UNPKG

@authsignal/browser

Version:

<img width="1070" alt="Authsignal" src="https://raw.githubusercontent.com/authsignal/authsignal-browser/main/.github/images/authsignal.png">

github.com/authsignal/authsignal-browser

authsignal/authsignal-browser

1 lines 65.3 kB
1
var authsignal=function(e){"use strict";let t;const n=new Uint8Array(16);function o(){if(!t&&(t="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!t))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return t(n)}const r=[];for(let e=0;e<256;++e)r.push((e+256).toString(16).slice(1));var i={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function s(e,t,n){if(i.randomUUID&&!t&&!e)return i.randomUUID();const s=(e=e||{}).random||(e.rng||o)();if(s[6]=15&s[6]|64,s[8]=63&s[8]|128,t){n=n||0;for(let e=0;e<16;++e)t[n+e]=s[e];return t}return function(e,t=0){return(r[e[t+0]]+r[e[t+1]]+r[e[t+2]]+r[e[t+3]]+"-"+r[e[t+4]]+r[e[t+5]]+"-"+r[e[t+6]]+r[e[t+7]]+"-"+r[e[t+8]]+r[e[t+9]]+"-"+r[e[t+10]]+r[e[t+11]]+r[e[t+12]]+r[e[t+13]]+r[e[t+14]]+r[e[t+15]]).toLowerCase()}(s)}var a=function(e,t){return a=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},a(e,t)};function c(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}a(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}var l=function(){return l=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e},l.apply(this,arguments)};function h(e,t){var n={};for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var r=0;for(o=Object.getOwnPropertySymbols(e);r<o.length;r++)t.indexOf(o[r])<0&&Object.prototype.propertyIsEnumerable.call(e,o[r])&&(n[o[r]]=e[o[r]])}return n}function u(e,t,n,o){return new(n||(n=Promise))((function(r,i){function s(e){try{c(o.next(e))}catch(e){i(e)}}function a(e){try{c(o.throw(e))}catch(e){i(e)}}function c(e){var t;e.done?r(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(s,a)}c((o=o.apply(e,t||[])).next())}))}function d(e,t){var n,o,r,i,s={label:0,sent:function(){if(1&r[0])throw r[1];return r[1]},trys:[],ops:[]};return i={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function a(i){return function(a){return function(i){if(n)throw new TypeError("Generator is already executing.");for(;s;)try{if(n=1,o&&(r=2&i[0]?o.return:i[0]?o.throw||((r=o.return)&&r.call(o),0):o.next)&&!(r=r.call(o,i[1])).done)return r;switch(o=0,r&&(i=[2&i[0],r.value]),i[0]){case 0:case 1:r=i;break;case 4:return s.label++,{value:i[1],done:!1};case 5:s.label++,o=i[1],i=[0];continue;case 7:i=s.ops.pop(),s.trys.pop();continue;default:if(!(r=s.trys,(r=r.length>0&&r[r.length-1])||6!==i[0]&&2!==i[0])){s=0;continue}if(3===i[0]&&(!r||i[1]>r[0]&&i[1]<r[3])){s.label=i[1];break}if(6===i[0]&&s.label<r[1]){s.label=r[1],r=i;break}if(r&&s.label<r[2]){s.label=r[2],s.ops.push(i);break}r[2]&&s.ops.pop(),s.trys.pop();continue}i=t.call(e,s)}catch(e){i=[6,e],o=0}finally{n=r=0}if(5&i[0])throw i[1];return{value:i[0]?i[1]:void 0,done:!0}}([i,a])}}}function p(e){const t=new Uint8Array(e);let n="";for(const e of t)n+=String.fromCharCode(e);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function g(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),n=(4-t.length%4)%4,o=t.padEnd(t.length+n,"="),r=atob(o),i=new ArrayBuffer(r.length),s=new Uint8Array(i);for(let e=0;e<r.length;e++)s[e]=r.charCodeAt(e);return i}function f(){return b.stubThis(void 0!==globalThis?.PublicKeyCredential&&"function"==typeof globalThis.PublicKeyCredential)}const b={stubThis:e=>e};function v(e){const{id:t}=e;return{...e,id:g(t),transports:e.transports}}function y(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}class m extends Error{constructor({message:e,code:t,cause:n,name:o}){super(e,{cause:n}),Object.defineProperty(this,"code",{enumerable:!0,configurable:!0,writable:!0,value:void 0}),this.name=o??n.name,this.code=t}}const k=new class{constructor(){Object.defineProperty(this,"controller",{enumerable:!0,configurable:!0,writable:!0,value:void 0})}createNewAbortSignal(){if(this.controller){const e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}const e=new AbortController;return this.controller=e,e.signal}cancelCeremony(){if(this.controller){const e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}}},w=["cross-platform","platform"];function E(e){if(e&&!(w.indexOf(e)<0))return e}async function I(e){!e.optionsJSON&&e.challenge&&(console.warn("startRegistration() was not called correctly. It will try to continue with the provided options, but this call should be refactored to use the expected call structure instead. See https://simplewebauthn.dev/docs/packages/browser#typeerror-cannot-read-properties-of-undefined-reading-challenge for more information."),e={optionsJSON:e});const{optionsJSON:t,useAutoRegister:n=!1}=e;if(!f())throw new Error("WebAuthn is not supported in this browser");const o={...t,challenge:g(t.challenge),user:{...t.user,id:g(t.user.id)},excludeCredentials:t.excludeCredentials?.map(v)},r={};let i;n&&(r.mediation="conditional"),r.publicKey=o,r.signal=k.createNewAbortSignal();try{i=await navigator.credentials.create(r)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new m({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if("ConstraintError"===e.