[BUG] Cannot authenticate from CLI
Resolved 💬 3 comments Opened Aug 18, 2025 by u-ashish Closed Aug 18, 2025
Environment
- Claude CLI version: I can't run
claude -- version, it errors out (see below) - Operating System: Mac OS Sequoia 15.5
- Terminal: iTerm2 / ZSH
Bug Description
I installed claude-code on my macbook via npm, and when I run claude, it has the following error (see below), preventing me from authenticating and using it (I have an active subscription...)
Steps to Reproduce
- On a macbook with nodeJS v24
- Install claude-code via npm:
npm install -g @anthropic-ai/claude-code - Run
claude
Expected Behavior
It should let me authenticate I assume
Actual Behavior
I get this error
`),Q.code=Z.error.code,Q.errors=Z.error.errors;else Q.message=Z.error.message,Q.code=Z.error.code;else if(B&&B.status>=400)Q.message=Z,Q.status=B.status;return Q}}R$B.DefaultTransporter=iD1;iD1.USER_AGENT=`${M$B}/${o28.version}`});var T11=E((Ow0,P$B)=>{/*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */var dx1=W1("buffer"),dM=dx1.Buffer;function T$B(A,B){for(var Q in A)B[Q]=A[Q]}if(dM.from&&dM.alloc&&dM.allocUnsafe&&dM.allocUnsafeSlow)P$B.exports=dx1;else T$B(dx1,Ow0),Ow0.Buffer=am;function am(A,B,Q){return dM(A,B,Q)}am.prototype=Object.create(dM.prototype);T$B(dM,am);am.from=function(A,B,Q){if(typeof A==="number")throw new TypeError("Argument must not be a number");return dM(A,B,Q)};am.alloc=function(A,B,Q){if(typeof A!=="number")throw new TypeError("Argument must be a number");var Z=dM(A);if(B!==void 0)if(typeof Q==="string")Z.fill(B,Q);else Z.fill(B);else Z.fill(0);return Z};am.allocUnsafe=function(A){if(typeof A!=="number")throw new TypeError("Argument must be a number");return dM(A)};am.allocUnsafeSlow=function(A){if(typeof A!=="number")throw new TypeError("Argument must be a number");return dx1.SlowBuffer(A)}});var j$B=E((P83,S$B)=>{function Tw0(A){var B=(A/8|0)+(A%8===0?0:1);return B}var t28={ES256:Tw0(256),ES384:Tw0(384),ES512:Tw0(521)};function e28(A){var B=t28[A];if(B)return B;throw new Error('Unknown algorithm "'+A+'"')}S$B.exports=e28});var Pw0=E((S83,b$B)=>{var cx1=T11().Buffer,y$B=j$B(),lx1=128,_$B=0,AB8=32,BB8=16,QB8=2,x$B=BB8|AB8|_$B<<6,px1=QB8|_$B<<6;function ZB8(A){return A.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function v$B(A){if(cx1.isBuffer(A))return A;else if(typeof A==="string")return cx1.from(A,"base64");throw new TypeError("ECDSA signature must be a Base64 string or a Buffer")}function DB8(A,B){A=v$B(A);var Q=y$B(B),Z=Q+1,D=A.length,G=0;if(A[G++]!==x$B)throw new Error('Could not find expected "seq"');var F=A[G++];if(F===(lx1|1))F=A[G++];if(D-G<F)throw new Error('"seq" specified length of "'+F+'", only "'+(D-G)+'" remaining');if(A[G++]!==px1)throw new Error('Could not find expected "int" for "r"');var I=A[G++];if(D-G-2<I)throw new Error('"r" specified length of "'+I+'", only "'+(D-G-2)+'" available');if(Z<I)throw new Error('"r" specified length of "'+I+'", max of "'+Z+'" is acceptable');var Y=G;if(G+=I,A[G++]!==px1)throw new Error('Could not find expected "int" for "s"');var W=A[G++];if(D-G!==W)throw new Error('"s" specified length of "'+W+'", expected "'+(D-G)+'"');if(Z<W)throw new Error('"s" specified length of "'+W+'", max of "'+Z+'" is acceptable');var J=G;if(G+=W,G!