New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@clerk/backend

Package Overview
Dependencies
Maintainers
9
Versions
2435
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@clerk/backend - npm Package Compare versions

Comparing version 0.13.4 to 0.13.5

dist/types/util/rfc4648.d.ts
dist/types/util/rfc4648.d.ts.map

12

dist/esm/index.js

@@ -1,2 +0,2 @@

var p=class{constructor(e){this.request=e}requireId(e){if(!e)throw new Error("A valid resource ID is required.")}};var Ce="/",Ut=new RegExp(Ce+"{1,}","g");function o(...t){return t.filter(e=>e).join(Ce).replace(Ut,Ce)}var ve="/allowlist_identifiers",le=class extends p{async getAllowlistIdentifierList(){return this.request({method:"GET",path:ve})}async createAllowlistIdentifier(e){return this.request({method:"POST",path:ve,bodyParams:e})}async deleteAllowlistIdentifier(e){return this.requireId(e),this.request({method:"DELETE",path:o(ve,e)})}};var Ue="/clients",ue=class extends p{async getClientList(){return this.request({method:"GET",path:Ue})}async getClient(e){return this.requireId(e),this.request({method:"GET",path:o(Ue,e)})}verifyClient(e){return this.request({method:"POST",path:o(Ue,"verify"),bodyParams:{token:e}})}};var de="/email_addresses",ce=class extends p{async getEmailAddress(e){return this.requireId(e),this.request({method:"GET",path:o(de,e)})}async createEmailAddress(e){return this.request({method:"POST",path:de,bodyParams:e})}async updateEmailAddress(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:o(de,e),bodyParams:r})}async deleteEmailAddress(e){return this.requireId(e),this.request({method:"DELETE",path:o(de,e)})}};var Et="/emails",pe=class extends p{async createEmail(e){return this.request({method:"POST",path:Et,bodyParams:e})}};var me=class extends p{async getInterstitial(){return this.request({path:"internal/interstitial",method:"GET",headerParams:{"Content-Type":"text/html"}})}};var Ee="/invitations",ge=class extends p{async getInvitationList(){return this.request({method:"GET",path:Ee})}async createInvitation(e){return this.request({method:"POST",path:Ee,bodyParams:e})}async revokeInvitation(e){return this.requireId(e),this.request({method:"POST",path:o(Ee,e,"revoke")})}};var P="/organizations",fe=class extends p{async getOrganizationList(e){return this.request({method:"GET",path:P,queryParams:e})}async createOrganization(e){return this.request({method:"POST",path:P,bodyParams:e})}async getOrganization(e){let r="organizationId"in e?e.organizationId:e.slug;return this.requireId(r),this.request({method:"GET",path:o(P,r)})}async updateOrganization(e,r){return this.requireId(e),this.request({method:"PATCH",path:o(P,e),bodyParams:r})}async updateOrganizationMetadata(e,r){return this.requireId(e),this.request({method:"PATCH",path:o(P,e,"metadata"),bodyParams:r})}async deleteOrganization(e){return this.request({method:"DELETE",path:o(P,e)})}async getOrganizationMembershipList(e){let{organizationId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:o(P,r,"memberships"),queryParams:{limit:i,offset:n}})}async createOrganizationMembership(e){let{organizationId:r,userId:i,role:n}=e;return this.requireId(r),this.request({method:"POST",path:o(P,r,"memberships"),bodyParams:{userId:i,role:n}})}async updateOrganizationMembership(e){let{organizationId:r,userId:i,role:n}=e;return this.requireId(r),this.request({method:"PATCH",path:o(P,r,"memberships",i),bodyParams:{role:n}})}async updateOrganizationMembershipMetadata(e){let{organizationId:r,userId:i,publicMetadata:n,privateMetadata:s}=e;return this.request({method:"PATCH",path:o(P,r,"memberships",i,"metadata"),bodyParams:{publicMetadata:n,privateMetadata:s}})}async deleteOrganizationMembership(e){let{organizationId:r,userId:i}=e;return this.requireId(r),this.request({method:"DELETE",path:o(P,r,"memberships",i)})}async getPendingOrganizationInvitationList(e){let{organizationId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:o(P,r,"invitations","pending"),queryParams:{limit:i,offset:n}})}async createOrganizationInvitation(e){let{organizationId:r,...i}=e;return this.requireId(r),this.request({method:"POST",path:o(P,r,"invitations"),bodyParams:{...i}})}async revokeOrganizationInvitation(e){let{organizationId:r,invitationId:i,requestingUserId:n}=e;return this.requireId(r),this.request({method:"POST",path:o(P,r,"invitations",i,"revoke"),bodyParams:{requestingUserId:n}})}};var ye="/phone_numbers",he=class extends p{async getPhoneNumber(e){return this.requireId(e),this.request({method:"GET",path:o(ye,e)})}async createPhoneNumber(e){return this.request({method:"POST",path:ye,bodyParams:e})}async updatePhoneNumber(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:o(ye,e),bodyParams:r})}async deletePhoneNumber(e){return this.requireId(e),this.request({method:"DELETE",path:o(ye,e)})}};var be="/redirect_urls",Se=class extends p{async getRedirectUrlList(){return this.request({method:"GET",path:be})}async getRedirectUrl(e){return this.requireId(e),this.request({method:"GET",path:o(be,e)})}async createRedirectUrl(e){return this.request({method:"POST",path:be,bodyParams:e})}async deleteRedirectUrl(e){return this.requireId(e),this.request({method:"DELETE",path:o(be,e)})}};var ie="/sessions",Oe=class extends p{async getSessionList(e){return this.request({method:"GET",path:ie,queryParams:e})}async getSession(e){return this.requireId(e),this.request({method:"GET",path:o(ie,e)})}async revokeSession(e){return this.requireId(e),this.request({method:"POST",path:o(ie,e,"revoke")})}async verifySession(e,r){return this.requireId(e),this.request({method:"POST",path:o(ie,e,"verify"),bodyParams:{token:r}})}async getToken(e,r){return this.requireId(e),(await this.request({method:"POST",path:o(ie,e,"tokens",r||"")})).jwt}};var He="/sign_in_tokens",ke=class extends p{async createSignInToken(e){return this.request({method:"POST",path:He,bodyParams:e})}async revokeSignInToken(e){return this.requireId(e),this.request({method:"POST",path:o(He,e,"revoke")})}};var qt="/sms_messages",_e=class extends p{async createSMSMessage(e){return this.request({method:"POST",path:qt,bodyParams:e})}};var T="/users",Ie=class extends p{async getUserList(e={}){return this.request({method:"GET",path:T,queryParams:e})}async getUser(e){return this.requireId(e),this.request({method:"GET",path:o(T,e)})}async createUser(e){return this.request({method:"POST",path:T,bodyParams:e})}async updateUser(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:o(T,e),bodyParams:r})}async updateUserMetadata(e,r){return this.requireId(e),this.request({method:"PATCH",path:o(T,e,"metadata"),bodyParams:r})}async deleteUser(e){return this.requireId(e),this.request({method:"DELETE",path:o(T,e)})}async getCount(e={}){return this.request({method:"GET",path:o(T,"count"),queryParams:e})}async getUserOauthAccessToken(e,r){return this.requireId(e),this.request({method:"GET",path:o(T,e,"oauth_access_tokens",r)})}async disableUserMFA(e){return this.requireId(e),this.request({method:"DELETE",path:o(T,e,"mfa")})}async getOrganizationMembershipList(e){let{userId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:o(T,r,"organization_memberships"),queryParams:{limit:i,offset:n}})}async verifyPassword(e){let{userId:r,password:i}=e;return this.requireId(r),this.request({method:"POST",path:o(T,r,"verify_password"),bodyParams:{password:i}})}async verifyTOTP(e){let{userId:r,code:i}=e;return this.requireId(r),this.request({method:"POST",path:o(T,r,"verify_totp"),bodyParams:{code:i}})}};import Gt from"deepmerge";import et from"snakecase-keys";var v="https://api.clerk.dev",R="v1",Ye="@clerk/backend";var Kt={AuthStatus:"__clerkAuthStatus",AuthReason:"__clerkAuthReason",AuthMessage:"__clerkAuthMessage"},Mt={Session:"__session",ClientUat:"__client_uat"},Xe={AuthStatus:"x-clerk-auth-status",AuthReason:"x-clerk-auth-reason",AuthMessage:"x-clerk-auth-message",Authorization:"authorization",ForwardedPort:"x-forwarded-port",ForwardedHost:"x-forwarded-host",Referrer:"referer",UserAgent:"user-agent",Origin:"origin",Host:"host",ContentType:"content-type"},zt={AuthStatus:Xe.AuthStatus},jt={Json:"application/json"},Wt={Attributes:Kt,Cookies:Mt,Headers:Xe,SearchParams:zt,ContentTypes:jt};import Lt from"#crypto";import Dt from"#fetch";var Ft=Dt.bind(globalThis),Vt={crypto:Lt,fetch:Ft},N=Vt;function Ae(t){if(!t||typeof t!="string")throw Error("Missing Clerk Secret Key or API Key. Go to https://dashboard.clerk.dev and get your key for your instance.")}var W=class{constructor(e,r,i,n,s){this.id=e;this.identifier=r;this.createdAt=i;this.updatedAt=n;this.invitationId=s}static fromJSON(e){return new W(e.id,e.identifier,e.created_at,e.updated_at,e.invitation_id)}};var U=class{constructor(e,r,i,n,s,a,l,u,m){this.id=e;this.clientId=r;this.userId=i;this.status=n;this.lastActiveAt=s;this.expireAt=a;this.abandonAt=l;this.createdAt=u;this.updatedAt=m}static fromJSON(e){return new U(e.id,e.client_id,e.user_id,e.status,e.last_active_at,e.expire_at,e.abandon_at,e.created_at,e.updated_at)}};var L=class{constructor(e,r,i,n,s,a,l,u){this.id=e;this.sessionIds=r;this.sessions=i;this.signInId=n;this.signUpId=s;this.lastActiveSessionId=a;this.createdAt=l;this.updatedAt=u}static fromJSON(e){return new L(e.id,e.session_ids,e.sessions.map(r=>U.fromJSON(r)),e.sign_in_id,e.sign_up_id,e.last_active_session_id,e.created_at,e.updated_at)}};var D=class{constructor(e,r,i,n){this.object=e;this.id=r;this.slug=i;this.deleted=n}static fromJSON(e){return new D(e.object,e.id||null,e.slug||null,e.deleted)}};var F=class{constructor(e,r,i,n,s,a,l){this.id=e;this.fromEmailName=r;this.emailAddressId=i;this.toEmailAddress=n;this.subject=s;this.body=a;this.status=l}static fromJSON(e){return new F(e.id,e.from_email_name,e.email_address_id,e.to_email_address,e.subject,e.body,e.status)}};var E=class{constructor(e,r){this.id=e;this.type=r}static fromJSON(e){return new E(e.id,e.type)}};var J=class{constructor(e,r,i=null,n=null,s=null,a=null){this.status=e;this.strategy=r;this.externalVerificationRedirectURL=i;this.attempts=n;this.expireAt=s;this.nonce=a}static fromJSON(e){return new J(e.status,e.strategy,e.external_verification_redirect_url?new URL(e.external_verification_redirect_url):null,e.attempts,e.expire_at,e.nonce)}};var q=class{constructor(e,r,i,n){this.id=e;this.emailAddress=r;this.verification=i;this.linkedTo=n}static fromJSON(e){return new q(e.id,e.email_address,e.verification&&J.fromJSON(e.verification),e.linked_to.map(r=>E.fromJSON(r)))}};var V=class{constructor(e,r,i,n,s,a,l,u,m,y,h={},S,g){this.id=e;this.provider=r;this.identificationId=i;this.externalId=n;this.approvedScopes=s;this.emailAddress=a;this.firstName=l;this.lastName=u;this.picture=m;this.username=y;this.publicMetadata=h;this.label=S;this.verification=g}static fromJSON(e){return new V(e.id,e.provider,e.identification_id,e.provider_user_id,e.approved_scopes,e.email_address,e.first_name,e.last_name,e.avatar_url,e.username,e.public_metadata,e.label,e.verification&&J.fromJSON(e.verification))}};var $=class{constructor(e,r,i,n,s,a){this.id=e;this.emailAddress=r;this.publicMetadata=i;this.createdAt=n;this.updatedAt=s;this.revoked=a}static fromJSON(e){return new $(e.id,e.email_address,e.public_metadata,e.created_at,e.updated_at,e.revoked)}};var Qe=(c=>(c.AllowlistIdentifier="allowlist_identifier",c.Client="client",c.Email="email",c.EmailAddress="email_address",c.ExternalAccount="external_account",c.FacebookAccount="facebook_account",c.GoogleAccount="google_account",c.Invitation="invitation",c.OauthAccessToken="oauth_access_token",c.Organization="organization",c.OrganizationInvitation="organization_invitation",c.OrganizationMembership="organization_membership",c.PhoneNumber="phone_number",c.RedirectUrl="redirect_url",c.Session="session",c.SignInAttempt="sign_in_attempt",c.SignInToken="sign_in_token",c.SignUpAttempt="sign_up_attempt",c.SmsMessage="sms_message",c.User="user",c.Web3Wallet="web3_wallet",c.Token="token",c.TotalCount="total_count",c))(Qe||{});var B=class{constructor(e,r,i={},n,s,a){this.provider=e;this.token=r;this.publicMetadata=i;this.label=n;this.scopes=s;this.tokenSecret=a}static fromJSON(e){return new B(e.provider,e.token,e.public_metadata,e.label,e.scopes,e.token_secret)}};var K=class{constructor(e,r,i,n,s,a,l,u={},m={}){this.id=e;this.name=r;this.slug=i;this.logoUrl=n;this.createdBy=s;this.createdAt=a;this.updatedAt=l;this.publicMetadata=u;this.privateMetadata=m}static fromJSON(e){return new K(e.id,e.name,e.slug,e.logo_url,e.created_by,e.created_at,e.updated_at,e.public_metadata,e.private_metadata)}};var G=class{constructor(e,r,i,n,s,a,l,u={}){this.id=e;this.emailAddress=r;this.role=i;this.organizationId=n;this.createdAt=s;this.updatedAt=a;this.status=l;this.publicMetadata=u}static fromJSON(e){return new G(e.id,e.email_address,e.role,e.organization_id,e.created_at,e.updated_at,e.status,e.public_metadata)}};var H=class{constructor(e,r,i={},n={},s,a,l,u){this.id=e;this.role=r;this.publicMetadata=i;this.privateMetadata=n;this.createdAt=s;this.updatedAt=a;this.organization=l;this.publicUserData=u}static fromJSON(e){return new H(e.id,e.role,e.public_metadata,e.private_metadata,e.created_at,e.updated_at,K.fromJSON(e.organization),se.fromJSON(e.public_user_data))}},se=class{constructor(e,r,i,n,s){this.identifier=e;this.firstName=r;this.lastName=i;this.profileImageUrl=n;this.userId=s}static fromJSON(e){return new se(e.identifier,e.first_name,e.last_name,e.profile_image_url,e.user_id)}};var M=class{constructor(e,r,i,n,s,a){this.id=e;this.phoneNumber=r;this.reservedForSecondFactor=i;this.defaultSecondFactor=n;this.verification=s;this.linkedTo=a}static fromJSON(e){return new M(e.id,e.phone_number,e.reserved_for_second_factor,e.default_second_factor,e.verification&&J.fromJSON(e.verification),e.linked_to.map(r=>E.fromJSON(r)))}};var Y=class{constructor(e,r,i,n){this.id=e;this.url=r;this.createdAt=i;this.updatedAt=n}static fromJSON(e){return new Y(e.id,e.url,e.created_at,e.updated_at)}};var X=class{constructor(e,r,i,n,s,a,l){this.id=e;this.userId=r;this.token=i;this.status=n;this.url=s;this.createdAt=a;this.updatedAt=l}static fromJSON(e){return new X(e.id,e.user_id,e.token,e.status,e.url,e.created_at,e.updated_at)}};var Q=class{constructor(e,r,i,n,s,a){this.id=e;this.fromPhoneNumber=r;this.toPhoneNumber=i;this.message=n;this.status=s;this.phoneNumberId=a}static fromJSON(e){return new Q(e.id,e.from_phone_number,e.to_phone_number,e.message,e.status,e.phone_number_id)}};var Z=class{constructor(e){this.jwt=e}static fromJSON(e){return new Z(e.jwt)}};var ee=class{constructor(e,r,i){this.id=e;this.web3Wallet=r;this.verification=i}static fromJSON(e){return new ee(e.id,e.web3_wallet,e.verification&&J.fromJSON(e.verification))}};var te=class{constructor(e,r,i,n,s,a,l,u,m,y,h,S,g,O,w,x,b,k,I,A={},_={},f={},c=[],j=[],Re=[],Ne=[]){this.id=e;this.passwordEnabled=r;this.totpEnabled=i;this.backupCodeEnabled=n;this.twoFactorEnabled=s;this.banned=a;this.createdAt=l;this.updatedAt=u;this.profileImageUrl=m;this.gender=y;this.birthday=h;this.primaryEmailAddressId=S;this.primaryPhoneNumberId=g;this.primaryWeb3WalletId=O;this.lastSignInAt=w;this.externalId=x;this.username=b;this.firstName=k;this.lastName=I;this.publicMetadata=A;this.privateMetadata=_;this.unsafeMetadata=f;this.emailAddresses=c;this.phoneNumbers=j;this.web3Wallets=Re;this.externalAccounts=Ne}static fromJSON(e){return new te(e.id,e.password_enabled,e.totp_enabled,e.backup_code_enabled,e.two_factor_enabled,e.banned,e.created_at,e.updated_at,e.profile_image_url,e.gender,e.birthday,e.primary_email_address_id,e.primary_phone_number_id,e.primary_web3_wallet_id,e.last_sign_in_at,e.external_id,e.username,e.first_name,e.last_name,e.public_metadata,e.private_metadata,e.unsafe_metadata,(e.email_addresses||[]).map(r=>q.fromJSON(r)),(e.phone_numbers||[]).map(r=>M.fromJSON(r)),(e.web3_wallets||[]).map(r=>ee.fromJSON(r)),(e.external_accounts||[]).map(r=>V.fromJSON(r)))}};function Ze(t){return Array.isArray(t)?t.map(e=>qe(e)):$t(t)?t.data.map(e=>qe(e)):qe(t)}function $t(t){return t.data!==void 0}function Bt(t){return t.total_count}function qe(t){if(typeof t!="string"&&"object"in t&&"deleted"in t)return D.fromJSON(t);switch(t.object){case"allowlist_identifier":return W.fromJSON(t);case"client":return L.fromJSON(t);case"email_address":return q.fromJSON(t);case"email":return F.fromJSON(t);case"invitation":return $.fromJSON(t);case"oauth_access_token":return B.fromJSON(t);case"organization":return K.fromJSON(t);case"organization_invitation":return G.fromJSON(t);case"organization_membership":return H.fromJSON(t);case"phone_number":return M.fromJSON(t);case"redirect_url":return Y.fromJSON(t);case"sign_in_token":return X.fromJSON(t);case"session":return U.fromJSON(t);case"sms_message":return Q.fromJSON(t);case"token":return Z.fromJSON(t);case"total_count":return Bt(t);case"user":return te.fromJSON(t);default:return t}}var Ht=t=>async(...e)=>{let{data:r,errors:i,status:n,statusText:s}=await t(...e);if(i===null)return r;throw new oe(s||"",{data:i,status:n||""})};function tt(t){return Ht(async r=>{let{apiKey:i,secretKey:n,apiUrl:s=v,apiVersion:a=R,userAgent:l=Ye,httpOptions:u={}}=t,{path:m,method:y,queryParams:h,headerParams:S,bodyParams:g}=r,O=n||i;Ae(O);let w=o(s,a,m),x=new URL(w);if(h){let _=et({...h});for(let[f,c]of Object.entries(_))c&&[c].flat().forEach(j=>x.searchParams.append(f,j))}let b={Authorization:`Bearer ${O}`,"Content-Type":"application/json","Clerk-Backend-SDK":l,...S},I=y!=="GET"&&g&&Object.keys(g).length>0?{body:JSON.stringify(et(g,{deep:!1}))}:null,A;try{A=await N.fetch(x.href,Gt(u,{method:y,headers:b,...I}));let f=await(b&&b["Content-Type"]==="application/json"?A.json():A.text());if(!A.ok)throw f;return{data:Ze(f),errors:null}}catch(_){return _ instanceof Error?{data:null,errors:[{code:"unexpected_error",message:_.message||"Unexpected error"}]}:{data:null,errors:Yt(_),status:A?.status,statusText:A?.statusText}}})}function Yt(t){if(!!t&&typeof t=="object"&&"errors"in t){let e=t.errors;return e.length>0?e.map(Xt):[]}return[]}function Xt(t){return{code:t.code,message:t.message,longMessage:t.long_message,meta:{paramName:t?.meta?.param_name,sessionId:t?.meta?.session_id}}}var oe=class extends Error{constructor(r,{data:i,status:n}){super(r);Object.setPrototypeOf(this,oe.prototype),this.clerkError=!0,this.message=r,this.status=n,this.errors=i}};function re(t){let e=tt(t);return{allowlistIdentifiers:new le(e),clients:new ue(e),emailAddresses:new ce(e),emails:new pe(e),interstitial:new me(e),invitations:new ge(e),organizations:new fe(e),phoneNumbers:new he(e),redirectUrls:new Se(e),sessions:new Oe(e),signInTokens:new ke(e),smsMessages:new _e(e),users:new Ie(e)}}var nt=t=>()=>{let e={...t};return e.apiKey=(e.apiKey||"").substring(0,7),e.secretKey=(e.secretKey||"").substring(0,7),e.jwtKey=(e.jwtKey||"").substring(0,7),{...e}};function it(t,e,r){let{act:i,sid:n,org_id:s,org_role:a,org_slug:l,sub:u}=t,{apiKey:m,secretKey:y,apiUrl:h,apiVersion:S,token:g,session:O,user:w,organization:x}=e,{sessions:b}=re({apiKey:m,secretKey:y,apiUrl:h,apiVersion:S}),k=Qt({sessionId:n,sessionToken:g,fetcher:(...I)=>b.getToken(...I)});return{actor:i,sessionClaims:t,sessionId:n,session:O,userId:u,user:w,orgId:s,orgRole:a,orgSlug:l,organization:x,getToken:k,debug:nt({...e,...r})}}function st(t){return{sessionClaims:null,sessionId:null,session:null,userId:null,user:null,actor:null,orgId:null,orgRole:null,orgSlug:null,organization:null,getToken:()=>Promise.resolve(null),debug:nt(t)}}function rt(t){return t&&(delete t.privateMetadata,delete t.private_metadata),t}function Bi(t){let e=t.user?{...t.user}:t.user,r=t.organization?{...t.organization}:t.organization;return rt(e),rt(r),{...t,user:e,organization:r}}var Gi=t=>{let{debug:e,getToken:r,...i}=t;return i},Qt=t=>{let{fetcher:e,sessionToken:r,sessionId:i}=t||{};return async(n={})=>i?n.template?e(i,n.template):r:null};function Zt(t){return new Promise(e=>setTimeout(e,t))}var er=5;async function ae(t,e=1,r=er){try{return await t()}catch(i){if(e>=r)throw i;return await Zt(2**e*100),ae(t,e+1)}}function Pe(t){return t.startsWith("test_")||t.startsWith("sk_test_")}function ot(t){return t.startsWith("live_")||t.startsWith("sk_live_")}function at(t){return t.endsWith(".lclstage.dev")||t.endsWith(".stgstage.dev")||t.endsWith(".clerkstage.dev")||t.endsWith(".accountsstage.dev")}var lt="pk_live_",tr="pk_test_";function ne(t){if(t=t||"",!rr(t))return null;let e=t.startsWith(lt)?"production":"development",r=ut(t.split("_")[2]);return r.endsWith("$")?(r=r.slice(0,-1),{instanceType:e,frontendApi:r}):null}function rr(t){t=t||"";let e=t.startsWith(lt)||t.startsWith(tr),r=ut(t.split("_")[2]||"").endsWith("$");return e&&r}var ut=t=>typeof atob<"u"&&typeof atob=="function"?atob(t):typeof globalThis<"u"&&globalThis.Buffer?new globalThis.Buffer(t,"base64").toString():t;var d=class extends Error{constructor({action:r,message:i,reason:n}){super(i);Object.setPrototypeOf(this,d.prototype),this.reason=n,this.message=i,this.action=r}getFullMessage(){return`${[this.message,this.action].filter(r=>r).join(" ")} (reason=${this.reason}, token-carrier=${this.tokenCarrier})`}};function nr(t){if(!t)return"";let e;if(t.match(/^(clerk\.)+\w*$/))e=/(clerk\.)*(?=clerk\.)/;else{if(t.match(/\.clerk.accounts/))return t;e=/^(clerk\.)*/gi}return`clerk.${t.replace(e,"")}`}function Me(t){t.frontendApi=ne(t.publishableKey)?.frontendApi||t.frontendApi||"";let{debugData:e,frontendApi:r,pkgVersion:i,publishableKey:n,proxyUrl:s,isSatellite:a=!1,domain:l}=t;return`
