@authorizerdev/authorizer-js 3.0.3 → 3.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/authorizer.min.js +15 -15
- package/lib/index.js +24 -24
- package/lib/index.js.map +1 -1
- package/lib/index.mjs +24 -24
- package/lib/index.mjs.map +1 -1
- package/package.json +1 -1
package/lib/authorizer.min.js
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
|
-
var authorizerdev=(()=>{var we=Object.create;var
|
|
2
|
-
`)===0?l.substr(1,l.length):l}).forEach(function(l){var _=l.split(":"),f=_.shift().trim();if(f){var I=_.join(":").trim();try{i.append(f,I)}catch(C){console.warn("Response "+C.message)}}}),i}a(_e,"parseHeaders"),Z.call(E.prototype);function v(t,i){if(!(this instanceof v))throw new TypeError('Please use the "new" operator, this DOM object constructor cannot be called as a function.');if(i||(i={}),this.type="default",this.status=i.status===void 0?200:i.status,this.status<200||this.status>599)throw new RangeError("Failed to construct 'Response': The status provided (0) is outside the range [200, 599].");this.ok=this.status>=200&&this.status<300,this.statusText=i.statusText===void 0?"":""+i.statusText,this.headers=new m(i.headers),this.url=i.url||"",this._initBody(t)}a(v,"Response"),Z.call(v.prototype),v.prototype.clone=function(){return new v(this._bodyInit,{status:this.status,statusText:this.statusText,headers:new m(this.headers),url:this.url})},v.error=function(){var t=new v(null,{status:200,statusText:""});return t.ok=!1,t.status=0,t.type="error",t};var ge=[301,302,303,307,308];v.redirect=function(t,i){if(ge.indexOf(i)===-1)throw new RangeError("Invalid status code");return new v(null,{status:i,headers:{location:t}})},o.DOMException=s.DOMException;try{new o.DOMException}catch(t){o.DOMException=function(i,u){this.message=i,this.name=u;var l=Error(i);this.stack=l.stack},o.DOMException.prototype=Object.create(Error.prototype),o.DOMException.prototype.constructor=o.DOMException}function P(t,i){return new Promise(function(u,l){var _=new E(t,i);if(_.signal&&_.signal.aborted)return l(new o.DOMException("Aborted","AbortError"));var f=new XMLHttpRequest;function I(){f.abort()}a(I,"abortXhr"),f.onload=function(){var w={statusText:f.statusText,headers:_e(f.getAllResponseHeaders()||"")};_.url.indexOf("file://")===0&&(f.status<200||f.status>599)?w.status=200:w.status=f.status,w.url="responseURL"in f?f.responseURL:w.headers.get("X-Request-URL");var k="response"in f?f.response:f.responseText;setTimeout(function(){u(new v(k,w))},0)},f.onerror=function(){setTimeout(function(){l(new TypeError("Network request failed"))},0)},f.ontimeout=function(){setTimeout(function(){l(new TypeError("Network request timed out"))},0)},f.onabort=function(){setTimeout(function(){l(new o.DOMException("Aborted","AbortError"))},0)};function C(w){try{return w===""&&s.location.href?s.location.href:w}catch(k){return w}}if(a(C,"fixUrl"),f.open(_.method,C(_.url),!0),_.credentials==="include"?f.withCredentials=!0:_.credentials==="omit"&&(f.withCredentials=!1),"responseType"in f&&(r.blob?f.responseType="blob":r.arrayBuffer&&(f.responseType="arraybuffer")),i&&typeof i.headers=="object"&&!(i.headers instanceof m||s.Headers&&i.headers instanceof s.Headers)){var X=[];Object.getOwnPropertyNames(i.headers).forEach(function(w){X.push(g(w)),f.setRequestHeader(w,b(i.headers[w]))}),_.headers.forEach(function(w,k){X.indexOf(k)===-1&&f.setRequestHeader(k,w)})}else _.headers.forEach(function(w,k){f.setRequestHeader(k,w)});_.signal&&(_.signal.addEventListener("abort",I),f.onreadystatechange=function(){f.readyState===4&&_.signal.removeEventListener("abort",I)}),f.send(typeof _._bodyInit=="undefined"?null:_._bodyInit)})}return a(P,"fetch"),P.polyfill=!0,s.fetch||(s.fetch=P,s.Headers=m,s.Request=E,s.Response=v),o.Headers=m,o.Request=E,o.Response=v,o.fetch=P,o})({})})(B);B.fetch.ponyfill=!0;delete B.fetch.polyfill;var L=$.fetch?$:B;T=L.fetch;T.default=L.fetch;T.fetch=L.fetch;T.Headers=L.Headers;T.Request=L.Request;T.Response=L.Response;te.exports=T});var Be={};Ae(Be,{Authorizer:()=>V,OAuthProviders:()=>F,ResponseTypes:()=>D});var he=xe(oe());var F=(function(n){return n.Apple="apple",n.Github="github",n.Google="google",n.Facebook="facebook",n.LinkedIn="linkedin",n.Twitter="twitter",n.Microsoft="microsoft",n.Twitch="twitch",n.Roblox="roblox",n.Discord="discord",n})({}),D=(function(n){return n.Code="code",n.Token="token",n})({});var A=a(()=>typeof window!="undefined","hasWindow"),z=a(n=>{let e=n.trim();return e[e.length-1]==="/"&&(e=e.slice(0,-1)),e},"trimURL"),se=a(()=>A()?window.crypto||window.msCrypto:null,"getCrypto"),Se=a(()=>{let n=se();return n&&n.subtle||n.webkitSubtle},"getCryptoSubtle"),x=a(()=>{let n="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.",e="",o=se();return o&&Array.from(o.getRandomValues(new Uint8Array(43))).forEach(r=>e+=n[r%n.length]),e},"createRandomString"),U=a(n=>A()?btoa(n):Buffer.from(n).toString("base64"),"encode");var ne=a(n=>Object.keys(n).filter(e=>typeof n[e]!="undefined").map(e=>`${encodeURIComponent(e)}=${encodeURIComponent(n[e])}`).join("&"),"createQueryParams"),ie=a(n=>y(null,null,function*(){let e=Se();if(!e)throw new Error("Web Crypto API is not available");let o=e.digest({name:"SHA-256"},new TextEncoder().encode(n));return window.msCrypto?new Promise((s,r)=>{o.oncomplete=c=>{s(c.target.result)},o.onerror=c=>{r(c.error)},o.onabort=()=>{r(new Error("The digest operation was aborted"))}}):yield o}),"sha256"),Ie=a(n=>{let e={"+":"-","/":"_","=":""};return n.replace(/[+/=]/g,o=>e[o])},"urlEncodeB64");var ae=a(n=>{let e=new Uint8Array(n);return Ie(window.btoa(String.fromCharCode(...Array.from(e))))},"bufferToBase64UrlEncoded"),$e=a(n=>{try{return new URL(n).origin}catch(e){return n}},"originFromAuthorizerUrl"),ce=a((n,e,o=60)=>new Promise((s,r)=>{let c=$e(e),h=window.document.createElement("iframe");h.setAttribute("id","authorizer-iframe"),h.setAttribute("width","0"),h.setAttribute("height","0"),h.style.display="none";let p=a(()=>{window.document.body.contains(h)&&(window.document.body.removeChild(h),window.removeEventListener("message",b,!1))},"removeIframe"),g=setTimeout(()=>{r(new Error("Authorization timeout")),p()},o*1e3),b=a(function(R){if(R.origin!==c||!R.data||!R.data.response)return;let m=R.source;m&&m.close(),R.data.response.error?r(R.data.response):s(R.data.response),clearTimeout(g),window.removeEventListener("message",b,!1),setTimeout(p,2*1e3)},"iframeEventHandler");window.addEventListener("message",b,!1),window.document.body.appendChild(h),h.setAttribute("src",n)}),"executeIframe");var Q="id email email_verified given_name family_name middle_name nickname preferred_username picture signup_methods gender birthdate phone_number phone_number_verified roles created_at updated_at revoked_timestamp is_multi_factor_auth_enabled app_data",S=`message access_token expires_in refresh_token id_token should_show_email_otp_screen should_show_mobile_otp_screen should_show_totp_screen authenticator_scanner_image authenticator_secret authenticator_recovery_codes user { ${Q} }`,M=a(()=>A()?window.fetch:he.default,"getFetcher");function ue(n){if(Array.isArray(n))return n.map(e=>e instanceof Error?e:e&&typeof e=="object"&&"message"in e?new Error(String(e.message)):new Error(String(e)));if(n instanceof Error)return[n];if(n!==null&&typeof n=="object"){let e=n;if(typeof e.error_description=="string")return[new Error(e.error_description)];if(typeof e.error=="string"){let o=typeof e.error_description=="string"?`: ${e.error_description}`:"";return[new Error(`${e.error}${o}`)]}if(typeof e.message=="string")return[new Error(e.message)]}return n==null?[new Error("Unknown error")]:[new Error(String(n))]}a(ue,"toErrorList");var J=class J{constructor(e){d(this,"config");d(this,"codeVerifier");d(this,"authorize",a(e=>y(this,null,function*(){var c;if(!A())return this.errorResponse([new Error("this feature is only supported in browser")]);let o=["openid","profile","email"];e.use_refresh_token&&o.push("offline_access");let s={redirect_uri:this.config.redirectURL,response_mode:e.response_mode||"web_message",state:U(x()),nonce:U(x()),response_type:e.response_type,scope:o.join(" "),client_id:((c=this.config)==null?void 0:c.clientID)||""};if(e.response_type===D.Code){this.codeVerifier=x();let h=yield ie(this.codeVerifier),p=ae(h);s.code_challenge=p,s.code_challenge_method="S256"}let r=`${this.config.authorizerURL}/authorize?${ne(s)}`;if(s.response_mode!=="web_message")return window.location.replace(r),this.okResponse(void 0);try{let h=yield ce(r,this.config.authorizerURL,60);if(e.response_type===D.Code){let p=yield this.getToken({code:h.code});return p.errors.length?this.errorResponse(p.errors):this.okResponse(p.data)}return this.okResponse(h)}catch(h){return h.error&&window.location.replace(`${this.config.authorizerURL}/app?state=${U(JSON.stringify({clientID:this.config.clientID,redirectURL:this.config.redirectURL,authorizerURL:this.config.authorizerURL}))}&redirect_uri=${encodeURIComponent(this.config.redirectURL||"")}`),this.errorResponse(h)}}),"authorize"));d(this,"browserLogin",a(()=>y(this,null,function*(){try{let e=yield this.getSession();return e.errors.length?this.errorResponse(e.errors):this.okResponse(e.data)}catch(e){return A()?(window.location.replace(`${this.config.authorizerURL}/app?state=${U(JSON.stringify({clientID:this.config.clientID,redirectURL:this.config.redirectURL,authorizerURL:this.config.authorizerURL}))}&redirect_uri=${encodeURIComponent(this.config.redirectURL||"")}`),this.errorResponse(e)):{data:void 0,errors:[new Error("browserLogin is only supported for browsers")]}}}),"browserLogin"));d(this,"forgotPassword",a(e=>y(this,null,function*(){var o,s;e.state||(e.state=U(x())),e.redirect_uri||(e.redirect_uri=this.config.redirectURL);try{let r=yield this.graphqlQuery({query:"mutation forgotPassword($data: ForgotPasswordRequest!) { forgot_password(params: $data) { message should_show_mobile_otp_screen } }",variables:{data:e},operationName:"forgotPassword"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r==null?void 0:r.data)==null?void 0:s.forgot_password)}catch(r){return this.errorResponse([r])}}),"forgotPassword"));d(this,"getMetaData",a(()=>y(this,null,function*(){var e;try{let o=yield this.graphqlQuery({query:"query meta { meta { version client_id is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_microsoft_login_enabled is_twitch_login_enabled is_roblox_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled is_multi_factor_auth_enabled is_mobile_basic_authentication_enabled is_phone_verification_enabled } }",operationName:"meta"});return(e=o==null?void 0:o.errors)!=null&&e.length?this.errorResponse(o.errors):this.okResponse(o.data.meta)}catch(o){return this.errorResponse([o])}}),"getMetaData"));d(this,"getProfile",a(e=>y(this,null,function*(){var o;try{let s=yield this.graphqlQuery({query:`query profile { profile { ${Q} } }`,headers:e,operationName:"profile"});return(o=s==null?void 0:s.errors)!=null&&o.length?this.errorResponse(s.errors):this.okResponse(s.data.profile)}catch(s){return this.errorResponse([s])}}),"getProfile"));d(this,"getSession",a((e,o)=>y(this,null,function*(){var s,r;try{let c=yield this.graphqlQuery({query:`query getSession($params: SessionQueryRequest){session(params: $params) { ${S} } }`,headers:e,variables:{params:o},operationName:"getSession"});return(s=c==null?void 0:c.errors)!=null&&s.length?this.errorResponse(c.errors):this.okResponse((r=c.data)==null?void 0:r.session)}catch(c){return this.errorResponse(c)}}),"getSession"));d(this,"getToken",a(e=>y(this,null,function*(){var s;if(e.grant_type||(e.grant_type="authorization_code"),e.grant_type==="refresh_token"&&!((s=e.refresh_token)!=null&&s.trim()))return this.errorResponse([new Error("Invalid refresh_token")]);if(e.grant_type==="authorization_code"&&!this.codeVerifier)return this.errorResponse([new Error("Invalid code verifier")]);let o={client_id:this.config.clientID,code:e.code||"",code_verifier:this.codeVerifier||"",grant_type:e.grant_type||"",refresh_token:e.refresh_token||""};try{let c=yield M()(`${this.config.authorizerURL}/oauth/token`,{method:"POST",body:JSON.stringify(o),headers:q({},this.config.extraHeaders),credentials:"include"}),h=yield c.text(),p={};if(h)try{p=JSON.parse(h)}catch(g){return this.errorResponse([new Error(c.ok?"Invalid JSON from token endpoint":`HTTP ${c.status}`)])}return c.ok?this.okResponse(p):this.errorResponse([new Error(String(p.error_description||p.error||`HTTP ${c.status}`))])}catch(r){return this.errorResponse(r)}}),"getToken"));d(this,"login",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:`
|
|
3
|
-
mutation login($data: LoginRequest!) { login(params: $data) { ${
|
|
1
|
+
var authorizerdev=(()=>{var we=Object.create;var q=Object.defineProperty,be=Object.defineProperties,Re=Object.getOwnPropertyDescriptor,ve=Object.getOwnPropertyDescriptors,Ee=Object.getOwnPropertyNames,K=Object.getOwnPropertySymbols,Te=Object.getPrototypeOf,Y=Object.prototype.hasOwnProperty,Ue=Object.prototype.propertyIsEnumerable;var H=(n,e,o)=>e in n?q(n,e,{enumerable:!0,configurable:!0,writable:!0,value:o}):n[e]=o,O=(n,e)=>{for(var o in e||(e={}))Y.call(e,o)&&H(n,o,e[o]);if(K)for(var o of K(e))Ue.call(e,o)&&H(n,o,e[o]);return n},ee=(n,e)=>be(n,ve(e)),a=(n,e)=>q(n,"name",{value:e,configurable:!0});var ke=(n,e)=>()=>(e||n((e={exports:{}}).exports,e),e.exports),Ae=(n,e)=>{for(var o in e)q(n,o,{get:e[o],enumerable:!0})},re=(n,e,o,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let r of Ee(e))!Y.call(n,r)&&r!==o&&q(n,r,{get:()=>e[r],enumerable:!(s=Re(e,r))||s.enumerable});return n};var xe=(n,e,o)=>(o=n!=null?we(Te(n)):{},re(e||!n||!n.__esModule?q(o,"default",{value:n,enumerable:!0}):o,n)),qe=n=>re(q({},"__esModule",{value:!0}),n);var d=(n,e,o)=>H(n,typeof e!="symbol"?e+"":e,o);var y=(n,e,o)=>new Promise((s,r)=>{var c=g=>{try{p(o.next(g))}catch(b){r(b)}},h=g=>{try{p(o.throw(g))}catch(b){r(b)}},p=g=>g.done?s(g.value):Promise.resolve(g.value).then(c,h);p((o=o.apply(n,e)).next())});var oe=ke((T,te)=>{var $=typeof globalThis!="undefined"&&globalThis||typeof self!="undefined"&&self||typeof global!="undefined"&&global,B=(function(){function n(){this.fetch=!1,this.DOMException=$.DOMException}return a(n,"F"),n.prototype=$,new n})();(function(n){var e=(function(o){var s=typeof n!="undefined"&&n||typeof self!="undefined"&&self||typeof global!="undefined"&&global||{},r={searchParams:"URLSearchParams"in s,iterable:"Symbol"in s&&"iterator"in Symbol,blob:"FileReader"in s&&"Blob"in s&&(function(){try{return new Blob,!0}catch(t){return!1}})(),formData:"FormData"in s,arrayBuffer:"ArrayBuffer"in s};function c(t){return t&&DataView.prototype.isPrototypeOf(t)}if(a(c,"isDataView"),r.arrayBuffer)var h=["[object Int8Array]","[object Uint8Array]","[object Uint8ClampedArray]","[object Int16Array]","[object Uint16Array]","[object Int32Array]","[object Uint32Array]","[object Float32Array]","[object Float64Array]"],p=ArrayBuffer.isView||function(t){return t&&h.indexOf(Object.prototype.toString.call(t))>-1};function g(t){if(typeof t!="string"&&(t=String(t)),/[^a-z0-9\-#$%&'*+.^_`|~!]/i.test(t)||t==="")throw new TypeError('Invalid character in header field name: "'+t+'"');return t.toLowerCase()}a(g,"normalizeName");function b(t){return typeof t!="string"&&(t=String(t)),t}a(b,"normalizeValue");function R(t){var i={next:a(function(){var u=t.shift();return{done:u===void 0,value:u}},"next")};return r.iterable&&(i[Symbol.iterator]=function(){return i}),i}a(R,"iteratorFor");function _(t){this.map={},t instanceof _?t.forEach(function(i,u){this.append(u,i)},this):Array.isArray(t)?t.forEach(function(i){if(i.length!=2)throw new TypeError("Headers constructor: expected name/value pair to be length 2, found"+i.length);this.append(i[0],i[1])},this):t&&Object.getOwnPropertyNames(t).forEach(function(i){this.append(i,t[i])},this)}a(_,"Headers"),_.prototype.append=function(t,i){t=g(t),i=b(i);var u=this.map[t];this.map[t]=u?u+", "+i:i},_.prototype.delete=function(t){delete this.map[g(t)]},_.prototype.get=function(t){return t=g(t),this.has(t)?this.map[t]:null},_.prototype.has=function(t){return this.map.hasOwnProperty(g(t))},_.prototype.set=function(t,i){this.map[g(t)]=b(i)},_.prototype.forEach=function(t,i){for(var u in this.map)this.map.hasOwnProperty(u)&&t.call(i,this.map[u],u,this)},_.prototype.keys=function(){var t=[];return this.forEach(function(i,u){t.push(u)}),R(t)},_.prototype.values=function(){var t=[];return this.forEach(function(i){t.push(i)}),R(t)},_.prototype.entries=function(){var t=[];return this.forEach(function(i,u){t.push([u,i])}),R(t)},r.iterable&&(_.prototype[Symbol.iterator]=_.prototype.entries);function N(t){if(!t._noBody){if(t.bodyUsed)return Promise.reject(new TypeError("Already read"));t.bodyUsed=!0}}a(N,"consumed");function G(t){return new Promise(function(i,u){t.onload=function(){i(t.result)},t.onerror=function(){u(t.error)}})}a(G,"fileReaderReady");function fe(t){var i=new FileReader,u=G(i);return i.readAsArrayBuffer(t),u}a(fe,"readBlobAsArrayBuffer");function de(t){var i=new FileReader,u=G(i),l=/charset=([A-Za-z0-9_-]+)/.exec(t.type),m=l?l[1]:"utf-8";return i.readAsText(t,m),u}a(de,"readBlobAsText");function le(t){for(var i=new Uint8Array(t),u=new Array(i.length),l=0;l<i.length;l++)u[l]=String.fromCharCode(i[l]);return u.join("")}a(le,"readArrayBufferAsText");function W(t){if(t.slice)return t.slice(0);var i=new Uint8Array(t.byteLength);return i.set(new Uint8Array(t)),i.buffer}a(W,"bufferClone");function Z(){return this.bodyUsed=!1,this._initBody=function(t){this.bodyUsed=this.bodyUsed,this._bodyInit=t,t?typeof t=="string"?this._bodyText=t:r.blob&&Blob.prototype.isPrototypeOf(t)?this._bodyBlob=t:r.formData&&FormData.prototype.isPrototypeOf(t)?this._bodyFormData=t:r.searchParams&&URLSearchParams.prototype.isPrototypeOf(t)?this._bodyText=t.toString():r.arrayBuffer&&r.blob&&c(t)?(this._bodyArrayBuffer=W(t.buffer),this._bodyInit=new Blob([this._bodyArrayBuffer])):r.arrayBuffer&&(ArrayBuffer.prototype.isPrototypeOf(t)||p(t))?this._bodyArrayBuffer=W(t):this._bodyText=t=Object.prototype.toString.call(t):(this._noBody=!0,this._bodyText=""),this.headers.get("content-type")||(typeof t=="string"?this.headers.set("content-type","text/plain;charset=UTF-8"):this._bodyBlob&&this._bodyBlob.type?this.headers.set("content-type",this._bodyBlob.type):r.searchParams&&URLSearchParams.prototype.isPrototypeOf(t)&&this.headers.set("content-type","application/x-www-form-urlencoded;charset=UTF-8"))},r.blob&&(this.blob=function(){var t=N(this);if(t)return t;if(this._bodyBlob)return Promise.resolve(this._bodyBlob);if(this._bodyArrayBuffer)return Promise.resolve(new Blob([this._bodyArrayBuffer]));if(this._bodyFormData)throw new Error("could not read FormData body as blob");return Promise.resolve(new Blob([this._bodyText]))}),this.arrayBuffer=function(){if(this._bodyArrayBuffer){var t=N(this);return t||(ArrayBuffer.isView(this._bodyArrayBuffer)?Promise.resolve(this._bodyArrayBuffer.buffer.slice(this._bodyArrayBuffer.byteOffset,this._bodyArrayBuffer.byteOffset+this._bodyArrayBuffer.byteLength)):Promise.resolve(this._bodyArrayBuffer))}else{if(r.blob)return this.blob().then(fe);throw new Error("could not read as ArrayBuffer")}},this.text=function(){var t=N(this);if(t)return t;if(this._bodyBlob)return de(this._bodyBlob);if(this._bodyArrayBuffer)return Promise.resolve(le(this._bodyArrayBuffer));if(this._bodyFormData)throw new Error("could not read FormData body as text");return Promise.resolve(this._bodyText)},r.formData&&(this.formData=function(){return this.text().then(_e)}),this.json=function(){return this.text().then(JSON.parse)},this}a(Z,"Body");var pe=["CONNECT","DELETE","GET","HEAD","OPTIONS","PATCH","POST","PUT","TRACE"];function ye(t){var i=t.toUpperCase();return pe.indexOf(i)>-1?i:t}a(ye,"normalizeMethod");function E(t,i){if(!(this instanceof E))throw new TypeError('Please use the "new" operator, this DOM object constructor cannot be called as a function.');i=i||{};var u=i.body;if(t instanceof E){if(t.bodyUsed)throw new TypeError("Already read");this.url=t.url,this.credentials=t.credentials,i.headers||(this.headers=new _(t.headers)),this.method=t.method,this.mode=t.mode,this.signal=t.signal,!u&&t._bodyInit!=null&&(u=t._bodyInit,t.bodyUsed=!0)}else this.url=String(t);if(this.credentials=i.credentials||this.credentials||"same-origin",(i.headers||!this.headers)&&(this.headers=new _(i.headers)),this.method=ye(i.method||this.method||"GET"),this.mode=i.mode||this.mode||null,this.signal=i.signal||this.signal||(function(){if("AbortController"in s){var f=new AbortController;return f.signal}})(),this.referrer=null,(this.method==="GET"||this.method==="HEAD")&&u)throw new TypeError("Body not allowed for GET or HEAD requests");if(this._initBody(u),(this.method==="GET"||this.method==="HEAD")&&(i.cache==="no-store"||i.cache==="no-cache")){var l=/([?&])_=[^&]*/;if(l.test(this.url))this.url=this.url.replace(l,"$1_="+new Date().getTime());else{var m=/\?/;this.url+=(m.test(this.url)?"&":"?")+"_="+new Date().getTime()}}}a(E,"Request"),E.prototype.clone=function(){return new E(this,{body:this._bodyInit})};function _e(t){var i=new FormData;return t.trim().split("&").forEach(function(u){if(u){var l=u.split("="),m=l.shift().replace(/\+/g," "),f=l.join("=").replace(/\+/g," ");i.append(decodeURIComponent(m),decodeURIComponent(f))}}),i}a(_e,"decode");function me(t){var i=new _,u=t.replace(/\r?\n[\t ]+/g," ");return u.split("\r").map(function(l){return l.indexOf(`
|
|
2
|
+
`)===0?l.substr(1,l.length):l}).forEach(function(l){var m=l.split(":"),f=m.shift().trim();if(f){var S=m.join(":").trim();try{i.append(f,S)}catch(P){console.warn("Response "+P.message)}}}),i}a(me,"parseHeaders"),Z.call(E.prototype);function v(t,i){if(!(this instanceof v))throw new TypeError('Please use the "new" operator, this DOM object constructor cannot be called as a function.');if(i||(i={}),this.type="default",this.status=i.status===void 0?200:i.status,this.status<200||this.status>599)throw new RangeError("Failed to construct 'Response': The status provided (0) is outside the range [200, 599].");this.ok=this.status>=200&&this.status<300,this.statusText=i.statusText===void 0?"":""+i.statusText,this.headers=new _(i.headers),this.url=i.url||"",this._initBody(t)}a(v,"Response"),Z.call(v.prototype),v.prototype.clone=function(){return new v(this._bodyInit,{status:this.status,statusText:this.statusText,headers:new _(this.headers),url:this.url})},v.error=function(){var t=new v(null,{status:200,statusText:""});return t.ok=!1,t.status=0,t.type="error",t};var ge=[301,302,303,307,308];v.redirect=function(t,i){if(ge.indexOf(i)===-1)throw new RangeError("Invalid status code");return new v(null,{status:i,headers:{location:t}})},o.DOMException=s.DOMException;try{new o.DOMException}catch(t){o.DOMException=function(i,u){this.message=i,this.name=u;var l=Error(i);this.stack=l.stack},o.DOMException.prototype=Object.create(Error.prototype),o.DOMException.prototype.constructor=o.DOMException}function C(t,i){return new Promise(function(u,l){var m=new E(t,i);if(m.signal&&m.signal.aborted)return l(new o.DOMException("Aborted","AbortError"));var f=new XMLHttpRequest;function S(){f.abort()}a(S,"abortXhr"),f.onload=function(){var w={statusText:f.statusText,headers:me(f.getAllResponseHeaders()||"")};m.url.indexOf("file://")===0&&(f.status<200||f.status>599)?w.status=200:w.status=f.status,w.url="responseURL"in f?f.responseURL:w.headers.get("X-Request-URL");var k="response"in f?f.response:f.responseText;setTimeout(function(){u(new v(k,w))},0)},f.onerror=function(){setTimeout(function(){l(new TypeError("Network request failed"))},0)},f.ontimeout=function(){setTimeout(function(){l(new TypeError("Network request timed out"))},0)},f.onabort=function(){setTimeout(function(){l(new o.DOMException("Aborted","AbortError"))},0)};function P(w){try{return w===""&&s.location.href?s.location.href:w}catch(k){return w}}if(a(P,"fixUrl"),f.open(m.method,P(m.url),!0),m.credentials==="include"?f.withCredentials=!0:m.credentials==="omit"&&(f.withCredentials=!1),"responseType"in f&&(r.blob?f.responseType="blob":r.arrayBuffer&&(f.responseType="arraybuffer")),i&&typeof i.headers=="object"&&!(i.headers instanceof _||s.Headers&&i.headers instanceof s.Headers)){var X=[];Object.getOwnPropertyNames(i.headers).forEach(function(w){X.push(g(w)),f.setRequestHeader(w,b(i.headers[w]))}),m.headers.forEach(function(w,k){X.indexOf(k)===-1&&f.setRequestHeader(k,w)})}else m.headers.forEach(function(w,k){f.setRequestHeader(k,w)});m.signal&&(m.signal.addEventListener("abort",S),f.onreadystatechange=function(){f.readyState===4&&m.signal.removeEventListener("abort",S)}),f.send(typeof m._bodyInit=="undefined"?null:m._bodyInit)})}return a(C,"fetch"),C.polyfill=!0,s.fetch||(s.fetch=C,s.Headers=_,s.Request=E,s.Response=v),o.Headers=_,o.Request=E,o.Response=v,o.fetch=C,o})({})})(B);B.fetch.ponyfill=!0;delete B.fetch.polyfill;var L=$.fetch?$:B;T=L.fetch;T.default=L.fetch;T.fetch=L.fetch;T.Headers=L.Headers;T.Request=L.Request;T.Response=L.Response;te.exports=T});var Be={};Ae(Be,{Authorizer:()=>V,OAuthProviders:()=>j,ResponseTypes:()=>D});var he=xe(oe());var j=(function(n){return n.Apple="apple",n.Github="github",n.Google="google",n.Facebook="facebook",n.LinkedIn="linkedin",n.Twitter="twitter",n.Microsoft="microsoft",n.Twitch="twitch",n.Roblox="roblox",n.Discord="discord",n})({}),D=(function(n){return n.Code="code",n.Token="token",n})({});var A=a(()=>typeof window!="undefined","hasWindow"),z=a(n=>{let e=n.trim();return e[e.length-1]==="/"&&(e=e.slice(0,-1)),e},"trimURL"),se=a(()=>A()?window.crypto||window.msCrypto:null,"getCrypto"),Ie=a(()=>{let n=se();return n&&n.subtle||n.webkitSubtle},"getCryptoSubtle"),x=a(()=>{let n="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.",e="",o=se();return o&&Array.from(o.getRandomValues(new Uint8Array(43))).forEach(r=>e+=n[r%n.length]),e},"createRandomString"),U=a(n=>A()?btoa(n):Buffer.from(n).toString("base64"),"encode");var ne=a(n=>Object.keys(n).filter(e=>typeof n[e]!="undefined").map(e=>`${encodeURIComponent(e)}=${encodeURIComponent(n[e])}`).join("&"),"createQueryParams"),ie=a(n=>y(null,null,function*(){let e=Ie();if(!e)throw new Error("Web Crypto API is not available");let o=e.digest({name:"SHA-256"},new TextEncoder().encode(n));return window.msCrypto?new Promise((s,r)=>{o.oncomplete=c=>{s(c.target.result)},o.onerror=c=>{r(c.error)},o.onabort=()=>{r(new Error("The digest operation was aborted"))}}):yield o}),"sha256"),Se=a(n=>{let e={"+":"-","/":"_","=":""};return n.replace(/[+/=]/g,o=>e[o])},"urlEncodeB64");var ae=a(n=>{let e=new Uint8Array(n);return Se(window.btoa(String.fromCharCode(...Array.from(e))))},"bufferToBase64UrlEncoded"),$e=a(n=>{try{return new URL(n).origin}catch(e){return n}},"originFromAuthorizerUrl"),ce=a((n,e,o=60)=>new Promise((s,r)=>{let c=$e(e),h=window.document.createElement("iframe");h.setAttribute("id","authorizer-iframe"),h.setAttribute("width","0"),h.setAttribute("height","0"),h.style.display="none";let p=a(()=>{window.document.body.contains(h)&&(window.document.body.removeChild(h),window.removeEventListener("message",b,!1))},"removeIframe"),g=setTimeout(()=>{r(new Error("Authorization timeout")),p()},o*1e3),b=a(function(R){if(R.origin!==c||!R.data||!R.data.response)return;let _=R.source;_&&_.close(),R.data.response.error?r(R.data.response):s(R.data.response),clearTimeout(g),window.removeEventListener("message",b,!1),setTimeout(p,2*1e3)},"iframeEventHandler");window.addEventListener("message",b,!1),window.document.body.appendChild(h),h.setAttribute("src",n)}),"executeIframe");var Q="id email email_verified given_name family_name middle_name nickname preferred_username picture signup_methods gender birthdate phone_number phone_number_verified roles created_at updated_at revoked_timestamp is_multi_factor_auth_enabled app_data",I=`message access_token expires_in refresh_token id_token should_show_email_otp_screen should_show_mobile_otp_screen should_show_totp_screen authenticator_scanner_image authenticator_secret authenticator_recovery_codes user { ${Q} }`,M=a(()=>A()?window.fetch:he.default,"getFetcher");function ue(n){if(Array.isArray(n))return n.map(e=>e instanceof Error?e:e&&typeof e=="object"&&"message"in e?new Error(String(e.message)):new Error(String(e)));if(n instanceof Error)return[n];if(n!==null&&typeof n=="object"){let e=n;if(typeof e.error_description=="string")return[new Error(e.error_description)];if(typeof e.error=="string"){let o=typeof e.error_description=="string"?`: ${e.error_description}`:"";return[new Error(`${e.error}${o}`)]}if(typeof e.message=="string")return[new Error(e.message)]}return n==null?[new Error("Unknown error")]:[new Error(String(n))]}a(ue,"toErrorList");var J=class J{constructor(e){d(this,"config");d(this,"codeVerifier");d(this,"authorize",a(e=>y(this,null,function*(){var c;if(!A())return this.errorResponse([new Error("this feature is only supported in browser")]);let o=["openid","profile","email"];e.use_refresh_token&&o.push("offline_access");let s={redirect_uri:this.config.redirectURL,response_mode:e.response_mode||"web_message",state:U(x()),nonce:U(x()),response_type:e.response_type,scope:o.join(" "),client_id:((c=this.config)==null?void 0:c.clientID)||""};if(e.response_type===D.Code){this.codeVerifier=x();let h=yield ie(this.codeVerifier),p=ae(h);s.code_challenge=p,s.code_challenge_method="S256"}let r=`${this.config.authorizerURL}/authorize?${ne(s)}`;if(s.response_mode!=="web_message")return window.location.replace(r),this.okResponse(void 0);try{let h=yield ce(r,this.config.authorizerURL,60);if(e.response_type===D.Code){let p=yield this.getToken({code:h.code});return p.errors.length?this.errorResponse(p.errors):this.okResponse(p.data)}return this.okResponse(h)}catch(h){return h.error&&window.location.replace(`${this.config.authorizerURL}/app?state=${U(JSON.stringify({clientID:this.config.clientID,redirectURL:this.config.redirectURL,authorizerURL:this.config.authorizerURL}))}&redirect_uri=${encodeURIComponent(this.config.redirectURL||"")}`),this.errorResponse(h)}}),"authorize"));d(this,"browserLogin",a(()=>y(this,null,function*(){try{let e=yield this.getSession();return e.errors.length?this.errorResponse(e.errors):this.okResponse(e.data)}catch(e){return A()?(window.location.replace(`${this.config.authorizerURL}/app?state=${U(JSON.stringify({clientID:this.config.clientID,redirectURL:this.config.redirectURL,authorizerURL:this.config.authorizerURL}))}&redirect_uri=${encodeURIComponent(this.config.redirectURL||"")}`),this.errorResponse(e)):{data:void 0,errors:[new Error("browserLogin is only supported for browsers")]}}}),"browserLogin"));d(this,"forgotPassword",a(e=>y(this,null,function*(){var o,s;e.state||(e.state=U(x())),e.redirect_uri||(e.redirect_uri=this.config.redirectURL);try{let r=yield this.graphqlQuery({query:"mutation forgot_password($data: ForgotPasswordRequest!) { forgot_password(params: $data) { message should_show_mobile_otp_screen } }",variables:{data:e},operationName:"forgot_password"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r==null?void 0:r.data)==null?void 0:s.forgot_password)}catch(r){return this.errorResponse([r])}}),"forgotPassword"));d(this,"getMetaData",a(()=>y(this,null,function*(){var e;try{let o=yield this.graphqlQuery({query:"query meta { meta { version client_id is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_microsoft_login_enabled is_twitch_login_enabled is_roblox_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled is_multi_factor_auth_enabled is_mobile_basic_authentication_enabled is_phone_verification_enabled } }",operationName:"meta"});return(e=o==null?void 0:o.errors)!=null&&e.length?this.errorResponse(o.errors):this.okResponse(o.data.meta)}catch(o){return this.errorResponse([o])}}),"getMetaData"));d(this,"getProfile",a(e=>y(this,null,function*(){var o;try{let s=yield this.graphqlQuery({query:`query profile { profile { ${Q} } }`,headers:e,operationName:"profile"});return(o=s==null?void 0:s.errors)!=null&&o.length?this.errorResponse(s.errors):this.okResponse(s.data.profile)}catch(s){return this.errorResponse([s])}}),"getProfile"));d(this,"getSession",a((e,o)=>y(this,null,function*(){var s,r;try{let c=yield this.graphqlQuery({query:`query session($params: SessionQueryRequest){session(params: $params) { ${I} } }`,headers:e,variables:{params:o},operationName:"session"});return(s=c==null?void 0:c.errors)!=null&&s.length?this.errorResponse(c.errors):this.okResponse((r=c.data)==null?void 0:r.session)}catch(c){return this.errorResponse(c)}}),"getSession"));d(this,"getToken",a(e=>y(this,null,function*(){var s;if(e.grant_type||(e.grant_type="authorization_code"),e.grant_type==="refresh_token"&&!((s=e.refresh_token)!=null&&s.trim()))return this.errorResponse([new Error("Invalid refresh_token")]);if(e.grant_type==="authorization_code"&&!this.codeVerifier)return this.errorResponse([new Error("Invalid code verifier")]);let o={client_id:this.config.clientID,code:e.code||"",code_verifier:this.codeVerifier||"",grant_type:e.grant_type||"",refresh_token:e.refresh_token||""};try{let c=yield M()(`${this.config.authorizerURL}/oauth/token`,{method:"POST",body:JSON.stringify(o),headers:O({},this.config.extraHeaders),credentials:"include"}),h=yield c.text(),p={};if(h)try{p=JSON.parse(h)}catch(g){return this.errorResponse([new Error(c.ok?"Invalid JSON from token endpoint":`HTTP ${c.status}`)])}return c.ok?this.okResponse(p):this.errorResponse([new Error(String(p.error_description||p.error||`HTTP ${c.status}`))])}catch(r){return this.errorResponse(r)}}),"getToken"));d(this,"login",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:`