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new m({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if("conditional"===t.mediation&&"required"===n.authenticatorSelection?.userVerification)return new m({message:"User verification was required during automatic registration but it could not be performed",code:"ERROR_AUTO_REGISTER_USER_VERIFICATION_FAILURE",cause:e});if("required"===n.authenticatorSelection?.userVerification)return new m({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if("InvalidStateError"===e.name)return new m({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if("NotAllowedError"===e.name)return new m({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("NotSupportedError"===e.name)return 0===n.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new m({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new m({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if("SecurityError"===e.name){const t=globalThis.location.hostname;if(!y(t))return new m({message:`${globalThis.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rp.id!==t)return new m({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("TypeError"===e.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new m({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if("UnknownError"===e.name)return new m({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:r})}if(!i)throw new Error("Registration was not completed");const{id:s,rawId:a,response:c,type:l}=i;let h,u,d,b;if("function"==typeof c.getTransports&&(h=c.getTransports()),"function"==typeof c.getPublicKeyAlgorithm)try{u=c.getPublicKeyAlgorithm()}catch(e){T("getPublicKeyAlgorithm()",e)}if("function"==typeof c.getPublicKey)try{const e=c.getPublicKey();null!==e&&(d=p(e))}catch(e){T("getPublicKey()",e)}if("function"==typeof c.getAuthenticatorData)try{b=p(c.getAuthenticatorData())}catch(e){T("getAuthenticatorData()",e)}return{id:s,rawId:p(a),response:{attestationObject:p(c.attestationObject),clientDataJSON:p(c.clientDataJSON),transports:h,publicKeyAlgorithm:u,publicKey:d,authenticatorData:b},type:l,clientExtensionResults:i.getClientExtensionResults(),authenticatorAttachment:E(i.authenticatorAttachment)}}function T(e,t){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.\n`,t)}const C={stubThis:e=>e};async function S(e){!e.optionsJSON&&e.challenge&&(console.warn("startAuthentication() was not called correctly. It will try to continue with the provided options, but this call should be refactored to use the expected call structure instead. See https://simplewebauthn.dev/docs/packages/browser#typeerror-cannot-read-properties-of-undefined-reading-challenge for more information."),e={optionsJSON:e});const{optionsJSON:t,useBrowserAutofill:n=!1,verifyBrowserAutofillInput:o=!0}=e;if(!f())throw new Error("WebAuthn is not supported in this browser");let r;0!==t.allowCredentials?.length&&(r=t.allowCredentials?.map(v));const i={...t,challenge:g(t.challenge),allowCredentials:r},s={};if(n){if(!await function(){if(!f())return C.stubThis(new Promise((e=>e(!1))));const e=globalThis.PublicKeyCredential;return void 0===e?.isConditionalMediationAvailable?C.stubThis(new Promise((e=>e(!1)))):C.stubThis(e.isConditionalMediationAvailable())}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1&&o)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');s.mediation="conditional",i.allowCredentials=[]}let a;s.publicKey=i,s.signal=k.createNewAbortSignal();try{a=await navigator.credentials.get(s)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new m({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else{if("NotAllowedError"===e.name)return new m({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("SecurityError"===e.name){const t=globalThis.location.hostname;if(!y(t))return new m({message:`${globalThis.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rpId!==t)return new m({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("UnknownError"===e.name)return new m({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:s})}if(!a)throw new Error("Authentication was not completed");const{id:c,rawId:l,response:h,type:u}=a;let d;return h.userHandle&&(d=p(h.userHandle)),{id:c,rawId:p(l),response:{authenticatorData:p(h.authenticatorData),clientDataJSON:p(h.clientDataJSON),signature:p(h.signature),userHandle:d},type:u,clientExtensionResults:a.getClientExtensionResults(),authenticatorAttachment:E(a.authenticatorAttachment)}}function R(e){var t=e.name,n=e.value,o=e.expire,r=e.domain,i=e.secure,s=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(t)+"="+n+"; path=/;"+s+(r?"; domain="+r:"")+(i?"; secure":"")}function A(e){var t,n=e.errorResponse;return e.enableLogging&&console.error("[Authsignal] ".concat(n.errorCode).concat(n.errorDescription?": ".concat(n.errorDescription):"")),{error:null!