITION:\n      _assert(response.mfaInfo, authModular, AuthErrorCode.INTERNAL_ERROR);\n    // fall through\n    default:\n      _assert(response.email, authModular, AuthErrorCode.INTERNAL_ERROR);\n  }\n\n  // The multi-factor info for revert second factor addition\n  let multiFactorInfo: MultiFactorInfoImpl | null = null;\n  if (response.mfaInfo) {\n    multiFactorInfo = MultiFactorInfoImpl._fromServerResponse(\n      _castAuth(authModular),\n      response.mfaInfo\n    );\n  }\n\n  return {\n    data: {\n      email:\n        (response.requestType === ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL\n          ? response.newEmail\n          : response.email) || null,\n      previousEmail:\n        (response.requestType === ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL\n          ? response.email\n          : response.newEmail) || null,\n      multiFactorInfo\n    },\n    operation\n  };\n}\n\n/**\n * Checks a password reset code sent to the user by email or other out-of-band mechanism.\n *\n * @returns the user's email address if valid.\n *\n * @param auth - The {@link Auth} instance.\n * @param code - A verification code sent to the user.\n *\n * @public\n */\nexport async function verifyPasswordResetCode(\n  auth: Auth,\n  code: string\n): Promise<string> {\n  const { data } = await checkActionCode(getModularInstance(auth), code);\n  // Email should always be present since a code was sent to it\n  return data.email!;\n}\n\n/**\n * Creates a new user account associated with the specified email address and password.\n *\n * @remarks\n * On successful creation of the user account, this user will also be signed in to your application.\n *\n * User account creation can fail if the account already exists or the password is invalid.\n *\n * Note: The email address acts as a unique identifier for the user and enables an email-based\n * password reset. This function will create a new user account and set the initial user password.\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The user's email address.\n * @param password - The user's chosen password.\n *\n * @public\n */\nexport async function createUserWithEmailAndPassword(\n  auth: Auth,\n  email: string,\n  password: string\n): Promise<UserCredential> {\n  const authInternal = _castAuth(auth);\n  const request: SignUpRequest = {\n    returnSecureToken: true,\n    email,\n    password,\n    clientType: RecaptchaClientType.WEB\n  };\n  let signUpResponse: Promise<IdTokenResponse>;\n  if (authInternal._getRecaptchaConfig()?.emailPasswordEnabled) {\n    const requestWithRecaptcha = await injectRecaptchaFields(\n      authInternal,\n      request,\n      RecaptchaActionName.SIGN_UP_PASSWORD\n    );\n    signUpResponse = signUp(authInternal, requestWithRecaptcha);\n  } else {\n    signUpResponse = signUp(authInternal, request).catch(async error => {\n      if (error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`) {\n        console.log(\n          'Sign-up is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-up flow.'\n        );\n        const requestWithRecaptcha = await injectRecaptchaFields(\n          authInternal,\n          request,\n          RecaptchaActionName.SIGN_UP_PASSWORD\n        );\n        return signUp(authInternal, requestWithRecaptcha);\n      } else {\n        return Promise.reject(error);\n      }\n    });\n  }\n\n  const response = await signUpResponse.catch(error => {\n    return Promise.reject(error);\n  });\n\n  const userCredential = await UserCredentialImpl._fromIdTokenResponse(\n    authInternal,\n    OperationType.SIGN_IN,\n    response\n  );\n  await authInternal._updateCurrentUser(userCredential.user);\n\n  return userCredential;\n}\n\n/**\n * Asynchronously signs in using an email and password.\n *\n * @remarks\n * Fails with an error if the email address and password do not match.\n *\n * Note: The user's password is NOT the password used to access the user's email account. The\n * email address serves as a unique identifier for the user, and the password is used to access\n * the user's account in your Firebase project. See also: {@link createUserWithEmailAndPassword}.\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The users email address.\n * @param password - The users password.\n *\n * @public\n */\nexport function signInWithEmailAndPassword(\n  auth: Auth,\n  email: string,\n  password: string\n): Promise<UserCredential> {\n  return signInWithCredential(\n    getModularInstance(auth),\n    EmailAuthProvider.credential(email, password)\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  ActionCodeOperation,\n  ActionCodeSettings,\n  Auth,\n  UserCredential\n} from '../../model/public_types';\n\nimport * as api from '../../api/authentication/email_and_password';\nimport { ActionCodeURL } from '../action_code_url';\nimport { EmailAuthProvider } from '../providers/email';\nimport { _getCurrentUrl } from '../util/location';\nimport { _setActionCodeSettingsOnRequest } from './action_code_settings';\nimport { signInWithCredential } from './credential';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { getModularInstance } from '@firebase/util';\nimport { _castAuth } from '../auth/auth_impl';\nimport { injectRecaptchaFields } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';\nimport { RecaptchaActionName, RecaptchaClientType } from '../../api';\n\n/**\n * Sends a sign-in email link to the user with the specified email.\n *\n * @remarks\n * The sign-in operation has to always be completed in the app unlike other out of band email\n * actions (password reset and email verifications). This is because, at the end of the flow,\n * the user is expected to be signed in and their Auth state persisted within the app.\n *\n * To complete sign in with the email link, call {@link signInWithEmailLink} with the email\n * address and the email link supplied in the email sent to the user.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n *   url: 'https://www.example.com/?email=user@example.com',\n *   iOS: {\n *      bundleId: 'com.example.ios'\n *   },\n *   android: {\n *     packageName: 'com.example.android',\n *     installApp: true,\n *     minimumVersion: '12'\n *   },\n *   handleCodeInApp: true\n * };\n * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);\n * // Obtain emailLink from the user.\n * if(isSignInWithEmailLink(auth, emailLink)) {\n *   await signInWithEmailLink(auth, 'user@example.com', emailLink);\n * }\n * ```\n *\n * @param authInternal - The {@link Auth} instance.\n * @param email - The user's email address.\n * @param actionCodeSettings - The {@link ActionCodeSettings}.\n *\n * @public\n */\nexport async function sendSignInLinkToEmail(\n  auth: Auth,\n  email: string,\n  actionCodeSettings: ActionCodeSettings\n): Promise<void> {\n  const authInternal = _castAuth(auth);\n  const request: api.EmailSignInRequest = {\n    requestType: ActionCodeOperation.EMAIL_SIGNIN,\n    email,\n    clientType: RecaptchaClientType.WEB\n  };\n  function setActionCodeSettings(\n    request: api.EmailSignInRequest,\n    actionCodeSettings: ActionCodeSettings\n  ): void {\n    _assert(\n      actionCodeSettings.handleCodeInApp,\n      authInternal,\n      AuthErrorCode.ARGUMENT_ERROR\n    );\n    if (actionCodeSettings) {\n      _setActionCodeSettingsOnRequest(\n        authInternal,\n        request,\n        actionCodeSettings\n      );\n    }\n  }\n  if (authInternal._getRecaptchaConfig()?.emailPasswordEnabled) {\n    const requestWithRecaptcha = await injectRecaptchaFields(\n      authInternal,\n      request,\n      RecaptchaActionName.GET_OOB_CODE,\n      true\n    );\n    setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);\n    await api.sendSignInLinkToEmail(authInternal, requestWithRecaptcha);\n  } else {\n    setActionCodeSettings(request, actionCodeSettings);\n    await api\n      .sendSignInLinkToEmail(authInternal, request)\n      .catch(async error => {\n        if (error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`) {\n          console.log(\n            'Email link sign-in is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.'\n          );\n          const requestWithRecaptcha = await injectRecaptchaFields(\n            authInternal,\n            request,\n            RecaptchaActionName.GET_OOB_CODE,\n            true\n          );\n          setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);\n          await api.sendSignInLinkToEmail(authInternal, requestWithRecaptcha);\n        } else {\n          return Promise.reject(error);\n        }\n      });\n  }\n}\n\n/**\n * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}.\n *\n * @param auth - The {@link Auth} instance.\n * @param emailLink - The link sent to the user's email address.\n *\n * @public\n */\nexport function isSignInWithEmailLink(auth: Auth, emailLink: string): boolean {\n  const actionCodeUrl = ActionCodeURL.parseLink(emailLink);\n  return actionCodeUrl?.operation === ActionCodeOperation.EMAIL_SIGNIN;\n}\n\n/**\n * Asynchronously signs in using an email and sign-in email link.\n *\n * @remarks\n * If no link is passed, the link is inferred from the current URL.\n *\n * Fails with an error if the email address is invalid or OTP in email link expires.\n *\n * Note: Confirm the link is a sign-in email link before calling this method firebase.auth.Auth.isSignInWithEmailLink.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n *   url: 'https://www.example.com/?email=user@example.com',\n *   iOS: {\n *      bundleId: 'com.example.ios'\n *   },\n *   android: {\n *     packageName: 'com.example.android',\n *     installApp: true,\n *     minimumVersion: '12'\n *   },\n *   handleCodeInApp: true\n * };\n * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);\n * // Obtain emailLink from the user.\n * if(isSignInWithEmailLink(auth, emailLink)) {\n *   await signInWithEmailLink(auth, 'user@example.com', emailLink);\n * }\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The user's email address.\n * @param emailLink - The link sent to the user's email address.\n *\n * @public\n */\nexport async function signInWithEmailLink(\n  auth: Auth,\n  email: string,\n  emailLink?: string\n): Promise<UserCredential> {\n  const authModular = getModularInstance(auth);\n  const credential = EmailAuthProvider.credentialWithLink(\n    email,\n    emailLink || _getCurrentUrl()\n  );\n  // Check if the tenant ID in the email link matches the tenant ID on Auth\n  // instance.\n  _assert(\n    credential._tenantId === (authModular.tenantId || null),\n    authModular,\n    AuthErrorCode.TENANT_ID_MISMATCH\n  );\n  return signInWithCredential(authModular, credential);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  ActionCodeOperation,\n  ActionCodeSettings,\n  Auth,\n  User\n} from '../../model/public_types';\n\nimport {\n  createAuthUri,\n  CreateAuthUriRequest\n} from '../../api/authentication/create_auth_uri';\nimport * as api from '../../api/authentication/email_and_password';\nimport { UserInternal } from '../../model/user';\nimport { _getCurrentUrl, _isHttpOrHttps } from '../util/location';\nimport { _setActionCodeSettingsOnRequest } from './action_code_settings';\nimport { getModularInstance } from '@firebase/util';\n\n/**\n * Gets the list of possible sign in methods for the given email address.\n *\n * @remarks\n * This is useful to differentiate methods of sign-in for the same provider, eg.\n * {@link EmailAuthProvider} which has 2 methods of sign-in,\n * {@link SignInMethod}.EMAIL_PASSWORD and\n * {@link SignInMethod}.EMAIL_LINK.\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The user's email address.\n *\n * @public\n */\nexport async function fetchSignInMethodsForEmail(\n  auth: Auth,\n  email: string\n): Promise<string[]> {\n  // createAuthUri returns an error if continue URI is not http or https.\n  // For environments like Cordova, Chrome extensions, native frameworks, file\n  // systems, etc, use http://localhost as continue URL.\n  const continueUri = _isHttpOrHttps() ? _getCurrentUrl() : 'http://localhost';\n  const request: CreateAuthUriRequest = {\n    identifier: email,\n    continueUri\n  };\n\n  const { signinMethods } = await createAuthUri(\n    getModularInstance(auth),\n    request\n  );\n\n  return signinMethods || [];\n}\n\n/**\n * Sends a verification email to a user.\n *\n * @remarks\n * The verification process is completed by calling {@link applyActionCode}.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n *   url: 'https://www.example.com/?email=user@example.com',\n *   iOS: {\n *      bundleId: 'com.example.ios'\n *   },\n *   android: {\n *     packageName: 'com.example.android',\n *     installApp: true,\n *     minimumVersion: '12'\n *   },\n *   handleCodeInApp: true\n * };\n * await sendEmailVerification(user, actionCodeSettings);\n * // Obtain code from the user.\n * await applyActionCode(auth, code);\n * ```\n *\n * @param user - The user.\n * @param actionCodeSettings - The {@link ActionCodeSettings}.\n *\n * @public\n */\nexport async function sendEmailVerification(\n  user: User,\n  actionCodeSettings?: ActionCodeSettings | null\n): Promise<void> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  const idToken = await user.getIdToken();\n  const request: api.VerifyEmailRequest = {\n    requestType: ActionCodeOperation.VERIFY_EMAIL,\n    idToken\n  };\n  if (actionCodeSettings) {\n    _setActionCodeSettingsOnRequest(\n      userInternal.auth,\n      request,\n      actionCodeSettings\n    );\n  }\n\n  const { email } = await api.sendEmailVerification(userInternal.auth, request);\n\n  if (email !== user.email) {\n    await user.reload();\n  }\n}\n\n/**\n * Sends a verification email to a new email address.\n *\n * @remarks\n * The user's email will be updated to the new one after being verified.\n *\n * If you have a custom email action handler, you can complete the verification process by calling\n * {@link applyActionCode}.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n *   url: 'https://www.example.com/?email=user@example.com',\n *   iOS: {\n *      bundleId: 'com.example.ios'\n *   },\n *   android: {\n *     packageName: 'com.example.android',\n *     installApp: true,\n *     minimumVersion: '12'\n *   },\n *   handleCodeInApp: true\n * };\n * await verifyBeforeUpdateEmail(user, 'newemail@example.com', actionCodeSettings);\n * // Obtain code from the user.\n * await applyActionCode(auth, code);\n * ```\n *\n * @param user - The user.\n * @param newEmail - The new email address to be verified before update.\n * @param actionCodeSettings - The {@link ActionCodeSettings}.\n *\n * @public\n */\nexport async function verifyBeforeUpdateEmail(\n  user: User,\n  newEmail: string,\n  actionCodeSettings?: ActionCodeSettings | null\n): Promise<void> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  const idToken = await user.getIdToken();\n  const request: api.VerifyAndChangeEmailRequest = {\n    requestType: ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL,\n    idToken,\n    newEmail\n  };\n  if (actionCodeSettings) {\n    _setActionCodeSettingsOnRequest(\n      userInternal.auth,\n      request,\n      actionCodeSettings\n    );\n  }\n\n  const { email } = await api.verifyAndChangeEmail(userInternal.auth, request);\n\n  if (email !== user.email) {\n    // If the local copy of the email on user is outdated, reload the\n    // user.\n    await user.reload();\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Endpoint,\n  HttpMethod,\n  _addTidIfNecessary,\n  _performApiRequest\n} from '../index';\nimport { Auth } from '../../model/public_types';\n\nexport interface CreateAuthUriRequest {\n  identifier: string;\n  continueUri: string;\n  tenantId?: string;\n}\n\nexport interface CreateAuthUriResponse {\n  signinMethods: string[];\n}\n\nexport async function createAuthUri(\n  auth: Auth,\n  request: CreateAuthUriRequest\n): Promise<CreateAuthUriResponse> {\n  return _performApiRequest<CreateAuthUriRequest, CreateAuthUriResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.CREATE_AUTH_URI,\n    _addTidIfNecessary(auth, request)\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { User } from '../../model/public_types';\n\nimport {\n  updateEmailPassword as apiUpdateEmailPassword,\n  UpdateEmailPasswordRequest\n} from '../../api/account_management/email_and_password';\nimport { updateProfile as apiUpdateProfile } from '../../api/account_management/profile';\nimport { UserInternal } from '../../model/user';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { getModularInstance } from '@firebase/util';\nimport { ProviderId } from '../../model/enums';\n\n/**\n * Updates a user's profile data.\n *\n * @param user - The user.\n * @param profile - The profile's `displayName` and `photoURL` to update.\n *\n * @public\n */\nexport async function updateProfile(\n  user: User,\n  {\n    displayName,\n    photoURL: photoUrl\n  }: { displayName?: string | null; photoURL?: string | null }\n): Promise<void> {\n  if (displayName === undefined && photoUrl === undefined) {\n    return;\n  }\n\n  const userInternal = getModularInstance(user) as UserInternal;\n  const idToken = await userInternal.getIdToken();\n  const profileRequest = {\n    idToken,\n    displayName,\n    photoUrl,\n    returnSecureToken: true\n  };\n  const response = await _logoutIfInvalidated(\n    userInternal,\n    apiUpdateProfile(userInternal.auth, profileRequest)\n  );\n\n  userInternal.displayName = response.displayName || null;\n  userInternal.photoURL = response.photoUrl || null;\n\n  // Update the password provider as well\n  const passwordProvider = userInternal.providerData.find(\n    ({ providerId }) => providerId === ProviderId.PASSWORD\n  );\n  if (passwordProvider) {\n    passwordProvider.displayName = userInternal.displayName;\n    passwordProvider.photoURL = userInternal.photoURL;\n  }\n\n  await userInternal._updateTokensIfNecessary(response);\n}\n\n/**\n * Updates the user's email address.\n *\n * @remarks\n * An email will be sent to the original email address (if it was set) that allows to revoke the\n * email address change, in order to protect them from account hijacking.\n *\n * Important: this is a security sensitive operation that requires the user to have recently signed\n * in. If this requirement isn't met, ask the user to authenticate again and then call\n * {@link reauthenticateWithCredential}.\n *\n * @param user - The user.\n * @param newEmail - The new email address.\n *\n * @public\n */\nexport function updateEmail(user: User, newEmail: string): Promise<void> {\n  return updateEmailOrPassword(\n    getModularInstance(user) as UserInternal,\n    newEmail,\n    null\n  );\n}\n\n/**\n * Updates the user's password.\n *\n * @remarks\n * Important: this is a security sensitive operation that requires the user to have recently signed\n * in. If this requirement isn't met, ask the user to authenticate again and then call\n * {@link reauthenticateWithCredential}.\n *\n * @param user - The user.\n * @param newPassword - The new password.\n *\n * @public\n */\nexport function updatePassword(user: User, newPassword: string): Promise<void> {\n  return updateEmailOrPassword(\n    getModularInstance(user) as UserInternal,\n    null,\n    newPassword\n  );\n}\n\nasync function updateEmailOrPassword(\n  user: UserInternal,\n  email: string | null,\n  password: string | null\n): Promise<void> {\n  const { auth } = user;\n  const idToken = await user.getIdToken();\n  const request: UpdateEmailPasswordRequest = {\n    idToken,\n    returnSecureToken: true\n  };\n\n  if (email) {\n    request.email = email;\n  }\n\n  if (password) {\n    request.password = password;\n  }\n\n  const response = await _logoutIfInvalidated(\n    user,\n    apiUpdateEmailPassword(auth, request)\n  );\n  await user._updateTokensIfNecessary(response, /* reload */ true);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Endpoint, HttpMethod, _performApiRequest } from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface UpdateProfileRequest {\n  idToken: string;\n  displayName?: string | null;\n  photoUrl?: string | null;\n  returnSecureToken: boolean;\n}\n\nexport interface UpdateProfileResponse extends IdTokenResponse {\n  displayName?: string | null;\n  photoUrl?: string | null;\n}\n\nexport async function updateProfile(\n  auth: Auth,\n  request: UpdateProfileRequest\n): Promise<UpdateProfileResponse> {\n  return _performApiRequest<UpdateProfileRequest, UpdateProfileResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.SET_ACCOUNT_INFO,\n    request\n  );\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AdditionalUserInfo, UserCredential } from '../../model/public_types';\nimport { IdTokenResponse, IdTokenResponseKind } from '../../model/id_token';\nimport { _parseToken } from './id_token_result';\nimport { UserCredentialInternal } from '../../model/user';\nimport { ProviderId } from '../../model/enums';\n\n/**\n * Parse the `AdditionalUserInfo` from the ID token response.\n *\n */\nexport function _fromIdTokenResponse(\n  idTokenResponse?: IdTokenResponse\n): AdditionalUserInfo | null {\n  if (!idTokenResponse) {\n    return null;\n  }\n  const { providerId } = idTokenResponse;\n  const profile = idTokenResponse.rawUserInfo\n    ? JSON.parse(idTokenResponse.rawUserInfo)\n    : {};\n  const isNewUser =\n    idTokenResponse.isNewUser ||\n    idTokenResponse.kind === IdTokenResponseKind.SignupNewUser;\n  if (!providerId && idTokenResponse?.idToken) {\n    const signInProvider = _parseToken(idTokenResponse.idToken)?.firebase?.[\n      'sign_in_provider'\n    ];\n    if (signInProvider) {\n      const filteredProviderId =\n        signInProvider !== ProviderId.ANONYMOUS &&\n        signInProvider !== ProviderId.CUSTOM\n          ? (signInProvider as ProviderId)\n          : null;\n      // Uses generic class in accordance with the legacy SDK.\n      return new GenericAdditionalUserInfo(isNewUser, filteredProviderId);\n    }\n  }\n  if (!providerId) {\n    return null;\n  }\n  switch (providerId) {\n    case ProviderId.FACEBOOK:\n      return new FacebookAdditionalUserInfo(isNewUser, profile);\n    case ProviderId.GITHUB:\n      return new GithubAdditionalUserInfo(isNewUser, profile);\n    case ProviderId.GOOGLE:\n      return new GoogleAdditionalUserInfo(isNewUser, profile);\n    case ProviderId.TWITTER:\n      return new TwitterAdditionalUserInfo(\n        isNewUser,\n        profile,\n        idTokenResponse.screenName || null\n      );\n    case ProviderId.CUSTOM:\n    case ProviderId.ANONYMOUS:\n      return new GenericAdditionalUserInfo(isNewUser, null);\n    default:\n      return new GenericAdditionalUserInfo(isNewUser, providerId, profile);\n  }\n}\n\nclass GenericAdditionalUserInfo implements AdditionalUserInfo {\n  constructor(\n    readonly isNewUser: boolean,\n    readonly providerId: ProviderId | string | null,\n    readonly profile: Record<string, unknown> = {}\n  ) {}\n}\n\nclass FederatedAdditionalUserInfoWithUsername extends GenericAdditionalUserInfo {\n  constructor(\n    isNewUser: boolean,\n    providerId: ProviderId,\n    profile: Record<string, unknown>,\n    readonly username: string | null\n  ) {\n    super(isNewUser, providerId, profile);\n  }\n}\n\nclass FacebookAdditionalUserInfo extends GenericAdditionalUserInfo {\n  constructor(isNewUser: boolean, profile: Record<string, unknown>) {\n    super(isNewUser, ProviderId.FACEBOOK, profile);\n  }\n}\n\nclass GithubAdditionalUserInfo extends FederatedAdditionalUserInfoWithUsername {\n  constructor(isNewUser: boolean, profile: Record<string, unknown>) {\n    super(\n      isNewUser,\n      ProviderId.GITHUB,\n      profile,\n      typeof profile?.login === 'string' ? profile?.login : null\n    );\n  }\n}\n\nclass GoogleAdditionalUserInfo extends GenericAdditionalUserInfo {\n  constructor(isNewUser: boolean, profile: Record<string, unknown>) {\n    super(isNewUser, ProviderId.GOOGLE, profile);\n  }\n}\n\nclass TwitterAdditionalUserInfo extends FederatedAdditionalUserInfoWithUsername {\n  constructor(\n    isNewUser: boolean,\n    profile: Record<string, unknown>,\n    screenName: string | null\n  ) {\n    super(isNewUser, ProviderId.TWITTER, profile, screenName);\n  }\n}\n\n/**\n * Extracts provider specific {@link AdditionalUserInfo} for the given credential.\n *\n * @param userCredential - The user credential.\n *\n * @public\n */\nexport function getAdditionalUserInfo(\n  userCredential: UserCredential\n): AdditionalUserInfo | null {\n  const { user, _tokenResponse } = userCredential as UserCredentialInternal;\n  if (user.isAnonymous && !_tokenResponse) {\n    // Handle the special case where signInAnonymously() gets called twice.