==D)throw new Error('Expected to consume entire buffer, but "'+(D-G)+'" bytes remain');var X=Q-I,V=Q-W,C=cx1.allocUnsafe(X+I+V+W);for(G=0;G<X;++G)C[G]=0;A.copy(C,G,Y+Math.max(-X,0),Y+I),G=Q;for(var K=G;G<K+V;++G)C[G]=0;return A.copy(C,G,J+Math.max(-V,0),J+W),C=C.toString("base64"),C=ZB8(C),C}function k$B(A,B,Q){var Z=0;while(B+Z<Q&&A[B+Z]===0)++Z;var D=A[B+Z]>=lx1;if(D)--Z;return Z}function GB8(A,B){A=v$B(A);var Q=y$B(B),Z=A.length;if(Z!==Q*2)throw new TypeError('"'+B+'" signatures must be "'+Q*2+'" bytes, saw "'+Z+'"');var D=k$B(A,0,Q),G=k$B(A,Q,A.length),F=Q-D,I=Q-G,Y=2+F+1+1+I,W=Y<lx1,J=cx1.allocUnsafe((W?2:3)+Y),X=0;if(J[X++]=x$B,W)J[X++]=Y;else J[X++]=lx1|1,J[X++]=Y&255;if(J[X++]=px1,J[X++]=F,D<0)J[X++]=0,X+=A.copy(J,X,0,Q);else X+=A.copy(J,X,D,Q);if(J[X++]=px1,J[X++]=I,G<0)J[X++]=0,A.copy(J,X,Q);else A.copy(J,X,Q+G);return J}b$B.exports={derToJose:DB8,joseToDer:GB8}});var Xv=E((Jv)=>{var T$=Jv&&Jv.__classPrivateFieldGet||function(A,B,Q,Z){if(Q==="a"&&!Z)throw new TypeError("Private accessor was defined without a getter");if(typeof B==="function"?A!==B||!Z:!B.has(A))throw new TypeError("Cannot read private member from an object whose class did not declare it");return Q==="m"?Z:Q==="a"?Z.call(A):Z?Z.value:B.get(A)},P11,IS,Sw0,jw0;Object.defineProperty(Jv,"__esModule",{value:!0});Jv.LRUCache=void 0;Jv.snakeToCamel=f$B;Jv.originalOrCamelOptions=FB8;function f$B(A){return A.replace(/([_][^_])/g,(B)=>B.slice(1).toUpperCase())}function FB8(A){function B(Q){var Z;let D=A||{};return(Z=D[Q])!==null&&Z!==void 0?Z:D[f$B(Q)]}return{get:B}}class h$B{constructor(A){P11.add(this),IS.set(this,new Map),this.capacity=A.capacity,this.maxAge=A.maxAge}set(A,B){T$(this,P11,"m",Sw0).call(this,A,B),T$(this,P11,"m",jw0).call(this)}get(A){let B=T$(this,IS,"f").get(A);if(!B)return;return T$(this,P11,"m",Sw0).call(this,A,B.value),T$(this,P11,"m",jw0).call(this),B.value}}Jv.LRUCache=h$B;IS=new WeakMap,P11=new WeakSet,Sw0=function A(B,Q){T$(this,IS,"f").delete(B),T$(this,IS,"f").set(B,{value:Q,lastAccessed:Date.now()})},jw0=function A(){let B=this.maxAge?Date.now()-this.maxAge:0,Q=T$(this,IS,"f").entries().next();while(!Q.done&&(T$(this,IS,"f").size>this.capacity||Q.value[1].lastAccessed<B))T$(this,IS,"f").delete(Q.value[0]),Q=T$(this,IS,"f").entries().next()}});var cM=E((d$B)=>{Object.defineProperty(d$B,"__esModule",{value:!0});d$B.AuthClient=d$B.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS=d$B.DEFAULT_UNIVERSE=void 0;var IB8=W1("events"),g$B=R$(),u$B=nD1(),YB8=Xv();d$B.DEFAULT_UNIVERSE="googleapis.com";d$B.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS=300000;class m$B extends IB8.EventEmitter{constructor(A={}){var B,Q,Z,D,G;super();this.credentials={},this.eagerRefreshThresholdMillis=d$B.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS,this.forceRefreshOnFailure=!1,this.universeDomain=d$B.DEFAULT_UNIVERSE;let F=YB8.originalOrCamelOptions(A);if(this.apiKey=A.apiKey,this.projectId=(B=F.get("project_id"))!==null&&B!==void 0?B:null,this.quotaProjectId=F.get("quota_project_id"),this.credentials=(Q=F.get("credentials"))!==null&&Q!==void 0?Q:{},this.universeDomain=(Z=F.get("universe_domain"))!==null&&Z!==void 0?Z:d$B.DEFAULT_UNIVERSE,this.transporter=(D=A.transporter)!==null&&D!==void 0?D:new u$B.DefaultTransporter,A.transporterOptions)this.transporter.defaults=A.transporterOptions;if(A.eagerRefreshThresholdMillis)this.eagerRefreshThresholdMillis=A.eagerRefreshThresholdMillis;this.forceRefreshOnFailure=(G=A.forceRefreshOnFailure)!==null&&G!