var m=class{constructor(e){this.request=e}requireId(e){if(!e)throw new Error("A valid resource ID is required.")}};var Ce="/",Et=new RegExp(Ce+"{1,}","g");function a(...t){return t.filter(e=>e).join(Ce).replace(Et,Ce)}var Ue="/allowlist_identifiers",le=class extends m{async getAllowlistIdentifierList(){return this.request({method:"GET",path:Ue})}async createAllowlistIdentifier(e){return this.request({method:"POST",path:Ue,bodyParams:e})}async deleteAllowlistIdentifier(e){return this.requireId(e),this.request({method:"DELETE",path:a(Ue,e)})}};var Ee="/clients",ue=class extends m{async getClientList(){return this.request({method:"GET",path:Ee})}async getClient(e){return this.requireId(e),this.request({method:"GET",path:a(Ee,e)})}verifyClient(e){return this.request({method:"POST",path:a(Ee,"verify"),bodyParams:{token:e}})}};var de="/email_addresses",ce=class extends m{async getEmailAddress(e){return this.requireId(e),this.request({method:"GET",path:a(de,e)})}async createEmailAddress(e){return this.request({method:"POST",path:de,bodyParams:e})}async updateEmailAddress(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:a(de,e),bodyParams:r})}async deleteEmailAddress(e){return this.requireId(e),this.request({method:"DELETE",path:a(de,e)})}};var qt="/emails",pe=class extends m{async createEmail(e){return this.request({method:"POST",path:qt,bodyParams:e})}};var me=class extends m{async getInterstitial(){return this.request({path:"internal/interstitial",method:"GET",headerParams:{"Content-Type":"text/html"}})}};var qe="/invitations",ge=class extends m{async getInvitationList(){return this.request({method:"GET",path:qe})}async createInvitation(e){return this.request({method:"POST",path:qe,bodyParams:e})}async revokeInvitation(e){return this.requireId(e),this.request({method:"POST",path:a(qe,e,"revoke")})}};var w="/organizations",fe=class extends m{async getOrganizationList(e){return this.request({method:"GET",path:w,queryParams:e})}async createOrganization(e){return this.request({method:"POST",path:w,bodyParams:e})}async getOrganization(e){let r="organizationId"in e?e.organizationId:e.slug;return this.requireId(r),this.request({method:"GET",path:a(w,r)})}async updateOrganization(e,r){return this.requireId(e),this.request({method:"PATCH",path:a(w,e),bodyParams:r})}async updateOrganizationMetadata(e,r){return this.requireId(e),this.request({method:"PATCH",path:a(w,e,"metadata"),bodyParams:r})}async deleteOrganization(e){return this.request({method:"DELETE",path:a(w,e)})}async getOrganizationMembershipList(e){let{organizationId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:a(w,r,"memberships"),queryParams:{limit:i,offset:n}})}async createOrganizationMembership(e){let{organizationId:r,userId:i,role:n}=e;return this.requireId(r),this.request({method:"POST",path:a(w,r,"memberships"),bodyParams:{userId:i,role:n}})}async updateOrganizationMembership(e){let{organizationId:r,userId:i,role:n}=e;return this.requireId(r),this.request({method:"PATCH",path:a(w,r,"memberships",i),bodyParams:{role:n}})}async updateOrganizationMembershipMetadata(e){let{organizationId:r,userId:i,publicMetadata:n,privateMetadata:s}=e;return this.request({method:"PATCH",path:a(w,r,"memberships",i,"metadata"),bodyParams:{publicMetadata:n,privateMetadata:s}})}async deleteOrganizationMembership(e){let{organizationId:r,userId:i}=e;return this.requireId(r),this.request({method:"DELETE",path:a(w,r,"memberships",i)})}async getPendingOrganizationInvitationList(e){let{organizationId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:a(w,r,"invitations","pending"),queryParams:{limit:i,offset:n}})}async createOrganizationInvitation(e){let{organizationId:r,...i}=e;return this.requireId(r),this.request({method:"POST",path:a(w,r,"invitations"),bodyParams:{...i}})}async revokeOrganizationInvitation(e){let{organizationId:r,invitationId:i,requestingUserId:n}=e;return this.requireId(r),this.request({method:"POST",path:a(w,r,"invitations",i,"revoke"),bodyParams:{requestingUserId:n}})}};var ye="/phone_numbers",he=class extends m{async getPhoneNumber(e){return this.requireId(e),this.request({method:"GET",path:a(ye,e)})}async createPhoneNumber(e){return this.request({method:"POST",path:ye,bodyParams:e})}async updatePhoneNumber(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:a(ye,e),bodyParams:r})}async deletePhoneNumber(e){return this.requireId(e),this.request({method:"DELETE",path:a(ye,e)})}};var be="/redirect_urls",Se=class extends m{async getRedirectUrlList(){return this.request({method:"GET",path:be})}async getRedirectUrl(e){return this.requireId(e),this.request({method:"GET",path:a(be,e)})}async createRedirectUrl(e){return this.request({method:"POST",path:be,bodyParams:e})}async deleteRedirectUrl(e){return this.requireId(e),this.request({method:"DELETE",path:a(be,e)})}};var ie="/sessions",Oe=class extends m{async getSessionList(e){return this.request({method:"GET",path:ie,queryParams:e})}async getSession(e){return this.requireId(e),this.request({method:"GET",path:a(ie,e)})}async revokeSession(e){return this.requireId(e),this.request({method:"POST",path:a(ie,e,"revoke")})}async verifySession(e,r){return this.requireId(e),this.request({method:"POST",path:a(ie,e,"verify"),bodyParams:{token:r}})}async getToken(e,r){return this.requireId(e),(await this.request({method:"POST",path:a(ie,e,"tokens",r||"")})).jwt}};var He="/sign_in_tokens",ke=class extends m{async createSignInToken(e){return this.request({method:"POST",path:He,bodyParams:e})}async revokeSignInToken(e){return this.requireId(e),this.request({method:"POST",path:a(He,e,"revoke")})}};var Kt="/sms_messages",_e=class extends m{async createSMSMessage(e){return this.request({method:"POST",path:Kt,bodyParams:e})}};var T="/users",Ie=class extends m{async getUserList(e={}){return this.request({method:"GET",path:T,queryParams:e})}async getUser(e){return this.requireId(e),this.request({method:"GET",path:a(T,e)})}async createUser(e){return this.request({method:"POST",path:T,bodyParams:e})}async updateUser(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:a(T,e),bodyParams:r})}async updateUserMetadata(e,r){return this.requireId(e),this.request({method:"PATCH",path:a(T,e,"metadata"),bodyParams:r})}async deleteUser(e){return this.requireId(e),this.request({method:"DELETE",path:a(T,e)})}async getCount(e={}){return this.request({method:"GET",path:a(T,"count"),queryParams:e})}async getUserOauthAccessToken(e,r){return this.requireId(e),this.request({method:"GET",path:a(T,e,"oauth_access_tokens",r)})}async disableUserMFA(e){return this.requireId(e),this.request({method:"DELETE",path:a(T,e,"mfa")})}async getOrganizationMembershipList(e){let{userId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:a(T,r,"organization_memberships"),queryParams:{limit:i,offset:n}})}async verifyPassword(e){let{userId:r,password:i}=e;return this.requireId(r),this.request({method:"POST",path:a(T,r,"verify_password"),bodyParams:{password:i}})}async verifyTOTP(e){let{userId:r,code:i}=e;return this.requireId(r),this.request({method:"POST",path:a(T,r,"verify_totp"),bodyParams:{code:i}})}};import Ht from"deepmerge";import et from"snakecase-keys";var C="https://api.clerk.dev",R="v1",Ye="@clerk/backend";var zt={AuthStatus:"__clerkAuthStatus",AuthReason:"__clerkAuthReason",AuthMessage:"__clerkAuthMessage"},Mt={Session:"__session",ClientUat:"__client_uat"},Xe={AuthStatus:"x-clerk-auth-status",AuthReason:"x-clerk-auth-reason",AuthMessage:"x-clerk-auth-message",Authorization:"authorization",ForwardedPort:"x-forwarded-port",ForwardedHost:"x-forwarded-host",Referrer:"referer",UserAgent:"user-agent",Origin:"origin",Host:"host",ContentType:"content-type"},jt={AuthStatus:Xe.AuthStatus},Wt={Json:"application/json"},Lt={Attributes:zt,Cookies:Mt,Headers:Xe,SearchParams:jt,ContentTypes:Wt};import Dt from"#crypto";import Ft from"#fetch";var Vt=Ft.bind(globalThis),$t={crypto:Dt,fetch:Vt},N=$t;function Ae(t){if(!t||typeof t!="string")throw Error("Missing Clerk Secret Key or API Key. Go to https://dashboard.clerk.dev and get your key for your instance.")}var W=class{constructor(e,r,i,n,s){this.id=e;this.identifier=r;this.createdAt=i;this.updatedAt=n;this.invitationId=s}static fromJSON(e){return new W(e.id,e.identifier,e.created_at,e.updated_at,e.invitation_id)}};var U=class{constructor(e,r,i,n,s,o,u,l,p){this.id=e;this.clientId=r;this.userId=i;this.status=n;this.lastActiveAt=s;this.expireAt=o;this.abandonAt=u;this.createdAt=l;this.updatedAt=p}static fromJSON(e){return new U(e.id,e.client_id,e.user_id,e.status,e.last_active_at,e.expire_at,e.abandon_at,e.created_at,e.updated_at)}};var L=class{constructor(e,r,i,n,s,o,u,l){this.id=e;this.sessionIds=r;this.sessions=i;this.signInId=n;this.signUpId=s;this.lastActiveSessionId=o;this.createdAt=u;this.updatedAt=l}static fromJSON(e){return new L(e.id,e.session_ids,e.sessions.map(r=>U.fromJSON(r)),e.sign_in_id,e.sign_up_id,e.last_active_session_id,e.created_at,e.updated_at)}};var D=class{constructor(e,r,i,n){this.object=e;this.id=r;this.slug=i;this.deleted=n}static fromJSON(e){return new D(e.object,e.id||null,e.slug||null,e.deleted)}};var F=class{constructor(e,r,i,n,s,o,u){this.id=e;this.fromEmailName=r;this.emailAddressId=i;this.toEmailAddress=n;this.subject=s;this.body=o;this.status=u}static fromJSON(e){return new F(e.id,e.from_email_name,e.email_address_id,e.to_email_address,e.subject,e.body,e.status)}};var E=class{constructor(e,r){this.id=e;this.type=r}static fromJSON(e){return new E(e.id,e.type)}};var J=class{constructor(e,r,i=null,n=null,s=null,o=null){this.status=e;this.strategy=r;this.externalVerificationRedirectURL=i;this.attempts=n;this.expireAt=s;this.nonce=o}static fromJSON(e){return new J(e.status,e.strategy,e.external_verification_redirect_url?new URL(e.external_verification_redirect_url):null,e.attempts,e.expire_at,e.nonce)}};var q=class{constructor(e,r,i,n){this.id=e;this.emailAddress=r;this.verification=i;this.linkedTo=n}static fromJSON(e){return new q(e.id,e.email_address,e.verification&&J.fromJSON(e.verification),e.linked_to.map(r=>E.fromJSON(r)))}};var V=class{constructor(e,r,i,n,s,o,u,l,p,y,h={},S,g){this.id=e;this.provider=r;this.identificationId=i;this.externalId=n;this.approvedScopes=s;this.emailAddress=o;this.firstName=u;this.lastName=l;this.picture=p;this.username=y;this.publicMetadata=h;this.label=S;this.verification=g}static fromJSON(e){return new V(e.id,e.provider,e.identification_id,e.provider_user_id,e.approved_scopes,e.email_address,e.first_name,e.last_name,e.avatar_url,e.username,e.public_metadata,e.label,e.verification&&J.fromJSON(e.verification))}};var $=class{constructor(e,r,i,n,s,o){this.id=e;this.emailAddress=r;this.publicMetadata=i;this.createdAt=n;this.updatedAt=s;this.revoked=o}static fromJSON(e){return new $(e.id,e.email_address,e.public_metadata,e.created_at,e.updated_at,e.revoked)}};var Qe=(c=>(c.AllowlistIdentifier="allowlist_identifier",c.Client="client",c.Email="email",c.EmailAddress="email_address",c.ExternalAccount="external_account",c.FacebookAccount="facebook_account",c.GoogleAccount="google_account",c.Invitation="invitation",c.OauthAccessToken="oauth_access_token",c.Organization="organization",c.OrganizationInvitation="organization_invitation",c.OrganizationMembership="organization_membership",c.PhoneNumber="phone_number",c.RedirectUrl="redirect_url",c.Session="session",c.SignInAttempt="sign_in_attempt",c.SignInToken="sign_in_token",c.SignUpAttempt="sign_up_attempt",c.SmsMessage="sms_message",c.User="user",c.Web3Wallet="web3_wallet",c.Token="token",c.TotalCount="total_count",c))(Qe||{});var B=class{constructor(e,r,i={},n,s,o){this.provider=e;this.token=r;this.publicMetadata=i;this.label=n;this.scopes=s;this.tokenSecret=o}static fromJSON(e){return new B(e.provider,e.token,e.public_metadata,e.label,e.scopes,e.token_secret)}};var K=class{constructor(e,r,i,n,s,o,u,l={},p={}){this.id=e;this.name=r;this.slug=i;this.logoUrl=n;this.createdBy=s;this.createdAt=o;this.updatedAt=u;this.publicMetadata=l;this.privateMetadata=p}static fromJSON(e){return new K(e.id,e.name,e.slug,e.logo_url,e.created_by,e.created_at,e.updated_at,e.public_metadata,e.private_metadata)}};var G=class{constructor(e,r,i,n,s,o,u,l={}){this.id=e;this.emailAddress=r;this.role=i;this.organizationId=n;this.createdAt=s;this.updatedAt=o;this.status=u;this.publicMetadata=l}static fromJSON(e){return new G(e.id,e.email_address,e.role,e.organization_id,e.created_at,e.updated_at,e.status,e.public_metadata)}};var H=class{constructor(e,r,i={},n={},s,o,u,l){this.id=e;this.role=r;this.publicMetadata=i;this.privateMetadata=n;this.createdAt=s;this.updatedAt=o;this.organization=u;this.publicUserData=l}static fromJSON(e){return new H(e.id,e.role,e.public_metadata,e.private_metadata,e.created_at,e.updated_at,K.fromJSON(e.organization),se.fromJSON(e.public_user_data))}},se=class{constructor(e,r,i,n,s){this.identifier=e;this.firstName=r;this.lastName=i;this.profileImageUrl=n;this.userId=s}static fromJSON(e){return new se(e.identifier,e.first_name,e.last_name,e.profile_image_url,e.user_id)}};var z=class{constructor(e,r,i,n,s,o){this.id=e;this.phoneNumber=r;this.reservedForSecondFactor=i;this.defaultSecondFactor=n;this.verification=s;this.linkedTo=o}static fromJSON(e){return new z(e.id,e.phone_number,e.reserved_for_second_factor,e.default_second_factor,e.verification&&J.fromJSON(e.verification),e.linked_to.map(r=>E.fromJSON(r)))}};var Y=class{constructor(e,r,i,n){this.id=e;this.url=r;this.createdAt=i;this.updatedAt=n}static fromJSON(e){return new Y(e.id,e.url,e.created_at,e.updated_at)}};var X=class{constructor(e,r,i,n,s,o,u){this.id=e;this.userId=r;this.token=i;this.status=n;this.url=s;this.createdAt=o;this.updatedAt=u}static fromJSON(e){return new X(e.id,e.user_id,e.token,e.status,e.url,e.created_at,e.updated_at)}};var Q=class{constructor(e,r,i,n,s,o){this.id=e;this.fromPhoneNumber=r;this.toPhoneNumber=i;this.message=n;this.status=s;this.phoneNumberId=o}static fromJSON(e){return new Q(e.id,e.from_phone_number,e.to_phone_number,e.message,e.status,e.phone_number_id)}};var Z=class{constructor(e){this.jwt=e}static fromJSON(e){return new Z(e.jwt)}};var ee=class{constructor(e,r,i){this.id=e;this.web3Wallet=r;this.verification=i}static fromJSON(e){return new ee(e.id,e.web3_wallet,e.verification&&J.fromJSON(e.verification))}};var te=class{constructor(e,r,i,n,s,o,u,l,p,y,h,S,g,O,P,x,b,k,I,A={},_={},f={},c=[],j=[],Ne=[],ve=[]){this.id=e;this.passwordEnabled=r;this.totpEnabled=i;this.backupCodeEnabled=n;this.twoFactorEnabled=s;this.banned=o;this.createdAt=u;this.updatedAt=l;this.profileImageUrl=p;this.gender=y;this.birthday=h;this.primaryEmailAddressId=S;this.primaryPhoneNumberId=g;this.primaryWeb3WalletId=O;this.lastSignInAt=P;this.externalId=x;this.username=b;this.firstName=k;this.lastName=I;this.publicMetadata=A;this.privateMetadata=_;this.unsafeMetadata=f;this.emailAddresses=c;this.phoneNumbers=j;this.web3Wallets=Ne;this.externalAccounts=ve}static fromJSON(e){return new te(e.id,e.password_enabled,e.totp_enabled,e.backup_code_enabled,e.two_factor_enabled,e.banned,e.created_at,e.updated_at,e.profile_image_url,e.gender,e.birthday,e.primary_email_address_id,e.primary_phone_number_id,e.primary_web3_wallet_id,e.last_sign_in_at,e.external_id,e.username,e.first_name,e.last_name,e.public_metadata,e.private_metadata,e.unsafe_metadata,(e.email_addresses||[]).map(r=>q.fromJSON(r)),(e.phone_numbers||[]).map(r=>z.fromJSON(r)),(e.web3_wallets||[]).map(r=>ee.fromJSON(r)),(e.external_accounts||[]).map(r=>V.fromJSON(r)))}};function Ze(t){return Array.isArray(t)?t.map(e=>Ke(e)):Bt(t)?t.data.map(e=>Ke(e)):Ke(t)}function Bt(t){return t.data!==void 0}function Gt(t){return t.total_count}function Ke(t){if(typeof t!="string"&&"object"in t&&"deleted"in t)return D.fromJSON(t);switch(t.object){case"allowlist_identifier":return W.fromJSON(t);case"client":return L.fromJSON(t);case"email_address":return q.fromJSON(t);case"email":return F.fromJSON(t);case"invitation":return $.fromJSON(t);case"oauth_access_token":return B.fromJSON(t);case"organization":return K.fromJSON(t);case"organization_invitation":return G.fromJSON(t);case"organization_membership":return H.fromJSON(t);case"phone_number":return z.fromJSON(t);case"redirect_url":return Y.fromJSON(t);case"sign_in_token":return X.fromJSON(t);case"session":return U.fromJSON(t);case"sms_message":return Q.fromJSON(t);case"token":return Z.fromJSON(t);case"total_count":return Gt(t);case"user":return te.fromJSON(t);default:return t}}var Yt=t=>async(...e)=>{let{data:r,errors:i,status:n,statusText:s}=await t(...e);if(i===null)return r;throw new oe(s||"",{data:i,status:n||""})};function tt(t){return Yt(async r=>{let{apiKey:i,secretKey:n,apiUrl:s=C,apiVersion:o=R,userAgent:u=Ye,httpOptions:l={}}=t,{path:p,method:y,queryParams:h,headerParams:S,bodyParams:g}=r,O=n||i;Ae(O);let P=a(s,o,p),x=new URL(P);if(h){let _=et({...h});for(let[f,c]of Object.entries(_))c&&[c].flat().forEach(j=>x.searchParams.append(f,j))}let b={Authorization:`Bearer ${O}`,"Content-Type":"application/json","Clerk-Backend-SDK":u,...S},I=y!=="GET"&&g&&Object.keys(g).length>0?{body:JSON.stringify(et(g,{deep:!1}))}:null,A;try{A=await N.fetch(x.href,Ht(l,{method:y,headers:b,...I}));let f=await(b&&b["Content-Type"]==="application/json"?A.json():A.text());if(!A.ok)throw f;return{data:Ze(f),errors:null}}catch(_){return _ instanceof Error?{data:null,errors:[{code:"unexpected_error",message:_.message||"Unexpected error"}]}:{data:null,errors:Xt(_),status:A?.status,statusText:A?.statusText}}})}function Xt(t){if(!!t&&typeof t=="object"&&"errors"in t){let e=t.errors;return e.length>0?e.map(Qt):[]}return[]}function Qt(t){return{code:t.code,message:t.message,longMessage:t.long_message,meta:{paramName:t?.meta?.param_name,sessionId:t?.meta?.session_id}}}var oe=class extends Error{constructor(r,{data:i,status:n}){super(r);Object.setPrototypeOf(this,oe.prototype),this.clerkError=!0,this.message=r,this.status=n,this.errors=i}};function re(t){let e=tt(t);return{allowlistIdentifiers:new le(e),clients:new ue(e),emailAddresses:new ce(e),emails:new pe(e),interstitial:new me(e),invitations:new ge(e),organizations:new fe(e),phoneNumbers:new he(e),redirectUrls:new Se(e),sessions:new Oe(e),signInTokens:new ke(e),smsMessages:new _e(e),users:new Ie(e)}}var nt=t=>()=>{let e={...t};return e.apiKey=(e.apiKey||"").substring(0,7),e.secretKey=(e.secretKey||"").substring(0,7),e.jwtKey=(e.jwtKey||"").substring(0,7),{...e}};function it(t,e,r){let{act:i,sid:n,org_id:s,org_role:o,org_slug:u,sub:l}=t,{apiKey:p,secretKey:y,apiUrl:h,apiVersion:S,token:g,session:O,user:P,organization:x}=e,{sessions:b}=re({apiKey:p,secretKey:y,apiUrl:h,apiVersion:S}),k=Zt({sessionId:n,sessionToken:g,fetcher:(...I)=>b.getToken(...I)});return{actor:i,sessionClaims:t,sessionId:n,session:O,userId:l,user:P,orgId:s,orgRole:o,orgSlug:u,organization:x,getToken:k,debug:nt({...e,...r})}}function st(t){return{sessionClaims:null,sessionId:null,session:null,userId:null,user:null,actor:null,orgId:null,orgRole:null,orgSlug:null,organization:null,getToken:()=>Promise.resolve(null),debug:nt(t)}}function rt(t){return t&&(delete t.privateMetadata,delete t.private_metadata),t}function Yi(t){let e=t.user?{...t.user}:t.user,r=t.organization?{...t.organization}:t.organization;return rt(e),rt(r),{...t,user:e,organization:r}}var Xi=t=>{let{debug:e,getToken:r,...i}=t;return i},Zt=t=>{let{fetcher:e,sessionToken:r,sessionId:i}=t||{};return async(n={})=>i?n.template?e(i,n.template):r:null};function er(t){return new Promise(e=>setTimeout(e,t))}var tr=5;async function ae(t,e=1,r=tr){try{return await t()}catch(i){if(e>=r)throw i;return await er(2**e*100),ae(t,e+1)}}function we(t){return t.startsWith("test_")||t.startsWith("sk_test_")}function ot(t){return t.startsWith("live_")||t.startsWith("sk_live_")}function at(t){return t.endsWith(".lclstage.dev")||t.endsWith(".stgstage.dev")||t.endsWith(".clerkstage.dev")||t.endsWith(".accountsstage.dev")}var lt="pk_live_",rr="pk_test_";function ne(t){if(t=t||"",!nr(t))return null;let e=t.startsWith(lt)?"production":"development",r=ut(t.split("_")[2]);return r.endsWith("$")?(r=r.slice(0,-1),{instanceType:e,frontendApi:r}):null}function nr(t){t=t||"";let e=t.startsWith(lt)||t.startsWith(rr),r=ut(t.split("_")[2]||"").endsWith("$");return e&&r}var ut=t=>typeof atob<"u"&&typeof atob=="function"?atob(t):typeof globalThis<"u"&&globalThis.Buffer?new globalThis.Buffer(t,"base64").toString():t;var d=class extends Error{constructor({action:r,message:i,reason:n}){super(i);Object.setPrototypeOf(this,d.prototype),this.reason=n,this.message=i,this.action=r}getFullMessage(){return`${[this.message,this.action].filter(r=>r).join(" ")} (reason=${this.reason}, token-carrier=${this.tokenCarrier})`}};function ir(t){if(!t)return"";let e;if(t.match(/^(clerk\.)+\w*$/))e=/(clerk\.)*(?=clerk\.)/;else{if(t.match(/\.clerk.accounts/))return t;e=/^(clerk\.)*/gi}return`clerk.${t.replace(e,"")}`}function Me(t){t.frontendApi=ne(t.publishableKey)?.frontendApi||t.frontendApi||"";let{debugData:e,frontendApi:r,pkgVersion:i,publishableKey:n,proxyUrl:s,isSatellite:o=!1,domain:u}=t;return`
<head>