|
|
3
|
+
mutation login($data: LoginRequest!) { login(params: $data) { ${I}}}
|
|
4
4
|
`,variables:{data:e},operationName:"login"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.login)}catch(r){return this.errorResponse(r)}}),"login"));d(this,"logout",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:"mutation logout { logout { message } }",headers:e,operationName:"logout"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.logout)}catch(r){return this.errorResponse([r])}}),"logout"));d(this,"magicLinkLogin",a(e=>y(this,null,function*(){var o,s;try{e.state||(e.state=U(x())),e.redirect_uri||(e.redirect_uri=this.config.redirectURL);let r=yield this.graphqlQuery({query:`
|
|
5
|
-
mutation
|
|
6
|
-
`,variables:{data:e},operationName:"
|
|
7
|
-
mutation
|
|
8
|
-
`,variables:{data:e},operationName:"
|
|
9
|
-
mutation signup($data: SignUpRequest!) { signup(params: $data) { ${
|
|
10
|
-
`,variables:{data:e},operationName:"signup"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.signup)}catch(r){return this.errorResponse([r])}}),"signup"));d(this,"updateProfile",a((e,o)=>y(this,null,function*(){var s,r;try{let c=yield this.graphqlQuery({query:"mutation
|
|
11
|
-
mutation
|
|
12
|
-
`,variables:{data:e},operationName:"
|
|
13
|
-
mutation
|
|
14
|
-
`,variables:{data:e},operationName:"
|
|
15
|
-
mutation
|
|
16
|
-
`,variables:{data:e},operationName:"
|
|
5
|
+
mutation magic_link_login($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}
|
|
6
|
+
`,variables:{data:e},operationName:"magic_link_login"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.magic_link_login)}catch(r){return this.errorResponse([r])}}),"magicLinkLogin"));d(this,"oauthLogin",a((e,o,s,r)=>y(this,null,function*(){let c=r;c||(c=U(x()));let h=Object.values(j);if(!h.includes(e))throw new Error(`only following oauth providers are supported: ${h.join(", ")}`);if(!A())throw new Error("oauthLogin is only supported for browsers");o&&o.length&&(c+=`&roles=${o.join(",")}`),window.location.replace(`${this.config.authorizerURL}/oauth_login/${e}?redirect_uri=${encodeURIComponent(s||this.config.redirectURL||"")}&state=${encodeURIComponent(c)}`)}),"oauthLogin"));d(this,"resendOtp",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:`
|
|
7
|
+
mutation resend_otp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}
|
|
8
|
+
`,variables:{data:e},operationName:"resend_otp"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.resend_otp)}catch(r){return this.errorResponse([r])}}),"resendOtp"));d(this,"resetPassword",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:"mutation reset_password($data: ResetPasswordRequest!) { reset_password(params: $data) { message } }",variables:{data:e},operationName:"reset_password"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.reset_password)}catch(r){return this.errorResponse([r])}}),"resetPassword"));d(this,"revokeToken",a(e=>y(this,null,function*(){var o;if(!((o=e.refresh_token)!=null&&o.trim()))return this.errorResponse([new Error("Invalid refresh_token")]);try{let r=yield M()(`${this.config.authorizerURL}/oauth/revoke`,{method:"POST",headers:O({},this.config.extraHeaders),body:JSON.stringify({refresh_token:e.refresh_token,client_id:this.config.clientID})}),c=yield r.text(),h={};if(c)try{h=JSON.parse(c)}catch(p){return this.errorResponse([new Error(r.ok?"Invalid JSON from revoke endpoint":`HTTP ${r.status}`)])}if(!r.ok){let p=h;return this.errorResponse([new Error(String(p.error_description||p.error||`HTTP ${r.status}`))])}return this.okResponse(h)}catch(s){return this.errorResponse(s)}}),"revokeToken"));d(this,"signup",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:`
|
|
9
|
+
mutation signup($data: SignUpRequest!) { signup(params: $data) { ${I}}}
|
|
10
|
+
`,variables:{data:e},operationName:"signup"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.signup)}catch(r){return this.errorResponse([r])}}),"signup"));d(this,"updateProfile",a((e,o)=>y(this,null,function*(){var s,r;try{let c=yield this.graphqlQuery({query:"mutation update_profile($data: UpdateProfileRequest!) { update_profile(params: $data) { message } }",headers:o,variables:{data:e},operationName:"update_profile"});return(s=c==null?void 0:c.errors)!=null&&s.length?this.errorResponse(c.errors):this.okResponse((r=c.data)==null?void 0:r.update_profile)}catch(c){return this.errorResponse([c])}}),"updateProfile"));d(this,"deactivateAccount",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:"mutation deactivate_account { deactivate_account { message } }",headers:e,operationName:"deactivate_account"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.deactivate_account)}catch(r){return this.errorResponse([r])}}),"deactivateAccount"));d(this,"validateJWTToken",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:"query validate_jwt_token($params: ValidateJWTTokenRequest!){validate_jwt_token(params: $params) { is_valid claims } }",variables:{params:e},operationName:"validate_jwt_token"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.validate_jwt_token)}catch(r){return this.errorResponse([r])}}),"validateJWTToken"));d(this,"validateSession",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:`query validate_session($params: ValidateSessionRequest){validate_session(params: $params) { is_valid user { ${Q} } } }`,variables:{params:e},operationName:"validate_session"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.validate_session)}catch(r){return this.errorResponse([r])}}),"validateSession"));d(this,"verifyEmail",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:`
|
|
11
|
+
mutation verify_email($data: VerifyEmailRequest!) { verify_email(params: $data) { ${I}}}
|
|
12
|
+
`,variables:{data:e},operationName:"verify_email"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.verify_email)}catch(r){return this.errorResponse([r])}}),"verifyEmail"));d(this,"resendVerifyEmail",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:`
|
|
13
|
+
mutation resend_verify_email($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}
|
|
14
|
+
`,variables:{data:e},operationName:"resend_verify_email"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.resend_verify_email)}catch(r){return this.errorResponse([r])}}),"resendVerifyEmail"));d(this,"verifyOtp",a(e=>y(this,null,function*(){var o,s;try{let r=yield this.graphqlQuery({query:`
|
|
15
|
+
mutation verify_otp($data: VerifyOTPRequest!) { verify_otp(params: $data) { ${I}}}
|
|
16
|
+
`,variables:{data:e},operationName:"verify_otp"});return(o=r==null?void 0:r.errors)!=null&&o.length?this.errorResponse(r.errors):this.okResponse((s=r.data)==null?void 0:s.verify_otp)}catch(r){return this.errorResponse([r])}}),"verifyOtp"));d(this,"graphqlQuery",a(e=>y(this,null,function*(){var p;let o=M(),s={query:e.query,variables:e.variables||{}};e.operationName&&(s.operationName=e.operationName);let r=yield o(`${this.config.authorizerURL}/graphql`,{method:"POST",body:JSON.stringify(s),headers:O(O({},this.config.extraHeaders),e.headers||{}),credentials:"include"}),c=yield r.text(),h={};if(c)try{h=JSON.parse(c)}catch(g){return{data:void 0,errors:[new Error(r.ok?"Invalid JSON from GraphQL endpoint":`HTTP ${r.status}`)]}}else if(!r.ok)return{data:void 0,errors:[new Error(`HTTP ${r.status}`)]};return(p=h==null?void 0:h.errors)!=null&&p.length?{data:void 0,errors:ue(h.errors)}:r.ok?{data:h.data,errors:[]}:{data:void 0,errors:[new Error(`HTTP ${r.status}`)]}}),"graphqlQuery"));d(this,"errorResponse",a(e=>({data:void 0,errors:ue(e)}),"errorResponse"));d(this,"okResponse",a(e=>({data:e,errors:[]}),"okResponse"));var o,s;if(!e)throw new Error("Configuration is required");if(this.config=e,!((o=e.authorizerURL)!=null&&o.trim()))throw new Error("Invalid authorizerURL");if(this.config.authorizerURL=z(e.authorizerURL),!((s=e.redirectURL)!=null&&s.trim()))throw new Error("Invalid redirectURL");this.config.redirectURL=z(e.redirectURL),this.config.clientID=((e==null?void 0:e.clientID)||"").trim(),this.config.extraHeaders=ee(O({},e.extraHeaders||{}),{"x-authorizer-url":e.authorizerURL,"x-authorizer-client-id":e.clientID||"","Content-Type":"application/json"})}};a(J,"Authorizer");var V=J;return qe(Be);})();
|
|
17
17
|
if (typeof window !== "undefined") { window.authorizerdev = authorizerdev; }
|
package/lib/index.js
CHANGED
|
@@ -303,11 +303,11 @@ var _Authorizer = class _Authorizer {
|
|
|
303
303
|
if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;
|
|
304
304
|
try {
|
|
305
305
|
const forgotPasswordResp = await this.graphqlQuery({
|
|
306
|
-
query: "mutation
|
|
306
|
+
query: "mutation forgot_password($data: ForgotPasswordRequest!) { forgot_password(params: $data) { message should_show_mobile_otp_screen } }",
|
|
307
307
|
variables: {
|
|
308
308
|
data
|
|
309
309
|
},
|
|
310
|
-
operationName: "
|
|
310
|
+
operationName: "forgot_password"
|
|
311
311
|
});
|
|
312
312
|
return ((_a = forgotPasswordResp == null ? void 0 : forgotPasswordResp.errors) == null ? void 0 : _a.length) ? this.errorResponse(forgotPasswordResp.errors) : this.okResponse((_b = forgotPasswordResp == null ? void 0 : forgotPasswordResp.data) == null ? void 0 : _b.forgot_password);
|
|
313
313
|
} catch (error) {
|
|
@@ -350,12 +350,12 @@ var _Authorizer = class _Authorizer {
|
|
|
350
350
|
var _a, _b;
|
|
351
351
|
try {
|
|
352
352
|
const res = await this.graphqlQuery({
|
|
353
|
-
query: `query
|
|
353
|
+
query: `query session($params: SessionQueryRequest){session(params: $params) { ${authTokenFragment} } }`,
|
|
354
354
|
headers,
|
|
355
355
|
variables: {
|
|
356
356
|
params
|
|
357
357
|
},
|
|
358
|
-
operationName: "
|
|
358
|
+
operationName: "session"
|
|
359
359
|
});
|
|
360
360
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.session);
|
|
361
361
|
} catch (err) {
|
|
@@ -448,12 +448,12 @@ var _Authorizer = class _Authorizer {
|
|
|
448
448
|
if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;
|
|
449
449
|
const res = await this.graphqlQuery({
|
|
450
450
|
query: `
|
|
451
|
-
mutation
|
|
451
|
+
mutation magic_link_login($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}
|
|
452
452
|
`,
|
|
453
453
|
variables: {
|
|
454
454
|
data
|
|
455
455
|
},
|
|
456
|
-
operationName: "
|
|
456
|
+
operationName: "magic_link_login"
|
|
457
457
|
});
|
|
458
458
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.magic_link_login);
|
|
459
459
|
} catch (err) {
|
|
@@ -480,12 +480,12 @@ var _Authorizer = class _Authorizer {
|
|
|
480
480
|
try {
|
|
481
481
|
const res = await this.graphqlQuery({
|
|
482
482
|
query: `
|
|
483
|
-
mutation
|
|
483
|
+
mutation resend_otp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}
|
|
484
484
|
`,
|
|
485
485
|
variables: {
|
|
486
486
|
data
|
|
487
487
|
},
|
|
488
|
-
operationName: "
|
|
488
|
+
operationName: "resend_otp"
|
|
489
489
|
});
|
|
490
490
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.resend_otp);
|
|
491
491
|
} catch (err) {
|
|
@@ -498,11 +498,11 @@ var _Authorizer = class _Authorizer {
|
|
|
498
498
|
var _a, _b;
|
|
499
499
|
try {
|
|
500
500
|
const resetPasswordRes = await this.graphqlQuery({
|
|
501
|
-
query: "mutation
|
|
501
|
+
query: "mutation reset_password($data: ResetPasswordRequest!) { reset_password(params: $data) { message } }",
|
|
502
502
|
variables: {
|
|
503
503
|
data
|
|
504
504
|
},
|
|
505
|
-
operationName: "
|
|
505
|
+
operationName: "reset_password"
|
|
506
506
|
});
|
|
507
507
|
return ((_a = resetPasswordRes == null ? void 0 : resetPasswordRes.errors) == null ? void 0 : _a.length) ? this.errorResponse(resetPasswordRes.errors) : this.okResponse((_b = resetPasswordRes.data) == null ? void 0 : _b.reset_password);
|
|
508
508
|
} catch (error) {
|
|
@@ -573,12 +573,12 @@ var _Authorizer = class _Authorizer {
|
|
|
573
573
|
var _a, _b;
|
|
574
574
|
try {
|
|
575
575
|
const updateProfileRes = await this.graphqlQuery({
|
|
576
|
-
query: "mutation
|
|
576
|
+
query: "mutation update_profile($data: UpdateProfileRequest!) { update_profile(params: $data) { message } }",
|
|
577
577
|
headers,
|
|
578
578
|
variables: {
|
|
579
579
|
data
|
|
580
580
|
},
|
|
581
|
-
operationName: "
|
|
581
|
+
operationName: "update_profile"
|
|
582
582
|
});
|
|
583
583
|
return ((_a = updateProfileRes == null ? void 0 : updateProfileRes.errors) == null ? void 0 : _a.length) ? this.errorResponse(updateProfileRes.errors) : this.okResponse((_b = updateProfileRes.data) == null ? void 0 : _b.update_profile);
|
|
584
584
|
} catch (error) {
|
|
@@ -591,9 +591,9 @@ var _Authorizer = class _Authorizer {
|
|
|
591
591
|
var _a, _b;
|
|
592
592
|
try {
|
|
593
593
|
const res = await this.graphqlQuery({
|
|
594
|
-
query: "mutation
|
|
594
|
+
query: "mutation deactivate_account { deactivate_account { message } }",
|
|
595
595
|
headers,
|
|
596
|
-
operationName: "
|
|
596
|
+
operationName: "deactivate_account"
|
|
597
597
|
});
|
|
598
598
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.deactivate_account);
|
|
599
599
|
} catch (error) {
|
|
@@ -606,11 +606,11 @@ var _Authorizer = class _Authorizer {
|
|
|
606
606
|
var _a, _b;
|
|
607
607
|
try {
|
|
608
608
|
const res = await this.graphqlQuery({
|
|
609
|
-
query: "query
|
|
609
|
+
query: "query validate_jwt_token($params: ValidateJWTTokenRequest!){validate_jwt_token(params: $params) { is_valid claims } }",
|
|
610
610
|
variables: {
|
|
611
611
|
params
|
|
612
612
|
},
|
|
613
|
-
operationName: "
|
|
613
|
+
operationName: "validate_jwt_token"
|
|
614
614
|
});
|
|
615
615
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.validate_jwt_token);
|
|
616
616
|
} catch (error) {
|
|
@@ -623,11 +623,11 @@ var _Authorizer = class _Authorizer {
|
|
|
623
623
|
var _a, _b;
|
|
624
624
|
try {
|
|
625
625
|
const res = await this.graphqlQuery({
|
|
626
|
-
query: `query
|
|
626
|
+
query: `query validate_session($params: ValidateSessionRequest){validate_session(params: $params) { is_valid user { ${userFragment} } } }`,
|
|
627
627
|
variables: {
|
|
628
628
|
params
|
|
629
629
|
},
|
|
630
|
-
operationName: "
|
|
630
|
+
operationName: "validate_session"
|
|
631
631
|
});
|
|
632
632
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.validate_session);
|
|
633
633
|
} catch (error) {
|
|
@@ -641,12 +641,12 @@ var _Authorizer = class _Authorizer {
|
|
|
641
641
|
try {
|
|
642
642
|
const res = await this.graphqlQuery({
|
|
643
643
|
query: `
|
|
644
|
-
mutation
|
|
644
|
+
mutation verify_email($data: VerifyEmailRequest!) { verify_email(params: $data) { ${authTokenFragment}}}
|
|
645
645
|
`,
|
|
646
646
|
variables: {
|
|
647
647
|
data
|
|
648
648
|
},
|
|
649
|
-
operationName: "
|
|
649
|
+
operationName: "verify_email"
|
|
650
650
|
});
|
|
651
651
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.verify_email);
|
|
652
652
|
} catch (err) {
|
|
@@ -660,12 +660,12 @@ var _Authorizer = class _Authorizer {
|
|
|
660
660
|
try {
|
|
661
661
|
const res = await this.graphqlQuery({
|
|
662
662
|
query: `
|
|
663
|
-
mutation
|
|
663
|
+
mutation resend_verify_email($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}
|
|
664
664
|
`,
|
|
665
665
|
variables: {
|
|
666
666
|
data
|
|
667
667
|
},
|
|
668
|
-
operationName: "
|
|
668
|
+
operationName: "resend_verify_email"
|
|
669
669
|
});
|
|
670
670
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.resend_verify_email);
|
|
671
671
|
} catch (err) {
|
|
@@ -679,12 +679,12 @@ var _Authorizer = class _Authorizer {
|
|
|
679
679
|
try {
|
|
680
680
|
const res = await this.graphqlQuery({
|
|
681
681
|
query: `
|
|
682
|
-
mutation
|
|
682
|
+
mutation verify_otp($data: VerifyOTPRequest!) { verify_otp(params: $data) { ${authTokenFragment}}}
|
|
683
683
|
`,
|
|
684
684
|
variables: {
|
|
685
685
|
data
|
|
686
686
|
},
|
|
687
|
-
operationName: "
|
|
687
|
+
operationName: "verify_otp"
|
|
688
688
|
});
|
|
689
689
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.verify_otp);
|
|
690
690
|
} catch (err) {
|
package/lib/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/constants.ts","../src/types.ts","../src/utils.ts"],"sourcesContent":["// Note: write gql query in single line to reduce bundle size\nimport crossFetch from 'cross-fetch';\nimport { DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS } from './constants';\nimport * as Types from './types';\nimport {\n bufferToBase64UrlEncoded,\n createQueryParams,\n createRandomString,\n encode,\n executeIframe,\n hasWindow,\n sha256,\n trimURL,\n} from './utils';\n\n// re-usable gql response fragment\nconst userFragment =\n 'id email email_verified given_name family_name middle_name nickname preferred_username picture signup_methods gender birthdate phone_number phone_number_verified roles created_at updated_at revoked_timestamp is_multi_factor_auth_enabled app_data';\nconst authTokenFragment = `message access_token expires_in refresh_token id_token should_show_email_otp_screen should_show_mobile_otp_screen should_show_totp_screen authenticator_scanner_image authenticator_secret authenticator_recovery_codes user { ${userFragment} }`;\n\n// set fetch based on window object. Cross fetch have issues with umd build\nconst getFetcher = () => (hasWindow() ? window.fetch : crossFetch);\n\nfunction toErrorList(errors: unknown): Error[] {\n if (Array.isArray(errors)) {\n return errors.map((item) => {\n if (item instanceof Error) return item;\n if (item && typeof item === 'object' && 'message' in item)\n return new Error(String((item as { message: unknown }).message));\n return new Error(String(item));\n });\n }\n if (errors instanceof Error) return [errors];\n if (errors !== null && typeof errors === 'object') {\n const o = errors as Record<string, unknown>;\n if (typeof o.error_description === 'string')\n return [new Error(o.error_description)];\n if (typeof o.error === 'string') {\n const desc =\n typeof o.error_description === 'string'\n ? `: ${o.error_description}`\n : '';\n return [new Error(`${o.error}${desc}`)];\n }\n if (typeof o.message === 'string') return [new Error(o.message)];\n }\n if (errors === undefined || errors === null)\n return [new Error('Unknown error')];\n return [new Error(String(errors))];\n}\n\nexport * from './types';\n\n/**\n * Client for the Authorizer API. All network calls go to `config.authorizerURL`\n * with cookies included where the runtime allows; only configure URLs you trust.\n */\nexport class Authorizer {\n // class variable\n config: Types.ConfigType;\n codeVerifier: string;\n\n // constructor\n constructor(config: Types.ConfigType) {\n if (!config) throw new Error('Configuration is required');\n\n this.config = config;\n if (!config.authorizerURL?.trim()) throw new Error('Invalid authorizerURL');\n\n this.config.authorizerURL = trimURL(config.authorizerURL);\n\n if (!config.redirectURL?.trim()) throw new Error('Invalid redirectURL');\n this.config.redirectURL = trimURL(config.redirectURL);\n this.config.clientID = (config?.clientID || '').trim();\n\n this.config.extraHeaders = {\n ...(config.extraHeaders || {}),\n 'x-authorizer-url': config.authorizerURL,\n 'x-authorizer-client-id': config.clientID || '',\n 'Content-Type': 'application/json',\n };\n }\n\n authorize = async (\n data: Types.AuthorizeRequest,\n ): Promise<\n | Types.ApiResponse<Types.GetTokenResponse>\n | Types.ApiResponse<Types.AuthorizeResponse>\n > => {\n if (!hasWindow())\n return this.errorResponse([\n new Error('this feature is only supported in browser'),\n ]);\n\n const scopes = ['openid', 'profile', 'email'];\n if (data.use_refresh_token) scopes.push('offline_access');\n\n const requestData: Record<string, string> = {\n redirect_uri: this.config.redirectURL,\n response_mode: data.response_mode || 'web_message',\n state: encode(createRandomString()),\n nonce: encode(createRandomString()),\n response_type: data.response_type,\n scope: scopes.join(' '),\n client_id: this.config?.clientID || '',\n };\n\n if (data.response_type === Types.ResponseTypes.Code) {\n this.codeVerifier = createRandomString();\n const sha = await sha256(this.codeVerifier);\n const codeChallenge = bufferToBase64UrlEncoded(sha);\n requestData.code_challenge = codeChallenge;\n requestData.code_challenge_method = 'S256';\n }\n\n const authorizeURL = `${\n this.config.authorizerURL\n }/authorize?${createQueryParams(requestData)}`;\n\n if (requestData.response_mode !== 'web_message') {\n window.location.replace(authorizeURL);\n return this.okResponse(undefined);\n }\n\n try {\n const iframeRes = await executeIframe(\n authorizeURL,\n this.config.authorizerURL,\n DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n );\n\n if (data.response_type === Types.ResponseTypes.Code) {\n // get token and return it\n const tokenResp: Types.ApiResponse<Types.GetTokenResponse> =\n await this.getToken({\n code: iframeRes.code,\n });\n return tokenResp.errors.length\n ? this.errorResponse(tokenResp.errors)\n : this.okResponse(tokenResp.data);\n }\n\n // this includes access_token, id_token & refresh_token(optionally)\n return this.okResponse(iframeRes);\n } catch (err) {\n if (err.error) {\n window.location.replace(\n `${this.config.authorizerURL}/app?state=${encode(\n JSON.stringify({\n clientID: this.config.clientID,\n redirectURL: this.config.redirectURL,\n authorizerURL: this.config.authorizerURL,\n }),\n )}&redirect_uri=${encodeURIComponent(this.config.redirectURL || '')}`,\n );\n }\n\n return this.errorResponse(err);\n }\n };\n\n browserLogin = async (): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const tokenResp: Types.ApiResponse<Types.AuthToken> =\n await this.getSession();\n return tokenResp.errors.length\n ? this.errorResponse(tokenResp.errors)\n : this.okResponse(tokenResp.data);\n } catch (err) {\n if (!hasWindow()) {\n return {\n data: undefined,\n errors: [new Error('browserLogin is only supported for browsers')],\n };\n }\n\n window.location.replace(\n `${this.config.authorizerURL}/app?state=${encode(\n JSON.stringify({\n clientID: this.config.clientID,\n redirectURL: this.config.redirectURL,\n authorizerURL: this.config.authorizerURL,\n }),\n )}&redirect_uri=${encodeURIComponent(this.config.redirectURL || '')}`,\n );\n return this.errorResponse(err);\n }\n };\n\n forgotPassword = async (\n data: Types.ForgotPasswordRequest,\n ): Promise<Types.ApiResponse<Types.ForgotPasswordResponse>> => {\n if (!data.state) data.state = encode(createRandomString());\n\n if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;\n\n try {\n const forgotPasswordResp = await this.graphqlQuery({\n query:\n 'mutation forgotPassword($data: ForgotPasswordRequest!) {\tforgot_password(params: $data) { message should_show_mobile_otp_screen } }',\n variables: {\n data,\n },\n operationName: 'forgotPassword',\n });\n return forgotPasswordResp?.errors?.length\n ? this.errorResponse(forgotPasswordResp.errors)\n : this.okResponse(forgotPasswordResp?.data?.forgot_password);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n getMetaData = async (): Promise<Types.ApiResponse<Types.MetaData>> => {\n try {\n const res = await this.graphqlQuery({\n query:\n 'query meta { meta { version client_id is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_microsoft_login_enabled is_twitch_login_enabled is_roblox_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled is_multi_factor_auth_enabled is_mobile_basic_authentication_enabled is_phone_verification_enabled } }',\n operationName: 'meta',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data.meta);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n getProfile = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.User>> => {\n try {\n const profileRes = await this.graphqlQuery({\n query: `query profile {\tprofile { ${userFragment} } }`,\n headers,\n operationName: 'profile',\n });\n\n return profileRes?.errors?.length\n ? this.errorResponse(profileRes.errors)\n : this.okResponse(profileRes.data.profile);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n // this is used to verify / get session using cookie by default. If using node.js pass authorization header\n getSession = async (\n headers?: Types.Headers,\n params?: Types.SessionQueryRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `query getSession($params: SessionQueryRequest){session(params: $params) { ${authTokenFragment} } }`,\n headers,\n variables: {\n params,\n },\n operationName: 'getSession',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.session);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n getToken = async (\n data: Types.GetTokenRequest,\n ): Promise<Types.ApiResponse<Types.GetTokenResponse>> => {\n if (!data.grant_type) data.grant_type = 'authorization_code';\n\n if (data.grant_type === 'refresh_token' && !data.refresh_token?.trim())\n return this.errorResponse([new Error('Invalid refresh_token')]);\n\n if (data.grant_type === 'authorization_code' && !this.codeVerifier)\n return this.errorResponse([new Error('Invalid code verifier')]);\n\n const requestData = {\n client_id: this.config.clientID,\n code: data.code || '',\n code_verifier: this.codeVerifier || '',\n grant_type: data.grant_type || '',\n refresh_token: data.refresh_token || '',\n };\n\n try {\n const fetcher = getFetcher();\n const res = await fetcher(`${this.config.authorizerURL}/oauth/token`, {\n method: 'POST',\n body: JSON.stringify(requestData),\n headers: {\n ...this.config.extraHeaders,\n },\n credentials: 'include',\n });\n\n const text = await res.text();\n let json: {\n error?: string;\n error_description?: string;\n } & Record<string, unknown> = {};\n if (text) {\n try {\n json = JSON.parse(text);\n } catch {\n return this.errorResponse([\n new Error(\n res.ok\n ? 'Invalid JSON from token endpoint'\n : `HTTP ${res.status}`,\n ),\n ]);\n }\n }\n if (!res.ok) {\n return this.errorResponse([\n new Error(\n String(\n json.error_description || json.error || `HTTP ${res.status}`,\n ),\n ),\n ]);\n }\n\n return this.okResponse(json);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n login = async (\n data: Types.LoginRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation login($data: LoginRequest!) { login(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'login',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.login);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n logout = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: 'mutation logout { logout { message } }',\n headers,\n operationName: 'logout',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.logout);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n magicLinkLogin = async (\n data: Types.MagicLinkLoginRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n if (!data.state) data.state = encode(createRandomString());\n\n if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;\n\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation magicLinkLogin($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'magicLinkLogin',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.magic_link_login);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n oauthLogin = async (\n oauthProvider: string,\n roles?: string[],\n redirect_uri?: string,\n state?: string,\n ): Promise<void> => {\n let urlState = state;\n if (!urlState) {\n urlState = encode(createRandomString());\n }\n\n const oauthProviderIds = Object.values(Types.OAuthProviders) as string[];\n if (!oauthProviderIds.includes(oauthProvider)) {\n throw new Error(\n `only following oauth providers are supported: ${oauthProviderIds.join(', ')}`,\n );\n }\n if (!hasWindow())\n throw new Error('oauthLogin is only supported for browsers');\n\n if (roles && roles.length) urlState += `&roles=${roles.join(',')}`;\n\n window.location.replace(\n `${this.config.authorizerURL}/oauth_login/${oauthProvider}?redirect_uri=${encodeURIComponent(\n redirect_uri || this.config.redirectURL || '',\n )}&state=${encodeURIComponent(urlState)}`,\n );\n };\n\n resendOtp = async (\n data: Types.ResendOtpRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation resendOtp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'resendOtp',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.resend_otp);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n resetPassword = async (\n data: Types.ResetPasswordRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const resetPasswordRes = await this.graphqlQuery({\n query:\n 'mutation resetPassword($data: ResetPasswordRequest!) {\treset_password(params: $data) { message } }',\n variables: {\n data,\n },\n operationName: 'resetPassword',\n });\n return resetPasswordRes?.errors?.length\n ? this.errorResponse(resetPasswordRes.errors)\n : this.okResponse(resetPasswordRes.data?.reset_password);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n revokeToken = async (data: { refresh_token: string }) => {\n if (!data.refresh_token?.trim())\n return this.errorResponse([new Error('Invalid refresh_token')]);\n\n try {\n const fetcher = getFetcher();\n const res = await fetcher(`${this.config.authorizerURL}/oauth/revoke`, {\n method: 'POST',\n headers: {\n ...this.config.extraHeaders,\n },\n body: JSON.stringify({\n refresh_token: data.refresh_token,\n client_id: this.config.clientID,\n }),\n });\n\n const text = await res.text();\n let responseData: Record<string, unknown> = {};\n if (text) {\n try {\n responseData = JSON.parse(text) as Record<string, unknown>;\n } catch {\n return this.errorResponse([\n new Error(\n res.ok\n ? 'Invalid JSON from revoke endpoint'\n : `HTTP ${res.status}`,\n ),\n ]);\n }\n }\n\n if (!res.ok) {\n const errBody = responseData as {\n error?: string;\n error_description?: string;\n };\n return this.errorResponse([\n new Error(\n String(\n errBody.error_description ||\n errBody.error ||\n `HTTP ${res.status}`,\n ),\n ),\n ]);\n }\n\n return this.okResponse(responseData);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n signup = async (\n data: Types.SignUpRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation signup($data: SignUpRequest!) { signup(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'signup',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.signup);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n updateProfile = async (\n data: Types.UpdateProfileRequest,\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const updateProfileRes = await this.graphqlQuery({\n query:\n 'mutation updateProfile($data: UpdateProfileRequest!) {\tupdate_profile(params: $data) { message } }',\n headers,\n variables: {\n data,\n },\n operationName: 'updateProfile',\n });\n\n return updateProfileRes?.errors?.length\n ? this.errorResponse(updateProfileRes.errors)\n : this.okResponse(updateProfileRes.data?.update_profile);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n deactivateAccount = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: 'mutation deactivateAccount { deactivate_account { message } }',\n headers,\n operationName: 'deactivateAccount',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.deactivate_account);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n validateJWTToken = async (\n params?: Types.ValidateJWTTokenRequest,\n ): Promise<Types.ApiResponse<Types.ValidateJWTTokenResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query:\n 'query validateJWTToken($params: ValidateJWTTokenRequest!){validate_jwt_token(params: $params) { is_valid claims } }',\n variables: {\n params,\n },\n operationName: 'validateJWTToken',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.validate_jwt_token);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n validateSession = async (\n params?: Types.ValidateSessionRequest,\n ): Promise<Types.ApiResponse<Types.ValidateSessionResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `query validateSession($params: ValidateSessionRequest){validate_session(params: $params) { is_valid user { ${userFragment} } } }`,\n variables: {\n params,\n },\n operationName: 'validateSession',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.validate_session);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n verifyEmail = async (\n data: Types.VerifyEmailRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation verifyEmail($data: VerifyEmailRequest!) { verify_email(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'verifyEmail',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.verify_email);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n resendVerifyEmail = async (\n data: Types.ResendVerifyEmailRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation resendVerifyEmail($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'resendVerifyEmail',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.resend_verify_email);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n verifyOtp = async (\n data: Types.VerifyOtpRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation verifyOtp($data: VerifyOTPRequest!) { verify_otp(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'verifyOtp',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.verify_otp);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n // helper to execute graphql queries\n // takes in any query or mutation string as value\n graphqlQuery = async (\n data: Types.GraphqlQueryRequest,\n ): Promise<Types.GrapQlResponseType> => {\n const fetcher = getFetcher();\n const body: Record<string, unknown> = {\n query: data.query,\n variables: data.variables || {},\n };\n if (data.operationName) {\n body.operationName = data.operationName;\n }\n const res = await fetcher(`${this.config.authorizerURL}/graphql`, {\n method: 'POST',\n body: JSON.stringify(body),\n headers: {\n ...this.config.extraHeaders,\n ...