==void 0?G:!1}get gaxios(){if(this.transporter instanceof g$B.Gaxios)return this.transporter;else if(this.transporter instanceof u$B.DefaultTransporter)return this.transporter.instance;else if("instance"in this.transporter&&this.transporter.instance instanceof g$B.Gaxios)return this.transporter.instance;return null}setCredentials(A){this.credentials=A}addSharedMetadataHeaders(A){if(!A["x-goog-user-project"]&&this.quotaProjectId)A["x-goog-user-project"]=this.quotaProjectId;return A}static get RETRY_CONFIG(){return{retry:!0,retryConfig:{httpMethodsToRetry:["GET","PUT","POST","HEAD","OPTIONS","DELETE"]}}}}d$B.AuthClient=m$B});var yw0=E((i$B)=>{Object.defineProperty(i$B,"__esModule",{value:!0});i$B.LoginTicket=void 0;class p$B{constructor(A,B){this.envelope=A,this.payload=B}getEnvelope(){return this.envelope}getPayload(){return this.payload}getUserId(){let A=this.getPayload();if(A&&A.sub)return A.sub;return null}getAttributes(){return{envelope:this.getEnvelope(),payload:this.getPayload()}}}i$B.LoginTicket=p$B});var sm=E((s$B)=>{Object.defineProperty(s$B,"__esModule",{value:!0});s$B.OAuth2Client=s$B.ClientAuthentication=s$B.CertificateFormat=s$B.CodeChallengeMethod=void 0;var WB8=R$(),_w0=W1("querystring"),JB8=W1("stream"),XB8=Pw0(),xw0=R11(),VB8=cM(),CB8=yw0(),a$B;(function(A){A.Plain="plain",A.S256="S256"})(a$B||(s$B.CodeChallengeMethod=a$B={}));var YS;(function(A){A.PEM="PEM",A.JWK="JWK"})(YS||(s$B.CertificateFormat=YS={}));var aD1;(function(A){A.ClientSecretPost="ClientSecretPost",A.ClientSecretBasic="ClientSecretBasic",A.None="None"})(aD1||(s$B.ClientAuthentication=aD1={}));class wX extends VB8.AuthClient{constructor(A,B,Q){let Z=A&&typeof A==="object"?A:{clientId:A,clientSecret:B,redirectUri:Q};super(Z);this.certificateCache={},this.certificateExpiry=null,this.certificateCacheFormat=YS.PEM,this.refreshTokenPromises=new Map,this._clientId=Z.clientId,this._clientSecret=Z.clientSecret,this.redirectUri=Z.redirectUri,this.endpoints={tokenInfoUrl:"https://oauth2.googleapis.com/tokeninfo",oauth2AuthBaseUrl:"https://accounts.google.com/o/oauth2/v2/auth",oauth2TokenUrl:"https://oauth2.googleapis.com/token",oauth2RevokeUrl:"https://oauth2.googleapis.com/revoke",oauth2FederatedSignonPemCertsUrl:"https://www.googleapis.com/oauth2/v1/certs",oauth2FederatedSignonJwkCertsUrl:"https://www.googleapis.com/oauth2/v3/certs",oauth2IapPublicKeyUrl:"https://www.gstatic.com/iap/verify/public_key",...Z.endpoints},this.clientAuthentication=Z.clientAuthentication||aD1.ClientSecretPost,this.issuers=Z.issuers||["accounts.google.com","https://accounts.google.com",this.universeDomain]}generateAuthUrl(A={}){if(A.code_challenge_method&&!A.code_challenge)throw new Error("If a code_challenge_method is provided, code_challenge must be included.");if(A.response_type=A.response_type||"code",A.client_id=A.client_id||this._clientId,A.redirect_uri=A.redirect_uri||this.redirectUri,Array.isArray(A.scope))A.scope=A.scope.join(" ");return this.endpoints.oauth2AuthBaseUrl.toString()+"?"+_w0.stringify(A)}generateCodeVerifier(){throw new Error("generateCodeVerifier is removed, please use generateCodeVerifierAsync instead.")}async generateCodeVerifierAsync(){let A=xw0.createCrypto(),Q=A.randomBytesBase64(96).replace(/\+/g,"~").replace(/=/g,"_").replace(/\//g,"-"),D=(await A.sha256DigestBase64(Q)).split("=")[0].replace(/\+/g,"-").replace(/\//g,"_");return{codeVerifier:Q,codeChallenge:D}}getToken(A,B){let Q=typeof A==="string"?