@@ -10,3 +10,3 @@ <meta charset="UTF-8" />

${s?`window.__clerk_proxy_url = '${s}'`:""}
${l?`window.__clerk_domain = '${l}'`:""}
${u?`window.__clerk_domain = '${u}'`:""}
window.startClerk = async () => {

@@ -35,3 +35,3 @@ function formRedirect(){

await Clerk.load({
isSatellite: ${a}
isSatellite: ${o}
});

@@ -55,6 +55,6 @@ if(Clerk.loaded){

${l?`script.setAttribute('data-clerk-domain', '${l}');`:""}
${u?`script.setAttribute('data-clerk-domain', '${u}');`:""}
${s?`script.setAttribute('data-clerk-proxy-url', '${s}')`:""};
script.async = true;
script.src = '${ir(s||nr(l)||r,i)}';
script.src = '${sr(s||ir(u)||r,i)}';
script.crossOrigin = 'anonymous';

@@ -66,3 +66,3 @@ script.addEventListener('load', startClerk);

</body>
`}async function dt(t){t.frontendApi=ne(t.publishableKey)?.frontendApi||t.frontendApi||"";let e=we(t),r=await ae(()=>N.fetch(we(t)));if(!r.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk Interstitial from ${e} with code=${r.status}`,reason:"interstitial-remote-failed-to-load"});return r.text()}function we(t){t.frontendApi=ne(t.publishableKey)?.frontendApi||t.frontendApi||"";let{apiUrl:e,frontendApi:r,pkgVersion:i,publishableKey:n,proxyUrl:s,isSatellite:a,domain:l}=t,u=new URL(e);return u.pathname=o(u.pathname,R,"/public/interstitial"),u.searchParams.append("clerk_js_version",ct(r,i)),n?u.searchParams.append("publishable_key",n):u.searchParams.append("frontend_api",r),s&&u.searchParams.append("proxy_url",s),a&&u.searchParams.append("is_satellite","true"),l&&u.searchParams.append("domain",l),u.href}var ct=(t,e)=>!e&&at(t)?"staging":e?e.includes("next")?"next":e.split(".")[0]||"latest":"latest",ir=(t,e)=>{let r=t.replace(/http(s)?:\/\//,""),i=ct(t,e);return`https://${r}/npm/@clerk/clerk-js@${i}/dist/clerk.browser.js`};var pt=(n=>(n.SignedIn="signed-in",n.SignedOut="signed-out",n.Interstitial="interstitial",n.Unknown="unknown",n))(pt||{});async function ze(t,e){let{apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,cookieToken:a,frontendApi:l,proxyUrl:u,publishableKey:m,domain:y,isSatellite:h,headerToken:S,loadSession:g,loadUser:O,loadOrganization:w}=t,{sid:x,org_id:b,sub:k}=e,{sessions:I,users:A,organizations:_}=re({apiKey:r,secretKey:i,apiUrl:n,apiVersion:s}),[f,c,j]=await Promise.all([g?I.getSession(x):Promise.resolve(void 0),O?A.getUser(k):Promise.resolve(void 0),w&&b?_.getOrganization({organizationId:b}):Promise.resolve(void 0)]),vt=it(e,{secretKey:i,apiKey:r,apiUrl:n,apiVersion:s,token:a||S||"",session:f,user:c,organization:j},{...t,status:"signed-in"});return{status:"signed-in",reason:null,message:null,frontendApi:l,proxyUrl:u,publishableKey:m,domain:y,isSatellite:h,isSignedIn:!0,isInterstitial:!1,isUnknown:!1,toAuth:()=>vt}}function C(t,e,r=""){let{frontendApi:i,publishableKey:n,proxyUrl:s,isSatellite:a,domain:l}=t;return{status:"signed-out",reason:e,message:r,frontendApi:i,proxyUrl:s,publishableKey:n,isSatellite:a,domain:l,isSignedIn:!1,isInterstitial:!1,isUnknown:!1,toAuth:()=>st({...t,status:"signed-out",reason:e,message:r})}}function z(t,e,r=""){let{frontendApi:i,publishableKey:n,proxyUrl:s,isSatellite:a,domain:l}=t;return{status:"interstitial",reason:e,message:r,frontendApi:i,publishableKey:n,isSatellite:a,domain:l,proxyUrl:s,isSignedIn:!1,isInterstitial:!0,isUnknown:!1,toAuth:()=>null}}function mt(t,e,r=""){let{frontendApi:i,publishableKey:n,isSatellite:s,domain:a}=t;return{status:"unknown",reason:e,message:r,frontendApi:i,publishableKey:n,isSatellite:s,domain:a,isSignedIn:!1,isInterstitial:!1,isUnknown:!0,toAuth:()=>null}}function je({originURL:t,host:e,forwardedHost:r,forwardedPort:i,forwardedProto:n}){if(n&&n!==t.protocol)return!0;let s=sr(r||e);return s.port=i||s.port,s.port!==t.port||s.hostname!==t.hostname}function sr(t){return new URL(`https://${t}`)}import{base64url as We}from"rfc4648";var or=2*1e3,Fe={RS256:"SHA-256",RS384:"SHA-384",RS512:"SHA-512",ES256:"SHA-256",ES384:"SHA-384",ES512:"SHA-512"},Le="RSASSA-PKCS1-v1_5",De="ECDSA",ar={RS256:Le,RS384:Le,RS512:Le,ES256:De,ES384:De,ES512:De},lr=Object.keys(Fe);async function ur(t,e){let{header:r,signature:i,raw:n}=t,a=new TextEncoder().encode([n.header,n.payload].join(".")),l=await N.crypto.subtle.importKey("jwk",e,{name:ar[r.alg],hash:Fe[r.alg]},!1,["verify"]);return N.crypto.subtle.verify("RSASSA-PKCS1-v1_5",l,i,a)}function Ve(t){let e=(t||"").toString().split(".");if(e.length!==3)throw new d({reason:"token-invalid",message:"Invalid JWT form. A JWT consists of three parts separated by dots."});let[r,i,n]=e,s=new TextDecoder,a=JSON.parse(s.decode(We.parse(r,{loose:!0}))),l=JSON.parse(s.decode(We.parse(i,{loose:!0}))),u=We.parse(n,{loose:!0});return{header:a,payload:l,signature:u,raw:{header:r,payload:i,signature:n,text:t}}}async function gt(t,{audience:e,authorizedParties:r,clockSkewInSeconds:i=or,issuer:n,key:s}){let a=Ve(t),{header:l,payload:u}=a,{typ:m,alg:y}=l;if(typeof m<"u"&&m!=="JWT")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-invalid",message:`Invalid JWT type ${JSON.stringify(m)}. Expected "JWT".`});if(!Fe[y])throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-invalid-algorithm",message:`Invalid JWT algorithm ${JSON.stringify(y)}. Supported: ${lr}.`});let{azp:h,sub:S,aud:g,iss:O,iat:w,exp:x,nbf:b}=u;if(typeof S!="string")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Subject claim (sub) is required and must be a string. Received ${JSON.stringify(S)}.`});if(typeof g=="string"){if(g!==e)throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT audience claim (aud) ${JSON.stringify(g)}. Expected "${e}".`})}else if(Array.isArray(g)&&g.length>0&&g.every(f=>typeof f=="string")&&!g.includes(e))throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT audience claim array (aud) ${JSON.stringify(g)}. Does not include "${e}".`});if(h&&r&&r.length>0&&!r.includes(h))throw new d({reason:"token-invalid-authorized-parties",message:`Invalid JWT Authorized party claim (azp) ${JSON.stringify(h)}. Expected "${r}".`});if(typeof n=="function"&&!n(O))throw new d({reason:"token-invalid-issuer",message:"Failed JWT issuer resolver. Make sure that the resolver returns a truthy value."});if(typeof n=="string"&&O&&O!==n)throw new d({reason:"token-invalid-issuer",message:`Invalid JWT issuer claim (iss) ${JSON.stringify(a.payload.iss)}. Expected "${n}".`});if(typeof x!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT expiry date claim (exp) ${JSON.stringify(x)}. Expected number.`});let k=new Date(Date.now()),I=new Date(0);if(I.setUTCSeconds(x),I.getTime()<=k.getTime()-i)throw new d({reason:"token-expired",message:`JWT is expired. Expiry date: ${I}, Current date: ${k}.`});if(b!==void 0){if(typeof b!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT not before date claim (nbf) ${JSON.stringify(b)}. Expected number.`});let f=new Date(0);if(f.setUTCSeconds(b),f.getTime()>k.getTime()+i)throw new d({reason:"token-not-active-yet",message:`JWT cannot be used prior to not before date claim (nbf). Not before date: ${f}; Current date: ${k};`})}if(w!==void 0){if(typeof w!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT issued at date claim (iat) ${JSON.stringify(w)}. Expected number.`});let f=new Date(0);if(f.setUTCSeconds(w),f.getTime()>k.getTime()+i)throw new d({reason:"token-not-active-yet",message:`JWT issued at date claim (iat) is in the future. Issued at date: ${f}; Current date: ${k};`})}let _;try{_=await ur(a,s)}catch(f){throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Error verifying JWT signature. ${f}`})}if(!_)throw new d({reason:"token-invalid-signature",message:"JWT signature is invalid."});return u}var Te={},yt=0;function Je(t){return Te[t]}function ht(t,e=1e3*60*60){Te[t.kid]=t,yt=Date.now(),e>=0&&setTimeout(()=>{t?delete Te[t.kid]:Te={}},e)}var ft="local",cr="-----BEGIN PUBLIC KEY-----",pr="-----END PUBLIC KEY-----",mr="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA",gr="IDAQAB";function bt(t){if(!Je(ft)){if(!t)throw new d({action:"Set the CLERK_JWT_KEY environment variable.",message:"Missing local JWK.",reason:"jwk-local-missing"});let e=t.replace(/(\r\n|\n|\r)/gm,"").replace(cr,"").replace(pr,"").replace(mr,"").replace(gr,"").replace(/\+/g,"-").replace(/\//g,"_");ht({kid:"local",kty:"RSA",alg:"RS256",n:e,e:"AQAB"},-1)}return Je(ft)}async function $e({apiKey:t,secretKey:e,apiUrl:r=v,apiVersion:i=R,issuer:n,kid:s,jwksCacheTtlInMs:a=1e3*60*60,skipJwksCache:l}){let u=!Je(s)&&hr();if(l||u){let y,h=e||t;if(h)y=()=>yr(r,h,i);else if(n)y=()=>fr(n);else throw new d({action:"Contact support@clerk.dev",message:"Failed to load JWKS from Clerk Backend or Frontend API.",reason:"jwk-remote-failed-to-load"});let{keys:S}=await ae(y);if(!S||!S.length)throw new d({action:"Contact support@clerk.dev",message:"The JWKS endpoint did not contain any signing keys. Contact support@clerk.dev.",reason:"jwk-remote-failed-to-load"});S.forEach(g=>ht(g,a))}let m=Je(s);if(!m)throw new d({action:"Contact support@clerk.dev",message:`Unable to find a signing key in JWKS that matches kid='${s}'.`,reason:"jwk-remote-missing"});return m}async function fr(t){let e=new URL(t);e.pathname=o(e.pathname,".well-known/jwks.json");let r=await N.fetch(e.href);if(!r.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk JWKS from ${e.href} with code=${r.status}`,reason:"jwk-remote-failed-to-load"});return r.json()}async function yr(t,e,r){if(!e)throw new d({action:"Set the CLERK_SECRET_KEY or CLERK_API_KEY environment variable.",message:"Missing Clerk Secret Key or API Key. Go to https://dashboard.clerk.dev and get your key for your instance.",reason:"jwk-remote-failed-to-load"});let i=new URL(t);i.pathname=o(i.pathname,r,"/jwks");let n=await N.fetch(i.href,{headers:{Authorization:`Bearer ${e}`,"Content-Type":"application/json"}});if(!n.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk JWKS from ${i.href} with code=${n.status}`,reason:"jwk-remote-failed-to-load"});return n.json()}function hr(){return Date.now()-yt>=300*1e3}async function St(t,e){let{apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,authorizedParties:a,clockSkewInSeconds:l,issuer:u,jwksCacheTtlInMs:m,jwtKey:y,skipJwksCache:h}=e,{header:S}=Ve(t),{kid:g}=S,O;if(y)O=bt(y);else if(typeof u=="string")O=await $e({issuer:u,kid:g,jwksCacheTtlInMs:m,skipJwksCache:h});else if(r||i)O=await $e({apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,kid:g,jwksCacheTtlInMs:m,skipJwksCache:h});else throw new d({action:"Set the CLERK_JWT_KEY environment variable.",message:"Failed to resolve JWK during verification.",reason:"jwk-failed-to-resolve"});return await gt(t,{authorizedParties:a,clockSkewInSeconds:l,key:O,issuer:u})}var Ot=t=>{let{apiKey:e,secretKey:r,userAgent:i}=t;if(Pe(r||e)&&!i?.startsWith("Mozilla/"))return C(t,"header-missing-non-browser")},kt=t=>{let{origin:e,host:r,forwardedHost:i,forwardedPort:n,forwardedProto:s}=t;if(e&&je({originURL:new URL(e),host:r,forwardedHost:i,forwardedPort:n,forwardedProto:s}))return C(t,"header-missing-cors")},_t=t=>{let{apiKey:e,secretKey:r,clientUat:i}=t;if(Pe(r||e)&&!i)return z(t,"uat-missing")},It=t=>{let{apiKey:e,secretKey:r,referrer:i,host:n,forwardedHost:s,forwardedPort:a,forwardedProto:l}=t,u=i&&je({originURL:new URL(i),host:n,forwardedHost:s,forwardedPort:a,forwardedProto:l});if(Pe(r||e)&&u)return z(t,"cross-origin-referrer")},At=t=>{let{apiKey:e,secretKey:r,clientUat:i,cookieToken:n}=t;if(ot(r||e)&&!i&&!n)return C(t,"cookie-and-uat-missing")},Pt=t=>{let{clientUat:e}=t;if(e==="0")return C(t,"standard-signed-out")},wt=t=>{let{clientUat:e,cookieToken:r}=t;if(e&&Number.parseInt(e)>0&&!r)return z(t,"cookie-missing")},xt=async t=>{let{headerToken:e}=t,r=await Jt(t,e);return await ze(t,r)},Tt=async t=>{let{cookieToken:e,clientUat:r}=t,i=await Jt(t,e),n=await ze(t,i),a=n.toAuth().sessionClaims.iat<Number.parseInt(r);return!r||a?z(t,"cookie-outdated"):n};async function Be(t,e){for(let r of e){let i=await r(t);if(i)return i}return C(t,"unexpected-error")}async function Jt(t,e){let{isSatellite:r,proxyUrl:i}=t,n;return r?n=null:i?n=i:n=s=>s.startsWith("https://clerk.")||s.includes(".clerk.accounts"),St(e,{...t,issuer:n})}var Rt=t=>{let{clientUat:e,isSatellite:r,searchParams:i}=t,n=i?.get("__clerk_synced")==="true";if(r&&(!e||e==="0")&&!n)return z(t,"satellite-needs-syncing")};async function Nt(t){t.frontendApi=ne(t.publishableKey)?.frontendApi||t.frontendApi||"",t.apiUrl=t.apiUrl||v,t.apiVersion=t.apiVersion||R,Ae(t.secretKey||t.apiKey);async function e(){try{return await Be(t,[xt])}catch(n){return i(n,"header")}}async function r(){try{return await Be(t,[kt,Ot,Rt,At,_t,It,wt,Pt,Tt])}catch(n){return i(n,"cookie")}}function i(n,s){return n instanceof d?(n.tokenCarrier=s,["token-expired","token-not-active-yet"].includes(n.reason)?s==="header"?mt(t,n.reason,n.getFullMessage()):z(t,n.reason,n.getFullMessage()):C(t,n.reason,n.getFullMessage())):C(t,"unexpected-error",n.message)}return t.headerToken?e():r()}var Ge=t=>{let{frontendApi:e,isSignedIn:r,proxyUrl:i,isInterstitial:n,reason:s,message:a,publishableKey:l,isSatellite:u,domain:m}=t;return{frontendApi:e,isSignedIn:r,proxyUrl:i,isInterstitial:n,reason:s,message:a,publishableKey:l,isSatellite:u,domain:m}};function Ct(t){let{apiClient:e}=t,{apiKey:r="",secretKey:i="",jwtKey:n="",apiUrl:s=v,apiVersion:a=R,frontendApi:l="",proxyUrl:u="",publishableKey:m="",isSatellite:y=!1,domain:h=""}=t.options;return{authenticateRequest:({apiKey:b,secretKey:k,frontendApi:I,proxyUrl:A,publishableKey:_,jwtKey:f,isSatellite:c,domain:j,searchParams:Re,...Ne})=>Nt({...Ne,apiKey:b||r,secretKey:k||i,apiUrl:s,apiVersion:a,frontendApi:I||l,proxyUrl:A||u,publishableKey:_||m,isSatellite:c||y,domain:j||h,jwtKey:f||n,searchParams:Re}),localInterstitial:Me,remotePublicInterstitial:({frontendApi:b,publishableKey:k,proxyUrl:I,isSatellite:A,domain:_,...f})=>dt({...f,apiUrl:s,frontendApi:b||l,publishableKey:k||m,proxyUrl:I||u,isSatellite:A||y,domain:_||h}),remotePrivateInterstitial:()=>e.interstitial.getInterstitial(),remotePublicInterstitialUrl:we,debugRequestState:Ge}}function eo(t){let e={...t},r=re(e),i=Ct({options:e,apiClient:r});return{...r,...i,__unstable_options:e}}export{W as AllowlistIdentifier,pt as AuthStatus,eo as Clerk,L as Client,D as DeletedObject,F as Email,q as EmailAddress,V as ExternalAccount,E as IdentificationLink,$ as Invitation,B as OauthAccessToken,Qe as ObjectType,K as Organization,G as OrganizationInvitation,H as OrganizationMembership,se as OrganizationMembershipPublicUserData,M as PhoneNumber,Y as RedirectUrl,Q as SMSMessage,U as Session,X as SignInToken,Z as Token,te as User,J as Verification,Wt as constants,Ct as createAuthenticateRequest,Ge as debugRequestState,Ve as decodeJwt,Ze as deserialize,ur as hasValidSignature,Me as loadInterstitialFromLocal,Gi as makeAuthObjectSerializable,rt as prunePrivateMetadata,Bi as sanitizeAuthObject,it as signedInAuthObject,st as signedOutAuthObject,gt as verifyJwt,St as verifyToken};