(data.headers || {}),\n },\n credentials: 'include',\n });\n\n const text = await res.text();\n let json: { data?: unknown; errors?: unknown[] } = {};\n if (text) {\n try {\n json = JSON.parse(text);\n } catch {\n return {\n data: undefined,\n errors: [\n new Error(\n res.ok\n ? 'Invalid JSON from GraphQL endpoint'\n : `HTTP ${res.status}`,\n ),\n ],\n };\n }\n } else if (!res.ok) {\n return {\n data: undefined,\n errors: [new Error(`HTTP ${res.status}`)],\n };\n }\n\n if (json?.errors?.length) {\n return { data: undefined, errors: toErrorList(json.errors) };\n }\n\n if (!res.ok) {\n return {\n data: undefined,\n errors: [new Error(`HTTP ${res.status}`)],\n };\n }\n\n return { data: json.data, errors: [] };\n };\n\n errorResponse = (errors: unknown): Types.ApiResponse<any> => {\n return {\n data: undefined,\n errors: toErrorList(errors),\n };\n };\n\n okResponse = (data: any): Types.ApiResponse<any> => {\n return {\n data,\n errors: [],\n };\n };\n}\n","export const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;\nexport const CLEANUP_IFRAME_TIMEOUT_IN_SECONDS = 2;\nexport const AUTHORIZE_IFRAME_TIMEOUT = 5;\n","export interface GrapQlResponseType {\n data: any | undefined;\n errors: Error[];\n}\nexport interface ApiResponse<T> {\n errors: Error[];\n data: T | undefined;\n}\n/**\n * SDK configuration. Requests use `credentials: 'include'`, so cookies for the\n * Authorizer instance are sent to `authorizerURL`. That URL must be the exact,\n * trusted origin of your Authorizer deployment (correct scheme, host, and port).\n * A mistaken or attacker-controlled URL can leak session credentials.\n */\nexport interface ConfigType {\n authorizerURL: string;\n redirectURL: string;\n clientID?: string;\n extraHeaders?: Record<string, string>;\n}\n\n// Pagination\nexport interface Pagination {\n limit: number;\n page: number;\n offset: number;\n total: number;\n}\n\n// Meta\nexport interface Meta {\n version: string;\n client_id: string;\n is_google_login_enabled: boolean;\n is_facebook_login_enabled: boolean;\n is_github_login_enabled: boolean;\n is_linkedin_login_enabled: boolean;\n is_apple_login_enabled: boolean;\n is_discord_login_enabled: boolean;\n is_twitter_login_enabled: boolean;\n is_microsoft_login_enabled: boolean;\n is_twitch_login_enabled: boolean;\n is_roblox_login_enabled: boolean;\n is_email_verification_enabled: boolean;\n is_basic_authentication_enabled: boolean;\n is_magic_link_login_enabled: boolean;\n is_sign_up_enabled: boolean;\n is_strong_password_enabled: boolean;\n is_multi_factor_auth_enabled: boolean;\n is_mobile_basic_authentication_enabled: boolean;\n is_phone_verification_enabled: boolean;\n}\n\n// User\nexport interface User {\n id: string;\n email: string | null;\n email_verified: boolean;\n signup_methods: string;\n given_name: string | null;\n family_name: string | null;\n middle_name: string | null;\n nickname: string | null;\n preferred_username: string | null;\n gender: string | null;\n birthdate: string | null;\n phone_number: string | null;\n phone_number_verified: boolean;\n picture: string | null;\n roles: string[];\n created_at: number | null;\n updated_at: number | null;\n revoked_timestamp: number | null;\n is_multi_factor_auth_enabled: boolean | null;\n app_data: Record<string, any> | null;\n}\n\n// Users\nexport interface Users {\n pagination: Pagination;\n users: User[];\n}\n\n// VerificationRequest\nexport interface VerificationRequest {\n id: string;\n identifier: string | null;\n token: string | null;\n email: string | null;\n expires: number | null;\n created_at: number | null;\n updated_at: number | null;\n nonce: string | null;\n redirect_uri: string | null;\n}\n\n// VerificationRequests\nexport interface VerificationRequests {\n pagination: Pagination;\n verification_requests: VerificationRequest[];\n}\n\n// AuthorizerError (GraphQL Error type - renamed to avoid conflict with native Error)\nexport interface AuthorizerError {\n message: string;\n reason: string;\n}\n\n// AuthResponse\nexport interface AuthResponse {\n message: string;\n should_show_email_otp_screen: boolean | null;\n should_show_mobile_otp_screen: boolean | null;\n should_show_totp_screen: boolean | null;\n access_token: string | null;\n id_token: string | null;\n refresh_token: string | null;\n expires_in: number | null;\n user: User | null;\n authenticator_scanner_image: string | null;\n authenticator_secret: string | null;\n authenticator_recovery_codes: string[] | null;\n}\n\n// Keep AuthToken as alias for backward compatibility\nexport type AuthToken = AuthResponse;\n\n// Response\nexport interface Response {\n message: string;\n}\n\n// Keep GenericResponse as alias for backward compatibility\nexport type GenericResponse = Response;\n\n// ForgotPasswordResponse\nexport interface ForgotPasswordResponse {\n message: string;\n should_show_mobile_otp_screen: boolean | null;\n}\n\n// InviteMembersResponse\nexport interface InviteMembersResponse {\n message: string;\n Users: User[];\n}\n\n// LoginRequest\nexport interface LoginRequest {\n email?: string | null;\n phone_number?: string | null;\n password: string;\n roles?: string[] | null;\n scope?: string[] | null;\n state?: string | null;\n}\n\n// SignUpRequest\nexport interface SignUpRequest {\n email?: string | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n picture?: string | null;\n password: string;\n confirm_password: string;\n roles?: string[] | null;\n scope?: string[] | null;\n redirect_uri?: string | null;\n is_multi_factor_auth_enabled?: boolean | null;\n state?: string | null;\n app_data?: Record<string, any> | null;\n}\n\n// Keep SignupRequest as alias for backward compatibility\nexport type SignupRequest = SignUpRequest;\n\n// MagicLinkLoginRequest\nexport interface MagicLinkLoginRequest {\n email: string;\n roles?: string[] | null;\n scope?: string[] | null;\n state?: string | null;\n redirect_uri?: string | null;\n}\n\n// VerifyEmailRequest\nexport interface VerifyEmailRequest {\n token: string;\n state?: string | null;\n}\n\n// ResendVerifyEmailRequest\nexport interface ResendVerifyEmailRequest {\n email: string;\n identifier: string;\n state?: string | null;\n}\n\n// VerifyOTPRequest\nexport interface VerifyOTPRequest {\n email?: string | null;\n phone_number?: string | null;\n otp: string;\n is_totp?: boolean | null;\n state?: string | null;\n}\n\n// Keep VerifyOtpRequest as alias for backward compatibility\nexport type VerifyOtpRequest = VerifyOTPRequest;\n\n// ResendOTPRequest\nexport interface ResendOTPRequest {\n email?: string | null;\n phone_number?: string | null;\n state?: string | null;\n}\n\n// Keep ResendOtpRequest as alias for backward compatibility\nexport type ResendOtpRequest = ResendOTPRequest;\n\n// UpdateProfileRequest\nexport interface UpdateProfileRequest {\n old_password?: string | null;\n new_password?: string | null;\n confirm_new_password?: string | null;\n email?: string | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n picture?: string | null;\n is_multi_factor_auth_enabled?: boolean | null;\n app_data?: Record<string, any> | null;\n}\n\n// UpdateUserRequest (admin only)\nexport interface UpdateUserRequest {\n id: string;\n email?: string | null;\n email_verified?: boolean | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n phone_number_verified?: boolean | null;\n picture?: string | null;\n roles?: string[] | null;\n is_multi_factor_auth_enabled?: boolean | null;\n app_data?: Record<string, any> | null;\n}\n\n// ForgotPasswordRequest\nexport interface ForgotPasswordRequest {\n email?: string | null;\n phone_number?: string | null;\n state?: string | null;\n redirect_uri?: string | null;\n}\n\n// ResetPasswordRequest\nexport interface ResetPasswordRequest {\n token?: string | null;\n otp?: string | null;\n phone_number?: string | null;\n password: string;\n confirm_password: string;\n}\n\n// Keep ResetPasswordInput as alias for backward compatibility\nexport type ResetPasswordInput = ResetPasswordRequest;\n\n// DeleteUserRequest (admin only)\nexport interface DeleteUserRequest {\n email: string;\n}\n\n// SessionQueryRequest\nexport interface SessionQueryRequest {\n roles?: string[] | null;\n scope?: string[] | null;\n}\n\n// Keep SessionQueryInput as alias for backward compatibility\nexport type SessionQueryInput = SessionQueryRequest;\n\n// ValidateJWTTokenRequest\nexport interface ValidateJWTTokenRequest {\n token_type: string;\n token: string;\n roles?: string[] | null;\n}\n\n// Keep ValidateJWTTokenInput as alias for backward compatibility\nexport type ValidateJWTTokenInput = ValidateJWTTokenRequest;\n\n// ValidateJWTTokenResponse\nexport interface ValidateJWTTokenResponse {\n is_valid: boolean;\n claims: Record<string, any>;\n}\n\n// ValidateSessionRequest\nexport interface ValidateSessionRequest {\n cookie: string;\n roles?: string[] | null;\n}\n\n// Keep ValidateSessionInput as alias for backward compatibility\nexport type ValidateSessionInput = ValidateSessionRequest;\n\n// ValidateSessionResponse\nexport interface ValidateSessionResponse {\n is_valid: boolean;\n user: User;\n}\n\n// OAuth types (not part of GraphQL schema, but used for OAuth flow)\nexport enum OAuthProviders {\n Apple = 'apple',\n Github = 'github',\n Google = 'google',\n Facebook = 'facebook',\n LinkedIn = 'linkedin',\n Twitter = 'twitter',\n Microsoft = 'microsoft',\n Twitch = 'twitch',\n Roblox = 'roblox',\n Discord = 'discord',\n}\n\nexport enum ResponseTypes {\n Code = 'code',\n Token = 'token',\n}\n\nexport interface AuthorizeRequest {\n response_type: ResponseTypes;\n use_refresh_token?: boolean;\n response_mode?: string;\n}\n\n// Keep AuthorizeInput as alias for backward compatibility\nexport type AuthorizeInput = AuthorizeRequest;\n\nexport interface AuthorizeResponse {\n state: string;\n code?: string;\n error?: string;\n error_description?: string;\n}\n\nexport interface RevokeTokenInput {\n refresh_token: string;\n}\n\nexport interface GetTokenRequest {\n code?: string;\n grant_type?: string;\n refresh_token?: string;\n}\n\n// Keep GetTokenInput as alias for backward compatibility\nexport type GetTokenInput = GetTokenRequest;\n\nexport interface GetTokenResponse {\n access_token: string;\n expires_in: number;\n id_token: string;\n refresh_token?: string;\n}\n\n// GraphQL query request\nexport type Headers = Record<string, string>;\n\nexport interface GraphqlQueryRequest {\n query: string;\n variables?: Record<string, any>;\n headers?: Headers;\n /** When set, sent as the GraphQL `operationName` field (helps servers identify the operation for logging and metrics). */\n operationName?: string;\n}\n\n// Deprecated types (for backward compatibility)\nexport interface IsValidJWTQueryInput {\n jwt: string;\n roles?: string[];\n}\n\nexport interface ValidJWTResponse {\n valid: string;\n message: string;\n}\n\n// Keep MetaDataResponse as alias for backward compatibility\nexport type MetaDataResponse = Meta;\n\n// Keep MetaData as alias for backward compatibility\nexport type MetaData = Meta;\n","import {\n CLEANUP_IFRAME_TIMEOUT_IN_SECONDS,\n DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n} from './constants';\nimport { AuthorizeResponse } from './types';\n\nexport const hasWindow = (): boolean => typeof window !== 'undefined';\n\nexport const trimURL = (url: string): string => {\n let trimmedData = url.trim();\n const lastChar = trimmedData[trimmedData.length - 1];\n if (lastChar === '/')\n trimmedData = trimmedData.slice(0, -1);\n\n return trimmedData;\n};\n\nexport const getCrypto = () => {\n // ie 11.x uses msCrypto\n return hasWindow()\n ? ((window.crypto || (window as any).msCrypto) as Crypto)\n : null;\n};\n\nexport const getCryptoSubtle = () => {\n const crypto = getCrypto();\n // safari 10.x uses webkitSubtle\n return (crypto && crypto.subtle) || (crypto as any).webkitSubtle;\n};\n\nexport const createRandomString = () => {\n const charset\n = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.';\n let random = '';\n const crypto = getCrypto();\n if (crypto) {\n const randomValues = Array.from(crypto.getRandomValues(new Uint8Array(43)));\n randomValues.forEach(v => (random += charset[v % charset.length]));\n }\n return random;\n};\n\nexport const encode = (value: string) =>\n hasWindow() ? btoa(value) : Buffer.from(value).toString('base64');\nexport const decode = (value: string) =>\n hasWindow() ? atob(value) : Buffer.from(value, 'base64').toString('ascii');\n\nexport const createQueryParams = (params: any) => {\n return Object.keys(params)\n .filter(k => typeof params[k] !== 'undefined')\n .map(k => `${encodeURIComponent(k)}=${encodeURIComponent(params[k])}`)\n .join('&');\n};\n\nexport const sha256 = async (s: string) => {\n const subtle = getCryptoSubtle();\n if (!subtle)\n throw new Error('Web Crypto API is not available');\n\n const digestOp: any = subtle.digest(\n { name: 'SHA-256' },\n new TextEncoder().encode(s),\n );\n\n // msCrypto (IE11) uses the old spec, which is not Promise based\n // https://msdn.microsoft.com/en-us/expression/dn904640(v=vs.71)\n if ((window as any).msCrypto) {\n return new Promise((resolve, reject) => {\n digestOp.oncomplete = (e: any) => {\n resolve(e.target.result);\n };\n\n digestOp.onerror = (e: ErrorEvent) => {\n reject(e.error);\n };\n\n digestOp.onabort = () => {\n reject(new Error('The digest operation was aborted'));\n };\n });\n }\n\n return await digestOp;\n};\n\nconst urlEncodeB64 = (input: string) => {\n const b64Chars: { [index: string]: string } = { '+': '-', '/': '_', '=': '' };\n return input.replace(/[+/=]/g, (m: string) => b64Chars[m]);\n};\n\n// https://stackoverflow.com/questions/30106476/\nconst decodeB64 = (input: string) =>\n decodeURIComponent(\n atob(input)\n .split('')\n .map((c) => {\n return `%${`00${c.charCodeAt(0).toString(16)}`.slice(-2)}`;\n })\n .join(''),\n );\n\nexport const urlDecodeB64 = (input: string) =>\n decodeB64(input.replace(/_/g, '/').replace(/-/g, '+'));\n\nexport const bufferToBase64UrlEncoded = (input: number[] | Uint8Array) => {\n const ie11SafeInput = new Uint8Array(input);\n return urlEncodeB64(\n window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))),\n );\n};\n\nconst originFromAuthorizerUrl = (authorizerUrl: string): string => {\n try {\n return new URL(authorizerUrl).origin;\n }\n catch {\n return authorizerUrl;\n }\n};\n\nexport const executeIframe = (\n authorizeUrl: string,\n eventOrigin: string,\n timeoutInSeconds: number = DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n) => {\n return new Promise<AuthorizeResponse>((resolve, reject) => {\n const expectedOrigin = originFromAuthorizerUrl(eventOrigin);\n const iframe = window.document.createElement('iframe');\n iframe.setAttribute('id', 'authorizer-iframe');\n iframe.setAttribute('width', '0');\n iframe.setAttribute('height', '0');\n iframe.style.display = 'none';\n const removeIframe = () => {\n if (window.document.body.contains(iframe)) {\n window.document.body.removeChild(iframe);\n window.removeEventListener('message', iframeEventHandler, false);\n }\n };\n\n const timeoutSetTimeoutId = setTimeout(() => {\n reject(new Error('Authorization timeout'));\n removeIframe();\n }, timeoutInSeconds * 1000);\n\n const iframeEventHandler: (e: MessageEvent) => void = function (e: MessageEvent) {\n if (e.origin !== expectedOrigin)\n return;\n if (!e.data || !e.data.response)\n return;\n\n const eventSource = e.source;\n\n if (eventSource)\n (eventSource as any).close();\n\n if (e.data.response.error)\n reject(e.data.response);\n else\n resolve(e.data.response);\n\n clearTimeout(timeoutSetTimeoutId);\n window.removeEventListener('message', iframeEventHandler, false);\n setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1000);\n };\n\n window.addEventListener('message', iframeEventHandler, false);\n window.document.body.appendChild(iframe);\n iframe.setAttribute('src', authorizeUrl);\n });\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;AACA,yBAAuB;;;ACDhB,IAAMA,uCAAuC;AAC7C,IAAMC,oCAAoC;;;ACuU1C,IAAKC,iBAAAA,0BAAAA,iBAAAA;;;;;;;;;;;SAAAA;;AAaL,IAAKC,gBAAAA,0BAAAA,gBAAAA;;;SAAAA;;;;AC/UL,IAAMC,YAAY,6BAAe,OAAOC,WAAW,aAAjC;AAElB,IAAMC,UAAU,wBAACC,QAAAA;AACtB,MAAIC,cAAcD,IAAIE,KAAI;AAC1B,QAAMC,WAAWF,YAAYA,YAAYG,SAAS,CAAA;AAClD,MAAID,aAAa,IACfF,eAAcA,YAAYI,MAAM,GAAG,EAAC;AAEtC,SAAOJ;AACT,GAPuB;AAShB,IAAMK,YAAY,6BAAA;AAEvB,SAAOT,UAAAA,IACDC,OAAOS,UAAWT,OAAeU,WACnC;AACN,GALyB;AAOlB,IAAMC,kBAAkB,6BAAA;AAC7B,QAAMF,SAASD,UAAAA;AAEf,SAAQC,UAAUA,OAAOG,UAAYH,OAAeI;AACtD,GAJ+B;AAMxB,IAAMC,qBAAqB,6BAAA;AAChC,QAAMC,UACF;AACJ,MAAIC,SAAS;AACb,QAAMP,SAASD,UAAAA;AACf,MAAIC,QAAQ;AACV,UAAMQ,eAAeC,MAAMC,KAAKV,OAAOW,gBAAgB,IAAIC,WAAW,EAAA,CAAA,CAAA;AACtEJ,iBAAaK,QAAQC,CAAAA,MAAMP,UAAUD,QAAQQ,IAAIR,QAAQT,MAAM,CAAC;EAClE;AACA,SAAOU;AACT,GAVkC;AAY3B,IAAMQ,SAAS,wBAACC,UACrB1B,UAAAA,IAAc2B,KAAKD,KAAAA,IAASE,OAAOR,KAAKM,KAAAA,EAAOG,SAAS,QAAA,GADpC;AAKf,IAAMC,oBAAoB,wBAACC,WAAAA;AAChC,SAAOC,OAAOC,KAAKF,MAAAA,EAChBG,OAAOC,CAAAA,MAAK,OAAOJ,OAAOI,CAAAA,MAAO,WAAA,EACjCC,IAAID,CAAAA,MAAK,GAAGE,mBAAmBF,CAAAA,CAAAA,IAAME,mBAAmBN,OAAOI,CAAAA,CAAE,CAAA,EAAG,EACpEG,KAAK,GAAA;AACV,GALiC;AAO1B,IAAMC,SAAS,8BAAOC,MAAAA;AAC3B,QAAMC,SAASC,gBAAAA;AACf,MAAI,CAACD,OACH,OAAM,IAAIE,MAAM,iCAAA;AAElB,QAAMC,WAAgBH,OAAOI,OAC3B;IAAEC,MAAM;EAAU,GAClB,IAAIC,YAAAA,EAAcC,OAAOR,CAAAA,CAAAA;AAK3B,MAAKS,OAAeC,UAAU;AAC5B,WAAO,IAAIC,QAAQ,CAACC,SAASC,WAAAA;AAC3BT,eAASU,aAAa,CAACC,MAAAA;AACrBH,gBAAQG,EAAEC,OAAOC,MAAM;MACzB;AAEAb,eAASc,UAAU,CAACH,MAAAA;AAClBF,eAAOE,EAAEI,KAAK;MAChB;AAEAf,eAASgB,UAAU,MAAA;AACjBP,eAAO,IAAIV,MAAM,kCAAA,CAAA;MACnB;IACF,CAAA;EACF;AAEA,SAAO,MAAMC;AACf,GA7BsB;AA+BtB,IAAMiB,eAAe,wBAACC,UAAAA;AACpB,QAAMC,WAAwC;IAAE,KAAK;IAAK,KAAK;IAAK,KAAK;EAAG;AAC5E,SAAOD,MAAME,QAAQ,UAAU,CAACC,MAAcF,SAASE,CAAAA,CAAE;AAC3D,GAHqB;AAmBd,IAAMC,2BAA2B,wBAACC,UAAAA;AACvC,QAAMC,gBAAgB,IAAIC,WAAWF,KAAAA;AACrC,SAAOG,aACLC,OAAOC,KAAKC,OAAOC,aAAY,GAAIC,MAAMC,KAAKR,aAAAA,CAAAA,CAAAA,CAAAA;AAElD,GALwC;AAOxC,IAAMS,0BAA0B,wBAACC,kBAAAA;AAC/B,MAAI;AACF,WAAO,IAAIC,IAAID,aAAAA,EAAeE;EAChC,QACM;AACJ,WAAOF;EACT;AACF,GAPgC;AASzB,IAAMG,gBAAgB,wBAC3BC,cACAC,aACAC,mBAA2BC,yCAAoC;AAE/D,SAAO,IAAIC,QAA2B,CAACC,SAASC,WAAAA;AAC9C,UAAMC,iBAAiBZ,wBAAwBM,WAAAA;AAC/C,UAAMO,SAASnB,OAAOoB,SAASC,cAAc,QAAA;AAC7CF,WAAOG,aAAa,MAAM,mBAAA;AAC1BH,WAAOG,aAAa,SAAS,GAAA;AAC7BH,WAAOG,aAAa,UAAU,GAAA;AAC9BH,WAAOI,MAAMC,UAAU;AACvB,UAAMC,eAAe,6BAAA;AACnB,UAAIzB,OAAOoB,SAASM,KAAKC,SAASR,MAAAA,GAAS;AACzCnB,eAAOoB,SAASM,KAAKE,YAAYT,MAAAA;AACjCnB,eAAO6B,oBAAoB,WAAWC,oBAAoB,KAAA;MAC5D;IACF,GALqB;AAOrB,UAAMC,sBAAsBC,WAAW,MAAA;AACrCf,aAAO,IAAIgB,MAAM,uBAAA,CAAA;AACjBR,mBAAAA;IACF,GAAGZ,mBAAmB,GAAA;AAEtB,UAAMiB,qBAAgD,gCAAUI,GAAe;AAC7E,UAAIA,EAAEzB,WAAWS,eACf;AACF,UAAI,CAACgB,EAAEC,QAAQ,CAACD,EAAEC,KAAKC,SACrB;AAEF,YAAMC,cAAcH,EAAEI;AAEtB,UAAID,YACDA,aAAoBE,MAAK;AAE5B,UAAIL,EAAEC,KAAKC,SAASI,MAClBvB,QAAOiB,EAAEC,KAAKC,QAAQ;UAEtBpB,SAAQkB,EAAEC,KAAKC,QAAQ;AAEzBK,mBAAaV,mBAAAA;AACb/B,aAAO6B,oBAAoB,WAAWC,oBAAoB,KAAA;AAC1DE,iBAAWP,cAAciB,oCAAoC,GAAA;IAC/D,GAnBsD;AAqBtD1C,WAAO2C,iBAAiB,WAAWb,oBAAoB,KAAA;AACvD9B,WAAOoB,SAASM,KAAKkB,YAAYzB,MAAAA;AACjCA,WAAOG,aAAa,OAAOX,YAAAA;EAC7B,CAAA;AACF,GAjD6B;;;AHxG7B,IAAMkC,eACJ;AACF,IAAMC,oBAAoB,kOAAkOD,YAAAA;AAG5P,IAAME,aAAa,6BAAOC,UAAAA,IAAcC,OAAOC,QAAQC,mBAAAA,SAApC;AAEnB,SAASC,YAAYC,QAAe;AAClC,MAAIC,MAAMC,QAAQF,MAAAA,GAAS;AACzB,WAAOA,OAAOG,IAAI,CAACC,SAAAA;AACjB,UAAIA,gBAAgBC,MAAO,QAAOD;AAClC,UAAIA,QAAQ,OAAOA,SAAS,YAAY,aAAaA,KACnD,QAAO,IAAIC,MAAMC,OAAQF,KAA8BG,OAAO,CAAA;AAChE,aAAO,IAAIF,MAAMC,OAAOF,IAAAA,CAAAA;IAC1B,CAAA;EACF;AACA,MAAIJ,kBAAkBK,MAAO,QAAO;IAACL;;AACrC,MAAIA,WAAW,QAAQ,OAAOA,WAAW,UAAU;AACjD,UAAMQ,IAAIR;AACV,QAAI,OAAOQ,EAAEC,sBAAsB,SACjC,QAAO;MAAC,IAAIJ,MAAMG,EAAEC,iBAAiB;;AACvC,QAAI,OAAOD,EAAEE,UAAU,UAAU;AAC/B,YAAMC,OACJ,OAAOH,EAAEC,sBAAsB,WAC3B,KAAKD,EAAEC,iBAAiB,KACxB;AACN,aAAO;QAAC,IAAIJ,MAAM,GAAGG,EAAEE,KAAK,GAAGC,IAAAA,EAAM;;IACvC;AACA,QAAI,OAAOH,EAAED,YAAY,SAAU,QAAO;MAAC,IAAIF,MAAMG,EAAED,OAAO;;EAChE;AACA,MAAIP,WAAWY,UAAaZ,WAAW,KACrC,QAAO;IAAC,IAAIK,MAAM,eAAA;;AACpB,SAAO;IAAC,IAAIA,MAAMC,OAAON,MAAAA,CAAAA;;AAC3B;AA1BSD;AAkCF,IAAMc,cAAN,MAAMA,YAAAA;;EAEXC;EACAC;;EAGA,YAAYD,QAA0B;AA/DxC;AAgEI,QAAI,CAACA,OAAQ,OAAM,IAAIT,MAAM,2BAAA;AAE7B,SAAKS,SAASA;AACd,QAAI,GAACA,YAAOE,kBAAPF,mBAAsBG,QAAQ,OAAM,IAAIZ,MAAM,uBAAA;AAEnD,SAAKS,OAAOE,gBAAgBE,QAAQJ,OAAOE,aAAa;AAExD,QAAI,GAACF,YAAOK,gBAAPL,mBAAoBG,QAAQ,OAAM,IAAIZ,MAAM,qBAAA;AACjD,SAAKS,OAAOK,cAAcD,QAAQJ,OAAOK,WAAW;AACpD,SAAKL,OAAOM,aAAYN,iCAAQM,aAAY,IAAIH,KAAI;AAEpD,SAAKH,OAAOO,eAAe;MACzB,GAAIP,OAAOO,gBAAgB,CAAC;MAC5B,oBAAoBP,OAAOE;MAC3B,0BAA0BF,OAAOM,YAAY;MAC7C,gBAAgB;IAClB;EACF;EAEAE,YAAY,8BACVC,SAAAA;AApFJ;AAyFI,QAAI,CAAC5B,UAAAA,EACH,QAAO,KAAK6B,cAAc;MACxB,IAAInB,MAAM,2CAAA;KACX;AAEH,UAAMoB,SAAS;MAAC;MAAU;MAAW;;AACrC,QAAIF,KAAKG,kBAAmBD,QAAOE,KAAK,gBAAA;AAExC,UAAMC,cAAsC;MAC1CC,cAAc,KAAKf,OAAOK;MAC1BW,eAAeP,KAAKO,iBAAiB;MACrCC,OAAOC,OAAOC,mBAAAA,CAAAA;MACdC,OAAOF,OAAOC,mBAAAA,CAAAA;MACdE,eAAeZ,KAAKY;MACpBC,OAAOX,OAAOY,KAAK,GAAA;MACnBC,aAAW,UAAKxB,WAAL,mBAAaM,aAAY;IACtC;AAEA,QAAIG,KAAKY,kBAAwBI,cAAcC,MAAM;AACnD,WAAKzB,eAAekB,mBAAAA;AACpB,YAAMQ,MAAM,MAAMC,OAAO,KAAK3B,YAAY;AAC1C,YAAM4B,gBAAgBC,yBAAyBH,GAAAA;AAC/Cb,kBAAYiB,iBAAiBF;AAC7Bf,kBAAYkB,wBAAwB;IACtC;AAEA,UAAMC,eAAe,GACnB,KAAKjC,OAAOE,aAAa,cACbgC,kBAAkBpB,WAAAA,CAAAA;AAEhC,QAAIA,YAAYE,kBAAkB,eAAe;AAC/ClC,aAAOqD,SAASC,QAAQH,YAAAA;AACxB,aAAO,KAAKI,WAAWvC,MAAAA;IACzB;AAEA,QAAI;AACF,YAAMwC,YAAY,MAAMC,cACtBN,cACA,KAAKjC,OAAOE,eACZsC,oCAAAA;AAGF,UAAI/B,KAAKY,kBAAwBI,cAAcC,MAAM;AAEnD,cAAMe,YACJ,MAAM,KAAKC,SAAS;UAClBC,MAAML,UAAUK;QAClB,CAAA;AACF,eAAOF,UAAUvD,OAAO0D,SACpB,KAAKlC,cAAc+B,UAAUvD,MAAM,IACnC,KAAKmD,WAAWI,UAAUhC,IAAI;MACpC;AAGA,aAAO,KAAK4B,WAAWC,SAAAA;IACzB,SAASO,KAAK;AACZ,UAAIA,IAAIjD,OAAO;AACbd,eAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,cAAcgB,OACxC4B,KAAKC,UAAU;UACbzC,UAAU,KAAKN,OAAOM;UACtBD,aAAa,KAAKL,OAAOK;UACzBH,eAAe,KAAKF,OAAOE;QAC7B,CAAA,CAAA,CAAA,iBACgB8C,mBAAmB,KAAKhD,OAAOK,eAAe,EAAA,CAAA,EAAK;MAEzE;AAEA,aAAO,KAAKK,cAAcmC,GAAAA;IAC5B;EACF,GA5EY;EA8EZI,eAAe,mCAAA;AACb,QAAI;AACF,YAAMR,YACJ,MAAM,KAAKS,WAAU;AACvB,aAAOT,UAAUvD,OAAO0D,SACpB,KAAKlC,cAAc+B,UAAUvD,MAAM,IACnC,KAAKmD,WAAWI,UAAUhC,IAAI;IACpC,SAASoC,KAAK;AACZ,UAAI,CAAChE,UAAAA,GAAa;AAChB,eAAO;UACL4B,MAAMX;UACNZ,QAAQ;YAAC,IAAIK,MAAM,6CAAA;;QACrB;MACF;AAEAT,aAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,cAAcgB,OACxC4B,KAAKC,UAAU;QACbzC,UAAU,KAAKN,OAAOM;QACtBD,aAAa,KAAKL,OAAOK;QACzBH,eAAe,KAAKF,OAAOE;MAC7B,CAAA,CAAA,CAAA,iBACgB8C,mBAAmB,KAAKhD,OAAOK,eAAe,EAAA,CAAA,EAAK;AAEvE,aAAO,KAAKK,cAAcmC,GAAAA;IAC5B;EACF,GA1Be;EA4BfM,iBAAiB,8BACf1C,SAAAA;AA9LJ;AAgMI,QAAI,CAACA,KAAKQ,MAAOR,MAAKQ,QAAQC,OAAOC,mBAAAA,CAAAA;AAErC,QAAI,CAACV,KAAKM,aAAcN,MAAKM,eAAe,KAAKf,OAAOK;AAExD,QAAI;AACF,YAAM+C,qBAAqB,MAAM,KAAKC,aAAa;QACjDC,OACE;QACFC,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AACA,eAAOJ,8DAAoBlE,WAApBkE,mBAA4BR,UAC/B,KAAKlC,cAAc0C,mBAAmBlE,MAAM,IAC5C,KAAKmD,YAAWe,8DAAoB3C,SAApB2C,mBAA0BK,eAAAA;IAChD,SAAS7D,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAtBiB;EAwBjB8D,cAAc,mCAAA;AArNhB;AAsNI,QAAI;AACF,YAAMC,MAAM,MAAM,KAAKN,aAAa;QAClCC,OACE;QACFE,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,WAAWsB,IAAIlD,KAAKmD,IAAI;IACnC,SAAShE,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAdc;EAgBdiE,aAAa,8BACXC,YAAAA;AAtOJ;AAwOI,QAAI;AACF,YAAMC,aAAa,MAAM,KAAKV,aAAa;QACzCC,OAAO,6BAA6B5E,YAAAA;QACpCoF;QACAN,eAAe;MACjB,CAAA;AAEA,eAAOO,8CAAY7E,WAAZ6E,mBAAoBnB,UACvB,KAAKlC,cAAcqD,WAAW7E,MAAM,IACpC,KAAKmD,WAAW0B,WAAWtD,KAAKuD,OAAO;IAC7C,SAASpE,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAhBa;;EAmBbsD,aAAa,8BACXY,SACAG,WAAAA;AA1PJ;AA4PI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO,6EAA6E3E,iBAAAA;QACpFmF;QACAP,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUO,OAAAA;IAChC,SAASrB,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GAnBa;EAqBbH,WAAW,8BACTjC,SAAAA;AA9QJ;AAgRI,QAAI,CAACA,KAAK0D,WAAY1D,MAAK0D,aAAa;AAExC,QAAI1D,KAAK0D,eAAe,mBAAmB,GAAC1D,UAAK2D,kBAAL3D,mBAAoBN,QAC9D,QAAO,KAAKO,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,QAAIkB,KAAK0D,eAAe,wBAAwB,CAAC,KAAKlE,aACpD,QAAO,KAAKS,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,UAAMuB,cAAc;MAClBU,WAAW,KAAKxB,OAAOM;MACvBqC,MAAMlC,KAAKkC,QAAQ;MACnB0B,eAAe,KAAKpE,gBAAgB;MACpCkE,YAAY1D,KAAK0D,cAAc;MAC/BC,eAAe3D,KAAK2D,iBAAiB;IACvC;AAEA,QAAI;AACF,YAAME,UAAU1F,WAAAA;AAChB,YAAM+E,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,gBAAgB;QACpEqE,QAAQ;QACRC,MAAM1B,KAAKC,UAAUjC,WAAAA;QACrBgD,SAAS;UACP,GAAG,KAAK9D,OAAOO;QACjB;QACAkE,aAAa;MACf,CAAA;AAEA,YAAMC,OAAO,MAAMf,IAAIe,KAAI;AAC3B,UAAIC,OAG0B,CAAC;AAC/B,UAAID,MAAM;AACR,YAAI;AACFC,iBAAO7B,KAAK8B,MAAMF,IAAAA;QACpB,QAAQ;AACN,iBAAO,KAAKhE,cAAc;YACxB,IAAInB,MACFoE,IAAIkB,KACA,qCACA,QAAQlB,IAAImB,MAAM,EAAE;WAE3B;QACH;MACF;AACA,UAAI,CAACnB,IAAIkB,IAAI;AACX,eAAO,KAAKnE,cAAc;UACxB,IAAInB,MACFC,OACEmF,KAAKhF,qBAAqBgF,KAAK/E,SAAS,QAAQ+D,IAAImB,MAAM,EAAE,CAAA;SAGjE;MACH;AAEA,aAAO,KAAKzC,WAAWsC,IAAAA;IACzB,SAAS9B,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GA9DW;EAgEXkC,QAAQ,8BACNtE,SAAAA;AA9UJ;AAgVI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;qEACsD3E,iBAAAA;;QAE7D4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUoB,KAAAA;IAChC,SAASlC,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GAlBQ;EAoBRmC,SAAS,8BACPlB,YAAAA;AAlWJ;AAoWI,QAAI;AACF,YAAMH,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;QACPQ;QACAN,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUqB,MAAAA;IAChC,SAASnC,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAfS;EAiBToC,iBAAiB,8BACfxE,SAAAA;AAnXJ;AAqXI,QAAI;AACF,UAAI,CAACA,KAAKQ,MAAOR,MAAKQ,QAAQC,OAAOC,mBAAAA,CAAAA;AAErC,UAAI,CAACV,KAAKM,aAAcN,MAAKM,eAAe,KAAKf,OAAOK;AAExD,YAAMsD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUuB,gBAAAA;IAChC,SAASrC,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAtBiB;EAwBjBsC,aAAa,8BACXC,eACAC,OACAtE,cACAE,UAAAA;AAEA,QAAIqE,WAAWrE;AACf,QAAI,CAACqE,UAAU;AACbA,iBAAWpE,OAAOC,mBAAAA,CAAAA;IACpB;AAEA,UAAMoE,mBAAmBC,OAAOC,OAAaC,cAAc;AAC3D,QAAI,CAACH,iBAAiBI,SAASP,aAAAA,GAAgB;AAC7C,YAAM,IAAI7F,MACR,iDAAiDgG,iBAAiBhE,KAAK,IAAA,CAAA,EAAO;IAElF;AACA,QAAI,CAAC1C,UAAAA,EACH,OAAM,IAAIU,MAAM,2CAAA;AAElB,QAAI8F,SAASA,MAAMzC,OAAQ0C,aAAY,UAAUD,MAAM9D,KAAK,GAAA,CAAA;AAE5DzC,WAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,gBAAgBkF,aAAAA,iBAA8BpC,mBACxEjC,gBAAgB,KAAKf,OAAOK,eAAe,EAAA,CAAA,UAClC2C,mBAAmBsC,QAAAA,CAAAA,EAAW;EAE7C,GA3Ba;EA6BbM,YAAY,8BACVnF,SAAAA;AAxaJ;AA0aI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUkC,UAAAA;IAChC,SAAShD,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBY;EAoBZiD,gBAAgB,8BACdrF,SAAAA;AA5bJ;AA8bI,QAAI;AACF,YAAMsF,mBAAmB,MAAM,KAAK1C,aAAa;QAC/CC,OACE;QACFC,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AACA,eAAOuC,0DAAkB7G,WAAlB6G,mBAA0BnD,UAC7B,KAAKlC,cAAcqF,iBAAiB7G,MAAM,IAC1C,KAAKmD,YAAW0D,sBAAiBtF,SAAjBsF,mBAAuBC,cAAAA;IAC7C,SAASpG,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAlBgB;EAoBhBqG,cAAc,8BAAOxF,SAAAA;AA/cvB;AAgdI,QAAI,GAACA,UAAK2D,kBAAL3D,mBAAoBN,QACvB,QAAO,KAAKO,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,QAAI;AACF,YAAM+E,UAAU1F,WAAAA;AAChB,YAAM+E,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,iBAAiB;QACrEqE,QAAQ;QACRT,SAAS;UACP,GAAG,KAAK9D,OAAOO;QACjB;QACAiE,MAAM1B,KAAKC,UAAU;UACnBqB,eAAe3D,KAAK2D;UACpB5C,WAAW,KAAKxB,OAAOM;QACzB,CAAA;MACF,CAAA;AAEA,YAAMoE,OAAO,MAAMf,IAAIe,KAAI;AAC3B,UAAIwB,eAAwC,CAAC;AAC7C,UAAIxB,MAAM;AACR,YAAI;AACFwB,yBAAepD,KAAK8B,MAAMF,IAAAA;QAC5B,QAAQ;AACN,iBAAO,KAAKhE,cAAc;YACxB,IAAInB,MACFoE,IAAIkB,KACA,sCACA,QAAQlB,IAAImB,MAAM,EAAE;WAE3B;QACH;MACF;AAEA,UAAI,CAACnB,IAAIkB,IAAI;AACX,cAAMsB,UAAUD;AAIhB,eAAO,KAAKxF,cAAc;UACxB,IAAInB,MACFC,OACE2G,QAAQxG,qBACNwG,QAAQvG,SACR,QAAQ+D,IAAImB,MAAM,EAAE,CAAA;SAG3B;MACH;AAEA,aAAO,KAAKzC,WAAW6D,YAAAA;IACzB,SAASrD,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GArDc;EAuDduD,SAAS,8BACP3F,SAAAA;AAvgBJ;AAygBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;wEACyD3E,iBAAAA;;QAEhE4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUyC,MAAAA;IAChC,SAASvD,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBS;EAoBTwD,gBAAgB,8BACd5F,MACAqD,YAAAA;AA5hBJ;AA8hBI,QAAI;AACF,YAAMwC,mBAAmB,MAAM,KAAKjD,aAAa;QAC/CC,OACE;QACFQ;QACAP,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AAEA,eAAO8C,0DAAkBpH,WAAlBoH,mBAA0B1D,UAC7B,KAAKlC,cAAc4F,iBAAiBpH,MAAM,IAC1C,KAAKmD,YAAWiE,sBAAiB7F,SAAjB6F,mBAAuBC,cAAAA;IAC7C,SAAS3G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GArBgB;EAuBhB4G,oBAAoB,8BAClB1C,YAAAA;AAljBJ;AAojBI,QAAI;AACF,YAAMH,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;QACPQ;QACAN,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAU8C,kBAAAA;IAChC,SAAS7G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAfoB;EAiBpB8G,mBAAmB,8BACjBzC,WAAAA;AAnkBJ;AAqkBI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OACE;QACFC,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUgD,kBAAAA;IAChC,SAAS/G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAnBmB;EAqBnBgH,kBAAkB,8BAChB3C,WAAAA;AAxlBJ;AA0lBI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO,8GAA8G5E,YAAAA;QACrH6E,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUkD,gBAAAA;IAChC,SAASjH,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAlBkB;EAoBlBkH,cAAc,8BACZrG,SAAAA;AA5mBJ;AA8mBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;wFACyE3E,iBAAAA;;QAEhF4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUoD,YAAAA;IAChC,SAASlE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBc;EAoBdmE,oBAAoB,8BAClBvG,SAAAA;AAhoBJ;AAkoBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUsD,mBAAAA;IAChC,SAASpE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBoB;EAoBpBqE,YAAY,8BACVzG,SAAAA;AAppBJ;AAspBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;kFACmE3E,iBAAAA;;QAE1E4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUwD,UAAAA;IAChC,SAAStE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBY;;;EAsBZQ,eAAe,8BACb5C,SAAAA;AA1qBJ;AA4qBI,UAAM6D,UAAU1F,WAAAA;AAChB,UAAM4F,OAAgC;MACpClB,OAAO7C,KAAK6C;MACZC,WAAW9C,KAAK8C,aAAa,CAAC;IAChC;AACA,QAAI9C,KAAK+C,eAAe;AACtBgB,WAAKhB,gBAAgB/C,KAAK+C;IAC5B;AACA,UAAMG,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,YAAY;MAChEqE,QAAQ;MACRC,MAAM1B,KAAKC,UAAUyB,IAAAA;MACrBV,SAAS;QACP,GAAG,KAAK9D,OAAOO;QACf,GAAIE,KAAKqD,WAAW,CAAC;MACvB;MACAW,aAAa;IACf,CAAA;AAEA,UAAMC,OAAO,MAAMf,IAAIe,KAAI;AAC3B,QAAIC,OAA+C,CAAC;AACpD,QAAID,MAAM;AACR,UAAI;AACFC,eAAO7B,KAAK8B,MAAMF,IAAAA;MACpB,QAAQ;AACN,eAAO;UACLjE,MAAMX;UACNZ,QAAQ;YACN,IAAIK,MACFoE,IAAIkB,KACA,uCACA,QAAQlB,IAAImB,MAAM,EAAE;;QAG9B;MACF;IACF,WAAW,CAACnB,IAAIkB,IAAI;AAClB,aAAO;QACLpE,MAAMX;QACNZ,QAAQ;UAAC,IAAIK,MAAM,QAAQoE,IAAImB,MAAM,EAAE;;MACzC;IACF;AAEA,SAAIH,kCAAMzF,WAANyF,mBAAc/B,QAAQ;AACxB,aAAO;QAAEnC,MAAMX;QAAWZ,QAAQD,YAAY0F,KAAKzF,MAAM;MAAE;IAC7D;AAEA,QAAI,CAACyE,IAAIkB,IAAI;AACX,aAAO;QACLpE,MAAMX;QACNZ,QAAQ;UAAC,IAAIK,MAAM,QAAQoE,IAAImB,MAAM,EAAE;;MACzC;IACF;AAEA,WAAO;MAAErE,MAAMkE,KAAKlE;MAAMvB,QAAQ,CAAA;IAAG;EACvC,GAzDe;EA2DfwB,gBAAgB,wBAACxB,WAAAA;AACf,WAAO;MACLuB,MAAMX;MACNZ,QAAQD,YAAYC,MAAAA;IACtB;EACF,GALgB;EAOhBmD,aAAa,wBAAC5B,SAAAA;AACZ,WAAO;MACLA;MACAvB,QAAQ,CAAA;IACV;EACF,GALa;AAMf;AAxrBaa;AAAN,IAAMA,aAAN;","names":["DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","CLEANUP_IFRAME_TIMEOUT_IN_SECONDS","OAuthProviders","ResponseTypes","hasWindow","window","trimURL","url","trimmedData","trim","lastChar","length","slice","getCrypto","crypto","msCrypto","getCryptoSubtle","subtle","webkitSubtle","createRandomString","charset","random","randomValues","Array","from","getRandomValues","Uint8Array","forEach","v","encode","value","btoa","Buffer","toString","createQueryParams","params","Object","keys","filter","k","map","encodeURIComponent","join","sha256","s","subtle","getCryptoSubtle","Error","digestOp","digest","name","TextEncoder","encode","window","msCrypto","Promise","resolve","reject","oncomplete","e","target","result","onerror","error","onabort","urlEncodeB64","input","b64Chars","replace","m","bufferToBase64UrlEncoded","input","ie11SafeInput","Uint8Array","urlEncodeB64","window","btoa","String","fromCharCode","Array","from","originFromAuthorizerUrl","authorizerUrl","URL","origin","executeIframe","authorizeUrl","eventOrigin","timeoutInSeconds","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","Promise","resolve","reject","expectedOrigin","iframe","document","createElement","setAttribute","style","display","removeIframe","body","contains","removeChild","removeEventListener","iframeEventHandler","timeoutSetTimeoutId","setTimeout","Error","e","data","response","eventSource","source","close","error","clearTimeout","CLEANUP_IFRAME_TIMEOUT_IN_SECONDS","addEventListener","appendChild","userFragment","authTokenFragment","getFetcher","hasWindow","window","fetch","crossFetch","toErrorList","errors","Array","isArray","map","item","Error","String","message","o","error_description","error","desc","undefined","Authorizer","config","codeVerifier","authorizerURL","trim","trimURL","redirectURL","clientID","extraHeaders","authorize","data","errorResponse","scopes","use_refresh_token","push","requestData","redirect_uri","response_mode","state","encode","createRandomString","nonce","response_type","scope","join","client_id","ResponseTypes","Code","sha","sha256","codeChallenge","bufferToBase64UrlEncoded","code_challenge","code_challenge_method","authorizeURL","createQueryParams","location","replace","okResponse","iframeRes","executeIframe","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","tokenResp","getToken","code","length","err","JSON","stringify","encodeURIComponent","browserLogin","getSession","forgotPassword","forgotPasswordResp","graphqlQuery","query","variables","operationName","forgot_password","getMetaData","res","meta","getProfile","headers","profileRes","profile","params","session","grant_type","refresh_token","code_verifier","fetcher","method","body","credentials","text","json","parse","ok","status","login","logout","magicLinkLogin","magic_link_login","oauthLogin","oauthProvider","roles","urlState","oauthProviderIds","Object","values","OAuthProviders","includes","resendOtp","resend_otp","resetPassword","resetPasswordRes","reset_password","revokeToken","responseData","errBody","signup","updateProfile","updateProfileRes","update_profile","deactivateAccount","deactivate_account","validateJWTToken","validate_jwt_token","validateSession","validate_session","verifyEmail","verify_email","resendVerifyEmail","resend_verify_email","verifyOtp","verify_otp"]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/constants.ts","../src/types.ts","../src/utils.ts"],"sourcesContent":["// Note: write gql query in single line to reduce bundle size\nimport crossFetch from 'cross-fetch';\nimport { DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS } from './constants';\nimport * as Types from './types';\nimport {\n bufferToBase64UrlEncoded,\n createQueryParams,\n createRandomString,\n encode,\n executeIframe,\n hasWindow,\n sha256,\n trimURL,\n} from './utils';\n\n// re-usable gql response fragment\nconst userFragment =\n 'id email email_verified given_name family_name middle_name nickname preferred_username picture signup_methods gender birthdate phone_number phone_number_verified roles created_at updated_at revoked_timestamp is_multi_factor_auth_enabled app_data';\nconst authTokenFragment = `message access_token expires_in refresh_token id_token should_show_email_otp_screen should_show_mobile_otp_screen should_show_totp_screen authenticator_scanner_image authenticator_secret authenticator_recovery_codes user { ${userFragment} }`;\n\n// set fetch based on window object. Cross fetch have issues with umd build\nconst getFetcher = () => (hasWindow() ? window.fetch : crossFetch);\n\nfunction toErrorList(errors: unknown): Error[] {\n if (Array.isArray(errors)) {\n return errors.map((item) => {\n if (item instanceof Error) return item;\n if (item && typeof item === 'object' && 'message' in item)\n return new Error(String((item as { message: unknown }).message));\n return new Error(String(item));\n });\n }\n if (errors instanceof Error) return [errors];\n if (errors !