{code:A}:A;if(B)this.getTokenAsync(Q).then((Z)=>B(null,Z.tokens,Z.res),(Z)=>B(Z,null,Z.response));else return this.getTokenAsync(Q)}async getTokenAsync(A){let B=this.endpoints.oauth2TokenUrl.toString(),Q={"Content-Type":"application/x-www-form-urlencoded"},Z={client_id:A.client_id||this._clientId,code_verifier:A.codeVerifier,code:A.code,grant_type:"authorization_code",redirect_uri:A.redirect_uri||this.redirectUri};if(this.clientAuthentication===aD1.ClientSecretBasic){let F=Buffer.from(`${this._clientId}:${this._clientSecret}`);Q.Authorization=`Basic ${F.toString("base64")}`}if(this.clientAuthentication===aD1.ClientSecretPost)Z.client_secret=this._clientSecret;let D=await this.transporter.request({...wX.RETRY_CONFIG,method:"POST",url:B,data:_w0.stringify(Z),headers:Q}),G=D.data;if(D.data&&D.data.expires_in)G.expiry_date=new Date().getTime()+D.data.expires_in*1000,delete G.expires_in;return this.emit("tokens",G),{tokens:G,res:D}}async refreshToken(A){if(!A)return this.refreshTokenNoCache(A);if(this.refreshTokenPromises.has(A))return this.refreshTokenPromises.get(A);let B=this.refreshTokenNoCache(A).then((Q)=>{return this.refreshTokenPromises.delete(A),Q},(Q)=>{throw this.refreshTokenPromises.delete(A),Q});return this.refreshTokenPromises.set(A,B),B}async refreshTokenNoCache(A){var B;if(!A)throw new Error("No refresh token is set.");let Q=this.endpoints.oauth2TokenUrl.toString(),Z={refresh_token:A,client_id:this._clientId,client_secret:this._clientSecret,grant_type:"refresh_token"},D;try{D=await this.transporter.request({...wX.RETRY_CONFIG,method:"POST",url:Q,data:_w0.stringify(Z),headers:{"Content-Type":"application/x-www-form-urlencoded"}})}catch(F){if(F instanceof WB8.GaxiosError&&F.message==="invalid_grant"&&((B=F.response)===null||B===void 0?void 0:B.data)&&/ReAuth/i.test(F.response.data.error_description))F.message=JSON.stringify(F.response.data);throw F}let G=D.data;if(D.data&&D.data.expires_in)G.expiry_date=new Date().getTime()+D.data.expires_in*1000,delete G.expires_in;return this.emit("tokens",G),{tokens:G,res:D}}refreshAccessToken(A){if(A)this.refreshAccessTokenAsync().then((B)=>A(null,B.credentials,B.res),A);else return this.refreshAccessTokenAsync()}async refreshAccessTokenAsync(){let A=await this.refreshToken(this.credentials.refresh_token),B=A.tokens;return B.refresh_token=this.credentials.refresh_token,this.credentials=B,{credentials:this.credentials,res:A.res}}getAccessToken(A){if(A)this.getAccessTokenAsync().then((B)=>A(null,B.token,B.res),A);else return this.getAccessTokenAsync()}async getAccessTokenAsync(){if(!this.credentials.access_token||this.isTokenExpiring()){if(!this.credentials.refresh_token)if(this.refreshHandler){let Q=await this.processAndValidateRefreshHandler();if(Q===null||Q===void 0?void 0:Q.access_token)return this.setCredentials(Q),{token:this.credentials.access_token}}else throw new Error("No refresh token or refresh handler callback is set.");let B=await this.refreshAccessTokenAsync();if(!B.credentials||B.credentials&&!B.credentials.access_token)throw new Error("Could not refresh access token.");return{token:B.credentials.access_token,res:B.res}}else return{token:this.credentials.access_token}}async getRequestHeaders(A){return(await this.getRequestMetadataAsync(A)).headers}async getRequestMetadataAsync(A){let B=this.credentials;if(!B.access_token&&!B.refresh_token&&!this.apiKey&&!this.refreshHandler)throw new Error("No access, refresh token, API key or refresh handler callback is