\n    // No network call is made so there's nothing to actually fill this in\n    return {\n      providerId: null,\n      isNewUser: false,\n      profile: null\n    };\n  }\n\n  return _fromIdTokenResponse(_tokenResponse);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { AuthInternal } from '../model/auth';\nimport { MultiFactorSession } from '../model/public_types';\n\nexport const enum MultiFactorSessionType {\n  ENROLL = 'enroll',\n  SIGN_IN = 'signin'\n}\n\ninterface SerializedMultiFactorSession {\n  multiFactorSession: {\n    idToken?: string;\n    pendingCredential?: string;\n  };\n}\n\nexport class MultiFactorSessionImpl implements MultiFactorSession {\n  private constructor(\n    readonly type: MultiFactorSessionType,\n    readonly credential: string,\n    readonly auth?: AuthInternal\n  ) {}\n\n  static _fromIdtoken(\n    idToken: string,\n    auth?: AuthInternal\n  ): MultiFactorSessionImpl {\n    return new MultiFactorSessionImpl(\n      MultiFactorSessionType.ENROLL,\n      idToken,\n      auth\n    );\n  }\n\n  static _fromMfaPendingCredential(\n    mfaPendingCredential: string\n  ): MultiFactorSessionImpl {\n    return new MultiFactorSessionImpl(\n      MultiFactorSessionType.SIGN_IN,\n      mfaPendingCredential\n    );\n  }\n\n  toJSON(): SerializedMultiFactorSession {\n    const key =\n      this.type === MultiFactorSessionType.ENROLL\n        ? 'idToken'\n        : 'pendingCredential';\n    return {\n      multiFactorSession: {\n        [key]: this.credential\n      }\n    };\n  }\n\n  static fromJSON(\n    obj: Partial<SerializedMultiFactorSession>\n  ): MultiFactorSessionImpl | null {\n    if (obj?.multiFactorSession) {\n      if (obj.multiFactorSession?.pendingCredential) {\n        return MultiFactorSessionImpl._fromMfaPendingCredential(\n          obj.multiFactorSession.pendingCredential\n        );\n      } else if (obj.multiFactorSession?.idToken) {\n        return MultiFactorSessionImpl._fromIdtoken(\n          obj.multiFactorSession.idToken\n        );\n      }\n    }\n    return null;\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Auth,\n  MultiFactorResolver,\n  UserCredential,\n  MultiFactorError\n} from '../model/public_types';\n\nimport { _castAuth } from '../core/auth/auth_impl';\nimport { AuthErrorCode } from '../core/errors';\nimport { UserCredentialImpl } from '../core/user/user_credential_impl';\nimport { _assert, _fail } from '../core/util/assert';\nimport { UserCredentialInternal } from '../model/user';\nimport { MultiFactorAssertionImpl } from './mfa_assertion';\nimport { MultiFactorError as MultiFactorErrorInternal } from './mfa_error';\nimport { MultiFactorInfoImpl } from './mfa_info';\nimport { MultiFactorSessionImpl } from './mfa_session';\nimport { getModularInstance } from '@firebase/util';\nimport { OperationType } from '../model/enums';\n\nexport class MultiFactorResolverImpl implements MultiFactorResolver {\n  private constructor(\n    readonly session: MultiFactorSessionImpl,\n    readonly hints: MultiFactorInfoImpl[],\n    private readonly signInResolver: (\n      assertion: MultiFactorAssertionImpl\n    ) => Promise<UserCredentialInternal>\n  ) {}\n\n  /** @internal */\n  static _fromError(\n    authExtern: Auth,\n    error: MultiFactorErrorInternal\n  ): MultiFactorResolverImpl {\n    const auth = _castAuth(authExtern);\n    const serverResponse = error.customData._serverResponse;\n    const hints = (serverResponse.mfaInfo || []).map(enrollment =>\n      MultiFactorInfoImpl._fromServerResponse(auth, enrollment)\n    );\n\n    _assert(\n      serverResponse.mfaPendingCredential,\n      auth,\n      AuthErrorCode.INTERNAL_ERROR\n    );\n    const session = MultiFactorSessionImpl._fromMfaPendingCredential(\n      serverResponse.mfaPendingCredential\n    );\n\n    return new MultiFactorResolverImpl(\n      session,\n      hints,\n      async (\n        assertion: MultiFactorAssertionImpl\n      ): Promise<UserCredentialInternal> => {\n        const mfaResponse = await assertion._process(auth, session);\n        // Clear out the unneeded fields from the old login response\n        delete serverResponse.mfaInfo;\n        delete serverResponse.mfaPendingCredential;\n\n        // Use in the new token & refresh token in the old response\n        const idTokenResponse = {\n          ...serverResponse,\n          idToken: mfaResponse.idToken,\n          refreshToken: mfaResponse.refreshToken\n        };\n\n        // TODO: we should collapse this switch statement into UserCredentialImpl._forOperation and have it support the SIGN_IN case\n        switch (error.operationType) {\n          case OperationType.SIGN_IN:\n            const userCredential =\n              await UserCredentialImpl._fromIdTokenResponse(\n                auth,\n                error.operationType,\n                idTokenResponse\n              );\n            await auth._updateCurrentUser(userCredential.user);\n            return userCredential;\n          case OperationType.REAUTHENTICATE:\n            _assert(error.user, auth, AuthErrorCode.INTERNAL_ERROR);\n            return UserCredentialImpl._forOperation(\n              error.user,\n              error.operationType,\n              idTokenResponse\n            );\n          default:\n            _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n        }\n      }\n    );\n  }\n\n  async resolveSignIn(\n    assertionExtern: MultiFactorAssertionImpl\n  ): Promise<UserCredential> {\n    const assertion = assertionExtern as MultiFactorAssertionImpl;\n    return this.signInResolver(assertion);\n  }\n}\n\n/**\n * Provides a {@link MultiFactorResolver} suitable for completion of a\n * multi-factor flow.\n *\n * @param auth - The {@link Auth} instance.\n * @param error - The {@link MultiFactorError} raised during a sign-in, or\n * reauthentication operation.\n *\n * @public\n */\nexport function getMultiFactorResolver(\n  auth: Auth,\n  error: MultiFactorError\n): MultiFactorResolver {\n  const authModular = getModularInstance(auth);\n  const errorInternal = error as MultiFactorErrorInternal;\n  _assert(\n    error.customData.operationType,\n    authModular,\n    AuthErrorCode.ARGUMENT_ERROR\n  );\n  _assert(\n    errorInternal.customData._serverResponse?.mfaPendingCredential,\n    authModular,\n    AuthErrorCode.ARGUMENT_ERROR\n  );\n\n  return MultiFactorResolverImpl._fromError(authModular, errorInternal);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n  MultiFactorAssertion,\n  MultiFactorInfo,\n  MultiFactorSession,\n  MultiFactorUser,\n  User\n} from '../model/public_types';\n\nimport { withdrawMfa } from '../api/account_management/mfa';\nimport { _logoutIfInvalidated } from '../core/user/invalidation';\nimport { UserInternal } from '../model/user';\nimport { MultiFactorAssertionImpl } from './mfa_assertion';\nimport { MultiFactorInfoImpl } from './mfa_info';\nimport { MultiFactorSessionImpl } from './mfa_session';\nimport { getModularInstance } from '@firebase/util';\n\nexport class MultiFactorUserImpl implements MultiFactorUser {\n  enrolledFactors: MultiFactorInfo[] = [];\n\n  private constructor(readonly user: UserInternal) {\n    user._onReload(userInfo => {\n      if (userInfo.mfaInfo) {\n        this.enrolledFactors = userInfo.mfaInfo.map(enrollment =>\n          MultiFactorInfoImpl._fromServerResponse(user.auth, enrollment)\n        );\n      }\n    });\n  }\n\n  static _fromUser(user: UserInternal): MultiFactorUserImpl {\n    return new MultiFactorUserImpl(user);\n  }\n\n  async getSession(): Promise<MultiFactorSession> {\n    return MultiFactorSessionImpl._fromIdtoken(\n      await this.user.getIdToken(),\n      this.user.auth\n    );\n  }\n\n  async enroll(\n    assertionExtern: MultiFactorAssertion,\n    displayName?: string | null\n  ): Promise<void> {\n    const assertion = assertionExtern as MultiFactorAssertionImpl;\n    const session = (await this.getSession()) as MultiFactorSessionImpl;\n    const finalizeMfaResponse = await _logoutIfInvalidated(\n      this.user,\n      assertion._process(this.user.auth, session, displayName)\n    );\n    // New tokens will be issued after enrollment of the new second factors.\n    // They need to be updated on the user.\n    await this.user._updateTokensIfNecessary(finalizeMfaResponse);\n    // The user needs to be reloaded to get the new multi-factor information\n    // from server. USER_RELOADED event will be triggered and `enrolledFactors`\n    // will be updated.\n    return this.user.reload();\n  }\n\n  async unenroll(infoOrUid: MultiFactorInfo | string): Promise<void> {\n    const mfaEnrollmentId =\n      typeof infoOrUid === 'string' ? infoOrUid : infoOrUid.uid;\n    const idToken = await this.user.getIdToken();\n    try {\n      const idTokenResponse = await _logoutIfInvalidated(\n        this.user,\n        withdrawMfa(this.user.auth, {\n          idToken,\n          mfaEnrollmentId\n        })\n      );\n      // Remove the second factor from the user's list.\n      this.enrolledFactors = this.enrolledFactors.filter(\n        ({ uid }) => uid !== mfaEnrollmentId\n      );\n      // Depending on whether the backend decided to revoke the user's session,\n      // the tokenResponse may be empty. If the tokens were not updated (and they\n      // are now invalid), reloading the user will discover this and invalidate\n      // the user's state accordingly.\n      await this.user._updateTokensIfNecessary(idTokenResponse);\n      await this.user.reload();\n    } catch (e) {\n      throw e;\n    }\n  }\n}\n\nconst multiFactorUserCache = new WeakMap<User, MultiFactorUser>();\n\n/**\n * The {@link MultiFactorUser} corresponding to the user.\n *\n * @remarks\n * This is used to access all multi-factor properties and operations related to the user.\n *\n * @param user - The user.\n *\n * @public\n */\nexport function multiFactor(user: User): MultiFactorUser {\n  const userModular = getModularInstance(user);\n  if (!multiFactorUserCache.has(userModular)) {\n    multiFactorUserCache.set(\n      userModular,\n      MultiFactorUserImpl._fromUser(userModular as UserInternal)\n    );\n  }\n  return multiFactorUserCache.get(userModular)!;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Endpoint,\n  HttpMethod,\n  _addTidIfNecessary,\n  _performApiRequest\n} from '../index';\nimport { SignInWithPhoneNumberRequest } from '../authentication/sms';\nimport { FinalizeMfaResponse } from '../authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\n\n/**\n * MFA Info as returned by the API.\n */\ninterface BaseMfaEnrollment {\n  mfaEnrollmentId: string;\n  enrolledAt: number;\n  displayName?: string;\n}\n\n/**\n * An MFA provided by SMS verification.\n */\nexport interface PhoneMfaEnrollment extends BaseMfaEnrollment {\n  phoneInfo: string;\n}\n\n/**\n * An MFA provided by TOTP (Time-based One Time Password).\n */\nexport interface TotpMfaEnrollment extends BaseMfaEnrollment {}\n\n/**\n * MfaEnrollment can be any subtype of BaseMfaEnrollment, currently only PhoneMfaEnrollment and TotpMfaEnrollment are supported.\n */\nexport type MfaEnrollment = PhoneMfaEnrollment | TotpMfaEnrollment;\n\nexport interface StartPhoneMfaEnrollmentRequest {\n  idToken: string;\n  phoneEnrollmentInfo: {\n    phoneNumber: string;\n    recaptchaToken: string;\n  };\n  tenantId?: string;\n}\n\nexport interface StartPhoneMfaEnrollmentResponse {\n  phoneSessionInfo: {\n    sessionInfo: string;\n  };\n}\n\nexport function startEnrollPhoneMfa(\n  auth: AuthInternal,\n  request: StartPhoneMfaEnrollmentRequest\n): Promise<StartPhoneMfaEnrollmentResponse> {\n  return _performApiRequest<\n    StartPhoneMfaEnrollmentRequest,\n    StartPhoneMfaEnrollmentResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.START_MFA_ENROLLMENT,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport interface FinalizePhoneMfaEnrollmentRequest {\n  idToken: string;\n  phoneVerificationInfo: SignInWithPhoneNumberRequest;\n  displayName?: string | null;\n  tenantId?: string;\n}\n\nexport interface FinalizePhoneMfaEnrollmentResponse\n  extends FinalizeMfaResponse {}\n\nexport function finalizeEnrollPhoneMfa(\n  auth: AuthInternal,\n  request: FinalizePhoneMfaEnrollmentRequest\n): Promise<FinalizePhoneMfaEnrollmentResponse> {\n  return _performApiRequest<\n    FinalizePhoneMfaEnrollmentRequest,\n    FinalizePhoneMfaEnrollmentResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.FINALIZE_MFA_ENROLLMENT,\n    _addTidIfNecessary(auth, request)\n  );\n}\nexport interface StartTotpMfaEnrollmentRequest {\n  idToken: string;\n  totpEnrollmentInfo: {};\n  tenantId?: string;\n}\n\nexport interface StartTotpMfaEnrollmentResponse {\n  totpSessionInfo: {\n    sharedSecretKey: string;\n    verificationCodeLength: number;\n    hashingAlgorithm: string;\n    periodSec: number;\n    sessionInfo: string;\n    finalizeEnrollmentTime: number;\n  };\n}\n\nexport function startEnrollTotpMfa(\n  auth: AuthInternal,\n  request: StartTotpMfaEnrollmentRequest\n): Promise<StartTotpMfaEnrollmentResponse> {\n  return _performApiRequest<\n    StartTotpMfaEnrollmentRequest,\n    StartTotpMfaEnrollmentResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.START_MFA_ENROLLMENT,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport interface TotpVerificationInfo {\n  sessionInfo: string;\n  verificationCode: string;\n}\nexport interface FinalizeTotpMfaEnrollmentRequest {\n  idToken: string;\n  totpVerificationInfo: TotpVerificationInfo;\n  displayName?: string | null;\n  tenantId?: string;\n}\n\nexport interface FinalizeTotpMfaEnrollmentResponse\n  extends FinalizeMfaResponse {}\n\nexport function finalizeEnrollTotpMfa(\n  auth: AuthInternal,\n  request: FinalizeTotpMfaEnrollmentRequest\n): Promise<FinalizeTotpMfaEnrollmentResponse> {\n  return _performApiRequest<\n    FinalizeTotpMfaEnrollmentRequest,\n    FinalizeTotpMfaEnrollmentResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.FINALIZE_MFA_ENROLLMENT,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport interface WithdrawMfaRequest {\n  idToken: string;\n  mfaEnrollmentId: string;\n  tenantId?: string;\n}\n\nexport interface WithdrawMfaResponse extends FinalizeMfaResponse {}\n\nexport function withdrawMfa(\n  auth: AuthInternal,\n  request: WithdrawMfaRequest\n): Promise<WithdrawMfaResponse> {\n  return _performApiRequest<WithdrawMfaRequest, WithdrawMfaResponse>(\n    auth,\n    HttpMethod.POST,\n    Endpoint.WITHDRAW_MFA,\n    _addTidIfNecessary(auth, request)\n  );\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { Persistence } from '../../model/public_types';\n\nexport const enum PersistenceType {\n  SESSION = 'SESSION',\n  LOCAL = 'LOCAL',\n  NONE = 'NONE'\n}\n\nexport type PersistedBlob = Record<string, unknown>;\n\nexport interface Instantiator<T> {\n  (blob: PersistedBlob): T;\n}\n\nexport type PersistenceValue = PersistedBlob | string;\n\nexport const STORAGE_AVAILABLE_KEY = '__sak';\n\nexport interface StorageEventListener {\n  (value: PersistenceValue | null): void;\n}\n\nexport interface PersistenceInternal extends Persistence {\n  type: PersistenceType;\n  _isAvailable(): Promise<boolean>;\n  _set(key: string, value: PersistenceValue): Promise<void>;\n  _get<T extends PersistenceValue>(key: string): Promise<T | null>;\n  _remove(key: string): Promise<void>;\n  _addListener(key: string, listener: StorageEventListener): void;\n  _removeListener(key: string, listener: StorageEventListener): void;\n  // Should this persistence allow migration up the chosen hierarchy?\n  _shouldAllowMigration?: boolean;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  PersistenceValue,\n  STORAGE_AVAILABLE_KEY,\n  PersistenceType\n} from '../../core/persistence';\n\n// There are two different browser persistence types: local and session.\n// Both have the same implementation but use a different underlying storage\n// object.\n\nexport abstract class BrowserPersistenceClass {\n  protected constructor(\n    protected readonly storageRetriever: () => Storage,\n    readonly type: PersistenceType\n  ) {}\n\n  _isAvailable(): Promise<boolean> {\n    try {\n      if (!this.storage) {\n        return Promise.resolve(false);\n      }\n      this.storage.setItem(STORAGE_AVAILABLE_KEY, '1');\n      this.storage.removeItem(STORAGE_AVAILABLE_KEY);\n      return Promise.resolve(true);\n    } catch {\n      return Promise.resolve(false);\n    }\n  }\n\n  _set(key: string, value: PersistenceValue): Promise<void> {\n    this.storage.setItem(key, JSON.stringify(value));\n    return Promise.resolve();\n  }\n\n  _get<T extends PersistenceValue>(key: string): Promise<T | null> {\n    const json = this.storage.getItem(key);\n    return Promise.resolve(json ? JSON.parse(json) : null);\n  }\n\n  _remove(key: string): Promise<void> {\n    this.storage.removeItem(key);\n    return Promise.resolve();\n  }\n\n  protected get storage(): Storage {\n    return this.storageRetriever();\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Persistence } from '../../model/public_types';\n\nimport { getUA } from '@firebase/util';\nimport {\n  _isSafari,\n  _isIOS,\n  _isIframe,\n  _isMobileBrowser,\n  _isIE10\n} from '../../core/util/browser';\nimport {\n  PersistenceInternal as InternalPersistence,\n  PersistenceType,\n  PersistenceValue,\n  StorageEventListener\n} from '../../core/persistence';\nimport { BrowserPersistenceClass } from './browser';\n\nfunction _iframeCannotSyncWebStorage(): boolean {\n  const ua = getUA();\n  return _isSafari(ua) || _isIOS(ua);\n}\n\n// The polling period in case events are not supported\nexport const _POLLING_INTERVAL_MS = 1000;\n\n// The IE 10 localStorage cross tab synchronization delay in milliseconds\nconst IE10_LOCAL_STORAGE_SYNC_DELAY = 10;\n\nclass BrowserLocalPersistence\n  extends BrowserPersistenceClass\n  implements InternalPersistence\n{\n  static type: 'LOCAL' = 'LOCAL';\n\n  constructor() {\n    super(() => window.localStorage, PersistenceType.LOCAL);\n  }\n\n  private readonly boundEventHandler = (\n    event: StorageEvent,\n    poll?: boolean\n  ): void => this.onStorageEvent(event, poll);\n  private readonly listeners: Record<string, Set<StorageEventListener>> = {};\n  private readonly localCache: Record<string, string | null> = {};\n  // setTimeout return value is platform specific\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  private pollTimer: any | null = null;\n\n  // Safari or iOS browser and embedded in an iframe.\n  private readonly safariLocalStorageNotSynced =\n    _iframeCannotSyncWebStorage() && _isIframe();\n  // Whether to use polling instead of depending on window events\n  private readonly fallbackToPolling = _isMobileBrowser();\n  readonly _shouldAllowMigration = true;\n\n  private forAllChangedKeys(\n    cb: (key: string, oldValue: string | null, newValue: string | null) => void\n  ): void {\n    // Check all keys with listeners on them.\n    for (const key of Object.keys(this.listeners)) {\n      // Get value from localStorage.\n      const newValue = this.storage.getItem(key);\n      const oldValue = this.localCache[key];\n      // If local map value does not match, trigger listener with storage event.\n      // Differentiate this simulated event from the real storage event.\n      if (newValue !== oldValue) {\n        cb(key, oldValue, newValue);\n      }\n    }\n  }\n\n  private onStorageEvent(event: StorageEvent, poll = false): void {\n    // Key would be null in some situations, like when localStorage is cleared\n    if (!event.key) {\n      this.forAllChangedKeys(\n        (key: string, _oldValue: string | null, newValue: string | null) => {\n          this.notifyListeners(key, newValue);\n        }\n      );\n      return;\n    }\n\n    const key = event.key;\n\n    // Check the mechanism how this event was detected.\n    // The first event will dictate the mechanism to be used.\n    if (poll) {\n      // Environment detects storage changes via polling.\n      // Remove storage event listener to prevent possible event duplication.\n      this.detachListener();\n    } else {\n      // Environment detects storage changes via storage event listener.\n      // Remove polling listener to prevent possible event duplication.\n      this.stopPolling();\n    }\n\n    // Safari embedded iframe. Storage event will trigger with the delta\n    // changes but no changes will be applied to the iframe localStorage.\n    if (this.safariLocalStorageNotSynced) {\n      // Get current iframe page value.\n      const storedValue = this.storage.getItem(key);\n      // Value not synchronized, synchronize manually.\n      if (event.newValue !== storedValue) {\n        if (event.newValue !== null) {\n          // Value changed from current value.\n          this.storage.setItem(key, event.newValue);\n        } else {\n          // Current value deleted.\n          this.storage.removeItem(key);\n        }\n      } else if (this.localCache[key] === event.newValue && !poll) {\n        // Already detected and processed, do not trigger listeners again.\n        return;\n      }\n    }\n\n    const triggerListeners = (): void => {\n      // Keep local map up to date in case storage event is triggered before\n      // poll.\n      const storedValue = this.storage.getItem(key);\n      if (!poll && this.localCache[key] === storedValue) {\n        // Real storage event which has already been detected, do nothing.\n        // This seems to trigger in some IE browsers for some reason.\n        return;\n      }\n      this.notifyListeners(key, storedValue);\n    };\n\n    const storedValue = this.storage.getItem(key);\n    if (\n      _isIE10() &&\n      storedValue !== event.newValue &&\n      event.newValue !== event.oldValue\n    ) {\n      // IE 10 has this weird bug where a storage event would trigger with the\n      // correct key, oldValue and newValue but localStorage.getItem(key) does\n      // not yield the updated value until a few milliseconds. This ensures\n      // this recovers from that situation.\n      setTimeout(triggerListeners, IE10_LOCAL_STORAGE_SYNC_DELAY);\n    } else {\n      triggerListeners();\n    }\n  }\n\n  private notifyListeners(key: string, value: string | null): void {\n    this.localCache[key] = value;\n    const listeners = this.listeners[key];\n    if (listeners) {\n      for (const listener of Array.from(listeners)) {\n        listener(value ? JSON.parse(value) : value);\n      }\n    }\n  }\n\n  private startPolling(): void {\n    this.stopPolling();\n\n    this.pollTimer = setInterval(() => {\n      this.forAllChangedKeys(\n        (key: string, oldValue: string | null, newValue: string | null) => {\n          this.onStorageEvent(\n            new StorageEvent('storage', {\n              key,\n              oldValue,\n              newValue\n            }),\n            /* poll */ true\n          );\n        }\n      );\n    }, _POLLING_INTERVAL_MS);\n  }\n\n  private stopPolling(): void {\n    if (this.pollTimer) {\n      clearInterval(this.pollTimer);\n      this.pollTimer = null;\n    }\n  }\n\n  private attachListener(): void {\n    window.addEventListener('storage', this.boundEventHandler);\n  }\n\n  private detachListener(): void {\n    window.removeEventListener('storage', this.boundEventHandler);\n  }\n\n  _addListener(key: string, listener: StorageEventListener): void {\n    if (Object.keys(this.listeners).length === 0) {\n      // Whether browser can detect storage event when it had already been pushed to the background.\n      // This may happen in some mobile browsers. A localStorage change in the foreground window\n      // will not be detected in the background window via the storage event.\n      // This was detected in iOS 7.x mobile browsers\n      if (this.fallbackToPolling) {\n        this.startPolling();\n      } else {\n        this.attachListener();\n      }\n    }\n    if (!this.listeners[key]) {\n      this.listeners[key] = new Set();\n      // Populate the cache to avoid spuriously triggering on first poll.\n      this.localCache[key] = this.storage.getItem(key);\n    }\n    this.listeners[key].add(listener);\n  }\n\n  _removeListener(key: string, listener: StorageEventListener): void {\n    if (this.listeners[key]) {\n      this.listeners[key].delete(listener);\n\n      if (this.listeners[key].size === 0) {\n        delete this.listeners[key];\n      }\n    }\n\n    if (Object.keys(this.listeners).length === 0) {\n      this.detachListener();\n      this.stopPolling();\n    }\n  }\n\n  // Update local cache on base operations:\n\n  async _set(key: string, value: PersistenceValue): Promise<void> {\n    await super._set(key, value);\n    this.localCache[key] = JSON.stringify(value);\n  }\n\n  async _get<T extends PersistenceValue>(key: string): Promise<T | null> {\n    const value = await super._get<T>(key);\n    this.localCache[key] = JSON.stringify(value);\n    return value;\n  }\n\n  async _remove(key: string): Promise<void> {\n    await super._remove(key);\n    delete this.localCache[key];\n  }\n}\n\n/**\n * An implementation of {@link Persistence} of type `LOCAL` using `localStorage`\n * for the underlying storage.\n *\n * @public\n */\nexport const browserLocalPersistence: Persistence = BrowserLocalPersistence;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Persistence } from '../../model/public_types';\n\nimport {\n  PersistenceInternal as InternalPersistence,\n  PersistenceType,\n  StorageEventListener\n} from '../../core/persistence';\nimport { BrowserPersistenceClass } from './browser';\n\nclass BrowserSessionPersistence\n  extends BrowserPersistenceClass\n  implements InternalPersistence\n{\n  static type: 'SESSION' = 'SESSION';\n\n  constructor() {\n    super(() => window.sessionStorage, PersistenceType.SESSION);\n  }\n\n  _addListener(_key: string, _listener: StorageEventListener): void {\n    // Listeners are not supported for session storage since it cannot be shared across windows\n    return;\n  }\n\n  _removeListener(_key: string, _listener: StorageEventListener): void {\n    // Listeners are not supported for session storage since it cannot be shared across windows\n    return;\n  }\n}\n\n/**\n * An implementation of {@link Persistence} of `SESSION` using `sessionStorage`\n * for the underlying storage.