== null && typeof errors === 'object') {\n const o = errors as Record<string, unknown>;\n if (typeof o.error_description === 'string')\n return [new Error(o.error_description)];\n if (typeof o.error === 'string') {\n const desc =\n typeof o.error_description === 'string'\n ? `: ${o.error_description}`\n : '';\n return [new Error(`${o.error}${desc}`)];\n }\n if (typeof o.message === 'string') return [new Error(o.message)];\n }\n if (errors === undefined || errors === null)\n return [new Error('Unknown error')];\n return [new Error(String(errors))];\n}\n\nexport * from './types';\n\n/**\n * Client for the Authorizer API. All network calls go to `config.authorizerURL`\n * with cookies included where the runtime allows; only configure URLs you trust.\n */\nexport class Authorizer {\n // class variable\n config: Types.ConfigType;\n codeVerifier: string;\n\n // constructor\n constructor(config: Types.ConfigType) {\n if (!config) throw new Error('Configuration is required');\n\n this.config = config;\n if (!config.authorizerURL?.trim()) throw new Error('Invalid authorizerURL');\n\n this.config.authorizerURL = trimURL(config.authorizerURL);\n\n if (!config.redirectURL?.trim()) throw new Error('Invalid redirectURL');\n this.config.redirectURL = trimURL(config.redirectURL);\n this.config.clientID = (config?.clientID || '').trim();\n\n this.config.extraHeaders = {\n ...(config.extraHeaders || {}),\n 'x-authorizer-url': config.authorizerURL,\n 'x-authorizer-client-id': config.clientID || '',\n 'Content-Type': 'application/json',\n };\n }\n\n authorize = async (\n data: Types.AuthorizeRequest,\n ): Promise<\n | Types.ApiResponse<Types.GetTokenResponse>\n | Types.ApiResponse<Types.AuthorizeResponse>\n > => {\n if (!hasWindow())\n return this.errorResponse([\n new Error('this feature is only supported in browser'),\n ]);\n\n const scopes = ['openid', 'profile', 'email'];\n if (data.use_refresh_token) scopes.push('offline_access');\n\n const requestData: Record<string, string> = {\n redirect_uri: this.config.redirectURL,\n response_mode: data.response_mode || 'web_message',\n state: encode(createRandomString()),\n nonce: encode(createRandomString()),\n response_type: data.response_type,\n scope: scopes.join(' '),\n client_id: this.config?.clientID || '',\n };\n\n if (data.response_type === Types.ResponseTypes.Code) {\n this.codeVerifier = createRandomString();\n const sha = await sha256(this.codeVerifier);\n const codeChallenge = bufferToBase64UrlEncoded(sha);\n requestData.code_challenge = codeChallenge;\n requestData.code_challenge_method = 'S256';\n }\n\n const authorizeURL = `${\n this.config.authorizerURL\n }/authorize?${createQueryParams(requestData)}`;\n\n if (requestData.response_mode !== 'web_message') {\n window.location.replace(authorizeURL);\n return this.okResponse(undefined);\n }\n\n try {\n const iframeRes = await executeIframe(\n authorizeURL,\n this.config.authorizerURL,\n DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n );\n\n if (data.response_type === Types.ResponseTypes.Code) {\n // get token and return it\n const tokenResp: Types.ApiResponse<Types.GetTokenResponse> =\n await this.getToken({\n code: iframeRes.code,\n });\n return tokenResp.errors.length\n ? this.errorResponse(tokenResp.errors)\n : this.okResponse(tokenResp.data);\n }\n\n // this includes access_token, id_token & refresh_token(optionally)\n return this.okResponse(iframeRes);\n } catch (err) {\n if (err.error) {\n window.location.replace(\n `${this.config.authorizerURL}/app?state=${encode(\n JSON.stringify({\n clientID: this.config.clientID,\n redirectURL: this.config.redirectURL,\n authorizerURL: this.config.authorizerURL,\n }),\n )}&redirect_uri=${encodeURIComponent(this.config.redirectURL || '')}`,\n );\n }\n\n return this.errorResponse(err);\n }\n };\n\n browserLogin = async (): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const tokenResp: Types.ApiResponse<Types.AuthToken> =\n await this.getSession();\n return tokenResp.errors.length\n ? this.errorResponse(tokenResp.errors)\n : this.okResponse(tokenResp.data);\n } catch (err) {\n if (!hasWindow()) {\n return {\n data: undefined,\n errors: [new Error('browserLogin is only supported for browsers')],\n };\n }\n\n window.location.replace(\n `${this.config.authorizerURL}/app?state=${encode(\n JSON.stringify({\n clientID: this.config.clientID,\n redirectURL: this.config.redirectURL,\n authorizerURL: this.config.authorizerURL,\n }),\n )}&redirect_uri=${encodeURIComponent(this.config.redirectURL || '')}`,\n );\n return this.errorResponse(err);\n }\n };\n\n forgotPassword = async (\n data: Types.ForgotPasswordRequest,\n ): Promise<Types.ApiResponse<Types.ForgotPasswordResponse>> => {\n if (!data.state) data.state = encode(createRandomString());\n\n if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;\n\n try {\n const forgotPasswordResp = await this.graphqlQuery({\n query:\n 'mutation forgot_password($data: ForgotPasswordRequest!) {\tforgot_password(params: $data) { message should_show_mobile_otp_screen } }',\n variables: {\n data,\n },\n operationName: 'forgot_password',\n });\n return forgotPasswordResp?.errors?.length\n ? this.errorResponse(forgotPasswordResp.errors)\n : this.okResponse(forgotPasswordResp?.data?.forgot_password);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n getMetaData = async (): Promise<Types.ApiResponse<Types.MetaData>> => {\n try {\n const res = await this.graphqlQuery({\n query:\n 'query meta { meta { version client_id is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_microsoft_login_enabled is_twitch_login_enabled is_roblox_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled is_multi_factor_auth_enabled is_mobile_basic_authentication_enabled is_phone_verification_enabled } }',\n operationName: 'meta',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data.meta);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n getProfile = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.User>> => {\n try {\n const profileRes = await this.graphqlQuery({\n query: `query profile {\tprofile { ${userFragment} } }`,\n headers,\n operationName: 'profile',\n });\n\n return profileRes?.errors?.length\n ? this.errorResponse(profileRes.errors)\n : this.okResponse(profileRes.data.profile);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n // this is used to verify / get session using cookie by default. If using node.js pass authorization header\n getSession = async (\n headers?: Types.Headers,\n params?: Types.SessionQueryRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `query session($params: SessionQueryRequest){session(params: $params) { ${authTokenFragment} } }`,\n headers,\n variables: {\n params,\n },\n operationName: 'session',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.session);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n getToken = async (\n data: Types.GetTokenRequest,\n ): Promise<Types.ApiResponse<Types.GetTokenResponse>> => {\n if (!data.grant_type) data.grant_type = 'authorization_code';\n\n if (data.grant_type === 'refresh_token' && !data.refresh_token?.trim())\n return this.errorResponse([new Error('Invalid refresh_token')]);\n\n if (data.grant_type === 'authorization_code' && !this.codeVerifier)\n return this.errorResponse([new Error('Invalid code verifier')]);\n\n const requestData = {\n client_id: this.config.clientID,\n code: data.code || '',\n code_verifier: this.codeVerifier || '',\n grant_type: data.grant_type || '',\n refresh_token: data.refresh_token || '',\n };\n\n try {\n const fetcher = getFetcher();\n const res = await fetcher(`${this.config.authorizerURL}/oauth/token`, {\n method: 'POST',\n body: JSON.stringify(requestData),\n headers: {\n ...this.config.extraHeaders,\n },\n credentials: 'include',\n });\n\n const text = await res.text();\n let json: {\n error?: string;\n error_description?: string;\n } & Record<string, unknown> = {};\n if (text) {\n try {\n json = JSON.parse(text);\n } catch {\n return this.errorResponse([\n new Error(\n res.ok\n ? 'Invalid JSON from token endpoint'\n : `HTTP ${res.status}`,\n ),\n ]);\n }\n }\n if (!res.ok) {\n return this.errorResponse([\n new Error(\n String(\n json.error_description || json.error || `HTTP ${res.status}`,\n ),\n ),\n ]);\n }\n\n return this.okResponse(json);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n login = async (\n data: Types.LoginRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation login($data: LoginRequest!) { login(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'login',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.login);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n logout = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: 'mutation logout { logout { message } }',\n headers,\n operationName: 'logout',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.logout);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n magicLinkLogin = async (\n data: Types.MagicLinkLoginRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n if (!data.state) data.state = encode(createRandomString());\n\n if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;\n\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation magic_link_login($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'magic_link_login',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.magic_link_login);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n oauthLogin = async (\n oauthProvider: string,\n roles?: string[],\n redirect_uri?: string,\n state?: string,\n ): Promise<void> => {\n let urlState = state;\n if (!urlState) {\n urlState = encode(createRandomString());\n }\n\n const oauthProviderIds = Object.values(Types.OAuthProviders) as string[];\n if (!oauthProviderIds.includes(oauthProvider)) {\n throw new Error(\n `only following oauth providers are supported: ${oauthProviderIds.join(', ')}`,\n );\n }\n if (!hasWindow())\n throw new Error('oauthLogin is only supported for browsers');\n\n if (roles && roles.length) urlState += `&roles=${roles.join(',')}`;\n\n window.location.replace(\n `${this.config.authorizerURL}/oauth_login/${oauthProvider}?redirect_uri=${encodeURIComponent(\n redirect_uri || this.config.redirectURL || '',\n )}&state=${encodeURIComponent(urlState)}`,\n );\n };\n\n resendOtp = async (\n data: Types.ResendOtpRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation resend_otp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'resend_otp',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.resend_otp);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n resetPassword = async (\n data: Types.ResetPasswordRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const resetPasswordRes = await this.graphqlQuery({\n query:\n 'mutation reset_password($data: ResetPasswordRequest!) {\treset_password(params: $data) { message } }',\n variables: {\n data,\n },\n operationName: 'reset_password',\n });\n return resetPasswordRes?.errors?.length\n ? this.errorResponse(resetPasswordRes.errors)\n : this.okResponse(resetPasswordRes.data?.reset_password);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n revokeToken = async (data: { refresh_token: string }) => {\n if (!data.refresh_token?.trim())\n return this.errorResponse([new Error('Invalid refresh_token')]);\n\n try {\n const fetcher = getFetcher();\n const res = await fetcher(`${this.config.authorizerURL}/oauth/revoke`, {\n method: 'POST',\n headers: {\n ...this.config.extraHeaders,\n },\n body: JSON.stringify({\n refresh_token: data.refresh_token,\n client_id: this.config.clientID,\n }),\n });\n\n const text = await res.text();\n let responseData: Record<string, unknown> = {};\n if (text) {\n try {\n responseData = JSON.parse(text) as Record<string, unknown>;\n } catch {\n return this.errorResponse([\n new Error(\n res.ok\n ? 'Invalid JSON from revoke endpoint'\n : `HTTP ${res.status}`,\n ),\n ]);\n }\n }\n\n if (!res.ok) {\n const errBody = responseData as {\n error?: string;\n error_description?: string;\n };\n return this.errorResponse([\n new Error(\n String(\n errBody.error_description ||\n errBody.error ||\n `HTTP ${res.status}`,\n ),\n ),\n ]);\n }\n\n return this.okResponse(responseData);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n signup = async (\n data: Types.SignUpRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation signup($data: SignUpRequest!) { signup(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'signup',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.signup);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n updateProfile = async (\n data: Types.UpdateProfileRequest,\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const updateProfileRes = await this.graphqlQuery({\n query:\n 'mutation update_profile($data: UpdateProfileRequest!) {\tupdate_profile(params: $data) { message } }',\n headers,\n variables: {\n data,\n },\n operationName: 'update_profile',\n });\n\n return updateProfileRes?.errors?.length\n ? this.errorResponse(updateProfileRes.errors)\n : this.okResponse(updateProfileRes.data?.update_profile);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n deactivateAccount = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: 'mutation deactivate_account { deactivate_account { message } }',\n headers,\n operationName: 'deactivate_account',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.deactivate_account);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n validateJWTToken = async (\n params?: Types.ValidateJWTTokenRequest,\n ): Promise<Types.ApiResponse<Types.ValidateJWTTokenResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query:\n 'query validate_jwt_token($params: ValidateJWTTokenRequest!){validate_jwt_token(params: $params) { is_valid claims } }',\n variables: {\n params,\n },\n operationName: 'validate_jwt_token',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.validate_jwt_token);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n validateSession = async (\n params?: Types.ValidateSessionRequest,\n ): Promise<Types.ApiResponse<Types.ValidateSessionResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `query validate_session($params: ValidateSessionRequest){validate_session(params: $params) { is_valid user { ${userFragment} } } }`,\n variables: {\n params,\n },\n operationName: 'validate_session',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.validate_session);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n verifyEmail = async (\n data: Types.VerifyEmailRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation verify_email($data: VerifyEmailRequest!) { verify_email(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'verify_email',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.verify_email);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n resendVerifyEmail = async (\n data: Types.ResendVerifyEmailRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation resend_verify_email($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'resend_verify_email',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.resend_verify_email);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n verifyOtp = async (\n data: Types.VerifyOtpRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation verify_otp($data: VerifyOTPRequest!) { verify_otp(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'verify_otp',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.verify_otp);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n // helper to execute graphql queries\n // takes in any query or mutation string as value\n graphqlQuery = async (\n data: Types.GraphqlQueryRequest,\n ): Promise<Types.GrapQlResponseType> => {\n const fetcher = getFetcher();\n const body: Record<string, unknown> = {\n query: data.query,\n variables: data.variables || {},\n };\n if (data.operationName) {\n body.operationName = data.operationName;\n }\n const res = await fetcher(`${this.config.authorizerURL}/graphql`, {\n method: 'POST',\n body: JSON.stringify(body),\n headers: {\n ...this.config.extraHeaders,\n ...(data.headers || {}),\n },\n credentials: 'include',\n });\n\n const text = await res.text();\n let json: { data?: unknown; errors?: unknown[] } = {};\n if (text) {\n try {\n json = JSON.parse(text);\n } catch {\n return {\n data: undefined,\n errors: [\n new Error(\n res.ok\n ? 'Invalid JSON from GraphQL endpoint'\n : `HTTP ${res.status}`,\n ),\n ],\n };\n }\n } else if (!res.ok) {\n return {\n data: undefined,\n errors: [new Error(`HTTP ${res.status}`)],\n };\n }\n\n if (json?.errors?.length) {\n return { data: undefined, errors: toErrorList(json.errors) };\n }\n\n if (!res.ok) {\n return {\n data: undefined,\n errors: [new Error(`HTTP ${res.status}`)],\n };\n }\n\n return { data: json.data, errors: [] };\n };\n\n errorResponse = (errors: unknown): Types.ApiResponse<any> => {\n return {\n data: undefined,\n errors: toErrorList(errors),\n };\n };\n\n okResponse = (data: any): Types.ApiResponse<any> => {\n return {\n data,\n errors: [],\n };\n };\n}\n","export const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;\nexport const CLEANUP_IFRAME_TIMEOUT_IN_SECONDS = 2;\nexport const AUTHORIZE_IFRAME_TIMEOUT = 5;\n","export interface GrapQlResponseType {\n data: any | undefined;\n errors: Error[];\n}\nexport interface ApiResponse<T> {\n errors: Error[];\n data: T | undefined;\n}\n/**\n * SDK configuration. Requests use `credentials: 'include'`, so cookies for the\n * Authorizer instance are sent to `authorizerURL`. That URL must be the exact,\n * trusted origin of your Authorizer deployment (correct scheme, host, and port).\n * A mistaken or attacker-controlled URL can leak session credentials.\n */\nexport interface ConfigType {\n authorizerURL: string;\n redirectURL: string;\n clientID?: string;\n extraHeaders?: Record<string, string>;\n}\n\n// Pagination\nexport interface Pagination {\n limit: number;\n page: number;\n offset: number;\n total: number;\n}\n\n// Meta\nexport interface Meta {\n version: string;\n client_id: string;\n is_google_login_enabled: boolean;\n is_facebook_login_enabled: boolean;\n is_github_login_enabled: boolean;\n is_linkedin_login_enabled: boolean;\n is_apple_login_enabled: boolean;\n is_discord_login_enabled: boolean;\n is_twitter_login_enabled: boolean;\n is_microsoft_login_enabled: boolean;\n is_twitch_login_enabled: boolean;\n is_roblox_login_enabled: boolean;\n is_email_verification_enabled: boolean;\n is_basic_authentication_enabled: boolean;\n is_magic_link_login_enabled: boolean;\n is_sign_up_enabled: boolean;\n is_strong_password_enabled: boolean;\n is_multi_factor_auth_enabled: boolean;\n is_mobile_basic_authentication_enabled: boolean;\n is_phone_verification_enabled: boolean;\n}\n\n// User\nexport interface User {\n id: string;\n email: string | null;\n email_verified: boolean;\n signup_methods: string;\n given_name: string | null;\n family_name: string | null;\n middle_name: string | null;\n nickname: string | null;\n preferred_username: string | null;\n gender: string | null;\n birthdate: string | null;\n phone_number: string | null;\n phone_number_verified: boolean;\n picture: string | null;\n roles: string[];\n created_at: number | null;\n updated_at: number | null;\n revoked_timestamp: number | null;\n is_multi_factor_auth_enabled: boolean | null;\n app_data: Record<string, any> | null;\n}\n\n// Users\nexport interface Users {\n pagination: Pagination;\n users: User[];\n}\n\n// VerificationRequest\nexport interface VerificationRequest {\n id: string;\n identifier: string | null;\n token: string | null;\n email: string | null;\n expires: number | null;\n created_at: number | null;\n updated_at: number | null;\n nonce: string | null;\n redirect_uri: string | null;\n}\n\n// VerificationRequests\nexport interface VerificationRequests {\n pagination: Pagination;\n verification_requests: VerificationRequest[];\n}\n\n// AuthorizerError (GraphQL Error type - renamed to avoid conflict with native Error)\nexport interface AuthorizerError {\n message: string;\n reason: string;\n}\n\n// AuthResponse\nexport interface AuthResponse {\n message: string;\n should_show_email_otp_screen: boolean | null;\n should_show_mobile_otp_screen: boolean | null;\n should_show_totp_screen: boolean | null;\n access_token: string | null;\n id_token: string | null;\n refresh_token: string | null;\n expires_in: number | null;\n user: User | null;\n authenticator_scanner_image: string | null;\n authenticator_secret: string | null;\n authenticator_recovery_codes: string[] | null;\n}\n\n// Keep AuthToken as alias for backward compatibility\nexport type AuthToken = AuthResponse;\n\n// Response\nexport interface Response {\n message: string;\n}\n\n// Keep GenericResponse as alias for backward compatibility\nexport type GenericResponse = Response;\n\n// ForgotPasswordResponse\nexport interface ForgotPasswordResponse {\n message: string;\n should_show_mobile_otp_screen: boolean | null;\n}\n\n// InviteMembersResponse\nexport interface InviteMembersResponse {\n message: string;\n Users: User[];\n}\n\n// LoginRequest\nexport interface LoginRequest {\n email?: string | null;\n phone_number?: string | null;\n password: string;\n roles?: string[] | null;\n scope?: string[] | null;\n state?: string | null;\n}\n\n// SignUpRequest\nexport interface SignUpRequest {\n email?: string | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n picture?: string | null;\n password: string;\n confirm_password: string;\n roles?: string[] | null;\n scope?: string[] | null;\n redirect_uri?: string | null;\n is_multi_factor_auth_enabled?: boolean | null;\n state?: string | null;\n app_data?: Record<string, any> | null;\n}\n\n// Keep SignupRequest as alias for backward compatibility\nexport type SignupRequest = SignUpRequest;\n\n// MagicLinkLoginRequest\nexport interface MagicLinkLoginRequest {\n email: string;\n roles?: string[] | null;\n scope?: string[] | null;\n state?: string | null;\n redirect_uri?: string | null;\n}\n\n// VerifyEmailRequest\nexport interface VerifyEmailRequest {\n token: string;\n state?: string | null;\n}\n\n// ResendVerifyEmailRequest\nexport interface ResendVerifyEmailRequest {\n email: string;\n identifier: string;\n state?: string | null;\n}\n\n// VerifyOTPRequest\nexport interface VerifyOTPRequest {\n email?: string | null;\n phone_number?: string | null;\n otp: string;\n is_totp?: boolean | null;\n state?: string | null;\n}\n\n// Keep VerifyOtpRequest as alias for backward compatibility\nexport type VerifyOtpRequest = VerifyOTPRequest;\n\n// ResendOTPRequest\nexport interface ResendOTPRequest {\n email?: string | null;\n phone_number?: string | null;\n state?: string | null;\n}\n\n// Keep ResendOtpRequest as alias for backward compatibility\nexport type ResendOtpRequest = ResendOTPRequest;\n\n// UpdateProfileRequest\nexport interface UpdateProfileRequest {\n old_password?: string | null;\n new_password?: string | null;\n confirm_new_password?: string | null;\n email?: string | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n picture?: string | null;\n is_multi_factor_auth_enabled?: boolean | null;\n app_data?: Record<string, any> | null;\n}\n\n// UpdateUserRequest (admin only)\nexport interface UpdateUserRequest {\n id: string;\n email?: string | null;\n email_verified?: boolean | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n phone_number_verified?: boolean | null;\n picture?: string | null;\n roles?: string[] | null;\n is_multi_factor_auth_enabled?: boolean | null;\n app_data?: Record<string, any> | null;\n}\n\n// ForgotPasswordRequest\nexport interface ForgotPasswordRequest {\n email?: string | null;\n phone_number?: string | null;\n state?: string | null;\n redirect_uri?: string | null;\n}\n\n// ResetPasswordRequest\nexport interface ResetPasswordRequest {\n token?: string | null;\n otp?: string | null;\n phone_number?: string | null;\n password: string;\n confirm_password: string;\n}\n\n// Keep ResetPasswordInput as alias for backward compatibility\nexport type ResetPasswordInput = ResetPasswordRequest;\n\n// DeleteUserRequest (admin only)\nexport interface DeleteUserRequest {\n email: string;\n}\n\n// SessionQueryRequest\nexport interface SessionQueryRequest {\n roles?: string[] | null;\n scope?: string[] | null;\n}\n\n// Keep SessionQueryInput as alias for backward compatibility\nexport type SessionQueryInput = SessionQueryRequest;\n\n// ValidateJWTTokenRequest\nexport interface ValidateJWTTokenRequest {\n token_type: string;\n token: string;\n roles?: string[] | null;\n}\n\n// Keep ValidateJWTTokenInput as alias for backward compatibility\nexport type ValidateJWTTokenInput = ValidateJWTTokenRequest;\n\n// ValidateJWTTokenResponse\nexport interface ValidateJWTTokenResponse {\n is_valid: boolean;\n claims: Record<string, any>;\n}\n\n// ValidateSessionRequest\nexport interface ValidateSessionRequest {\n cookie: string;\n roles?: string[] | null;\n}\n\n// Keep ValidateSessionInput as alias for backward compatibility\nexport type ValidateSessionInput = ValidateSessionRequest;\n\n// ValidateSessionResponse\nexport interface ValidateSessionResponse {\n is_valid: boolean;\n user: User;\n}\n\n// OAuth types (not part of GraphQL schema, but used for OAuth flow)\nexport enum OAuthProviders {\n Apple = 'apple',\n Github = 'github',\n Google = 'google',\n Facebook = 'facebook',\n LinkedIn = 'linkedin',\n Twitter = 'twitter',\n Microsoft = 'microsoft',\n Twitch = 'twitch',\n Roblox = 'roblox',\n Discord = 'discord',\n}\n\nexport enum ResponseTypes {\n Code = 'code',\n Token = 'token',\n}\n\nexport interface AuthorizeRequest {\n response_type: ResponseTypes;\n use_refresh_token?: boolean;\n response_mode?: string;\n}\n\n// Keep AuthorizeInput as alias for backward compatibility\nexport type AuthorizeInput = AuthorizeRequest;\n\nexport interface AuthorizeResponse {\n state: string;\n code?: string;\n error?: string;\n error_description?: string;\n}\n\nexport interface RevokeTokenInput {\n refresh_token: string;\n}\n\nexport interface GetTokenRequest {\n code?: string;\n grant_type?: string;\n refresh_token?: string;\n}\n\n// Keep GetTokenInput as alias for backward compatibility\nexport type GetTokenInput = GetTokenRequest;\n\nexport interface GetTokenResponse {\n access_token: string;\n expires_in: number;\n id_token: string;\n refresh_token?: string;\n}\n\n// GraphQL query request\nexport type Headers = Record<string, string>;\n\nexport interface GraphqlQueryRequest {\n query: string;\n variables?: Record<string, any>;\n headers?: Headers;\n /** When set, sent as the GraphQL `operationName` field; should match the named operation in `query` (schema field names, e.g. `forgot_password`). */\n operationName?: string;\n}\n\n// Deprecated types (for backward compatibility)\nexport interface IsValidJWTQueryInput {\n jwt: string;\n roles?: string[];\n}\n\nexport interface ValidJWTResponse {\n valid: string;\n message: string;\n}\n\n// Keep MetaDataResponse as alias for backward compatibility\nexport type MetaDataResponse = Meta;\n\n// Keep MetaData as alias for backward compatibility\nexport type MetaData = Meta;\n","import {\n CLEANUP_IFRAME_TIMEOUT_IN_SECONDS,\n DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n} from './constants';\nimport { AuthorizeResponse } from './types';\n\nexport const hasWindow = (): boolean => typeof window !== 'undefined';\n\nexport const trimURL = (url: string): string => {\n let trimmedData = url.trim();\n const lastChar = trimmedData[trimmedData.length - 1];\n if (lastChar === '/')\n trimmedData = trimmedData.slice(0, -1);\n\n return trimmedData;\n};\n\nexport const getCrypto = () => {\n // ie 11.x uses msCrypto\n return hasWindow()\n ? ((window.crypto || (window as any).msCrypto) as Crypto)\n : null;\n};\n\nexport const getCryptoSubtle = () => {\n const crypto = getCrypto();\n // safari 10.x uses webkitSubtle\n return (crypto && crypto.subtle) || (crypto as any).webkitSubtle;\n};\n\nexport const createRandomString = () => {\n const charset\n = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.';\n let random = '';\n const crypto = getCrypto();\n if (crypto) {\n const randomValues = Array.from(crypto.getRandomValues(new Uint8Array(43)));\n randomValues.forEach(v => (random += charset[v % charset.length]));\n }\n return random;\n};\n\nexport const encode = (value: string) =>\n hasWindow() ? btoa(value) : Buffer.from(value).toString('base64');\nexport const decode = (value: string) =>\n hasWindow() ? atob(value) : Buffer.from(value, 'base64').toString('ascii');\n\nexport const createQueryParams = (params: any) => {\n return Object.keys(params)\n .filter(k => typeof params[k] !