set.");if(B.access_token&&!this.isTokenExpiring()){B.token_type=B.token_type||"Bearer";let F={Authorization:B.token_type+" "+B.access_token};return{headers:this.addSharedMetadataHeaders(F)}}if(this.refreshHandler){let F=await this.processAndValidateRefreshHandler();if(F===null||F===void 0?void 0:F.access_token){this.setCredentials(F);let I={Authorization:"Bearer "+this.credentials.access_token};return{headers:this.addSharedMetadataHeaders(I)}}}if(this.apiKey)return{headers:{"X-Goog-Api-Key":this.apiKey}};let Q=null,Z=null;try{Q=await this.refreshToken(B.refresh_token),Z=Q.tokens}catch(F){let I=F;if(I.response&&(I.response.status===403||I.response.status===404))I.message=`Could not refresh access token: ${I.message}`;throw I}let D=this.credentials;D.token_type=D.token_type||"Bearer",Z.refresh_token=D.refresh_token,this.credentials=Z;let G={Authorization:D.token_type+" "+Z.access_token};return{headers:this.addSharedMetadataHeaders(G),res:Q.res}}static getRevokeTokenUrl(A){return new wX().getRevokeTokenURL(A).toString()}getRevokeTokenURL(A){let B=new URL(this.endpoints.oauth2RevokeUrl);return B.searchParams.append("token",A),B}revokeToken(A,B){let Q={...wX.RETRY_CONFIG,url:this.getRevokeTokenURL(A).toString(),method:"POST"};if(B)this.transporter.request(Q).then((Z)=>B(null,Z),B);else return this.transporter.request(Q)}revokeCredentials(A){if(A)this.revokeCredentialsAsync().then((B)=>A(null,B),A);else return this.revokeCredentialsAsync()}async revokeCredentialsAsync(){let A=this.credentials.access_token;if(this.credentials={},A)return this.revokeToken(A);else throw new Error("No access token to revoke.")}request(A,B){if(B)this.requestAsync(A).then((Q)=>B(null,Q),(Q)=>{return B(Q,Q.response)});else return this.requestAsync(A)}async requestAsync(A,B=!1){let Q;try{let Z=await this.getRequestMetadataAsync(A.url);if(A.headers=A.headers||{},Z.headers&&Z.headers["x-goog-user-project"])A.headers["x-goog-user-project"]=Z.headers["x-goog-user-project"];if(Z.headers&&Z.headers.Authorization)A.headers.Authorization=Z.headers.Authorization;if(this.apiKey)A.headers["X-Goog-Api-Key"]=this.apiKey;Q=await this.transporter.request(A)}catch(Z){let D=Z.response;if(D){let G=D.status,F=this.credentials&&this.credentials.access_token&&this.credentials.refresh_token&&(!this.credentials.expiry_date||this.forceRefreshOnFailure),I=this.credentials&&this.credentials.access_token&&!this.credentials.refresh_token&&(!this.credentials.expiry_date||this.forceRefreshOnFailure)&&this.refreshHandler,Y=D.config.data instanceof JB8.Readable,W=G===401||G===403;if(!B&&W&&!Y&&F)return await this.refreshAccessTokenAsync(),this.requestAsync(A,!0);else if(!B&&W&&!Y&&I){let J=await this.processAndValidateRefreshHandler();if(J===null||J===void 0?void 0:J.access_token)this.setCredentials(J);return this.requestAsync(A,!0)}}throw Z}return Q}verifyIdToken(A,B){if(B&&typeof B!=="function")throw new Error("This method accepts an options object as the first parameter, which includes the idToken, audience, and maxExpiry.");if(B)this.verifyIdTokenAsync(A).then((Q)=>B(null,Q),B);else return this.verifyIdTokenAsync(A)}async verifyIdTokenAsync(A){if(!A.idToken)throw new Error("The verifyIdToken method requires an ID Token");let B=await this.getFederatedSignonCertsAsync();return await this.verifySignedJwtWithCertsAsync(A.idToken,B.certs,A.audience,this.issuers,A.maxExpiry)}async getTokenInfo(A){let{data:B}=await