==(t=n.errorDescription)&&void 0!==t?t:n.error,errorCode:n.errorCode,errorDescription:n.errorDescription}}function L(e){var t,n=e.response,o=e.enableLogging;if(n&&"object"==typeof n&&"error"in n){var r=null!==(t=n.errorDescription)&&void 0!==t?t:n.error;return o&&console.error("[Authsignal] ".concat(n.errorCode).concat(n.errorDescription?": ".concat(n.errorDescription):"")),{error:r,errorCode:n.errorCode,errorDescription:n.errorDescription}}if(n&&"object"==typeof n&&"accessToken"in n&&"string"==typeof n.accessToken){var i=n.accessToken,s=h(n,["accessToken"]);return{data:l(l({},s),{token:i})}}return{data:n}}function O(e){var t,n;if(e instanceof m&&"ERROR_INVALID_RP_ID"===e.code){var o=(null===(n=null===(t=e.message)||void 0===t?void 0:t.match(/"([^"]*)"/))||void 0===n?void 0:n[1])||"";console.error('[Authsignal] The Relying Party ID "'.concat(o,'" is invalid for this domain.\n To learn more, visit https://docs.authsignal.com/scenarios/passkeys-prebuilt-ui#defining-the-relying-party'))}}var x,_;function U(e){var t=e.token,n=e.tenantId;return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}function P(e){var t=e.response,n=e.onTokenExpired;"error"in t&&"expired_token"===t.errorCode&&n&&n()}e.AuthsignalWindowMessage=void 0,(x=e.AuthsignalWindowMessage||(e.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP",x.AUTHSIGNAL_API_ERROR="AUTHSIGNAL_API_ERROR",e.ErrorCode=void 0,(_=e.ErrorCode||(e.ErrorCode={})).token_not_set="token_not_set",_.expired_token="expired_token",_.network_error="network_error",_.too_many_requests="too_many_requests",_.invalid_credential="invalid_credential";var N=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.registrationOptions=function(e){return u(this,arguments,void 0,(function(e){var t,n,o,r,i=e.token,s=e.username,a=e.authenticatorAttachment,c=e.useCookies;return d(this,(function(e){switch(e.label){case 0:return t=Boolean(a)?{username:s,authenticatorAttachment:a}:{username:s},n="".concat(this.baseUrl,c?"/client/user-authenticators/passkey/registration-options/web":"/client/user-authenticators/passkey/registration-options"),o=c?"include":"same-origin",[4,fetch(n,{method:"POST",headers:U({token:i,tenantId:this.tenantId}),body:JSON.stringify(t),credentials:o})];case 1:return[4,e.sent().json()];case 2:return P({response:r=e.sent(),onTokenExpired:this.onTokenExpired}),[2,r]}}))}))},e.prototype.authenticationOptions=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token,o=e.challengeId,r=e.useCookies;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:U({token:n,tenantId:this.tenantId}),body:JSON.stringify({challengeId:o}),credentials:r?"include":"same-origin"})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.authenticationOptionsWeb=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options/web"),{method:"POST",headers:U({token:n,tenantId:this.tenantId}),body:JSON.stringify({}),credentials:"include"})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.addAuthenticator=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.registrationCredential,i=e.conditionalCreate,s=e.challengeId,a=e.useCookies;return d(this,(function(e){switch(e.label){case 0:return t={registrationCredential:r,conditionalCreate:i,challengeId:s},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:U({token:o,tenantId:this.tenantId}),body:JSON.stringify(t),credentials:a?"include":"same-origin"})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.authenticationCredential,r=e.token,i=e.deviceId,s=e.challengeId,a=e.useCookies;return d(this,(function(e){switch(e.label){case 0:return t={authenticationCredential:o,deviceId:i,challengeId:s},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:U({token:r,tenantId:this.tenantId}),body:JSON.stringify(t),credentials:a?"include":"same-origin"})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.getPasskeyAuthenticator=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.credentialIds;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialIds=").concat(n),{method:"GET",headers:U({tenantId:this.tenantId})})];case 1:if(!(t=e.sent()).ok)throw new Error(t.statusText);return[2,t.json()]}}))}))},e.prototype.challenge=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.action,r=e.useCookies;return d(this,(function(e){switch(e.label){case 0:return t="".concat(this.baseUrl,r?"