== 'undefined')\n .map(k => `${encodeURIComponent(k)}=${encodeURIComponent(params[k])}`)\n .join('&');\n};\n\nexport const sha256 = async (s: string) => {\n const subtle = getCryptoSubtle();\n if (!subtle)\n throw new Error('Web Crypto API is not available');\n\n const digestOp: any = subtle.digest(\n { name: 'SHA-256' },\n new TextEncoder().encode(s),\n );\n\n // msCrypto (IE11) uses the old spec, which is not Promise based\n // https://msdn.microsoft.com/en-us/expression/dn904640(v=vs.71)\n if ((window as any).msCrypto) {\n return new Promise((resolve, reject) => {\n digestOp.oncomplete = (e: any) => {\n resolve(e.target.result);\n };\n\n digestOp.onerror = (e: ErrorEvent) => {\n reject(e.error);\n };\n\n digestOp.onabort = () => {\n reject(new Error('The digest operation was aborted'));\n };\n });\n }\n\n return await digestOp;\n};\n\nconst urlEncodeB64 = (input: string) => {\n const b64Chars: { [index: string]: string } = { '+': '-', '/': '_', '=': '' };\n return input.replace(/[+/=]/g, (m: string) => b64Chars[m]);\n};\n\n// https://stackoverflow.com/questions/30106476/\nconst decodeB64 = (input: string) =>\n decodeURIComponent(\n atob(input)\n .split('')\n .map((c) => {\n return `%${`00${c.charCodeAt(0).toString(16)}`.slice(-2)}`;\n })\n .join(''),\n );\n\nexport const urlDecodeB64 = (input: string) =>\n decodeB64(input.replace(/_/g, '/').replace(/-/g, '+'));\n\nexport const bufferToBase64UrlEncoded = (input: number[] | Uint8Array) => {\n const ie11SafeInput = new Uint8Array(input);\n return urlEncodeB64(\n window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))),\n );\n};\n\nconst originFromAuthorizerUrl = (authorizerUrl: string): string => {\n try {\n return new URL(authorizerUrl).origin;\n }\n catch {\n return authorizerUrl;\n }\n};\n\nexport const executeIframe = (\n authorizeUrl: string,\n eventOrigin: string,\n timeoutInSeconds: number = DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n) => {\n return new Promise<AuthorizeResponse>((resolve, reject) => {\n const expectedOrigin = originFromAuthorizerUrl(eventOrigin);\n const iframe = window.document.createElement('iframe');\n iframe.setAttribute('id', 'authorizer-iframe');\n iframe.setAttribute('width', '0');\n iframe.setAttribute('height', '0');\n iframe.style.display = 'none';\n const removeIframe = () => {\n if (window.document.body.contains(iframe)) {\n window.document.body.removeChild(iframe);\n window.removeEventListener('message', iframeEventHandler, false);\n }\n };\n\n const timeoutSetTimeoutId = setTimeout(() => {\n reject(new Error('Authorization timeout'));\n removeIframe();\n }, timeoutInSeconds * 1000);\n\n const iframeEventHandler: (e: MessageEvent) => void = function (e: MessageEvent) {\n if (e.origin !== expectedOrigin)\n return;\n if (!e.data || !e.data.response)\n return;\n\n const eventSource = e.source;\n\n if (eventSource)\n (eventSource as any).close();\n\n if (e.data.response.error)\n reject(e.data.response);\n else\n resolve(e.data.response);\n\n clearTimeout(timeoutSetTimeoutId);\n window.removeEventListener('message', iframeEventHandler, false);\n setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1000);\n };\n\n window.addEventListener('message', iframeEventHandler, false);\n window.document.body.appendChild(iframe);\n iframe.setAttribute('src', authorizeUrl);\n });\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;AACA,yBAAuB;;;ACDhB,IAAMA,uCAAuC;AAC7C,IAAMC,oCAAoC;;;ACuU1C,IAAKC,iBAAAA,0BAAAA,iBAAAA;;;;;;;;;;;SAAAA;;AAaL,IAAKC,gBAAAA,0BAAAA,gBAAAA;;;SAAAA;;;;AC/UL,IAAMC,YAAY,6BAAe,OAAOC,WAAW,aAAjC;AAElB,IAAMC,UAAU,wBAACC,QAAAA;AACtB,MAAIC,cAAcD,IAAIE,KAAI;AAC1B,QAAMC,WAAWF,YAAYA,YAAYG,SAAS,CAAA;AAClD,MAAID,aAAa,IACfF,eAAcA,YAAYI,MAAM,GAAG,EAAC;AAEtC,SAAOJ;AACT,GAPuB;AAShB,IAAMK,YAAY,6BAAA;AAEvB,SAAOT,UAAAA,IACDC,OAAOS,UAAWT,OAAeU,WACnC;AACN,GALyB;AAOlB,IAAMC,kBAAkB,6BAAA;AAC7B,QAAMF,SAASD,UAAAA;AAEf,SAAQC,UAAUA,OAAOG,UAAYH,OAAeI;AACtD,GAJ+B;AAMxB,IAAMC,qBAAqB,6BAAA;AAChC,QAAMC,UACF;AACJ,MAAIC,SAAS;AACb,QAAMP,SAASD,UAAAA;AACf,MAAIC,QAAQ;AACV,UAAMQ,eAAeC,MAAMC,KAAKV,OAAOW,gBAAgB,IAAIC,WAAW,EAAA,CAAA,CAAA;AACtEJ,iBAAaK,QAAQC,CAAAA,MAAMP,UAAUD,QAAQQ,IAAIR,QAAQT,MAAM,CAAC;EAClE;AACA,SAAOU;AACT,GAVkC;AAY3B,IAAMQ,SAAS,wBAACC,UACrB1B,UAAAA,IAAc2B,KAAKD,KAAAA,IAASE,OAAOR,KAAKM,KAAAA,EAAOG,SAAS,QAAA,GADpC;AAKf,IAAMC,oBAAoB,wBAACC,WAAAA;AAChC,SAAOC,OAAOC,KAAKF,MAAAA,EAChBG,OAAOC,CAAAA,MAAK,OAAOJ,OAAOI,CAAAA,MAAO,WAAA,EACjCC,IAAID,CAAAA,MAAK,GAAGE,mBAAmBF,CAAAA,CAAAA,IAAME,mBAAmBN,OAAOI,CAAAA,CAAE,CAAA,EAAG,EACpEG,KAAK,GAAA;AACV,GALiC;AAO1B,IAAMC,SAAS,8BAAOC,MAAAA;AAC3B,QAAMC,SAASC,gBAAAA;AACf,MAAI,CAACD,OACH,OAAM,IAAIE,MAAM,iCAAA;AAElB,QAAMC,WAAgBH,OAAOI,OAC3B;IAAEC,MAAM;EAAU,GAClB,IAAIC,YAAAA,EAAcC,OAAOR,CAAAA,CAAAA;AAK3B,MAAKS,OAAeC,UAAU;AAC5B,WAAO,IAAIC,QAAQ,CAACC,SAASC,WAAAA;AAC3BT,eAASU,aAAa,CAACC,MAAAA;AACrBH,gBAAQG,EAAEC,OAAOC,MAAM;MACzB;AAEAb,eAASc,UAAU,CAACH,MAAAA;AAClBF,eAAOE,EAAEI,KAAK;MAChB;AAEAf,eAASgB,UAAU,MAAA;AACjBP,eAAO,IAAIV,MAAM,kCAAA,CAAA;MACnB;IACF,CAAA;EACF;AAEA,SAAO,MAAMC;AACf,GA7BsB;AA+BtB,IAAMiB,eAAe,wBAACC,UAAAA;AACpB,QAAMC,WAAwC;IAAE,KAAK;IAAK,KAAK;IAAK,KAAK;EAAG;AAC5E,SAAOD,MAAME,QAAQ,UAAU,CAACC,MAAcF,SAASE,CAAAA,CAAE;AAC3D,GAHqB;AAmBd,IAAMC,2BAA2B,wBAACC,UAAAA;AACvC,QAAMC,gBAAgB,IAAIC,WAAWF,KAAAA;AACrC,SAAOG,aACLC,OAAOC,KAAKC,OAAOC,aAAY,GAAIC,MAAMC,KAAKR,aAAAA,CAAAA,CAAAA,CAAAA;AAElD,GALwC;AAOxC,IAAMS,0BAA0B,wBAACC,kBAAAA;AAC/B,MAAI;AACF,WAAO,IAAIC,IAAID,aAAAA,EAAeE;EAChC,QACM;AACJ,WAAOF;EACT;AACF,GAPgC;AASzB,IAAMG,gBAAgB,wBAC3BC,cACAC,aACAC,mBAA2BC,yCAAoC;AAE/D,SAAO,IAAIC,QAA2B,CAACC,SAASC,WAAAA;AAC9C,UAAMC,iBAAiBZ,wBAAwBM,WAAAA;AAC/C,UAAMO,SAASnB,OAAOoB,SAASC,cAAc,QAAA;AAC7CF,WAAOG,aAAa,MAAM,mBAAA;AAC1BH,WAAOG,aAAa,SAAS,GAAA;AAC7BH,WAAOG,aAAa,UAAU,GAAA;AAC9BH,WAAOI,MAAMC,UAAU;AACvB,UAAMC,eAAe,6BAAA;AACnB,UAAIzB,OAAOoB,SAASM,KAAKC,SAASR,MAAAA,GAAS;AACzCnB,eAAOoB,SAASM,KAAKE,YAAYT,MAAAA;AACjCnB,eAAO6B,oBAAoB,WAAWC,oBAAoB,KAAA;MAC5D;IACF,GALqB;AAOrB,UAAMC,sBAAsBC,WAAW,MAAA;AACrCf,aAAO,IAAIgB,MAAM,uBAAA,CAAA;AACjBR,mBAAAA;IACF,GAAGZ,mBAAmB,GAAA;AAEtB,UAAMiB,qBAAgD,gCAAUI,GAAe;AAC7E,UAAIA,EAAEzB,WAAWS,eACf;AACF,UAAI,CAACgB,EAAEC,QAAQ,CAACD,EAAEC,KAAKC,SACrB;AAEF,YAAMC,cAAcH,EAAEI;AAEtB,UAAID,YACDA,aAAoBE,MAAK;AAE5B,UAAIL,EAAEC,KAAKC,SAASI,MAClBvB,QAAOiB,EAAEC,KAAKC,QAAQ;UAEtBpB,SAAQkB,EAAEC,KAAKC,QAAQ;AAEzBK,mBAAaV,mBAAAA;AACb/B,aAAO6B,oBAAoB,WAAWC,oBAAoB,KAAA;AAC1DE,iBAAWP,cAAciB,oCAAoC,GAAA;IAC/D,GAnBsD;AAqBtD1C,WAAO2C,iBAAiB,WAAWb,oBAAoB,KAAA;AACvD9B,WAAOoB,SAASM,KAAKkB,YAAYzB,MAAAA;AACjCA,WAAOG,aAAa,OAAOX,YAAAA;EAC7B,CAAA;AACF,GAjD6B;;;AHxG7B,IAAMkC,eACJ;AACF,IAAMC,oBAAoB,kOAAkOD,YAAAA;AAG5P,IAAME,aAAa,6BAAOC,UAAAA,IAAcC,OAAOC,QAAQC,mBAAAA,SAApC;AAEnB,SAASC,YAAYC,QAAe;AAClC,MAAIC,MAAMC,QAAQF,MAAAA,GAAS;AACzB,WAAOA,OAAOG,IAAI,CAACC,SAAAA;AACjB,UAAIA,gBAAgBC,MAAO,QAAOD;AAClC,UAAIA,QAAQ,OAAOA,SAAS,YAAY,aAAaA,KACnD,QAAO,IAAIC,MAAMC,OAAQF,KAA8BG,OAAO,CAAA;AAChE,aAAO,IAAIF,MAAMC,OAAOF,IAAAA,CAAAA;IAC1B,CAAA;EACF;AACA,MAAIJ,kBAAkBK,MAAO,QAAO;IAACL;;AACrC,MAAIA,WAAW,QAAQ,OAAOA,WAAW,UAAU;AACjD,UAAMQ,IAAIR;AACV,QAAI,OAAOQ,EAAEC,sBAAsB,SACjC,QAAO;MAAC,IAAIJ,MAAMG,EAAEC,iBAAiB;;AACvC,QAAI,OAAOD,EAAEE,UAAU,UAAU;AAC/B,YAAMC,OACJ,OAAOH,EAAEC,sBAAsB,WAC3B,KAAKD,EAAEC,iBAAiB,KACxB;AACN,aAAO;QAAC,IAAIJ,MAAM,GAAGG,EAAEE,KAAK,GAAGC,IAAAA,EAAM;;IACvC;AACA,QAAI,OAAOH,EAAED,YAAY,SAAU,QAAO;MAAC,IAAIF,MAAMG,EAAED,OAAO;;EAChE;AACA,MAAIP,WAAWY,UAAaZ,WAAW,KACrC,QAAO;IAAC,IAAIK,MAAM,eAAA;;AACpB,SAAO;IAAC,IAAIA,MAAMC,OAAON,MAAAA,CAAAA;;AAC3B;AA1BSD;AAkCF,IAAMc,cAAN,MAAMA,YAAAA;;EAEXC;EACAC;;EAGA,YAAYD,QAA0B;AA/DxC;AAgEI,QAAI,CAACA,OAAQ,OAAM,IAAIT,MAAM,2BAAA;AAE7B,SAAKS,SAASA;AACd,QAAI,GAACA,YAAOE,kBAAPF,mBAAsBG,QAAQ,OAAM,IAAIZ,MAAM,uBAAA;AAEnD,SAAKS,OAAOE,gBAAgBE,QAAQJ,OAAOE,aAAa;AAExD,QAAI,GAACF,YAAOK,gBAAPL,mBAAoBG,QAAQ,OAAM,IAAIZ,MAAM,qBAAA;AACjD,SAAKS,OAAOK,cAAcD,QAAQJ,OAAOK,WAAW;AACpD,SAAKL,OAAOM,aAAYN,iCAAQM,aAAY,IAAIH,KAAI;AAEpD,SAAKH,OAAOO,eAAe;MACzB,GAAIP,OAAOO,gBAAgB,CAAC;MAC5B,oBAAoBP,OAAOE;MAC3B,0BAA0BF,OAAOM,YAAY;MAC7C,gBAAgB;IAClB;EACF;EAEAE,YAAY,8BACVC,SAAAA;AApFJ;AAyFI,QAAI,CAAC5B,UAAAA,EACH,QAAO,KAAK6B,cAAc;MACxB,IAAInB,MAAM,2CAAA;KACX;AAEH,UAAMoB,SAAS;MAAC;MAAU;MAAW;;AACrC,QAAIF,KAAKG,kBAAmBD,QAAOE,KAAK,gBAAA;AAExC,UAAMC,cAAsC;MAC1CC,cAAc,KAAKf,OAAOK;MAC1BW,eAAeP,KAAKO,iBAAiB;MACrCC,OAAOC,OAAOC,mBAAAA,CAAAA;MACdC,OAAOF,OAAOC,mBAAAA,CAAAA;MACdE,eAAeZ,KAAKY;MACpBC,OAAOX,OAAOY,KAAK,GAAA;MACnBC,aAAW,UAAKxB,WAAL,mBAAaM,aAAY;IACtC;AAEA,QAAIG,KAAKY,kBAAwBI,cAAcC,MAAM;AACnD,WAAKzB,eAAekB,mBAAAA;AACpB,YAAMQ,MAAM,MAAMC,OAAO,KAAK3B,YAAY;AAC1C,YAAM4B,gBAAgBC,yBAAyBH,GAAAA;AAC/Cb,kBAAYiB,iBAAiBF;AAC7Bf,kBAAYkB,wBAAwB;IACtC;AAEA,UAAMC,eAAe,GACnB,KAAKjC,OAAOE,aAAa,cACbgC,kBAAkBpB,WAAAA,CAAAA;AAEhC,QAAIA,YAAYE,kBAAkB,eAAe;AAC/ClC,aAAOqD,SAASC,QAAQH,YAAAA;AACxB,aAAO,KAAKI,WAAWvC,MAAAA;IACzB;AAEA,QAAI;AACF,YAAMwC,YAAY,MAAMC,cACtBN,cACA,KAAKjC,OAAOE,eACZsC,oCAAAA;AAGF,UAAI/B,KAAKY,kBAAwBI,cAAcC,MAAM;AAEnD,cAAMe,YACJ,MAAM,KAAKC,SAAS;UAClBC,MAAML,UAAUK;QAClB,CAAA;AACF,eAAOF,UAAUvD,OAAO0D,SACpB,KAAKlC,cAAc+B,UAAUvD,MAAM,IACnC,KAAKmD,WAAWI,UAAUhC,IAAI;MACpC;AAGA,aAAO,KAAK4B,WAAWC,SAAAA;IACzB,SAASO,KAAK;AACZ,UAAIA,IAAIjD,OAAO;AACbd,eAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,cAAcgB,OACxC4B,KAAKC,UAAU;UACbzC,UAAU,KAAKN,OAAOM;UACtBD,aAAa,KAAKL,OAAOK;UACzBH,eAAe,KAAKF,OAAOE;QAC7B,CAAA,CAAA,CAAA,iBACgB8C,mBAAmB,KAAKhD,OAAOK,eAAe,EAAA,CAAA,EAAK;MAEzE;AAEA,aAAO,KAAKK,cAAcmC,GAAAA;IAC5B;EACF,GA5EY;EA8EZI,eAAe,mCAAA;AACb,QAAI;AACF,YAAMR,YACJ,MAAM,KAAKS,WAAU;AACvB,aAAOT,UAAUvD,OAAO0D,SACpB,KAAKlC,cAAc+B,UAAUvD,MAAM,IACnC,KAAKmD,WAAWI,UAAUhC,IAAI;IACpC,SAASoC,KAAK;AACZ,UAAI,CAAChE,UAAAA,GAAa;AAChB,eAAO;UACL4B,MAAMX;UACNZ,QAAQ;YAAC,IAAIK,MAAM,6CAAA;;QACrB;MACF;AAEAT,aAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,cAAcgB,OACxC4B,KAAKC,UAAU;QACbzC,UAAU,KAAKN,OAAOM;QACtBD,aAAa,KAAKL,OAAOK;QACzBH,eAAe,KAAKF,OAAOE;MAC7B,CAAA,CAAA,CAAA,iBACgB8C,mBAAmB,KAAKhD,OAAOK,eAAe,EAAA,CAAA,EAAK;AAEvE,aAAO,KAAKK,cAAcmC,GAAAA;IAC5B;EACF,GA1Be;EA4BfM,iBAAiB,8BACf1C,SAAAA;AA9LJ;AAgMI,QAAI,CAACA,KAAKQ,MAAOR,MAAKQ,QAAQC,OAAOC,mBAAAA,CAAAA;AAErC,QAAI,CAACV,KAAKM,aAAcN,MAAKM,eAAe,KAAKf,OAAOK;AAExD,QAAI;AACF,YAAM+C,qBAAqB,MAAM,KAAKC,aAAa;QACjDC,OACE;QACFC,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AACA,eAAOJ,8DAAoBlE,WAApBkE,mBAA4BR,UAC/B,KAAKlC,cAAc0C,mBAAmBlE,MAAM,IAC5C,KAAKmD,YAAWe,8DAAoB3C,SAApB2C,mBAA0BK,eAAAA;IAChD,SAAS7D,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAtBiB;EAwBjB8D,cAAc,mCAAA;AArNhB;AAsNI,QAAI;AACF,YAAMC,MAAM,MAAM,KAAKN,aAAa;QAClCC,OACE;QACFE,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,WAAWsB,IAAIlD,KAAKmD,IAAI;IACnC,SAAShE,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAdc;EAgBdiE,aAAa,8BACXC,YAAAA;AAtOJ;AAwOI,QAAI;AACF,YAAMC,aAAa,MAAM,KAAKV,aAAa;QACzCC,OAAO,6BAA6B5E,YAAAA;QACpCoF;QACAN,eAAe;MACjB,CAAA;AAEA,eAAOO,8CAAY7E,WAAZ6E,mBAAoBnB,UACvB,KAAKlC,cAAcqD,WAAW7E,MAAM,IACpC,KAAKmD,WAAW0B,WAAWtD,KAAKuD,OAAO;IAC7C,SAASpE,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAhBa;;EAmBbsD,aAAa,8BACXY,SACAG,WAAAA;AA1PJ;AA4PI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO,0EAA0E3E,iBAAAA;QACjFmF;QACAP,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUO,OAAAA;IAChC,SAASrB,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GAnBa;EAqBbH,WAAW,8BACTjC,SAAAA;AA9QJ;AAgRI,QAAI,CAACA,KAAK0D,WAAY1D,MAAK0D,aAAa;AAExC,QAAI1D,KAAK0D,eAAe,mBAAmB,GAAC1D,UAAK2D,kBAAL3D,mBAAoBN,QAC9D,QAAO,KAAKO,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,QAAIkB,KAAK0D,eAAe,wBAAwB,CAAC,KAAKlE,aACpD,QAAO,KAAKS,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,UAAMuB,cAAc;MAClBU,WAAW,KAAKxB,OAAOM;MACvBqC,MAAMlC,KAAKkC,QAAQ;MACnB0B,eAAe,KAAKpE,gBAAgB;MACpCkE,YAAY1D,KAAK0D,cAAc;MAC/BC,eAAe3D,KAAK2D,iBAAiB;IACvC;AAEA,QAAI;AACF,YAAME,UAAU1F,WAAAA;AAChB,YAAM+E,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,gBAAgB;QACpEqE,QAAQ;QACRC,MAAM1B,KAAKC,UAAUjC,WAAAA;QACrBgD,SAAS;UACP,GAAG,KAAK9D,OAAOO;QACjB;QACAkE,aAAa;MACf,CAAA;AAEA,YAAMC,OAAO,MAAMf,IAAIe,KAAI;AAC3B,UAAIC,OAG0B,CAAC;AAC/B,UAAID,MAAM;AACR,YAAI;AACFC,iBAAO7B,KAAK8B,MAAMF,IAAAA;QACpB,QAAQ;AACN,iBAAO,KAAKhE,cAAc;YACxB,IAAInB,MACFoE,IAAIkB,KACA,qCACA,QAAQlB,IAAImB,MAAM,EAAE;WAE3B;QACH;MACF;AACA,UAAI,CAACnB,IAAIkB,IAAI;AACX,eAAO,KAAKnE,cAAc;UACxB,IAAInB,MACFC,OACEmF,KAAKhF,qBAAqBgF,KAAK/E,SAAS,QAAQ+D,IAAImB,MAAM,EAAE,CAAA;SAGjE;MACH;AAEA,aAAO,KAAKzC,WAAWsC,IAAAA;IACzB,SAAS9B,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GA9DW;EAgEXkC,QAAQ,8BACNtE,SAAAA;AA9UJ;AAgVI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;qEACsD3E,iBAAAA;;QAE7D4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUoB,KAAAA;IAChC,SAASlC,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GAlBQ;EAoBRmC,SAAS,8BACPlB,YAAAA;AAlWJ;AAoWI,QAAI;AACF,YAAMH,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;QACPQ;QACAN,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUqB,MAAAA;IAChC,SAASnC,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAfS;EAiBToC,iBAAiB,8BACfxE,SAAAA;AAnXJ;AAqXI,QAAI;AACF,UAAI,CAACA,KAAKQ,MAAOR,MAAKQ,QAAQC,OAAOC,mBAAAA,CAAAA;AAErC,UAAI,CAACV,KAAKM,aAAcN,MAAKM,eAAe,KAAKf,OAAOK;AAExD,YAAMsD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUuB,gBAAAA;IAChC,SAASrC,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAtBiB;EAwBjBsC,aAAa,8BACXC,eACAC,OACAtE,cACAE,UAAAA;AAEA,QAAIqE,WAAWrE;AACf,QAAI,CAACqE,UAAU;AACbA,iBAAWpE,OAAOC,mBAAAA,CAAAA;IACpB;AAEA,UAAMoE,mBAAmBC,OAAOC,OAAaC,cAAc;AAC3D,QAAI,CAACH,iBAAiBI,SAASP,aAAAA,GAAgB;AAC7C,YAAM,IAAI7F,MACR,iDAAiDgG,iBAAiBhE,KAAK,IAAA,CAAA,EAAO;IAElF;AACA,QAAI,CAAC1C,UAAAA,EACH,OAAM,IAAIU,MAAM,2CAAA;AAElB,QAAI8F,SAASA,MAAMzC,OAAQ0C,aAAY,UAAUD,MAAM9D,KAAK,GAAA,CAAA;AAE5DzC,WAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,gBAAgBkF,aAAAA,iBAA8BpC,mBACxEjC,gBAAgB,KAAKf,OAAOK,eAAe,EAAA,CAAA,UAClC2C,mBAAmBsC,QAAAA,CAAAA,EAAW;EAE7C,GA3Ba;EA6BbM,YAAY,8BACVnF,SAAAA;AAxaJ;AA0aI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUkC,UAAAA;IAChC,SAAShD,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBY;EAoBZiD,gBAAgB,8BACdrF,SAAAA;AA5bJ;AA8bI,QAAI;AACF,YAAMsF,mBAAmB,MAAM,KAAK1C,aAAa;QAC/CC,OACE;QACFC,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AACA,eAAOuC,0DAAkB7G,WAAlB6G,mBAA0BnD,UAC7B,KAAKlC,cAAcqF,iBAAiB7G,MAAM,IAC1C,KAAKmD,YAAW0D,sBAAiBtF,SAAjBsF,mBAAuBC,cAAAA;IAC7C,SAASpG,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAlBgB;EAoBhBqG,cAAc,8BAAOxF,SAAAA;AA/cvB;AAgdI,QAAI,GAACA,UAAK2D,kBAAL3D,mBAAoBN,QACvB,QAAO,KAAKO,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,QAAI;AACF,YAAM+E,UAAU1F,WAAAA;AAChB,YAAM+E,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,iBAAiB;QACrEqE,QAAQ;QACRT,SAAS;UACP,GAAG,KAAK9D,OAAOO;QACjB;QACAiE,MAAM1B,KAAKC,UAAU;UACnBqB,eAAe3D,KAAK2D;UACpB5C,WAAW,KAAKxB,OAAOM;QACzB,CAAA;MACF,CAAA;AAEA,YAAMoE,OAAO,MAAMf,IAAIe,KAAI;AAC3B,UAAIwB,eAAwC,CAAC;AAC7C,UAAIxB,MAAM;AACR,YAAI;AACFwB,yBAAepD,KAAK8B,MAAMF,IAAAA;QAC5B,QAAQ;AACN,iBAAO,KAAKhE,cAAc;YACxB,IAAInB,MACFoE,IAAIkB,KACA,sCACA,QAAQlB,IAAImB,MAAM,EAAE;WAE3B;QACH;MACF;AAEA,UAAI,CAACnB,IAAIkB,IAAI;AACX,cAAMsB,UAAUD;AAIhB,eAAO,KAAKxF,cAAc;UACxB,IAAInB,MACFC,OACE2G,QAAQxG,qBACNwG,QAAQvG,SACR,QAAQ+D,IAAImB,MAAM,EAAE,CAAA;SAG3B;MACH;AAEA,aAAO,KAAKzC,WAAW6D,YAAAA;IACzB,SAASrD,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GArDc;EAuDduD,SAAS,8BACP3F,SAAAA;AAvgBJ;AAygBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;wEACyD3E,iBAAAA;;QAEhE4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUyC,MAAAA;IAChC,SAASvD,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBS;EAoBTwD,gBAAgB,8BACd5F,MACAqD,YAAAA;AA5hBJ;AA8hBI,QAAI;AACF,YAAMwC,mBAAmB,MAAM,KAAKjD,aAAa;QAC/CC,OACE;QACFQ;QACAP,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AAEA,eAAO8C,0DAAkBpH,WAAlBoH,mBAA0B1D,UAC7B,KAAKlC,cAAc4F,iBAAiBpH,MAAM,IAC1C,KAAKmD,YAAWiE,sBAAiB7F,SAAjB6F,mBAAuBC,cAAAA;IAC7C,SAAS3G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GArBgB;EAuBhB4G,oBAAoB,8BAClB1C,YAAAA;AAljBJ;AAojBI,QAAI;AACF,YAAMH,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;QACPQ;QACAN,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAU8C,kBAAAA;IAChC,SAAS7G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAfoB;EAiBpB8G,mBAAmB,8BACjBzC,WAAAA;AAnkBJ;AAqkBI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OACE;QACFC,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUgD,kBAAAA;IAChC,SAAS/G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAnBmB;EAqBnBgH,kBAAkB,8BAChB3C,WAAAA;AAxlBJ;AA0lBI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO,+GAA+G5E,YAAAA;QACtH6E,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUkD,gBAAAA;IAChC,SAASjH,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAlBkB;EAoBlBkH,cAAc,8BACZrG,SAAAA;AA5mBJ;AA8mBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;yFAC0E3E,iBAAAA;;QAEjF4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUoD,YAAAA;IAChC,SAASlE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBc;EAoBdmE,oBAAoB,8BAClBvG,SAAAA;AAhoBJ;AAkoBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUsD,mBAAAA;IAChC,SAASpE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBoB;EAoBpBqE,YAAY,8BACVzG,SAAAA;AAppBJ;AAspBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;mFACoE3E,iBAAAA;;QAE3E4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUwD,UAAAA;IAChC,SAAStE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBY;;;EAsBZQ,eAAe,8BACb5C,SAAAA;AA1qBJ;AA4qBI,UAAM6D,UAAU1F,WAAAA;AAChB,UAAM4F,OAAgC;MACpClB,OAAO7C,KAAK6C;MACZC,WAAW9C,KAAK8C,aAAa,CAAC;IAChC;AACA,QAAI9C,KAAK+C,eAAe;AACtBgB,WAAKhB,gBAAgB/C,KAAK+C;IAC5B;AACA,UAAMG,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,YAAY;MAChEqE,QAAQ;MACRC,MAAM1B,KAAKC,UAAUyB,IAAAA;MACrBV,SAAS;QACP,GAAG,KAAK9D,OAAOO;QACf,GAAIE,KAAKqD,WAAW,CAAC;MACvB;MACAW,aAAa;IACf,CAAA;AAEA,UAAMC,OAAO,MAAMf,IAAIe,KAAI;AAC3B,QAAIC,OAA+C,CAAC;AACpD,QAAID,MAAM;AACR,UAAI;AACFC,eAAO7B,KAAK8B,MAAMF,IAAAA;MACpB,QAAQ;AACN,eAAO;UACLjE,MAAMX;UACNZ,QAAQ;YACN,IAAIK,MACFoE,IAAIkB,KACA,uCACA,QAAQlB,IAAImB,MAAM,EAAE;;QAG9B;MACF;IACF,WAAW,CAACnB,IAAIkB,IAAI;AAClB,aAAO;QACLpE,MAAMX;QACNZ,QAAQ;UAAC,IAAIK,MAAM,QAAQoE,IAAImB,MAAM,EAAE;;MACzC;IACF;AAEA,SAAIH,kCAAMzF,WAANyF,mBAAc/B,QAAQ;AACxB,aAAO;QAAEnC,MAAMX;QAAWZ,QAAQD,YAAY0F,KAAKzF,MAAM;MAAE;IAC7D;AAEA,QAAI,CAACyE,IAAIkB,IAAI;AACX,aAAO;QACLpE,MAAMX;QACNZ,QAAQ;UAAC,IAAIK,MAAM,QAAQoE,IAAImB,MAAM,EAAE;;MACzC;IACF;AAEA,WAAO;MAAErE,MAAMkE,KAAKlE;MAAMvB,QAAQ,CAAA;IAAG;EACvC,GAzDe;EA2DfwB,gBAAgB,wBAACxB,WAAAA;AACf,WAAO;MACLuB,MAAMX;MACNZ,QAAQD,YAAYC,MAAAA;IACtB;EACF,GALgB;EAOhBmD,aAAa,wBAAC5B,SAAAA;AACZ,WAAO;MACLA;MACAvB,QAAQ,CAAA;IACV;EACF,GALa;AAMf;AAxrBaa;AAAN,IAAMA,aAAN;","names":["DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","CLEANUP_IFRAME_TIMEOUT_IN_SECONDS","OAuthProviders","ResponseTypes","hasWindow","window","trimURL","url","trimmedData","trim","lastChar","length","slice","getCrypto","crypto","msCrypto","getCryptoSubtle","subtle","webkitSubtle","createRandomString","charset","random","randomValues","Array","from","getRandomValues","Uint8Array","forEach","v","encode","value","btoa","Buffer","toString","createQueryParams","params","Object","keys","filter","k","map","encodeURIComponent","join","sha256","s","subtle","getCryptoSubtle","Error","digestOp","digest","name","TextEncoder","encode","window","msCrypto","Promise","resolve","reject","oncomplete","e","target","result","onerror","error","onabort","urlEncodeB64","input","b64Chars","replace","m","bufferToBase64UrlEncoded","input","ie11SafeInput","Uint8Array","urlEncodeB64","window","btoa","String","fromCharCode","Array","from","originFromAuthorizerUrl","authorizerUrl","URL","origin","executeIframe","authorizeUrl","eventOrigin","timeoutInSeconds","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","Promise","resolve","reject","expectedOrigin","iframe","document","createElement","setAttribute","style","display","removeIframe","body","contains","removeChild","removeEventListener","iframeEventHandler","timeoutSetTimeoutId","setTimeout","Error","e","data","response","eventSource","source","close","error","clearTimeout","CLEANUP_IFRAME_TIMEOUT_IN_SECONDS","addEventListener","appendChild","userFragment","authTokenFragment","getFetcher","hasWindow","window","fetch","crossFetch","toErrorList","errors","Array","isArray","map","item","Error","String","message","o","error_description","error","desc","undefined","Authorizer","config","codeVerifier","authorizerURL","trim","trimURL","redirectURL","clientID","extraHeaders","authorize","data","errorResponse","scopes","use_refresh_token","push","requestData","redirect_uri","response_mode","state","encode","createRandomString","nonce","response_type","scope","join","client_id","ResponseTypes","Code","sha","sha256","codeChallenge","bufferToBase64UrlEncoded","code_challenge","code_challenge_method","authorizeURL","createQueryParams","location","replace","okResponse","iframeRes","executeIframe","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","tokenResp","getToken","code","length","err","JSON","stringify","encodeURIComponent","browserLogin","getSession","forgotPassword","forgotPasswordResp","graphqlQuery","query","variables","operationName","forgot_password","getMetaData","res","meta","getProfile","headers","profileRes","profile","params","session","grant_type","refresh_token","code_verifier","fetcher","method","body","credentials","text","json","parse","ok","status","login","logout","magicLinkLogin","magic_link_login","oauthLogin","oauthProvider","roles","urlState","oauthProviderIds","Object","values","OAuthProviders","includes","resendOtp","resend_otp","resetPassword","resetPasswordRes","reset_password","revokeToken","responseData","errBody","signup","updateProfile","updateProfileRes","update_profile","deactivateAccount","deactivate_account","validateJWTToken","validate_jwt_token","validateSession","validate_session","verifyEmail","verify_email","resendVerifyEmail","resend_verify_email","verifyOtp","verify_otp"]}
|
package/lib/index.mjs
CHANGED
|
@@ -270,11 +270,11 @@ var _Authorizer = class _Authorizer {
|
|
|
270
270
|
if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;
|
|
271
271
|
try {
|
|
272
272
|
const forgotPasswordResp = await this.graphqlQuery({
|
|
273
|
-
query: "mutation
|
|
273
|
+
query: "mutation forgot_password($data: ForgotPasswordRequest!) { forgot_password(params: $data) { message should_show_mobile_otp_screen } }",
|
|
274
274
|
variables: {
|
|
275
275
|
data
|
|
276
276
|
},
|
|
277
|
-
operationName: "
|
|
277
|
+
operationName: "forgot_password"
|
|
278
278
|
});
|
|
279
279
|
return ((_a = forgotPasswordResp == null ? void 0 : forgotPasswordResp.errors) == null ? void 0 : _a.length) ? this.errorResponse(forgotPasswordResp.errors) : this.okResponse((_b = forgotPasswordResp == null ? void 0 : forgotPasswordResp.data) == null ? void 0 : _b.forgot_password);
|
|
280
280
|
} catch (error) {
|
|
@@ -317,12 +317,12 @@ var _Authorizer = class _Authorizer {
|
|
|
317
317
|
var _a, _b;
|
|
318
318
|
try {
|
|
319
319
|
const res = await this.graphqlQuery({
|
|
320
|
-
query: `query
|
|
320
|
+
query: `query session($params: SessionQueryRequest){session(params: $params) { ${authTokenFragment} } }`,
|
|
321
321
|
headers,
|
|
322
322
|
variables: {
|
|
323
323
|
params
|
|
324
324
|
},
|
|
325
|
-
operationName: "
|
|
325
|
+
operationName: "session"
|
|
326
326
|
});
|
|
327
327
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.session);
|
|
328
328
|
} catch (err) {
|
|
@@ -415,12 +415,12 @@ var _Authorizer = class _Authorizer {
|
|
|
415
415
|
if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;
|
|
416
416
|
const res = await this.graphqlQuery({
|
|
417
417
|
query: `
|
|
418
|
-
mutation
|
|
418
|
+
mutation magic_link_login($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}
|
|
419
419
|
`,
|
|
420
420
|
variables: {
|
|
421
421
|
data
|
|
422
422
|
},
|
|
423
|
-
operationName: "
|
|
423
|
+
operationName: "magic_link_login"
|
|
424
424
|
});
|
|
425
425
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.magic_link_login);
|
|
426
426
|
} catch (err) {
|
|
@@ -447,12 +447,12 @@ var _Authorizer = class _Authorizer {
|
|
|
447
447
|
try {
|
|
448
448
|
const res = await this.graphqlQuery({
|
|
449
449
|
query: `
|
|
450
|
-
mutation
|
|
450
|
+
mutation resend_otp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}
|
|
451
451
|
`,
|
|
452
452
|
variables: {
|
|
453
453
|
data
|
|
454
454
|
},
|
|
455
|
-
operationName: "
|
|
455
|
+
operationName: "resend_otp"
|
|
456
456
|
});
|
|
457
457
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.resend_otp);
|
|
458
458
|
} catch (err) {
|
|
@@ -465,11 +465,11 @@ var _Authorizer = class _Authorizer {
|
|
|
465
465
|
var _a, _b;
|
|
466
466
|
try {
|
|
467
467
|
const resetPasswordRes = await this.graphqlQuery({
|
|
468
|
-
query: "mutation
|
|
468
|
+
query: "mutation reset_password($data: ResetPasswordRequest!) { reset_password(params: $data) { message } }",
|
|
469
469
|
variables: {
|
|
470
470
|
data
|
|
471
471
|
},
|
|
472
|
-
operationName: "
|
|
472
|
+
operationName: "reset_password"
|
|
473
473
|
});
|
|
474
474
|
return ((_a = resetPasswordRes == null ? void 0 : resetPasswordRes.errors) == null ? void 0 : _a.length) ? this.errorResponse(resetPasswordRes.errors) : this.okResponse((_b = resetPasswordRes.data) == null ? void 0 : _b.reset_password);
|
|
475
475
|
} catch (error) {
|
|
@@ -540,12 +540,12 @@ var _Authorizer = class _Authorizer {
|
|
|
540
540
|
var _a, _b;
|
|
541
541
|
try {
|
|
542
542
|
const updateProfileRes = await this.graphqlQuery({
|
|
543
|
-
query: "mutation
|
|
543
|
+
query: "mutation update_profile($data: UpdateProfileRequest!) { update_profile(params: $data) { message } }",
|
|
544
544
|
headers,
|
|
545
545
|
variables: {
|
|
546
546
|
data
|
|
547
547
|
},
|
|
548
|
-
operationName: "
|
|
548
|
+
operationName: "update_profile"
|
|
549
549
|
});
|
|
550
550
|
return ((_a = updateProfileRes == null ? void 0 : updateProfileRes.errors) == null ? void 0 : _a.length) ? this.errorResponse(updateProfileRes.errors) : this.okResponse((_b = updateProfileRes.data) == null ? void 0 : _b.update_profile);
|
|
551
551
|
} catch (error) {
|
|
@@ -558,9 +558,9 @@ var _Authorizer = class _Authorizer {
|
|
|
558
558
|
var _a, _b;
|
|
559
559
|
try {
|
|
560
560
|
const res = await this.graphqlQuery({
|
|
561
|
-
query: "mutation
|
|
561
|
+
query: "mutation deactivate_account { deactivate_account { message } }",
|
|
562
562
|
headers,
|
|
563
|
-
operationName: "
|
|
563
|
+
operationName: "deactivate_account"
|
|
564
564
|
});
|
|
565
565
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.deactivate_account);
|
|
566
566
|
} catch (error) {
|
|
@@ -573,11 +573,11 @@ var _Authorizer = class _Authorizer {
|
|
|
573
573
|
var _a, _b;
|
|
574
574
|
try {
|
|
575
575
|
const res = await this.graphqlQuery({
|
|
576
|
-
query: "query
|
|
576
|
+
query: "query validate_jwt_token($params: ValidateJWTTokenRequest!){validate_jwt_token(params: $params) { is_valid claims } }",
|
|
577
577
|
variables: {
|
|
578
578
|
params
|
|
579
579
|
},
|
|
580
|
-
operationName: "
|
|
580
|
+
operationName: "validate_jwt_token"
|
|
581
581
|
});
|
|
582
582
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.validate_jwt_token);
|
|
583
583
|
} catch (error) {
|
|
@@ -590,11 +590,11 @@ var _Authorizer = class _Authorizer {
|
|
|
590
590
|
var _a, _b;
|
|
591
591
|
try {
|
|
592
592
|
const res = await this.graphqlQuery({
|
|
593
|
-
query: `query
|
|
593
|
+
query: `query validate_session($params: ValidateSessionRequest){validate_session(params: $params) { is_valid user { ${userFragment} } } }`,
|
|
594
594
|
variables: {
|
|
595
595
|
params
|
|
596
596
|
},
|
|
597
|
-
operationName: "
|
|
597
|
+
operationName: "validate_session"
|
|
598
598
|
});
|
|
599
599
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.validate_session);
|
|
600
600
|
} catch (error) {
|
|
@@ -608,12 +608,12 @@ var _Authorizer = class _Authorizer {
|
|
|
608
608
|
try {
|
|
609
609
|
const res = await this.graphqlQuery({
|
|
610
610
|
query: `
|
|
611
|
-
mutation
|
|
611
|
+
mutation verify_email($data: VerifyEmailRequest!) { verify_email(params: $data) { ${authTokenFragment}}}
|
|
612
612
|
`,
|
|
613
613
|
variables: {
|
|
614
614
|
data
|
|
615
615
|
},
|
|
616
|
-
operationName: "
|
|
616
|
+
operationName: "verify_email"
|
|
617
617
|
});
|
|
618
618
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.verify_email);
|
|
619
619
|
} catch (err) {
|
|
@@ -627,12 +627,12 @@ var _Authorizer = class _Authorizer {
|
|
|
627
627
|
try {
|
|
628
628
|
const res = await this.graphqlQuery({
|
|
629
629
|
query: `
|
|
630
|
-
mutation
|
|
630
|
+
mutation resend_verify_email($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}
|
|
631
631
|
`,
|
|
632
632
|
variables: {
|
|
633
633
|
data
|
|
634
634
|
},
|
|
635
|
-
operationName: "
|
|
635
|
+
operationName: "resend_verify_email"
|
|
636
636
|
});
|
|
637
637
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.resend_verify_email);
|
|
638
638
|
} catch (err) {
|
|
@@ -646,12 +646,12 @@ var _Authorizer = class _Authorizer {
|
|
|
646
646
|
try {
|
|
647
647
|
const res = await this.graphqlQuery({
|
|
648
648
|
query: `
|
|
649
|
-
mutation
|
|
649
|
+
mutation verify_otp($data: VerifyOTPRequest!) { verify_otp(params: $data) { ${authTokenFragment}}}
|
|
650
650
|
`,
|
|
651
651
|
variables: {
|
|
652
652
|
data
|
|
653
653
|
},
|
|
654
|
-
operationName: "
|
|
654
|
+
operationName: "verify_otp"
|
|
655
655
|
});
|
|
656
656
|
return ((_a = res == null ? void 0 : res.errors) == null ? void 0 : _a.length) ? this.errorResponse(res.errors) : this.okResponse((_b = res.data) == null ? void 0 : _b.verify_otp);
|
|
657
657
|
} catch (err) {
|