`}async function dt(t){t.frontendApi=ne(t.publishableKey)?.frontendApi||t.frontendApi||"";let e=Pe(t),r=await ae(()=>N.fetch(Pe(t)));if(!r.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk Interstitial from ${e} with code=${r.status}`,reason:"interstitial-remote-failed-to-load"});return r.text()}function Pe(t){t.frontendApi=ne(t.publishableKey)?.frontendApi||t.frontendApi||"";let{apiUrl:e,frontendApi:r,pkgVersion:i,publishableKey:n,proxyUrl:s,isSatellite:o,domain:u}=t,l=new URL(e);return l.pathname=a(l.pathname,R,"/public/interstitial"),l.searchParams.append("clerk_js_version",ct(r,i)),n?l.searchParams.append("publishable_key",n):l.searchParams.append("frontend_api",r),s&&l.searchParams.append("proxy_url",s),o&&l.searchParams.append("is_satellite","true"),u&&l.searchParams.append("domain",u),l.href}var ct=(t,e)=>!e&&at(t)?"staging":e?e.includes("next")?"next":e.split(".")[0]||"latest":"latest",sr=(t,e)=>{let r=t.replace(/http(s)?:\/\//,""),i=ct(t,e);return`https://${r}/npm/@clerk/clerk-js@${i}/dist/clerk.browser.js`};var pt=(n=>(n.SignedIn="signed-in",n.SignedOut="signed-out",n.Interstitial="interstitial",n.Unknown="unknown",n))(pt||{});async function je(t,e){let{apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,cookieToken:o,frontendApi:u,proxyUrl:l,publishableKey:p,domain:y,isSatellite:h,headerToken:S,loadSession:g,loadUser:O,loadOrganization:P}=t,{sid:x,org_id:b,sub:k}=e,{sessions:I,users:A,organizations:_}=re({apiKey:r,secretKey:i,apiUrl:n,apiVersion:s}),[f,c,j]=await Promise.all([g?I.getSession(x):Promise.resolve(void 0),O?A.getUser(k):Promise.resolve(void 0),P&&b?_.getOrganization({organizationId:b}):Promise.resolve(void 0)]),Ut=it(e,{secretKey:i,apiKey:r,apiUrl:n,apiVersion:s,token:o||S||"",session:f,user:c,organization:j},{...t,status:"signed-in"});return{status:"signed-in",reason:null,message:null,frontendApi:u,proxyUrl:l,publishableKey:p,domain:y,isSatellite:h,isSignedIn:!0,isInterstitial:!1,isUnknown:!1,toAuth:()=>Ut}}function v(t,e,r=""){let{frontendApi:i,publishableKey:n,proxyUrl:s,isSatellite:o,domain:u}=t;return{status:"signed-out",reason:e,message:r,frontendApi:i,proxyUrl:s,publishableKey:n,isSatellite:o,domain:u,isSignedIn:!1,isInterstitial:!1,isUnknown:!1,toAuth:()=>st({...t,status:"signed-out",reason:e,message:r})}}function M(t,e,r=""){let{frontendApi:i,publishableKey:n,proxyUrl:s,isSatellite:o,domain:u}=t;return{status:"interstitial",reason:e,message:r,frontendApi:i,publishableKey:n,isSatellite:o,domain:u,proxyUrl:s,isSignedIn:!1,isInterstitial:!0,isUnknown:!1,toAuth:()=>null}}function mt(t,e,r=""){let{frontendApi:i,publishableKey:n,isSatellite:s,domain:o}=t;return{status:"unknown",reason:e,message:r,frontendApi:i,publishableKey:n,isSatellite:s,domain:o,isSignedIn:!1,isInterstitial:!1,isUnknown:!0,toAuth:()=>null}}function We({originURL:t,host:e,forwardedHost:r,forwardedPort:i,forwardedProto:n}){if(n&&n!==t.protocol)return!0;let s=or(r||e);return s.port=i||s.port,s.port!==t.port||s.hostname!==t.hostname}function or(t){return new URL(`https://${t}`)}var Te={parse(t,e){return ar(t,gt,e)},stringify(t,e){return lr(t,gt,e)}},gt={chars:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_",bits:6};function ar(t,e,r={}){if(!e.codes){e.codes={};for(let l=0;l<e.chars.length;++l)e.codes[e.chars[l]]=l}if(!r.loose&&t.length*e.bits&7)throw new SyntaxError("Invalid padding");let i=t.length;for(;t[i-1]==="=";)if(--i,!r.loose&&!((t.length-i)*e.bits&7))throw new SyntaxError("Invalid padding");let n=new(r.out??Uint8Array)(i*e.bits/8|0),s=0,o=0,u=0;for(let l=0;l<i;++l){let p=e.codes[t[l]];if(p===void 0)throw new SyntaxError("Invalid character "+t[l]);o=o<<e.bits|p,s+=e.bits,s>=8&&(s-=8,n[u++]=255&o>>s)}if(s>=e.bits||255&o<<8-s)throw new SyntaxError("Unexpected end of data");return n}function lr(t,e,r={}){let{pad:i=!0}=r,n=(1<<e.bits)-1,s="",o=0,u=0;for(let l=0;l<t.length;++l)for(u=u<<8|255&t[l],o+=8;o>e.bits;)o-=e.bits,s+=e.chars[n&u>>o];if(o&&(s+=e.chars[n&u<<e.bits-o]),i)for(;s.length*e.bits&7;)s+="=";return s}var ur=2*1e3,Fe={RS256:"SHA-256",RS384:"SHA-384",RS512:"SHA-512",ES256:"SHA-256",ES384:"SHA-384",ES512:"SHA-512"},Le="RSASSA-PKCS1-v1_5",De="ECDSA",dr={RS256:Le,RS384:Le,RS512:Le,ES256:De,ES384:De,ES512:De},cr=Object.keys(Fe);async function pr(t,e){let{header:r,signature:i,raw:n}=t,o=new TextEncoder().encode([n.header,n.payload].join(".")),u=await N.crypto.subtle.importKey("jwk",e,{name:dr[r.alg],hash:Fe[r.alg]},!1,["verify"]);return N.crypto.subtle.verify("RSASSA-PKCS1-v1_5",u,i,o)}function Ve(t){let e=(t||"").toString().split(".");if(e.length!==3)throw new d({reason:"token-invalid",message:"Invalid JWT form. A JWT consists of three parts separated by dots."});let[r,i,n]=e,s=new TextDecoder,o=JSON.parse(s.decode(Te.parse(r,{loose:!0}))),u=JSON.parse(s.decode(Te.parse(i,{loose:!0}))),l=Te.parse(n,{loose:!0});return{header:o,payload:u,signature:l,raw:{header:r,payload:i,signature:n,text:t}}}async function ft(t,{audience:e,authorizedParties:r,clockSkewInSeconds:i=ur,issuer:n,key:s}){let o=Ve(t),{header:u,payload:l}=o,{typ:p,alg:y}=u;if(typeof p<"u"&&p!=="JWT")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-invalid",message:`Invalid JWT type ${JSON.stringify(p)}. Expected "JWT".`});if(!Fe[y])throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-invalid-algorithm",message:`Invalid JWT algorithm ${JSON.stringify(y)}. Supported: ${cr}.`});let{azp:h,sub:S,aud:g,iss:O,iat:P,exp:x,nbf:b}=l;if(typeof S!="string")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Subject claim (sub) is required and must be a string. Received ${JSON.stringify(S)}.`});if(typeof g=="string"){if(g!==e)throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT audience claim (aud) ${JSON.stringify(g)}. Expected "${e}".`})}else if(Array.isArray(g)&&g.length>0&&g.every(f=>typeof f=="string")&&!g.includes(e))throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT audience claim array (aud) ${JSON.stringify(g)}. Does not include "${e}".`});if(h&&r&&r.length>0&&!r.includes(h))throw new d({reason:"token-invalid-authorized-parties",message:`Invalid JWT Authorized party claim (azp) ${JSON.stringify(h)}. Expected "${r}".`});if(typeof n=="function"&&!n(O))throw new d({reason:"token-invalid-issuer",message:"Failed JWT issuer resolver. Make sure that the resolver returns a truthy value."});if(typeof n=="string"&&O&&O!==n)throw new d({reason:"token-invalid-issuer",message:`Invalid JWT issuer claim (iss) ${JSON.stringify(o.payload.iss)}. Expected "${n}".`});if(typeof x!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT expiry date claim (exp) ${JSON.stringify(x)}. Expected number.`});let k=new Date(Date.now()),I=new Date(0);if(I.setUTCSeconds(x),I.getTime()<=k.getTime()-i)throw new d({reason:"token-expired",message:`JWT is expired. Expiry date: ${I}, Current date: ${k}.`});if(b!==void 0){if(typeof b!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT not before date claim (nbf) ${JSON.stringify(b)}. Expected number.`});let f=new Date(0);if(f.setUTCSeconds(b),f.getTime()>k.getTime()+i)throw new d({reason:"token-not-active-yet",message:`JWT cannot be used prior to not before date claim (nbf). Not before date: ${f}; Current date: ${k};`})}if(P!==void 0){if(typeof P!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT issued at date claim (iat) ${JSON.stringify(P)}. Expected number.`});let f=new Date(0);if(f.setUTCSeconds(P),f.getTime()>k.getTime()+i)throw new d({reason:"token-not-active-yet",message:`JWT issued at date claim (iat) is in the future. Issued at date: ${f}; Current date: ${k};`})}let _;try{_=await pr(o,s)}catch(f){throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Error verifying JWT signature. ${f}`})}if(!_)throw new d({reason:"token-invalid-signature",message:"JWT signature is invalid."});return l}var Je={},ht=0;function Re(t){return Je[t]}function bt(t,e=1e3*60*60){Je[t.kid]=t,ht=Date.now(),e>=0&&setTimeout(()=>{t?delete Je[t.kid]:Je={}},e)}var yt="local",gr="-----BEGIN PUBLIC KEY-----",fr="-----END PUBLIC KEY-----",yr="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA",hr="IDAQAB";function St(t){if(!Re(yt)){if(!t)throw new d({action:"Set the CLERK_JWT_KEY environment variable.",message:"Missing local JWK.",reason:"jwk-local-missing"});let e=t.replace(/(\r\n|\n|\r)/gm,"").replace(gr,"").replace(fr,"").replace(yr,"").replace(hr,"").replace(/\+/g,"-").replace(/\//g,"_");bt({kid:"local",kty:"RSA",alg:"RS256",n:e,e:"AQAB"},-1)}return Re(yt)}async function $e({apiKey:t,secretKey:e,apiUrl:r=C,apiVersion:i=R,issuer:n,kid:s,jwksCacheTtlInMs:o=1e3*60*60,skipJwksCache:u}){let l=!Re(s)&&Or();if(u||l){let y,h=e||t;if(h)y=()=>Sr(r,h,i);else if(n)y=()=>br(n);else throw new d({action:"Contact support@clerk.dev",message:"Failed to load JWKS from Clerk Backend or Frontend API.",reason:"jwk-remote-failed-to-load"});let{keys:S}=await ae(y);if(!S||!S.length)throw new d({action:"Contact support@clerk.dev",message:"The JWKS endpoint did not contain any signing keys. Contact support@clerk.dev.",reason:"jwk-remote-failed-to-load"});S.forEach(g=>bt(g,o))}let p=Re(s);if(!p)throw new d({action:"Contact support@clerk.dev",message:`Unable to find a signing key in JWKS that matches kid='${s}'.`,reason:"jwk-remote-missing"});return p}async function br(t){let e=new URL(t);e.pathname=a(e.pathname,".well-known/jwks.json");let r=await N.fetch(e.href);if(!r.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk JWKS from ${e.href} with code=${r.status}`,reason:"jwk-remote-failed-to-load"});return r.json()}async function Sr(t,e,r){if(!e)throw new d({action:"Set the CLERK_SECRET_KEY or CLERK_API_KEY environment variable.",message:"Missing Clerk Secret Key or API Key. Go to https://dashboard.clerk.dev and get your key for your instance.",reason:"jwk-remote-failed-to-load"});let i=new URL(t);i.pathname=a(i.pathname,r,"/jwks");let n=await N.fetch(i.href,{headers:{Authorization:`Bearer ${e}`,"Content-Type":"application/json"}});if(!n.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk JWKS from ${i.href} with code=${n.status}`,reason:"jwk-remote-failed-to-load"});return n.json()}function Or(){return Date.now()-ht>=300*1e3}async function Ot(t,e){let{apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,authorizedParties:o,clockSkewInSeconds:u,issuer:l,jwksCacheTtlInMs:p,jwtKey:y,skipJwksCache:h}=e,{header:S}=Ve(t),{kid:g}=S,O;if(y)O=St(y);else if(typeof l=="string")O=await $e({issuer:l,kid:g,jwksCacheTtlInMs:p,skipJwksCache:h});else if(r||i)O=await $e({apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,kid:g,jwksCacheTtlInMs:p,skipJwksCache:h});else throw new d({action:"Set the CLERK_JWT_KEY environment variable.",message:"Failed to resolve JWK during verification.",reason:"jwk-failed-to-resolve"});return await ft(t,{authorizedParties:o,clockSkewInSeconds:u,key:O,issuer:l})}var kt=t=>{let{apiKey:e,secretKey:r,userAgent:i}=t;if(we(r||e)&&!i?.startsWith("Mozilla/"))return v(t,"header-missing-non-browser")},_t=t=>{let{origin:e,host:r,forwardedHost:i,forwardedPort:n,forwardedProto:s}=t;if(e&&We({originURL:new URL(e),host:r,forwardedHost:i,forwardedPort:n,forwardedProto:s}))return v(t,"header-missing-cors")},It=t=>{let{apiKey:e,secretKey:r,clientUat:i}=t;if(we(r||e)&&!i)return M(t,"uat-missing")},At=t=>{let{apiKey:e,secretKey:r,referrer:i,host:n,forwardedHost:s,forwardedPort:o,forwardedProto:u}=t,l=i&&We({originURL:new URL(i),host:n,forwardedHost:s,forwardedPort:o,forwardedProto:u});if(we(r||e)&&l)return M(t,"cross-origin-referrer")},wt=t=>{let{apiKey:e,secretKey:r,clientUat:i,cookieToken:n}=t;if(ot(r||e)&&!i&&!n)return v(t,"cookie-and-uat-missing")},Pt=t=>{let{clientUat:e}=t;if(e==="0")return v(t,"standard-signed-out")},xt=t=>{let{clientUat:e,cookieToken:r}=t;if(e&&Number.parseInt(e)>0&&!r)return M(t,"cookie-missing")},Tt=async t=>{let{headerToken:e}=t,r=await Rt(t,e);return await je(t,r)},Jt=async t=>{let{cookieToken:e,clientUat:r}=t,i=await Rt(t,e),n=await je(t,i),o=n.toAuth().sessionClaims.iat<Number.parseInt(r);return!r||o?M(t,"cookie-outdated"):n};async function Be(t,e){for(let r of e){let i=await r(t);if(i)return i}return v(t,"unexpected-error")}async function Rt(t,e){let{isSatellite:r,proxyUrl:i}=t,n;return r?n=null:i?n=i:n=s=>s.startsWith("https://clerk.")||s.includes(".clerk.accounts"),Ot(e,{...t,issuer:n})}var Nt=t=>{let{clientUat:e,isSatellite:r,searchParams:i}=t,n=i?.get("__clerk_synced")==="true";if(r&&(!e||e==="0")&&!n)return M(t,"satellite-needs-syncing")};async function vt(t){t.frontendApi=ne(t.publishableKey)?.frontendApi||t.frontendApi||"",t.apiUrl=t.apiUrl||C,t.apiVersion=t.apiVersion||R,Ae(t.secretKey||t.apiKey);async function e(){try{return await Be(t,[Tt])}catch(n){return i(n,"header")}}async function r(){try{return await Be(t,[_t,kt,Nt,wt,It,At,xt,Pt,Jt])}catch(n){return i(n,"cookie")}}function i(n,s){return n instanceof d?(n.tokenCarrier=s,["token-expired","token-not-active-yet"].includes(n.reason)?s==="header"?mt(t,n.reason,n.getFullMessage()):M(t,n.reason,n.getFullMessage()):v(t,n.reason,n.getFullMessage())):v(t,"unexpected-error",n.message)}return t.headerToken?e():r()}var Ge=t=>{let{frontendApi:e,isSignedIn:r,proxyUrl:i,isInterstitial:n,reason:s,message:o,publishableKey:u,isSatellite:l,domain:p}=t;return{frontendApi:e,isSignedIn:r,proxyUrl:i,isInterstitial:n,reason:s,message:o,publishableKey:u,isSatellite:l,domain:p}};function Ct(t){let{apiClient:e}=t,{apiKey:r="",secretKey:i="",jwtKey:n="",apiUrl:s=C,apiVersion:o=R,frontendApi:u="",proxyUrl:l="",publishableKey:p="",isSatellite:y=!1,domain:h=""}=t.options;return{authenticateRequest:({apiKey:b,secretKey:k,frontendApi:I,proxyUrl:A,publishableKey:_,jwtKey:f,isSatellite:c,domain:j,searchParams:Ne,...ve})=>vt({...ve,apiKey:b||r,secretKey:k||i,apiUrl:s,apiVersion:o,frontendApi:I||u,proxyUrl:A||l,publishableKey:_||p,isSatellite:c||y,domain:j||h,jwtKey:f||n,searchParams:Ne}),localInterstitial:Me,remotePublicInterstitial:({frontendApi:b,publishableKey:k,proxyUrl:I,isSatellite:A,domain:_,...f})=>dt({...f,apiUrl:s,frontendApi:b||u,publishableKey:k||p,proxyUrl:I||l,isSatellite:A||y,domain:_||h}),remotePrivateInterstitial:()=>e.interstitial.getInterstitial(),remotePublicInterstitialUrl:Pe,debugRequestState:Ge}}function io(t){let e={...t},r=re(e),i=Ct({options:e,apiClient:r});return{...r,...i,__unstable_options:e}}export{W as AllowlistIdentifier,pt as AuthStatus,io as Clerk,L as Client,D as DeletedObject,F as Email,q as EmailAddress,V as ExternalAccount,E as IdentificationLink,$ as Invitation,B as OauthAccessToken,Qe as ObjectType,K as Organization,G as OrganizationInvitation,H as OrganizationMembership,se as OrganizationMembershipPublicUserData,z as PhoneNumber,Y as RedirectUrl,Q as SMSMessage,U as Session,X as SignInToken,Z as Token,te as User,J as Verification,Lt as constants,Ct as createAuthenticateRequest,Ge as debugRequestState,Ve as decodeJwt,Ze as deserialize,pr as hasValidSignature,Me as loadInterstitialFromLocal,Xi as makeAuthObjectSerializable,rt as prunePrivateMetadata,Yi as sanitizeAuthObject,it as signedInAuthObject,st as signedOutAuthObject,ft as verifyJwt,Ot as verifyToken};
//# sourceMappingURL=index.js.map