\n *\n * @public\n */\nexport const browserSessionPersistence: Persistence = BrowserSessionPersistence;\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  ReceiverHandler,\n  _EventType,\n  _ReceiverResponse,\n  SenderMessageEvent,\n  _Status,\n  _SenderRequest\n} from './index';\nimport { _allSettled } from './promise';\n\n/**\n * Interface class for receiving messages.\n *\n */\nexport class Receiver {\n  private static readonly receivers: Receiver[] = [];\n  private readonly boundEventHandler: EventListener;\n\n  private readonly handlersMap: {\n    // Typescript doesn't have existential types :(\n    // eslint-disable-next-line @typescript-eslint/no-explicit-any\n    [eventType: string]: Set<ReceiverHandler<any, any>>;\n  } = {};\n\n  constructor(private readonly eventTarget: EventTarget) {\n    this.boundEventHandler = this.handleEvent.bind(this);\n  }\n\n  /**\n   * Obtain an instance of a Receiver for a given event target, if none exists it will be created.\n   *\n   * @param eventTarget - An event target (such as window or self) through which the underlying\n   * messages will be received.\n   */\n  static _getInstance(eventTarget: EventTarget): Receiver {\n    // The results are stored in an array since objects can't be keys for other\n    // objects. In addition, setting a unique property on an event target as a\n    // hash map key may not be allowed due to CORS restrictions.\n    const existingInstance = this.receivers.find(receiver =>\n      receiver.isListeningto(eventTarget)\n    );\n    if (existingInstance) {\n      return existingInstance;\n    }\n    const newInstance = new Receiver(eventTarget);\n    this.receivers.push(newInstance);\n    return newInstance;\n  }\n\n  private isListeningto(eventTarget: EventTarget): boolean {\n    return this.eventTarget === eventTarget;\n  }\n\n  /**\n   * Fans out a MessageEvent to the appropriate listeners.\n   *\n   * @remarks\n   * Sends an {@link Status.ACK} upon receipt and a {@link Status.DONE} once all handlers have\n   * finished processing.\n   *\n   * @param event - The MessageEvent.\n   *\n   */\n  private async handleEvent<\n    T extends _ReceiverResponse,\n    S extends _SenderRequest\n  >(event: Event): Promise<void> {\n    const messageEvent = event as MessageEvent<SenderMessageEvent<S>>;\n    const { eventId, eventType, data } = messageEvent.data;\n\n    const handlers: Set<ReceiverHandler<T, S>> | undefined =\n      this.handlersMap[eventType];\n    if (!handlers?.size) {\n      return;\n    }\n\n    messageEvent.ports[0].postMessage({\n      status: _Status.ACK,\n      eventId,\n      eventType\n    });\n\n    const promises = Array.from(handlers).map(async handler =>\n      handler(messageEvent.origin, data)\n    );\n    const response = await _allSettled(promises);\n    messageEvent.ports[0].postMessage({\n      status: _Status.DONE,\n      eventId,\n      eventType,\n      response\n    });\n  }\n\n  /**\n   * Subscribe an event handler for a particular event.\n   *\n   * @param eventType - Event name to subscribe to.\n   * @param eventHandler - The event handler which should receive the events.\n   *\n   */\n  _subscribe<T extends _ReceiverResponse, S extends _SenderRequest>(\n    eventType: _EventType,\n    eventHandler: ReceiverHandler<T, S>\n  ): void {\n    if (Object.keys(this.handlersMap).length === 0) {\n      this.eventTarget.addEventListener('message', this.boundEventHandler);\n    }\n\n    if (!this.handlersMap[eventType]) {\n      this.handlersMap[eventType] = new Set();\n    }\n\n    this.handlersMap[eventType].add(eventHandler);\n  }\n\n  /**\n   * Unsubscribe an event handler from a particular event.\n   *\n   * @param eventType - Event name to unsubscribe from.\n   * @param eventHandler - Optinoal event handler, if none provided, unsubscribe all handlers on this event.\n   *\n   */\n  _unsubscribe<T extends _ReceiverResponse, S extends _SenderRequest>(\n    eventType: _EventType,\n    eventHandler?: ReceiverHandler<T, S>\n  ): void {\n    if (this.handlersMap[eventType] && eventHandler) {\n      this.handlersMap[eventType].delete(eventHandler);\n    }\n    if (!eventHandler || this.handlersMap[eventType].size === 0) {\n      delete this.handlersMap[eventType];\n    }\n\n    if (Object.keys(this.handlersMap).length === 0) {\n      this.eventTarget.removeEventListener('message', this.boundEventHandler);\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/** TODO: remove this once tslib has a polyfill for Promise.allSettled */\ninterface PromiseFulfilledResult<T> {\n  fulfilled: true;\n  value: T;\n}\n\ninterface PromiseRejectedResult {\n  fulfilled: false;\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  reason: any;\n}\n\nexport type PromiseSettledResult<T> =\n  | PromiseFulfilledResult<T>\n  | PromiseRejectedResult;\n\n/**\n * Shim for Promise.allSettled, note the slightly different format of `fulfilled` vs `status`.\n *\n * @param promises - Array of promises to wait on.\n */\nexport function _allSettled<T>(\n  promises: Array<Promise<T>>\n): Promise<Array<PromiseSettledResult<T>>> {\n  return Promise.all(\n    promises.map(async promise => {\n      try {\n        const value = await promise;\n        return {\n          fulfilled: true,\n          value\n        } as PromiseFulfilledResult<T>;\n      } catch (reason) {\n        return {\n          fulfilled: false,\n          reason\n        } as PromiseRejectedResult;\n      }\n    })\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport function _generateEventId(prefix = '', digits = 10): string {\n  let random = '';\n  for (let i = 0; i < digits; i++) {\n    random += Math.floor(Math.random() * 10);\n  }\n  return prefix + random;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _generateEventId } from '../../core/util/event_id';\nimport {\n  _SenderRequest,\n  _EventType,\n  ReceiverMessageEvent,\n  _MessageError,\n  SenderMessageEvent,\n  _Status,\n  _ReceiverMessageResponse,\n  _ReceiverResponse,\n  _TimeoutDuration\n} from './index';\n\ninterface MessageHandler {\n  messageChannel: MessageChannel;\n  onMessage: EventListenerOrEventListenerObject;\n}\n\n/**\n * Interface for sending messages and waiting for a completion response.\n *\n */\nexport class Sender {\n  private readonly handlers = new Set<MessageHandler>();\n\n  constructor(private readonly target: ServiceWorker) {}\n\n  /**\n   * Unsubscribe the handler and remove it from our tracking Set.\n   *\n   * @param handler - The handler to unsubscribe.\n   */\n  private removeMessageHandler(handler: MessageHandler): void {\n    if (handler.messageChannel) {\n      handler.messageChannel.port1.removeEventListener(\n        'message',\n        handler.onMessage\n      );\n      handler.messageChannel.port1.close();\n    }\n    this.handlers.delete(handler);\n  }\n\n  /**\n   * Send a message to the Receiver located at {@link target}.\n   *\n   * @remarks\n   * We'll first wait a bit for an ACK , if we get one we will wait significantly longer until the\n   * receiver has had a chance to fully process the event.\n   *\n   * @param eventType - Type of event to send.\n   * @param data - The payload of the event.\n   * @param timeout - Timeout for waiting on an ACK from the receiver.\n   *\n   * @returns An array of settled promises from all the handlers that were listening on the receiver.\n   */\n  async _send<T extends _ReceiverResponse, S extends _SenderRequest>(\n    eventType: _EventType,\n    data: S,\n    timeout = _TimeoutDuration.ACK\n  ): Promise<_ReceiverMessageResponse<T>> {\n    const messageChannel =\n      typeof MessageChannel !== 'undefined' ? new MessageChannel() : null;\n    if (!messageChannel) {\n      throw new Error(_MessageError.CONNECTION_UNAVAILABLE);\n    }\n    // Node timers and browser timers return fundamentally different types.\n    // We don't actually care what the value is but TS won't accept unknown and\n    // we can't cast properly in both environments.\n    // eslint-disable-next-line @typescript-eslint/no-explicit-any\n    let completionTimer: any;\n    let handler: MessageHandler;\n    return new Promise<_ReceiverMessageResponse<T>>((resolve, reject) => {\n      const eventId = _generateEventId('', 20);\n      messageChannel.port1.start();\n      const ackTimer = setTimeout(() => {\n        reject(new Error(_MessageError.UNSUPPORTED_EVENT));\n      }, timeout);\n      handler = {\n        messageChannel,\n        onMessage(event: Event): void {\n          const messageEvent = event as MessageEvent<ReceiverMessageEvent<T>>;\n          if (messageEvent.data.eventId !== eventId) {\n            return;\n          }\n          switch (messageEvent.data.status) {\n            case _Status.ACK:\n              // The receiver should ACK first.\n              clearTimeout(ackTimer);\n              completionTimer = setTimeout(() => {\n                reject(new Error(_MessageError.TIMEOUT));\n              }, _TimeoutDuration.COMPLETION);\n              break;\n            case _Status.DONE:\n              // Once the receiver's handlers are finished we will get the results.\n              clearTimeout(completionTimer);\n              resolve(messageEvent.data.response);\n              break;\n            default:\n              clearTimeout(ackTimer);\n              clearTimeout(completionTimer);\n              reject(new Error(_MessageError.INVALID_RESPONSE));\n              break;\n          }\n        }\n      };\n      this.handlers.add(handler);\n      messageChannel.port1.addEventListener('message', handler.onMessage);\n      this.target.postMessage(\n        {\n          eventType,\n          eventId,\n          data\n        } as SenderMessageEvent<S>,\n        [messageChannel.port2]\n      );\n    }).finally(() => {\n      if (handler) {\n        this.removeMessageHandler(handler);\n      }\n    });\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Recaptcha, GreCAPTCHATopLevel } from './recaptcha/recaptcha';\n\n/**\n * A specialized window type that melds the normal window type plus the\n * various bits we need. The three different blocks that are &'d together\n * cant be defined in the same block together.\n */\nexport type AuthWindow = {\n  // Standard window types\n  [T in keyof Window]: Window[T];\n} & {\n  // Any known / named properties we want to add\n  grecaptcha?: Recaptcha | GreCAPTCHATopLevel;\n  /* eslint-disable-next-line @typescript-eslint/no-explicit-any */\n  ___jsl?: Record<string, any>;\n  gapi?: typeof gapi;\n} & {\n  // A final catch-all for callbacks (which will have random names) that\n  // we will stick on the window.\n  [callback: string]: (...args: unknown[]) => void;\n};\n\n/**\n * Lazy accessor for window, since the compat layer won't tree shake this out,\n * we need to make sure not to mess with window unless we have to\n */\nexport function _window(): AuthWindow {\n  return window as unknown as AuthWindow;\n}\n\nexport function _setWindowLocation(url: string): void {\n  _window().location.href = url;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _window } from '../auth_window';\n\nexport function _isWorker(): boolean {\n  return (\n    typeof _window()['WorkerGlobalScope'] !== 'undefined' &&\n    typeof _window()['importScripts'] === 'function'\n  );\n}\n\nexport async function _getActiveServiceWorker(): Promise<ServiceWorker | null> {\n  if (!navigator?.serviceWorker) {\n    return null;\n  }\n  try {\n    const registration = await navigator.serviceWorker.ready;\n    return registration.active;\n  } catch {\n    return null;\n  }\n}\n\nexport function _getServiceWorkerController(): ServiceWorker | null {\n  return navigator?.serviceWorker?.controller || null;\n}\n\nexport function _getWorkerGlobalScope(): ServiceWorker | null {\n  return _isWorker() ? (self as unknown as ServiceWorker) : null;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Persistence } from '../../model/public_types';\nimport {\n  PersistedBlob,\n  PersistenceInternal as InternalPersistence,\n  PersistenceType,\n  PersistenceValue,\n  StorageEventListener,\n  STORAGE_AVAILABLE_KEY\n} from '../../core/persistence/';\nimport {\n  _EventType,\n  _PingResponse,\n  KeyChangedResponse,\n  KeyChangedRequest,\n  PingRequest,\n  _TimeoutDuration\n} from '../messagechannel/index';\nimport { Receiver } from '../messagechannel/receiver';\nimport { Sender } from '../messagechannel/sender';\nimport {\n  _isWorker,\n  _getActiveServiceWorker,\n  _getServiceWorkerController,\n  _getWorkerGlobalScope\n} from '../util/worker';\n\nexport const DB_NAME = 'firebaseLocalStorageDb';\nconst DB_VERSION = 1;\nconst DB_OBJECTSTORE_NAME = 'firebaseLocalStorage';\nconst DB_DATA_KEYPATH = 'fbase_key';\n\ninterface DBObject {\n  [DB_DATA_KEYPATH]: string;\n  value: PersistedBlob;\n}\n\n/**\n * Promise wrapper for IDBRequest\n *\n * Unfortunately we can't cleanly extend Promise<T> since promises are not callable in ES6\n *\n */\nclass DBPromise<T> {\n  constructor(private readonly request: IDBRequest) {}\n\n  toPromise(): Promise<T> {\n    return new Promise<T>((resolve, reject) => {\n      this.request.addEventListener('success', () => {\n        resolve(this.request.result);\n      });\n      this.request.addEventListener('error', () => {\n        reject(this.request.error);\n      });\n    });\n  }\n}\n\nfunction getObjectStore(db: IDBDatabase, isReadWrite: boolean): IDBObjectStore {\n  return db\n    .transaction([DB_OBJECTSTORE_NAME], isReadWrite ? 'readwrite' : 'readonly')\n    .objectStore(DB_OBJECTSTORE_NAME);\n}\n\nexport async function _clearDatabase(db: IDBDatabase): Promise<void> {\n  const objectStore = getObjectStore(db, true);\n  return new DBPromise<void>(objectStore.clear()).toPromise();\n}\n\nexport function _deleteDatabase(): Promise<void> {\n  const request = indexedDB.deleteDatabase(DB_NAME);\n  return new DBPromise<void>(request).toPromise();\n}\n\nexport function _openDatabase(): Promise<IDBDatabase> {\n  const request = indexedDB.open(DB_NAME, DB_VERSION);\n  return new Promise((resolve, reject) => {\n    request.addEventListener('error', () => {\n      reject(request.error);\n    });\n\n    request.addEventListener('upgradeneeded', () => {\n      const db = request.result;\n\n      try {\n        db.createObjectStore(DB_OBJECTSTORE_NAME, { keyPath: DB_DATA_KEYPATH });\n      } catch (e) {\n        reject(e);\n      }\n    });\n\n    request.addEventListener('success', async () => {\n      const db: IDBDatabase = request.result;\n      // Strange bug that occurs in Firefox when multiple tabs are opened at the\n      // same time. The only way to recover seems to be deleting the database\n      // and re-initializing it.\n      // https://github.com/firebase/firebase-js-sdk/issues/634\n\n      if (!db.objectStoreNames.contains(DB_OBJECTSTORE_NAME)) {\n        // Need to close the database or else you get a `blocked` event\n        db.close();\n        await _deleteDatabase();\n        resolve(await _openDatabase());\n      } else {\n        resolve(db);\n      }\n    });\n  });\n}\n\nexport async function _putObject(\n  db: IDBDatabase,\n  key: string,\n  value: PersistenceValue | string\n): Promise<void> {\n  const request = getObjectStore(db, true).put({\n    [DB_DATA_KEYPATH]: key,\n    value\n  });\n  return new DBPromise<void>(request).toPromise();\n}\n\nasync function getObject(\n  db: IDBDatabase,\n  key: string\n): Promise<PersistedBlob | null> {\n  const request = getObjectStore(db, false).get(key);\n  const data = await new DBPromise<DBObject | undefined>(request).toPromise();\n  return data === undefined ? null : data.value;\n}\n\nexport function _deleteObject(db: IDBDatabase, key: string): Promise<void> {\n  const request = getObjectStore(db, true).delete(key);\n  return new DBPromise<void>(request).toPromise();\n}\n\nexport const _POLLING_INTERVAL_MS = 800;\nexport const _TRANSACTION_RETRY_COUNT = 3;\n\nclass IndexedDBLocalPersistence implements InternalPersistence {\n  static type: 'LOCAL' = 'LOCAL';\n\n  type = PersistenceType.LOCAL;\n  db?: IDBDatabase;\n  readonly _shouldAllowMigration = true;\n\n  private readonly listeners: Record<string, Set<StorageEventListener>> = {};\n  private readonly localCache: Record<string, PersistenceValue | null> = {};\n  // setTimeout return value is platform specific\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  private pollTimer: any | null = null;\n  private pendingWrites = 0;\n\n  private receiver: Receiver | null = null;\n  private sender: Sender | null = null;\n  private serviceWorkerReceiverAvailable = false;\n  private activeServiceWorker: ServiceWorker | null = null;\n  // Visible for testing only\n  readonly _workerInitializationPromise: Promise<void>;\n\n  constructor() {\n    // Fire & forget the service worker registration as it may never resolve\n    this._workerInitializationPromise =\n      this.initializeServiceWorkerMessaging().then(\n        () => {},\n        () => {}\n      );\n  }\n\n  async _openDb(): Promise<IDBDatabase> {\n    if (this.db) {\n      return this.db;\n    }\n    this.db = await _openDatabase();\n    return this.db;\n  }\n\n  async _withRetries<T>(op: (db: IDBDatabase) => Promise<T>): Promise<T> {\n    let numAttempts = 0;\n\n    while (true) {\n      try {\n        const db = await this._openDb();\n        return await op(db);\n      } catch (e) {\n        if (numAttempts++ > _TRANSACTION_RETRY_COUNT) {\n          throw e;\n        }\n        if (this.db) {\n          this.db.close();\n          this.db = undefined;\n        }\n        // TODO: consider adding exponential backoff\n      }\n    }\n  }\n\n  /**\n   * IndexedDB events do not propagate from the main window to the worker context.  We rely on a\n   * postMessage interface to send these events to the worker ourselves.\n   */\n  private async initializeServiceWorkerMessaging(): Promise<void> {\n    return _isWorker() ? this.initializeReceiver() : this.initializeSender();\n  }\n\n  /**\n   * As the worker we should listen to events from the main window.\n   */\n  private async initializeReceiver(): Promise<void> {\n    this.receiver = Receiver._getInstance(_getWorkerGlobalScope()!);\n    // Refresh from persistence if we receive a KeyChanged message.\n    this.receiver._subscribe(\n      _EventType.KEY_CHANGED,\n      async (_origin: string, data: KeyChangedRequest) => {\n        const keys = await this._poll();\n        return {\n          keyProcessed: keys.includes(data.key)\n        };\n      }\n    );\n    // Let the sender know that we are listening so they give us more timeout.\n    this.receiver._subscribe(\n      _EventType.PING,\n      async (_origin: string, _data: PingRequest) => {\n        return [_EventType.KEY_CHANGED];\n      }\n    );\n  }\n\n  /**\n   * As the main window, we should let the worker know when keys change (set and remove).\n   *\n   * @remarks\n   * {@link https://developer.mozilla.org/en-US/docs/Web/API/ServiceWorkerContainer/ready | ServiceWorkerContainer.ready}\n   * may not resolve.\n   */\n  private async initializeSender(): Promise<void> {\n    // Check to see if there's an active service worker.\n    this.activeServiceWorker = await _getActiveServiceWorker();\n    if (!this.activeServiceWorker) {\n      return;\n    }\n    this.sender = new Sender(this.activeServiceWorker);\n    // Ping the service worker to check what events they can handle.\n    const results = await this.sender._send<_PingResponse, PingRequest>(\n      _EventType.PING,\n      {},\n      _TimeoutDuration.LONG_ACK\n    );\n    if (!results) {\n      return;\n    }\n    if (\n      results[0]?.fulfilled &&\n      results[0]?.value.includes(_EventType.KEY_CHANGED)\n    ) {\n      this.serviceWorkerReceiverAvailable = true;\n    }\n  }\n\n  /**\n   * Let the worker know about a changed key, the exact key doesn't technically matter since the\n   * worker will just trigger a full sync anyway.\n   *\n   * @remarks\n   * For now, we only support one service worker per page.\n   *\n   * @param key - Storage key which changed.\n   */\n  private async notifyServiceWorker(key: string): Promise<void> {\n    if (\n      !this.sender ||\n      !this.activeServiceWorker ||\n      _getServiceWorkerController() !== this.activeServiceWorker\n    ) {\n      return;\n    }\n    try {\n      await this.sender._send<KeyChangedResponse, KeyChangedRequest>(\n        _EventType.KEY_CHANGED,\n        { key },\n        // Use long timeout if receiver has previously responded to a ping from us.\n        this.serviceWorkerReceiverAvailable\n          ? _TimeoutDuration.LONG_ACK\n          : _TimeoutDuration.ACK\n      );\n    } catch {\n      // This is a best effort approach. Ignore errors.\n    }\n  }\n\n  async _isAvailable(): Promise<boolean> {\n    try {\n      if (!indexedDB) {\n        return false;\n      }\n      const db = await _openDatabase();\n      await _putObject(db, STORAGE_AVAILABLE_KEY, '1');\n      await _deleteObject(db, STORAGE_AVAILABLE_KEY);\n      return true;\n    } catch {}\n    return false;\n  }\n\n  private async _withPendingWrite(write: () => Promise<void>): Promise<void> {\n    this.pendingWrites++;\n    try {\n      await write();\n    } finally {\n      this.pendingWrites--;\n    }\n  }\n\n  async _set(key: string, value: PersistenceValue): Promise<void> {\n    return this._withPendingWrite(async () => {\n      await this._withRetries((db: IDBDatabase) => _putObject(db, key, value));\n      this.localCache[key] = value;\n      return this.notifyServiceWorker(key);\n    });\n  }\n\n  async _get<T extends PersistenceValue>(key: string): Promise<T | null> {\n    const obj = (await this._withRetries((db: IDBDatabase) =>\n      getObject(db, key)\n    )) as T;\n    this.localCache[key] = obj;\n    return obj;\n  }\n\n  async _remove(key: string): Promise<void> {\n    return this._withPendingWrite(async () => {\n      await this._withRetries((db: IDBDatabase) => _deleteObject(db, key));\n      delete this.localCache[key];\n      return this.notifyServiceWorker(key);\n    });\n  }\n\n  private async _poll(): Promise<string[]> {\n    // TODO: check if we need to fallback if getAll is not supported\n    const result = await this._withRetries((db: IDBDatabase) => {\n      const getAllRequest = getObjectStore(db, false).getAll();\n      return new DBPromise<DBObject[] | null>(getAllRequest).toPromise();\n    });\n\n    if (!result) {\n      return [];\n    }\n\n    // If we have pending writes in progress abort, we'll get picked up on the next poll\n    if (this.pendingWrites !== 0) {\n      return [];\n    }\n\n    const keys = [];\n    const keysInResult = new Set();\n    for (const { fbase_key: key, value } of result) {\n      keysInResult.add(key);\n      if (JSON.stringify(this.localCache[key]) !== JSON.stringify(value)) {\n        this.notifyListeners(key, value as PersistenceValue);\n        keys.push(key);\n      }\n    }\n    for (const localKey of Object.keys(this.localCache)) {\n      if (this.localCache[localKey] && !keysInResult.has(localKey)) {\n        // Deleted\n        this.notifyListeners(localKey, null);\n        keys.push(localKey);\n      }\n    }\n    return keys;\n  }\n\n  private notifyListeners(\n    key: string,\n    newValue: PersistenceValue | null\n  ): void {\n    this.localCache[key] = newValue;\n    const listeners = this.listeners[key];\n    if (listeners) {\n      for (const listener of Array.from(listeners)) {\n        listener(newValue);\n      }\n    }\n  }\n\n  private startPolling(): void {\n    this.stopPolling();\n\n    this.pollTimer = setInterval(\n      async () => this._poll(),\n      _POLLING_INTERVAL_MS\n    );\n  }\n\n  private stopPolling(): void {\n    if (this.pollTimer) {\n      clearInterval(this.pollTimer);\n      this.pollTimer = null;\n    }\n  }\n\n  _addListener(key: string, listener: StorageEventListener): void {\n    if (Object.keys(this.listeners).length === 0) {\n      this.startPolling();\n    }\n    if (!this.listeners[key]) {\n      this.listeners[key] = new Set();\n      // Populate the cache to avoid spuriously triggering on first poll.\n      void this._get(key); // This can happen in the background async and we can return immediately.\n    }\n    this.listeners[key].add(listener);\n  }\n\n  _removeListener(key: string, listener: StorageEventListener): void {\n    if (this.listeners[key]) {\n      this.listeners[key].delete(listener);\n\n      if (this.listeners[key].size === 0) {\n        delete this.listeners[key];\n      }\n    }\n\n    if (Object.keys(this.listeners).length === 0) {\n      this.stopPolling();\n    }\n  }\n}\n\n/**\n * An implementation of {@link Persistence} of type `LOCAL` using `indexedDB`\n * for the underlying storage.