/client/challenge/web":"/client/challenge"),[4,fetch(t,{method:"POST",headers:U({tenantId:this.tenantId}),body:JSON.stringify({action:o}),credentials:r?"include":"same-origin"})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),D=function(){function t(){this.token=null}return t.prototype.handleTokenNotSetError=function(){var t=e.ErrorCode.token_not_set,n="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(n)),{error:t,errorCode:t,errorDescription:n}},t.shared=new t,t}(),$=!1,j=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.anonymousId,r=e.onTokenExpired,i=e.enableLogging;this.passkeyLocalStorageKey="as_user_passkey_map",this.cache=D.shared,this.enableLogging=!1,this.api=new N({baseUrl:t,tenantId:n,onTokenExpired:r}),this.anonymousId=o,this.enableLogging=i}return e.prototype.signUp=function(e){return u(this,arguments,void 0,(function(e){var t,n,o,r,i,s,a=e.username,c=e.displayName,h=e.token,u=e.authenticatorAttachment,p=void 0===u?"platform":u,g=e.hints,f=e.useAutoRegister,b=void 0!==f&&f,v=e.useCookies,y=void 0!==v&&v;return d(this,(function(e){switch(e.label){case 0:return(t=null!=h?h:this.cache.token)?b?[4,this.doesBrowserSupportConditionalCreate()]:[3,2]:[2,this.cache.handleTokenNotSetError()];case 1:if(!e.sent())throw new Error("CONDITIONAL_CREATE_NOT_SUPPORTED");e.label=2;case 2:return n={username:a,displayName:c,token:t,authenticatorAttachment:p,useCookies:y},[4,this.api.registrationOptions(n)];case 3:if("error"in(o=e.sent()))return[2,A({errorResponse:o,enableLogging:this.enableLogging})];e.label=4;case 4:return e.trys.push([4,7,,8]),[4,I({optionsJSON:g?l(l({},o.options),{hints:g}):o.options,useAutoRegister:b})];case 5:return r=e.sent(),[4,this.api.addAuthenticator({registrationCredential:r,token:t,conditionalCreate:b,challengeId:o.challengeId,useCookies:y})];case 6:return"error"in(i=e.sent())?[2,A({errorResponse:i,enableLogging:this.enableLogging})]:(i.isVerified&&this.storeCredentialAgainstDevice(l(l({},r),{userId:i.userId})),i.accessToken&&(this.cache.token=i.accessToken),[2,{data:{token:i.accessToken,userAuthenticator:i.userAuthenticator,registrationResponse:r}}]);case 7:throw s=e.sent(),$=!1,O(s),s;case 8:return[2]}}))}))},e.prototype.signIn=function(e){return u(this,void 0,void 0,(function(){var t,n,o,r,i,s,a,c,h,u,p,g,f;return d(this,(function(d){switch(d.label){case 0:if((null==e?void 0:e.token)&&e.autofill)throw new Error("autofill is not supported when providing a token");if((null==e?void 0:e.action)&&e.token)throw new Error("action is not supported when providing a token");if(null==e?void 0:e.autofill){if($)return[2,{}];$=!0}return(null==e?void 0:e.action)?[4,this.api.challenge({action:null==e?void 0:e.action,useCookies:null==e?void 0:e.useCookies})]:[3,2];case 1:return n=d.sent(),[3,3];case 2:n=null,d.label=3;case 3:return(t=n)&&"error"in t?($=!1,[2,A({errorResponse:t,enableLogging:this.enableLogging})]):!(null==e?void 0:e.action)&&(null==e?void 0:e.useCookies)?[3,5]:[4,this.api.authenticationOptions({token:null==e?void 0:e.token,challengeId:null==t?void 0:t.challengeId,useCookies:null==e?void 0:e.useCookies})];case 4:return r=d.sent(),[3,7];case 5:return[4,this.api.authenticationOptionsWeb({token:null==e?void 0:e.token})];case 6:r=d.sent(),d.label=7;case 7:if("error"in(o=r))return $=!1,[2,A({errorResponse:o,enableLogging:this.enableLogging})];d.label=8;case 8:return d.trys.push([8,11,,12]),[4,S({optionsJSON:o.options,useBrowserAutofill:null==e?void 0:e.autofill})];case 9:return i=d.sent(),(null==e?void 0:e.onVerificationStarted)&&e.onVerificationStarted(),[4,this.api.verify({authenticationCredential:i,token:null==e?void 0:e.token,deviceId:this.anonymousId,challengeId:o.challengeId,useCookies:null==e?void 0:e.useCookies})];case 10:return"error"in(s=d.sent())?($=!1,[2,A({errorResponse:s,enableLogging:this.enableLogging})]):(s.isVerified&&this.storeCredentialAgainstDevice(l(l({},i),{userId:s.userId})),s.accessToken&&(this.cache.token=s.accessToken),a=s.accessToken,c=s.userId,h=s.userAuthenticatorId,u=s.username,p=s.userDisplayName,g=s.isVerified,$=!1,[2,{data:{isVerified:g,token:a,userId:c,userAuthenticatorId:h,username:u,displayName:p,authenticationResponse:i}}]);case 11:throw f=d.sent(),$=!1,O(f),f;case 12:return[2]}}))}))},e.prototype.isAvailableOnDevice=function(e){return u(this,arguments,void 0,(function(e){var t,n,o,r,i=e.userId;return d(this,(function(e){switch(e.label){case 0:if(!i)throw new Error("userId is required");if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];if(n=JSON.parse(t),0===(o=null!==(r=n[i])&&void 0!==r?r:[]).length)return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator({credentialIds:o})];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},e.prototype.storeCredentialAgainstDevice=function(e){var t=e.id,n=e.authenticatorAttachment,o=e.userId,r=void 0===o?"":o;if("cross-platform"!