12

dist/index.js

@@ -1,2 +0,2 @@

"use strict";var Lt=Object.create;var le=Object.defineProperty;var Dt=Object.getOwnPropertyDescriptor;var Ft=Object.getOwnPropertyNames;var Vt=Object.getPrototypeOf,$t=Object.prototype.hasOwnProperty;var Bt=(t,e)=>{for(var r in e)le(t,r,{get:e[r],enumerable:!0})},at=(t,e,r,i)=>{if(e&&typeof e=="object"||typeof e=="function")for(let n of Ft(e))!$t.call(t,n)&&n!==r&&le(t,n,{get:()=>e[n],enumerable:!(i=Dt(e,n))||i.enumerable});return t};var ue=(t,e,r)=>(r=t!=null?Lt(Vt(t)):{},at(e||!t||!t.__esModule?le(r,"default",{value:t,enumerable:!0}):r,t)),Gt=t=>at(le({},"__esModule",{value:!0}),t);var Cr={};Bt(Cr,{AllowlistIdentifier:()=>j,AuthStatus:()=>Ye,Clerk:()=>Nr,Client:()=>W,DeletedObject:()=>L,Email:()=>D,EmailAddress:()=>U,ExternalAccount:()=>F,IdentificationLink:()=>v,Invitation:()=>V,OauthAccessToken:()=>$,ObjectType:()=>Le,Organization:()=>E,OrganizationInvitation:()=>B,OrganizationMembership:()=>G,OrganizationMembershipPublicUserData:()=>te,PhoneNumber:()=>q,RedirectUrl:()=>H,SMSMessage:()=>X,Session:()=>C,SignInToken:()=>Y,Token:()=>Q,User:()=>Z,Verification:()=>w,constants:()=>ct,createAuthenticateRequest:()=>ot,debugRequestState:()=>Ee,decodeJwt:()=>Ce,deserialize:()=>Fe,hasValidSignature:()=>At,loadInterstitialFromLocal:()=>Re,makeAuthObjectSerializable:()=>dr,prunePrivateMetadata:()=>$e,sanitizeAuthObject:()=>ur,signedInAuthObject:()=>Be,signedOutAuthObject:()=>Ge,verifyJwt:()=>rt,verifyToken:()=>it});module.exports=Gt(Cr);var p=class{constructor(e){this.request=e}requireId(e){if(!e)throw new Error("A valid resource ID is required.")}};var Me="/",Ht=new RegExp(Me+"{1,}","g");function o(...t){return t.filter(e=>e).join(Me).replace(Ht,Me)}var ze="/allowlist_identifiers",de=class extends p{async getAllowlistIdentifierList(){return this.request({method:"GET",path:ze})}async createAllowlistIdentifier(e){return this.request({method:"POST",path:ze,bodyParams:e})}async deleteAllowlistIdentifier(e){return this.requireId(e),this.request({method:"DELETE",path:o(ze,e)})}};var je="/clients",ce=class extends p{async getClientList(){return this.request({method:"GET",path:je})}async getClient(e){return this.requireId(e),this.request({method:"GET",path:o(je,e)})}verifyClient(e){return this.request({method:"POST",path:o(je,"verify"),bodyParams:{token:e}})}};var pe="/email_addresses",me=class extends p{async getEmailAddress(e){return this.requireId(e),this.request({method:"GET",path:o(pe,e)})}async createEmailAddress(e){return this.request({method:"POST",path:pe,bodyParams:e})}async updateEmailAddress(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:o(pe,e),bodyParams:r})}async deleteEmailAddress(e){return this.requireId(e),this.request({method:"DELETE",path:o(pe,e)})}};var Yt="/emails",ge=class extends p{async createEmail(e){return this.request({method:"POST",path:Yt,bodyParams:e})}};var fe=class extends p{async getInterstitial(){return this.request({path:"internal/interstitial",method:"GET",headerParams:{"Content-Type":"text/html"}})}};var We="/invitations",ye=class extends p{async getInvitationList(){return this.request({method:"GET",path:We})}async createInvitation(e){return this.request({method:"POST",path:We,bodyParams:e})}async revokeInvitation(e){return this.requireId(e),this.request({method:"POST",path:o(We,e,"revoke")})}};var P="/organizations",he=class extends p{async getOrganizationList(e){return this.request({method:"GET",path:P,queryParams:e})}async createOrganization(e){return this.request({method:"POST",path:P,bodyParams:e})}async getOrganization(e){let r="organizationId"in e?e.organizationId:e.slug;return this.requireId(r),this.request({method:"GET",path:o(P,r)})}async updateOrganization(e,r){return this.requireId(e),this.request({method:"PATCH",path:o(P,e),bodyParams:r})}async updateOrganizationMetadata(e,r){return this.requireId(e),this.request({method:"PATCH",path:o(P,e,"metadata"),bodyParams:r})}async deleteOrganization(e){return this.request({method:"DELETE",path:o(P,e)})}async getOrganizationMembershipList(e){let{organizationId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:o(P,r,"memberships"),queryParams:{limit:i,offset:n}})}async createOrganizationMembership(e){let{organizationId:r,userId:i,role:n}=e;return this.requireId(r),this.request({method:"POST",path:o(P,r,"memberships"),bodyParams:{userId:i,role:n}})}async updateOrganizationMembership(e){let{organizationId:r,userId:i,role:n}=e;return this.requireId(r),this.request({method:"PATCH",path:o(P,r,"memberships",i),bodyParams:{role:n}})}async updateOrganizationMembershipMetadata(e){let{organizationId:r,userId:i,publicMetadata:n,privateMetadata:s}=e;return this.request({method:"PATCH",path:o(P,r,"memberships",i,"metadata"),bodyParams:{publicMetadata:n,privateMetadata:s}})}async deleteOrganizationMembership(e){let{organizationId:r,userId:i}=e;return this.requireId(r),this.request({method:"DELETE",path:o(P,r,"memberships",i)})}async getPendingOrganizationInvitationList(e){let{organizationId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:o(P,r,"invitations","pending"),queryParams:{limit:i,offset:n}})}async createOrganizationInvitation(e){let{organizationId:r,...i}=e;return this.requireId(r),this.request({method:"POST",path:o(P,r,"invitations"),bodyParams:{...i}})}async revokeOrganizationInvitation(e){let{organizationId:r,invitationId:i,requestingUserId:n}=e;return this.requireId(r),this.request({method:"POST",path:o(P,r,"invitations",i,"revoke"),bodyParams:{requestingUserId:n}})}};var be="/phone_numbers",Se=class extends p{async getPhoneNumber(e){return this.requireId(e),this.request({method:"GET",path:o(be,e)})}async createPhoneNumber(e){return this.request({method:"POST",path:be,bodyParams:e})}async updatePhoneNumber(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:o(be,e),bodyParams:r})}async deletePhoneNumber(e){return this.requireId(e),this.request({method:"DELETE",path:o(be,e)})}};var Oe="/redirect_urls",ke=class extends p{async getRedirectUrlList(){return this.request({method:"GET",path:Oe})}async getRedirectUrl(e){return this.requireId(e),this.request({method:"GET",path:o(Oe,e)})}async createRedirectUrl(e){return this.request({method:"POST",path:Oe,bodyParams:e})}async deleteRedirectUrl(e){return this.requireId(e),this.request({method:"DELETE",path:o(Oe,e)})}};var se="/sessions",_e=class extends p{async getSessionList(e){return this.request({method:"GET",path:se,queryParams:e})}async getSession(e){return this.requireId(e),this.request({method:"GET",path:o(se,e)})}async revokeSession(e){return this.requireId(e),this.request({method:"POST",path:o(se,e,"revoke")})}async verifySession(e,r){return this.requireId(e),this.request({method:"POST",path:o(se,e,"verify"),bodyParams:{token:r}})}async getToken(e,r){return this.requireId(e),(await this.request({method:"POST",path:o(se,e,"tokens",r||"")})).jwt}};var lt="/sign_in_tokens",Ie=class extends p{async createSignInToken(e){return this.request({method:"POST",path:lt,bodyParams:e})}async revokeSignInToken(e){return this.requireId(e),this.request({method:"POST",path:o(lt,e,"revoke")})}};var Xt="/sms_messages",Ae=class extends p{async createSMSMessage(e){return this.request({method:"POST",path:Xt,bodyParams:e})}};var J="/users",Pe=class extends p{async getUserList(e={}){return this.request({method:"GET",path:J,queryParams:e})}async getUser(e){return this.requireId(e),this.request({method:"GET",path:o(J,e)})}async createUser(e){return this.request({method:"POST",path:J,bodyParams:e})}async updateUser(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:o(J,e),bodyParams:r})}async updateUserMetadata(e,r){return this.requireId(e),this.request({method:"PATCH",path:o(J,e,"metadata"),bodyParams:r})}async deleteUser(e){return this.requireId(e),this.request({method:"DELETE",path:o(J,e)})}async getCount(e={}){return this.request({method:"GET",path:o(J,"count"),queryParams:e})}async getUserOauthAccessToken(e,r){return this.requireId(e),this.request({method:"GET",path:o(J,e,"oauth_access_tokens",r)})}async disableUserMFA(e){return this.requireId(e),this.request({method:"DELETE",path:o(J,e,"mfa")})}async getOrganizationMembershipList(e){let{userId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:o(J,r,"organization_memberships"),queryParams:{limit:i,offset:n}})}async verifyPassword(e){let{userId:r,password:i}=e;return this.requireId(r),this.request({method:"POST",path:o(J,r,"verify_password"),bodyParams:{password:i}})}async verifyTOTP(e){let{userId:r,code:i}=e;return this.requireId(r),this.request({method:"POST",path:o(J,r,"verify_totp"),bodyParams:{code:i}})}};var gt=ue(require("deepmerge")),Ve=ue(require("snakecase-keys"));var M="https://api.clerk.dev",R="v1",ut="@clerk/backend";var Qt={AuthStatus:"__clerkAuthStatus",AuthReason:"__clerkAuthReason",AuthMessage:"__clerkAuthMessage"},Zt={Session:"__session",ClientUat:"__client_uat"},dt={AuthStatus:"x-clerk-auth-status",AuthReason:"x-clerk-auth-reason",AuthMessage:"x-clerk-auth-message",Authorization:"authorization",ForwardedPort:"x-forwarded-port",ForwardedHost:"x-forwarded-host",Referrer:"referer",UserAgent:"user-agent",Origin:"origin",Host:"host",ContentType:"content-type"},er={AuthStatus:dt.AuthStatus},tr={Json:"application/json"},ct={Attributes:Qt,Cookies:Zt,Headers:dt,SearchParams:er,ContentTypes:tr};var pt=ue(require("#crypto")),mt=ue(require("#fetch")),rr=mt.default.bind(globalThis),nr={crypto:pt.default,fetch:rr},N=nr;function we(t){if(!t||typeof t!="string")throw Error("Missing Clerk Secret Key or API Key. Go to https://dashboard.clerk.dev and get your key for your instance.")}var j=class{constructor(e,r,i,n,s){this.id=e;this.identifier=r;this.createdAt=i;this.updatedAt=n;this.invitationId=s}static fromJSON(e){return new j(e.id,e.identifier,e.created_at,e.updated_at,e.invitation_id)}};var C=class{constructor(e,r,i,n,s,a,l,u,m){this.id=e;this.clientId=r;this.userId=i;this.status=n;this.lastActiveAt=s;this.expireAt=a;this.abandonAt=l;this.createdAt=u;this.updatedAt=m}static fromJSON(e){return new C(e.id,e.client_id,e.user_id,e.status,e.last_active_at,e.expire_at,e.abandon_at,e.created_at,e.updated_at)}};var W=class{constructor(e,r,i,n,s,a,l,u){this.id=e;this.sessionIds=r;this.sessions=i;this.signInId=n;this.signUpId=s;this.lastActiveSessionId=a;this.createdAt=l;this.updatedAt=u}static fromJSON(e){return new W(e.id,e.session_ids,e.sessions.map(r=>C.fromJSON(r)),e.sign_in_id,e.sign_up_id,e.last_active_session_id,e.created_at,e.updated_at)}};var L=class{constructor(e,r,i,n){this.object=e;this.id=r;this.slug=i;this.deleted=n}static fromJSON(e){return new L(e.object,e.id||null,e.slug||null,e.deleted)}};var D=class{constructor(e,r,i,n,s,a,l){this.id=e;this.fromEmailName=r;this.emailAddressId=i;this.toEmailAddress=n;this.subject=s;this.body=a;this.status=l}static fromJSON(e){return new D(e.id,e.from_email_name,e.email_address_id,e.to_email_address,e.subject,e.body,e.status)}};var v=class{constructor(e,r){this.id=e;this.type=r}static fromJSON(e){return new v(e.id,e.type)}};var w=class{constructor(e,r,i=null,n=null,s=null,a=null){this.status=e;this.strategy=r;this.externalVerificationRedirectURL=i;this.attempts=n;this.expireAt=s;this.nonce=a}static fromJSON(e){return new w(e.status,e.strategy,e.external_verification_redirect_url?new URL(e.external_verification_redirect_url):null,e.attempts,e.expire_at,e.nonce)}};var U=class{constructor(e,r,i,n){this.id=e;this.emailAddress=r;this.verification=i;this.linkedTo=n}static fromJSON(e){return new U(e.id,e.email_address,e.verification&&w.fromJSON(e.verification),e.linked_to.map(r=>v.fromJSON(r)))}};var F=class{constructor(e,r,i,n,s,a,l,u,m,y,h={},S,g){this.id=e;this.provider=r;this.identificationId=i;this.externalId=n;this.approvedScopes=s;this.emailAddress=a;this.firstName=l;this.lastName=u;this.picture=m;this.username=y;this.publicMetadata=h;this.label=S;this.verification=g}static fromJSON(e){return new F(e.id,e.provider,e.identification_id,e.provider_user_id,e.approved_scopes,e.email_address,e.first_name,e.last_name,e.avatar_url,e.username,e.public_metadata,e.label,e.verification&&w.fromJSON(e.verification))}};var V=class{constructor(e,r,i,n,s,a){this.id=e;this.emailAddress=r;this.publicMetadata=i;this.createdAt=n;this.updatedAt=s;this.revoked=a}static fromJSON(e){return new V(e.id,e.email_address,e.public_metadata,e.created_at,e.updated_at,e.revoked)}};var Le=(c=>(c.AllowlistIdentifier="allowlist_identifier",c.Client="client",c.Email="email",c.EmailAddress="email_address",c.ExternalAccount="external_account",c.FacebookAccount="facebook_account",c.GoogleAccount="google_account",c.Invitation="invitation",c.OauthAccessToken="oauth_access_token",c.Organization="organization",c.OrganizationInvitation="organization_invitation",c.OrganizationMembership="organization_membership",c.PhoneNumber="phone_number",c.RedirectUrl="redirect_url",c.Session="session",c.SignInAttempt="sign_in_attempt",c.SignInToken="sign_in_token",c.SignUpAttempt="sign_up_attempt",c.SmsMessage="sms_message",c.User="user",c.Web3Wallet="web3_wallet",c.Token="token",c.TotalCount="total_count",c))(Le||{});var $=class{constructor(e,r,i={},n,s,a){this.provider=e;this.token=r;this.publicMetadata=i;this.label=n;this.scopes=s;this.tokenSecret=a}static fromJSON(e){return new $(e.provider,e.token,e.public_metadata,e.label,e.scopes,e.token_secret)}};var E=class{constructor(e,r,i,n,s,a,l,u={},m={}){this.id=e;this.name=r;this.slug=i;this.logoUrl=n;this.createdBy=s;this.createdAt=a;this.updatedAt=l;this.publicMetadata=u;this.privateMetadata=m}static fromJSON(e){return new E(e.id,e.name,e.slug,e.logo_url,e.created_by,e.created_at,e.updated_at,e.public_metadata,e.private_metadata)}};var B=class{constructor(e,r,i,n,s,a,l,u={}){this.id=e;this.emailAddress=r;this.role=i;this.organizationId=n;this.createdAt=s;this.updatedAt=a;this.status=l;this.publicMetadata=u}static fromJSON(e){return new B(e.id,e.email_address,e.role,e.organization_id,e.created_at,e.updated_at,e.status,e.public_metadata)}};var G=class{constructor(e,r,i={},n={},s,a,l,u){this.id=e;this.role=r;this.publicMetadata=i;this.privateMetadata=n;this.createdAt=s;this.updatedAt=a;this.organization=l;this.publicUserData=u}static fromJSON(e){return new G(e.id,e.role,e.public_metadata,e.private_metadata,e.created_at,e.updated_at,E.fromJSON(e.organization),te.fromJSON(e.public_user_data))}},te=class{constructor(e,r,i,n,s){this.identifier=e;this.firstName=r;this.lastName=i;this.profileImageUrl=n;this.userId=s}static fromJSON(e){return new te(e.identifier,e.first_name,e.last_name,e.profile_image_url,e.user_id)}};var q=class{constructor(e,r,i,n,s,a){this.id=e;this.phoneNumber=r;this.reservedForSecondFactor=i;this.defaultSecondFactor=n;this.verification=s;this.linkedTo=a}static fromJSON(e){return new q(e.id,e.phone_number,e.reserved_for_second_factor,e.default_second_factor,e.verification&&w.fromJSON(e.verification),e.linked_to.map(r=>v.fromJSON(r)))}};var H=class{constructor(e,r,i,n){this.id=e;this.url=r;this.createdAt=i;this.updatedAt=n}static fromJSON(e){return new H(e.id,e.url,e.created_at,e.updated_at)}};var Y=class{constructor(e,r,i,n,s,a,l){this.id=e;this.userId=r;this.token=i;this.status=n;this.url=s;this.createdAt=a;this.updatedAt=l}static fromJSON(e){return new Y(e.id,e.user_id,e.token,e.status,e.url,e.created_at,e.updated_at)}};var X=class{constructor(e,r,i,n,s,a){this.id=e;this.fromPhoneNumber=r;this.toPhoneNumber=i;this.message=n;this.status=s;this.phoneNumberId=a}static fromJSON(e){return new X(e.id,e.from_phone_number,e.to_phone_number,e.message,e.status,e.phone_number_id)}};var Q=class{constructor(e){this.jwt=e}static fromJSON(e){return new Q(e.jwt)}};var re=class{constructor(e,r,i){this.id=e;this.web3Wallet=r;this.verification=i}static fromJSON(e){return new re(e.id,e.web3_wallet,e.verification&&w.fromJSON(e.verification))}};var Z=class{constructor(e,r,i,n,s,a,l,u,m,y,h,S,g,O,x,T,b,k,I,A={},_={},f={},c=[],ee=[],qe=[],Ke=[]){this.id=e;this.passwordEnabled=r;this.totpEnabled=i;this.backupCodeEnabled=n;this.twoFactorEnabled=s;this.banned=a;this.createdAt=l;this.updatedAt=u;this.profileImageUrl=m;this.gender=y;this.birthday=h;this.primaryEmailAddressId=S;this.primaryPhoneNumberId=g;this.primaryWeb3WalletId=O;this.lastSignInAt=x;this.externalId=T;this.username=b;this.firstName=k;this.lastName=I;this.publicMetadata=A;this.privateMetadata=_;this.unsafeMetadata=f;this.emailAddresses=c;this.phoneNumbers=ee;this.web3Wallets=qe;this.externalAccounts=Ke}static fromJSON(e){return new Z(e.id,e.password_enabled,e.totp_enabled,e.backup_code_enabled,e.two_factor_enabled,e.banned,e.created_at,e.updated_at,e.profile_image_url,e.gender,e.birthday,e.primary_email_address_id,e.primary_phone_number_id,e.primary_web3_wallet_id,e.last_sign_in_at,e.external_id,e.username,e.first_name,e.last_name,e.public_metadata,e.private_metadata,e.unsafe_metadata,(e.email_addresses||[]).map(r=>U.fromJSON(r)),(e.phone_numbers||[]).map(r=>q.fromJSON(r)),(e.web3_wallets||[]).map(r=>re.fromJSON(r)),(e.external_accounts||[]).map(r=>F.fromJSON(r)))}};function Fe(t){return Array.isArray(t)?t.map(e=>De(e)):ir(t)?t.data.map(e=>De(e)):De(t)}function ir(t){return t.data!==void 0}function sr(t){return t.total_count}function De(t){if(typeof t!="string"&&"object"in t&&"deleted"in t)return L.fromJSON(t);switch(t.object){case"allowlist_identifier":return j.fromJSON(t);case"client":return W.fromJSON(t);case"email_address":return U.fromJSON(t);case"email":return D.fromJSON(t);case"invitation":return V.fromJSON(t);case"oauth_access_token":return $.fromJSON(t);case"organization":return E.fromJSON(t);case"organization_invitation":return B.fromJSON(t);case"organization_membership":return G.fromJSON(t);case"phone_number":return q.fromJSON(t);case"redirect_url":return H.fromJSON(t);case"sign_in_token":return Y.fromJSON(t);case"session":return C.fromJSON(t);case"sms_message":return X.fromJSON(t);case"token":return Q.fromJSON(t);case"total_count":return sr(t);case"user":return Z.fromJSON(t);default:return t}}var or=t=>async(...e)=>{let{data:r,errors:i,status:n,statusText:s}=await t(...e);if(i===null)return r;throw new oe(s||"",{data:i,status:n||""})};function ft(t){return or(async r=>{let{apiKey:i,secretKey:n,apiUrl:s=M,apiVersion:a=R,userAgent:l=ut,httpOptions:u={}}=t,{path:m,method:y,queryParams:h,headerParams:S,bodyParams:g}=r,O=n||i;we(O);let x=o(s,a,m),T=new URL(x);if(h){let _=(0,Ve.default)({...h});for(let[f,c]of Object.entries(_))c&&[c].flat().forEach(ee=>T.searchParams.append(f,ee))}let b={Authorization:`Bearer ${O}`,"Content-Type":"application/json","Clerk-Backend-SDK":l,...S},I=y!=="GET"&&g&&Object.keys(g).length>0?{body:JSON.stringify((0,Ve.default)(g,{deep:!1}))}:null,A;try{A=await N.fetch(T.href,(0,gt.default)(u,{method:y,headers:b,...I}));let f=await(b&&b["Content-Type"]==="application/json"?A.json():A.text());if(!A.ok)throw f;return{data:Fe(f),errors:null}}catch(_){return _ instanceof Error?{data:null,errors:[{code:"unexpected_error",message:_.message||"Unexpected error"}]}:{data:null,errors:ar(_),status:A?.status,statusText:A?.statusText}}})}function ar(t){if(!!t&&typeof t=="object"&&"errors"in t){let e=t.errors;return e.length>0?e.map(lr):[]}return[]}function lr(t){return{code:t.code,message:t.message,longMessage:t.long_message,meta:{paramName:t?.meta?.param_name,sessionId:t?.meta?.session_id}}}var oe=class extends Error{constructor(r,{data:i,status:n}){super(r);Object.setPrototypeOf(this,oe.prototype),this.clerkError=!0,this.message=r,this.status=n,this.errors=i}};function ne(t){let e=ft(t);return{allowlistIdentifiers:new de(e),clients:new ce(e),emailAddresses:new me(e),emails:new ge(e),interstitial:new fe(e),invitations:new ye(e),organizations:new he(e),phoneNumbers:new Se(e),redirectUrls:new ke(e),sessions:new _e(e),signInTokens:new Ie(e),smsMessages:new Ae(e),users:new Pe(e)}}var yt=t=>()=>{let e={...t};return e.apiKey=(e.apiKey||"").substring(0,7),e.secretKey=(e.secretKey||"").substring(0,7),e.jwtKey=(e.jwtKey||"").substring(0,7),{...e}};function Be(t,e,r){let{act:i,sid:n,org_id:s,org_role:a,org_slug:l,sub:u}=t,{apiKey:m,secretKey:y,apiUrl:h,apiVersion:S,token:g,session:O,user:x,organization:T}=e,{sessions:b}=ne({apiKey:m,secretKey:y,apiUrl:h,apiVersion:S}),k=cr({sessionId:n,sessionToken:g,fetcher:(...I)=>b.getToken(...I)});return{actor:i,sessionClaims:t,sessionId:n,session:O,userId:u,user:x,orgId:s,orgRole:a,orgSlug:l,organization:T,getToken:k,debug:yt({...e,...r})}}function Ge(t){return{sessionClaims:null,sessionId:null,session:null,userId:null,user:null,actor:null,orgId:null,orgRole:null,orgSlug:null,organization:null,getToken:()=>Promise.resolve(null),debug:yt(t)}}function $e(t){return t&&(delete t.privateMetadata,delete t.private_metadata),t}function ur(t){let e=t.user?{...t.user}:t.user,r=t.organization?{...t.organization}:t.organization;return $e(e),$e(r),{...t,user:e,organization:r}}var dr=t=>{let{debug:e,getToken:r,...i}=t;return i},cr=t=>{let{fetcher:e,sessionToken:r,sessionId:i}=t||{};return async(n={})=>i?n.template?e(i,n.template):r:null};function pr(t){return new Promise(e=>setTimeout(e,t))}var mr=5;async function ae(t,e=1,r=mr){try{return await t()}catch(i){if(e>=r)throw i;return await pr(2**e*100),ae(t,e+1)}}function xe(t){return t.startsWith("test_")||t.startsWith("sk_test_")}function ht(t){return t.startsWith("live_")||t.startsWith("sk_live_")}function bt(t){return t.endsWith(".lclstage.dev")||t.endsWith(".stgstage.dev")||t.endsWith(".clerkstage.dev")||t.endsWith(".accountsstage.dev")}var St="pk_live_",gr="pk_test_";function ie(t){if(t=t||"",!fr(t))return null;let e=t.startsWith(St)?"production":"development",r=Ot(t.split("_")[2]);return r.endsWith("$")?(r=r.slice(0,-1),{instanceType:e,frontendApi:r}):null}function fr(t){t=t||"";let e=t.startsWith(St)||t.startsWith(gr),r=Ot(t.split("_")[2]||"").endsWith("$");return e&&r}var Ot=t=>typeof atob<"u"&&typeof atob=="function"?atob(t):typeof globalThis<"u"&&globalThis.Buffer?new globalThis.Buffer(t,"base64").toString():t;var d=class extends Error{constructor({action:r,message:i,reason:n}){super(i);Object.setPrototypeOf(this,d.prototype),this.reason=n,this.message=i,this.action=r}getFullMessage(){return`${[this.message,this.action].filter(r=>r).join(" ")} (reason=${this.reason}, token-carrier=${this.tokenCarrier})`}};function yr(t){if(!t)return"";let e;if(t.match(/^(clerk\.)+\w*$/))e=/(clerk\.)*(?=clerk\.)/;else{if(t.match(/\.clerk.accounts/))return t;e=/^(clerk\.)*/gi}return`clerk.${t.replace(e,"")}`}function Re(t){t.frontendApi=ie(t.publishableKey)?.frontendApi||t.frontendApi||"";let{debugData:e,frontendApi:r,pkgVersion:i,publishableKey:n,proxyUrl:s,isSatellite:a=!1,domain:l}=t;return`