\n *\n * @public\n */\nexport const indexedDBLocalPersistence: Persistence = IndexedDBLocalPersistence;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert } from '../../core/util/assert';\nimport { AuthInternal } from '../../model/auth';\nimport { RecaptchaParameters } from '../../model/public_types';\nimport {\n  Recaptcha,\n  GreCAPTCHATopLevel,\n  GreCAPTCHARenderOption,\n  GreCAPTCHA\n} from './recaptcha';\n\nexport const _SOLVE_TIME_MS = 500;\nexport const _EXPIRATION_TIME_MS = 60_000;\nexport const _WIDGET_ID_START = 1_000_000_000_000;\n\nexport interface Widget {\n  getResponse: () => string | null;\n  delete: () => void;\n  execute: () => void;\n}\n\nexport class MockReCaptcha implements Recaptcha {\n  private counter = _WIDGET_ID_START;\n  _widgets = new Map<number, Widget>();\n\n  constructor(private readonly auth: AuthInternal) {}\n\n  render(\n    container: string | HTMLElement,\n    parameters?: RecaptchaParameters\n  ): number {\n    const id = this.counter;\n    this._widgets.set(\n      id,\n      new MockWidget(container, this.auth.name, parameters || {})\n    );\n    this.counter++;\n    return id;\n  }\n\n  reset(optWidgetId?: number): void {\n    const id = optWidgetId || _WIDGET_ID_START;\n    void this._widgets.get(id)?.delete();\n    this._widgets.delete(id);\n  }\n\n  getResponse(optWidgetId?: number): string {\n    const id = optWidgetId || _WIDGET_ID_START;\n    return this._widgets.get(id)?.getResponse() || '';\n  }\n\n  async execute(optWidgetId?: number | string): Promise<string> {\n    const id: number = (optWidgetId as number) || _WIDGET_ID_START;\n    void this._widgets.get(id)?.execute();\n    return '';\n  }\n}\n\nexport class MockGreCAPTCHATopLevel implements GreCAPTCHATopLevel {\n  enterprise: GreCAPTCHA = new MockGreCAPTCHA();\n  ready(callback: () => void): void {\n    callback();\n  }\n\n  execute(\n    // eslint-disable-next-line @typescript-eslint/no-unused-vars\n    _siteKey: string,\n    _options: { action: string }\n  ): Promise<string> {\n    return Promise.resolve('token');\n  }\n  render(\n    // eslint-disable-next-line @typescript-eslint/no-unused-vars\n    _container: string | HTMLElement,\n    _parameters: GreCAPTCHARenderOption\n  ): string {\n    return '';\n  }\n}\n\nexport class MockGreCAPTCHA implements GreCAPTCHA {\n  ready(callback: () => void): void {\n    callback();\n  }\n\n  execute(\n    // eslint-disable-next-line @typescript-eslint/no-unused-vars\n    _siteKey: string,\n    _options: { action: string }\n  ): Promise<string> {\n    return Promise.resolve('token');\n  }\n  render(\n    // eslint-disable-next-line @typescript-eslint/no-unused-vars\n    _container: string | HTMLElement,\n    _parameters: GreCAPTCHARenderOption\n  ): string {\n    return '';\n  }\n}\n\nexport class MockWidget {\n  private readonly container: HTMLElement;\n  private readonly isVisible: boolean;\n  private timerId: number | null = null;\n  private deleted = false;\n  private responseToken: string | null = null;\n  private readonly clickHandler = (): void => {\n    this.execute();\n  };\n\n  constructor(\n    containerOrId: string | HTMLElement,\n    appName: string,\n    private readonly params: RecaptchaParameters\n  ) {\n    const container =\n      typeof containerOrId === 'string'\n        ? document.getElementById(containerOrId)\n        : containerOrId;\n    _assert(container, AuthErrorCode.ARGUMENT_ERROR, { appName });\n\n    this.container = container;\n    this.isVisible = this.params.size !== 'invisible';\n    if (this.isVisible) {\n      this.execute();\n    } else {\n      this.container.addEventListener('click', this.clickHandler);\n    }\n  }\n\n  getResponse(): string | null {\n    this.checkIfDeleted();\n    return this.responseToken;\n  }\n\n  delete(): void {\n    this.checkIfDeleted();\n    this.deleted = true;\n    if (this.timerId) {\n      clearTimeout(this.timerId);\n      this.timerId = null;\n    }\n    this.container.removeEventListener('click', this.clickHandler);\n  }\n\n  execute(): void {\n    this.checkIfDeleted();\n    if (this.timerId) {\n      return;\n    }\n\n    this.timerId = window.setTimeout(() => {\n      this.responseToken = generateRandomAlphaNumericString(50);\n      const { callback, 'expired-callback': expiredCallback } = this.params;\n      if (callback) {\n        try {\n          callback(this.responseToken);\n        } catch (e) {}\n      }\n\n      this.timerId = window.setTimeout(() => {\n        this.timerId = null;\n        this.responseToken = null;\n        if (expiredCallback) {\n          try {\n            expiredCallback();\n          } catch (e) {}\n        }\n\n        if (this.isVisible) {\n          this.execute();\n        }\n      }, _EXPIRATION_TIME_MS);\n    }, _SOLVE_TIME_MS);\n  }\n\n  private checkIfDeleted(): void {\n    if (this.deleted) {\n      throw new Error('reCAPTCHA mock was already deleted!');\n    }\n  }\n}\n\nfunction generateRandomAlphaNumericString(len: number): string {\n  const chars = [];\n  const allowedChars =\n    '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';\n  for (let i = 0; i < len; i++) {\n    chars.push(\n      allowedChars.charAt(Math.floor(Math.random() * allowedChars.length))\n    );\n  }\n  return chars.join('');\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { querystring } from '@firebase/util';\n\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert, _createError } from '../../core/util/assert';\nimport { Delay } from '../../core/util/delay';\nimport { AuthInternal } from '../../model/auth';\nimport { _window } from '../auth_window';\nimport * as jsHelpers from '../load_js';\nimport { Recaptcha, isV2 } from './recaptcha';\nimport { MockReCaptcha } from './recaptcha_mock';\n\n// ReCaptcha will load using the same callback, so the callback function needs\n// to be kept around\nexport const _JSLOAD_CALLBACK = jsHelpers._generateCallbackName('rcb');\nconst NETWORK_TIMEOUT_DELAY = new Delay(30000, 60000);\nconst RECAPTCHA_BASE = 'https://www.google.com/recaptcha/api.js?';\n\n/**\n * We need to mark this interface as internal explicitly to exclude it in the public typings, because\n * it references AuthInternal which has a circular dependency with UserInternal.\n *\n * @internal\n */\nexport interface ReCaptchaLoader {\n  load(auth: AuthInternal, hl?: string): Promise<Recaptcha>;\n  clearedOneInstance(): void;\n}\n\n/**\n * Loader for the GReCaptcha library. There should only ever be one of this.\n */\nexport class ReCaptchaLoaderImpl implements ReCaptchaLoader {\n  private hostLanguage = '';\n  private counter = 0;\n  /**\n   * Check for `render()` method. `window.grecaptcha` will exist if the Enterprise\n   * version of the ReCAPTCHA script was loaded by someone else (e.g. App Check) but\n   * `window.grecaptcha.render()` will not. Another load will add it.\n   */\n  private readonly librarySeparatelyLoaded = !!_window().grecaptcha?.render;\n\n  load(auth: AuthInternal, hl = ''): Promise<Recaptcha> {\n    _assert(isHostLanguageValid(hl), auth, AuthErrorCode.ARGUMENT_ERROR);\n\n    if (this.shouldResolveImmediately(hl) && isV2(_window().grecaptcha)) {\n      return Promise.resolve(_window().grecaptcha! as Recaptcha);\n    }\n    return new Promise<Recaptcha>((resolve, reject) => {\n      const networkTimeout = _window().setTimeout(() => {\n        reject(_createError(auth, AuthErrorCode.NETWORK_REQUEST_FAILED));\n      }, NETWORK_TIMEOUT_DELAY.get());\n\n      _window()[_JSLOAD_CALLBACK] = () => {\n        _window().clearTimeout(networkTimeout);\n        delete _window()[_JSLOAD_CALLBACK];\n\n        const recaptcha = _window().grecaptcha as Recaptcha;\n\n        if (!recaptcha || !isV2(recaptcha)) {\n          reject(_createError(auth, AuthErrorCode.INTERNAL_ERROR));\n          return;\n        }\n\n        // Wrap the greptcha render function so that we know if the developer has\n        // called it separately\n        const render = recaptcha.render;\n        recaptcha.render = (container, params) => {\n          const widgetId = render(container, params);\n          this.counter++;\n          return widgetId;\n        };\n\n        this.hostLanguage = hl;\n        resolve(recaptcha);\n      };\n\n      const url = `${RECAPTCHA_BASE}?${querystring({\n        onload: _JSLOAD_CALLBACK,\n        render: 'explicit',\n        hl\n      })}`;\n\n      jsHelpers._loadJS(url).catch(() => {\n        clearTimeout(networkTimeout);\n        reject(_createError(auth, AuthErrorCode.INTERNAL_ERROR));\n      });\n    });\n  }\n\n  clearedOneInstance(): void {\n    this.counter--;\n  }\n\n  private shouldResolveImmediately(hl: string): boolean {\n    // We can resolve immediately if:\n    //   • grecaptcha is already defined AND (\n    //     1. the requested language codes are the same OR\n    //     2. there exists already a ReCaptcha on the page\n    //     3. the library was already loaded by the app\n    // In cases (2) and (3), we _can't_ reload as it would break the recaptchas\n    // that are already in the page\n    return (\n      !!_window().grecaptcha?.render &&\n      (hl === this.hostLanguage ||\n        this.counter > 0 ||\n        this.librarySeparatelyLoaded)\n    );\n  }\n}\n\nfunction isHostLanguageValid(hl: string): boolean {\n  return hl.length <= 6 && /^\\s*[a-zA-Z0-9\\-]*\\s*$/.test(hl);\n}\n\nexport class MockReCaptchaLoaderImpl implements ReCaptchaLoader {\n  async load(auth: AuthInternal): Promise<Recaptcha> {\n    return new MockReCaptcha(auth);\n  }\n\n  clearedOneInstance(): void {}\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Auth, RecaptchaParameters } from '../../model/public_types';\nimport { getRecaptchaParams } from '../../api/authentication/recaptcha';\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert } from '../../core/util/assert';\nimport { _isHttpOrHttps } from '../../core/util/location';\nimport { ApplicationVerifierInternal } from '../../model/application_verifier';\nimport { AuthInternal } from '../../model/auth';\nimport { _window } from '../auth_window';\nimport { _isWorker } from '../util/worker';\nimport { Recaptcha } from './recaptcha';\nimport {\n  MockReCaptchaLoaderImpl,\n  ReCaptchaLoader,\n  ReCaptchaLoaderImpl\n} from './recaptcha_loader';\n\nexport const RECAPTCHA_VERIFIER_TYPE = 'recaptcha';\n\nconst DEFAULT_PARAMS: RecaptchaParameters = {\n  theme: 'light',\n  type: 'image'\n};\n\ntype TokenCallback = (token: string) => void;\n\n/**\n * An {@link https://www.google.com/recaptcha/ | reCAPTCHA}-based application verifier.\n *\n * @public\n */\nexport class RecaptchaVerifier implements ApplicationVerifierInternal {\n  /**\n   * The application verifier type.\n   *\n   * @remarks\n   * For a reCAPTCHA verifier, this is 'recaptcha'.\n   */\n  readonly type = RECAPTCHA_VERIFIER_TYPE;\n  private destroyed = false;\n  private widgetId: number | null = null;\n  private readonly container: HTMLElement;\n  private readonly isInvisible: boolean;\n  private readonly tokenChangeListeners = new Set<TokenCallback>();\n  private renderPromise: Promise<number> | null = null;\n  private readonly auth: AuthInternal;\n\n  /** @internal */\n  readonly _recaptchaLoader: ReCaptchaLoader;\n  private recaptcha: Recaptcha | null = null;\n\n  /**\n   *\n   * @param containerOrId - The reCAPTCHA container parameter.\n   *\n   * @remarks\n   * This has different meaning depending on whether the reCAPTCHA is hidden or visible. For a\n   * visible reCAPTCHA the container must be empty. If a string is used, it has to correspond to\n   * an element ID. The corresponding element must also must be in the DOM at the time of\n   * initialization.\n   *\n   * @param parameters - The optional reCAPTCHA parameters.\n   *\n   * @remarks\n   * Check the reCAPTCHA docs for a comprehensive list. All parameters are accepted except for\n   * the sitekey. Firebase Auth backend provisions a reCAPTCHA for each project and will\n   * configure this upon rendering. For an invisible reCAPTCHA, a size key must have the value\n   * 'invisible'.\n   *\n   * @param authExtern - The corresponding Firebase {@link Auth} instance.\n   */\n  constructor(\n    containerOrId: HTMLElement | string,\n    private readonly parameters: RecaptchaParameters = {\n      ...DEFAULT_PARAMS\n    },\n    authExtern: Auth\n  ) {\n    this.auth = _castAuth(authExtern);\n    this.isInvisible = this.parameters.size === 'invisible';\n    _assert(\n      typeof document !== 'undefined',\n      this.auth,\n      AuthErrorCode.OPERATION_NOT_SUPPORTED\n    );\n    const container =\n      typeof containerOrId === 'string'\n        ? document.getElementById(containerOrId)\n        : containerOrId;\n    _assert(container, this.auth, AuthErrorCode.ARGUMENT_ERROR);\n\n    this.container = container;\n    this.parameters.callback = this.makeTokenCallback(this.parameters.callback);\n\n    this._recaptchaLoader = this.auth.settings.appVerificationDisabledForTesting\n      ? new MockReCaptchaLoaderImpl()\n      : new ReCaptchaLoaderImpl();\n\n    this.validateStartingState();\n    // TODO: Figure out if sdk version is needed\n  }\n\n  /**\n   * Waits for the user to solve the reCAPTCHA and resolves with the reCAPTCHA token.\n   *\n   * @returns A Promise for the reCAPTCHA token.\n   */\n  async verify(): Promise<string> {\n    this.assertNotDestroyed();\n    const id = await this.render();\n    const recaptcha = this.getAssertedRecaptcha();\n\n    const response = recaptcha.getResponse(id);\n    if (response) {\n      return response;\n    }\n\n    return new Promise<string>(resolve => {\n      const tokenChange = (token: string): void => {\n        if (!token) {\n          return; // Ignore token expirations.\n        }\n        this.tokenChangeListeners.delete(tokenChange);\n        resolve(token);\n      };\n\n      this.tokenChangeListeners.add(tokenChange);\n      if (this.isInvisible) {\n        recaptcha.execute(id);\n      }\n    });\n  }\n\n  /**\n   * Renders the reCAPTCHA widget on the page.\n   *\n   * @returns A Promise that resolves with the reCAPTCHA widget ID.\n   */\n  render(): Promise<number> {\n    try {\n      this.assertNotDestroyed();\n    } catch (e) {\n      // This method returns a promise. Since it's not async (we want to return the\n      // _same_ promise if rendering is still occurring), the API surface should\n      // reject with the error rather than just throw\n      return Promise.reject(e);\n    }\n\n    if (this.renderPromise) {\n      return this.renderPromise;\n    }\n\n    this.renderPromise = this.makeRenderPromise().catch(e => {\n      this.renderPromise = null;\n      throw e;\n    });\n\n    return this.renderPromise;\n  }\n\n  /** @internal */\n  _reset(): void {\n    this.assertNotDestroyed();\n    if (this.widgetId !== null) {\n      this.getAssertedRecaptcha().reset(this.widgetId);\n    }\n  }\n\n  /**\n   * Clears the reCAPTCHA widget from the page and destroys the instance.\n   */\n  clear(): void {\n    this.assertNotDestroyed();\n    this.destroyed = true;\n    this._recaptchaLoader.clearedOneInstance();\n    if (!this.isInvisible) {\n      this.container.childNodes.forEach(node => {\n        this.container.removeChild(node);\n      });\n    }\n  }\n\n  private validateStartingState(): void {\n    _assert(!this.parameters.sitekey, this.auth, AuthErrorCode.ARGUMENT_ERROR);\n    _assert(\n      this.isInvisible || !this.container.hasChildNodes(),\n      this.auth,\n      AuthErrorCode.ARGUMENT_ERROR\n    );\n    _assert(\n      typeof document !== 'undefined',\n      this.auth,\n      AuthErrorCode.OPERATION_NOT_SUPPORTED\n    );\n  }\n\n  private makeTokenCallback(\n    existing: TokenCallback | string | undefined\n  ): TokenCallback {\n    return token => {\n      this.tokenChangeListeners.forEach(listener => listener(token));\n      if (typeof existing === 'function') {\n        existing(token);\n      } else if (typeof existing === 'string') {\n        const globalFunc = _window()[existing];\n        if (typeof globalFunc === 'function') {\n          globalFunc(token);\n        }\n      }\n    };\n  }\n\n  private assertNotDestroyed(): void {\n    _assert(!this.destroyed, this.auth, AuthErrorCode.INTERNAL_ERROR);\n  }\n\n  private async makeRenderPromise(): Promise<number> {\n    await this.init();\n    if (!this.widgetId) {\n      let container = this.container;\n      if (!this.isInvisible) {\n        const guaranteedEmpty = document.createElement('div');\n        container.appendChild(guaranteedEmpty);\n        container = guaranteedEmpty;\n      }\n\n      this.widgetId = this.getAssertedRecaptcha().render(\n        container,\n        this.parameters\n      );\n    }\n\n    return this.widgetId;\n  }\n\n  private async init(): Promise<void> {\n    _assert(\n      _isHttpOrHttps() && !_isWorker(),\n      this.auth,\n      AuthErrorCode.INTERNAL_ERROR\n    );\n\n    await domReady();\n    this.recaptcha = await this._recaptchaLoader.load(\n      this.auth,\n      this.auth.languageCode || undefined\n    );\n\n    const siteKey = await getRecaptchaParams(this.auth);\n    _assert(siteKey, this.auth, AuthErrorCode.INTERNAL_ERROR);\n    this.parameters.sitekey = siteKey;\n  }\n\n  private getAssertedRecaptcha(): Recaptcha {\n    _assert(this.recaptcha, this.auth, AuthErrorCode.INTERNAL_ERROR);\n    return this.recaptcha;\n  }\n}\n\nfunction domReady(): Promise<void> {\n  let resolver: (() => void) | null = null;\n  return new Promise<void>(resolve => {\n    if (document.readyState === 'complete') {\n      resolve();\n      return;\n    }\n\n    // Document not ready, wait for load before resolving.\n    // Save resolver, so we can remove listener in case it was externally\n    // cancelled.\n    resolver = () => resolve();\n    window.addEventListener('load', resolver);\n  }).catch(e => {\n    if (resolver) {\n      window.removeEventListener('load', resolver);\n    }\n\n    throw e;\n  });\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  ApplicationVerifier,\n  Auth,\n  ConfirmationResult,\n  PhoneInfoOptions,\n  User,\n  UserCredential\n} from '../../model/public_types';\n\nimport { startEnrollPhoneMfa } from '../../api/account_management/mfa';\nimport { startSignInPhoneMfa } from '../../api/authentication/mfa';\nimport { sendPhoneVerificationCode } from '../../api/authentication/sms';\nimport { ApplicationVerifierInternal } from '../../model/application_verifier';\nimport { PhoneAuthCredential } from '../../core/credentials/phone';\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assertLinkedStatus, _link } from '../../core/user/link_unlink';\nimport { _assert } from '../../core/util/assert';\nimport { AuthInternal } from '../../model/auth';\nimport {\n  linkWithCredential,\n  reauthenticateWithCredential,\n  signInWithCredential\n} from '../../core/strategies/credential';\nimport {\n  MultiFactorSessionImpl,\n  MultiFactorSessionType\n} from '../../mfa/mfa_session';\nimport { UserInternal } from '../../model/user';\nimport { RECAPTCHA_VERIFIER_TYPE } from '../recaptcha/recaptcha_verifier';\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport { getModularInstance } from '@firebase/util';\nimport { ProviderId } from '../../model/enums';\n\ninterface OnConfirmationCallback {\n  (credential: PhoneAuthCredential): Promise<UserCredential>;\n}\n\nclass ConfirmationResultImpl implements ConfirmationResult {\n  constructor(\n    readonly verificationId: string,\n    private readonly onConfirmation: OnConfirmationCallback\n  ) {}\n\n  confirm(verificationCode: string): Promise<UserCredential> {\n    const authCredential = PhoneAuthCredential._fromVerification(\n      this.verificationId,\n      verificationCode\n    );\n    return this.onConfirmation(authCredential);\n  }\n}\n\n/**\n * Asynchronously signs in using a phone number.\n *\n * @remarks\n * This method sends a code via SMS to the given\n * phone number, and returns a {@link ConfirmationResult}. After the user\n * provides the code sent to their phone, call {@link ConfirmationResult.confirm}\n * with the code to sign the user in.\n *\n * For abuse prevention, this method also requires a {@link ApplicationVerifier}.\n * This SDK includes a reCAPTCHA-based implementation, {@link RecaptchaVerifier}.\n * This function can work on other platforms that do not support the\n * {@link RecaptchaVerifier} (like React Native), but you need to use a\n * third-party {@link ApplicationVerifier} implementation.\n *\n * @example\n * ```javascript\n * // 'recaptcha-container' is the ID of an element in the DOM.\n * const applicationVerifier = new firebase.auth.RecaptchaVerifier('recaptcha-container');\n * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);\n * // Obtain a verificationCode from the user.\n * const credential = await confirmationResult.confirm(verificationCode);\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).\n * @param appVerifier - The {@link ApplicationVerifier}.\n *\n * @public\n */\nexport async function signInWithPhoneNumber(\n  auth: Auth,\n  phoneNumber: string,\n  appVerifier: ApplicationVerifier\n): Promise<ConfirmationResult> {\n  const authInternal = _castAuth(auth);\n  const verificationId = await _verifyPhoneNumber(\n    authInternal,\n    phoneNumber,\n    getModularInstance(appVerifier as ApplicationVerifierInternal)\n  );\n  return new ConfirmationResultImpl(verificationId, cred =>\n    signInWithCredential(authInternal, cred)\n  );\n}\n\n/**\n * Links the user account with the given phone number.\n *\n * @param user - The user.\n * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).\n * @param appVerifier - The {@link ApplicationVerifier}.\n *\n * @public\n */\nexport async function linkWithPhoneNumber(\n  user: User,\n  phoneNumber: string,\n  appVerifier: ApplicationVerifier\n): Promise<ConfirmationResult> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  await _assertLinkedStatus(false, userInternal, ProviderId.PHONE);\n  const verificationId = await _verifyPhoneNumber(\n    userInternal.auth,\n    phoneNumber,\n    getModularInstance(appVerifier as ApplicationVerifierInternal)\n  );\n  return new ConfirmationResultImpl(verificationId, cred =>\n    linkWithCredential(userInternal, cred)\n  );\n}\n\n/**\n * Re-authenticates a user using a fresh phone credential.\n *\n * @remarks Use before operations such as {@link updatePassword} that require tokens from recent sign-in attempts.\n *\n * @param user - The user.\n * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).\n * @param appVerifier - The {@link ApplicationVerifier}.\n *\n * @public\n */\nexport async function reauthenticateWithPhoneNumber(\n  user: User,\n  phoneNumber: string,\n  appVerifier: ApplicationVerifier\n): Promise<ConfirmationResult> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  const verificationId = await _verifyPhoneNumber(\n    userInternal.auth,\n    phoneNumber,\n    getModularInstance(appVerifier as ApplicationVerifierInternal)\n  );\n  return new ConfirmationResultImpl(verificationId, cred =>\n    reauthenticateWithCredential(userInternal, cred)\n  );\n}\n\n/**\n * Returns a verification ID to be used in conjunction with the SMS code that is sent.\n *\n */\nexport async function _verifyPhoneNumber(\n  auth: AuthInternal,\n  options: PhoneInfoOptions | string,\n  verifier: ApplicationVerifierInternal\n): Promise<string> {\n  const recaptchaToken = await verifier.verify();\n\n  try {\n    _assert(\n      typeof recaptchaToken === 'string',\n      auth,\n      AuthErrorCode.ARGUMENT_ERROR\n    );\n    _assert(\n      verifier.type === RECAPTCHA_VERIFIER_TYPE,\n      auth,\n      AuthErrorCode.ARGUMENT_ERROR\n    );\n\n    let phoneInfoOptions: PhoneInfoOptions;\n\n    if (typeof options === 'string') {\n      phoneInfoOptions = {\n        phoneNumber: options\n      };\n    } else {\n      phoneInfoOptions = options;\n    }\n\n    if ('session' in phoneInfoOptions) {\n      const session = phoneInfoOptions.session as MultiFactorSessionImpl;\n\n      if ('phoneNumber' in phoneInfoOptions) {\n        _assert(\n          session.type === MultiFactorSessionType.ENROLL,\n          auth,\n          AuthErrorCode.INTERNAL_ERROR\n        );\n        const response = await startEnrollPhoneMfa(auth, {\n          idToken: session.credential,\n          phoneEnrollmentInfo: {\n            phoneNumber: phoneInfoOptions.phoneNumber,\n            recaptchaToken\n          }\n        });\n        return response.phoneSessionInfo.sessionInfo;\n      } else {\n        _assert(\n          session.type === MultiFactorSessionType.SIGN_IN,\n          auth,\n          AuthErrorCode.INTERNAL_ERROR\n        );\n        const mfaEnrollmentId =\n          phoneInfoOptions.multiFactorHint?.uid ||\n          phoneInfoOptions.multiFactorUid;\n        _assert(mfaEnrollmentId, auth, AuthErrorCode.MISSING_MFA_INFO);\n        const response = await startSignInPhoneMfa(auth, {\n          mfaPendingCredential: session.credential,\n          mfaEnrollmentId,\n          phoneSignInInfo: {\n            recaptchaToken\n          }\n        });\n        return response.phoneResponseInfo.sessionInfo;\n      }\n    } else {\n      const { sessionInfo } = await sendPhoneVerificationCode(auth, {\n        phoneNumber: phoneInfoOptions.phoneNumber,\n        recaptchaToken\n      });\n      return sessionInfo;\n    }\n  } finally {\n    verifier._reset();\n  }\n}\n\n/**\n * Updates the user's phone number.