this.transporter.request({...wX.RETRY_CONFIG,method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",Authorization:`Bearer ${A}`},url:this.endpoints.tokenInfoUrl.toString()}),Q=Object.assign({expiry_date:new Date().getTime()+B.expires_in*1000,scopes:B.scope.split(" ")},B);return delete Q.expires_in,delete Q.scope,Q}getFederatedSignonCerts(A){if(A)this.getFederatedSignonCertsAsync().then((B)=>A(null,B.certs,B.res),A);else return this.getFederatedSignonCertsAsync()}async getFederatedSignonCertsAsync(){let A=new Date().getTime(),B=xw0.hasBrowserCrypto()?YS.JWK:YS.PEM;if(this.certificateExpiry&&A<this.certificateExpiry.getTime()&&this.certificateCacheFormat===B)return{certs:this.certificateCache,format:B};let Q,Z;switch(B){case YS.PEM:Z=this.endpoints.oauth2FederatedSignonPemCertsUrl.toString();break;case YS.JWK:Z=this.endpoints.oauth2FederatedSignonJwkCertsUrl.toString();break;default:throw new Error(`Unsupported certificate format ${B}`)}try{Q=await this.transporter.request({...wX.RETRY_CONFIG,url:Z})}catch(Y){if(Y instanceof Error)Y.message=`Failed to retrieve verification certificates: ${Y.message}`;throw Y}let D=Q?Q.headers["cache-control"]:void 0,G=-1;if(D){let W=new RegExp("max-age=([0-9]*)").exec(D);if(W&&W.length===2)G=Number(W[1])*1000}let F={};switch(B){case YS.PEM:F=Q.data;break;case YS.JWK:for(let Y of Q.data.keys)F[Y.kid]=Y;break;default:throw new Error(`Unsupported certificate format ${B}`)}let I=new Date;return this.certificateExpiry=G===-1?null:new Date(I.getTime()+G),this.certificateCache=F,this.certificateCacheFormat=B,{certs:F,format:B,res:Q}}getIapPublicKeys(A){if(A)this.getIapPublicKeysAsync().then((B)=>A(null,B.pubkeys,B.res),A);else return this.getIapPublicKeysAsync()}async getIapPublicKeysAsync(){let A,B=this.endpoints.oauth2IapPublicKeyUrl.toString();try{A=await this.transporter.request({...wX.RETRY_CONFIG,url:B})}catch(Q){if(Q instanceof Error)Q.message=`Failed to retrieve verification certificates: ${Q.message}`;throw Q}return{pubkeys:A.data,res:A}}verifySignedJwtWithCerts(){throw new Error("verifySignedJwtWithCerts is removed, please use verifySignedJwtWithCertsAsync instead.")}async verifySignedJwtWithCertsAsync(A,B,Q,Z,D){let G=xw0.createCrypto();if(!D)D=wX.DEFAULT_MAX_TOKEN_LIFETIME_SECS_;let F=A.split(".");if(F.length!==3)throw new Error("Wrong number of segments in token: "+A);let I=F[0]+"."+F[1],Y=F[2],W,J;try{W=JSON.parse(G.decodeBase64StringUtf8(F[0]))}catch(L){if(L instanceof Error)L.message=`Can't parse token envelope: ${F[0]}': ${L.message}`;throw L}if(!W)throw new Error("Can't parse token envelope: "+F[0]);try{J=JSON.parse(G.decodeBase64StringUtf8(F[1]))}catch(L){if(L instanceof Error)L.message=`Can't parse token payload '${F[0]}`;throw L}if(!J)throw new Error("Can't parse token payload: "+F[1]);if(!Object.prototype.hasOwnProperty.call(B,W.kid))throw new Error("No pem found for envelope: "+JSON.stringify(W));let X=B[W.kid];if(W.alg==="ES256")Y=XB8.joseToDer(Y,"ES256").toString("base64");if(!await G.verify(X,I,Y))throw new Error("Invalid token signature: "+A);if(!J.iat)throw new Error("No issue time in token: "+JSON.stringify(J));if(!J.exp)throw new Error("No expiration time in token: "+JSON.stringify(J));let C=Number(J.iat);if(isNaN(C))throw new Error("iat field using invalid format");let K=Number(J.exp);if(isNaN(K))throw new Error("exp field using invalid format");let H=new Date().getTime()/1000;if(K>=H+D)throw new Error("Expiration time too far in future: "+JSON.stringify(J));let z=C-wX.CLOCK_SKEW_SECS_,$=K+wX.CLOCK_SKEW_SECS_;if(H<z)throw new Error("Token used too early, "+H+" < "+z+": "+JSON.stringify(J));if(H>$)throw new Error("Token used too late, "+H+" > "+$+": "+JSON.stringify(J));if(Z&&Z.indexOf(J.iss)<0)throw new Error("Invalid issuer, expected one of ["+Z+"], but got "+J.iss);if(typeof Q!=="undefined"&&Q!==null){let L=J.aud,N=!1;if(Q.constructor===Array)N=Q.indexOf(L)>-1;else N=L===Q;if(!N)throw new Error("Wrong recipient, payload audience != requiredAudience")}return new CB8.LoginTicket(W,J)}async processAndValidateRefreshHandler(){if(this.refreshHandler){let A=await this.refreshHandler();if(!A.access_token)throw new Error("No access token is returned by the refreshHandler callback.");return A}return}isTokenExpiring(){let A=this.credentials.expiry_date;return A?A<=new Date().getTime()+this.eagerRefreshThresholdMillis:!1}}s$B.OAuth2Client=wX;wX.GOOGLE_TOKEN_INFO_URL="https://oauth2.googleapis.com/tokeninfo";wX.CLOCK_SKEW_SECS_=300;wX.DEFAULT_MAX_TOKEN_LIFETIME_SECS_=86400});var vw0=E((e$B)=>{Object.defineProperty(e$B,"__esModule",{value:!0});e$B.Compute=void 0;var EB8=R$(),o$B=pD1(),UB8=sm();class t$B extends UB8.OAuth2Client{constructor(A={}){super(A);this.credentials={expiry_date:1,refresh_token:"compute-placeholder"},this.serviceAccountEmail=A.serviceAccountEmail||"default",this.scopes=Array.isArray(A.scopes)?A.scopes:A.scopes?[A.scopes]:[]}async refreshTokenNoCache(A){let B=`service-accounts/${this.serviceAccountEmail}/token`,Q;try{let D={property:B};if(this.scopes.length>0)D.params={scopes:this.scopes.join(",")};Q=await o$B.instance(D)}catch(D){if(D instanceof EB8.GaxiosError)D.message=`Could not refresh access token: ${D.message}`,this.wrapError(D);throw D}let Z=Q;if(Q&&Q.expires_in)Z.expiry_date=new Date().getTime()+Q.expires_in*1000,delete Z.expires_in;return this.emit("tokens",Z),{tokens:Z,res:null}}async fetchIdToken(A){let B=`service-accounts/${this.serviceAccountEmail}/identity?format=full&audience=${A}`,Q;try{let Z={property:B};Q=await o$B.instance(Z)}catch(Z){if(Z instanceof Error)Z.message=`Could not fetch ID token: ${Z.message}`;throw Z}return Q}wrapError(A){let B=A.response;if(B&&B.status){if(A.status=B.status,B.status===403)A.message="A Forbidden error was returned while attempting to retrieve an access token for the Compute Engine built-in service account. This may be because the Compute Engine instance does not have the correct permission scopes specified: "+A.message;else if(B.status===404)A.message="A Not Found error was returned while attempting to retrieve an accesstoken for the Compute Engine built-in service account. This may be because the Compute Engine instance does not have any permission scopes specified: "+A.message}}}e$B.Compute=t$B});var bw0=E((QqB)=>{Object.defineProperty(QqB,"__esModule",{value:!0});QqB.IdTokenClient=void 0;var wB8=sm();class BqB extends wB8.OAuth2Client{constructor(A){super(A);this.targetAudience=A.targetAudience,this.idTokenProvider=A.idTokenProvider}async getRequestMetadataAsync(A){if(!this.credentials.id_token||!this.credentials.expiry_date||this.isTokenExpiring()){let Q=await this.idTokenProvider.fetchIdToken(this.targetAudience);this.credentials={id_token:Q,expiry_date:this.getIdTokenExpiryDate(Q)}}return{headers:{Authorization:"Bearer "+this.credentials.id_token}}}getIdTokenExpiryDate(A){let B=A.split(".")[1];if(B)return JSON.parse(Buffer.from(B,"base64").toString("ascii")).exp*1000}}QqB.IdTokenClient=BqB});var fw0=E((GqB)=>{Object.defineProperty(GqB,"__esModule",{value:!0});GqB.GCPEnv=void 0;GqB.clear=$B8;GqB.getEnv=qB8;var DqB=pD1(),WS;(function(A){A.APP_ENGINE="APP_ENGINE",A.KUBERNETES_ENGINE="KUBERNETES_ENGINE",A.CLOUD_FUNCTIONS="CLOUD_FUNCTIONS",A.COMPUTE_ENGINE="COMPUTE_ENGINE",A.CLOUD_RUN="CLOUD_RUN",A.NONE="NONE"})(WS||(GqB.GCPEnv=WS={}));var sD1;function $B8(){sD1=void 0}async function qB8(){if(sD1)return sD1;return sD1=NB8(),sD1}async function NB8(){let A=WS.NONE;if(LB8())A=WS.APP_ENGINE;else if(MB8())A=WS.CLOUD_FUNCTIONS;else if(await TB8())if(await OB8())A=WS.KUBERNETES_ENGINE;else if(RB8())A=WS.CLOUD_RUN;else A=WS.COMPUTE_ENGINE;else A=WS.NONE;return A}function LB8(){return!!(process.env.GAE_SERVICE||process.env.GAE_MODULE_NAME)}function MB8(){return!!(process.env.FUNCTION_NAME||process.env.FUNCTION_TARGET)}function RB8(){return!!process.env.K_CONFIGURATION}async function OB8(){try{return await DqB.instance("attributes/cluster-name"),!0}catch(A){return!1}}async function TB8(){return DqB.isAvailable()}});var hw0=E((f83,IqB)=>{var ix1=T11().Buffer,jB8=W1("stream"),kB8=W1("util");function nx1(A){if(this.buffer=null,this.writable=!0,this.readable=!0,!A)return this.buffer=ix1.alloc(0),this;if(typeof A.pipe==="function")return this.buffer=ix1.alloc(0),A.pipe(this),this;if(A.length||typeof A==="object")return this.buffer=A,this.writable=!1,process.nextTick(function(){this.emit("end",A),this.readable=!1,this.emit("close")}.bind(this)),this;throw new TypeError("Unexpected data type ("+typeof A+")")}kB8.inherits(nx1,jB8);nx1.prototype.write=function A(B){this.buffer=ix1.concat([this.buffer,ix1.from(B)]),this.emit("data",B)};nx1.prototype.end=function A(B){if(B)this.write(B);this.emit("end",B),this.emit("close"),this.writable=!1,this.readable=!1};IqB.exports=nx1});var WqB=E((h83,YqB)=>{var rD1=W1("buffer").Buffer,gw0=W1("buffer").SlowBuffer;YqB.exports=ax1;function ax1(A,B){if(!rD1.isBuffer(A)||!rD1.isBuffer(B))return!1;if(A.length!==B.length)return!1;var Q=0;for(var Z=0;Z<A.length;Z++)Q|=A[Z]^B[Z];return Q===0}ax1.install=function(){rD1.prototype.equal=gw0.prototype.equal=function A(B){return ax1(this,B)}};var yB8=rD1.prototype.equal,_B8=gw0.prototype.equal;ax1.restore=function(){rD1.prototype.equal=yB8,gw0.prototype.equal=_B8}});var dw0=E((g83,UqB)=>{var xB8=WqB(),j11=T11().Buffer,lM=W1("crypto"),XqB=Pw0(),JqB=W1("util"),vB8=`"%s" is not a valid algorithm.
TypeError: Cannot read properties of undefined (reading 'prototype')
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:541:25515
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:10:402
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:541:25635
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:10:402
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:543:3232
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:10:402
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:543:6262
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:10:402
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:543:7468
at file:///Users/mrdev/.nvm/versions/node/v24.0.0/lib/node_modules/@anthropic-ai/claude-code/cli.js:10:402
Node.js v24.0.0
Node.js v24.0.0
Additional Context
<!-- Add any other context about the problem here, such as screenshots, logs, etc. -->
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