"use strict";var Dt=Object.create;var le=Object.defineProperty;var Ft=Object.getOwnPropertyDescriptor;var Vt=Object.getOwnPropertyNames;var $t=Object.getPrototypeOf,Bt=Object.prototype.hasOwnProperty;var Gt=(t,e)=>{for(var r in e)le(t,r,{get:e[r],enumerable:!0})},at=(t,e,r,i)=>{if(e&&typeof e=="object"||typeof e=="function")for(let n of Vt(e))!Bt.call(t,n)&&n!==r&&le(t,n,{get:()=>e[n],enumerable:!(i=Ft(e,n))||i.enumerable});return t};var ue=(t,e,r)=>(r=t!=null?Dt($t(t)):{},at(e||!t||!t.__esModule?le(r,"default",{value:t,enumerable:!0}):r,t)),Ht=t=>at(le({},"__esModule",{value:!0}),t);var Er={};Gt(Er,{AllowlistIdentifier:()=>j,AuthStatus:()=>Ye,Clerk:()=>Ur,Client:()=>W,DeletedObject:()=>L,Email:()=>D,EmailAddress:()=>U,ExternalAccount:()=>F,IdentificationLink:()=>C,Invitation:()=>V,OauthAccessToken:()=>$,ObjectType:()=>Le,Organization:()=>E,OrganizationInvitation:()=>B,OrganizationMembership:()=>G,OrganizationMembershipPublicUserData:()=>te,PhoneNumber:()=>q,RedirectUrl:()=>H,SMSMessage:()=>X,Session:()=>v,SignInToken:()=>Y,Token:()=>Q,User:()=>Z,Verification:()=>P,constants:()=>ct,createAuthenticateRequest:()=>ot,debugRequestState:()=>Ee,decodeJwt:()=>ve,deserialize:()=>Fe,hasValidSignature:()=>wt,loadInterstitialFromLocal:()=>Re,makeAuthObjectSerializable:()=>cr,prunePrivateMetadata:()=>$e,sanitizeAuthObject:()=>dr,signedInAuthObject:()=>Be,signedOutAuthObject:()=>Ge,verifyJwt:()=>rt,verifyToken:()=>it});module.exports=Ht(Er);var m=class{constructor(e){this.request=e}requireId(e){if(!e)throw new Error("A valid resource ID is required.")}};var ze="/",Yt=new RegExp(ze+"{1,}","g");function a(...t){return t.filter(e=>e).join(ze).replace(Yt,ze)}var Me="/allowlist_identifiers",de=class extends m{async getAllowlistIdentifierList(){return this.request({method:"GET",path:Me})}async createAllowlistIdentifier(e){return this.request({method:"POST",path:Me,bodyParams:e})}async deleteAllowlistIdentifier(e){return this.requireId(e),this.request({method:"DELETE",path:a(Me,e)})}};var je="/clients",ce=class extends m{async getClientList(){return this.request({method:"GET",path:je})}async getClient(e){return this.requireId(e),this.request({method:"GET",path:a(je,e)})}verifyClient(e){return this.request({method:"POST",path:a(je,"verify"),bodyParams:{token:e}})}};var pe="/email_addresses",me=class extends m{async getEmailAddress(e){return this.requireId(e),this.request({method:"GET",path:a(pe,e)})}async createEmailAddress(e){return this.request({method:"POST",path:pe,bodyParams:e})}async updateEmailAddress(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:a(pe,e),bodyParams:r})}async deleteEmailAddress(e){return this.requireId(e),this.request({method:"DELETE",path:a(pe,e)})}};var Xt="/emails",ge=class extends m{async createEmail(e){return this.request({method:"POST",path:Xt,bodyParams:e})}};var fe=class extends m{async getInterstitial(){return this.request({path:"internal/interstitial",method:"GET",headerParams:{"Content-Type":"text/html"}})}};var We="/invitations",ye=class extends m{async getInvitationList(){return this.request({method:"GET",path:We})}async createInvitation(e){return this.request({method:"POST",path:We,bodyParams:e})}async revokeInvitation(e){return this.requireId(e),this.request({method:"POST",path:a(We,e,"revoke")})}};var w="/organizations",he=class extends m{async getOrganizationList(e){return this.request({method:"GET",path:w,queryParams:e})}async createOrganization(e){return this.request({method:"POST",path:w,bodyParams:e})}async getOrganization(e){let r="organizationId"in e?e.organizationId:e.slug;return this.requireId(r),this.request({method:"GET",path:a(w,r)})}async updateOrganization(e,r){return this.requireId(e),this.request({method:"PATCH",path:a(w,e),bodyParams:r})}async updateOrganizationMetadata(e,r){return this.requireId(e),this.request({method:"PATCH",path:a(w,e,"metadata"),bodyParams:r})}async deleteOrganization(e){return this.request({method:"DELETE",path:a(w,e)})}async getOrganizationMembershipList(e){let{organizationId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:a(w,r,"memberships"),queryParams:{limit:i,offset:n}})}async createOrganizationMembership(e){let{organizationId:r,userId:i,role:n}=e;return this.requireId(r),this.request({method:"POST",path:a(w,r,"memberships"),bodyParams:{userId:i,role:n}})}async updateOrganizationMembership(e){let{organizationId:r,userId:i,role:n}=e;return this.requireId(r),this.request({method:"PATCH",path:a(w,r,"memberships",i),bodyParams:{role:n}})}async updateOrganizationMembershipMetadata(e){let{organizationId:r,userId:i,publicMetadata:n,privateMetadata:s}=e;return this.request({method:"PATCH",path:a(w,r,"memberships",i,"metadata"),bodyParams:{publicMetadata:n,privateMetadata:s}})}async deleteOrganizationMembership(e){let{organizationId:r,userId:i}=e;return this.requireId(r),this.request({method:"DELETE",path:a(w,r,"memberships",i)})}async getPendingOrganizationInvitationList(e){let{organizationId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:a(w,r,"invitations","pending"),queryParams:{limit:i,offset:n}})}async createOrganizationInvitation(e){let{organizationId:r,...i}=e;return this.requireId(r),this.request({method:"POST",path:a(w,r,"invitations"),bodyParams:{...i}})}async revokeOrganizationInvitation(e){let{organizationId:r,invitationId:i,requestingUserId:n}=e;return this.requireId(r),this.request({method:"POST",path:a(w,r,"invitations",i,"revoke"),bodyParams:{requestingUserId:n}})}};var be="/phone_numbers",Se=class extends m{async getPhoneNumber(e){return this.requireId(e),this.request({method:"GET",path:a(be,e)})}async createPhoneNumber(e){return this.request({method:"POST",path:be,bodyParams:e})}async updatePhoneNumber(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:a(be,e),bodyParams:r})}async deletePhoneNumber(e){return this.requireId(e),this.request({method:"DELETE",path:a(be,e)})}};var Oe="/redirect_urls",ke=class extends m{async getRedirectUrlList(){return this.request({method:"GET",path:Oe})}async getRedirectUrl(e){return this.requireId(e),this.request({method:"GET",path:a(Oe,e)})}async createRedirectUrl(e){return this.request({method:"POST",path:Oe,bodyParams:e})}async deleteRedirectUrl(e){return this.requireId(e),this.request({method:"DELETE",path:a(Oe,e)})}};var se="/sessions",_e=class extends m{async getSessionList(e){return this.request({method:"GET",path:se,queryParams:e})}async getSession(e){return this.requireId(e),this.request({method:"GET",path:a(se,e)})}async revokeSession(e){return this.requireId(e),this.request({method:"POST",path:a(se,e,"revoke")})}async verifySession(e,r){return this.requireId(e),this.request({method:"POST",path:a(se,e,"verify"),bodyParams:{token:r}})}async getToken(e,r){return this.requireId(e),(await this.request({method:"POST",path:a(se,e,"tokens",r||"")})).jwt}};var lt="/sign_in_tokens",Ie=class extends m{async createSignInToken(e){return this.request({method:"POST",path:lt,bodyParams:e})}async revokeSignInToken(e){return this.requireId(e),this.request({method:"POST",path:a(lt,e,"revoke")})}};var Qt="/sms_messages",Ae=class extends m{async createSMSMessage(e){return this.request({method:"POST",path:Qt,bodyParams:e})}};var J="/users",we=class extends m{async getUserList(e={}){return this.request({method:"GET",path:J,queryParams:e})}async getUser(e){return this.requireId(e),this.request({method:"GET",path:a(J,e)})}async createUser(e){return this.request({method:"POST",path:J,bodyParams:e})}async updateUser(e,r={}){return this.requireId(e),this.request({method:"PATCH",path:a(J,e),bodyParams:r})}async updateUserMetadata(e,r){return this.requireId(e),this.request({method:"PATCH",path:a(J,e,"metadata"),bodyParams:r})}async deleteUser(e){return this.requireId(e),this.request({method:"DELETE",path:a(J,e)})}async getCount(e={}){return this.request({method:"GET",path:a(J,"count"),queryParams:e})}async getUserOauthAccessToken(e,r){return this.requireId(e),this.request({method:"GET",path:a(J,e,"oauth_access_tokens",r)})}async disableUserMFA(e){return this.requireId(e),this.request({method:"DELETE",path:a(J,e,"mfa")})}async getOrganizationMembershipList(e){let{userId:r,limit:i,offset:n}=e;return this.requireId(r),this.request({method:"GET",path:a(J,r,"organization_memberships"),queryParams:{limit:i,offset:n}})}async verifyPassword(e){let{userId:r,password:i}=e;return this.requireId(r),this.request({method:"POST",path:a(J,r,"verify_password"),bodyParams:{password:i}})}async verifyTOTP(e){let{userId:r,code:i}=e;return this.requireId(r),this.request({method:"POST",path:a(J,r,"verify_totp"),bodyParams:{code:i}})}};var gt=ue(require("deepmerge")),Ve=ue(require("snakecase-keys"));var z="https://api.clerk.dev",R="v1",ut="@clerk/backend";var Zt={AuthStatus:"__clerkAuthStatus",AuthReason:"__clerkAuthReason",AuthMessage:"__clerkAuthMessage"},er={Session:"__session",ClientUat:"__client_uat"},dt={AuthStatus:"x-clerk-auth-status",AuthReason:"x-clerk-auth-reason",AuthMessage:"x-clerk-auth-message",Authorization:"authorization",ForwardedPort:"x-forwarded-port",ForwardedHost:"x-forwarded-host",Referrer:"referer",UserAgent:"user-agent",Origin:"origin",Host:"host",ContentType:"content-type"},tr={AuthStatus:dt.AuthStatus},rr={Json:"application/json"},ct={Attributes:Zt,Cookies:er,Headers:dt,SearchParams:tr,ContentTypes:rr};var pt=ue(require("#crypto")),mt=ue(require("#fetch")),nr=mt.default.bind(globalThis),ir={crypto:pt.default,fetch:nr},N=ir;function Pe(t){if(!t||typeof t!="string")throw Error("Missing Clerk Secret Key or API Key. Go to https://dashboard.clerk.dev and get your key for your instance.")}var j=class{constructor(e,r,i,n,s){this.id=e;this.identifier=r;this.createdAt=i;this.updatedAt=n;this.invitationId=s}static fromJSON(e){return new j(e.id,e.identifier,e.created_at,e.updated_at,e.invitation_id)}};var v=class{constructor(e,r,i,n,s,o,u,l,p){this.id=e;this.clientId=r;this.userId=i;this.status=n;this.lastActiveAt=s;this.expireAt=o;this.abandonAt=u;this.createdAt=l;this.updatedAt=p}static fromJSON(e){return new v(e.id,e.client_id,e.user_id,e.status,e.last_active_at,e.expire_at,e.abandon_at,e.created_at,e.updated_at)}};var W=class{constructor(e,r,i,n,s,o,u,l){this.id=e;this.sessionIds=r;this.sessions=i;this.signInId=n;this.signUpId=s;this.lastActiveSessionId=o;this.createdAt=u;this.updatedAt=l}static fromJSON(e){return new W(e.id,e.session_ids,e.sessions.map(r=>v.fromJSON(r)),e.sign_in_id,e.sign_up_id,e.last_active_session_id,e.created_at,e.updated_at)}};var L=class{constructor(e,r,i,n){this.object=e;this.id=r;this.slug=i;this.deleted=n}static fromJSON(e){return new L(e.object,e.id||null,e.slug||null,e.deleted)}};var D=class{constructor(e,r,i,n,s,o,u){this.id=e;this.fromEmailName=r;this.emailAddressId=i;this.toEmailAddress=n;this.subject=s;this.body=o;this.status=u}static fromJSON(e){return new D(e.id,e.from_email_name,e.email_address_id,e.to_email_address,e.subject,e.body,e.status)}};var C=class{constructor(e,r){this.id=e;this.type=r}static fromJSON(e){return new C(e.id,e.type)}};var P=class{constructor(e,r,i=null,n=null,s=null,o=null){this.status=e;this.strategy=r;this.externalVerificationRedirectURL=i;this.attempts=n;this.expireAt=s;this.nonce=o}static fromJSON(e){return new P(e.status,e.strategy,e.external_verification_redirect_url?new URL(e.external_verification_redirect_url):null,e.attempts,e.expire_at,e.nonce)}};var U=class{constructor(e,r,i,n){this.id=e;this.emailAddress=r;this.verification=i;this.linkedTo=n}static fromJSON(e){return new U(e.id,e.email_address,e.verification&&P.fromJSON(e.verification),e.linked_to.map(r=>C.fromJSON(r)))}};var F=class{constructor(e,r,i,n,s,o,u,l,p,y,h={},S,g){this.id=e;this.provider=r;this.identificationId=i;this.externalId=n;this.approvedScopes=s;this.emailAddress=o;this.firstName=u;this.lastName=l;this.picture=p;this.username=y;this.publicMetadata=h;this.label=S;this.verification=g}static fromJSON(e){return new F(e.id,e.provider,e.identification_id,e.provider_user_id,e.approved_scopes,e.email_address,e.first_name,e.last_name,e.avatar_url,e.username,e.public_metadata,e.label,e.verification&&P.fromJSON(e.verification))}};var V=class{constructor(e,r,i,n,s,o){this.id=e;this.emailAddress=r;this.publicMetadata=i;this.createdAt=n;this.updatedAt=s;this.revoked=o}static fromJSON(e){return new V(e.id,e.email_address,e.public_metadata,e.created_at,e.updated_at,e.revoked)}};var Le=(c=>(c.AllowlistIdentifier="allowlist_identifier",c.Client="client",c.Email="email",c.EmailAddress="email_address",c.ExternalAccount="external_account",c.FacebookAccount="facebook_account",c.GoogleAccount="google_account",c.Invitation="invitation",c.OauthAccessToken="oauth_access_token",c.Organization="organization",c.OrganizationInvitation="organization_invitation",c.OrganizationMembership="organization_membership",c.PhoneNumber="phone_number",c.RedirectUrl="redirect_url",c.Session="session",c.SignInAttempt="sign_in_attempt",c.SignInToken="sign_in_token",c.SignUpAttempt="sign_up_attempt",c.SmsMessage="sms_message",c.User="user",c.Web3Wallet="web3_wallet",c.Token="token",c.TotalCount="total_count",c))(Le||{});var $=class{constructor(e,r,i={},n,s,o){this.provider=e;this.token=r;this.publicMetadata=i;this.label=n;this.scopes=s;this.tokenSecret=o}static fromJSON(e){return new $(e.provider,e.token,e.public_metadata,e.label,e.scopes,e.token_secret)}};var E=class{constructor(e,r,i,n,s,o,u,l={},p={}){this.id=e;this.name=r;this.slug=i;this.logoUrl=n;this.createdBy=s;this.createdAt=o;this.updatedAt=u;this.publicMetadata=l;this.privateMetadata=p}static fromJSON(e){return new E(e.id,e.name,e.slug,e.logo_url,e.created_by,e.created_at,e.updated_at,e.public_metadata,e.private_metadata)}};var B=class{constructor(e,r,i,n,s,o,u,l={}){this.id=e;this.emailAddress=r;this.role=i;this.organizationId=n;this.createdAt=s;this.updatedAt=o;this.status=u;this.publicMetadata=l}static fromJSON(e){return new B(e.id,e.email_address,e.role,e.organization_id,e.created_at,e.updated_at,e.status,e.public_metadata)}};var G=class{constructor(e,r,i={},n={},s,o,u,l){this.id=e;this.role=r;this.publicMetadata=i;this.privateMetadata=n;this.createdAt=s;this.updatedAt=o;this.organization=u;this.publicUserData=l}static fromJSON(e){return new G(e.id,e.role,e.public_metadata,e.private_metadata,e.created_at,e.updated_at,E.fromJSON(e.organization),te.fromJSON(e.public_user_data))}},te=class{constructor(e,r,i,n,s){this.identifier=e;this.firstName=r;this.lastName=i;this.profileImageUrl=n;this.userId=s}static fromJSON(e){return new te(e.identifier,e.first_name,e.last_name,e.profile_image_url,e.user_id)}};var q=class{constructor(e,r,i,n,s,o){this.id=e;this.phoneNumber=r;this.reservedForSecondFactor=i;this.defaultSecondFactor=n;this.verification=s;this.linkedTo=o}static fromJSON(e){return new q(e.id,e.phone_number,e.reserved_for_second_factor,e.default_second_factor,e.verification&&P.fromJSON(e.verification),e.linked_to.map(r=>C.fromJSON(r)))}};var H=class{constructor(e,r,i,n){this.id=e;this.url=r;this.createdAt=i;this.updatedAt=n}static fromJSON(e){return new H(e.id,e.url,e.created_at,e.updated_at)}};var Y=class{constructor(e,r,i,n,s,o,u){this.id=e;this.userId=r;this.token=i;this.status=n;this.url=s;this.createdAt=o;this.updatedAt=u}static fromJSON(e){return new Y(e.id,e.user_id,e.token,e.status,e.url,e.created_at,e.updated_at)}};var X=class{constructor(e,r,i,n,s,o){this.id=e;this.fromPhoneNumber=r;this.toPhoneNumber=i;this.message=n;this.status=s;this.phoneNumberId=o}static fromJSON(e){return new X(e.id,e.from_phone_number,e.to_phone_number,e.message,e.status,e.phone_number_id)}};var Q=class{constructor(e){this.jwt=e}static fromJSON(e){return new Q(e.jwt)}};var re=class{constructor(e,r,i){this.id=e;this.web3Wallet=r;this.verification=i}static fromJSON(e){return new re(e.id,e.web3_wallet,e.verification&&P.fromJSON(e.verification))}};var Z=class{constructor(e,r,i,n,s,o,u,l,p,y,h,S,g,O,x,T,b,k,I,A={},_={},f={},c=[],ee=[],qe=[],Ke=[]){this.id=e;this.passwordEnabled=r;this.totpEnabled=i;this.backupCodeEnabled=n;this.twoFactorEnabled=s;this.banned=o;this.createdAt=u;this.updatedAt=l;this.profileImageUrl=p;this.gender=y;this.birthday=h;this.primaryEmailAddressId=S;this.primaryPhoneNumberId=g;this.primaryWeb3WalletId=O;this.lastSignInAt=x;this.externalId=T;this.username=b;this.firstName=k;this.lastName=I;this.publicMetadata=A;this.privateMetadata=_;this.unsafeMetadata=f;this.emailAddresses=c;this.phoneNumbers=ee;this.web3Wallets=qe;this.externalAccounts=Ke}static fromJSON(e){return new Z(e.id,e.password_enabled,e.totp_enabled,e.backup_code_enabled,e.two_factor_enabled,e.banned,e.created_at,e.updated_at,e.profile_image_url,e.gender,e.birthday,e.primary_email_address_id,e.primary_phone_number_id,e.primary_web3_wallet_id,e.last_sign_in_at,e.external_id,e.username,e.first_name,e.last_name,e.public_metadata,e.private_metadata,e.unsafe_metadata,(e.email_addresses||[]).map(r=>U.fromJSON(r)),(e.phone_numbers||[]).map(r=>q.fromJSON(r)),(e.web3_wallets||[]).map(r=>re.fromJSON(r)),(e.external_accounts||[]).map(r=>F.fromJSON(r)))}};function Fe(t){return Array.isArray(t)?t.map(e=>De(e)):sr(t)?t.data.map(e=>De(e)):De(t)}function sr(t){return t.data!==void 0}function or(t){return t.total_count}function De(t){if(typeof t!="string"&&"object"in t&&"deleted"in t)return L.fromJSON(t);switch(t.object){case"allowlist_identifier":return j.fromJSON(t);case"client":return W.fromJSON(t);case"email_address":return U.fromJSON(t);case"email":return D.fromJSON(t);case"invitation":return V.fromJSON(t);case"oauth_access_token":return $.fromJSON(t);case"organization":return E.fromJSON(t);case"organization_invitation":return B.fromJSON(t);case"organization_membership":return G.fromJSON(t);case"phone_number":return q.fromJSON(t);case"redirect_url":return H.fromJSON(t);case"sign_in_token":return Y.fromJSON(t);case"session":return v.fromJSON(t);case"sms_message":return X.fromJSON(t);case"token":return Q.fromJSON(t);case"total_count":return or(t);case"user":return Z.fromJSON(t);default:return t}}var ar=t=>async(...e)=>{let{data:r,errors:i,status:n,statusText:s}=await t(...e);if(i===null)return r;throw new oe(s||"",{data:i,status:n||""})};function ft(t){return ar(async r=>{let{apiKey:i,secretKey:n,apiUrl:s=z,apiVersion:o=R,userAgent:u=ut,httpOptions:l={}}=t,{path:p,method:y,queryParams:h,headerParams:S,bodyParams:g}=r,O=n||i;Pe(O);let x=a(s,o,p),T=new URL(x);if(h){let _=(0,Ve.default)({...h});for(let[f,c]of Object.entries(_))c&&[c].flat().forEach(ee=>T.searchParams.append(f,ee))}let b={Authorization:`Bearer ${O}`,"Content-Type":"application/json","Clerk-Backend-SDK":u,...S},I=y!=="GET"&&g&&Object.keys(g).length>0?{body:JSON.stringify((0,Ve.default)(g,{deep:!1}))}:null,A;try{A=await N.fetch(T.href,(0,gt.default)(l,{method:y,headers:b,...I}));let f=await(b&&b["Content-Type"]==="application/json"?A.json():A.text());if(!A.ok)throw f;return{data:Fe(f),errors:null}}catch(_){return _ instanceof Error?{data:null,errors:[{code:"unexpected_error",message:_.message||"Unexpected error"}]}:{data:null,errors:lr(_),status:A?.status,statusText:A?.statusText}}})}function lr(t){if(!!t&&typeof t=="object"&&"errors"in t){let e=t.errors;return e.length>0?e.map(ur):[]}return[]}function ur(t){return{code:t.code,message:t.message,longMessage:t.long_message,meta:{paramName:t?.meta?.param_name,sessionId:t?.meta?.session_id}}}var oe=class extends Error{constructor(r,{data:i,status:n}){super(r);Object.setPrototypeOf(this,oe.prototype),this.clerkError=!0,this.message=r,this.status=n,this.errors=i}};function ne(t){let e=ft(t);return{allowlistIdentifiers:new de(e),clients:new ce(e),emailAddresses:new me(e),emails:new ge(e),interstitial:new fe(e),invitations:new ye(e),organizations:new he(e),phoneNumbers:new Se(e),redirectUrls:new ke(e),sessions:new _e(e),signInTokens:new Ie(e),smsMessages:new Ae(e),users:new we(e)}}var yt=t=>()=>{let e={...t};return e.apiKey=(e.apiKey||"").substring(0,7),e.secretKey=(e.secretKey||"").substring(0,7),e.jwtKey=(e.jwtKey||"").substring(0,7),{...e}};function Be(t,e,r){let{act:i,sid:n,org_id:s,org_role:o,org_slug:u,sub:l}=t,{apiKey:p,secretKey:y,apiUrl:h,apiVersion:S,token:g,session:O,user:x,organization:T}=e,{sessions:b}=ne({apiKey:p,secretKey:y,apiUrl:h,apiVersion:S}),k=pr({sessionId:n,sessionToken:g,fetcher:(...I)=>b.getToken(...I)});return{actor:i,sessionClaims:t,sessionId:n,session:O,userId:l,user:x,orgId:s,orgRole:o,orgSlug:u,organization:T,getToken:k,debug:yt({...e,...r})}}function Ge(t){return{sessionClaims:null,sessionId:null,session:null,userId:null,user:null,actor:null,orgId:null,orgRole:null,orgSlug:null,organization:null,getToken:()=>Promise.resolve(null),debug:yt(t)}}function $e(t){return t&&(delete t.privateMetadata,delete t.private_metadata),t}function dr(t){let e=t.user?{...t.user}:t.user,r=t.organization?{...t.organization}:t.organization;return $e(e),$e(r),{...t,user:e,organization:r}}var cr=t=>{let{debug:e,getToken:r,...i}=t;return i},pr=t=>{let{fetcher:e,sessionToken:r,sessionId:i}=t||{};return async(n={})=>i?n.template?e(i,n.template):r:null};function mr(t){return new Promise(e=>setTimeout(e,t))}var gr=5;async function ae(t,e=1,r=gr){try{return await t()}catch(i){if(e>=r)throw i;return await mr(2**e*100),ae(t,e+1)}}function xe(t){return t.startsWith("test_")||t.startsWith("sk_test_")}function ht(t){return t.startsWith("live_")||t.startsWith("sk_live_")}function bt(t){return t.endsWith(".lclstage.dev")||t.endsWith(".stgstage.dev")||t.endsWith(".clerkstage.dev")||t.endsWith(".accountsstage.dev")}var St="pk_live_",fr="pk_test_";function ie(t){if(t=t||"",!yr(t))return null;let e=t.startsWith(St)?"production":"development",r=Ot(t.split("_")[2]);return r.endsWith("$")?(r=r.slice(0,-1),{instanceType:e,frontendApi:r}):null}function yr(t){t=t||"";let e=t.startsWith(St)||t.startsWith(fr),r=Ot(t.split("_")[2]||"").endsWith("$");return e&&r}var Ot=t=>typeof atob<"u"&&typeof atob=="function"?atob(t):typeof globalThis<"u"&&globalThis.Buffer?new globalThis.Buffer(t,"base64").toString():t;var d=class extends Error{constructor({action:r,message:i,reason:n}){super(i);Object.setPrototypeOf(this,d.prototype),this.reason=n,this.message=i,this.action=r}getFullMessage(){return`${[this.message,this.action].filter(r=>r).join(" ")} (reason=${this.reason}, token-carrier=${this.tokenCarrier})`}};function hr(t){if(!t)return"";let e;if(t.match(/^(clerk\.)+\w*$/))e=/(clerk\.)*(?=clerk\.)/;else{if(t.match(/\.clerk.accounts/))return t;e=/^(clerk\.)*/gi}return`clerk.${t.replace(e,"")}`}function Re(t){t.frontendApi=ie(t.publishableKey)?.frontendApi||t.frontendApi||"";let{debugData:e,frontendApi:r,pkgVersion:i,publishableKey:n,proxyUrl:s,isSatellite:o=!1,domain:u}=t;return`
<head>