\n *\n * @example\n * ```\n * // 'recaptcha-container' is the ID of an element in the DOM.\n * const applicationVerifier = new RecaptchaVerifier('recaptcha-container');\n * const provider = new PhoneAuthProvider(auth);\n * const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier);\n * // Obtain the verificationCode from the user.\n * const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode);\n * await updatePhoneNumber(user, phoneCredential);\n * ```\n *\n * @param user - The user.\n * @param credential - A credential authenticating the new phone number.\n *\n * @public\n */\nexport async function updatePhoneNumber(\n  user: User,\n  credential: PhoneAuthCredential\n): Promise<void> {\n  await _link(getModularInstance(user) as UserInternal, credential);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  _performApiRequest,\n  Endpoint,\n  HttpMethod,\n  _addTidIfNecessary\n} from '../index';\nimport { Auth } from '../../model/public_types';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { MfaEnrollment } from '../account_management/mfa';\nimport { SignInWithIdpResponse } from './idp';\nimport {\n  SignInWithPhoneNumberRequest,\n  SignInWithPhoneNumberResponse\n} from './sms';\n\nexport interface FinalizeMfaResponse {\n  idToken: string;\n  refreshToken: string;\n}\n\n/**\n * @internal\n */\nexport interface IdTokenMfaResponse extends IdTokenResponse {\n  mfaPendingCredential?: string;\n  mfaInfo?: MfaEnrollment[];\n}\n\nexport interface StartPhoneMfaSignInRequest {\n  mfaPendingCredential: string;\n  mfaEnrollmentId: string;\n  phoneSignInInfo: {\n    recaptchaToken: string;\n  };\n  tenantId?: string;\n}\n\nexport interface StartPhoneMfaSignInResponse {\n  phoneResponseInfo: {\n    sessionInfo: string;\n  };\n}\n\nexport function startSignInPhoneMfa(\n  auth: Auth,\n  request: StartPhoneMfaSignInRequest\n): Promise<StartPhoneMfaSignInResponse> {\n  return _performApiRequest<\n    StartPhoneMfaSignInRequest,\n    StartPhoneMfaSignInResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.START_MFA_SIGN_IN,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport interface FinalizePhoneMfaSignInRequest {\n  mfaPendingCredential: string;\n  phoneVerificationInfo: SignInWithPhoneNumberRequest;\n  tenantId?: string;\n}\n\n// TOTP MFA Sign in only has a finalize phase. Phone MFA has a start phase to initiate sending an\n// SMS and a finalize phase to complete sign in. With TOTP, the user already has the OTP in the\n// TOTP/Authenticator app.\nexport interface FinalizeTotpMfaSignInRequest {\n  mfaPendingCredential: string;\n  totpVerificationInfo: { verificationCode: string };\n  tenantId?: string;\n  mfaEnrollmentId: string;\n}\n\nexport interface FinalizePhoneMfaSignInResponse extends FinalizeMfaResponse {}\n\nexport interface FinalizeTotpMfaSignInResponse extends FinalizeMfaResponse {}\n\nexport function finalizeSignInPhoneMfa(\n  auth: Auth,\n  request: FinalizePhoneMfaSignInRequest\n): Promise<FinalizePhoneMfaSignInResponse> {\n  return _performApiRequest<\n    FinalizePhoneMfaSignInRequest,\n    FinalizePhoneMfaSignInResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.FINALIZE_MFA_SIGN_IN,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\nexport function finalizeSignInTotpMfa(\n  auth: Auth,\n  request: FinalizeTotpMfaSignInRequest\n): Promise<FinalizeTotpMfaSignInResponse> {\n  return _performApiRequest<\n    FinalizeTotpMfaSignInRequest,\n    FinalizeTotpMfaSignInResponse\n  >(\n    auth,\n    HttpMethod.POST,\n    Endpoint.FINALIZE_MFA_SIGN_IN,\n    _addTidIfNecessary(auth, request)\n  );\n}\n\n/**\n * @internal\n */\nexport type PhoneOrOauthTokenResponse =\n  | SignInWithPhoneNumberResponse\n  | SignInWithIdpResponse\n  | IdTokenResponse;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Auth,\n  PhoneInfoOptions,\n  ApplicationVerifier,\n  UserCredential\n} from '../../model/public_types';\n\nimport { SignInWithPhoneNumberResponse } from '../../api/authentication/sms';\nimport { ApplicationVerifierInternal as ApplicationVerifierInternal } from '../../model/application_verifier';\nimport { AuthInternal as AuthInternal } from '../../model/auth';\nimport { UserCredentialInternal as UserCredentialInternal } from '../../model/user';\nimport { PhoneAuthCredential } from '../../core/credentials/phone';\nimport { _verifyPhoneNumber } from '../strategies/phone';\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport { AuthCredential } from '../../core';\nimport { FirebaseError, getModularInstance } from '@firebase/util';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an {@link PhoneAuthCredential}.\n *\n * @example\n * ```javascript\n * // 'recaptcha-container' is the ID of an element in the DOM.\n * const applicationVerifier = new RecaptchaVerifier('recaptcha-container');\n * const provider = new PhoneAuthProvider(auth);\n * const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier);\n * // Obtain the verificationCode from the user.\n * const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode);\n * const userCredential = await signInWithCredential(auth, phoneCredential);\n * ```\n *\n * @public\n */\nexport class PhoneAuthProvider {\n  /** Always set to {@link ProviderId}.PHONE. */\n  static readonly PROVIDER_ID: 'phone' = ProviderId.PHONE;\n  /** Always set to {@link SignInMethod}.PHONE. */\n  static readonly PHONE_SIGN_IN_METHOD: 'phone' = SignInMethod.PHONE;\n\n  /** Always set to {@link ProviderId}.PHONE. */\n  readonly providerId = PhoneAuthProvider.PROVIDER_ID;\n  private readonly auth: AuthInternal;\n\n  /**\n   * @param auth - The Firebase {@link Auth} instance in which sign-ins should occur.\n   *\n   */\n  constructor(auth: Auth) {\n    this.auth = _castAuth(auth);\n  }\n\n  /**\n   *\n   * Starts a phone number authentication flow by sending a verification code to the given phone\n   * number.\n   *\n   * @example\n   * ```javascript\n   * const provider = new PhoneAuthProvider(auth);\n   * const verificationId = await provider.verifyPhoneNumber(phoneNumber, applicationVerifier);\n   * // Obtain verificationCode from the user.\n   * const authCredential = PhoneAuthProvider.credential(verificationId, verificationCode);\n   * const userCredential = await signInWithCredential(auth, authCredential);\n   * ```\n   *\n   * @example\n   * An alternative flow is provided using the `signInWithPhoneNumber` method.\n   * ```javascript\n   * const confirmationResult = signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);\n   * // Obtain verificationCode from the user.\n   * const userCredential = confirmationResult.confirm(verificationCode);\n   * ```\n   *\n   * @param phoneInfoOptions - The user's {@link PhoneInfoOptions}. The phone number should be in\n   * E.164 format (e.g. +16505550101).\n   * @param applicationVerifier - For abuse prevention, this method also requires a\n   * {@link ApplicationVerifier}. This SDK includes a reCAPTCHA-based implementation,\n   * {@link RecaptchaVerifier}.\n   *\n   * @returns A Promise for a verification ID that can be passed to\n   * {@link PhoneAuthProvider.credential} to identify this flow..\n   */\n  verifyPhoneNumber(\n    phoneOptions: PhoneInfoOptions | string,\n    applicationVerifier: ApplicationVerifier\n  ): Promise<string> {\n    return _verifyPhoneNumber(\n      this.auth,\n      phoneOptions,\n      getModularInstance(applicationVerifier as ApplicationVerifierInternal)\n    );\n  }\n\n  /**\n   * Creates a phone auth credential, given the verification ID from\n   * {@link PhoneAuthProvider.verifyPhoneNumber} and the code that was sent to the user's\n   * mobile device.\n   *\n   * @example\n   * ```javascript\n   * const provider = new PhoneAuthProvider(auth);\n   * const verificationId = provider.verifyPhoneNumber(phoneNumber, applicationVerifier);\n   * // Obtain verificationCode from the user.\n   * const authCredential = PhoneAuthProvider.credential(verificationId, verificationCode);\n   * const userCredential = signInWithCredential(auth, authCredential);\n   * ```\n   *\n   * @example\n   * An alternative flow is provided using the `signInWithPhoneNumber` method.\n   * ```javascript\n   * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);\n   * // Obtain verificationCode from the user.\n   * const userCredential = await confirmationResult.confirm(verificationCode);\n   * ```\n   *\n   * @param verificationId - The verification ID returned from {@link PhoneAuthProvider.verifyPhoneNumber}.\n   * @param verificationCode - The verification code sent to the user's mobile device.\n   *\n   * @returns The auth provider credential.\n   */\n  static credential(\n    verificationId: string,\n    verificationCode: string\n  ): PhoneAuthCredential {\n    return PhoneAuthCredential._fromVerification(\n      verificationId,\n      verificationCode\n    );\n  }\n\n  /**\n   * Generates an {@link AuthCredential} from a {@link UserCredential}.\n   * @param userCredential - The user credential.\n   */\n  static credentialFromResult(\n    userCredential: UserCredential\n  ): AuthCredential | null {\n    const credential = userCredential as UserCredentialInternal;\n    return PhoneAuthProvider.credentialFromTaggedObject(credential);\n  }\n\n  /**\n   * Returns an {@link AuthCredential} when passed an error.\n   *\n   * @remarks\n   *\n   * This method works for errors like\n   * `auth/account-exists-with-different-credentials`. This is useful for\n   * recovering when attempting to set a user's phone number but the number\n   * in question is already tied to another account. For example, the following\n   * code tries to update the current user's phone number, and if that\n   * fails, links the user with the account associated with that number:\n   *\n   * ```js\n   * const provider = new PhoneAuthProvider(auth);\n   * const verificationId = await provider.verifyPhoneNumber(number, verifier);\n   * try {\n   *   const code = ''; // Prompt the user for the verification code\n   *   await updatePhoneNumber(\n   *       auth.currentUser,\n   *       PhoneAuthProvider.credential(verificationId, code));\n   * } catch (e) {\n   *   if ((e as FirebaseError)?.code === 'auth/account-exists-with-different-credential') {\n   *     const cred = PhoneAuthProvider.credentialFromError(e);\n   *     await linkWithCredential(auth.currentUser, cred);\n   *   }\n   * }\n   *\n   * // At this point, auth.currentUser.phoneNumber === number.\n   * ```\n   *\n   * @param error - The error to generate a credential from.\n   */\n  static credentialFromError(error: FirebaseError): AuthCredential | null {\n    return PhoneAuthProvider.credentialFromTaggedObject(\n      (error.customData || {}) as TaggedWithTokenResponse\n    );\n  }\n\n  private static credentialFromTaggedObject({\n    _tokenResponse: tokenResponse\n  }: TaggedWithTokenResponse): AuthCredential | null {\n    if (!tokenResponse) {\n      return null;\n    }\n    const { phoneNumber, temporaryProof } =\n      tokenResponse as SignInWithPhoneNumberResponse;\n    if (phoneNumber && temporaryProof) {\n      return PhoneAuthCredential._fromTokenResponse(\n        phoneNumber,\n        temporaryProof\n      );\n    }\n    return null;\n  }\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { PopupRedirectResolver } from '../../model/public_types';\nimport { AuthInternal } from '../../model/auth';\nimport { PopupRedirectResolverInternal } from '../../model/popup_redirect';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from './assert';\nimport { _getInstance } from './instantiator';\n\n/**\n * Chooses a popup/redirect resolver to use. This prefers the override (which\n * is directly passed in), and falls back to the property set on the auth\n * object. If neither are available, this function errors w/ an argument error.\n */\nexport function _withDefaultResolver(\n  auth: AuthInternal,\n  resolverOverride: PopupRedirectResolver | undefined\n): PopupRedirectResolverInternal {\n  if (resolverOverride) {\n    return _getInstance(resolverOverride);\n  }\n\n  _assert(auth._popupRedirectResolver, auth, AuthErrorCode.ARGUMENT_ERROR);\n\n  return auth._popupRedirectResolver;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  signInWithIdp,\n  SignInWithIdpRequest\n} from '../../api/authentication/idp';\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { _link as _linkUser } from '../user/link_unlink';\nimport { _reauthenticate } from '../user/reauthenticate';\nimport { _assert } from '../util/assert';\nimport { _signInWithCredential } from './credential';\nimport { AuthErrorCode } from '../errors';\nimport { ProviderId } from '../../model/enums';\n\nexport interface IdpTaskParams {\n  auth: AuthInternal;\n  requestUri: string;\n  sessionId?: string;\n  tenantId?: string;\n  postBody?: string;\n  pendingToken?: string;\n  user?: UserInternal;\n  bypassAuthState?: boolean;\n}\n\nexport type IdpTask = (\n  params: IdpTaskParams\n) => Promise<UserCredentialInternal>;\n\nclass IdpCredential extends AuthCredential {\n  constructor(readonly params: IdpTaskParams) {\n    super(ProviderId.CUSTOM, ProviderId.CUSTOM);\n  }\n\n  _getIdTokenResponse(auth: AuthInternal): Promise<PhoneOrOauthTokenResponse> {\n    return signInWithIdp(auth, this._buildIdpRequest());\n  }\n\n  _linkToIdToken(\n    auth: AuthInternal,\n    idToken: string\n  ): Promise<IdTokenResponse> {\n    return signInWithIdp(auth, this._buildIdpRequest(idToken));\n  }\n\n  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n    return signInWithIdp(auth, this._buildIdpRequest());\n  }\n\n  private _buildIdpRequest(idToken?: string): SignInWithIdpRequest {\n    const request: SignInWithIdpRequest = {\n      requestUri: this.params.requestUri,\n      sessionId: this.params.sessionId,\n      postBody: this.params.postBody,\n      tenantId: this.params.tenantId,\n      pendingToken: this.params.pendingToken,\n      returnSecureToken: true,\n      returnIdpCredential: true\n    };\n\n    if (idToken) {\n      request.idToken = idToken;\n    }\n\n    return request;\n  }\n}\n\nexport function _signIn(\n  params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n  return _signInWithCredential(\n    params.auth,\n    new IdpCredential(params),\n    params.bypassAuthState\n  ) as Promise<UserCredentialInternal>;\n}\n\nexport function _reauth(\n  params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n  const { auth, user } = params;\n  _assert(user, auth, AuthErrorCode.INTERNAL_ERROR);\n  return _reauthenticate(\n    user,\n    new IdpCredential(params),\n    params.bypassAuthState\n  );\n}\n\nexport async function _link(\n  params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n  const { auth, user } = params;\n  _assert(user, auth, AuthErrorCode.INTERNAL_ERROR);\n  return _linkUser(user, new IdpCredential(params), params.bypassAuthState);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\n\nimport {\n  AuthEvent,\n  AuthEventConsumer,\n  AuthEventType,\n  EventManager,\n  PopupRedirectResolverInternal\n} from '../../model/popup_redirect';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\nimport { debugAssert, _fail } from '../util/assert';\nimport {\n  _link,\n  _reauth,\n  _signIn,\n  IdpTask,\n  IdpTaskParams\n} from '../strategies/idp';\nimport { AuthInternal } from '../../model/auth';\n\ninterface PendingPromise {\n  resolve: (cred: UserCredentialInternal | null) => void;\n  reject: (error: Error) => void;\n}\n\n/**\n * Popup event manager. Handles the popup's entire lifecycle; listens to auth\n * events\n */\nexport abstract class AbstractPopupRedirectOperation\n  implements AuthEventConsumer\n{\n  private pendingPromise: PendingPromise | null = null;\n  private eventManager: EventManager | null = null;\n  readonly filter: AuthEventType[];\n\n  abstract eventId: string | null;\n\n  constructor(\n    protected readonly auth: AuthInternal,\n    filter: AuthEventType | AuthEventType[],\n    protected readonly resolver: PopupRedirectResolverInternal,\n    protected user?: UserInternal,\n    protected readonly bypassAuthState = false\n  ) {\n    this.filter = Array.isArray(filter) ? filter : [filter];\n  }\n\n  abstract onExecution(): Promise<void>;\n\n  execute(): Promise<UserCredentialInternal | null> {\n    return new Promise<UserCredentialInternal | null>(\n      async (resolve, reject) => {\n        this.pendingPromise = { resolve, reject };\n\n        try {\n          this.eventManager = await this.resolver._initialize(this.auth);\n          await this.onExecution();\n          this.eventManager.registerConsumer(this);\n        } catch (e) {\n          this.reject(e as Error);\n        }\n      }\n    );\n  }\n\n  async onAuthEvent(event: AuthEvent): Promise<void> {\n    const { urlResponse, sessionId, postBody, tenantId, error, type } = event;\n    if (error) {\n      this.reject(error);\n      return;\n    }\n\n    const params: IdpTaskParams = {\n      auth: this.auth,\n      requestUri: urlResponse!,\n      sessionId: sessionId!,\n      tenantId: tenantId || undefined,\n      postBody: postBody || undefined,\n      user: this.user,\n      bypassAuthState: this.bypassAuthState\n    };\n\n    try {\n      this.resolve(await this.getIdpTask(type)(params));\n    } catch (e) {\n      this.reject(e as Error);\n    }\n  }\n\n  onError(error: FirebaseError): void {\n    this.reject(error);\n  }\n\n  private getIdpTask(type: AuthEventType): IdpTask {\n    switch (type) {\n      case AuthEventType.SIGN_IN_VIA_POPUP:\n      case AuthEventType.SIGN_IN_VIA_REDIRECT:\n        return _signIn;\n      case AuthEventType.LINK_VIA_POPUP:\n      case AuthEventType.LINK_VIA_REDIRECT:\n        return _link;\n      case AuthEventType.REAUTH_VIA_POPUP:\n      case AuthEventType.REAUTH_VIA_REDIRECT:\n        return _reauth;\n      default:\n        _fail(this.auth, AuthErrorCode.INTERNAL_ERROR);\n    }\n  }\n\n  protected resolve(cred: UserCredentialInternal | null): void {\n    debugAssert(this.pendingPromise, 'Pending promise was never set');\n    this.pendingPromise.resolve(cred);\n    this.unregisterAndCleanUp();\n  }\n\n  protected reject(error: Error): void {\n    debugAssert(this.pendingPromise, 'Pending promise was never set');\n    this.pendingPromise.reject(error);\n    this.unregisterAndCleanUp();\n  }\n\n  private unregisterAndCleanUp(): void {\n    if (this.eventManager) {\n      this.eventManager.unregisterConsumer(this);\n    }\n\n    this.pendingPromise = null;\n    this.cleanUp();\n  }\n\n  abstract cleanUp(): void;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Auth,\n  AuthProvider,\n  PopupRedirectResolver,\n  User,\n  UserCredential\n} from '../../model/public_types';\n\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport { AuthErrorCode } from '../../core/errors';\nimport {\n  _assert,\n  debugAssert,\n  _createError,\n  _assertInstanceOf\n} from '../../core/util/assert';\nimport { Delay } from '../../core/util/delay';\nimport { _generateEventId } from '../../core/util/event_id';\nimport { AuthInternal } from '../../model/auth';\nimport {\n  AuthEventType,\n  PopupRedirectResolverInternal\n} from '../../model/popup_redirect';\nimport { UserInternal } from '../../model/user';\nimport { _withDefaultResolver } from '../../core/util/resolver';\nimport { AuthPopup } from '../util/popup';\nimport { AbstractPopupRedirectOperation } from '../../core/strategies/abstract_popup_redirect_operation';\nimport { FederatedAuthProvider } from '../../core/providers/federated';\nimport { getModularInstance } from '@firebase/util';\n\n/*\n * The event timeout is the same on mobile and desktop, no need for Delay. Set this to 8s since\n * blocking functions can take upto 7s to complete sign in, as documented in:\n * https://cloud.google.com/identity-platform/docs/blocking-functions#understanding_blocking_functions\n * https://firebase.google.com/docs/auth/extend-with-blocking-functions#understanding_blocking_functions\n */\nexport const enum _Timeout {\n  AUTH_EVENT = 8000\n}\nexport const _POLL_WINDOW_CLOSE_TIMEOUT = new Delay(2000, 10000);\n\n/**\n * Authenticates a Firebase client using a popup-based OAuth authentication flow.\n *\n * @remarks\n * If succeeds, returns the signed in user along with the provider's credential. If sign in was\n * unsuccessful, returns an error object containing additional information about the error.\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new FacebookAuthProvider();\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a Facebook Access Token.\n * const credential = provider.credentialFromResult(auth, result);\n * const token = credential.accessToken;\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n *\n * @public\n */\nexport async function signInWithPopup(\n  auth: Auth,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<UserCredential> {\n  const authInternal = _castAuth(auth);\n  _assertInstanceOf(auth, provider, FederatedAuthProvider);\n  const resolverInternal = _withDefaultResolver(authInternal, resolver);\n  const action = new PopupOperation(\n    authInternal,\n    AuthEventType.SIGN_IN_VIA_POPUP,\n    provider,\n    resolverInternal\n  );\n  return action.executeNotNull();\n}\n\n/**\n * Reauthenticates the current user with the specified {@link OAuthProvider} using a pop-up based\n * OAuth flow.\n *\n * @remarks\n * If the reauthentication is successful, the returned result will contain the user and the\n * provider's credential.\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new FacebookAuthProvider();\n * const result = await signInWithPopup(auth, provider);\n * // Reauthenticate using a popup.\n * await reauthenticateWithPopup(result.user, provider);\n * ```\n *\n * @param user - The user.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport async function reauthenticateWithPopup(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<UserCredential> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);\n  const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);\n  const action = new PopupOperation(\n    userInternal.auth,\n    AuthEventType.REAUTH_VIA_POPUP,\n    provider,\n    resolverInternal,\n    userInternal\n  );\n  return action.executeNotNull();\n}\n\n/**\n * Links the authenticated provider to the user account using a pop-up based OAuth flow.\n *\n * @remarks\n * If the linking is successful, the returned result will contain the user and the provider's credential.\n *\n *\n * @example\n * ```javascript\n * // Sign in using some other provider.\n * const result = await signInWithEmailAndPassword(auth, email, password);\n * // Link using a popup.\n * const provider = new FacebookAuthProvider();\n * await linkWithPopup(result.user, provider);\n * ```\n *\n * @param user - The user.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport async function linkWithPopup(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<UserCredential> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);\n  const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);\n\n  const action = new PopupOperation(\n    userInternal.auth,\n    AuthEventType.LINK_VIA_POPUP,\n    provider,\n    resolverInternal,\n    userInternal\n  );\n  return action.executeNotNull();\n}\n\n/**\n * Popup event manager. Handles the popup's entire lifecycle; listens to auth\n * events\n *\n */\nclass PopupOperation extends AbstractPopupRedirectOperation {\n  // Only one popup is ever shown at once. The lifecycle of the current popup\n  // can be managed / cancelled by the constructor.\n  private static currentPopupAction: PopupOperation | null = null;\n  private authWindow: AuthPopup | null = null;\n  private pollId: number | null = null;\n\n  constructor(\n    auth: AuthInternal,\n    filter: AuthEventType,\n    private readonly provider: AuthProvider,\n    resolver: PopupRedirectResolverInternal,\n    user?: UserInternal\n  ) {\n    super(auth, filter, resolver, user);\n    if (PopupOperation.currentPopupAction) {\n      PopupOperation.currentPopupAction.cancel();\n    }\n\n    PopupOperation.currentPopupAction = this;\n  }\n\n  async executeNotNull(): Promise<UserCredential> {\n    const result = await this.execute();\n    _assert(result, this.auth, AuthErrorCode.INTERNAL_ERROR);\n    return result;\n  }\n\n  async onExecution(): Promise<void> {\n    debugAssert(\n      this.filter.length === 1,\n      'Popup operations only handle one event'\n    );\n    const eventId = _generateEventId();\n    this.authWindow = await this.resolver._openPopup(\n      this.auth,\n      this.provider,\n      this.filter[0], // There's always one, see constructor\n      eventId\n    );\n    this.authWindow.associatedEvent = eventId;\n\n    // Check for web storage support and origin validation _after_ the popup is\n    // loaded. These operations are slow (~1 second or so) Rather than\n    // waiting on them before opening the window, optimistically open the popup\n    // and check for storage support at the same time. If storage support is\n    // not available, this will cause the whole thing to reject properly. It\n    // will also close the popup, but since the promise has already rejected,\n    // the popup closed by user poll will reject into the void.\n    this.resolver._originValidation(this.auth).catch(e => {\n      this.reject(e);\n    });\n\n    this.resolver._isIframeWebStorageSupported(this.auth, isSupported => {\n      if (!isSupported) {\n        this.reject(\n          _createError(this.auth, AuthErrorCode.WEB_STORAGE_UNSUPPORTED)\n        );\n      }\n    });\n\n    // Handle user closure. Notice this does *not* use await\n    this.pollUserCancellation();\n  }\n\n  get eventId(): string | null {\n    return this.authWindow?.associatedEvent || null;\n  }\n\n  cancel(): void {\n    this.reject(_createError(this.auth, AuthErrorCode.EXPIRED_POPUP_REQUEST));\n  }\n\n  cleanUp(): void {\n    if (this.authWindow) {\n      this.authWindow.close();\n    }\n\n    if (this.pollId) {\n      window.clearTimeout(this.pollId);\n    }\n\n    this.authWindow = null;\n    this.pollId = null;\n    PopupOperation.currentPopupAction = null;\n  }\n\n  private pollUserCancellation(): void {\n    const poll = (): void => {\n      if (this.authWindow?.window?.closed) {\n        // Make sure that there is sufficient time for whatever action to\n        // complete. The window could have closed but the sign in network\n        // call could still be in flight. This is specifically true for\n        // Firefox or if the opener is in an iframe, in which case the oauth\n        // helper closes the popup.\n        this.pollId = window.setTimeout(() => {\n          this.pollId = null;\n          this.reject(\n            _createError(this.auth, AuthErrorCode.POPUP_CLOSED_BY_USER)\n          );\n        }, _Timeout.AUTH_EVENT);\n        return;\n      }\n\n      this.pollId = window.setTimeout(poll, _POLL_WINDOW_CLOSE_TIMEOUT.get());\n    };\n\n    poll();\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthInternal } from '../../model/auth';\nimport {\n  AuthEvent,\n  AuthEventType,\n  PopupRedirectResolverInternal\n} from '../../model/popup_redirect';\nimport { UserCredentialInternal } from '../../model/user';\nimport { PersistenceInternal } from '../persistence';\nimport { _persistenceKeyName } from '../persistence/persistence_user_manager';\nimport { _getInstance } from '../util/instantiator';\nimport { AbstractPopupRedirectOperation } from './abstract_popup_redirect_operation';\n\nconst PENDING_REDIRECT_KEY = 'pendingRedirect';\n\n// We only get one redirect outcome for any one auth, so just store it\n// in here.\nconst redirectOutcomeMap: Map<\n  string,\n  () => Promise<UserCredentialInternal | null>\n> = new Map();\n\nexport class RedirectAction extends AbstractPopupRedirectOperation {\n  eventId = null;\n\n  constructor(\n    auth: AuthInternal,\n    resolver: PopupRedirectResolverInternal,\n    bypassAuthState = false\n  ) {\n    super(\n      auth,\n      [\n        AuthEventType.SIGN_IN_VIA_REDIRECT,\n        AuthEventType.LINK_VIA_REDIRECT,\n        AuthEventType.REAUTH_VIA_REDIRECT,\n        AuthEventType.UNKNOWN\n      ],\n      resolver,\n      undefined,\n      bypassAuthState\n    );\n  }\n\n  /**\n   * Override the execute function; if we already have a redirect result, then\n   * just return it.\n   */\n  async execute(): Promise<UserCredentialInternal | null> {\n    let readyOutcome = redirectOutcomeMap.get(this.auth._key());\n    if (!readyOutcome) {\n      try {\n        const hasPendingRedirect = await _getAndClearPendingRedirectStatus(\n          this.resolver,\n          this.auth\n        );\n        const result = hasPendingRedirect ? await super.execute() : null;\n        readyOutcome = () => Promise.resolve(result);\n      } catch (e) {\n        readyOutcome = () => Promise.reject(e);\n      }\n\n      redirectOutcomeMap.set(this.auth._key(), readyOutcome);\n    }\n\n    // If we're not bypassing auth state, the ready outcome should be set to\n    // null.\n    if (!this.bypassAuthState) {\n      redirectOutcomeMap.set(this.auth._key(), () => Promise.resolve(null));\n    }\n\n    return readyOutcome();\n  }\n\n  async onAuthEvent(event: AuthEvent): Promise<void> {\n    if (event.type === AuthEventType.SIGN_IN_VIA_REDIRECT) {\n      return super.onAuthEvent(event);\n    } else if (event.type === AuthEventType.UNKNOWN) {\n      // This is a sentinel value indicating there's no pending redirect\n      this.resolve(null);\n      return;\n    }\n\n    if (event.eventId) {\n      const user = await this.auth._redirectUserForId(event.eventId);\n      if (user) {\n        this.user = user;\n        return super.onAuthEvent(event);\n      } else {\n        this.resolve(null);\n      }\n    }\n  }\n\n  async onExecution(): Promise<void> {}\n\n  cleanUp(): void {}\n}\n\nexport async function _getAndClearPendingRedirectStatus(\n  resolver: PopupRedirectResolverInternal,\n  auth: AuthInternal\n): Promise<boolean> {\n  const key = pendingRedirectKey(auth);\n  const persistence = resolverPersistence(resolver);\n  if (!(await persistence._isAvailable())) {\n    return false;\n  }\n  const hasPendingRedirect = (await persistence._get(key)) === 'true';\n  await persistence._remove(key);\n  return hasPendingRedirect;\n}\n\nexport async function _setPendingRedirectStatus(\n  resolver: PopupRedirectResolverInternal,\n  auth: AuthInternal\n): Promise<void> {\n  return resolverPersistence(resolver)._set(pendingRedirectKey(auth), 'true');\n}\n\nexport function _clearRedirectOutcomes(): void {\n  redirectOutcomeMap.clear();\n}\n\nexport function _overrideRedirectResult(\n  auth: AuthInternal,\n  result: () => Promise<UserCredentialInternal | null>\n): void {\n  redirectOutcomeMap.set(auth._key(), result);\n}\n\nfunction resolverPersistence(\n  resolver: PopupRedirectResolverInternal\n): PersistenceInternal {\n  return _getInstance(resolver._redirectPersistence);\n}\n\nfunction pendingRedirectKey(auth: AuthInternal): string {\n  return _persistenceKeyName(\n    PENDING_REDIRECT_KEY,\n    auth.config.apiKey,\n    auth.name\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Auth,\n  AuthProvider,\n  PopupRedirectResolver,\n  User,\n  UserCredential\n} from '../../model/public_types';\n\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport { _assertLinkedStatus } from '../../core/user/link_unlink';\nimport { _assertInstanceOf } from '../../core/util/assert';\nimport { _generateEventId } from '../../core/util/event_id';\nimport { AuthEventType } from '../../model/popup_redirect';\nimport { UserInternal } from '../../model/user';\nimport { _withDefaultResolver } from '../../core/util/resolver';\nimport {\n  RedirectAction,\n  _setPendingRedirectStatus\n} from '../../core/strategies/redirect';\nimport { FederatedAuthProvider } from '../../core/providers/federated';\nimport { getModularInstance } from '@firebase/util';\n\n/**\n * Authenticates a Firebase client using a full-page redirect flow.\n *\n * @remarks\n * To handle the results and errors for this operation, refer to {@link getRedirectResult}.\n * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices\n * | best practices} when using {@link signInWithRedirect}.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * // You can add additional scopes to the provider:\n * provider.addScope('user_birthday');\n * // Start a sign in process for an unauthenticated user.\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a Facebook Access Token.\n *   const credential = provider.credentialFromResult(auth, result);\n *   const token = credential.accessToken;\n * }\n * // As this API can be used for sign-in, linking and reauthentication,\n * // check the operationType to determine what triggered this redirect\n * // operation.\n * const operationType = result.operationType;\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport function signInWithRedirect(\n  auth: Auth,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<never> {\n  return _signInWithRedirect(auth, provider, resolver) as Promise<never>;\n}\n\nexport async function _signInWithRedirect(\n  auth: Auth,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<void | never> {\n  const authInternal = _castAuth(auth);\n  _assertInstanceOf(auth, provider, FederatedAuthProvider);\n  // Wait for auth initialization to complete, this will process pending redirects and clear the\n  // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new\n  // redirect and creating a PENDING_REDIRECT_KEY entry.\n  await authInternal._initializationPromise;\n  const resolverInternal = _withDefaultResolver(authInternal, resolver);\n  await _setPendingRedirectStatus(resolverInternal, authInternal);\n\n  return resolverInternal._openRedirect(\n    authInternal,\n    provider,\n    AuthEventType.SIGN_IN_VIA_REDIRECT\n  );\n}\n\n/**\n * Reauthenticates the current user with the specified {@link OAuthProvider} using a full-page redirect flow.\n * @remarks\n * To handle the results and errors for this operation, refer to {@link getRedirectResult}.\n * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices\n * | best practices} when using {@link reauthenticateWithRedirect}.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * const result = await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * // Reauthenticate using a redirect.\n * await reauthenticateWithRedirect(result.user, provider);\n * // This will again trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * ```\n *\n * @param user - The user.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport function reauthenticateWithRedirect(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<never> {\n  return _reauthenticateWithRedirect(\n    user,\n    provider,\n    resolver\n  ) as Promise<never>;\n}\nexport async function _reauthenticateWithRedirect(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<void | never> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);\n  // Wait for auth initialization to complete, this will process pending redirects and clear the\n  // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new\n  // redirect and creating a PENDING_REDIRECT_KEY entry.\n  await userInternal.auth._initializationPromise;\n  // Allow the resolver to error before persisting the redirect user\n  const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);\n  await _setPendingRedirectStatus(resolverInternal, userInternal.auth);\n\n  const eventId = await prepareUserForRedirect(userInternal);\n  return resolverInternal._openRedirect(\n    userInternal.auth,\n    provider,\n    AuthEventType.REAUTH_VIA_REDIRECT,\n    eventId\n  );\n}\n\n/**\n * Links the {@link OAuthProvider} to the user account using a full-page redirect flow.\n * @remarks\n * To handle the results and errors for this operation, refer to {@link getRedirectResult}.\n * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices\n * | best practices} when using {@link linkWithRedirect}.\n *\n * @example\n * ```javascript\n * // Sign in using some other provider.\n * const result = await signInWithEmailAndPassword(auth, email, password);\n * // Link using a redirect.\n * const provider = new FacebookAuthProvider();\n * await linkWithRedirect(result.user, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * ```\n *\n * @param user - The user.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n *\n * @public\n */\nexport function linkWithRedirect(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<never> {\n  return _linkWithRedirect(user, provider, resolver) as Promise<never>;\n}\nexport async function _linkWithRedirect(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<void | never> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);\n  // Wait for auth initialization to complete, this will process pending redirects and clear the\n  // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new\n  // redirect and creating a PENDING_REDIRECT_KEY entry.\n  await userInternal.auth._initializationPromise;\n  // Allow the resolver to error before persisting the redirect user\n  const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);\n  await _assertLinkedStatus(false, userInternal, provider.providerId);\n  await _setPendingRedirectStatus(resolverInternal, userInternal.auth);\n\n  const eventId = await prepareUserForRedirect(userInternal);\n  return resolverInternal._openRedirect(\n    userInternal.auth,\n    provider,\n    AuthEventType.LINK_VIA_REDIRECT,\n    eventId\n  );\n}\n\n/**\n * Returns a {@link UserCredential} from the redirect-based sign-in flow.\n *\n * @remarks\n * If sign-in succeeded, returns the signed in user. If sign-in was unsuccessful, fails with an\n * error. If no redirect operation was called, returns `null`.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * // You can add additional scopes to the provider:\n * provider.addScope('user_birthday');\n * // Start a sign in process for an unauthenticated user.\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a Facebook Access Token.\n *   const credential = provider.credentialFromResult(auth, result);\n *   const token = credential.accessToken;\n * }\n * // As this API can be used for sign-in, linking and reauthentication,\n * // check the operationType to determine what triggered this redirect\n * // operation.\n * const operationType = result.operationType;\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport async function getRedirectResult(\n  auth: Auth,\n  resolver?: PopupRedirectResolver\n): Promise<UserCredential | null> {\n  await _castAuth(auth)._initializationPromise;\n  return _getRedirectResult(auth, resolver, false);\n}\n\nexport async function _getRedirectResult(\n  auth: Auth,\n  resolverExtern?: PopupRedirectResolver,\n  bypassAuthState = false\n): Promise<UserCredential | null> {\n  const authInternal = _castAuth(auth);\n  const resolver = _withDefaultResolver(authInternal, resolverExtern);\n  const action = new RedirectAction(authInternal, resolver, bypassAuthState);\n  const result = await action.execute();\n\n  if (result && !bypassAuthState) {\n    delete result.user._redirectEventId;\n    await authInternal._persistUserIfCurrent(result.user as UserInternal);\n    await authInternal._setRedirectUser(null, resolverExtern);\n  }\n\n  return result;\n}\n\nasync function prepareUserForRedirect(user: UserInternal): Promise<string> {\n  const eventId = _generateEventId(`${user.uid}:::`);\n  user._redirectEventId = eventId;\n  await user.auth._setRedirectUser(user);\n  await user.auth._persistUserIfCurrent(user);\n  return eventId;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  AuthEvent,\n  AuthEventConsumer,\n  AuthEventType,\n  EventManager\n} from '../../model/popup_redirect';\nimport { AuthErrorCode } from '../errors';\nimport { AuthInternal } from '../../model/auth';\nimport { _createError } from '../util/assert';\n\n// The amount of time to store the UIDs of seen events; this is\n// set to 10 min by default\nconst EVENT_DUPLICATION_CACHE_DURATION_MS = 10 * 60 * 1000;\n\nexport class AuthEventManager implements EventManager {\n  private readonly cachedEventUids: Set<string> = new Set();\n  private readonly consumers: Set<AuthEventConsumer> = new Set();\n  protected queuedRedirectEvent: AuthEvent | null = null;\n  protected hasHandledPotentialRedirect = false;\n  private lastProcessedEventTime = Date.now();\n\n  constructor(private readonly auth: AuthInternal) {}\n\n  registerConsumer(authEventConsumer: AuthEventConsumer): void {\n    this.consumers.add(authEventConsumer);\n\n    if (\n      this.queuedRedirectEvent &&\n      this.isEventForConsumer(this.queuedRedirectEvent, authEventConsumer)\n    ) {\n      this.sendToConsumer(this.queuedRedirectEvent, authEventConsumer);\n      this.saveEventToCache(this.queuedRedirectEvent);\n      this.queuedRedirectEvent = null;\n    }\n  }\n\n  unregisterConsumer(authEventConsumer: AuthEventConsumer): void {\n    this.consumers.delete(authEventConsumer);\n  }\n\n  onEvent(event: AuthEvent): boolean {\n    // Check if the event has already been handled\n    if (this.hasEventBeenHandled(event)) {\n      return false;\n    }\n\n    let handled = false;\n    this.consumers.forEach(consumer => {\n      if (this.isEventForConsumer(event, consumer)) {\n        handled = true;\n        this.sendToConsumer(event, consumer);\n        this.saveEventToCache(event);\n      }\n    });\n\n    if (this.hasHandledPotentialRedirect || !isRedirectEvent(event)) {\n      // If we've already seen a redirect before, or this is a popup event,\n      // bail now\n      return handled;\n    }\n\n    this.hasHandledPotentialRedirect = true;\n\n    // If the redirect wasn't handled, hang on to it\n    if (!handled) {\n      this.queuedRedirectEvent = event;\n      handled = true;\n    }\n\n    return handled;\n  }\n\n  private sendToConsumer(event: AuthEvent, consumer: AuthEventConsumer): void {\n    if (event.error && !isNullRedirectEvent(event)) {\n      const code =\n        (event.error.code?.split('auth/')[1] as AuthErrorCode) ||\n        AuthErrorCode.INTERNAL_ERROR;\n      consumer.onError(_createError(this.auth, code));\n    } else {\n      consumer.onAuthEvent(event);\n    }\n  }\n\n  private isEventForConsumer(\n    event: AuthEvent,\n    consumer: AuthEventConsumer\n  ): boolean {\n    const eventIdMatches =\n      consumer.eventId === null ||\n      (!!event.eventId && event.eventId === consumer.eventId);\n    return consumer.filter.includes(event.type) && eventIdMatches;\n  }\n\n  private hasEventBeenHandled(event: AuthEvent): boolean {\n    if (\n      Date.now() - this.lastProcessedEventTime >=\n      EVENT_DUPLICATION_CACHE_DURATION_MS\n    ) {\n      this.cachedEventUids.clear();\n    }\n\n    return this.cachedEventUids.has(eventUid(event));\n  }\n\n  private saveEventToCache(event: AuthEvent): void {\n    this.cachedEventUids.add(eventUid(event));\n    this.lastProcessedEventTime = Date.now();\n  }\n}\n\nfunction eventUid(e: AuthEvent): string {\n  return [e.type, e.eventId, e.sessionId, e.tenantId].filter(v => v).join('-');\n}\n\nfunction isNullRedirectEvent({ type, error }: AuthEvent): boolean {\n  return (\n    type === AuthEventType.UNKNOWN &&\n    error?.code === `auth/${AuthErrorCode.NO_AUTH_EVENT}`\n  );\n}\n\nfunction isRedirectEvent(event: AuthEvent): boolean {\n  switch (event.type) {\n    case AuthEventType.SIGN_IN_VIA_REDIRECT:\n    case AuthEventType.LINK_VIA_REDIRECT:\n    case AuthEventType.REAUTH_VIA_REDIRECT:\n      return true;\n    case AuthEventType.UNKNOWN:\n      return isNullRedirectEvent(event);\n    default:\n      return false;\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _performApiRequest, Endpoint, HttpMethod } from '../index';\nimport { Auth } from '../../model/public_types';\n\nexport interface GetProjectConfigRequest {\n  androidPackageName?: string;\n  iosBundleId?: string;\n}\n\nexport interface GetProjectConfigResponse {\n  authorizedDomains: string[];\n}\n\nexport async function _getProjectConfig(\n  auth: Auth,\n  request: GetProjectConfigRequest = {}\n): Promise<GetProjectConfigResponse> {\n  return _performApiRequest<GetProjectConfigRequest, GetProjectConfigResponse>(\n    auth,\n    HttpMethod.GET,\n    Endpoint.GET_PROJECT_CONFIG,\n    request\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _getProjectConfig } from '../../api/project_config/get_project_config';\nimport { AuthInternal } from '../../model/auth';\nimport { AuthErrorCode } from '../errors';\nimport { _fail } from './assert';\nimport { _getCurrentUrl } from './location';\n\nconst IP_ADDRESS_REGEX = /^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$/;\nconst HTTP_REGEX = /^https?/;\n\nexport async function _validateOrigin(auth: AuthInternal): Promise<void> {\n  // Skip origin validation if we are in an emulated environment\n  if (auth.config.emulator) {\n    return;\n  }\n\n  const { authorizedDomains } = await _getProjectConfig(auth);\n\n  for (const domain of authorizedDomains) {\n    try {\n      if (matchDomain(domain)) {\n        return;\n      }\n    } catch {\n      // Do nothing if there's a URL error; just continue searching\n    }\n  }\n\n  // In the old SDK, this error also provides helpful messages.\n  _fail(auth, AuthErrorCode.INVALID_ORIGIN);\n}\n\nfunction matchDomain(expected: string): boolean {\n  const currentUrl = _getCurrentUrl();\n  const { protocol, hostname } = new URL(currentUrl);\n  if (expected.startsWith('chrome-extension://')) {\n    const ceUrl = new URL(expected);\n\n    if (ceUrl.hostname === '' && hostname === '') {\n      // For some reason we're not parsing chrome URLs properly\n      return (\n        protocol === 'chrome-extension:' &&\n        expected.replace('chrome-extension://', '') ===\n          currentUrl.replace('chrome-extension://', '')\n      );\n    }\n\n    return protocol === 'chrome-extension:' && ceUrl.hostname === hostname;\n  }\n\n  if (!HTTP_REGEX.test(protocol)) {\n    return false;\n  }\n\n  if (IP_ADDRESS_REGEX.test(expected)) {\n    // The domain has to be exactly equal to the pattern, as an IP domain will\n    // only contain the IP, no extra character.\n    return hostname === expected;\n  }\n\n  // Dots in pattern should be escaped.\n  const escapedDomainPattern = expected.replace(/\\./g, '\\\\.');\n  // Non ip address domains.\n  // domain.com = *.domain.com OR domain.com\n  const re = new RegExp(\n    '^(.+\\\\.' + escapedDomainPattern + '|' + escapedDomainPattern + ')$',\n    'i'\n  );\n  return re.test(hostname);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorCode } from '../../core/errors';\nimport { _createError } from '../../core/util/assert';\nimport { Delay } from '../../core/util/delay';\nimport { AuthInternal } from '../../model/auth';\nimport { _window } from '../auth_window';\nimport * as js from '../load_js';\n\nconst NETWORK_TIMEOUT = new Delay(30000, 60000);\n\n/**\n * Reset unlaoded GApi modules. If gapi.load fails due to a network error,\n * it will stop working after a retrial. This is a hack to fix this issue.\n */\nfunction resetUnloadedGapiModules(): void {\n  // Clear last failed gapi.load state to force next gapi.load to first\n  // load the failed gapi.iframes module.\n  // Get gapix.beacon context.\n  const beacon = _window().___jsl;\n  // Get current hint.\n  if (beacon?.H) {\n    // Get gapi hint.\n    for (const hint of Object.keys(beacon.H)) {\n      // Requested modules.\n      beacon.H[hint].r = beacon.H[hint].r || [];\n      // Loaded modules.\n      beacon.H[hint].L = beacon.H[hint].L || [];\n      // Set requested modules to a copy of the loaded modules.\n      beacon.H[hint].r = [...beacon.H[hint].L];\n      // Clear pending callbacks.\n      if (beacon.CP) {\n        for (let i = 0; i < beacon.CP.length; i++) {\n          // Remove all failed pending callbacks.\n          beacon.CP[i] = null;\n        }\n      }\n    }\n  }\n}\n\nfunction loadGapi(auth: AuthInternal): Promise<gapi.iframes.Context> {\n  return new Promise<gapi.iframes.Context>((resolve, reject) => {\n    // Function to run when gapi.load is ready.\n    function loadGapiIframe(): void {\n      // The developer may have tried to previously run gapi.load and failed.\n      // Run this to fix that.\n      resetUnloadedGapiModules();\n      gapi.load('gapi.iframes', {\n        callback: () => {\n          resolve(gapi.iframes.getContext());\n        },\n        ontimeout: () => {\n          // The above reset may be sufficient, but having this reset after\n          // failure ensures that if the developer calls gapi.load after the\n          // connection is re-established and before another attempt to embed\n          // the iframe, it would work and would not be broken because of our\n          // failed attempt.\n          // Timeout when gapi.iframes.Iframe not loaded.\n          resetUnloadedGapiModules();\n          reject(_createError(auth, AuthErrorCode.NETWORK_REQUEST_FAILED));\n        },\n        timeout: NETWORK_TIMEOUT.get()\n      });\n    }\n\n    if (_window().gapi?.iframes?.Iframe) {\n      // If gapi.iframes.Iframe available, resolve.\n      resolve(gapi.iframes.getContext());\n    } else if (!!_window().gapi?.load) {\n      // Gapi loader ready, load gapi.iframes.\n      loadGapiIframe();\n    } else {\n      // Create a new iframe callback when this is called so as not to overwrite\n      // any previous defined callback. This happens if this method is called\n      // multiple times in parallel and could result in the later callback\n      // overwriting the previous one. This would end up with a iframe\n      // timeout.\n      const cbName = js._generateCallbackName('iframefcb');\n      // GApi loader not available, dynamically load platform.js.\n      _window()[cbName] = () => {\n        // GApi loader should be ready.\n        if (!!gapi.load) {\n          loadGapiIframe();\n        } else {\n          // Gapi loader failed, throw error.\n          reject(_createError(auth, AuthErrorCode.NETWORK_REQUEST_FAILED));\n        }\n      };\n      // Load GApi loader.\n      return js\n        ._loadJS(`https://apis.google.com/js/api.js?onload=${cbName}`)\n        .catch(e => reject(e));\n    }\n  }).catch(error => {\n    // Reset cached promise to allow for retrial.\n    cachedGApiLoader = null;\n    throw error;\n  });\n}\n\nlet cachedGApiLoader: Promise<gapi.iframes.Context> | null = null;\nexport function _loadGapi(auth: AuthInternal): Promise<gapi.iframes.Context> {\n  cachedGApiLoader = cachedGApiLoader || loadGapi(auth);\n  return cachedGApiLoader;\n}\n\nexport function _resetLoader(): void {\n  cachedGApiLoader = null;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { SDK_VERSION } from '@firebase/app';\nimport { querystring } from '@firebase/util';\nimport { DefaultConfig } from '../../../internal';\n\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert, _createError } from '../../core/util/assert';\nimport { Delay } from '../../core/util/delay';\nimport { _emulatorUrl } from '../../core/util/emulator';\nimport { AuthInternal } from '../../model/auth';\nimport { _window } from '../auth_window';\nimport * as gapiLoader from './gapi';\n\nconst PING_TIMEOUT = new Delay(5000, 15000);\nconst IFRAME_PATH = '__/auth/iframe';\nconst EMULATED_IFRAME_PATH = 'emulator/auth/iframe';\n\nconst IFRAME_ATTRIBUTES = {\n  style: {\n    position: 'absolute',\n    top: '-100px',\n    width: '1px',\n    height: '1px'\n  },\n  'aria-hidden': 'true',\n  tabindex: '-1'\n};\n\n// Map from apiHost to endpoint ID for passing into iframe. In current SDK, apiHost can be set to\n// anything (not from a list of endpoints with IDs as in legacy), so this is the closest we can get.\nconst EID_FROM_APIHOST = new Map([\n  [DefaultConfig.API_HOST, 'p'], // production\n  ['staging-identitytoolkit.sandbox.googleapis.com', 's'], // staging\n  ['test-identitytoolkit.sandbox.googleapis.com', 't'] // test\n]);\n\nfunction getIframeUrl(auth: AuthInternal): string {\n  const config = auth.config;\n  _assert(config.authDomain, auth, AuthErrorCode.MISSING_AUTH_DOMAIN);\n  const url = config.emulator\n    ? _emulatorUrl(config, EMULATED_IFRAME_PATH)\n    : `https://${auth.config.authDomain}/${IFRAME_PATH}`;\n\n  const params: Record<string, string> = {\n    apiKey: config.apiKey,\n    appName: auth.name,\n    v: SDK_VERSION\n  };\n  const eid = EID_FROM_APIHOST.get(auth.config.apiHost);\n  if (eid) {\n    params.eid = eid;\n  }\n  const frameworks = auth._getFrameworks();\n  if (frameworks.length) {\n    params.fw = frameworks.join(',');\n  }\n  return `${url}?${querystring(params).slice(1)}`;\n}\n\nexport async function _openIframe(\n  auth: AuthInternal\n): Promise<gapi.iframes.Iframe> {\n  const context = await gapiLoader._loadGapi(auth);\n  const gapi = _window().gapi;\n  _assert(gapi, auth, AuthErrorCode.INTERNAL_ERROR);\n  return context.open(\n    {\n      where: document.body,\n      url: getIframeUrl(auth),\n      messageHandlersFilter: gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER,\n      attributes: IFRAME_ATTRIBUTES,\n      dontclear: true\n    },\n    (iframe: gapi.iframes.Iframe) =>\n      new Promise(async (resolve, reject) => {\n        await iframe.restyle({\n          // Prevent iframe from closing on mouse out.\n          setHideOnLeave: false\n        });\n\n        const networkError = _createError(\n          auth,\n          AuthErrorCode.NETWORK_REQUEST_FAILED\n        );\n        // Confirm iframe is correctly loaded.\n        // To fallback on failure, set a timeout.\n        const networkErrorTimer = _window().setTimeout(() => {\n          reject(networkError);\n        }, PING_TIMEOUT.get());\n        // Clear timer and resolve pending iframe ready promise.\n        function clearTimerAndResolve(): void {\n          _window().clearTimeout(networkErrorTimer);\n          resolve(iframe);\n        }\n        // This returns an IThenable. However the reject part does not call\n        // when the iframe is not loaded.\n        iframe.ping(clearTimerAndResolve).then(clearTimerAndResolve, () => {\n          reject(networkError);\n        });\n      })\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { getUA } from '@firebase/util';\n\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert } from '../../core/util/assert';\nimport {\n  _isChromeIOS,\n  _isFirefox,\n  _isIOSStandalone\n} from '../../core/util/browser';\nimport { AuthInternal } from '../../model/auth';\n\nconst BASE_POPUP_OPTIONS = {\n  location: 'yes',\n  resizable: 'yes',\n  statusbar: 'yes',\n  toolbar: 'no'\n};\n\nconst DEFAULT_WIDTH = 500;\nconst DEFAULT_HEIGHT = 600;\nconst TARGET_BLANK = '_blank';\n\nconst FIREFOX_EMPTY_URL = 'http://localhost';\n\nexport class AuthPopup {\n  associatedEvent: string | null = null;\n\n  constructor(readonly window: Window | null) {}\n\n  close(): void {\n    if (this.window) {\n      try {\n        this.window.close();\n      } catch (e) {}\n    }\n  }\n}\n\nexport function _open(\n  auth: AuthInternal,\n  url?: string,\n  name?: string,\n  width = DEFAULT_WIDTH,\n  height = DEFAULT_HEIGHT\n): AuthPopup {\n  const top = Math.max((window.screen.availHeight - height) / 2, 0).toString();\n  const left = Math.max((window.screen.availWidth - width) / 2, 0).toString();\n  let target = '';\n\n  const options: { [key: string]: string } = {\n    ...BASE_POPUP_OPTIONS,\n    width: width.toString(),\n    height: height.toString(),\n    top,\n    left\n  };\n\n  // Chrome iOS 7 and 8 is returning an undefined popup win when target is\n  // specified, even though the popup is not necessarily blocked.\n  const ua = getUA().toLowerCase();\n\n  if (name) {\n    target = _isChromeIOS(ua) ? TARGET_BLANK : name;\n  }\n\n  if (_isFirefox(ua)) {\n    // Firefox complains when invalid URLs are popped out. Hacky way to bypass.\n    url = url || FIREFOX_EMPTY_URL;\n    // Firefox disables by default scrolling on popup windows, which can create\n    // issues when the user has many Google accounts, for instance.\n    options.scrollbars = 'yes';\n  }\n\n  const optionsString = Object.entries(options).reduce(\n    (accum, [key, value]) => `${accum}${key}=${value},`,\n    ''\n  );\n\n  if (_isIOSStandalone(ua) && target !== '_self') {\n    openAsNewWindowIOS(url || '', target);\n    return new AuthPopup(null);\n  }\n\n  // about:blank getting sanitized causing browsers like IE/Edge to display\n  // brief error message before redirecting to handler.\n  const newWin = window.open(url || '', target, optionsString);\n  _assert(newWin, auth, AuthErrorCode.POPUP_BLOCKED);\n\n  // Flaky on IE edge, encapsulate with a try and catch.\n  try {\n    newWin.focus();\n  } catch (e) {}\n\n  return new AuthPopup(newWin);\n}\n\nfunction openAsNewWindowIOS(url: string, target: string): void {\n  const el = document.createElement('a');\n  el.href = url;\n  el.target = target;\n  const click = document.createEvent('MouseEvent');\n  click.initMouseEvent(\n    'click',\n    true,\n    true,\n    window,\n    1,\n    0,\n    0,\n    0,\n    0,\n    false,\n    false,\n    false,\n    false,\n    1,\n    null\n  );\n  el.dispatchEvent(click);\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { SDK_VERSION } from '@firebase/app';\nimport { AuthProvider } from '../../model/public_types';\nimport { ApiKey, AppName, AuthInternal } from '../../model/auth';\nimport { AuthEventType } from '../../model/popup_redirect';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from './assert';\nimport { isEmpty, querystring } from '@firebase/util';\nimport { _emulatorUrl } from './emulator';\nimport { FederatedAuthProvider } from '../providers/federated';\nimport { BaseOAuthProvider } from '../providers/oauth';\n\n/**\n * URL for Authentication widget which will initiate the OAuth handshake\n *\n * @internal\n */\nconst WIDGET_PATH = '__/auth/handler';\n\n/**\n * URL for emulated environment\n *\n * @internal\n */\nconst EMULATOR_WIDGET_PATH = 'emulator/auth/handler';\n\n/**\n * Fragment name for the App Check token that gets passed to the widget\n *\n * @internal\n */\nconst FIREBASE_APP_CHECK_FRAGMENT_ID = encodeURIComponent('fac');\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ntype WidgetParams = {\n  apiKey: ApiKey;\n  appName: AppName;\n  authType: AuthEventType;\n  redirectUrl?: string;\n  v: string;\n  providerId?: string;\n  scopes?: string;\n  customParameters?: string;\n  eventId?: string;\n  tid?: string;\n} & { [key: string]: string | undefined };\n\nexport async function _getRedirectUrl(\n  auth: AuthInternal,\n  provider: AuthProvider,\n  authType: AuthEventType,\n  redirectUrl?: string,\n  eventId?: string,\n  additionalParams?: Record<string, string>\n): Promise<string> {\n  _assert(auth.config.authDomain, auth, AuthErrorCode.MISSING_AUTH_DOMAIN);\n  _assert(auth.config.apiKey, auth, AuthErrorCode.INVALID_API_KEY);\n\n  const params: WidgetParams = {\n    apiKey: auth.config.apiKey,\n    appName: auth.name,\n    authType,\n    redirectUrl,\n    v: SDK_VERSION,\n    eventId\n  };\n\n  if (provider instanceof FederatedAuthProvider) {\n    provider.setDefaultLanguage(auth.languageCode);\n    params.providerId = provider.providerId || '';\n    if (!isEmpty(provider.getCustomParameters())) {\n      params.customParameters = JSON.stringify(provider.getCustomParameters());\n    }\n\n    // TODO set additionalParams from the provider as well?\n    for (const [key, value] of Object.entries(additionalParams || {})) {\n      params[key] = value;\n    }\n  }\n\n  if (provider instanceof BaseOAuthProvider) {\n    const scopes = provider.getScopes().filter(scope => scope !== '');\n    if (scopes.length > 0) {\n      params.scopes = scopes.join(',');\n    }\n  }\n\n  if (auth.tenantId) {\n    params.tid = auth.tenantId;\n  }\n\n  // TODO: maybe set eid as endipointId\n  // TODO: maybe set fw as Frameworks.join(\",\")\n\n  const paramsDict = params as Record<string, string | number>;\n  for (const key of Object.keys(paramsDict)) {\n    if (paramsDict[key] === undefined) {\n      delete paramsDict[key];\n    }\n  }\n\n  // Sets the App Check token to pass to the widget\n  const appCheckToken = await auth._getAppCheckToken();\n  const appCheckTokenFragment = appCheckToken\n    ? `#${FIREBASE_APP_CHECK_FRAGMENT_ID}=${encodeURIComponent(appCheckToken)}`\n    : '';\n\n  // Start at index 1 to skip the leading '&' in the query string\n  return `${getHandlerBase(auth)}?${querystring(paramsDict).slice(\n    1\n  )}${appCheckTokenFragment}`;\n}\n\nfunction getHandlerBase({ config }: AuthInternal): string {\n  if (!config.emulator) {\n    return `https://${config.authDomain}/${WIDGET_PATH}`;\n  }\n\n  return _emulatorUrl(config, EMULATOR_WIDGET_PATH);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthProvider, PopupRedirectResolver } from '../model/public_types';\n\nimport { AuthEventManager } from '../core/auth/auth_event_manager';\nimport { AuthErrorCode } from '../core/errors';\nimport { _assert, debugAssert, _fail } from '../core/util/assert';\nimport { _generateEventId } from '../core/util/event_id';\nimport { _getCurrentUrl } from '../core/util/location';\nimport { _validateOrigin } from '../core/util/validate_origin';\nimport { AuthInternal } from '../model/auth';\nimport {\n  AuthEventType,\n  EventManager,\n  GapiAuthEvent,\n  GapiOutcome,\n  PopupRedirectResolverInternal\n} from '../model/popup_redirect';\nimport { _setWindowLocation } from './auth_window';\nimport { _openIframe } from './iframe/iframe';\nimport { browserSessionPersistence } from './persistence/session_storage';\nimport { _open, AuthPopup } from './util/popup';\nimport { _getRedirectResult } from './strategies/redirect';\nimport { _getRedirectUrl } from '../core/util/handler';\nimport { _isIOS, _isMobileBrowser, _isSafari } from '../core/util/browser';\nimport { _overrideRedirectResult } from '../core/strategies/redirect';\n\n/**\n * The special web storage event\n *\n */\nconst WEB_STORAGE_SUPPORT_KEY = 'webStorageSupport';\n\ninterface WebStorageSupportMessage extends gapi.iframes.Message {\n  [index: number]: Record<string, boolean>;\n}\n\ninterface ManagerOrPromise {\n  manager?: EventManager;\n  promise?: Promise<EventManager>;\n}\n\nclass BrowserPopupRedirectResolver implements PopupRedirectResolverInternal {\n  private readonly eventManagers: Record<string, ManagerOrPromise> = {};\n  private readonly iframes: Record<string, gapi.iframes.Iframe> = {};\n  private readonly originValidationPromises: Record<string, Promise<void>> = {};\n\n  readonly _redirectPersistence = browserSessionPersistence;\n\n  // Wrapping in async even though we don't await anywhere in order\n  // to make sure errors are raised as promise rejections\n  async _openPopup(\n    auth: AuthInternal,\n    provider: AuthProvider,\n    authType: AuthEventType,\n    eventId?: string\n  ): Promise<AuthPopup> {\n    debugAssert(\n      this.eventManagers[auth._key()]?.manager,\n      '_initialize() not called before _openPopup()'\n    );\n\n    const url = await _getRedirectUrl(\n      auth,\n      provider,\n      authType,\n      _getCurrentUrl(),\n      eventId\n    );\n    return _open(auth, url, _generateEventId());\n  }\n\n  async _openRedirect(\n    auth: AuthInternal,\n    provider: AuthProvider,\n    authType: AuthEventType,\n    eventId?: string\n  ): Promise<never> {\n    await this._originValidation(auth);\n    const url = await _getRedirectUrl(\n      auth,\n      provider,\n      authType,\n      _getCurrentUrl(),\n      eventId\n    );\n    _setWindowLocation(url);\n    return new Promise(() => {});\n  }\n\n  _initialize(auth: AuthInternal): Promise<EventManager> {\n    const key = auth._key();\n    if (this.eventManagers[key]) {\n      const { manager, promise } = this.eventManagers[key];\n      if (manager) {\n        return Promise.resolve(manager);\n      } else {\n        debugAssert(promise, 'If manager is not set, promise should be');\n        return promise;\n      }\n    }\n\n    const promise = this.initAndGetManager(auth);\n    this.eventManagers[key] = { promise };\n\n    // If the promise is rejected, the key should be removed so that the\n    // operation can be retried later.\n    promise.catch(() => {\n      delete this.eventManagers[key];\n    });\n\n    return promise;\n  }\n\n  private async initAndGetManager(auth: AuthInternal): Promise<EventManager> {\n    const iframe = await _openIframe(auth);\n    const manager = new AuthEventManager(auth);\n    iframe.register<GapiAuthEvent>(\n      'authEvent',\n      (iframeEvent: GapiAuthEvent | null) => {\n        _assert(iframeEvent?.authEvent, auth, AuthErrorCode.INVALID_AUTH_EVENT);\n        // TODO: Consider splitting redirect and popup events earlier on\n\n        const handled = manager.onEvent(iframeEvent.authEvent);\n        return { status: handled ? GapiOutcome.ACK : GapiOutcome.ERROR };\n      },\n      gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER\n    );\n\n    this.eventManagers[auth._key()] = { manager };\n    this.iframes[auth._key()] = iframe;\n    return manager;\n  }\n\n  _isIframeWebStorageSupported(\n    auth: AuthInternal,\n    cb: (supported: boolean) => unknown\n  ): void {\n    const iframe = this.iframes[auth._key()];\n    iframe.send<gapi.iframes.Message, WebStorageSupportMessage>(\n      WEB_STORAGE_SUPPORT_KEY,\n      { type: WEB_STORAGE_SUPPORT_KEY },\n      result => {\n        const isSupported = result?.[0]?.[WEB_STORAGE_SUPPORT_KEY];\n        if (isSupported !== undefined) {\n          cb(!!isSupported);\n        }\n\n        _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n      },\n      gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER\n    );\n  }\n\n  _originValidation(auth: AuthInternal): Promise<void> {\n    const key = auth._key();\n    if (!this.originValidationPromises[key]) {\n      this.originValidationPromises[key] = _validateOrigin(auth);\n    }\n\n    return this.originValidationPromises[key];\n  }\n\n  get _shouldInitProactively(): boolean {\n    // Mobile browsers and Safari need to optimistically initialize\n    return _isMobileBrowser() || _isSafari() || _isIOS();\n  }\n\n  _completeRedirectFn = _getRedirectResult;\n\n  _overrideRedirectResult = _overrideRedirectResult;\n}\n\n/**\n * An implementation of {@link PopupRedirectResolver} suitable for browser\n * based applications.\n *\n * @public\n */\nexport const browserPopupRedirectResolver: PopupRedirectResolver =\n  BrowserPopupRedirectResolver;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { FactorId, MultiFactorAssertion } from '../model/public_types';\nimport { debugFail } from '../core/util/assert';\nimport { MultiFactorSessionImpl, MultiFactorSessionType } from './mfa_session';\nimport { FinalizeMfaResponse } from '../api/authentication/mfa';\nimport { AuthInternal } from '../model/auth';\n\nexport abstract class MultiFactorAssertionImpl implements MultiFactorAssertion {\n  protected constructor(readonly factorId: FactorId) {}\n\n  _process(\n    auth: AuthInternal,\n    session: MultiFactorSessionImpl,\n    displayName?: string | null\n  ): Promise<FinalizeMfaResponse> {\n    switch (session.type) {\n      case MultiFactorSessionType.ENROLL:\n        return this._finalizeEnroll(auth, session.credential, displayName);\n      case MultiFactorSessionType.SIGN_IN:\n        return this._finalizeSignIn(auth, session.credential);\n      default:\n        return debugFail('unexpected MultiFactorSessionType');\n    }\n  }\n\n  abstract _finalizeEnroll(\n    auth: AuthInternal,\n    idToken: string,\n    displayName?: string | null\n  ): Promise<FinalizeMfaResponse>;\n  abstract _finalizeSignIn(\n    auth: AuthInternal,\n    mfaPendingCredential: string\n  ): Promise<FinalizeMfaResponse>;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n  FactorId,\n  PhoneMultiFactorAssertion\n} from '../../../model/public_types';\n\nimport { MultiFactorAssertionImpl } from '../../../mfa/mfa_assertion';\nimport { AuthInternal } from '../../../model/auth';\nimport { finalizeEnrollPhoneMfa } from '../../../api/account_management/mfa';\nimport { PhoneAuthCredential } from '../../../core/credentials/phone';\nimport {\n  finalizeSignInPhoneMfa,\n  FinalizeMfaResponse\n} from '../../../api/authentication/mfa';\n\n/**\n * {@inheritdoc PhoneMultiFactorAssertion}\n *\n * @public\n */\nexport class PhoneMultiFactorAssertionImpl\n  extends MultiFactorAssertionImpl\n  implements PhoneMultiFactorAssertion\n{\n  private constructor(private readonly credential: PhoneAuthCredential) {\n    super(FactorId.PHONE);\n  }\n\n  /** @internal */\n  static _fromCredential(\n    credential: PhoneAuthCredential\n  ): PhoneMultiFactorAssertionImpl {\n    return new PhoneMultiFactorAssertionImpl(credential);\n  }\n\n  /** @internal */\n  _finalizeEnroll(\n    auth: AuthInternal,\n    idToken: string,\n    displayName?: string | null\n  ): Promise<FinalizeMfaResponse> {\n    return finalizeEnrollPhoneMfa(auth, {\n      idToken,\n      displayName,\n      phoneVerificationInfo: this.credential._makeVerificationRequest()\n    });\n  }\n\n  /** @internal */\n  _finalizeSignIn(\n    auth: AuthInternal,\n    mfaPendingCredential: string\n  ): Promise<FinalizeMfaResponse> {\n    return finalizeSignInPhoneMfa(auth, {\n      mfaPendingCredential,\n      phoneVerificationInfo: this.credential._makeVerificationRequest()\n    });\n  }\n}\n\n/**\n * Provider for generating a {@link PhoneMultiFactorAssertion}.\n *\n * @public\n */\nexport class PhoneMultiFactorGenerator {\n  private constructor() {}\n\n  /**\n   * Provides a {@link PhoneMultiFactorAssertion} to confirm ownership of the phone second factor.\n   *\n   * @param phoneAuthCredential - A credential provided by {@link PhoneAuthProvider.credential}.\n   * @returns A {@link PhoneMultiFactorAssertion} which can be used with\n   * {@link MultiFactorResolver.resolveSignIn}\n   */\n  static assertion(credential: PhoneAuthCredential): PhoneMultiFactorAssertion {\n    return PhoneMultiFactorAssertionImpl._fromCredential(credential);\n  }\n\n  /**\n   * The identifier of the phone second factor: `phone`.\n   */\n  static FACTOR_ID = 'phone';\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Unsubscribe } from '@firebase/util';\nimport { FirebaseAuthInternal } from '@firebase/auth-interop-types';\n\nimport { AuthInternal } from '../../model/auth';\nimport { UserInternal } from '../../model/user';\nimport { _assert } from '../util/assert';\nimport { AuthErrorCode } from '../errors';\n\ninterface TokenListener {\n  (tok: string | null): unknown;\n}\n\nexport class AuthInterop implements FirebaseAuthInternal {\n  private readonly internalListeners: Map<TokenListener, Unsubscribe> =\n    new Map();\n\n  constructor(private readonly auth: AuthInternal) {}\n\n  getUid(): string | null {\n    this.assertAuthConfigured();\n    return this.auth.currentUser?.uid || null;\n  }\n\n  async getToken(\n    forceRefresh?: boolean\n  ): Promise<{ accessToken: string } | null> {\n    this.assertAuthConfigured();\n    await this.auth._initializationPromise;\n    if (!this.auth.currentUser) {\n      return null;\n    }\n\n    const accessToken = await this.auth.currentUser.getIdToken(forceRefresh);\n    return { accessToken };\n  }\n\n  addAuthTokenListener(listener: TokenListener): void {\n    this.assertAuthConfigured();\n    if (this.internalListeners.has(listener)) {\n      return;\n    }\n\n    const unsubscribe = this.auth.onIdTokenChanged(user => {\n      listener(\n        (user as UserInternal | null)?.stsTokenManager.accessToken || null\n      );\n    });\n    this.internalListeners.set(listener, unsubscribe);\n    this.updateProactiveRefresh();\n  }\n\n  removeAuthTokenListener(listener: TokenListener): void {\n    this.assertAuthConfigured();\n    const unsubscribe = this.internalListeners.get(listener);\n    if (!unsubscribe) {\n      return;\n    }\n\n    this.internalListeners.delete(listener);\n    unsubscribe();\n    this.updateProactiveRefresh();\n  }\n\n  private assertAuthConfigured(): void {\n    _assert(\n      this.auth._initializationPromise,\n      AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH\n    );\n  }\n\n  private updateProactiveRefresh(): void {\n    if (this.internalListeners.size > 0) {\n      this.auth._startProactiveRefresh();\n    } else {\n      this.auth._stopProactiveRefresh();\n    }\n  }\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseApp, getApp, _getProvider } from '@firebase/app';\n\nimport {\n  initializeAuth,\n  beforeAuthStateChanged,\n  onIdTokenChanged,\n  connectAuthEmulator\n} from '..';\nimport { registerAuth } from '../core/auth/register';\nimport { ClientPlatform } from '../core/util/version';\nimport { browserLocalPersistence } from './persistence/local_storage';\nimport { browserSessionPersistence } from './persistence/session_storage';\nimport { indexedDBLocalPersistence } from './persistence/indexed_db';\nimport { browserPopupRedirectResolver } from './popup_redirect';\nimport { Auth, User } from '../model/public_types';\nimport { getDefaultEmulatorHost, getExperimentalSetting } from '@firebase/util';\n\nconst DEFAULT_ID_TOKEN_MAX_AGE = 5 * 60;\nconst authIdTokenMaxAge =\n  getExperimentalSetting('authIdTokenMaxAge') || DEFAULT_ID_TOKEN_MAX_AGE;\n\nlet lastPostedIdToken: string | undefined | null = null;\n\nconst mintCookieFactory = (url: string) => async (user: User | null) => {\n  const idTokenResult = user && (await user.getIdTokenResult());\n  const idTokenAge =\n    idTokenResult &&\n    (new Date().getTime() - Date.parse(idTokenResult.issuedAtTime)) / 1_000;\n  if (idTokenAge && idTokenAge > authIdTokenMaxAge) {\n    return;\n  }\n  // Specifically trip null => undefined when logged out, to delete any existing cookie\n  const idToken = idTokenResult?.token;\n  if (lastPostedIdToken === idToken) {\n    return;\n  }\n  lastPostedIdToken = idToken;\n  await fetch(url, {\n    method: idToken ? 'POST' : 'DELETE',\n    headers: idToken\n      ? {\n          'Authorization': `Bearer ${idToken}`\n        }\n      : {}\n  });\n};\n\n/**\n * Returns the Auth instance associated with the provided {@link @firebase/app#FirebaseApp}.\n * If no instance exists, initializes an Auth instance with platform-specific default dependencies.\n *\n * @param app - The Firebase App.\n *\n * @public\n */\nexport function getAuth(app: FirebaseApp = getApp()): Auth {\n  const provider = _getProvider(app, 'auth');\n\n  if (provider.isInitialized()) {\n    return provider.getImmediate();\n  }\n\n  const auth = initializeAuth(app, {\n    popupRedirectResolver: browserPopupRedirectResolver,\n    persistence: [\n      indexedDBLocalPersistence,\n      browserLocalPersistence,\n      browserSessionPersistence\n    ]\n  });\n\n  const authTokenSyncUrl = getExperimentalSetting('authTokenSyncURL');\n  if (authTokenSyncUrl) {\n    const mintCookie = mintCookieFactory(authTokenSyncUrl);\n    beforeAuthStateChanged(auth, mintCookie, () =>\n      mintCookie(auth.currentUser)\n    );\n    onIdTokenChanged(auth, user => mintCookie(user));\n  }\n\n  const authEmulatorHost = getDefaultEmulatorHost('auth');\n  if (authEmulatorHost) {\n    connectAuthEmulator(auth, `http://${authEmulatorHost}`);\n  }\n\n  return auth;\n}\n\nregisterAuth(ClientPlatform.BROWSER);\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _registerComponent, registerVersion } from '@firebase/app';\nimport {\n  Component,\n  ComponentType,\n  InstantiationMode\n} from '@firebase/component';\n\nimport { name, version } from '../../../package.json';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { _getClientVersion, ClientPlatform } from '../util/version';\nimport { _castAuth, AuthImpl, DefaultConfig } from './auth_impl';\nimport { AuthInterop } from './firebase_internal';\nimport { ConfigInternal } from '../../model/auth';\nimport { Dependencies } from '../../model/public_types';\nimport { _initializeAuthInstance } from './initialize';\n\nexport const enum _ComponentName {\n  AUTH = 'auth',\n  AUTH_INTERNAL = 'auth-internal'\n}\n\nfunction getVersionForPlatform(\n  clientPlatform: ClientPlatform\n): string | undefined {\n  switch (clientPlatform) {\n    case ClientPlatform.NODE:\n      return 'node';\n    case ClientPlatform.REACT_NATIVE:\n      return 'rn';\n    case ClientPlatform.WORKER:\n      return 'webworker';\n    case ClientPlatform.CORDOVA:\n      return 'cordova';\n    default:\n      return undefined;\n  }\n}\n\n/** @internal */\nexport function registerAuth(clientPlatform: ClientPlatform): void {\n  _registerComponent(\n    new Component(\n      _ComponentName.AUTH,\n      (container, { options: deps }: { options?: Dependencies }) => {\n        const app = container.getProvider('app').getImmediate()!;\n        const heartbeatServiceProvider =\n          container.getProvider<'heartbeat'>('heartbeat');\n        const appCheckServiceProvider =\n          container.getProvider<'app-check-internal'>('app-check-internal');\n        const { apiKey, authDomain } = app.options;\n\n        _assert(\n          apiKey && !apiKey.includes(':'),\n          AuthErrorCode.INVALID_API_KEY,\n          { appName: app.name }\n        );\n\n        const config: ConfigInternal = {\n          apiKey,\n          authDomain,\n          clientPlatform,\n          apiHost: DefaultConfig.API_HOST,\n          tokenApiHost: DefaultConfig.TOKEN_API_HOST,\n          apiScheme: DefaultConfig.API_SCHEME,\n          sdkClientVersion: _getClientVersion(clientPlatform)\n        };\n\n        const authInstance = new AuthImpl(\n          app,\n          heartbeatServiceProvider,\n          appCheckServiceProvider,\n          config\n        );\n        _initializeAuthInstance(authInstance, deps);\n\n        return authInstance;\n      },\n      ComponentType.PUBLIC\n    )\n      /**\n       * Auth can only be initialized by explicitly calling getAuth() or initializeAuth()\n       * For why we do this, See go/firebase-next-auth-init\n       */\n      .setInstantiationMode(InstantiationMode.EXPLICIT)\n      /**\n       * Because all firebase products that depend on auth depend on auth-internal directly,\n       * we need to initialize auth-internal after auth is initialized to make it available to other firebase products.\n       */\n      .setInstanceCreatedCallback(\n        (container, _instanceIdentifier, _instance) => {\n          const authInternalProvider = container.getProvider(\n            _ComponentName.AUTH_INTERNAL\n          );\n          authInternalProvider.initialize();\n        }\n      )\n  );\n\n  _registerComponent(\n    new Component(\n      _ComponentName.AUTH_INTERNAL,\n      container => {\n        const auth = _castAuth(\n          container.getProvider(_ComponentName.AUTH).getImmediate()!\n        );\n        return (auth => new AuthInterop(auth))(auth);\n      },\n      ComponentType.PRIVATE\n    ).setInstantiationMode(InstantiationMode.EXPLICIT)\n  );\n\n  registerVersion(name, version, getVersionForPlatform(clientPlatform));\n  // BUILD_TARGET will be replaced by values like esm5, esm2017, cjs5, etc during the compilation\n  registerVersion(name, version, '__BUILD_TARGET__');\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _getProvider, FirebaseApp } from '@firebase/app';\nimport { deepEqual } from '@firebase/util';\nimport { Auth, Dependencies } from '../../model/public_types';\n\nimport { AuthErrorCode } from '../errors';\nimport { PersistenceInternal } from '../persistence';\nimport { _fail } from '../util/assert';\nimport { _getInstance } from '../util/instantiator';\nimport { AuthImpl } from './auth_impl';\n\n/**\n * Initializes an {@link Auth} instance with fine-grained control over\n * {@link Dependencies}.\n *\n * @remarks\n *\n * This function allows more control over the {@link Auth} instance than\n * {@link getAuth}. `getAuth` uses platform-specific defaults to supply\n * the {@link Dependencies}. In general, `getAuth` is the easiest way to\n * initialize Auth and works for most use cases. Use `initializeAuth` if you\n * need control over which persistence layer is used, or to minimize bundle\n * size if you're not using either `signInWithPopup` or `signInWithRedirect`.\n *\n * For example, if your app only uses anonymous accounts and you only want\n * accounts saved for the current session, initialize `Auth` with:\n *\n * ```js\n * const auth = initializeAuth(app, {\n *   persistence: browserSessionPersistence,\n *   popupRedirectResolver: undefined,\n * });\n * ```\n *\n * @public\n */\nexport function initializeAuth(app: FirebaseApp, deps?: Dependencies): Auth {\n  const provider = _getProvider(app, 'auth');\n\n  if (provider.isInitialized()) {\n    const auth = provider.getImmediate() as AuthImpl;\n    const initialOptions = provider.getOptions() as Dependencies;\n    if (deepEqual(initialOptions, deps ?? {})) {\n      return auth;\n    } else {\n      _fail(auth, AuthErrorCode.ALREADY_INITIALIZED);\n    }\n  }\n\n  const auth = provider.initialize({ options: deps }) as AuthImpl;\n\n  return auth;\n}\n\nexport function _initializeAuthInstance(\n  auth: AuthImpl,\n  deps?: Dependencies\n): void {\n  const persistence = deps?.persistence || [];\n  const hierarchy = (\n    Array.isArray(persistence) ? persistence : [persistence]\n  ).map<PersistenceInternal>(_getInstance);\n  if (deps?.errorMap) {\n    auth._updateErrorMap(deps.errorMap);\n  }\n\n  // This promise is intended to float; auth initialization happens in the\n  // background, meanwhile the auth object may be used by the app.\n  // eslint-disable-next-line @typescript-eslint/no-floating-promises\n  auth._initializeWithPersistence(hierarchy, deps?.popupRedirectResolver);\n}\n"],"names":["ProviderId","FACEBOOK","GITHUB","GOOGLE","PASSWORD","PHONE","TWITTER","ActionCodeOperation","EMAIL_SIGNIN","PASSWORD_RESET","RECOVER_EMAIL","REVERT_SECOND_FACTOR_ADDITION","VERIFY_AND_CHANGE_EMAIL","VERIFY_EMAIL","_prodErrorMap","debugErrorMap","prodErrorMap","_DEFAULT_AUTH_ERROR_FACTORY","ErrorFactory","logClient","Logger","_logError","msg","args","logLevel","LogLevel","error","SDK_VERSION","_fail","authOrCode","rest","createErrorInternal","_createError","_errorWithCustomMessage","auth","code","message","errorMap","Object","assign","create","appName","name","_assertInstanceOf","object","instance","constructor","fullParams","slice","_errorFactory","_assert","assertion","debugFail","failure","Error","debugAssert","_getCurrentUrl","self","_a","location","href","_isHttpOrHttps","_getCurrentScheme","protocol","Delay","shortDelay","longDelay","this","isMobile","isMobileCordova","isReactNative","get","navigator","onLine","isBrowserExtension","Math","min","_emulatorUrl","config","path","emulator","url","startsWith","FetchProvider","static","fetchImpl","headersImpl","responseImpl","fetch","Headers","Response","SERVER_ERROR_MAP","DEFAULT_API_TIMEOUT_MS","_addTidIfNecessary","request","tenantId","async","_performApiRequest","method","customErrorMap","_performFetchWithErrorHandling","body","params","JSON","stringify","query","querystring","key","apiKey","headers","_getAdditionalHeaders","languageCode","_getFinalTarget","apiHost","referrerPolicy","fetchFn","_canInitEmulator","networkTimeout","NetworkTimeout","response","Promise","race","promise","clearNetworkTimeout","json","_makeTaggedError","ok","errorMessage","serverErrorCode","serverErrorMessage","split","authError","toLowerCase","replace","e","FirebaseError","String","_performSignInRequest","serverResponse","_serverResponse","host","base","apiScheme","timer","_","reject","setTimeout","clearTimeout","errorParams","email","phoneNumber","customData","_tokenResponse","utcTimestampToDateString","utcTimestamp","date","Date","Number","isNaN","getTime","toUTCString","secondsStringToMilliseconds","seconds","_parseToken","token","algorithm","payload","signature","undefined","decoded","base64Decode","parse","toString","_logoutIfInvalidated","user","bypassAuthState","isUserInvalidated","currentUser","signOut","ProactiveRefresh","isRunning","timerId","errorBackoff","_start","schedule","_stop","getInterval","wasError","interval","stsTokenManager","expirationTime","now","max","iteration","getIdToken","UserMetadata","createdAt","lastLoginAt","_initializeTime","lastSignInTime","creationTime","_copy","metadata","toJSON","_reloadWithoutSaving","idToken","getAccountInfo","users","length","coreAccount","_notifyReloadListener","newProviderData","providerUserInfo","map","providerId","provider","__rest","uid","rawId","displayName","photoURL","photoUrl","providerData","original","newData","filter","o","some","n","oldIsAnonymous","isAnonymous","newIsAnonymous","passwordHash","updates","localId","emailVerified","StsTokenManager","refreshToken","accessToken","isExpired","updateFromServerResponse","expiresIn","parsedToken","exp","iat","_tokenExpiresIn","updateTokensAndExpiration","forceRefresh","refresh","clearRefreshToken","oldToken","tokenApiHost","access_token","expires_in","refresh_token","requestStsToken","expiresInSec","manager","_assign","_clone","_performRefresh","assertStringOrUndefined","UserImpl","opt","proactiveRefresh","reloadUserInfo","reloadListener","getToken","_persistUserIfCurrent","_notifyListenersIfCurrent","getIdTokenResult","userInternal","getModularInstance","claims","auth_time","firebase","signInProvider","authTime","issuedAtTime","signInSecondFactor","reload","userInfo","newUser","_onReload","callback","_startProactiveRefresh","_stopProactiveRefresh","tokensRefreshed","deleteAccount","_redirectEventId","_b","_c","_d","_e","_f","_g","_h","plainObjectTokenManager","fromJSON","Array","isArray","idTokenResponse","instanceCache","Map","_getInstance","cls","Function","set","InMemoryPersistence","type","storage","value","_addListener","_key","_listener","_removeListener","inMemoryPersistence","_persistenceKeyName","PersistenceUserManager","persistence","userKey","fullUserKey","fullPersistenceKey","boundEventHandler","_onStorageEvent","bind","setCurrentUser","_set","blob","_get","_fromJSON","removeCurrentUser","_remove","savePersistenceForRedirect","newPersistence","getCurrentUser","delete","persistenceHierarchy","availablePersistences","all","_isAvailable","selectedPersistence","userToMigrate","migrationHierarchy","p","_shouldAllowMigration","_getBrowserName","userAgent","ua","includes","_isIEMobile","_isFirefox","_isBlackBerry","_isWebOS","_isSafari","_isChromeIOS","_isAndroid","re","matches","match","getUA","test","_isIOS","_isIOS7Or8","_isMobileBrowser","_getClientVersion","clientPlatform","frameworks","reportedPlatform","reportedFrameworks","join","getRecaptchaConfig","isV2","grecaptcha","getResponse","isEnterprise","enterprise","RecaptchaConfig","siteKey","emailPasswordEnabled","recaptchaKey","recaptchaEnforcementState","enforcementState","_loadJS","resolve","el","document","createElement","setAttribute","onload","onerror","charset","getElementsByTagName","appendChild","_generateCallbackName","prefix","floor","random","RecaptchaEnterpriseVerifier","authExtern","_castAuth","action","retrieveRecaptchaToken","window","ready","execute","then","catch","_agentRecaptchaConfig","_tenantRecaptchaConfigs","clientType","version","retrieveSiteKey","injectRecaptchaFields","captchaResp","verifier","captchaResponse","verify","newRequest","AuthMiddlewareQueue","queue","pushCallback","onAbort","wrappedCallback","push","index","nextUser","onAbortStack","beforeStateCallback","reverse","originalMessage","AuthImpl","app","heartbeatServiceProvider","appCheckServiceProvider","emulatorConfig","operations","authStateSubscription","Subscription","idTokenSubscription","beforeStateQueue","redirectUser","isProactiveRefreshEnabled","_isInitialized","_deleted","_initializationPromise","_popupRedirectResolver","lastNotifiedUid","settings","appVerificationDisabledForTesting","clientVersion","sdkClientVersion","_initializeWithPersistence","popupRedirectResolver","persistenceManager","_shouldInitProactively","_initialize","initializeCurrentUser","assertedPersistence","_currentUser","_updateCurrentUser","previouslyStoredUser","futureCurrentUser","needsTocheckMiddleware","authDomain","getOrInitRedirectPersistenceManager","redirectUserEventId","storedUserEventId","result","tryRedirectSignIn","directlySetCurrentUser","runMiddleware","_overrideRedirectResult","reloadAndSetCurrentUserOrClear","redirectResolver","_completeRedirectFn","_setRedirectUser","useDeviceLanguage","navigatorLanguage","languages","language","_getUserLanguage","userExtern","skipBeforeStateCallbacks","notifyAuthListeners","redirectPersistenceManager","setPersistence","_getRecaptchaConfig","_getPersistence","_updateErrorMap","onAuthStateChanged","nextOrObserver","completed","registerStateListener","beforeAuthStateChanged","onIdTokenChanged","redirectManager","resolver","_redirectPersistence","id","next","currentUid","subscription","cb","addObserver","_logFramework","framework","sort","_getFrameworks","options","appId","heartbeatsHeader","getImmediate","optional","getHeartbeatsHeader","appCheckToken","_getAppCheckToken","appCheckTokenResult","warn","_logWarn","observer","createSubscribe","connectAuthEmulator","authInternal","disableWarnings","extractProtocol","port","authority","exec","substr","hostAndPort","pop","bracketedIPv6","parsePort","extractHostAndPort","portStr","freeze","attachBanner","sty","style","innerText","position","width","backgroundColor","border","color","bottom","left","margin","zIndex","textAlign","classList","add","console","info","readyState","addEventListener","emitEmulatorWarning","protocolEnd","indexOf","AuthCredential","signInMethod","_getIdTokenResponse","_auth","_linkToIdToken","_idToken","_getReauthenticationResolver","resetPassword","updateEmailPassword","signInWithPassword","sendOobCode","sendPasswordResetEmail$1","sendSignInLinkToEmail$1","EmailAuthCredential","_email","_password","_tenantId","super","password","oobCode","obj","_fromEmailAndPassword","_fromEmailAndCode","returnSecureToken","requestWithRecaptcha","log","signInWithEmailLink$1","signInWithEmailLinkForLinking","signInWithIdp","OAuthCredential","pendingToken","cred","nonce","oauthToken","oauthTokenSecret","secret","buildRequest","autoCreate","requestUri","postBody","VERIFY_PHONE_NUMBER_FOR_EXISTING_ERROR_MAP_","PhoneAuthCredential","verificationId","verificationCode","temporaryProof","signInWithPhoneNumber$1","_makeVerificationRequest","linkWithPhoneNumber$1","operation","verifyPhoneNumberForExisting","sessionInfo","ActionCodeURL","actionLink","searchParams","querystringDecode","extractQuerystring","mode","parseMode","continueUrl","link","doubleDeepLink","iOSDeepLink","parseDeepLink","EmailAuthProvider","PROVIDER_ID","emailLink","actionCodeUrl","parseLink","EMAIL_PASSWORD_SIGN_IN_METHOD","EMAIL_LINK_SIGN_IN_METHOD","FederatedAuthProvider","defaultLanguageCode","customParameters","setDefaultLanguage","setCustomParameters","customOAuthParameters","getCustomParameters","BaseOAuthProvider","scopes","addScope","scope","getScopes","OAuthProvider","_fromParams","credential","_credential","rawNonce","userCredential","oauthCredentialFromTaggedObject","tokenResponse","oauthIdToken","oauthAccessToken","FacebookAuthProvider","FACEBOOK_SIGN_IN_METHOD","credentialFromTaggedObject","GoogleAuthProvider","GOOGLE_SIGN_IN_METHOD","GithubAuthProvider","GITHUB_SIGN_IN_METHOD","SAMLAuthCredential","SAMLAuthProvider","samlCredentialFromTaggedObject","_create","TwitterAuthProvider","TWITTER_SIGN_IN_METHOD","signUp","UserCredentialImpl","operationType","_fromIdTokenResponse","providerIdForResponse","_updateTokensIfNecessary","signInAnonymously","MultiFactorError","setPrototypeOf","prototype","_processCredentialSavingMfaContextIfNecessary","_fromErrorAndOperation","providerDataAsNames","Set","pid","unlink","_assertLinkedStatus","deleteLinkedAccounts","deleteProvider","providersLeft","pd","has","_link$1","_forOperation","expected","_reauthenticate","parsed","sub","_signInWithCredential","signInWithCredential","linkWithCredential","reauthenticateWithCredential","signInWithCustomToken","customToken","signInWithCustomToken$1","MultiFactorInfoImpl","factorId","mfaEnrollmentId","enrollmentTime","enrolledAt","enrollment","PhoneMultiFactorInfoImpl","_fromServerResponse","TotpMultiFactorInfoImpl","phoneInfo","_setActionCodeSettingsOnRequest","actionCodeSettings","dynamicLinkDomain","canHandleCodeInApp","handleCodeInApp","iOS","bundleId","iOSBundleId","android","packageName","androidInstallApp","installApp","androidMinimumVersionCode","minimumVersion","androidPackageName","sendPasswordResetEmail","requestType","confirmPasswordReset","newPassword","applyActionCode","applyActionCode$1","checkActionCode","authModular","newEmail","mfaInfo","multiFactorInfo","data","previousEmail","verifyPasswordResetCode","createUserWithEmailAndPassword","signUpResponse","signInWithEmailAndPassword","sendSignInLinkToEmail","setActionCodeSettings","isSignInWithEmailLink","signInWithEmailLink","credentialWithLink","fetchSignInMethodsForEmail","identifier","continueUri","signinMethods","createAuthUri","sendEmailVerification","sendEmailVerification$1","verifyBeforeUpdateEmail","verifyAndChangeEmail","updateProfile","profileRequest","updateProfile$1","passwordProvider","find","updateEmail","updateEmailOrPassword","updatePassword","GenericAdditionalUserInfo","isNewUser","profile","FederatedAdditionalUserInfoWithUsername","username","FacebookAdditionalUserInfo","GithubAdditionalUserInfo","login","GoogleAdditionalUserInfo","TwitterAdditionalUserInfo","screenName","getAdditionalUserInfo","rawUserInfo","kind","MultiFactorSessionImpl","mfaPendingCredential","multiFactorSession","pendingCredential","_fromMfaPendingCredential","_fromIdtoken","MultiFactorResolverImpl","session","hints","signInResolver","mfaResponse","_process","assertionExtern","getMultiFactorResolver","errorInternal","_fromError","MultiFactorUserImpl","enrolledFactors","getSession","finalizeMfaResponse","infoOrUid","multiFactorUserCache","WeakMap","multiFactor","userModular","_fromUser","STORAGE_AVAILABLE_KEY","BrowserPersistenceClass","storageRetriever","setItem","removeItem","getItem","BrowserLocalPersistence","localStorage","event","poll","onStorageEvent","listeners","localCache","pollTimer","safariLocalStorageNotSynced","_iframeCannotSyncWebStorage","top","_isIframe","fallbackToPolling","forAllChangedKeys","keys","newValue","oldValue","_oldValue","notifyListeners","detachListener","stopPolling","storedValue","triggerListeners","isIE","documentMode","listener","from","startPolling","setInterval","StorageEvent","clearInterval","attachListener","removeEventListener","size","browserLocalPersistence","BrowserSessionPersistence","sessionStorage","browserSessionPersistence","Receiver","eventTarget","handlersMap","handleEvent","existingInstance","receivers","receiver","isListeningto","newInstance","messageEvent","eventId","eventType","handlers","ports","postMessage","status","promises","handler","origin","fulfilled","reason","_allSettled","_subscribe","eventHandler","_unsubscribe","_generateEventId","digits","i","Sender","target","removeMessageHandler","messageChannel","port1","onMessage","close","timeout","MessageChannel","completionTimer","start","ackTimer","port2","finally","_window","_isWorker","DB_NAME","DB_OBJECTSTORE_NAME","DB_DATA_KEYPATH","DBPromise","toPromise","getObjectStore","db","isReadWrite","transaction","objectStore","_openDatabase","indexedDB","open","createObjectStore","keyPath","objectStoreNames","contains","deleteDatabase","_deleteDatabase","_putObject","put","_deleteObject","IndexedDBLocalPersistence","pendingWrites","sender","serviceWorkerReceiverAvailable","activeServiceWorker","_workerInitializationPromise","initializeServiceWorkerMessaging","op","numAttempts","_openDb","initializeReceiver","initializeSender","_origin","keyProcessed","_poll","_data","serviceWorker","active","_getActiveServiceWorker","results","_send","controller","write","_withPendingWrite","_withRetries","notifyServiceWorker","getObject","getAllRequest","getAll","keysInResult","fbase_key","localKey","indexedDBLocalPersistence","_WIDGET_ID_START","MockReCaptcha","counter","_widgets","render","container","parameters","MockWidget","reset","optWidgetId","containerOrId","deleted","responseToken","clickHandler","getElementById","isVisible","checkIfDeleted","len","chars","allowedChars","charAt","generateRandomAlphaNumericString","expiredCallback","_JSLOAD_CALLBACK","NETWORK_TIMEOUT_DELAY","ReCaptchaLoaderImpl","hostLanguage","librarySeparatelyLoaded","load","hl","isHostLanguageValid","shouldResolveImmediately","recaptcha","widgetId","clearedOneInstance","MockReCaptchaLoaderImpl","RECAPTCHA_VERIFIER_TYPE","DEFAULT_PARAMS","theme","RecaptchaVerifier","destroyed","tokenChangeListeners","renderPromise","isInvisible","makeTokenCallback","_recaptchaLoader","validateStartingState","assertNotDestroyed","getAssertedRecaptcha","tokenChange","makeRenderPromise","_reset","clear","childNodes","forEach","node","removeChild","sitekey","hasChildNodes","existing","globalFunc","init","guaranteedEmpty","domReady","recaptchaSiteKey","getRecaptchaParams","ConfirmationResultImpl","onConfirmation","confirm","authCredential","_fromVerification","signInWithPhoneNumber","appVerifier","_verifyPhoneNumber","linkWithPhoneNumber","reauthenticateWithPhoneNumber","recaptchaToken","phoneInfoOptions","startEnrollPhoneMfa","phoneEnrollmentInfo","phoneSessionInfo","multiFactorHint","multiFactorUid","startSignInPhoneMfa","phoneSignInInfo","phoneResponseInfo","sendPhoneVerificationCode","updatePhoneNumber","PhoneAuthProvider","verifyPhoneNumber","phoneOptions","applicationVerifier","_fromTokenResponse","_withDefaultResolver","resolverOverride","PHONE_SIGN_IN_METHOD","IdpCredential","_buildIdpRequest","sessionId","returnIdpCredential","_signIn","_reauth","_link","AbstractPopupRedirectOperation","pendingPromise","eventManager","onExecution","registerConsumer","urlResponse","getIdpTask","onError","unregisterAndCleanUp","unregisterConsumer","cleanUp","_POLL_WINDOW_CLOSE_TIMEOUT","signInWithPopup","resolverInternal","PopupOperation","executeNotNull","reauthenticateWithPopup","linkWithPopup","authWindow","pollId","currentPopupAction","cancel","_openPopup","associatedEvent","_originValidation","_isIframeWebStorageSupported","isSupported","pollUserCancellation","closed","PENDING_REDIRECT_KEY","redirectOutcomeMap","RedirectAction","readyOutcome","pendingRedirectKey","resolverPersistence","hasPendingRedirect","_getAndClearPendingRedirectStatus","onAuthEvent","_redirectUserForId","_setPendingRedirectStatus","_clearRedirectOutcomes","signInWithRedirect","_openRedirect","_signInWithRedirect","reauthenticateWithRedirect","prepareUserForRedirect","_reauthenticateWithRedirect","linkWithRedirect","_linkWithRedirect","getRedirectResult","_getRedirectResult","resolverExtern","AuthEventManager","cachedEventUids","consumers","queuedRedirectEvent","hasHandledPotentialRedirect","lastProcessedEventTime","authEventConsumer","isEventForConsumer","sendToConsumer","saveEventToCache","onEvent","hasEventBeenHandled","handled","consumer","isNullRedirectEvent","isRedirectEvent","eventIdMatches","eventUid","v","_getProjectConfig","IP_ADDRESS_REGEX","HTTP_REGEX","matchDomain","currentUrl","hostname","URL","ceUrl","escapedDomainPattern","RegExp","NETWORK_TIMEOUT","resetUnloadedGapiModules","beacon","___jsl","H","hint","r","L","CP","cachedGApiLoader","_loadGapi","loadGapiIframe","gapi","iframes","getContext","ontimeout","Iframe","cbName","loadGapi","PING_TIMEOUT","IFRAME_PATH","EMULATED_IFRAME_PATH","IFRAME_ATTRIBUTES","height","tabindex","EID_FROM_APIHOST","getIframeUrl","eid","fw","BASE_POPUP_OPTIONS","resizable","statusbar","toolbar","AuthPopup","_open","screen","availHeight","availWidth","scrollbars","optionsString","entries","reduce","accum","standalone","_isIOSStandalone","click","createEvent","initMouseEvent","dispatchEvent","openAsNewWindowIOS","newWin","focus","WIDGET_PATH","EMULATOR_WIDGET_PATH","FIREBASE_APP_CHECK_FRAGMENT_ID","encodeURIComponent","_getRedirectUrl","authType","redirectUrl","additionalParams","isEmpty","tid","paramsDict","appCheckTokenFragment","getHandlerBase","WEB_STORAGE_SUPPORT_KEY","browserPopupRedirectResolver","eventManagers","originValidationPromises","_setWindowLocation","initAndGetManager","iframe","context","where","messageHandlersFilter","CROSS_ORIGIN_IFRAMES_FILTER","attributes","dontclear","restyle","setHideOnLeave","networkError","networkErrorTimer","clearTimerAndResolve","ping","_openIframe","register","iframeEvent","authEvent","send","authorizedDomains","domain","_validateOrigin","MultiFactorAssertionImpl","_finalizeEnroll","_finalizeSignIn","PhoneMultiFactorAssertionImpl","finalizeEnrollPhoneMfa","phoneVerificationInfo","finalizeSignInPhoneMfa","PhoneMultiFactorGenerator","_fromCredential","FACTOR_ID","AuthInterop","internalListeners","getUid","assertAuthConfigured","addAuthTokenListener","unsubscribe","updateProactiveRefresh","removeAuthTokenListener","getExperimentalSetting","_registerComponent","Component","deps","getProvider","authInstance","hierarchy","_initializeAuthInstance","setInstantiationMode","setInstanceCreatedCallback","_instanceIdentifier","_instance","initialize","registerVersion","getVersionForPlatform"],"sourceRoot":""}