==n){var i=localStorage.getItem(this.passkeyLocalStorageKey),s=i?JSON.parse(i):{};s[r]?s[r].includes(t)||s[r].push(t):s[r]=[t],localStorage.setItem(this.passkeyLocalStorageKey,JSON.stringify(s))}},e.prototype.doesBrowserSupportConditionalCreate=function(){return u(this,void 0,void 0,(function(){return d(this,(function(e){switch(e.label){case 0:return window.PublicKeyCredential&&PublicKeyCredential.getClientCapabilities?[4,PublicKeyCredential.getClientCapabilities()]:[3,2];case 1:if(e.sent().conditionalCreate)return[2,!0];e.label=2;case 2:return[2,!1]}}))}))},e}(),J=function(){function e(){this.windowRef=null}return e.prototype.show=function(e){var t=e.url,n=e.width,o=void 0===n?400:n,r=e.height,i=function(e){var t=e.url,n=e.width,o=e.height,r=e.win;if(!r.top)return null;var i=r.top.outerHeight/2+r.top.screenY-o/2,s=r.top.outerWidth/2+r.top.screenX-n/2;return window.open(t,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(i,", left=").concat(s))}({url:t,width:o,height:void 0===r?500:r,win:window});if(!i)throw new Error("Window is not initialized");return this.windowRef=i,i},e.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},e}();const H=":not([inert]):not([inert] *)",W=':not([tabindex^="-"])',K=":not(:disabled)";var M=[`a[href]${H}${W}`,`area[href]${H}${W}`,`input:not([type="hidden"]):not([type="radio"])${H}${W}${K}`,`input[type="radio"]${H}${W}${K}`,`select${H}${W}${K}`,`textarea${H}${W}${K}`,`button${H}${W}${K}`,`details${H} > summary:first-of-type${W}`,`iframe${H}${W}`,`audio[controls]${H}${W}`,`video[controls]${H}${W}`,`[contenteditable]${H}${W}`,`[tabindex]${H}${W}`];function V(e){(e.querySelector("[autofocus]")||e).focus()}function q(e,t){if(t&&z(e))return e;if(!((n=e).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(e.shadowRoot){let n=G(e.shadowRoot,t);for(;n;){const e=q(n,t);if(e)return e;n=F(n,t)}}else if("slot"===e.localName){const n=e.assignedElements({flatten:!0});t||n.reverse();for(const e of n){const n=q(e,t);if(n)return n}}else{let n=G(e,t);for(;n;){const e=q(n,t);if(e)return e;n=F(n,t)}}var n;return!t&&z(e)?e:null}function G(e,t){return t?e.firstElementChild:e.lastElementChild}function F(e,t){return t?e.nextElementSibling:e.previousElementSibling}const z=e=>!e.shadowRoot?.delegatesFocus&&(e.matches(M.join(","))&&!(e=>!(!e.matches("details:not([open]) *")||e.matches("details>summary:first-of-type"))||!(e.offsetWidth||e.offsetHeight||e.getClientRects().length))(e));function B(e=document){const t=e.activeElement;return t?t.shadowRoot?B(t.shadowRoot)||document.activeElement:t:null}function Y(e,t){const[n,o]=function(e){const t=q(e,!0);return[t,t?q(e,!1)||t:null]}(e);if(!n)return t.preventDefault();const r=B();t.shiftKey&&r===n?(o.focus(),t.preventDefault()):t.shiftKey||r!==o||(n.focus(),t.preventDefault())}class Q{$el;id;previouslyFocused;shown;constructor(e){this.$el=e,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(e){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=B(),"BODY"===this.previouslyFocused?.tagName&&e?.target&&(this.previouslyFocused=e.target),"focus"===e?.type?this.maintainFocus(e):V(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",e)),this}hide(e){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",e),this):this}on(e,t,n){return this.$el.addEventListener(e,t,n),this}off(e,t,n){return this.$el.removeEventListener(e,t,n),this}fire(e,t){this.$el.dispatchEvent(new CustomEvent(e,{detail:t,cancelable:!0}))}handleTriggerClicks(e){const t=e.target;t.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(e),(t.closest(`[data-a11y-dialog-hide="${this.id}"]`)||t.closest("[data-a11y-dialog-hide]")&&t.closest('[aria-modal="true"]')===this.$el)&&this.hide(e)}bindKeypress(e){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let t=!1;try{t=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==e.key||"alertdialog"===this.$el.getAttribute("role")||t||(e.preventDefault(),this.hide(e)),"Tab"===e.key&&Y(this.$el,e)}maintainFocus(e){e.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||V(this.$el)}}function X(){for(const e of document.querySelectorAll("[data-a11y-dialog]"))new Q(e)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",X):X());var Z="__authsignal-popup-container",ee="__authsignal-popup-content",te="__authsignal-popup-overlay",ne="__authsignal-popup-style",oe="__authsignal-popup-iframe",re="385px",ie=function(){function e(e){var t=e.width,n=e.height,o=e.isClosable;if(this.popup=null,this.resizeListener=null,document.querySelector("#".concat(Z)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.height=n,this.create({width:t,height:n,isClosable:o})}return e.prototype.create=function(e){var t=this,n=e.width,o=void 0===n?re:n,r=e.height,i=e.isClosable,s=void 0===i||i,a=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),a=re);var c=document.createElement("div");c.setAttribute("id",Z),c.setAttribute("aria-hidden","true"),s||c.setAttribute("role","alertdialog");var l=document.createElement("div");l.setAttribute("id",te),s&&l.setAttribute("data-a11y-dialog-hide","true");var h=document.createElement("div");h.setAttribute("id",ee),document.body.appendChild(c);var u=document.createElement("style");u.setAttribute("id",ne),u.textContent="\n #".concat(Z,",\n #").concat(te," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(Z," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(Z,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(te," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(ee," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(a,";\n }\n\n #").concat(ee," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: ").concat(r?"100%":"95vh",";\n height: ").concat(null!=r?r:"384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",u),c.appendChild(l),c.appendChild(h),this.popup=new Q(c),c.focus(),this.popup.on("hide",(function(){t.destroy()}))},e.prototype.destroy=function(){var e=document.querySelector("#".concat(Z)),t=document.querySelector("#".concat(ne));e&&t&&(document.body.removeChild(e),document.head.removeChild(t)),this.resizeListener&&(window.removeEventListener("message",this.resizeListener),this.resizeListener=null)},e.prototype.show=function(e){var t,n=e.url,o=e.expectedOrigin;if(!this.popup)throw new Error("Popup is not initialized");var r=document.createElement("iframe");r.setAttribute("id",oe),r.setAttribute("name","authsignal"),r.setAttribute("title","Authsignal multi-factor authentication"),r.setAttribute("src",n),r.setAttribute("frameborder","0"),r.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(ee));i&&i.appendChild(r),this.height||(this.resizeListener=function(e){e.origin===o&&function(e){var t=document.querySelector("#".concat(oe));t&&e.data.height&&(t.style.height=e.data.height+"px")}(e)},window.addEventListener("message",this.resizeListener)),null===(t=this.popup)||void 0===t||t.show()},e.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},e.prototype.on=function(e,t){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(e,t)},e}();var se=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:U({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return d(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:U({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),ae=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired,r=e.enableLogging;this.cache=D.shared,this.enableLogging=!1,this.enableLogging=r,this.api=new se({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(){return u(this,void 0,void 0,(function(){return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,L({response:e.sent(),enableLogging:this.enableLogging})]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.code;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,L({response:t,enableLogging:this.enableLogging})]}}))}))},e}(),ce=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.email;return d(this,(function(e){switch(e.label){case 0:return t={email:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:U({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:U({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return d(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:U({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),le=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired,r=e.enableLogging;this.cache=D.shared,this.enableLogging=!1,this.enableLogging=r,this.api=new ce({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return u(this,arguments,void 0,(function(e){var t=e.email;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,email:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,L({response:e.sent(),enableLogging:this.enableLogging})]}}))}))},e.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,L({response:e.sent(),enableLogging:this.enableLogging})]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.code;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,L({response:t,enableLogging:this.enableLogging})]}}))}))},e}(),he=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.phoneNumber;return d(this,(function(e){switch(e.label){case 0:return t={phoneNumber:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:U({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:U({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return d(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:U({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),ue=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired,r=e.enableLogging;this.cache=D.shared,this.enableLogging=!1,this.enableLogging=r,this.api=new he({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return u(this,arguments,void 0,(function(e){var t=e.phoneNumber;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,phoneNumber:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,L({response:e.sent(),enableLogging:this.enableLogging})]}}))}))},e.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,L({response:e.sent(),enableLogging:this.enableLogging})]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.code;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,L({response:t,enableLogging:this.enableLogging})]}}))}))},e}(),de=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.email;return d(this,(function(e){switch(e.label){case 0:return t={email:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-magic-link"),{method:"POST",headers:U({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return P({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-magic-link"),{method:"POST",headers:U({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.checkVerificationStatus=function(e){return u(this,arguments,void 0,(function(e){var t,n=this,o=e.token;return d(this,(function(e){switch(e.label){case 0:return t=function(){return u(n,void 0,void 0,(function(){var e,n=this;return d(this,(function(r){switch(r.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/verify/email-magic-link/finalize"),{method:"POST",headers:U({token:o,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,r.sent().json()];case 2:return P({response:e=r.sent(),onTokenExpired:this.onTokenExpired}),e.isVerified?[2,e]:[2,new Promise((function(e){setTimeout((function(){return u(n,void 0,void 0,(function(){var n;return d(this,(function(o){switch(o.label){case 0:return n=e,[4,t()];case 1:return n.apply(void 0,[o.sent()]),[2]}}))}))}),1e3)}))]}}))}))},[4,t()];case 1:return[2,e.sent()]}}))}))},e}(),pe=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired,r=e.enableLogging;this.cache=D.shared,this.enableLogging=!1,this.enableLogging=r,this.api=new de({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return u(this,arguments,void 0,(function(e){var t=e.email;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,email:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,L({response:e.sent(),enableLogging:this.enableLogging})]}}))}))},e.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,L({response:e.sent(),enableLogging:this.enableLogging})]}}))}))},e.prototype.checkVerificationStatus=function(){return u(this,void 0,void 0,(function(){var e;return d(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.checkVerificationStatus({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(e=t.sent())&&e.accessToken&&(this.cache.token=e.accessToken),[2,L({response:e,enableLogging:this.enableLogging})]}}))}))},e}(),ge=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.registrationOptions=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key/registration-options"),{method:"POST",headers:U({token:n,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.authenticationOptions=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key/authentication-options"),{method:"POST",headers:U({token:n,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.addAuthenticator=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token,o=e.registrationCredential;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key"),{method:"POST",headers:U({token:n,tenantId:this.tenantId}),body:JSON.stringify(o)})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.token,o=e.authenticationCredential;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/verify/security-key"),{method:"POST",headers:U({token:n,tenantId:this.tenantId}),body:JSON.stringify(o)})];case 1:return[4,e.sent().json()];case 2:return P({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e}(),fe=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired,r=e.enableLogging;this.cache=D.shared,this.enableLogging=!1,this.api=new ge({baseUrl:t,tenantId:n,onTokenExpired:o}),this.enableLogging=r}return e.prototype.enroll=function(){return u(this,arguments,void 0,(function(e){var t,n,o,r,i,s=(void 0===e?{}:e).hints;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?(t={token:this.cache.token},[4,this.api.registrationOptions(t)]):[2,this.cache.handleTokenNotSetError()];case 1:if("error"in(n=e.sent()))return[2,A({errorResponse:n,enableLogging:this.enableLogging})];e.label=2;case 2:return e.trys.push([2,5,,6]),[4,I({optionsJSON:s?l(l({},n),{hints:s}):n})];case 3:return o=e.sent(),[4,this.api.addAuthenticator({registrationCredential:o,token:this.cache.token})];case 4:return"error"in(r=e.sent())?[2,A({errorResponse:r,enableLogging:this.enableLogging})]:(r.accessToken&&(this.cache.token=r.accessToken),[2,{data:{token:r.accessToken,registrationResponse:o}}]);case 5:throw O(i=e.sent()),i;case 6:return[2]}}))}))},e.prototype.verify=function(){return u(this,void 0,void 0,(function(){var e,t,n,o,r;return d(this,(function(i){switch(i.label){case 0:return this.cache.token?[4,this.api.authenticationOptions({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:if("error"in(e=i.sent()))return[2,A({errorResponse:e,enableLogging:this.enableLogging})];i.label=2;case 2:return i.trys.push([2,5,,6]),[4,S({optionsJSON:e})];case 3:return t=i.sent(),[4,this.api.verify({authenticationCredential:t,token:this.cache.token})];case 4:return"error"in(n=i.sent())?[2,A({errorResponse:n,enableLogging:this.enableLogging})]:(n.accessToken&&(this.cache.token=n.accessToken),o=n.accessToken,[2,{data:{isVerified:n.isVerified,token:o,authenticationResponse:t}}]);case 5:throw O(r=i.sent()),r;case 6:return[2]}}))}))},e}(),be=function(){function e(e){var t=e.baseUrl,n=e.tenantId;this.tenantId=n,this.baseUrl=t}return e.prototype.challenge=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.action,o=e.token,r=e.custom;return d(this,(function(e){switch(e.label){case 0:return t={action:n,custom:r},[4,fetch("".concat(this.baseUrl,"/client/challenge/qr-code"),{method:"POST",headers:U({tenantId:this.tenantId,token:o}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return[2,e.sent()]}}))}))},e.prototype.verify=function(e){return u(this,arguments,void 0,(function(e){var t,n=e.challengeId,o=e.deviceCode;return d(this,(function(e){switch(e.label){case 0:return t={challengeId:n,deviceCode:o},[4,fetch("".concat(this.baseUrl,"/client/verify/qr-code"),{method:"POST",headers:U({tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return[2,e.sent()]}}))}))},e}(),ve=function(){},ye=54e4,me=3e3,ke=function(e){function t(t){var n=t.baseUrl,o=t.tenantId,r=t.enableLogging,i=e.call(this)||this;return i.cache=D.shared,i.enableLogging=!1,i.enableLogging=r,i.api=new be({baseUrl:n,tenantId:o}),i}return c(t,e),t.prototype.challenge=function(e){return u(this,void 0,void 0,(function(){var t,n,o,r,i,s=this;return d(this,(function(a){switch(a.label){case 0:return[4,this.api.challenge({token:this.cache.token||void 0,action:e.action,custom:e.custom})];case 1:return t=a.sent(),(n=L({response:t,enableLogging:this.enableLogging})).data&&(this.currentChallengeParams=e,this.clearPolling(),o=e.pollInterval||me,r=e.refreshInterval||ye,n.data.deviceCode&&this.startPolling({challengeId:n.data.challengeId,deviceCode:n.data.deviceCode,onStateChange:e.onStateChange,pollInterval:o}),e.onRefresh&&(i=e.onRefresh,this.startRefreshTimer((function(){return s.performRefresh({action:e.action,custom:e.custom,onRefresh:i,onStateChange:e.onStateChange,pollInterval:o})}),r))),[2,n]}}))}))},t.prototype.refresh=function(){return u(this,arguments,void 0,(function(e){var t,n,o,r,i,s,a,c,l,h=this,u=(void 0===e?{}:e).custom;return d(this,(function(e){switch(e.label){case 0:return this.currentChallengeParams?[4,this.api.challenge({token:this.cache.token||void 0,action:this.currentChallengeParams.action,custom:u||this.currentChallengeParams.custom})]:[2];case 1:return t=e.sent(),(n=L({response:t,enableLogging:this.enableLogging})).data&&(this.clearPolling(),this.currentChallengeParams.onRefresh&&this.currentChallengeParams.onRefresh(n.data.challengeId,n.data.expiresAt),n.data.deviceCode&&this.startPolling({challengeId:n.data.challengeId,deviceCode:n.data.deviceCode,onStateChange:this.currentChallengeParams.onStateChange,pollInterval:this.currentChallengeParams.pollInterval||me}),this.currentChallengeParams.onRefresh&&(o=this.currentChallengeParams.refreshInterval||ye,r=this.currentChallengeParams,i=r.action,s=r.custom,a=r.onRefresh,c=r.onStateChange,l=r.pollInterval,this.startRefreshTimer((function(){return h.performRefresh({action:i,custom:s,onRefresh:a,onStateChange:c,pollInterval:l||me})}),o))),[2]}}))}))},t.prototype.disconnect=function(){this.clearPolling(),this.clearRefreshTimer(),this.currentChallengeParams=void 0},t.prototype.startRefreshTimer=function(e,t){var n=this;this.clearRefreshTimer(),this.refreshTimeout=setTimeout((function(){return u(n,void 0,void 0,(function(){return d(this,(function(n){switch(n.label){case 0:return[4,e()];case 1:return n.sent(),this.startRefreshTimer(e,t),[2]}}))}))}),t)},t.prototype.clearRefreshTimer=function(){this.refreshTimeout&&(clearTimeout(this.refreshTimeout),this.refreshTimeout=void 0)},t.prototype.performRefresh=function(e){return u(this,arguments,void 0,(function(e){var t,n,o=e.action,r=e.custom,i=e.onRefresh,s=e.onStateChange,a=e.pollInterval;return d(this,(function(e){switch(e.label){case 0:return[4,this.api.challenge({token:this.cache.token||void 0,action:o,custom:r})];case 1:return t=e.sent(),(n=L({response:t,enableLogging:this.enableLogging})).data&&(this.clearPolling(),i(n.data.challengeId,n.data.expiresAt),n.data.de