@@ -10,3 +10,3 @@ <meta charset="UTF-8" />

${s?`window.__clerk_proxy_url = '${s}'`:""}
${l?`window.__clerk_domain = '${l}'`:""}
${u?`window.__clerk_domain = '${u}'`:""}
window.startClerk = async () => {

@@ -35,3 +35,3 @@ function formRedirect(){

await Clerk.load({
isSatellite: ${a}
isSatellite: ${o}
});

@@ -55,6 +55,6 @@ if(Clerk.loaded){

${l?`script.setAttribute('data-clerk-domain', '${l}');`:""}
${u?`script.setAttribute('data-clerk-domain', '${u}');`:""}
${s?`script.setAttribute('data-clerk-proxy-url', '${s}')`:""};
script.async = true;
script.src = '${hr(s||yr(l)||r,i)}';
script.src = '${br(s||hr(u)||r,i)}';
script.crossOrigin = 'anonymous';

@@ -66,3 +66,3 @@ script.addEventListener('load', startClerk);

</body>
`}async function kt(t){t.frontendApi=ie(t.publishableKey)?.frontendApi||t.frontendApi||"";let e=Te(t),r=await ae(()=>N.fetch(Te(t)));if(!r.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk Interstitial from ${e} with code=${r.status}`,reason:"interstitial-remote-failed-to-load"});return r.text()}function Te(t){t.frontendApi=ie(t.publishableKey)?.frontendApi||t.frontendApi||"";let{apiUrl:e,frontendApi:r,pkgVersion:i,publishableKey:n,proxyUrl:s,isSatellite:a,domain:l}=t,u=new URL(e);return u.pathname=o(u.pathname,R,"/public/interstitial"),u.searchParams.append("clerk_js_version",_t(r,i)),n?u.searchParams.append("publishable_key",n):u.searchParams.append("frontend_api",r),s&&u.searchParams.append("proxy_url",s),a&&u.searchParams.append("is_satellite","true"),l&&u.searchParams.append("domain",l),u.href}var _t=(t,e)=>!e&&bt(t)?"staging":e?e.includes("next")?"next":e.split(".")[0]||"latest":"latest",hr=(t,e)=>{let r=t.replace(/http(s)?:\/\//,""),i=_t(t,e);return`https://${r}/npm/@clerk/clerk-js@${i}/dist/clerk.browser.js`};var Ye=(n=>(n.SignedIn="signed-in",n.SignedOut="signed-out",n.Interstitial="interstitial",n.Unknown="unknown",n))(Ye||{});async function Xe(t,e){let{apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,cookieToken:a,frontendApi:l,proxyUrl:u,publishableKey:m,domain:y,isSatellite:h,headerToken:S,loadSession:g,loadUser:O,loadOrganization:x}=t,{sid:T,org_id:b,sub:k}=e,{sessions:I,users:A,organizations:_}=ne({apiKey:r,secretKey:i,apiUrl:n,apiVersion:s}),[f,c,ee]=await Promise.all([g?I.getSession(T):Promise.resolve(void 0),O?A.getUser(k):Promise.resolve(void 0),x&&b?_.getOrganization({organizationId:b}):Promise.resolve(void 0)]),Wt=Be(e,{secretKey:i,apiKey:r,apiUrl:n,apiVersion:s,token:a||S||"",session:f,user:c,organization:ee},{...t,status:"signed-in"});return{status:"signed-in",reason:null,message:null,frontendApi:l,proxyUrl:u,publishableKey:m,domain:y,isSatellite:h,isSignedIn:!0,isInterstitial:!1,isUnknown:!1,toAuth:()=>Wt}}function K(t,e,r=""){let{frontendApi:i,publishableKey:n,proxyUrl:s,isSatellite:a,domain:l}=t;return{status:"signed-out",reason:e,message:r,frontendApi:i,proxyUrl:s,publishableKey:n,isSatellite:a,domain:l,isSignedIn:!1,isInterstitial:!1,isUnknown:!1,toAuth:()=>Ge({...t,status:"signed-out",reason:e,message:r})}}function z(t,e,r=""){let{frontendApi:i,publishableKey:n,proxyUrl:s,isSatellite:a,domain:l}=t;return{status:"interstitial",reason:e,message:r,frontendApi:i,publishableKey:n,isSatellite:a,domain:l,proxyUrl:s,isSignedIn:!1,isInterstitial:!0,isUnknown:!1,toAuth:()=>null}}function It(t,e,r=""){let{frontendApi:i,publishableKey:n,isSatellite:s,domain:a}=t;return{status:"unknown",reason:e,message:r,frontendApi:i,publishableKey:n,isSatellite:s,domain:a,isSignedIn:!1,isInterstitial:!1,isUnknown:!0,toAuth:()=>null}}function Qe({originURL:t,host:e,forwardedHost:r,forwardedPort:i,forwardedProto:n}){if(n&&n!==t.protocol)return!0;let s=br(r||e);return s.port=i||s.port,s.port!==t.port||s.hostname!==t.hostname}function br(t){return new URL(`https://${t}`)}var Ne=require("rfc4648");var Sr=2*1e3,tt={RS256:"SHA-256",RS384:"SHA-384",RS512:"SHA-512",ES256:"SHA-256",ES384:"SHA-384",ES512:"SHA-512"},Ze="RSASSA-PKCS1-v1_5",et="ECDSA",Or={RS256:Ze,RS384:Ze,RS512:Ze,ES256:et,ES384:et,ES512:et},kr=Object.keys(tt);async function At(t,e){let{header:r,signature:i,raw:n}=t,a=new TextEncoder().encode([n.header,n.payload].join(".")),l=await N.crypto.subtle.importKey("jwk",e,{name:Or[r.alg],hash:tt[r.alg]},!1,["verify"]);return N.crypto.subtle.verify("RSASSA-PKCS1-v1_5",l,i,a)}function Ce(t){let e=(t||"").toString().split(".");if(e.length!==3)throw new d({reason:"token-invalid",message:"Invalid JWT form. A JWT consists of three parts separated by dots."});let[r,i,n]=e,s=new TextDecoder,a=JSON.parse(s.decode(Ne.base64url.parse(r,{loose:!0}))),l=JSON.parse(s.decode(Ne.base64url.parse(i,{loose:!0}))),u=Ne.base64url.parse(n,{loose:!0});return{header:a,payload:l,signature:u,raw:{header:r,payload:i,signature:n,text:t}}}async function rt(t,{audience:e,authorizedParties:r,clockSkewInSeconds:i=Sr,issuer:n,key:s}){let a=Ce(t),{header:l,payload:u}=a,{typ:m,alg:y}=l;if(typeof m<"u"&&m!=="JWT")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-invalid",message:`Invalid JWT type ${JSON.stringify(m)}. Expected "JWT".`});if(!tt[y])throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-invalid-algorithm",message:`Invalid JWT algorithm ${JSON.stringify(y)}. Supported: ${kr}.`});let{azp:h,sub:S,aud:g,iss:O,iat:x,exp:T,nbf:b}=u;if(typeof S!="string")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Subject claim (sub) is required and must be a string. Received ${JSON.stringify(S)}.`});if(typeof g=="string"){if(g!==e)throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT audience claim (aud) ${JSON.stringify(g)}. Expected "${e}".`})}else if(Array.isArray(g)&&g.length>0&&g.every(f=>typeof f=="string")&&!g.includes(e))throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT audience claim array (aud) ${JSON.stringify(g)}. Does not include "${e}".`});if(h&&r&&r.length>0&&!r.includes(h))throw new d({reason:"token-invalid-authorized-parties",message:`Invalid JWT Authorized party claim (azp) ${JSON.stringify(h)}. Expected "${r}".`});if(typeof n=="function"&&!n(O))throw new d({reason:"token-invalid-issuer",message:"Failed JWT issuer resolver. Make sure that the resolver returns a truthy value."});if(typeof n=="string"&&O&&O!==n)throw new d({reason:"token-invalid-issuer",message:`Invalid JWT issuer claim (iss) ${JSON.stringify(a.payload.iss)}. Expected "${n}".`});if(typeof T!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT expiry date claim (exp) ${JSON.stringify(T)}. Expected number.`});let k=new Date(Date.now()),I=new Date(0);if(I.setUTCSeconds(T),I.getTime()<=k.getTime()-i)throw new d({reason:"token-expired",message:`JWT is expired. Expiry date: ${I}, Current date: ${k}.`});if(b!==void 0){if(typeof b!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT not before date claim (nbf) ${JSON.stringify(b)}. Expected number.`});let f=new Date(0);if(f.setUTCSeconds(b),f.getTime()>k.getTime()+i)throw new d({reason:"token-not-active-yet",message:`JWT cannot be used prior to not before date claim (nbf). Not before date: ${f}; Current date: ${k};`})}if(x!==void 0){if(typeof x!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT issued at date claim (iat) ${JSON.stringify(x)}. Expected number.`});let f=new Date(0);if(f.setUTCSeconds(x),f.getTime()>k.getTime()+i)throw new d({reason:"token-not-active-yet",message:`JWT issued at date claim (iat) is in the future. Issued at date: ${f}; Current date: ${k};`})}let _;try{_=await At(a,s)}catch(f){throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Error verifying JWT signature. ${f}`})}if(!_)throw new d({reason:"token-invalid-signature",message:"JWT signature is invalid."});return u}var ve={},wt=0;function Ue(t){return ve[t]}function xt(t,e=1e3*60*60){ve[t.kid]=t,wt=Date.now(),e>=0&&setTimeout(()=>{t?delete ve[t.kid]:ve={}},e)}var Pt="local",Ir="-----BEGIN PUBLIC KEY-----",Ar="-----END PUBLIC KEY-----",Pr="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA",wr="IDAQAB";function Tt(t){if(!Ue(Pt)){if(!t)throw new d({action:"Set the CLERK_JWT_KEY environment variable.",message:"Missing local JWK.",reason:"jwk-local-missing"});let e=t.replace(/(\r\n|\n|\r)/gm,"").replace(Ir,"").replace(Ar,"").replace(Pr,"").replace(wr,"").replace(/\+/g,"-").replace(/\//g,"_");xt({kid:"local",kty:"RSA",alg:"RS256",n:e,e:"AQAB"},-1)}return Ue(Pt)}async function nt({apiKey:t,secretKey:e,apiUrl:r=M,apiVersion:i=R,issuer:n,kid:s,jwksCacheTtlInMs:a=1e3*60*60,skipJwksCache:l}){let u=!Ue(s)&&Jr();if(l||u){let y,h=e||t;if(h)y=()=>Tr(r,h,i);else if(n)y=()=>xr(n);else throw new d({action:"Contact support@clerk.dev",message:"Failed to load JWKS from Clerk Backend or Frontend API.",reason:"jwk-remote-failed-to-load"});let{keys:S}=await ae(y);if(!S||!S.length)throw new d({action:"Contact support@clerk.dev",message:"The JWKS endpoint did not contain any signing keys. Contact support@clerk.dev.",reason:"jwk-remote-failed-to-load"});S.forEach(g=>xt(g,a))}let m=Ue(s);if(!m)throw new d({action:"Contact support@clerk.dev",message:`Unable to find a signing key in JWKS that matches kid='${s}'.`,reason:"jwk-remote-missing"});return m}async function xr(t){let e=new URL(t);e.pathname=o(e.pathname,".well-known/jwks.json");let r=await N.fetch(e.href);if(!r.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk JWKS from ${e.href} with code=${r.status}`,reason:"jwk-remote-failed-to-load"});return r.json()}async function Tr(t,e,r){if(!e)throw new d({action:"Set the CLERK_SECRET_KEY or CLERK_API_KEY environment variable.",message:"Missing Clerk Secret Key or API Key. Go to https://dashboard.clerk.dev and get your key for your instance.",reason:"jwk-remote-failed-to-load"});let i=new URL(t);i.pathname=o(i.pathname,r,"/jwks");let n=await N.fetch(i.href,{headers:{Authorization:`Bearer ${e}`,"Content-Type":"application/json"}});if(!n.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk JWKS from ${i.href} with code=${n.status}`,reason:"jwk-remote-failed-to-load"});return n.json()}function Jr(){return Date.now()-wt>=300*1e3}async function it(t,e){let{apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,authorizedParties:a,clockSkewInSeconds:l,issuer:u,jwksCacheTtlInMs:m,jwtKey:y,skipJwksCache:h}=e,{header:S}=Ce(t),{kid:g}=S,O;if(y)O=Tt(y);else if(typeof u=="string")O=await nt({issuer:u,kid:g,jwksCacheTtlInMs:m,skipJwksCache:h});else if(r||i)O=await nt({apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,kid:g,jwksCacheTtlInMs:m,skipJwksCache:h});else throw new d({action:"Set the CLERK_JWT_KEY environment variable.",message:"Failed to resolve JWK during verification.",reason:"jwk-failed-to-resolve"});return await rt(t,{authorizedParties:a,clockSkewInSeconds:l,key:O,issuer:u})}var Jt=t=>{let{apiKey:e,secretKey:r,userAgent:i}=t;if(xe(r||e)&&!i?.startsWith("Mozilla/"))return K(t,"header-missing-non-browser")},Rt=t=>{let{origin:e,host:r,forwardedHost:i,forwardedPort:n,forwardedProto:s}=t;if(e&&Qe({originURL:new URL(e),host:r,forwardedHost:i,forwardedPort:n,forwardedProto:s}))return K(t,"header-missing-cors")},Nt=t=>{let{apiKey:e,secretKey:r,clientUat:i}=t;if(xe(r||e)&&!i)return z(t,"uat-missing")},Ct=t=>{let{apiKey:e,secretKey:r,referrer:i,host:n,forwardedHost:s,forwardedPort:a,forwardedProto:l}=t,u=i&&Qe({originURL:new URL(i),host:n,forwardedHost:s,forwardedPort:a,forwardedProto:l});if(xe(r||e)&&u)return z(t,"cross-origin-referrer")},vt=t=>{let{apiKey:e,secretKey:r,clientUat:i,cookieToken:n}=t;if(ht(r||e)&&!i&&!n)return K(t,"cookie-and-uat-missing")},Ut=t=>{let{clientUat:e}=t;if(e==="0")return K(t,"standard-signed-out")},Et=t=>{let{clientUat:e,cookieToken:r}=t;if(e&&Number.parseInt(e)>0&&!r)return z(t,"cookie-missing")},qt=async t=>{let{headerToken:e}=t,r=await Mt(t,e);return await Xe(t,r)},Kt=async t=>{let{cookieToken:e,clientUat:r}=t,i=await Mt(t,e),n=await Xe(t,i),a=n.toAuth().sessionClaims.iat<Number.parseInt(r);return!r||a?z(t,"cookie-outdated"):n};async function st(t,e){for(let r of e){let i=await r(t);if(i)return i}return K(t,"unexpected-error")}async function Mt(t,e){let{isSatellite:r,proxyUrl:i}=t,n;return r?n=null:i?n=i:n=s=>s.startsWith("https://clerk.")||s.includes(".clerk.accounts"),it(e,{...t,issuer:n})}var zt=t=>{let{clientUat:e,isSatellite:r,searchParams:i}=t,n=i?.get("__clerk_synced")==="true";if(r&&(!e||e==="0")&&!n)return z(t,"satellite-needs-syncing")};async function jt(t){t.frontendApi=ie(t.publishableKey)?.frontendApi||t.frontendApi||"",t.apiUrl=t.apiUrl||M,t.apiVersion=t.apiVersion||R,we(t.secretKey||t.apiKey);async function e(){try{return await st(t,[qt])}catch(n){return i(n,"header")}}async function r(){try{return await st(t,[Rt,Jt,zt,vt,Nt,Ct,Et,Ut,Kt])}catch(n){return i(n,"cookie")}}function i(n,s){return n instanceof d?(n.tokenCarrier=s,["token-expired","token-not-active-yet"].includes(n.reason)?s==="header"?It(t,n.reason,n.getFullMessage()):z(t,n.reason,n.getFullMessage()):K(t,n.reason,n.getFullMessage())):K(t,"unexpected-error",n.message)}return t.headerToken?e():r()}var Ee=t=>{let{frontendApi:e,isSignedIn:r,proxyUrl:i,isInterstitial:n,reason:s,message:a,publishableKey:l,isSatellite:u,domain:m}=t;return{frontendApi:e,isSignedIn:r,proxyUrl:i,isInterstitial:n,reason:s,message:a,publishableKey:l,isSatellite:u,domain:m}};function ot(t){let{apiClient:e}=t,{apiKey:r="",secretKey:i="",jwtKey:n="",apiUrl:s=M,apiVersion:a=R,frontendApi:l="",proxyUrl:u="",publishableKey:m="",isSatellite:y=!1,domain:h=""}=t.options;return{authenticateRequest:({apiKey:b,secretKey:k,frontendApi:I,proxyUrl:A,publishableKey:_,jwtKey:f,isSatellite:c,domain:ee,searchParams:qe,...Ke})=>jt({...Ke,apiKey:b||r,secretKey:k||i,apiUrl:s,apiVersion:a,frontendApi:I||l,proxyUrl:A||u,publishableKey:_||m,isSatellite:c||y,domain:ee||h,jwtKey:f||n,searchParams:qe}),localInterstitial:Re,remotePublicInterstitial:({frontendApi:b,publishableKey:k,proxyUrl:I,isSatellite:A,domain:_,...f})=>kt({...f,apiUrl:s,frontendApi:b||l,publishableKey:k||m,proxyUrl:I||u,isSatellite:A||y,domain:_||h}),remotePrivateInterstitial:()=>e.interstitial.getInterstitial(),remotePublicInterstitialUrl:Te,debugRequestState:Ee}}function Nr(t){let e={...t},r=ne(e),i=ot({options:e,apiClient:r});return{...r,...i,__unstable_options:e}}0&&(module.exports={AllowlistIdentifier,AuthStatus,Clerk,Client,DeletedObject,Email,EmailAddress,ExternalAccount,IdentificationLink,Invitation,OauthAccessToken,ObjectType,Organization,OrganizationInvitation,OrganizationMembership,OrganizationMembershipPublicUserData,PhoneNumber,RedirectUrl,SMSMessage,Session,SignInToken,Token,User,Verification,constants,createAuthenticateRequest,debugRequestState,decodeJwt,deserialize,hasValidSignature,loadInterstitialFromLocal,makeAuthObjectSerializable,prunePrivateMetadata,sanitizeAuthObject,signedInAuthObject,signedOutAuthObject,verifyJwt,verifyToken});