package/lib/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/constants.ts","../src/types.ts","../src/utils.ts"],"sourcesContent":["// Note: write gql query in single line to reduce bundle size\nimport crossFetch from 'cross-fetch';\nimport { DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS } from './constants';\nimport * as Types from './types';\nimport {\n bufferToBase64UrlEncoded,\n createQueryParams,\n createRandomString,\n encode,\n executeIframe,\n hasWindow,\n sha256,\n trimURL,\n} from './utils';\n\n// re-usable gql response fragment\nconst userFragment =\n 'id email email_verified given_name family_name middle_name nickname preferred_username picture signup_methods gender birthdate phone_number phone_number_verified roles created_at updated_at revoked_timestamp is_multi_factor_auth_enabled app_data';\nconst authTokenFragment = `message access_token expires_in refresh_token id_token should_show_email_otp_screen should_show_mobile_otp_screen should_show_totp_screen authenticator_scanner_image authenticator_secret authenticator_recovery_codes user { ${userFragment} }`;\n\n// set fetch based on window object. Cross fetch have issues with umd build\nconst getFetcher = () => (hasWindow() ? window.fetch : crossFetch);\n\nfunction toErrorList(errors: unknown): Error[] {\n if (Array.isArray(errors)) {\n return errors.map((item) => {\n if (item instanceof Error) return item;\n if (item && typeof item === 'object' && 'message' in item)\n return new Error(String((item as { message: unknown }).message));\n return new Error(String(item));\n });\n }\n if (errors instanceof Error) return [errors];\n if (errors !== null && typeof errors === 'object') {\n const o = errors as Record<string, unknown>;\n if (typeof o.error_description === 'string')\n return [new Error(o.error_description)];\n if (typeof o.error === 'string') {\n const desc =\n typeof o.error_description === 'string'\n ? `: ${o.error_description}`\n : '';\n return [new Error(`${o.error}${desc}`)];\n }\n if (typeof o.message === 'string') return [new Error(o.message)];\n }\n if (errors === undefined || errors === null)\n return [new Error('Unknown error')];\n return [new Error(String(errors))];\n}\n\nexport * from './types';\n\n/**\n * Client for the Authorizer API. All network calls go to `config.authorizerURL`\n * with cookies included where the runtime allows; only configure URLs you trust.\n */\nexport class Authorizer {\n // class variable\n config: Types.ConfigType;\n codeVerifier: string;\n\n // constructor\n constructor(config: Types.ConfigType) {\n if (!config) throw new Error('Configuration is required');\n\n this.config = config;\n if (!config.authorizerURL?.trim()) throw new Error('Invalid authorizerURL');\n\n this.config.authorizerURL = trimURL(config.authorizerURL);\n\n if (!config.redirectURL?.trim()) throw new Error('Invalid redirectURL');\n this.config.redirectURL = trimURL(config.redirectURL);\n this.config.clientID = (config?.clientID || '').trim();\n\n this.config.extraHeaders = {\n ...(config.extraHeaders || {}),\n 'x-authorizer-url': config.authorizerURL,\n 'x-authorizer-client-id': config.clientID || '',\n 'Content-Type': 'application/json',\n };\n }\n\n authorize = async (\n data: Types.AuthorizeRequest,\n ): Promise<\n | Types.ApiResponse<Types.GetTokenResponse>\n | Types.ApiResponse<Types.AuthorizeResponse>\n > => {\n if (!hasWindow())\n return this.errorResponse([\n new Error('this feature is only supported in browser'),\n ]);\n\n const scopes = ['openid', 'profile', 'email'];\n if (data.use_refresh_token) scopes.push('offline_access');\n\n const requestData: Record<string, string> = {\n redirect_uri: this.config.redirectURL,\n response_mode: data.response_mode || 'web_message',\n state: encode(createRandomString()),\n nonce: encode(createRandomString()),\n response_type: data.response_type,\n scope: scopes.join(' '),\n client_id: this.config?.clientID || '',\n };\n\n if (data.response_type === Types.ResponseTypes.Code) {\n this.codeVerifier = createRandomString();\n const sha = await sha256(this.codeVerifier);\n const codeChallenge = bufferToBase64UrlEncoded(sha);\n requestData.code_challenge = codeChallenge;\n requestData.code_challenge_method = 'S256';\n }\n\n const authorizeURL = `${\n this.config.authorizerURL\n }/authorize?${createQueryParams(requestData)}`;\n\n if (requestData.response_mode !== 'web_message') {\n window.location.replace(authorizeURL);\n return this.okResponse(undefined);\n }\n\n try {\n const iframeRes = await executeIframe(\n authorizeURL,\n this.config.authorizerURL,\n DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n );\n\n if (data.response_type === Types.ResponseTypes.Code) {\n // get token and return it\n const tokenResp: Types.ApiResponse<Types.GetTokenResponse> =\n await this.getToken({\n code: iframeRes.code,\n });\n return tokenResp.errors.length\n ? this.errorResponse(tokenResp.errors)\n : this.okResponse(tokenResp.data);\n }\n\n // this includes access_token, id_token & refresh_token(optionally)\n return this.okResponse(iframeRes);\n } catch (err) {\n if (err.error) {\n window.location.replace(\n `${this.config.authorizerURL}/app?state=${encode(\n JSON.stringify({\n clientID: this.config.clientID,\n redirectURL: this.config.redirectURL,\n authorizerURL: this.config.authorizerURL,\n }),\n )}&redirect_uri=${encodeURIComponent(this.config.redirectURL || '')}`,\n );\n }\n\n return this.errorResponse(err);\n }\n };\n\n browserLogin = async (): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const tokenResp: Types.ApiResponse<Types.AuthToken> =\n await this.getSession();\n return tokenResp.errors.length\n ? this.errorResponse(tokenResp.errors)\n : this.okResponse(tokenResp.data);\n } catch (err) {\n if (!hasWindow()) {\n return {\n data: undefined,\n errors: [new Error('browserLogin is only supported for browsers')],\n };\n }\n\n window.location.replace(\n `${this.config.authorizerURL}/app?state=${encode(\n JSON.stringify({\n clientID: this.config.clientID,\n redirectURL: this.config.redirectURL,\n authorizerURL: this.config.authorizerURL,\n }),\n )}&redirect_uri=${encodeURIComponent(this.config.redirectURL || '')}`,\n );\n return this.errorResponse(err);\n }\n };\n\n forgotPassword = async (\n data: Types.ForgotPasswordRequest,\n ): Promise<Types.ApiResponse<Types.ForgotPasswordResponse>> => {\n if (!data.state) data.state = encode(createRandomString());\n\n if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;\n\n try {\n const forgotPasswordResp = await this.graphqlQuery({\n query:\n 'mutation forgotPassword($data: ForgotPasswordRequest!) {\tforgot_password(params: $data) { message should_show_mobile_otp_screen } }',\n variables: {\n data,\n },\n operationName: 'forgotPassword',\n });\n return forgotPasswordResp?.errors?.length\n ? this.errorResponse(forgotPasswordResp.errors)\n : this.okResponse(forgotPasswordResp?.data?.forgot_password);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n getMetaData = async (): Promise<Types.ApiResponse<Types.MetaData>> => {\n try {\n const res = await this.graphqlQuery({\n query:\n 'query meta { meta { version client_id is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_microsoft_login_enabled is_twitch_login_enabled is_roblox_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled is_multi_factor_auth_enabled is_mobile_basic_authentication_enabled is_phone_verification_enabled } }',\n operationName: 'meta',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data.meta);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n getProfile = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.User>> => {\n try {\n const profileRes = await this.graphqlQuery({\n query: `query profile {\tprofile { ${userFragment} } }`,\n headers,\n operationName: 'profile',\n });\n\n return profileRes?.errors?.length\n ? this.errorResponse(profileRes.errors)\n : this.okResponse(profileRes.data.profile);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n // this is used to verify / get session using cookie by default. If using node.js pass authorization header\n getSession = async (\n headers?: Types.Headers,\n params?: Types.SessionQueryRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `query getSession($params: SessionQueryRequest){session(params: $params) { ${authTokenFragment} } }`,\n headers,\n variables: {\n params,\n },\n operationName: 'getSession',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.session);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n getToken = async (\n data: Types.GetTokenRequest,\n ): Promise<Types.ApiResponse<Types.GetTokenResponse>> => {\n if (!data.grant_type) data.grant_type = 'authorization_code';\n\n if (data.grant_type === 'refresh_token' && !data.refresh_token?.trim())\n return this.errorResponse([new Error('Invalid refresh_token')]);\n\n if (data.grant_type === 'authorization_code' && !this.codeVerifier)\n return this.errorResponse([new Error('Invalid code verifier')]);\n\n const requestData = {\n client_id: this.config.clientID,\n code: data.code || '',\n code_verifier: this.codeVerifier || '',\n grant_type: data.grant_type || '',\n refresh_token: data.refresh_token || '',\n };\n\n try {\n const fetcher = getFetcher();\n const res = await fetcher(`${this.config.authorizerURL}/oauth/token`, {\n method: 'POST',\n body: JSON.stringify(requestData),\n headers: {\n ...this.config.extraHeaders,\n },\n credentials: 'include',\n });\n\n const text = await res.text();\n let json: {\n error?: string;\n error_description?: string;\n } & Record<string, unknown> = {};\n if (text) {\n try {\n json = JSON.parse(text);\n } catch {\n return this.errorResponse([\n new Error(\n res.ok\n ? 'Invalid JSON from token endpoint'\n : `HTTP ${res.status}`,\n ),\n ]);\n }\n }\n if (!res.ok) {\n return this.errorResponse([\n new Error(\n String(\n json.error_description || json.error || `HTTP ${res.status}`,\n ),\n ),\n ]);\n }\n\n return this.okResponse(json);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n login = async (\n data: Types.LoginRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation login($data: LoginRequest!) { login(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'login',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.login);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n logout = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: 'mutation logout { logout { message } }',\n headers,\n operationName: 'logout',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.logout);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n magicLinkLogin = async (\n data: Types.MagicLinkLoginRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n if (!data.state) data.state = encode(createRandomString());\n\n if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;\n\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation magicLinkLogin($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'magicLinkLogin',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.magic_link_login);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n oauthLogin = async (\n oauthProvider: string,\n roles?: string[],\n redirect_uri?: string,\n state?: string,\n ): Promise<void> => {\n let urlState = state;\n if (!urlState) {\n urlState = encode(createRandomString());\n }\n\n const oauthProviderIds = Object.values(Types.OAuthProviders) as string[];\n if (!oauthProviderIds.includes(oauthProvider)) {\n throw new Error(\n `only following oauth providers are supported: ${oauthProviderIds.join(', ')}`,\n );\n }\n if (!hasWindow())\n throw new Error('oauthLogin is only supported for browsers');\n\n if (roles && roles.length) urlState += `&roles=${roles.join(',')}`;\n\n window.location.replace(\n `${this.config.authorizerURL}/oauth_login/${oauthProvider}?redirect_uri=${encodeURIComponent(\n redirect_uri || this.config.redirectURL || '',\n )}&state=${encodeURIComponent(urlState)}`,\n );\n };\n\n resendOtp = async (\n data: Types.ResendOtpRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation resendOtp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'resendOtp',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.resend_otp);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n resetPassword = async (\n data: Types.ResetPasswordRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const resetPasswordRes = await this.graphqlQuery({\n query:\n 'mutation resetPassword($data: ResetPasswordRequest!) {\treset_password(params: $data) { message } }',\n variables: {\n data,\n },\n operationName: 'resetPassword',\n });\n return resetPasswordRes?.errors?.length\n ? this.errorResponse(resetPasswordRes.errors)\n : this.okResponse(resetPasswordRes.data?.reset_password);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n revokeToken = async (data: { refresh_token: string }) => {\n if (!data.refresh_token?.trim())\n return this.errorResponse([new Error('Invalid refresh_token')]);\n\n try {\n const fetcher = getFetcher();\n const res = await fetcher(`${this.config.authorizerURL}/oauth/revoke`, {\n method: 'POST',\n headers: {\n ...this.config.extraHeaders,\n },\n body: JSON.stringify({\n refresh_token: data.refresh_token,\n client_id: this.config.clientID,\n }),\n });\n\n const text = await res.text();\n let responseData: Record<string, unknown> = {};\n if (text) {\n try {\n responseData = JSON.parse(text) as Record<string, unknown>;\n } catch {\n return this.errorResponse([\n new Error(\n res.ok\n ? 'Invalid JSON from revoke endpoint'\n : `HTTP ${res.status}`,\n ),\n ]);\n }\n }\n\n if (!res.ok) {\n const errBody = responseData as {\n error?: string;\n error_description?: string;\n };\n return this.errorResponse([\n new Error(\n String(\n errBody.error_description ||\n errBody.error ||\n `HTTP ${res.status}`,\n ),\n ),\n ]);\n }\n\n return this.okResponse(responseData);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n signup = async (\n data: Types.SignUpRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation signup($data: SignUpRequest!) { signup(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'signup',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.signup);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n updateProfile = async (\n data: Types.UpdateProfileRequest,\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const updateProfileRes = await this.graphqlQuery({\n query:\n 'mutation updateProfile($data: UpdateProfileRequest!) {\tupdate_profile(params: $data) { message } }',\n headers,\n variables: {\n data,\n },\n operationName: 'updateProfile',\n });\n\n return updateProfileRes?.errors?.length\n ? this.errorResponse(updateProfileRes.errors)\n : this.okResponse(updateProfileRes.data?.update_profile);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n deactivateAccount = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: 'mutation deactivateAccount { deactivate_account { message } }',\n headers,\n operationName: 'deactivateAccount',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.deactivate_account);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n validateJWTToken = async (\n params?: Types.ValidateJWTTokenRequest,\n ): Promise<Types.ApiResponse<Types.ValidateJWTTokenResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query:\n 'query validateJWTToken($params: ValidateJWTTokenRequest!){validate_jwt_token(params: $params) { is_valid claims } }',\n variables: {\n params,\n },\n operationName: 'validateJWTToken',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.validate_jwt_token);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n validateSession = async (\n params?: Types.ValidateSessionRequest,\n ): Promise<Types.ApiResponse<Types.ValidateSessionResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `query validateSession($params: ValidateSessionRequest){validate_session(params: $params) { is_valid user { ${userFragment} } } }`,\n variables: {\n params,\n },\n operationName: 'validateSession',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.validate_session);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n verifyEmail = async (\n data: Types.VerifyEmailRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation verifyEmail($data: VerifyEmailRequest!) { verify_email(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'verifyEmail',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.verify_email);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n resendVerifyEmail = async (\n data: Types.ResendVerifyEmailRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation resendVerifyEmail($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'resendVerifyEmail',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.resend_verify_email);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n verifyOtp = async (\n data: Types.VerifyOtpRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation verifyOtp($data: VerifyOTPRequest!) { verify_otp(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'verifyOtp',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.verify_otp);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n // helper to execute graphql queries\n // takes in any query or mutation string as value\n graphqlQuery = async (\n data: Types.GraphqlQueryRequest,\n ): Promise<Types.GrapQlResponseType> => {\n const fetcher = getFetcher();\n const body: Record<string, unknown> = {\n query: data.query,\n variables: data.variables || {},\n };\n if (data.operationName) {\n body.operationName = data.operationName;\n }\n const res = await fetcher(`${this.config.authorizerURL}/graphql`, {\n method: 'POST',\n body: JSON.stringify(body),\n headers: {\n ...this.config.extraHeaders,\n ...(data.headers || {}),\n },\n credentials: 'include',\n });\n\n const text = await res.text();\n let json: { data?: unknown; errors?: unknown[] } = {};\n if (text) {\n try {\n json = JSON.parse(text);\n } catch {\n return {\n data: undefined,\n errors: [\n new Error(\n res.ok\n ? 'Invalid JSON from GraphQL endpoint'\n : `HTTP ${res.status}`,\n ),\n ],\n };\n }\n } else if (!res.ok) {\n return {\n data: undefined,\n errors: [new Error(`HTTP ${res.status}`)],\n };\n }\n\n if (json?.errors?.length) {\n return { data: undefined, errors: toErrorList(json.errors) };\n }\n\n if (!res.ok) {\n return {\n data: undefined,\n errors: [new Error(`HTTP ${res.status}`)],\n };\n }\n\n return { data: json.data, errors: [] };\n };\n\n errorResponse = (errors: unknown): Types.ApiResponse<any> => {\n return {\n data: undefined,\n errors: toErrorList(errors),\n };\n };\n\n okResponse = (data: any): Types.ApiResponse<any> => {\n return {\n data,\n errors: [],\n };\n };\n}\n","export const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;\nexport const CLEANUP_IFRAME_TIMEOUT_IN_SECONDS = 2;\nexport const AUTHORIZE_IFRAME_TIMEOUT = 5;\n","export interface GrapQlResponseType {\n data: any | undefined;\n errors: Error[];\n}\nexport interface ApiResponse<T> {\n errors: Error[];\n data: T | undefined;\n}\n/**\n * SDK configuration. Requests use `credentials: 'include'`, so cookies for the\n * Authorizer instance are sent to `authorizerURL`. That URL must be the exact,\n * trusted origin of your Authorizer deployment (correct scheme, host, and port).\n * A mistaken or attacker-controlled URL can leak session credentials.\n */\nexport interface ConfigType {\n authorizerURL: string;\n redirectURL: string;\n clientID?: string;\n extraHeaders?: Record<string, string>;\n}\n\n// Pagination\nexport interface Pagination {\n limit: number;\n page: number;\n offset: number;\n total: number;\n}\n\n// Meta\nexport interface Meta {\n version: string;\n client_id: string;\n is_google_login_enabled: boolean;\n is_facebook_login_enabled: boolean;\n is_github_login_enabled: boolean;\n is_linkedin_login_enabled: boolean;\n is_apple_login_enabled: boolean;\n is_discord_login_enabled: boolean;\n is_twitter_login_enabled: boolean;\n is_microsoft_login_enabled: boolean;\n is_twitch_login_enabled: boolean;\n is_roblox_login_enabled: boolean;\n is_email_verification_enabled: boolean;\n is_basic_authentication_enabled: boolean;\n is_magic_link_login_enabled: boolean;\n is_sign_up_enabled: boolean;\n is_strong_password_enabled: boolean;\n is_multi_factor_auth_enabled: boolean;\n is_mobile_basic_authentication_enabled: boolean;\n is_phone_verification_enabled: boolean;\n}\n\n// User\nexport interface User {\n id: string;\n email: string | null;\n email_verified: boolean;\n signup_methods: string;\n given_name: string | null;\n family_name: string | null;\n middle_name: string | null;\n nickname: string | null;\n preferred_username: string | null;\n gender: string | null;\n birthdate: string | null;\n phone_number: string | null;\n phone_number_verified: boolean;\n picture: string | null;\n roles: string[];\n created_at: number | null;\n updated_at: number | null;\n revoked_timestamp: number | null;\n is_multi_factor_auth_enabled: boolean | null;\n app_data: Record<string, any> | null;\n}\n\n// Users\nexport interface Users {\n pagination: Pagination;\n users: User[];\n}\n\n// VerificationRequest\nexport interface VerificationRequest {\n id: string;\n identifier: string | null;\n token: string | null;\n email: string | null;\n expires: number | null;\n created_at: number | null;\n updated_at: number | null;\n nonce: string | null;\n redirect_uri: string | null;\n}\n\n// VerificationRequests\nexport interface VerificationRequests {\n pagination: Pagination;\n verification_requests: VerificationRequest[];\n}\n\n// AuthorizerError (GraphQL Error type - renamed to avoid conflict with native Error)\nexport interface AuthorizerError {\n message: string;\n reason: string;\n}\n\n// AuthResponse\nexport interface AuthResponse {\n message: string;\n should_show_email_otp_screen: boolean | null;\n should_show_mobile_otp_screen: boolean | null;\n should_show_totp_screen: boolean | null;\n access_token: string | null;\n id_token: string | null;\n refresh_token: string | null;\n expires_in: number | null;\n user: User | null;\n authenticator_scanner_image: string | null;\n authenticator_secret: string | null;\n authenticator_recovery_codes: string[] | null;\n}\n\n// Keep AuthToken as alias for backward compatibility\nexport type AuthToken = AuthResponse;\n\n// Response\nexport interface Response {\n message: string;\n}\n\n// Keep GenericResponse as alias for backward compatibility\nexport type GenericResponse = Response;\n\n// ForgotPasswordResponse\nexport interface ForgotPasswordResponse {\n message: string;\n should_show_mobile_otp_screen: boolean | null;\n}\n\n// InviteMembersResponse\nexport interface InviteMembersResponse {\n message: string;\n Users: User[];\n}\n\n// LoginRequest\nexport interface LoginRequest {\n email?: string | null;\n phone_number?: string | null;\n password: string;\n roles?: string[] | null;\n scope?: string[] | null;\n state?: string | null;\n}\n\n// SignUpRequest\nexport interface SignUpRequest {\n email?: string | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n picture?: string | null;\n password: string;\n confirm_password: string;\n roles?: string[] | null;\n scope?: string[] | null;\n redirect_uri?: string | null;\n is_multi_factor_auth_enabled?: boolean | null;\n state?: string | null;\n app_data?: Record<string, any> | null;\n}\n\n// Keep SignupRequest as alias for backward compatibility\nexport type SignupRequest = SignUpRequest;\n\n// MagicLinkLoginRequest\nexport interface MagicLinkLoginRequest {\n email: string;\n roles?: string[] | null;\n scope?: string[] | null;\n state?: string | null;\n redirect_uri?: string | null;\n}\n\n// VerifyEmailRequest\nexport interface VerifyEmailRequest {\n token: string;\n state?: string | null;\n}\n\n// ResendVerifyEmailRequest\nexport interface ResendVerifyEmailRequest {\n email: string;\n identifier: string;\n state?: string | null;\n}\n\n// VerifyOTPRequest\nexport interface VerifyOTPRequest {\n email?: string | null;\n phone_number?: string | null;\n otp: string;\n is_totp?: boolean | null;\n state?: string | null;\n}\n\n// Keep VerifyOtpRequest as alias for backward compatibility\nexport type VerifyOtpRequest = VerifyOTPRequest;\n\n// ResendOTPRequest\nexport interface ResendOTPRequest {\n email?: string | null;\n phone_number?: string | null;\n state?: string | null;\n}\n\n// Keep ResendOtpRequest as alias for backward compatibility\nexport type ResendOtpRequest = ResendOTPRequest;\n\n// UpdateProfileRequest\nexport interface UpdateProfileRequest {\n old_password?: string | null;\n new_password?: string | null;\n confirm_new_password?: string | null;\n email?: string | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n picture?: string | null;\n is_multi_factor_auth_enabled?: boolean | null;\n app_data?: Record<string, any> | null;\n}\n\n// UpdateUserRequest (admin only)\nexport interface UpdateUserRequest {\n id: string;\n email?: string | null;\n email_verified?: boolean | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n phone_number_verified?: boolean | null;\n picture?: string | null;\n roles?: string[] | null;\n is_multi_factor_auth_enabled?: boolean | null;\n app_data?: Record<string, any> | null;\n}\n\n// ForgotPasswordRequest\nexport interface ForgotPasswordRequest {\n email?: string | null;\n phone_number?: string | null;\n state?: string | null;\n redirect_uri?: string | null;\n}\n\n// ResetPasswordRequest\nexport interface ResetPasswordRequest {\n token?: string | null;\n otp?: string | null;\n phone_number?: string | null;\n password: string;\n confirm_password: string;\n}\n\n// Keep ResetPasswordInput as alias for backward compatibility\nexport type ResetPasswordInput = ResetPasswordRequest;\n\n// DeleteUserRequest (admin only)\nexport interface DeleteUserRequest {\n email: string;\n}\n\n// SessionQueryRequest\nexport interface SessionQueryRequest {\n roles?: string[] | null;\n scope?: string[] | null;\n}\n\n// Keep SessionQueryInput as alias for backward compatibility\nexport type SessionQueryInput = SessionQueryRequest;\n\n// ValidateJWTTokenRequest\nexport interface ValidateJWTTokenRequest {\n token_type: string;\n token: string;\n roles?: string[] | null;\n}\n\n// Keep ValidateJWTTokenInput as alias for backward compatibility\nexport type ValidateJWTTokenInput = ValidateJWTTokenRequest;\n\n// ValidateJWTTokenResponse\nexport interface ValidateJWTTokenResponse {\n is_valid: boolean;\n claims: Record<string, any>;\n}\n\n// ValidateSessionRequest\nexport interface ValidateSessionRequest {\n cookie: string;\n roles?: string[] | null;\n}\n\n// Keep ValidateSessionInput as alias for backward compatibility\nexport type ValidateSessionInput = ValidateSessionRequest;\n\n// ValidateSessionResponse\nexport interface ValidateSessionResponse {\n is_valid: boolean;\n user: User;\n}\n\n// OAuth types (not part of GraphQL schema, but used for OAuth flow)\nexport enum OAuthProviders {\n Apple = 'apple',\n Github = 'github',\n Google = 'google',\n Facebook = 'facebook',\n LinkedIn = 'linkedin',\n Twitter = 'twitter',\n Microsoft = 'microsoft',\n Twitch = 'twitch',\n Roblox = 'roblox',\n Discord = 'discord',\n}\n\nexport enum ResponseTypes {\n Code = 'code',\n Token = 'token',\n}\n\nexport interface AuthorizeRequest {\n response_type: ResponseTypes;\n use_refresh_token?: boolean;\n response_mode?: string;\n}\n\n// Keep AuthorizeInput as alias for backward compatibility\nexport type AuthorizeInput = AuthorizeRequest;\n\nexport interface AuthorizeResponse {\n state: string;\n code?: string;\n error?: string;\n error_description?: string;\n}\n\nexport interface RevokeTokenInput {\n refresh_token: string;\n}\n\nexport interface GetTokenRequest {\n code?: string;\n grant_type?: string;\n refresh_token?: string;\n}\n\n// Keep GetTokenInput as alias for backward compatibility\nexport type GetTokenInput = GetTokenRequest;\n\nexport interface GetTokenResponse {\n access_token: string;\n expires_in: number;\n id_token: string;\n refresh_token?: string;\n}\n\n// GraphQL query request\nexport type Headers = Record<string, string>;\n\nexport interface GraphqlQueryRequest {\n query: string;\n variables?: Record<string, any>;\n headers?: Headers;\n /** When set, sent as the GraphQL `operationName` field (helps servers identify the operation for logging and metrics). */\n operationName?: string;\n}\n\n// Deprecated types (for backward compatibility)\nexport interface IsValidJWTQueryInput {\n jwt: string;\n roles?: string[];\n}\n\nexport interface ValidJWTResponse {\n valid: string;\n message: string;\n}\n\n// Keep MetaDataResponse as alias for backward compatibility\nexport type MetaDataResponse = Meta;\n\n// Keep MetaData as alias for backward compatibility\nexport type MetaData = Meta;\n","import {\n CLEANUP_IFRAME_TIMEOUT_IN_SECONDS,\n DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n} from './constants';\nimport { AuthorizeResponse } from './types';\n\nexport const hasWindow = (): boolean => typeof window !== 'undefined';\n\nexport const trimURL = (url: string): string => {\n let trimmedData = url.trim();\n const lastChar = trimmedData[trimmedData.length - 1];\n if (lastChar === '/')\n trimmedData = trimmedData.slice(0, -1);\n\n return trimmedData;\n};\n\nexport const getCrypto = () => {\n // ie 11.x uses msCrypto\n return hasWindow()\n ? ((window.crypto || (window as any).msCrypto) as Crypto)\n : null;\n};\n\nexport const getCryptoSubtle = () => {\n const crypto = getCrypto();\n // safari 10.x uses webkitSubtle\n return (crypto && crypto.subtle) || (crypto as any).webkitSubtle;\n};\n\nexport const createRandomString = () => {\n const charset\n = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.';\n let random = '';\n const crypto = getCrypto();\n if (crypto) {\n const randomValues = Array.from(crypto.getRandomValues(new Uint8Array(43)));\n randomValues.forEach(v => (random += charset[v % charset.length]));\n }\n return random;\n};\n\nexport const encode = (value: string) =>\n hasWindow() ? btoa(value) : Buffer.from(value).toString('base64');\nexport const decode = (value: string) =>\n hasWindow() ? atob(value) : Buffer.from(value, 'base64').toString('ascii');\n\nexport const createQueryParams = (params: any) => {\n return Object.keys(params)\n .filter(k => typeof params[k] !== 'undefined')\n .map(k => `${encodeURIComponent(k)}=${encodeURIComponent(params[k])}`)\n .join('&');\n};\n\nexport const sha256 = async (s: string) => {\n const subtle = getCryptoSubtle();\n if (!subtle)\n throw new Error('Web Crypto API is not available');\n\n const digestOp: any = subtle.digest(\n { name: 'SHA-256' },\n new TextEncoder().encode(s),\n );\n\n // msCrypto (IE11) uses the old spec, which is not Promise based\n // https://msdn.microsoft.com/en-us/expression/dn904640(v=vs.71)\n if ((window as any).msCrypto) {\n return new Promise((resolve, reject) => {\n digestOp.oncomplete = (e: any) => {\n resolve(e.target.result);\n };\n\n digestOp.onerror = (e: ErrorEvent) => {\n reject(e.error);\n };\n\n digestOp.onabort = () => {\n reject(new Error('The digest operation was aborted'));\n };\n });\n }\n\n return await digestOp;\n};\n\nconst urlEncodeB64 = (input: string) => {\n const b64Chars: { [index: string]: string } = { '+': '-', '/': '_', '=': '' };\n return input.replace(/[+/=]/g, (m: string) => b64Chars[m]);\n};\n\n// https://stackoverflow.com/questions/30106476/\nconst decodeB64 = (input: string) =>\n decodeURIComponent(\n atob(input)\n .split('')\n .map((c) => {\n return `%${`00${c.charCodeAt(0).toString(16)}`.slice(-2)}`;\n })\n .join(''),\n );\n\nexport const urlDecodeB64 = (input: string) =>\n decodeB64(input.replace(/_/g, '/').replace(/-/g, '+'));\n\nexport const bufferToBase64UrlEncoded = (input: number[] | Uint8Array) => {\n const ie11SafeInput = new Uint8Array(input);\n return urlEncodeB64(\n window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))),\n );\n};\n\nconst originFromAuthorizerUrl = (authorizerUrl: string): string => {\n try {\n return new URL(authorizerUrl).origin;\n }\n catch {\n return authorizerUrl;\n }\n};\n\nexport const executeIframe = (\n authorizeUrl: string,\n eventOrigin: string,\n timeoutInSeconds: number = DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n) => {\n return new Promise<AuthorizeResponse>((resolve, reject) => {\n const expectedOrigin = originFromAuthorizerUrl(eventOrigin);\n const iframe = window.document.createElement('iframe');\n iframe.setAttribute('id', 'authorizer-iframe');\n iframe.setAttribute('width', '0');\n iframe.setAttribute('height', '0');\n iframe.style.display = 'none';\n const removeIframe = () => {\n if (window.document.body.contains(iframe)) {\n window.document.body.removeChild(iframe);\n window.removeEventListener('message', iframeEventHandler, false);\n }\n };\n\n const timeoutSetTimeoutId = setTimeout(() => {\n reject(new Error('Authorization timeout'));\n removeIframe();\n }, timeoutInSeconds * 1000);\n\n const iframeEventHandler: (e: MessageEvent) => void = function (e: MessageEvent) {\n if (e.origin !== expectedOrigin)\n return;\n if (!e.data || !e.data.response)\n return;\n\n const eventSource = e.source;\n\n if (eventSource)\n (eventSource as any).close();\n\n if (e.data.response.error)\n reject(e.data.response);\n else\n resolve(e.data.response);\n\n clearTimeout(timeoutSetTimeoutId);\n window.removeEventListener('message', iframeEventHandler, false);\n setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1000);\n };\n\n window.addEventListener('message', iframeEventHandler, false);\n window.document.body.appendChild(iframe);\n iframe.setAttribute('src', authorizeUrl);\n });\n};\n"],"mappings":";;;;AACA,OAAOA,gBAAgB;;;ACDhB,IAAMC,uCAAuC;AAC7C,IAAMC,oCAAoC;;;ACuU1C,IAAKC,iBAAAA,0BAAAA,iBAAAA;;;;;;;;;;;SAAAA;;AAaL,IAAKC,gBAAAA,0BAAAA,gBAAAA;;;SAAAA;;;;AC/UL,IAAMC,YAAY,6BAAe,OAAOC,WAAW,aAAjC;AAElB,IAAMC,UAAU,wBAACC,QAAAA;AACtB,MAAIC,cAAcD,IAAIE,KAAI;AAC1B,QAAMC,WAAWF,YAAYA,YAAYG,SAAS,CAAA;AAClD,MAAID,aAAa,IACfF,eAAcA,YAAYI,MAAM,GAAG,EAAC;AAEtC,SAAOJ;AACT,GAPuB;AAShB,IAAMK,YAAY,6BAAA;AAEvB,SAAOT,UAAAA,IACDC,OAAOS,UAAWT,OAAeU,WACnC;AACN,GALyB;AAOlB,IAAMC,kBAAkB,6BAAA;AAC7B,QAAMF,SAASD,UAAAA;AAEf,SAAQC,UAAUA,OAAOG,UAAYH,OAAeI;AACtD,GAJ+B;AAMxB,IAAMC,qBAAqB,6BAAA;AAChC,QAAMC,UACF;AACJ,MAAIC,SAAS;AACb,QAAMP,SAASD,UAAAA;AACf,MAAIC,QAAQ;AACV,UAAMQ,eAAeC,MAAMC,KAAKV,OAAOW,gBAAgB,IAAIC,WAAW,EAAA,CAAA,CAAA;AACtEJ,iBAAaK,QAAQC,CAAAA,MAAMP,UAAUD,QAAQQ,IAAIR,QAAQT,MAAM,CAAC;EAClE;AACA,SAAOU;AACT,GAVkC;AAY3B,IAAMQ,SAAS,wBAACC,UACrB1B,UAAAA,IAAc2B,KAAKD,KAAAA,IAASE,OAAOR,KAAKM,KAAAA,EAAOG,SAAS,QAAA,GADpC;AAKf,IAAMC,oBAAoB,wBAACC,WAAAA;AAChC,SAAOC,OAAOC,KAAKF,MAAAA,EAChBG,OAAOC,CAAAA,MAAK,OAAOJ,OAAOI,CAAAA,MAAO,WAAA,EACjCC,IAAID,CAAAA,MAAK,GAAGE,mBAAmBF,CAAAA,CAAAA,IAAME,mBAAmBN,OAAOI,CAAAA,CAAE,CAAA,EAAG,EACpEG,KAAK,GAAA;AACV,GALiC;AAO1B,IAAMC,SAAS,8BAAOC,MAAAA;AAC3B,QAAMC,SAASC,gBAAAA;AACf,MAAI,CAACD,OACH,OAAM,IAAIE,MAAM,iCAAA;AAElB,QAAMC,WAAgBH,OAAOI,OAC3B;IAAEC,MAAM;EAAU,GAClB,IAAIC,YAAAA,EAAcC,OAAOR,CAAAA,CAAAA;AAK3B,MAAKS,OAAeC,UAAU;AAC5B,WAAO,IAAIC,QAAQ,CAACC,SAASC,WAAAA;AAC3BT,eAASU,aAAa,CAACC,MAAAA;AACrBH,gBAAQG,EAAEC,OAAOC,MAAM;MACzB;AAEAb,eAASc,UAAU,CAACH,MAAAA;AAClBF,eAAOE,EAAEI,KAAK;MAChB;AAEAf,eAASgB,UAAU,MAAA;AACjBP,eAAO,IAAIV,MAAM,kCAAA,CAAA;MACnB;IACF,CAAA;EACF;AAEA,SAAO,MAAMC;AACf,GA7BsB;AA+BtB,IAAMiB,eAAe,wBAACC,UAAAA;AACpB,QAAMC,WAAwC;IAAE,KAAK;IAAK,KAAK;IAAK,KAAK;EAAG;AAC5E,SAAOD,MAAME,QAAQ,UAAU,CAACC,MAAcF,SAASE,CAAAA,CAAE;AAC3D,GAHqB;AAmBd,IAAMC,2BAA2B,wBAACC,UAAAA;AACvC,QAAMC,gBAAgB,IAAIC,WAAWF,KAAAA;AACrC,SAAOG,aACLC,OAAOC,KAAKC,OAAOC,aAAY,GAAIC,MAAMC,KAAKR,aAAAA,CAAAA,CAAAA,CAAAA;AAElD,GALwC;AAOxC,IAAMS,0BAA0B,wBAACC,kBAAAA;AAC/B,MAAI;AACF,WAAO,IAAIC,IAAID,aAAAA,EAAeE;EAChC,QACM;AACJ,WAAOF;EACT;AACF,GAPgC;AASzB,IAAMG,gBAAgB,wBAC3BC,cACAC,aACAC,mBAA2BC,yCAAoC;AAE/D,SAAO,IAAIC,QAA2B,CAACC,SAASC,WAAAA;AAC9C,UAAMC,iBAAiBZ,wBAAwBM,WAAAA;AAC/C,UAAMO,SAASnB,OAAOoB,SAASC,cAAc,QAAA;AAC7CF,WAAOG,aAAa,MAAM,mBAAA;AAC1BH,WAAOG,aAAa,SAAS,GAAA;AAC7BH,WAAOG,aAAa,UAAU,GAAA;AAC9BH,WAAOI,MAAMC,UAAU;AACvB,UAAMC,eAAe,6BAAA;AACnB,UAAIzB,OAAOoB,SAASM,KAAKC,SAASR,MAAAA,GAAS;AACzCnB,eAAOoB,SAASM,KAAKE,YAAYT,MAAAA;AACjCnB,eAAO6B,oBAAoB,WAAWC,oBAAoB,KAAA;MAC5D;IACF,GALqB;AAOrB,UAAMC,sBAAsBC,WAAW,MAAA;AACrCf,aAAO,IAAIgB,MAAM,uBAAA,CAAA;AACjBR,mBAAAA;IACF,GAAGZ,mBAAmB,GAAA;AAEtB,UAAMiB,qBAAgD,gCAAUI,GAAe;AAC7E,UAAIA,EAAEzB,WAAWS,eACf;AACF,UAAI,CAACgB,EAAEC,QAAQ,CAACD,EAAEC,KAAKC,SACrB;AAEF,YAAMC,cAAcH,EAAEI;AAEtB,UAAID,YACDA,aAAoBE,MAAK;AAE5B,UAAIL,EAAEC,KAAKC,SAASI,MAClBvB,QAAOiB,EAAEC,KAAKC,QAAQ;UAEtBpB,SAAQkB,EAAEC,KAAKC,QAAQ;AAEzBK,mBAAaV,mBAAAA;AACb/B,aAAO6B,oBAAoB,WAAWC,oBAAoB,KAAA;AAC1DE,iBAAWP,cAAciB,oCAAoC,GAAA;IAC/D,GAnBsD;AAqBtD1C,WAAO2C,iBAAiB,WAAWb,oBAAoB,KAAA;AACvD9B,WAAOoB,SAASM,KAAKkB,YAAYzB,MAAAA;AACjCA,WAAOG,aAAa,OAAOX,YAAAA;EAC7B,CAAA;AACF,GAjD6B;;;AHxG7B,IAAMkC,eACJ;AACF,IAAMC,oBAAoB,kOAAkOD,YAAAA;AAG5P,IAAME,aAAa,6BAAOC,UAAAA,IAAcC,OAAOC,QAAQC,YAApC;AAEnB,SAASC,YAAYC,QAAe;AAClC,MAAIC,MAAMC,QAAQF,MAAAA,GAAS;AACzB,WAAOA,OAAOG,IAAI,CAACC,SAAAA;AACjB,UAAIA,gBAAgBC,MAAO,QAAOD;AAClC,UAAIA,QAAQ,OAAOA,SAAS,YAAY,aAAaA,KACnD,QAAO,IAAIC,MAAMC,OAAQF,KAA8BG,OAAO,CAAA;AAChE,aAAO,IAAIF,MAAMC,OAAOF,IAAAA,CAAAA;IAC1B,CAAA;EACF;AACA,MAAIJ,kBAAkBK,MAAO,QAAO;IAACL;;AACrC,MAAIA,WAAW,QAAQ,OAAOA,WAAW,UAAU;AACjD,UAAMQ,IAAIR;AACV,QAAI,OAAOQ,EAAEC,sBAAsB,SACjC,QAAO;MAAC,IAAIJ,MAAMG,EAAEC,iBAAiB;;AACvC,QAAI,OAAOD,EAAEE,UAAU,UAAU;AAC/B,YAAMC,OACJ,OAAOH,EAAEC,sBAAsB,WAC3B,KAAKD,EAAEC,iBAAiB,KACxB;AACN,aAAO;QAAC,IAAIJ,MAAM,GAAGG,EAAEE,KAAK,GAAGC,IAAAA,EAAM;;IACvC;AACA,QAAI,OAAOH,EAAED,YAAY,SAAU,QAAO;MAAC,IAAIF,MAAMG,EAAED,OAAO;;EAChE;AACA,MAAIP,WAAWY,UAAaZ,WAAW,KACrC,QAAO;IAAC,IAAIK,MAAM,eAAA;;AACpB,SAAO;IAAC,IAAIA,MAAMC,OAAON,MAAAA,CAAAA;;AAC3B;AA1BSD;AAkCF,IAAMc,cAAN,MAAMA,YAAAA;;EAEXC;EACAC;;EAGA,YAAYD,QAA0B;AA/DxC;AAgEI,QAAI,CAACA,OAAQ,OAAM,IAAIT,MAAM,2BAAA;AAE7B,SAAKS,SAASA;AACd,QAAI,GAACA,YAAOE,kBAAPF,mBAAsBG,QAAQ,OAAM,IAAIZ,MAAM,uBAAA;AAEnD,SAAKS,OAAOE,gBAAgBE,QAAQJ,OAAOE,aAAa;AAExD,QAAI,GAACF,YAAOK,gBAAPL,mBAAoBG,QAAQ,OAAM,IAAIZ,MAAM,qBAAA;AACjD,SAAKS,OAAOK,cAAcD,QAAQJ,OAAOK,WAAW;AACpD,SAAKL,OAAOM,aAAYN,iCAAQM,aAAY,IAAIH,KAAI;AAEpD,SAAKH,OAAOO,eAAe;MACzB,GAAIP,OAAOO,gBAAgB,CAAC;MAC5B,oBAAoBP,OAAOE;MAC3B,0BAA0BF,OAAOM,YAAY;MAC7C,gBAAgB;IAClB;EACF;EAEAE,YAAY,8BACVC,SAAAA;AApFJ;AAyFI,QAAI,CAAC5B,UAAAA,EACH,QAAO,KAAK6B,cAAc;MACxB,IAAInB,MAAM,2CAAA;KACX;AAEH,UAAMoB,SAAS;MAAC;MAAU;MAAW;;AACrC,QAAIF,KAAKG,kBAAmBD,QAAOE,KAAK,gBAAA;AAExC,UAAMC,cAAsC;MAC1CC,cAAc,KAAKf,OAAOK;MAC1BW,eAAeP,KAAKO,iBAAiB;MACrCC,OAAOC,OAAOC,mBAAAA,CAAAA;MACdC,OAAOF,OAAOC,mBAAAA,CAAAA;MACdE,eAAeZ,KAAKY;MACpBC,OAAOX,OAAOY,KAAK,GAAA;MACnBC,aAAW,UAAKxB,WAAL,mBAAaM,aAAY;IACtC;AAEA,QAAIG,KAAKY,kBAAwBI,cAAcC,MAAM;AACnD,WAAKzB,eAAekB,mBAAAA;AACpB,YAAMQ,MAAM,MAAMC,OAAO,KAAK3B,YAAY;AAC1C,YAAM4B,gBAAgBC,yBAAyBH,GAAAA;AAC/Cb,kBAAYiB,iBAAiBF;AAC7Bf,kBAAYkB,wBAAwB;IACtC;AAEA,UAAMC,eAAe,GACnB,KAAKjC,OAAOE,aAAa,cACbgC,kBAAkBpB,WAAAA,CAAAA;AAEhC,QAAIA,YAAYE,kBAAkB,eAAe;AAC/ClC,aAAOqD,SAASC,QAAQH,YAAAA;AACxB,aAAO,KAAKI,WAAWvC,MAAAA;IACzB;AAEA,QAAI;AACF,YAAMwC,YAAY,MAAMC,cACtBN,cACA,KAAKjC,OAAOE,eACZsC,oCAAAA;AAGF,UAAI/B,KAAKY,kBAAwBI,cAAcC,MAAM;AAEnD,cAAMe,YACJ,MAAM,KAAKC,SAAS;UAClBC,MAAML,UAAUK;QAClB,CAAA;AACF,eAAOF,UAAUvD,OAAO0D,SACpB,KAAKlC,cAAc+B,UAAUvD,MAAM,IACnC,KAAKmD,WAAWI,UAAUhC,IAAI;MACpC;AAGA,aAAO,KAAK4B,WAAWC,SAAAA;IACzB,SAASO,KAAK;AACZ,UAAIA,IAAIjD,OAAO;AACbd,eAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,cAAcgB,OACxC4B,KAAKC,UAAU;UACbzC,UAAU,KAAKN,OAAOM;UACtBD,aAAa,KAAKL,OAAOK;UACzBH,eAAe,KAAKF,OAAOE;QAC7B,CAAA,CAAA,CAAA,iBACgB8C,mBAAmB,KAAKhD,OAAOK,eAAe,EAAA,CAAA,EAAK;MAEzE;AAEA,aAAO,KAAKK,cAAcmC,GAAAA;IAC5B;EACF,GA5EY;EA8EZI,eAAe,mCAAA;AACb,QAAI;AACF,YAAMR,YACJ,MAAM,KAAKS,WAAU;AACvB,aAAOT,UAAUvD,OAAO0D,SACpB,KAAKlC,cAAc+B,UAAUvD,MAAM,IACnC,KAAKmD,WAAWI,UAAUhC,IAAI;IACpC,SAASoC,KAAK;AACZ,UAAI,CAAChE,UAAAA,GAAa;AAChB,eAAO;UACL4B,MAAMX;UACNZ,QAAQ;YAAC,IAAIK,MAAM,6CAAA;;QACrB;MACF;AAEAT,aAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,cAAcgB,OACxC4B,KAAKC,UAAU;QACbzC,UAAU,KAAKN,OAAOM;QACtBD,aAAa,KAAKL,OAAOK;QACzBH,eAAe,KAAKF,OAAOE;MAC7B,CAAA,CAAA,CAAA,iBACgB8C,mBAAmB,KAAKhD,OAAOK,eAAe,EAAA,CAAA,EAAK;AAEvE,aAAO,KAAKK,cAAcmC,GAAAA;IAC5B;EACF,GA1Be;EA4BfM,iBAAiB,8BACf1C,SAAAA;AA9LJ;AAgMI,QAAI,CAACA,KAAKQ,MAAOR,MAAKQ,QAAQC,OAAOC,mBAAAA,CAAAA;AAErC,QAAI,CAACV,KAAKM,aAAcN,MAAKM,eAAe,KAAKf,OAAOK;AAExD,QAAI;AACF,YAAM+C,qBAAqB,MAAM,KAAKC,aAAa;QACjDC,OACE;QACFC,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AACA,eAAOJ,8DAAoBlE,WAApBkE,mBAA4BR,UAC/B,KAAKlC,cAAc0C,mBAAmBlE,MAAM,IAC5C,KAAKmD,YAAWe,8DAAoB3C,SAApB2C,mBAA0BK,eAAAA;IAChD,SAAS7D,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAtBiB;EAwBjB8D,cAAc,mCAAA;AArNhB;AAsNI,QAAI;AACF,YAAMC,MAAM,MAAM,KAAKN,aAAa;QAClCC,OACE;QACFE,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,WAAWsB,IAAIlD,KAAKmD,IAAI;IACnC,SAAShE,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAdc;EAgBdiE,aAAa,8BACXC,YAAAA;AAtOJ;AAwOI,QAAI;AACF,YAAMC,aAAa,MAAM,KAAKV,aAAa;QACzCC,OAAO,6BAA6B5E,YAAAA;QACpCoF;QACAN,eAAe;MACjB,CAAA;AAEA,eAAOO,8CAAY7E,WAAZ6E,mBAAoBnB,UACvB,KAAKlC,cAAcqD,WAAW7E,MAAM,IACpC,KAAKmD,WAAW0B,WAAWtD,KAAKuD,OAAO;IAC7C,SAASpE,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAhBa;;EAmBbsD,aAAa,8BACXY,SACAG,WAAAA;AA1PJ;AA4PI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO,6EAA6E3E,iBAAAA;QACpFmF;QACAP,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUO,OAAAA;IAChC,SAASrB,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GAnBa;EAqBbH,WAAW,8BACTjC,SAAAA;AA9QJ;AAgRI,QAAI,CAACA,KAAK0D,WAAY1D,MAAK0D,aAAa;AAExC,QAAI1D,KAAK0D,eAAe,mBAAmB,GAAC1D,UAAK2D,kBAAL3D,mBAAoBN,QAC9D,QAAO,KAAKO,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,QAAIkB,KAAK0D,eAAe,wBAAwB,CAAC,KAAKlE,aACpD,QAAO,KAAKS,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,UAAMuB,cAAc;MAClBU,WAAW,KAAKxB,OAAOM;MACvBqC,MAAMlC,KAAKkC,QAAQ;MACnB0B,eAAe,KAAKpE,gBAAgB;MACpCkE,YAAY1D,KAAK0D,cAAc;MAC/BC,eAAe3D,KAAK2D,iBAAiB;IACvC;AAEA,QAAI;AACF,YAAME,UAAU1F,WAAAA;AAChB,YAAM+E,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,gBAAgB;QACpEqE,QAAQ;QACRC,MAAM1B,KAAKC,UAAUjC,WAAAA;QACrBgD,SAAS;UACP,GAAG,KAAK9D,OAAOO;QACjB;QACAkE,aAAa;MACf,CAAA;AAEA,YAAMC,OAAO,MAAMf,IAAIe,KAAI;AAC3B,UAAIC,OAG0B,CAAC;AAC/B,UAAID,MAAM;AACR,YAAI;AACFC,iBAAO7B,KAAK8B,MAAMF,IAAAA;QACpB,QAAQ;AACN,iBAAO,KAAKhE,cAAc;YACxB,IAAInB,MACFoE,IAAIkB,KACA,qCACA,QAAQlB,IAAImB,MAAM,EAAE;WAE3B;QACH;MACF;AACA,UAAI,CAACnB,IAAIkB,IAAI;AACX,eAAO,KAAKnE,cAAc;UACxB,IAAInB,MACFC,OACEmF,KAAKhF,qBAAqBgF,KAAK/E,SAAS,QAAQ+D,IAAImB,MAAM,EAAE,CAAA;SAGjE;MACH;AAEA,aAAO,KAAKzC,WAAWsC,IAAAA;IACzB,SAAS9B,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GA9DW;EAgEXkC,QAAQ,8BACNtE,SAAAA;AA9UJ;AAgVI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;qEACsD3E,iBAAAA;;QAE7D4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUoB,KAAAA;IAChC,SAASlC,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GAlBQ;EAoBRmC,SAAS,8BACPlB,YAAAA;AAlWJ;AAoWI,QAAI;AACF,YAAMH,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;QACPQ;QACAN,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUqB,MAAAA;IAChC,SAASnC,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAfS;EAiBToC,iBAAiB,8BACfxE,SAAAA;AAnXJ;AAqXI,QAAI;AACF,UAAI,CAACA,KAAKQ,MAAOR,MAAKQ,QAAQC,OAAOC,mBAAAA,CAAAA;AAErC,UAAI,CAACV,KAAKM,aAAcN,MAAKM,eAAe,KAAKf,OAAOK;AAExD,YAAMsD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUuB,gBAAAA;IAChC,SAASrC,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAtBiB;EAwBjBsC,aAAa,8BACXC,eACAC,OACAtE,cACAE,UAAAA;AAEA,QAAIqE,WAAWrE;AACf,QAAI,CAACqE,UAAU;AACbA,iBAAWpE,OAAOC,mBAAAA,CAAAA;IACpB;AAEA,UAAMoE,mBAAmBC,OAAOC,OAAaC,cAAc;AAC3D,QAAI,CAACH,iBAAiBI,SAASP,aAAAA,GAAgB;AAC7C,YAAM,IAAI7F,MACR,iDAAiDgG,iBAAiBhE,KAAK,IAAA,CAAA,EAAO;IAElF;AACA,QAAI,CAAC1C,UAAAA,EACH,OAAM,IAAIU,MAAM,2CAAA;AAElB,QAAI8F,SAASA,MAAMzC,OAAQ0C,aAAY,UAAUD,MAAM9D,KAAK,GAAA,CAAA;AAE5DzC,WAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,gBAAgBkF,aAAAA,iBAA8BpC,mBACxEjC,gBAAgB,KAAKf,OAAOK,eAAe,EAAA,CAAA,UAClC2C,mBAAmBsC,QAAAA,CAAAA,EAAW;EAE7C,GA3Ba;EA6BbM,YAAY,8BACVnF,SAAAA;AAxaJ;AA0aI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUkC,UAAAA;IAChC,SAAShD,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBY;EAoBZiD,gBAAgB,8BACdrF,SAAAA;AA5bJ;AA8bI,QAAI;AACF,YAAMsF,mBAAmB,MAAM,KAAK1C,aAAa;QAC/CC,OACE;QACFC,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AACA,eAAOuC,0DAAkB7G,WAAlB6G,mBAA0BnD,UAC7B,KAAKlC,cAAcqF,iBAAiB7G,MAAM,IAC1C,KAAKmD,YAAW0D,sBAAiBtF,SAAjBsF,mBAAuBC,cAAAA;IAC7C,SAASpG,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAlBgB;EAoBhBqG,cAAc,8BAAOxF,SAAAA;AA/cvB;AAgdI,QAAI,GAACA,UAAK2D,kBAAL3D,mBAAoBN,QACvB,QAAO,KAAKO,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,QAAI;AACF,YAAM+E,UAAU1F,WAAAA;AAChB,YAAM+E,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,iBAAiB;QACrEqE,QAAQ;QACRT,SAAS;UACP,GAAG,KAAK9D,OAAOO;QACjB;QACAiE,MAAM1B,KAAKC,UAAU;UACnBqB,eAAe3D,KAAK2D;UACpB5C,WAAW,KAAKxB,OAAOM;QACzB,CAAA;MACF,CAAA;AAEA,YAAMoE,OAAO,MAAMf,IAAIe,KAAI;AAC3B,UAAIwB,eAAwC,CAAC;AAC7C,UAAIxB,MAAM;AACR,YAAI;AACFwB,yBAAepD,KAAK8B,MAAMF,IAAAA;QAC5B,QAAQ;AACN,iBAAO,KAAKhE,cAAc;YACxB,IAAInB,MACFoE,IAAIkB,KACA,sCACA,QAAQlB,IAAImB,MAAM,EAAE;WAE3B;QACH;MACF;AAEA,UAAI,CAACnB,IAAIkB,IAAI;AACX,cAAMsB,UAAUD;AAIhB,eAAO,KAAKxF,cAAc;UACxB,IAAInB,MACFC,OACE2G,QAAQxG,qBACNwG,QAAQvG,SACR,QAAQ+D,IAAImB,MAAM,EAAE,CAAA;SAG3B;MACH;AAEA,aAAO,KAAKzC,WAAW6D,YAAAA;IACzB,SAASrD,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GArDc;EAuDduD,SAAS,8BACP3F,SAAAA;AAvgBJ;AAygBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;wEACyD3E,iBAAAA;;QAEhE4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUyC,MAAAA;IAChC,SAASvD,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBS;EAoBTwD,gBAAgB,8BACd5F,MACAqD,YAAAA;AA5hBJ;AA8hBI,QAAI;AACF,YAAMwC,mBAAmB,MAAM,KAAKjD,aAAa;QAC/CC,OACE;QACFQ;QACAP,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AAEA,eAAO8C,0DAAkBpH,WAAlBoH,mBAA0B1D,UAC7B,KAAKlC,cAAc4F,iBAAiBpH,MAAM,IAC1C,KAAKmD,YAAWiE,sBAAiB7F,SAAjB6F,mBAAuBC,cAAAA;IAC7C,SAAS3G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GArBgB;EAuBhB4G,oBAAoB,8BAClB1C,YAAAA;AAljBJ;AAojBI,QAAI;AACF,YAAMH,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;QACPQ;QACAN,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAU8C,kBAAAA;IAChC,SAAS7G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAfoB;EAiBpB8G,mBAAmB,8BACjBzC,WAAAA;AAnkBJ;AAqkBI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OACE;QACFC,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUgD,kBAAAA;IAChC,SAAS/G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAnBmB;EAqBnBgH,kBAAkB,8BAChB3C,WAAAA;AAxlBJ;AA0lBI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO,8GAA8G5E,YAAAA;QACrH6E,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUkD,gBAAAA;IAChC,SAASjH,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAlBkB;EAoBlBkH,cAAc,8BACZrG,SAAAA;AA5mBJ;AA8mBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;wFACyE3E,iBAAAA;;QAEhF4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUoD,YAAAA;IAChC,SAASlE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBc;EAoBdmE,oBAAoB,8BAClBvG,SAAAA;AAhoBJ;AAkoBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUsD,mBAAAA;IAChC,SAASpE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBoB;EAoBpBqE,YAAY,8BACVzG,SAAAA;AAppBJ;AAspBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;kFACmE3E,iBAAAA;;QAE1E4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUwD,UAAAA;IAChC,SAAStE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBY;;;EAsBZQ,eAAe,8BACb5C,SAAAA;AA1qBJ;AA4qBI,UAAM6D,UAAU1F,WAAAA;AAChB,UAAM4F,OAAgC;MACpClB,OAAO7C,KAAK6C;MACZC,WAAW9C,KAAK8C,aAAa,CAAC;IAChC;AACA,QAAI9C,KAAK+C,eAAe;AACtBgB,WAAKhB,gBAAgB/C,KAAK+C;IAC5B;AACA,UAAMG,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,YAAY;MAChEqE,QAAQ;MACRC,MAAM1B,KAAKC,UAAUyB,IAAAA;MACrBV,SAAS;QACP,GAAG,KAAK9D,OAAOO;QACf,GAAIE,KAAKqD,WAAW,CAAC;MACvB;MACAW,aAAa;IACf,CAAA;AAEA,UAAMC,OAAO,MAAMf,IAAIe,KAAI;AAC3B,QAAIC,OAA+C,CAAC;AACpD,QAAID,MAAM;AACR,UAAI;AACFC,eAAO7B,KAAK8B,MAAMF,IAAAA;MACpB,QAAQ;AACN,eAAO;UACLjE,MAAMX;UACNZ,QAAQ;YACN,IAAIK,MACFoE,IAAIkB,KACA,uCACA,QAAQlB,IAAImB,MAAM,EAAE;;QAG9B;MACF;IACF,WAAW,CAACnB,IAAIkB,IAAI;AAClB,aAAO;QACLpE,MAAMX;QACNZ,QAAQ;UAAC,IAAIK,MAAM,QAAQoE,IAAImB,MAAM,EAAE;;MACzC;IACF;AAEA,SAAIH,kCAAMzF,WAANyF,mBAAc/B,QAAQ;AACxB,aAAO;QAAEnC,MAAMX;QAAWZ,QAAQD,YAAY0F,KAAKzF,MAAM;MAAE;IAC7D;AAEA,QAAI,CAACyE,IAAIkB,IAAI;AACX,aAAO;QACLpE,MAAMX;QACNZ,QAAQ;UAAC,IAAIK,MAAM,QAAQoE,IAAImB,MAAM,EAAE;;MACzC;IACF;AAEA,WAAO;MAAErE,MAAMkE,KAAKlE;MAAMvB,QAAQ,CAAA;IAAG;EACvC,GAzDe;EA2DfwB,gBAAgB,wBAACxB,WAAAA;AACf,WAAO;MACLuB,MAAMX;MACNZ,QAAQD,YAAYC,MAAAA;IACtB;EACF,GALgB;EAOhBmD,aAAa,wBAAC5B,SAAAA;AACZ,WAAO;MACLA;MACAvB,QAAQ,CAAA;IACV;EACF,GALa;AAMf;AAxrBaa;AAAN,IAAMA,aAAN;","names":["crossFetch","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","CLEANUP_IFRAME_TIMEOUT_IN_SECONDS","OAuthProviders","ResponseTypes","hasWindow","window","trimURL","url","trimmedData","trim","lastChar","length","slice","getCrypto","crypto","msCrypto","getCryptoSubtle","subtle","webkitSubtle","createRandomString","charset","random","randomValues","Array","from","getRandomValues","Uint8Array","forEach","v","encode","value","btoa","Buffer","toString","createQueryParams","params","Object","keys","filter","k","map","encodeURIComponent","join","sha256","s","subtle","getCryptoSubtle","Error","digestOp","digest","name","TextEncoder","encode","window","msCrypto","Promise","resolve","reject","oncomplete","e","target","result","onerror","error","onabort","urlEncodeB64","input","b64Chars","replace","m","bufferToBase64UrlEncoded","input","ie11SafeInput","Uint8Array","urlEncodeB64","window","btoa","String","fromCharCode","Array","from","originFromAuthorizerUrl","authorizerUrl","URL","origin","executeIframe","authorizeUrl","eventOrigin","timeoutInSeconds","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","Promise","resolve","reject","expectedOrigin","iframe","document","createElement","setAttribute","style","display","removeIframe","body","contains","removeChild","removeEventListener","iframeEventHandler","timeoutSetTimeoutId","setTimeout","Error","e","data","response","eventSource","source","close","error","clearTimeout","CLEANUP_IFRAME_TIMEOUT_IN_SECONDS","addEventListener","appendChild","userFragment","authTokenFragment","getFetcher","hasWindow","window","fetch","crossFetch","toErrorList","errors","Array","isArray","map","item","Error","String","message","o","error_description","error","desc","undefined","Authorizer","config","codeVerifier","authorizerURL","trim","trimURL","redirectURL","clientID","extraHeaders","authorize","data","errorResponse","scopes","use_refresh_token","push","requestData","redirect_uri","response_mode","state","encode","createRandomString","nonce","response_type","scope","join","client_id","ResponseTypes","Code","sha","sha256","codeChallenge","bufferToBase64UrlEncoded","code_challenge","code_challenge_method","authorizeURL","createQueryParams","location","replace","okResponse","iframeRes","executeIframe","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","tokenResp","getToken","code","length","err","JSON","stringify","encodeURIComponent","browserLogin","getSession","forgotPassword","forgotPasswordResp","graphqlQuery","query","variables","operationName","forgot_password","getMetaData","res","meta","getProfile","headers","profileRes","profile","params","session","grant_type","refresh_token","code_verifier","fetcher","method","body","credentials","text","json","parse","ok","status","login","logout","magicLinkLogin","magic_link_login","oauthLogin","oauthProvider","roles","urlState","oauthProviderIds","Object","values","OAuthProviders","includes","resendOtp","resend_otp","resetPassword","resetPasswordRes","reset_password","revokeToken","responseData","errBody","signup","updateProfile","updateProfileRes","update_profile","deactivateAccount","deactivate_account","validateJWTToken","validate_jwt_token","validateSession","validate_session","verifyEmail","verify_email","resendVerifyEmail","resend_verify_email","verifyOtp","verify_otp"]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/constants.ts","../src/types.ts","../src/utils.ts"],"sourcesContent":["// Note: write gql query in single line to reduce bundle size\nimport crossFetch from 'cross-fetch';\nimport { DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS } from './constants';\nimport * as Types from './types';\nimport {\n bufferToBase64UrlEncoded,\n createQueryParams,\n createRandomString,\n encode,\n executeIframe,\n hasWindow,\n sha256,\n trimURL,\n} from './utils';\n\n// re-usable gql response fragment\nconst userFragment =\n 'id email email_verified given_name family_name middle_name nickname preferred_username picture signup_methods gender birthdate phone_number phone_number_verified roles created_at updated_at revoked_timestamp is_multi_factor_auth_enabled app_data';\nconst authTokenFragment = `message access_token expires_in refresh_token id_token should_show_email_otp_screen should_show_mobile_otp_screen should_show_totp_screen authenticator_scanner_image authenticator_secret authenticator_recovery_codes user { ${userFragment} }`;\n\n// set fetch based on window object. Cross fetch have issues with umd build\nconst getFetcher = () => (hasWindow() ? window.fetch : crossFetch);\n\nfunction toErrorList(errors: unknown): Error[] {\n if (Array.isArray(errors)) {\n return errors.map((item) => {\n if (item instanceof Error) return item;\n if (item && typeof item === 'object' && 'message' in item)\n return new Error(String((item as { message: unknown }).message));\n return new Error(String(item));\n });\n }\n if (errors instanceof Error) return [errors];\n if (errors !== null && typeof errors === 'object') {\n const o = errors as Record<string, unknown>;\n if (typeof o.error_description === 'string')\n return [new Error(o.error_description)];\n if (typeof o.error === 'string') {\n const desc =\n typeof o.error_description === 'string'\n ? `: ${o.error_description}`\n : '';\n return [new Error(`${o.error}${desc}`)];\n }\n if (typeof o.message === 'string') return [new Error(o.message)];\n }\n if (errors === undefined || errors === null)\n return [new Error('Unknown error')];\n return [new Error(String(errors))];\n}\n\nexport * from './types';\n\n/**\n * Client for the Authorizer API. All network calls go to `config.authorizerURL`\n * with cookies included where the runtime allows; only configure URLs you trust.\n */\nexport class Authorizer {\n // class variable\n config: Types.ConfigType;\n codeVerifier: string;\n\n // constructor\n constructor(config: Types.ConfigType) {\n if (!config) throw new Error('Configuration is required');\n\n this.config = config;\n if (!config.authorizerURL?.trim()) throw new Error('Invalid authorizerURL');\n\n this.config.authorizerURL = trimURL(config.authorizerURL);\n\n if (!config.redirectURL?.trim()) throw new Error('Invalid redirectURL');\n this.config.redirectURL = trimURL(config.redirectURL);\n this.config.clientID = (config?.clientID || '').trim();\n\n this.config.extraHeaders = {\n ...(config.extraHeaders || {}),\n 'x-authorizer-url': config.authorizerURL,\n 'x-authorizer-client-id': config.clientID || '',\n 'Content-Type': 'application/json',\n };\n }\n\n authorize = async (\n data: Types.AuthorizeRequest,\n ): Promise<\n | Types.ApiResponse<Types.GetTokenResponse>\n | Types.ApiResponse<Types.AuthorizeResponse>\n > => {\n if (!hasWindow())\n return this.errorResponse([\n new Error('this feature is only supported in browser'),\n ]);\n\n const scopes = ['openid', 'profile', 'email'];\n if (data.use_refresh_token) scopes.push('offline_access');\n\n const requestData: Record<string, string> = {\n redirect_uri: this.config.redirectURL,\n response_mode: data.response_mode || 'web_message',\n state: encode(createRandomString()),\n nonce: encode(createRandomString()),\n response_type: data.response_type,\n scope: scopes.join(' '),\n client_id: this.config?.clientID || '',\n };\n\n if (data.response_type === Types.ResponseTypes.Code) {\n this.codeVerifier = createRandomString();\n const sha = await sha256(this.codeVerifier);\n const codeChallenge = bufferToBase64UrlEncoded(sha);\n requestData.code_challenge = codeChallenge;\n requestData.code_challenge_method = 'S256';\n }\n\n const authorizeURL = `${\n this.config.authorizerURL\n }/authorize?${createQueryParams(requestData)}`;\n\n if (requestData.response_mode !== 'web_message') {\n window.location.replace(authorizeURL);\n return this.okResponse(undefined);\n }\n\n try {\n const iframeRes = await executeIframe(\n authorizeURL,\n this.config.authorizerURL,\n DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n );\n\n if (data.response_type === Types.ResponseTypes.Code) {\n // get token and return it\n const tokenResp: Types.ApiResponse<Types.GetTokenResponse> =\n await this.getToken({\n code: iframeRes.code,\n });\n return tokenResp.errors.length\n ? this.errorResponse(tokenResp.errors)\n : this.okResponse(tokenResp.data);\n }\n\n // this includes access_token, id_token & refresh_token(optionally)\n return this.okResponse(iframeRes);\n } catch (err) {\n if (err.error) {\n window.location.replace(\n `${this.config.authorizerURL}/app?state=${encode(\n JSON.stringify({\n clientID: this.config.clientID,\n redirectURL: this.config.redirectURL,\n authorizerURL: this.config.authorizerURL,\n }),\n )}&redirect_uri=${encodeURIComponent(this.config.redirectURL || '')}`,\n );\n }\n\n return this.errorResponse(err);\n }\n };\n\n browserLogin = async (): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const tokenResp: Types.ApiResponse<Types.AuthToken> =\n await this.getSession();\n return tokenResp.errors.length\n ? this.errorResponse(tokenResp.errors)\n : this.okResponse(tokenResp.data);\n } catch (err) {\n if (!hasWindow()) {\n return {\n data: undefined,\n errors: [new Error('browserLogin is only supported for browsers')],\n };\n }\n\n window.location.replace(\n `${this.config.authorizerURL}/app?state=${encode(\n JSON.stringify({\n clientID: this.config.clientID,\n redirectURL: this.config.redirectURL,\n authorizerURL: this.config.authorizerURL,\n }),\n )}&redirect_uri=${encodeURIComponent(this.config.redirectURL || '')}`,\n );\n return this.errorResponse(err);\n }\n };\n\n forgotPassword = async (\n data: Types.ForgotPasswordRequest,\n ): Promise<Types.ApiResponse<Types.ForgotPasswordResponse>> => {\n if (!data.state) data.state = encode(createRandomString());\n\n if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;\n\n try {\n const forgotPasswordResp = await this.graphqlQuery({\n query:\n 'mutation forgot_password($data: ForgotPasswordRequest!) {\tforgot_password(params: $data) { message should_show_mobile_otp_screen } }',\n variables: {\n data,\n },\n operationName: 'forgot_password',\n });\n return forgotPasswordResp?.errors?.length\n ? this.errorResponse(forgotPasswordResp.errors)\n : this.okResponse(forgotPasswordResp?.data?.forgot_password);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n getMetaData = async (): Promise<Types.ApiResponse<Types.MetaData>> => {\n try {\n const res = await this.graphqlQuery({\n query:\n 'query meta { meta { version client_id is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_microsoft_login_enabled is_twitch_login_enabled is_roblox_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled is_multi_factor_auth_enabled is_mobile_basic_authentication_enabled is_phone_verification_enabled } }',\n operationName: 'meta',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data.meta);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n getProfile = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.User>> => {\n try {\n const profileRes = await this.graphqlQuery({\n query: `query profile {\tprofile { ${userFragment} } }`,\n headers,\n operationName: 'profile',\n });\n\n return profileRes?.errors?.length\n ? this.errorResponse(profileRes.errors)\n : this.okResponse(profileRes.data.profile);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n // this is used to verify / get session using cookie by default. If using node.js pass authorization header\n getSession = async (\n headers?: Types.Headers,\n params?: Types.SessionQueryRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `query session($params: SessionQueryRequest){session(params: $params) { ${authTokenFragment} } }`,\n headers,\n variables: {\n params,\n },\n operationName: 'session',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.session);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n getToken = async (\n data: Types.GetTokenRequest,\n ): Promise<Types.ApiResponse<Types.GetTokenResponse>> => {\n if (!data.grant_type) data.grant_type = 'authorization_code';\n\n if (data.grant_type === 'refresh_token' && !data.refresh_token?.trim())\n return this.errorResponse([new Error('Invalid refresh_token')]);\n\n if (data.grant_type === 'authorization_code' && !this.codeVerifier)\n return this.errorResponse([new Error('Invalid code verifier')]);\n\n const requestData = {\n client_id: this.config.clientID,\n code: data.code || '',\n code_verifier: this.codeVerifier || '',\n grant_type: data.grant_type || '',\n refresh_token: data.refresh_token || '',\n };\n\n try {\n const fetcher = getFetcher();\n const res = await fetcher(`${this.config.authorizerURL}/oauth/token`, {\n method: 'POST',\n body: JSON.stringify(requestData),\n headers: {\n ...this.config.extraHeaders,\n },\n credentials: 'include',\n });\n\n const text = await res.text();\n let json: {\n error?: string;\n error_description?: string;\n } & Record<string, unknown> = {};\n if (text) {\n try {\n json = JSON.parse(text);\n } catch {\n return this.errorResponse([\n new Error(\n res.ok\n ? 'Invalid JSON from token endpoint'\n : `HTTP ${res.status}`,\n ),\n ]);\n }\n }\n if (!res.ok) {\n return this.errorResponse([\n new Error(\n String(\n json.error_description || json.error || `HTTP ${res.status}`,\n ),\n ),\n ]);\n }\n\n return this.okResponse(json);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n login = async (\n data: Types.LoginRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation login($data: LoginRequest!) { login(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'login',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.login);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n logout = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: 'mutation logout { logout { message } }',\n headers,\n operationName: 'logout',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.logout);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n magicLinkLogin = async (\n data: Types.MagicLinkLoginRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n if (!data.state) data.state = encode(createRandomString());\n\n if (!data.redirect_uri) data.redirect_uri = this.config.redirectURL;\n\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation magic_link_login($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'magic_link_login',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.magic_link_login);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n oauthLogin = async (\n oauthProvider: string,\n roles?: string[],\n redirect_uri?: string,\n state?: string,\n ): Promise<void> => {\n let urlState = state;\n if (!urlState) {\n urlState = encode(createRandomString());\n }\n\n const oauthProviderIds = Object.values(Types.OAuthProviders) as string[];\n if (!oauthProviderIds.includes(oauthProvider)) {\n throw new Error(\n `only following oauth providers are supported: ${oauthProviderIds.join(', ')}`,\n );\n }\n if (!hasWindow())\n throw new Error('oauthLogin is only supported for browsers');\n\n if (roles && roles.length) urlState += `&roles=${roles.join(',')}`;\n\n window.location.replace(\n `${this.config.authorizerURL}/oauth_login/${oauthProvider}?redirect_uri=${encodeURIComponent(\n redirect_uri || this.config.redirectURL || '',\n )}&state=${encodeURIComponent(urlState)}`,\n );\n };\n\n resendOtp = async (\n data: Types.ResendOtpRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation resend_otp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'resend_otp',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.resend_otp);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n resetPassword = async (\n data: Types.ResetPasswordRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const resetPasswordRes = await this.graphqlQuery({\n query:\n 'mutation reset_password($data: ResetPasswordRequest!) {\treset_password(params: $data) { message } }',\n variables: {\n data,\n },\n operationName: 'reset_password',\n });\n return resetPasswordRes?.errors?.length\n ? this.errorResponse(resetPasswordRes.errors)\n : this.okResponse(resetPasswordRes.data?.reset_password);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n revokeToken = async (data: { refresh_token: string }) => {\n if (!data.refresh_token?.trim())\n return this.errorResponse([new Error('Invalid refresh_token')]);\n\n try {\n const fetcher = getFetcher();\n const res = await fetcher(`${this.config.authorizerURL}/oauth/revoke`, {\n method: 'POST',\n headers: {\n ...this.config.extraHeaders,\n },\n body: JSON.stringify({\n refresh_token: data.refresh_token,\n client_id: this.config.clientID,\n }),\n });\n\n const text = await res.text();\n let responseData: Record<string, unknown> = {};\n if (text) {\n try {\n responseData = JSON.parse(text) as Record<string, unknown>;\n } catch {\n return this.errorResponse([\n new Error(\n res.ok\n ? 'Invalid JSON from revoke endpoint'\n : `HTTP ${res.status}`,\n ),\n ]);\n }\n }\n\n if (!res.ok) {\n const errBody = responseData as {\n error?: string;\n error_description?: string;\n };\n return this.errorResponse([\n new Error(\n String(\n errBody.error_description ||\n errBody.error ||\n `HTTP ${res.status}`,\n ),\n ),\n ]);\n }\n\n return this.okResponse(responseData);\n } catch (err) {\n return this.errorResponse(err);\n }\n };\n\n signup = async (\n data: Types.SignUpRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation signup($data: SignUpRequest!) { signup(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'signup',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.signup);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n updateProfile = async (\n data: Types.UpdateProfileRequest,\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const updateProfileRes = await this.graphqlQuery({\n query:\n 'mutation update_profile($data: UpdateProfileRequest!) {\tupdate_profile(params: $data) { message } }',\n headers,\n variables: {\n data,\n },\n operationName: 'update_profile',\n });\n\n return updateProfileRes?.errors?.length\n ? this.errorResponse(updateProfileRes.errors)\n : this.okResponse(updateProfileRes.data?.update_profile);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n deactivateAccount = async (\n headers?: Types.Headers,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: 'mutation deactivate_account { deactivate_account { message } }',\n headers,\n operationName: 'deactivate_account',\n });\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.deactivate_account);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n validateJWTToken = async (\n params?: Types.ValidateJWTTokenRequest,\n ): Promise<Types.ApiResponse<Types.ValidateJWTTokenResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query:\n 'query validate_jwt_token($params: ValidateJWTTokenRequest!){validate_jwt_token(params: $params) { is_valid claims } }',\n variables: {\n params,\n },\n operationName: 'validate_jwt_token',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.validate_jwt_token);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n validateSession = async (\n params?: Types.ValidateSessionRequest,\n ): Promise<Types.ApiResponse<Types.ValidateSessionResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `query validate_session($params: ValidateSessionRequest){validate_session(params: $params) { is_valid user { ${userFragment} } } }`,\n variables: {\n params,\n },\n operationName: 'validate_session',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.validate_session);\n } catch (error) {\n return this.errorResponse([error]);\n }\n };\n\n verifyEmail = async (\n data: Types.VerifyEmailRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation verify_email($data: VerifyEmailRequest!) { verify_email(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'verify_email',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.verify_email);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n resendVerifyEmail = async (\n data: Types.ResendVerifyEmailRequest,\n ): Promise<Types.ApiResponse<Types.GenericResponse>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation resend_verify_email($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}\n\t\t\t\t`,\n variables: { data },\n operationName: 'resend_verify_email',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.resend_verify_email);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n verifyOtp = async (\n data: Types.VerifyOtpRequest,\n ): Promise<Types.ApiResponse<Types.AuthToken>> => {\n try {\n const res = await this.graphqlQuery({\n query: `\n\t\t\t\t\tmutation verify_otp($data: VerifyOTPRequest!) { verify_otp(params: $data) { ${authTokenFragment}}}\n\t\t\t\t`,\n variables: { data },\n operationName: 'verify_otp',\n });\n\n return res?.errors?.length\n ? this.errorResponse(res.errors)\n : this.okResponse(res.data?.verify_otp);\n } catch (err) {\n return this.errorResponse([err]);\n }\n };\n\n // helper to execute graphql queries\n // takes in any query or mutation string as value\n graphqlQuery = async (\n data: Types.GraphqlQueryRequest,\n ): Promise<Types.GrapQlResponseType> => {\n const fetcher = getFetcher();\n const body: Record<string, unknown> = {\n query: data.query,\n variables: data.variables || {},\n };\n if (data.operationName) {\n body.operationName = data.operationName;\n }\n const res = await fetcher(`${this.config.authorizerURL}/graphql`, {\n method: 'POST',\n body: JSON.stringify(body),\n headers: {\n ...this.config.extraHeaders,\n ...(data.headers || {}),\n },\n credentials: 'include',\n });\n\n const text = await res.text();\n let json: { data?: unknown; errors?: unknown[] } = {};\n if (text) {\n try {\n json = JSON.parse(text);\n } catch {\n return {\n data: undefined,\n errors: [\n new Error(\n res.ok\n ? 'Invalid JSON from GraphQL endpoint'\n : `HTTP ${res.status}`,\n ),\n ],\n };\n }\n } else if (!res.ok) {\n return {\n data: undefined,\n errors: [new Error(`HTTP ${res.status}`)],\n };\n }\n\n if (json?.errors?.length) {\n return { data: undefined, errors: toErrorList(json.errors) };\n }\n\n if (!res.ok) {\n return {\n data: undefined,\n errors: [new Error(`HTTP ${res.status}`)],\n };\n }\n\n return { data: json.data, errors: [] };\n };\n\n errorResponse = (errors: unknown): Types.ApiResponse<any> => {\n return {\n data: undefined,\n errors: toErrorList(errors),\n };\n };\n\n okResponse = (data: any): Types.ApiResponse<any> => {\n return {\n data,\n errors: [],\n };\n };\n}\n","export const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;\nexport const CLEANUP_IFRAME_TIMEOUT_IN_SECONDS = 2;\nexport const AUTHORIZE_IFRAME_TIMEOUT = 5;\n","export interface GrapQlResponseType {\n data: any | undefined;\n errors: Error[];\n}\nexport interface ApiResponse<T> {\n errors: Error[];\n data: T | undefined;\n}\n/**\n * SDK configuration. Requests use `credentials: 'include'`, so cookies for the\n * Authorizer instance are sent to `authorizerURL`. That URL must be the exact,\n * trusted origin of your Authorizer deployment (correct scheme, host, and port).\n * A mistaken or attacker-controlled URL can leak session credentials.\n */\nexport interface ConfigType {\n authorizerURL: string;\n redirectURL: string;\n clientID?: string;\n extraHeaders?: Record<string, string>;\n}\n\n// Pagination\nexport interface Pagination {\n limit: number;\n page: number;\n offset: number;\n total: number;\n}\n\n// Meta\nexport interface Meta {\n version: string;\n client_id: string;\n is_google_login_enabled: boolean;\n is_facebook_login_enabled: boolean;\n is_github_login_enabled: boolean;\n is_linkedin_login_enabled: boolean;\n is_apple_login_enabled: boolean;\n is_discord_login_enabled: boolean;\n is_twitter_login_enabled: boolean;\n is_microsoft_login_enabled: boolean;\n is_twitch_login_enabled: boolean;\n is_roblox_login_enabled: boolean;\n is_email_verification_enabled: boolean;\n is_basic_authentication_enabled: boolean;\n is_magic_link_login_enabled: boolean;\n is_sign_up_enabled: boolean;\n is_strong_password_enabled: boolean;\n is_multi_factor_auth_enabled: boolean;\n is_mobile_basic_authentication_enabled: boolean;\n is_phone_verification_enabled: boolean;\n}\n\n// User\nexport interface User {\n id: string;\n email: string | null;\n email_verified: boolean;\n signup_methods: string;\n given_name: string | null;\n family_name: string | null;\n middle_name: string | null;\n nickname: string | null;\n preferred_username: string | null;\n gender: string | null;\n birthdate: string | null;\n phone_number: string | null;\n phone_number_verified: boolean;\n picture: string | null;\n roles: string[];\n created_at: number | null;\n updated_at: number | null;\n revoked_timestamp: number | null;\n is_multi_factor_auth_enabled: boolean | null;\n app_data: Record<string, any> | null;\n}\n\n// Users\nexport interface Users {\n pagination: Pagination;\n users: User[];\n}\n\n// VerificationRequest\nexport interface VerificationRequest {\n id: string;\n identifier: string | null;\n token: string | null;\n email: string | null;\n expires: number | null;\n created_at: number | null;\n updated_at: number | null;\n nonce: string | null;\n redirect_uri: string | null;\n}\n\n// VerificationRequests\nexport interface VerificationRequests {\n pagination: Pagination;\n verification_requests: VerificationRequest[];\n}\n\n// AuthorizerError (GraphQL Error type - renamed to avoid conflict with native Error)\nexport interface AuthorizerError {\n message: string;\n reason: string;\n}\n\n// AuthResponse\nexport interface AuthResponse {\n message: string;\n should_show_email_otp_screen: boolean | null;\n should_show_mobile_otp_screen: boolean | null;\n should_show_totp_screen: boolean | null;\n access_token: string | null;\n id_token: string | null;\n refresh_token: string | null;\n expires_in: number | null;\n user: User | null;\n authenticator_scanner_image: string | null;\n authenticator_secret: string | null;\n authenticator_recovery_codes: string[] | null;\n}\n\n// Keep AuthToken as alias for backward compatibility\nexport type AuthToken = AuthResponse;\n\n// Response\nexport interface Response {\n message: string;\n}\n\n// Keep GenericResponse as alias for backward compatibility\nexport type GenericResponse = Response;\n\n// ForgotPasswordResponse\nexport interface ForgotPasswordResponse {\n message: string;\n should_show_mobile_otp_screen: boolean | null;\n}\n\n// InviteMembersResponse\nexport interface InviteMembersResponse {\n message: string;\n Users: User[];\n}\n\n// LoginRequest\nexport interface LoginRequest {\n email?: string | null;\n phone_number?: string | null;\n password: string;\n roles?: string[] | null;\n scope?: string[] | null;\n state?: string | null;\n}\n\n// SignUpRequest\nexport interface SignUpRequest {\n email?: string | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n picture?: string | null;\n password: string;\n confirm_password: string;\n roles?: string[] | null;\n scope?: string[] | null;\n redirect_uri?: string | null;\n is_multi_factor_auth_enabled?: boolean | null;\n state?: string | null;\n app_data?: Record<string, any> | null;\n}\n\n// Keep SignupRequest as alias for backward compatibility\nexport type SignupRequest = SignUpRequest;\n\n// MagicLinkLoginRequest\nexport interface MagicLinkLoginRequest {\n email: string;\n roles?: string[] | null;\n scope?: string[] | null;\n state?: string | null;\n redirect_uri?: string | null;\n}\n\n// VerifyEmailRequest\nexport interface VerifyEmailRequest {\n token: string;\n state?: string | null;\n}\n\n// ResendVerifyEmailRequest\nexport interface ResendVerifyEmailRequest {\n email: string;\n identifier: string;\n state?: string | null;\n}\n\n// VerifyOTPRequest\nexport interface VerifyOTPRequest {\n email?: string | null;\n phone_number?: string | null;\n otp: string;\n is_totp?: boolean | null;\n state?: string | null;\n}\n\n// Keep VerifyOtpRequest as alias for backward compatibility\nexport type VerifyOtpRequest = VerifyOTPRequest;\n\n// ResendOTPRequest\nexport interface ResendOTPRequest {\n email?: string | null;\n phone_number?: string | null;\n state?: string | null;\n}\n\n// Keep ResendOtpRequest as alias for backward compatibility\nexport type ResendOtpRequest = ResendOTPRequest;\n\n// UpdateProfileRequest\nexport interface UpdateProfileRequest {\n old_password?: string | null;\n new_password?: string | null;\n confirm_new_password?: string | null;\n email?: string | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n picture?: string | null;\n is_multi_factor_auth_enabled?: boolean | null;\n app_data?: Record<string, any> | null;\n}\n\n// UpdateUserRequest (admin only)\nexport interface UpdateUserRequest {\n id: string;\n email?: string | null;\n email_verified?: boolean | null;\n given_name?: string | null;\n family_name?: string | null;\n middle_name?: string | null;\n nickname?: string | null;\n gender?: string | null;\n birthdate?: string | null;\n phone_number?: string | null;\n phone_number_verified?: boolean | null;\n picture?: string | null;\n roles?: string[] | null;\n is_multi_factor_auth_enabled?: boolean | null;\n app_data?: Record<string, any> | null;\n}\n\n// ForgotPasswordRequest\nexport interface ForgotPasswordRequest {\n email?: string | null;\n phone_number?: string | null;\n state?: string | null;\n redirect_uri?: string | null;\n}\n\n// ResetPasswordRequest\nexport interface ResetPasswordRequest {\n token?: string | null;\n otp?: string | null;\n phone_number?: string | null;\n password: string;\n confirm_password: string;\n}\n\n// Keep ResetPasswordInput as alias for backward compatibility\nexport type ResetPasswordInput = ResetPasswordRequest;\n\n// DeleteUserRequest (admin only)\nexport interface DeleteUserRequest {\n email: string;\n}\n\n// SessionQueryRequest\nexport interface SessionQueryRequest {\n roles?: string[] | null;\n scope?: string[] | null;\n}\n\n// Keep SessionQueryInput as alias for backward compatibility\nexport type SessionQueryInput = SessionQueryRequest;\n\n// ValidateJWTTokenRequest\nexport interface ValidateJWTTokenRequest {\n token_type: string;\n token: string;\n roles?: string[] | null;\n}\n\n// Keep ValidateJWTTokenInput as alias for backward compatibility\nexport type ValidateJWTTokenInput = ValidateJWTTokenRequest;\n\n// ValidateJWTTokenResponse\nexport interface ValidateJWTTokenResponse {\n is_valid: boolean;\n claims: Record<string, any>;\n}\n\n// ValidateSessionRequest\nexport interface ValidateSessionRequest {\n cookie: string;\n roles?: string[] | null;\n}\n\n// Keep ValidateSessionInput as alias for backward compatibility\nexport type ValidateSessionInput = ValidateSessionRequest;\n\n// ValidateSessionResponse\nexport interface ValidateSessionResponse {\n is_valid: boolean;\n user: User;\n}\n\n// OAuth types (not part of GraphQL schema, but used for OAuth flow)\nexport enum OAuthProviders {\n Apple = 'apple',\n Github = 'github',\n Google = 'google',\n Facebook = 'facebook',\n LinkedIn = 'linkedin',\n Twitter = 'twitter',\n Microsoft = 'microsoft',\n Twitch = 'twitch',\n Roblox = 'roblox',\n Discord = 'discord',\n}\n\nexport enum ResponseTypes {\n Code = 'code',\n Token = 'token',\n}\n\nexport interface AuthorizeRequest {\n response_type: ResponseTypes;\n use_refresh_token?: boolean;\n response_mode?: string;\n}\n\n// Keep AuthorizeInput as alias for backward compatibility\nexport type AuthorizeInput = AuthorizeRequest;\n\nexport interface AuthorizeResponse {\n state: string;\n code?: string;\n error?: string;\n error_description?: string;\n}\n\nexport interface RevokeTokenInput {\n refresh_token: string;\n}\n\nexport interface GetTokenRequest {\n code?: string;\n grant_type?: string;\n refresh_token?: string;\n}\n\n// Keep GetTokenInput as alias for backward compatibility\nexport type GetTokenInput = GetTokenRequest;\n\nexport interface GetTokenResponse {\n access_token: string;\n expires_in: number;\n id_token: string;\n refresh_token?: string;\n}\n\n// GraphQL query request\nexport type Headers = Record<string, string>;\n\nexport interface GraphqlQueryRequest {\n query: string;\n variables?: Record<string, any>;\n headers?: Headers;\n /** When set, sent as the GraphQL `operationName` field; should match the named operation in `query` (schema field names, e.g. `forgot_password`). */\n operationName?: string;\n}\n\n// Deprecated types (for backward compatibility)\nexport interface IsValidJWTQueryInput {\n jwt: string;\n roles?: string[];\n}\n\nexport interface ValidJWTResponse {\n valid: string;\n message: string;\n}\n\n// Keep MetaDataResponse as alias for backward compatibility\nexport type MetaDataResponse = Meta;\n\n// Keep MetaData as alias for backward compatibility\nexport type MetaData = Meta;\n","import {\n CLEANUP_IFRAME_TIMEOUT_IN_SECONDS,\n DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n} from './constants';\nimport { AuthorizeResponse } from './types';\n\nexport const hasWindow = (): boolean => typeof window !== 'undefined';\n\nexport const trimURL = (url: string): string => {\n let trimmedData = url.trim();\n const lastChar = trimmedData[trimmedData.length - 1];\n if (lastChar === '/')\n trimmedData = trimmedData.slice(0, -1);\n\n return trimmedData;\n};\n\nexport const getCrypto = () => {\n // ie 11.x uses msCrypto\n return hasWindow()\n ? ((window.crypto || (window as any).msCrypto) as Crypto)\n : null;\n};\n\nexport const getCryptoSubtle = () => {\n const crypto = getCrypto();\n // safari 10.x uses webkitSubtle\n return (crypto && crypto.subtle) || (crypto as any).webkitSubtle;\n};\n\nexport const createRandomString = () => {\n const charset\n = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.';\n let random = '';\n const crypto = getCrypto();\n if (crypto) {\n const randomValues = Array.from(crypto.getRandomValues(new Uint8Array(43)));\n randomValues.forEach(v => (random += charset[v % charset.length]));\n }\n return random;\n};\n\nexport const encode = (value: string) =>\n hasWindow() ? btoa(value) : Buffer.from(value).toString('base64');\nexport const decode = (value: string) =>\n hasWindow() ? atob(value) : Buffer.from(value, 'base64').toString('ascii');\n\nexport const createQueryParams = (params: any) => {\n return Object.keys(params)\n .filter(k => typeof params[k] !== 'undefined')\n .map(k => `${encodeURIComponent(k)}=${encodeURIComponent(params[k])}`)\n .join('&');\n};\n\nexport const sha256 = async (s: string) => {\n const subtle = getCryptoSubtle();\n if (!subtle)\n throw new Error('Web Crypto API is not available');\n\n const digestOp: any = subtle.digest(\n { name: 'SHA-256' },\n new TextEncoder().encode(s),\n );\n\n // msCrypto (IE11) uses the old spec, which is not Promise based\n // https://msdn.microsoft.com/en-us/expression/dn904640(v=vs.71)\n if ((window as any).msCrypto) {\n return new Promise((resolve, reject) => {\n digestOp.oncomplete = (e: any) => {\n resolve(e.target.result);\n };\n\n digestOp.onerror = (e: ErrorEvent) => {\n reject(e.error);\n };\n\n digestOp.onabort = () => {\n reject(new Error('The digest operation was aborted'));\n };\n });\n }\n\n return await digestOp;\n};\n\nconst urlEncodeB64 = (input: string) => {\n const b64Chars: { [index: string]: string } = { '+': '-', '/': '_', '=': '' };\n return input.replace(/[+/=]/g, (m: string) => b64Chars[m]);\n};\n\n// https://stackoverflow.com/questions/30106476/\nconst decodeB64 = (input: string) =>\n decodeURIComponent(\n atob(input)\n .split('')\n .map((c) => {\n return `%${`00${c.charCodeAt(0).toString(16)}`.slice(-2)}`;\n })\n .join(''),\n );\n\nexport const urlDecodeB64 = (input: string) =>\n decodeB64(input.replace(/_/g, '/').replace(/-/g, '+'));\n\nexport const bufferToBase64UrlEncoded = (input: number[] | Uint8Array) => {\n const ie11SafeInput = new Uint8Array(input);\n return urlEncodeB64(\n window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))),\n );\n};\n\nconst originFromAuthorizerUrl = (authorizerUrl: string): string => {\n try {\n return new URL(authorizerUrl).origin;\n }\n catch {\n return authorizerUrl;\n }\n};\n\nexport const executeIframe = (\n authorizeUrl: string,\n eventOrigin: string,\n timeoutInSeconds: number = DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS,\n) => {\n return new Promise<AuthorizeResponse>((resolve, reject) => {\n const expectedOrigin = originFromAuthorizerUrl(eventOrigin);\n const iframe = window.document.createElement('iframe');\n iframe.setAttribute('id', 'authorizer-iframe');\n iframe.setAttribute('width', '0');\n iframe.setAttribute('height', '0');\n iframe.style.display = 'none';\n const removeIframe = () => {\n if (window.document.body.contains(iframe)) {\n window.document.body.removeChild(iframe);\n window.removeEventListener('message', iframeEventHandler, false);\n }\n };\n\n const timeoutSetTimeoutId = setTimeout(() => {\n reject(new Error('Authorization timeout'));\n removeIframe();\n }, timeoutInSeconds * 1000);\n\n const iframeEventHandler: (e: MessageEvent) => void = function (e: MessageEvent) {\n if (e.origin !== expectedOrigin)\n return;\n if (!e.data || !e.data.response)\n return;\n\n const eventSource = e.source;\n\n if (eventSource)\n (eventSource as any).close();\n\n if (e.data.response.error)\n reject(e.data.response);\n else\n resolve(e.data.response);\n\n clearTimeout(timeoutSetTimeoutId);\n window.removeEventListener('message', iframeEventHandler, false);\n setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1000);\n };\n\n window.addEventListener('message', iframeEventHandler, false);\n window.document.body.appendChild(iframe);\n iframe.setAttribute('src', authorizeUrl);\n });\n};\n"],"mappings":";;;;AACA,OAAOA,gBAAgB;;;ACDhB,IAAMC,uCAAuC;AAC7C,IAAMC,oCAAoC;;;ACuU1C,IAAKC,iBAAAA,0BAAAA,iBAAAA;;;;;;;;;;;SAAAA;;AAaL,IAAKC,gBAAAA,0BAAAA,gBAAAA;;;SAAAA;;;;AC/UL,IAAMC,YAAY,6BAAe,OAAOC,WAAW,aAAjC;AAElB,IAAMC,UAAU,wBAACC,QAAAA;AACtB,MAAIC,cAAcD,IAAIE,KAAI;AAC1B,QAAMC,WAAWF,YAAYA,YAAYG,SAAS,CAAA;AAClD,MAAID,aAAa,IACfF,eAAcA,YAAYI,MAAM,GAAG,EAAC;AAEtC,SAAOJ;AACT,GAPuB;AAShB,IAAMK,YAAY,6BAAA;AAEvB,SAAOT,UAAAA,IACDC,OAAOS,UAAWT,OAAeU,WACnC;AACN,GALyB;AAOlB,IAAMC,kBAAkB,6BAAA;AAC7B,QAAMF,SAASD,UAAAA;AAEf,SAAQC,UAAUA,OAAOG,UAAYH,OAAeI;AACtD,GAJ+B;AAMxB,IAAMC,qBAAqB,6BAAA;AAChC,QAAMC,UACF;AACJ,MAAIC,SAAS;AACb,QAAMP,SAASD,UAAAA;AACf,MAAIC,QAAQ;AACV,UAAMQ,eAAeC,MAAMC,KAAKV,OAAOW,gBAAgB,IAAIC,WAAW,EAAA,CAAA,CAAA;AACtEJ,iBAAaK,QAAQC,CAAAA,MAAMP,UAAUD,QAAQQ,IAAIR,QAAQT,MAAM,CAAC;EAClE;AACA,SAAOU;AACT,GAVkC;AAY3B,IAAMQ,SAAS,wBAACC,UACrB1B,UAAAA,IAAc2B,KAAKD,KAAAA,IAASE,OAAOR,KAAKM,KAAAA,EAAOG,SAAS,QAAA,GADpC;AAKf,IAAMC,oBAAoB,wBAACC,WAAAA;AAChC,SAAOC,OAAOC,KAAKF,MAAAA,EAChBG,OAAOC,CAAAA,MAAK,OAAOJ,OAAOI,CAAAA,MAAO,WAAA,EACjCC,IAAID,CAAAA,MAAK,GAAGE,mBAAmBF,CAAAA,CAAAA,IAAME,mBAAmBN,OAAOI,CAAAA,CAAE,CAAA,EAAG,EACpEG,KAAK,GAAA;AACV,GALiC;AAO1B,IAAMC,SAAS,8BAAOC,MAAAA;AAC3B,QAAMC,SAASC,gBAAAA;AACf,MAAI,CAACD,OACH,OAAM,IAAIE,MAAM,iCAAA;AAElB,QAAMC,WAAgBH,OAAOI,OAC3B;IAAEC,MAAM;EAAU,GAClB,IAAIC,YAAAA,EAAcC,OAAOR,CAAAA,CAAAA;AAK3B,MAAKS,OAAeC,UAAU;AAC5B,WAAO,IAAIC,QAAQ,CAACC,SAASC,WAAAA;AAC3BT,eAASU,aAAa,CAACC,MAAAA;AACrBH,gBAAQG,EAAEC,OAAOC,MAAM;MACzB;AAEAb,eAASc,UAAU,CAACH,MAAAA;AAClBF,eAAOE,EAAEI,KAAK;MAChB;AAEAf,eAASgB,UAAU,MAAA;AACjBP,eAAO,IAAIV,MAAM,kCAAA,CAAA;MACnB;IACF,CAAA;EACF;AAEA,SAAO,MAAMC;AACf,GA7BsB;AA+BtB,IAAMiB,eAAe,wBAACC,UAAAA;AACpB,QAAMC,WAAwC;IAAE,KAAK;IAAK,KAAK;IAAK,KAAK;EAAG;AAC5E,SAAOD,MAAME,QAAQ,UAAU,CAACC,MAAcF,SAASE,CAAAA,CAAE;AAC3D,GAHqB;AAmBd,IAAMC,2BAA2B,wBAACC,UAAAA;AACvC,QAAMC,gBAAgB,IAAIC,WAAWF,KAAAA;AACrC,SAAOG,aACLC,OAAOC,KAAKC,OAAOC,aAAY,GAAIC,MAAMC,KAAKR,aAAAA,CAAAA,CAAAA,CAAAA;AAElD,GALwC;AAOxC,IAAMS,0BAA0B,wBAACC,kBAAAA;AAC/B,MAAI;AACF,WAAO,IAAIC,IAAID,aAAAA,EAAeE;EAChC,QACM;AACJ,WAAOF;EACT;AACF,GAPgC;AASzB,IAAMG,gBAAgB,wBAC3BC,cACAC,aACAC,mBAA2BC,yCAAoC;AAE/D,SAAO,IAAIC,QAA2B,CAACC,SAASC,WAAAA;AAC9C,UAAMC,iBAAiBZ,wBAAwBM,WAAAA;AAC/C,UAAMO,SAASnB,OAAOoB,SAASC,cAAc,QAAA;AAC7CF,WAAOG,aAAa,MAAM,mBAAA;AAC1BH,WAAOG,aAAa,SAAS,GAAA;AAC7BH,WAAOG,aAAa,UAAU,GAAA;AAC9BH,WAAOI,MAAMC,UAAU;AACvB,UAAMC,eAAe,6BAAA;AACnB,UAAIzB,OAAOoB,SAASM,KAAKC,SAASR,MAAAA,GAAS;AACzCnB,eAAOoB,SAASM,KAAKE,YAAYT,MAAAA;AACjCnB,eAAO6B,oBAAoB,WAAWC,oBAAoB,KAAA;MAC5D;IACF,GALqB;AAOrB,UAAMC,sBAAsBC,WAAW,MAAA;AACrCf,aAAO,IAAIgB,MAAM,uBAAA,CAAA;AACjBR,mBAAAA;IACF,GAAGZ,mBAAmB,GAAA;AAEtB,UAAMiB,qBAAgD,gCAAUI,GAAe;AAC7E,UAAIA,EAAEzB,WAAWS,eACf;AACF,UAAI,CAACgB,EAAEC,QAAQ,CAACD,EAAEC,KAAKC,SACrB;AAEF,YAAMC,cAAcH,EAAEI;AAEtB,UAAID,YACDA,aAAoBE,MAAK;AAE5B,UAAIL,EAAEC,KAAKC,SAASI,MAClBvB,QAAOiB,EAAEC,KAAKC,QAAQ;UAEtBpB,SAAQkB,EAAEC,KAAKC,QAAQ;AAEzBK,mBAAaV,mBAAAA;AACb/B,aAAO6B,oBAAoB,WAAWC,oBAAoB,KAAA;AAC1DE,iBAAWP,cAAciB,oCAAoC,GAAA;IAC/D,GAnBsD;AAqBtD1C,WAAO2C,iBAAiB,WAAWb,oBAAoB,KAAA;AACvD9B,WAAOoB,SAASM,KAAKkB,YAAYzB,MAAAA;AACjCA,WAAOG,aAAa,OAAOX,YAAAA;EAC7B,CAAA;AACF,GAjD6B;;;AHxG7B,IAAMkC,eACJ;AACF,IAAMC,oBAAoB,kOAAkOD,YAAAA;AAG5P,IAAME,aAAa,6BAAOC,UAAAA,IAAcC,OAAOC,QAAQC,YAApC;AAEnB,SAASC,YAAYC,QAAe;AAClC,MAAIC,MAAMC,QAAQF,MAAAA,GAAS;AACzB,WAAOA,OAAOG,IAAI,CAACC,SAAAA;AACjB,UAAIA,gBAAgBC,MAAO,QAAOD;AAClC,UAAIA,QAAQ,OAAOA,SAAS,YAAY,aAAaA,KACnD,QAAO,IAAIC,MAAMC,OAAQF,KAA8BG,OAAO,CAAA;AAChE,aAAO,IAAIF,MAAMC,OAAOF,IAAAA,CAAAA;IAC1B,CAAA;EACF;AACA,MAAIJ,kBAAkBK,MAAO,QAAO;IAACL;;AACrC,MAAIA,WAAW,QAAQ,OAAOA,WAAW,UAAU;AACjD,UAAMQ,IAAIR;AACV,QAAI,OAAOQ,EAAEC,sBAAsB,SACjC,QAAO;MAAC,IAAIJ,MAAMG,EAAEC,iBAAiB;;AACvC,QAAI,OAAOD,EAAEE,UAAU,UAAU;AAC/B,YAAMC,OACJ,OAAOH,EAAEC,sBAAsB,WAC3B,KAAKD,EAAEC,iBAAiB,KACxB;AACN,aAAO;QAAC,IAAIJ,MAAM,GAAGG,EAAEE,KAAK,GAAGC,IAAAA,EAAM;;IACvC;AACA,QAAI,OAAOH,EAAED,YAAY,SAAU,QAAO;MAAC,IAAIF,MAAMG,EAAED,OAAO;;EAChE;AACA,MAAIP,WAAWY,UAAaZ,WAAW,KACrC,QAAO;IAAC,IAAIK,MAAM,eAAA;;AACpB,SAAO;IAAC,IAAIA,MAAMC,OAAON,MAAAA,CAAAA;;AAC3B;AA1BSD;AAkCF,IAAMc,cAAN,MAAMA,YAAAA;;EAEXC;EACAC;;EAGA,YAAYD,QAA0B;AA/DxC;AAgEI,QAAI,CAACA,OAAQ,OAAM,IAAIT,MAAM,2BAAA;AAE7B,SAAKS,SAASA;AACd,QAAI,GAACA,YAAOE,kBAAPF,mBAAsBG,QAAQ,OAAM,IAAIZ,MAAM,uBAAA;AAEnD,SAAKS,OAAOE,gBAAgBE,QAAQJ,OAAOE,aAAa;AAExD,QAAI,GAACF,YAAOK,gBAAPL,mBAAoBG,QAAQ,OAAM,IAAIZ,MAAM,qBAAA;AACjD,SAAKS,OAAOK,cAAcD,QAAQJ,OAAOK,WAAW;AACpD,SAAKL,OAAOM,aAAYN,iCAAQM,aAAY,IAAIH,KAAI;AAEpD,SAAKH,OAAOO,eAAe;MACzB,GAAIP,OAAOO,gBAAgB,CAAC;MAC5B,oBAAoBP,OAAOE;MAC3B,0BAA0BF,OAAOM,YAAY;MAC7C,gBAAgB;IAClB;EACF;EAEAE,YAAY,8BACVC,SAAAA;AApFJ;AAyFI,QAAI,CAAC5B,UAAAA,EACH,QAAO,KAAK6B,cAAc;MACxB,IAAInB,MAAM,2CAAA;KACX;AAEH,UAAMoB,SAAS;MAAC;MAAU;MAAW;;AACrC,QAAIF,KAAKG,kBAAmBD,QAAOE,KAAK,gBAAA;AAExC,UAAMC,cAAsC;MAC1CC,cAAc,KAAKf,OAAOK;MAC1BW,eAAeP,KAAKO,iBAAiB;MACrCC,OAAOC,OAAOC,mBAAAA,CAAAA;MACdC,OAAOF,OAAOC,mBAAAA,CAAAA;MACdE,eAAeZ,KAAKY;MACpBC,OAAOX,OAAOY,KAAK,GAAA;MACnBC,aAAW,UAAKxB,WAAL,mBAAaM,aAAY;IACtC;AAEA,QAAIG,KAAKY,kBAAwBI,cAAcC,MAAM;AACnD,WAAKzB,eAAekB,mBAAAA;AACpB,YAAMQ,MAAM,MAAMC,OAAO,KAAK3B,YAAY;AAC1C,YAAM4B,gBAAgBC,yBAAyBH,GAAAA;AAC/Cb,kBAAYiB,iBAAiBF;AAC7Bf,kBAAYkB,wBAAwB;IACtC;AAEA,UAAMC,eAAe,GACnB,KAAKjC,OAAOE,aAAa,cACbgC,kBAAkBpB,WAAAA,CAAAA;AAEhC,QAAIA,YAAYE,kBAAkB,eAAe;AAC/ClC,aAAOqD,SAASC,QAAQH,YAAAA;AACxB,aAAO,KAAKI,WAAWvC,MAAAA;IACzB;AAEA,QAAI;AACF,YAAMwC,YAAY,MAAMC,cACtBN,cACA,KAAKjC,OAAOE,eACZsC,oCAAAA;AAGF,UAAI/B,KAAKY,kBAAwBI,cAAcC,MAAM;AAEnD,cAAMe,YACJ,MAAM,KAAKC,SAAS;UAClBC,MAAML,UAAUK;QAClB,CAAA;AACF,eAAOF,UAAUvD,OAAO0D,SACpB,KAAKlC,cAAc+B,UAAUvD,MAAM,IACnC,KAAKmD,WAAWI,UAAUhC,IAAI;MACpC;AAGA,aAAO,KAAK4B,WAAWC,SAAAA;IACzB,SAASO,KAAK;AACZ,UAAIA,IAAIjD,OAAO;AACbd,eAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,cAAcgB,OACxC4B,KAAKC,UAAU;UACbzC,UAAU,KAAKN,OAAOM;UACtBD,aAAa,KAAKL,OAAOK;UACzBH,eAAe,KAAKF,OAAOE;QAC7B,CAAA,CAAA,CAAA,iBACgB8C,mBAAmB,KAAKhD,OAAOK,eAAe,EAAA,CAAA,EAAK;MAEzE;AAEA,aAAO,KAAKK,cAAcmC,GAAAA;IAC5B;EACF,GA5EY;EA8EZI,eAAe,mCAAA;AACb,QAAI;AACF,YAAMR,YACJ,MAAM,KAAKS,WAAU;AACvB,aAAOT,UAAUvD,OAAO0D,SACpB,KAAKlC,cAAc+B,UAAUvD,MAAM,IACnC,KAAKmD,WAAWI,UAAUhC,IAAI;IACpC,SAASoC,KAAK;AACZ,UAAI,CAAChE,UAAAA,GAAa;AAChB,eAAO;UACL4B,MAAMX;UACNZ,QAAQ;YAAC,IAAIK,MAAM,6CAAA;;QACrB;MACF;AAEAT,aAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,cAAcgB,OACxC4B,KAAKC,UAAU;QACbzC,UAAU,KAAKN,OAAOM;QACtBD,aAAa,KAAKL,OAAOK;QACzBH,eAAe,KAAKF,OAAOE;MAC7B,CAAA,CAAA,CAAA,iBACgB8C,mBAAmB,KAAKhD,OAAOK,eAAe,EAAA,CAAA,EAAK;AAEvE,aAAO,KAAKK,cAAcmC,GAAAA;IAC5B;EACF,GA1Be;EA4BfM,iBAAiB,8BACf1C,SAAAA;AA9LJ;AAgMI,QAAI,CAACA,KAAKQ,MAAOR,MAAKQ,QAAQC,OAAOC,mBAAAA,CAAAA;AAErC,QAAI,CAACV,KAAKM,aAAcN,MAAKM,eAAe,KAAKf,OAAOK;AAExD,QAAI;AACF,YAAM+C,qBAAqB,MAAM,KAAKC,aAAa;QACjDC,OACE;QACFC,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AACA,eAAOJ,8DAAoBlE,WAApBkE,mBAA4BR,UAC/B,KAAKlC,cAAc0C,mBAAmBlE,MAAM,IAC5C,KAAKmD,YAAWe,8DAAoB3C,SAApB2C,mBAA0BK,eAAAA;IAChD,SAAS7D,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAtBiB;EAwBjB8D,cAAc,mCAAA;AArNhB;AAsNI,QAAI;AACF,YAAMC,MAAM,MAAM,KAAKN,aAAa;QAClCC,OACE;QACFE,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,WAAWsB,IAAIlD,KAAKmD,IAAI;IACnC,SAAShE,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAdc;EAgBdiE,aAAa,8BACXC,YAAAA;AAtOJ;AAwOI,QAAI;AACF,YAAMC,aAAa,MAAM,KAAKV,aAAa;QACzCC,OAAO,6BAA6B5E,YAAAA;QACpCoF;QACAN,eAAe;MACjB,CAAA;AAEA,eAAOO,8CAAY7E,WAAZ6E,mBAAoBnB,UACvB,KAAKlC,cAAcqD,WAAW7E,MAAM,IACpC,KAAKmD,WAAW0B,WAAWtD,KAAKuD,OAAO;IAC7C,SAASpE,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAhBa;;EAmBbsD,aAAa,8BACXY,SACAG,WAAAA;AA1PJ;AA4PI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO,0EAA0E3E,iBAAAA;QACjFmF;QACAP,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUO,OAAAA;IAChC,SAASrB,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GAnBa;EAqBbH,WAAW,8BACTjC,SAAAA;AA9QJ;AAgRI,QAAI,CAACA,KAAK0D,WAAY1D,MAAK0D,aAAa;AAExC,QAAI1D,KAAK0D,eAAe,mBAAmB,GAAC1D,UAAK2D,kBAAL3D,mBAAoBN,QAC9D,QAAO,KAAKO,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,QAAIkB,KAAK0D,eAAe,wBAAwB,CAAC,KAAKlE,aACpD,QAAO,KAAKS,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,UAAMuB,cAAc;MAClBU,WAAW,KAAKxB,OAAOM;MACvBqC,MAAMlC,KAAKkC,QAAQ;MACnB0B,eAAe,KAAKpE,gBAAgB;MACpCkE,YAAY1D,KAAK0D,cAAc;MAC/BC,eAAe3D,KAAK2D,iBAAiB;IACvC;AAEA,QAAI;AACF,YAAME,UAAU1F,WAAAA;AAChB,YAAM+E,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,gBAAgB;QACpEqE,QAAQ;QACRC,MAAM1B,KAAKC,UAAUjC,WAAAA;QACrBgD,SAAS;UACP,GAAG,KAAK9D,OAAOO;QACjB;QACAkE,aAAa;MACf,CAAA;AAEA,YAAMC,OAAO,MAAMf,IAAIe,KAAI;AAC3B,UAAIC,OAG0B,CAAC;AAC/B,UAAID,MAAM;AACR,YAAI;AACFC,iBAAO7B,KAAK8B,MAAMF,IAAAA;QACpB,QAAQ;AACN,iBAAO,KAAKhE,cAAc;YACxB,IAAInB,MACFoE,IAAIkB,KACA,qCACA,QAAQlB,IAAImB,MAAM,EAAE;WAE3B;QACH;MACF;AACA,UAAI,CAACnB,IAAIkB,IAAI;AACX,eAAO,KAAKnE,cAAc;UACxB,IAAInB,MACFC,OACEmF,KAAKhF,qBAAqBgF,KAAK/E,SAAS,QAAQ+D,IAAImB,MAAM,EAAE,CAAA;SAGjE;MACH;AAEA,aAAO,KAAKzC,WAAWsC,IAAAA;IACzB,SAAS9B,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GA9DW;EAgEXkC,QAAQ,8BACNtE,SAAAA;AA9UJ;AAgVI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;qEACsD3E,iBAAAA;;QAE7D4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUoB,KAAAA;IAChC,SAASlC,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GAlBQ;EAoBRmC,SAAS,8BACPlB,YAAAA;AAlWJ;AAoWI,QAAI;AACF,YAAMH,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;QACPQ;QACAN,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUqB,MAAAA;IAChC,SAASnC,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAfS;EAiBToC,iBAAiB,8BACfxE,SAAAA;AAnXJ;AAqXI,QAAI;AACF,UAAI,CAACA,KAAKQ,MAAOR,MAAKQ,QAAQC,OAAOC,mBAAAA,CAAAA;AAErC,UAAI,CAACV,KAAKM,aAAcN,MAAKM,eAAe,KAAKf,OAAOK;AAExD,YAAMsD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUuB,gBAAAA;IAChC,SAASrC,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAtBiB;EAwBjBsC,aAAa,8BACXC,eACAC,OACAtE,cACAE,UAAAA;AAEA,QAAIqE,WAAWrE;AACf,QAAI,CAACqE,UAAU;AACbA,iBAAWpE,OAAOC,mBAAAA,CAAAA;IACpB;AAEA,UAAMoE,mBAAmBC,OAAOC,OAAaC,cAAc;AAC3D,QAAI,CAACH,iBAAiBI,SAASP,aAAAA,GAAgB;AAC7C,YAAM,IAAI7F,MACR,iDAAiDgG,iBAAiBhE,KAAK,IAAA,CAAA,EAAO;IAElF;AACA,QAAI,CAAC1C,UAAAA,EACH,OAAM,IAAIU,MAAM,2CAAA;AAElB,QAAI8F,SAASA,MAAMzC,OAAQ0C,aAAY,UAAUD,MAAM9D,KAAK,GAAA,CAAA;AAE5DzC,WAAOqD,SAASC,QACd,GAAG,KAAKpC,OAAOE,aAAa,gBAAgBkF,aAAAA,iBAA8BpC,mBACxEjC,gBAAgB,KAAKf,OAAOK,eAAe,EAAA,CAAA,UAClC2C,mBAAmBsC,QAAAA,CAAAA,EAAW;EAE7C,GA3Ba;EA6BbM,YAAY,8BACVnF,SAAAA;AAxaJ;AA0aI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUkC,UAAAA;IAChC,SAAShD,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBY;EAoBZiD,gBAAgB,8BACdrF,SAAAA;AA5bJ;AA8bI,QAAI;AACF,YAAMsF,mBAAmB,MAAM,KAAK1C,aAAa;QAC/CC,OACE;QACFC,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AACA,eAAOuC,0DAAkB7G,WAAlB6G,mBAA0BnD,UAC7B,KAAKlC,cAAcqF,iBAAiB7G,MAAM,IAC1C,KAAKmD,YAAW0D,sBAAiBtF,SAAjBsF,mBAAuBC,cAAAA;IAC7C,SAASpG,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAlBgB;EAoBhBqG,cAAc,8BAAOxF,SAAAA;AA/cvB;AAgdI,QAAI,GAACA,UAAK2D,kBAAL3D,mBAAoBN,QACvB,QAAO,KAAKO,cAAc;MAAC,IAAInB,MAAM,uBAAA;KAAyB;AAEhE,QAAI;AACF,YAAM+E,UAAU1F,WAAAA;AAChB,YAAM+E,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,iBAAiB;QACrEqE,QAAQ;QACRT,SAAS;UACP,GAAG,KAAK9D,OAAOO;QACjB;QACAiE,MAAM1B,KAAKC,UAAU;UACnBqB,eAAe3D,KAAK2D;UACpB5C,WAAW,KAAKxB,OAAOM;QACzB,CAAA;MACF,CAAA;AAEA,YAAMoE,OAAO,MAAMf,IAAIe,KAAI;AAC3B,UAAIwB,eAAwC,CAAC;AAC7C,UAAIxB,MAAM;AACR,YAAI;AACFwB,yBAAepD,KAAK8B,MAAMF,IAAAA;QAC5B,QAAQ;AACN,iBAAO,KAAKhE,cAAc;YACxB,IAAInB,MACFoE,IAAIkB,KACA,sCACA,QAAQlB,IAAImB,MAAM,EAAE;WAE3B;QACH;MACF;AAEA,UAAI,CAACnB,IAAIkB,IAAI;AACX,cAAMsB,UAAUD;AAIhB,eAAO,KAAKxF,cAAc;UACxB,IAAInB,MACFC,OACE2G,QAAQxG,qBACNwG,QAAQvG,SACR,QAAQ+D,IAAImB,MAAM,EAAE,CAAA;SAG3B;MACH;AAEA,aAAO,KAAKzC,WAAW6D,YAAAA;IACzB,SAASrD,KAAK;AACZ,aAAO,KAAKnC,cAAcmC,GAAAA;IAC5B;EACF,GArDc;EAuDduD,SAAS,8BACP3F,SAAAA;AAvgBJ;AAygBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;wEACyD3E,iBAAAA;;QAEhE4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUyC,MAAAA;IAChC,SAASvD,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBS;EAoBTwD,gBAAgB,8BACd5F,MACAqD,YAAAA;AA5hBJ;AA8hBI,QAAI;AACF,YAAMwC,mBAAmB,MAAM,KAAKjD,aAAa;QAC/CC,OACE;QACFQ;QACAP,WAAW;UACT9C;QACF;QACA+C,eAAe;MACjB,CAAA;AAEA,eAAO8C,0DAAkBpH,WAAlBoH,mBAA0B1D,UAC7B,KAAKlC,cAAc4F,iBAAiBpH,MAAM,IAC1C,KAAKmD,YAAWiE,sBAAiB7F,SAAjB6F,mBAAuBC,cAAAA;IAC7C,SAAS3G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GArBgB;EAuBhB4G,oBAAoB,8BAClB1C,YAAAA;AAljBJ;AAojBI,QAAI;AACF,YAAMH,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;QACPQ;QACAN,eAAe;MACjB,CAAA;AACA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAU8C,kBAAAA;IAChC,SAAS7G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAfoB;EAiBpB8G,mBAAmB,8BACjBzC,WAAAA;AAnkBJ;AAqkBI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OACE;QACFC,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUgD,kBAAAA;IAChC,SAAS/G,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAnBmB;EAqBnBgH,kBAAkB,8BAChB3C,WAAAA;AAxlBJ;AA0lBI,QAAI;AACF,YAAMN,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO,+GAA+G5E,YAAAA;QACtH6E,WAAW;UACTU;QACF;QACAT,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUkD,gBAAAA;IAChC,SAASjH,OAAO;AACd,aAAO,KAAKc,cAAc;QAACd;OAAM;IACnC;EACF,GAlBkB;EAoBlBkH,cAAc,8BACZrG,SAAAA;AA5mBJ;AA8mBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;yFAC0E3E,iBAAAA;;QAEjF4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUoD,YAAAA;IAChC,SAASlE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBc;EAoBdmE,oBAAoB,8BAClBvG,SAAAA;AAhoBJ;AAkoBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;;;QAGPC,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUsD,mBAAAA;IAChC,SAASpE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBoB;EAoBpBqE,YAAY,8BACVzG,SAAAA;AAppBJ;AAspBI,QAAI;AACF,YAAMkD,MAAM,MAAM,KAAKN,aAAa;QAClCC,OAAO;mFACoE3E,iBAAAA;;QAE3E4E,WAAW;UAAE9C;QAAK;QAClB+C,eAAe;MACjB,CAAA;AAEA,eAAOG,gCAAKzE,WAALyE,mBAAaf,UAChB,KAAKlC,cAAciD,IAAIzE,MAAM,IAC7B,KAAKmD,YAAWsB,SAAIlD,SAAJkD,mBAAUwD,UAAAA;IAChC,SAAStE,KAAK;AACZ,aAAO,KAAKnC,cAAc;QAACmC;OAAI;IACjC;EACF,GAlBY;;;EAsBZQ,eAAe,8BACb5C,SAAAA;AA1qBJ;AA4qBI,UAAM6D,UAAU1F,WAAAA;AAChB,UAAM4F,OAAgC;MACpClB,OAAO7C,KAAK6C;MACZC,WAAW9C,KAAK8C,aAAa,CAAC;IAChC;AACA,QAAI9C,KAAK+C,eAAe;AACtBgB,WAAKhB,gBAAgB/C,KAAK+C;IAC5B;AACA,UAAMG,MAAM,MAAMW,QAAQ,GAAG,KAAKtE,OAAOE,aAAa,YAAY;MAChEqE,QAAQ;MACRC,MAAM1B,KAAKC,UAAUyB,IAAAA;MACrBV,SAAS;QACP,GAAG,KAAK9D,OAAOO;QACf,GAAIE,KAAKqD,WAAW,CAAC;MACvB;MACAW,aAAa;IACf,CAAA;AAEA,UAAMC,OAAO,MAAMf,IAAIe,KAAI;AAC3B,QAAIC,OAA+C,CAAC;AACpD,QAAID,MAAM;AACR,UAAI;AACFC,eAAO7B,KAAK8B,MAAMF,IAAAA;MACpB,QAAQ;AACN,eAAO;UACLjE,MAAMX;UACNZ,QAAQ;YACN,IAAIK,MACFoE,IAAIkB,KACA,uCACA,QAAQlB,IAAImB,MAAM,EAAE;;QAG9B;MACF;IACF,WAAW,CAACnB,IAAIkB,IAAI;AAClB,aAAO;QACLpE,MAAMX;QACNZ,QAAQ;UAAC,IAAIK,MAAM,QAAQoE,IAAImB,MAAM,EAAE;;MACzC;IACF;AAEA,SAAIH,kCAAMzF,WAANyF,mBAAc/B,QAAQ;AACxB,aAAO;QAAEnC,MAAMX;QAAWZ,QAAQD,YAAY0F,KAAKzF,MAAM;MAAE;IAC7D;AAEA,QAAI,CAACyE,IAAIkB,IAAI;AACX,aAAO;QACLpE,MAAMX;QACNZ,QAAQ;UAAC,IAAIK,MAAM,QAAQoE,IAAImB,MAAM,EAAE;;MACzC;IACF;AAEA,WAAO;MAAErE,MAAMkE,KAAKlE;MAAMvB,QAAQ,CAAA;IAAG;EACvC,GAzDe;EA2DfwB,gBAAgB,wBAACxB,WAAAA;AACf,WAAO;MACLuB,MAAMX;MACNZ,QAAQD,YAAYC,MAAAA;IACtB;EACF,GALgB;EAOhBmD,aAAa,wBAAC5B,SAAAA;AACZ,WAAO;MACLA;MACAvB,QAAQ,CAAA;IACV;EACF,GALa;AAMf;AAxrBaa;AAAN,IAAMA,aAAN;","names":["crossFetch","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","CLEANUP_IFRAME_TIMEOUT_IN_SECONDS","OAuthProviders","ResponseTypes","hasWindow","window","trimURL","url","trimmedData","trim","lastChar","length","slice","getCrypto","crypto","msCrypto","getCryptoSubtle","subtle","webkitSubtle","createRandomString","charset","random","randomValues","Array","from","getRandomValues","Uint8Array","forEach","v","encode","value","btoa","Buffer","toString","createQueryParams","params","Object","keys","filter","k","map","encodeURIComponent","join","sha256","s","subtle","getCryptoSubtle","Error","digestOp","digest","name","TextEncoder","encode","window","msCrypto","Promise","resolve","reject","oncomplete","e","target","result","onerror","error","onabort","urlEncodeB64","input","b64Chars","replace","m","bufferToBase64UrlEncoded","input","ie11SafeInput","Uint8Array","urlEncodeB64","window","btoa","String","fromCharCode","Array","from","originFromAuthorizerUrl","authorizerUrl","URL","origin","executeIframe","authorizeUrl","eventOrigin","timeoutInSeconds","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","Promise","resolve","reject","expectedOrigin","iframe","document","createElement","setAttribute","style","display","removeIframe","body","contains","removeChild","removeEventListener","iframeEventHandler","timeoutSetTimeoutId","setTimeout","Error","e","data","response","eventSource","source","close","error","clearTimeout","CLEANUP_IFRAME_TIMEOUT_IN_SECONDS","addEventListener","appendChild","userFragment","authTokenFragment","getFetcher","hasWindow","window","fetch","crossFetch","toErrorList","errors","Array","isArray","map","item","Error","String","message","o","error_description","error","desc","undefined","Authorizer","config","codeVerifier","authorizerURL","trim","trimURL","redirectURL","clientID","extraHeaders","authorize","data","errorResponse","scopes","use_refresh_token","push","requestData","redirect_uri","response_mode","state","encode","createRandomString","nonce","response_type","scope","join","client_id","ResponseTypes","Code","sha","sha256","codeChallenge","bufferToBase64UrlEncoded","code_challenge","code_challenge_method","authorizeURL","createQueryParams","location","replace","okResponse","iframeRes","executeIframe","DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS","tokenResp","getToken","code","length","err","JSON","stringify","encodeURIComponent","browserLogin","getSession","forgotPassword","forgotPasswordResp","graphqlQuery","query","variables","operationName","forgot_password","getMetaData","res","meta","getProfile","headers","profileRes","profile","params","session","grant_type","refresh_token","code_verifier","fetcher","method","body","credentials","text","json","parse","ok","status","login","logout","magicLinkLogin","magic_link_login","oauthLogin","oauthProvider","roles","urlState","oauthProviderIds","Object","values","OAuthProviders","includes","resendOtp","resend_otp","resetPassword","resetPasswordRes","reset_password","revokeToken","responseData","errBody","signup","updateProfile","updateProfileRes","update_profile","deactivateAccount","deactivate_account","validateJWTToken","validate_jwt_token","validateSession","validate_session","verifyEmail","verify_email","resendVerifyEmail","resend_verify_email","verifyOtp","verify_otp"]}
|