`}async function kt(t){t.frontendApi=ie(t.publishableKey)?.frontendApi||t.frontendApi||"";let e=Te(t),r=await ae(()=>N.fetch(Te(t)));if(!r.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk Interstitial from ${e} with code=${r.status}`,reason:"interstitial-remote-failed-to-load"});return r.text()}function Te(t){t.frontendApi=ie(t.publishableKey)?.frontendApi||t.frontendApi||"";let{apiUrl:e,frontendApi:r,pkgVersion:i,publishableKey:n,proxyUrl:s,isSatellite:o,domain:u}=t,l=new URL(e);return l.pathname=a(l.pathname,R,"/public/interstitial"),l.searchParams.append("clerk_js_version",_t(r,i)),n?l.searchParams.append("publishable_key",n):l.searchParams.append("frontend_api",r),s&&l.searchParams.append("proxy_url",s),o&&l.searchParams.append("is_satellite","true"),u&&l.searchParams.append("domain",u),l.href}var _t=(t,e)=>!e&&bt(t)?"staging":e?e.includes("next")?"next":e.split(".")[0]||"latest":"latest",br=(t,e)=>{let r=t.replace(/http(s)?:\/\//,""),i=_t(t,e);return`https://${r}/npm/@clerk/clerk-js@${i}/dist/clerk.browser.js`};var Ye=(n=>(n.SignedIn="signed-in",n.SignedOut="signed-out",n.Interstitial="interstitial",n.Unknown="unknown",n))(Ye||{});async function Xe(t,e){let{apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,cookieToken:o,frontendApi:u,proxyUrl:l,publishableKey:p,domain:y,isSatellite:h,headerToken:S,loadSession:g,loadUser:O,loadOrganization:x}=t,{sid:T,org_id:b,sub:k}=e,{sessions:I,users:A,organizations:_}=ne({apiKey:r,secretKey:i,apiUrl:n,apiVersion:s}),[f,c,ee]=await Promise.all([g?I.getSession(T):Promise.resolve(void 0),O?A.getUser(k):Promise.resolve(void 0),x&&b?_.getOrganization({organizationId:b}):Promise.resolve(void 0)]),Lt=Be(e,{secretKey:i,apiKey:r,apiUrl:n,apiVersion:s,token:o||S||"",session:f,user:c,organization:ee},{...t,status:"signed-in"});return{status:"signed-in",reason:null,message:null,frontendApi:u,proxyUrl:l,publishableKey:p,domain:y,isSatellite:h,isSignedIn:!0,isInterstitial:!1,isUnknown:!1,toAuth:()=>Lt}}function K(t,e,r=""){let{frontendApi:i,publishableKey:n,proxyUrl:s,isSatellite:o,domain:u}=t;return{status:"signed-out",reason:e,message:r,frontendApi:i,proxyUrl:s,publishableKey:n,isSatellite:o,domain:u,isSignedIn:!1,isInterstitial:!1,isUnknown:!1,toAuth:()=>Ge({...t,status:"signed-out",reason:e,message:r})}}function M(t,e,r=""){let{frontendApi:i,publishableKey:n,proxyUrl:s,isSatellite:o,domain:u}=t;return{status:"interstitial",reason:e,message:r,frontendApi:i,publishableKey:n,isSatellite:o,domain:u,proxyUrl:s,isSignedIn:!1,isInterstitial:!0,isUnknown:!1,toAuth:()=>null}}function It(t,e,r=""){let{frontendApi:i,publishableKey:n,isSatellite:s,domain:o}=t;return{status:"unknown",reason:e,message:r,frontendApi:i,publishableKey:n,isSatellite:s,domain:o,isSignedIn:!1,isInterstitial:!1,isUnknown:!0,toAuth:()=>null}}function Qe({originURL:t,host:e,forwardedHost:r,forwardedPort:i,forwardedProto:n}){if(n&&n!==t.protocol)return!0;let s=Sr(r||e);return s.port=i||s.port,s.port!==t.port||s.hostname!==t.hostname}function Sr(t){return new URL(`https://${t}`)}var Ne={parse(t,e){return Or(t,At,e)},stringify(t,e){return kr(t,At,e)}},At={chars:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_",bits:6};function Or(t,e,r={}){if(!e.codes){e.codes={};for(let l=0;l<e.chars.length;++l)e.codes[e.chars[l]]=l}if(!r.loose&&t.length*e.bits&7)throw new SyntaxError("Invalid padding");let i=t.length;for(;t[i-1]==="=";)if(--i,!r.loose&&!((t.length-i)*e.bits&7))throw new SyntaxError("Invalid padding");let n=new(r.out??Uint8Array)(i*e.bits/8|0),s=0,o=0,u=0;for(let l=0;l<i;++l){let p=e.codes[t[l]];if(p===void 0)throw new SyntaxError("Invalid character "+t[l]);o=o<<e.bits|p,s+=e.bits,s>=8&&(s-=8,n[u++]=255&o>>s)}if(s>=e.bits||255&o<<8-s)throw new SyntaxError("Unexpected end of data");return n}function kr(t,e,r={}){let{pad:i=!0}=r,n=(1<<e.bits)-1,s="",o=0,u=0;for(let l=0;l<t.length;++l)for(u=u<<8|255&t[l],o+=8;o>e.bits;)o-=e.bits,s+=e.chars[n&u>>o];if(o&&(s+=e.chars[n&u<<e.bits-o]),i)for(;s.length*e.bits&7;)s+="=";return s}var _r=2*1e3,tt={RS256:"SHA-256",RS384:"SHA-384",RS512:"SHA-512",ES256:"SHA-256",ES384:"SHA-384",ES512:"SHA-512"},Ze="RSASSA-PKCS1-v1_5",et="ECDSA",Ir={RS256:Ze,RS384:Ze,RS512:Ze,ES256:et,ES384:et,ES512:et},Ar=Object.keys(tt);async function wt(t,e){let{header:r,signature:i,raw:n}=t,o=new TextEncoder().encode([n.header,n.payload].join(".")),u=await N.crypto.subtle.importKey("jwk",e,{name:Ir[r.alg],hash:tt[r.alg]},!1,["verify"]);return N.crypto.subtle.verify("RSASSA-PKCS1-v1_5",u,i,o)}function ve(t){let e=(t||"").toString().split(".");if(e.length!==3)throw new d({reason:"token-invalid",message:"Invalid JWT form. A JWT consists of three parts separated by dots."});let[r,i,n]=e,s=new TextDecoder,o=JSON.parse(s.decode(Ne.parse(r,{loose:!0}))),u=JSON.parse(s.decode(Ne.parse(i,{loose:!0}))),l=Ne.parse(n,{loose:!0});return{header:o,payload:u,signature:l,raw:{header:r,payload:i,signature:n,text:t}}}async function rt(t,{audience:e,authorizedParties:r,clockSkewInSeconds:i=_r,issuer:n,key:s}){let o=ve(t),{header:u,payload:l}=o,{typ:p,alg:y}=u;if(typeof p<"u"&&p!=="JWT")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-invalid",message:`Invalid JWT type ${JSON.stringify(p)}. Expected "JWT".`});if(!tt[y])throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-invalid-algorithm",message:`Invalid JWT algorithm ${JSON.stringify(y)}. Supported: ${Ar}.`});let{azp:h,sub:S,aud:g,iss:O,iat:x,exp:T,nbf:b}=l;if(typeof S!="string")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Subject claim (sub) is required and must be a string. Received ${JSON.stringify(S)}.`});if(typeof g=="string"){if(g!==e)throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT audience claim (aud) ${JSON.stringify(g)}. Expected "${e}".`})}else if(Array.isArray(g)&&g.length>0&&g.every(f=>typeof f=="string")&&!g.includes(e))throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT audience claim array (aud) ${JSON.stringify(g)}. Does not include "${e}".`});if(h&&r&&r.length>0&&!r.includes(h))throw new d({reason:"token-invalid-authorized-parties",message:`Invalid JWT Authorized party claim (azp) ${JSON.stringify(h)}. Expected "${r}".`});if(typeof n=="function"&&!n(O))throw new d({reason:"token-invalid-issuer",message:"Failed JWT issuer resolver. Make sure that the resolver returns a truthy value."});if(typeof n=="string"&&O&&O!==n)throw new d({reason:"token-invalid-issuer",message:`Invalid JWT issuer claim (iss) ${JSON.stringify(o.payload.iss)}. Expected "${n}".`});if(typeof T!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT expiry date claim (exp) ${JSON.stringify(T)}. Expected number.`});let k=new Date(Date.now()),I=new Date(0);if(I.setUTCSeconds(T),I.getTime()<=k.getTime()-i)throw new d({reason:"token-expired",message:`JWT is expired. Expiry date: ${I}, Current date: ${k}.`});if(b!==void 0){if(typeof b!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT not before date claim (nbf) ${JSON.stringify(b)}. Expected number.`});let f=new Date(0);if(f.setUTCSeconds(b),f.getTime()>k.getTime()+i)throw new d({reason:"token-not-active-yet",message:`JWT cannot be used prior to not before date claim (nbf). Not before date: ${f}; Current date: ${k};`})}if(x!==void 0){if(typeof x!="number")throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Invalid JWT issued at date claim (iat) ${JSON.stringify(x)}. Expected number.`});let f=new Date(0);if(f.setUTCSeconds(x),f.getTime()>k.getTime()+i)throw new d({reason:"token-not-active-yet",message:`JWT issued at date claim (iat) is in the future. Issued at date: ${f}; Current date: ${k};`})}let _;try{_=await wt(o,s)}catch(f){throw new d({action:"Make sure that this is a valid Clerk generate JWT.",reason:"token-verification-failed",message:`Error verifying JWT signature. ${f}`})}if(!_)throw new d({reason:"token-invalid-signature",message:"JWT signature is invalid."});return l}var Ce={},xt=0;function Ue(t){return Ce[t]}function Tt(t,e=1e3*60*60){Ce[t.kid]=t,xt=Date.now(),e>=0&&setTimeout(()=>{t?delete Ce[t.kid]:Ce={}},e)}var Pt="local",Pr="-----BEGIN PUBLIC KEY-----",xr="-----END PUBLIC KEY-----",Tr="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA",Jr="IDAQAB";function Jt(t){if(!Ue(Pt)){if(!t)throw new d({action:"Set the CLERK_JWT_KEY environment variable.",message:"Missing local JWK.",reason:"jwk-local-missing"});let e=t.replace(/(\r\n|\n|\r)/gm,"").replace(Pr,"").replace(xr,"").replace(Tr,"").replace(Jr,"").replace(/\+/g,"-").replace(/\//g,"_");Tt({kid:"local",kty:"RSA",alg:"RS256",n:e,e:"AQAB"},-1)}return Ue(Pt)}async function nt({apiKey:t,secretKey:e,apiUrl:r=z,apiVersion:i=R,issuer:n,kid:s,jwksCacheTtlInMs:o=1e3*60*60,skipJwksCache:u}){let l=!Ue(s)&&vr();if(u||l){let y,h=e||t;if(h)y=()=>Nr(r,h,i);else if(n)y=()=>Rr(n);else throw new d({action:"Contact support@clerk.dev",message:"Failed to load JWKS from Clerk Backend or Frontend API.",reason:"jwk-remote-failed-to-load"});let{keys:S}=await ae(y);if(!S||!S.length)throw new d({action:"Contact support@clerk.dev",message:"The JWKS endpoint did not contain any signing keys. Contact support@clerk.dev.",reason:"jwk-remote-failed-to-load"});S.forEach(g=>Tt(g,o))}let p=Ue(s);if(!p)throw new d({action:"Contact support@clerk.dev",message:`Unable to find a signing key in JWKS that matches kid='${s}'.`,reason:"jwk-remote-missing"});return p}async function Rr(t){let e=new URL(t);e.pathname=a(e.pathname,".well-known/jwks.json");let r=await N.fetch(e.href);if(!r.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk JWKS from ${e.href} with code=${r.status}`,reason:"jwk-remote-failed-to-load"});return r.json()}async function Nr(t,e,r){if(!e)throw new d({action:"Set the CLERK_SECRET_KEY or CLERK_API_KEY environment variable.",message:"Missing Clerk Secret Key or API Key. Go to https://dashboard.clerk.dev and get your key for your instance.",reason:"jwk-remote-failed-to-load"});let i=new URL(t);i.pathname=a(i.pathname,r,"/jwks");let n=await N.fetch(i.href,{headers:{Authorization:`Bearer ${e}`,"Content-Type":"application/json"}});if(!n.ok)throw new d({action:"Contact support@clerk.dev",message:`Error loading Clerk JWKS from ${i.href} with code=${n.status}`,reason:"jwk-remote-failed-to-load"});return n.json()}function vr(){return Date.now()-xt>=300*1e3}async function it(t,e){let{apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,authorizedParties:o,clockSkewInSeconds:u,issuer:l,jwksCacheTtlInMs:p,jwtKey:y,skipJwksCache:h}=e,{header:S}=ve(t),{kid:g}=S,O;if(y)O=Jt(y);else if(typeof l=="string")O=await nt({issuer:l,kid:g,jwksCacheTtlInMs:p,skipJwksCache:h});else if(r||i)O=await nt({apiKey:r,secretKey:i,apiUrl:n,apiVersion:s,kid:g,jwksCacheTtlInMs:p,skipJwksCache:h});else throw new d({action:"Set the CLERK_JWT_KEY environment variable.",message:"Failed to resolve JWK during verification.",reason:"jwk-failed-to-resolve"});return await rt(t,{authorizedParties:o,clockSkewInSeconds:u,key:O,issuer:l})}var Rt=t=>{let{apiKey:e,secretKey:r,userAgent:i}=t;if(xe(r||e)&&!i?.startsWith("Mozilla/"))return K(t,"header-missing-non-browser")},Nt=t=>{let{origin:e,host:r,forwardedHost:i,forwardedPort:n,forwardedProto:s}=t;if(e&&Qe({originURL:new URL(e),host:r,forwardedHost:i,forwardedPort:n,forwardedProto:s}))return K(t,"header-missing-cors")},vt=t=>{let{apiKey:e,secretKey:r,clientUat:i}=t;if(xe(r||e)&&!i)return M(t,"uat-missing")},Ct=t=>{let{apiKey:e,secretKey:r,referrer:i,host:n,forwardedHost:s,forwardedPort:o,forwardedProto:u}=t,l=i&&Qe({originURL:new URL(i),host:n,forwardedHost:s,forwardedPort:o,forwardedProto:u});if(xe(r||e)&&l)return M(t,"cross-origin-referrer")},Ut=t=>{let{apiKey:e,secretKey:r,clientUat:i,cookieToken:n}=t;if(ht(r||e)&&!i&&!n)return K(t,"cookie-and-uat-missing")},Et=t=>{let{clientUat:e}=t;if(e==="0")return K(t,"standard-signed-out")},qt=t=>{let{clientUat:e,cookieToken:r}=t;if(e&&Number.parseInt(e)>0&&!r)return M(t,"cookie-missing")},Kt=async t=>{let{headerToken:e}=t,r=await Mt(t,e);return await Xe(t,r)},zt=async t=>{let{cookieToken:e,clientUat:r}=t,i=await Mt(t,e),n=await Xe(t,i),o=n.toAuth().sessionClaims.iat<Number.parseInt(r);return!r||o?M(t,"cookie-outdated"):n};async function st(t,e){for(let r of e){let i=await r(t);if(i)return i}return K(t,"unexpected-error")}async function Mt(t,e){let{isSatellite:r,proxyUrl:i}=t,n;return r?n=null:i?n=i:n=s=>s.startsWith("https://clerk.")||s.includes(".clerk.accounts"),it(e,{...t,issuer:n})}var jt=t=>{let{clientUat:e,isSatellite:r,searchParams:i}=t,n=i?.get("__clerk_synced")==="true";if(r&&(!e||e==="0")&&!n)return M(t,"satellite-needs-syncing")};async function Wt(t){t.frontendApi=ie(t.publishableKey)?.frontendApi||t.frontendApi||"",t.apiUrl=t.apiUrl||z,t.apiVersion=t.apiVersion||R,Pe(t.secretKey||t.apiKey);async function e(){try{return await st(t,[Kt])}catch(n){return i(n,"header")}}async function r(){try{return await st(t,[Nt,Rt,jt,Ut,vt,Ct,qt,Et,zt])}catch(n){return i(n,"cookie")}}function i(n,s){return n instanceof d?(n.tokenCarrier=s,["token-expired","token-not-active-yet"].includes(n.reason)?s==="header"?It(t,n.reason,n.getFullMessage()):M(t,n.reason,n.getFullMessage()):K(t,n.reason,n.getFullMessage())):K(t,"unexpected-error",n.message)}return t.headerToken?e():r()}var Ee=t=>{let{frontendApi:e,isSignedIn:r,proxyUrl:i,isInterstitial:n,reason:s,message:o,publishableKey:u,isSatellite:l,domain:p}=t;return{frontendApi:e,isSignedIn:r,proxyUrl:i,isInterstitial:n,reason:s,message:o,publishableKey:u,isSatellite:l,domain:p}};function ot(t){let{apiClient:e}=t,{apiKey:r="",secretKey:i="",jwtKey:n="",apiUrl:s=z,apiVersion:o=R,frontendApi:u="",proxyUrl:l="",publishableKey:p="",isSatellite:y=!1,domain:h=""}=t.options;return{authenticateRequest:({apiKey:b,secretKey:k,frontendApi:I,proxyUrl:A,publishableKey:_,jwtKey:f,isSatellite:c,domain:ee,searchParams:qe,...Ke})=>Wt({...Ke,apiKey:b||r,secretKey:k||i,apiUrl:s,apiVersion:o,frontendApi:I||u,proxyUrl:A||l,publishableKey:_||p,isSatellite:c||y,domain:ee||h,jwtKey:f||n,searchParams:qe}),localInterstitial:Re,remotePublicInterstitial:({frontendApi:b,publishableKey:k,proxyUrl:I,isSatellite:A,domain:_,...f})=>kt({...f,apiUrl:s,frontendApi:b||u,publishableKey:k||p,proxyUrl:I||l,isSatellite:A||y,domain:_||h}),remotePrivateInterstitial:()=>e.interstitial.getInterstitial(),remotePublicInterstitialUrl:Te,debugRequestState:Ee}}function Ur(t){let e={...t},r=ne(e),i=ot({options:e,apiClient:r});return{...r,...i,__unstable_options:e}}0&&(module.exports={AllowlistIdentifier,AuthStatus,Clerk,Client,DeletedObject,Email,EmailAddress,ExternalAccount,IdentificationLink,Invitation,OauthAccessToken,ObjectType,Organization,OrganizationInvitation,OrganizationMembership,OrganizationMembershipPublicUserData,PhoneNumber,RedirectUrl,SMSMessage,Session,SignInToken,Token,User,Verification,constants,createAuthenticateRequest,debugRequestState,decodeJwt,deserialize,hasValidSignature,loadInterstitialFromLocal,makeAuthObjectSerializable,prunePrivateMetadata,sanitizeAuthObject,signedInAuthObject,signedOutAuthObject,verifyJwt,verifyToken});
//# sourceMappingURL=index.js.map

5

package.json
{
"name": "@clerk/backend",
"version": "0.13.4",
"version": "0.13.5",
"license": "MIT",

@@ -32,3 +32,2 @@ "description": "Clerk Backend SDK - REST Client for Backend API & JWT verification utilities",

"node-fetch-native": "1.0.1",
"rfc4648": "1.5.2",
"snakecase-keys": "5.4.4",

@@ -84,3 +83,3 @@ "tslib": "2.4.1"

},
"gitHead": "2badb051e022d669259d03e493d3097941344abf"
"gitHead": "4578fd053d0bddd13db056ef4111ee0457488810"
}
dist/esm/index.js.map

Sorry, the diff of this file is not supported yet

dist/index.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc