@authsignal/browser 0.4.3 → 0.4.4-alpha

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/api/authsignal-api-client.d.ts +20 -0
  2. package/dist/authsignal.d.ts +2 -0
  3. package/dist/index.js +95 -7
  4. package/dist/index.min.js +1 -1
  5. package/dist/kiosk.d.ts +16 -0
  6. package/dist/passkey.d.ts +3 -0
  7. package/package.json +1 -1
package/dist/api/authsignal-api-client.d.ts ADDED
@@ -0,0 +1,20 @@
1
+ import { ChallengeResponse, VerifyResponse } from "./types";
2
+ declare type AuthsignalApiClientOptions = {
3
+ baseUrl: string;
4
+ tenantId: string;
5
+ };
6
+ export declare class AuthsignalApiClient {
7
+ tenantId: string;
8
+ baseUrl: string;
9
+ constructor({ baseUrl, tenantId }: AuthsignalApiClientOptions);
10
+ challenge(action: string): Promise<ChallengeResponse>;
11
+ verify({ challengeId }: {
12
+ challengeId: string;
13
+ }): Promise<AnonymousVerifyResponse>;
14
+ private buildHeaders;
15
+ }
16
+ export declare type AnonymousVerifyResponse = VerifyResponse & {
17
+ isConsumed: boolean;
18
+ data?: any;
19
+ };
20
+ export {};
package/dist/authsignal.d.ts CHANGED
@@ -1,11 +1,13 @@
1
1
  import { AuthsignalOptions, LaunchOptions, TokenPayload } from "./types";
2
2
  import { Passkey } from "./passkey";
3
+ import { Kiosk } from "./kiosk";
3
4
  export declare class Authsignal {
4
5
  anonymousId: string;
5
6
  profilingId: string;
6
7
  cookieDomain: string;
7
8
  anonymousIdCookieName: string;
8
9
  passkey: Passkey;
10
+ kiosk: Kiosk;
9
11
  private _token;
10
12
  constructor({ cookieDomain, cookieName, baseUrl, tenantId, }: AuthsignalOptions);
11
13
  launch(url: string, options?: {
package/dist/index.js CHANGED
@@ -559,13 +559,17 @@ var PasskeyApiClient = /** @class */ (function () {
559
559
  switch (_b.label) {
560
560
  case 0:
561
561
  body = { challengeId: challengeId };
562
- response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/authentication-options"), {
563
- method: "POST",
564
- headers: this.buildHeaders(token),
565
- body: JSON.stringify(body)
566
- });
567
- return [4 /*yield*/, response];
568
- case 1: return [2 /*return*/, (_b.sent()).json()];
562
+ return [4 /*yield*/, fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/authentication-options"), {
563
+ method: "POST",
564
+ headers: this.buildHeaders(token),
565
+ body: JSON.stringify(body)
566
+ })];
567
+ case 1:
568
+ response = _b.sent();
569
+ if (!response.ok) {
570
+ throw new Error(response.statusText);
571
+ }
572
+ return [2 /*return*/, response.json()];
569
573
  }
570
574
  });
571
575
  });
@@ -1338,6 +1342,89 @@ function resizeIframe(event) {
1338
1342
  }
1339
1343
  }
1340
1344
 
1345
+ var AuthsignalApiClient = /** @class */ (function () {
1346
+ function AuthsignalApiClient(_a) {
1347
+ var baseUrl = _a.baseUrl, tenantId = _a.tenantId;
1348
+ this.tenantId = tenantId;
1349
+ this.baseUrl = baseUrl;
1350
+ }
1351
+ AuthsignalApiClient.prototype.challenge = function (action) {
1352
+ return __awaiter(this, void 0, void 0, function () {
1353
+ var response;
1354
+ return __generator(this, function (_a) {
1355
+ switch (_a.label) {
1356
+ case 0:
1357
+ response = fetch("".concat(this.baseUrl, "/client/challenge"), {
1358
+ method: "POST",
1359
+ headers: this.buildHeaders(),
1360
+ body: JSON.stringify({ action: action })
1361
+ });
1362
+ return [4 /*yield*/, response];
1363
+ case 1: return [2 /*return*/, (_a.sent()).json()];
1364
+ }
1365
+ });
1366
+ });
1367
+ };
1368
+ AuthsignalApiClient.prototype.verify = function (_a) {
1369
+ var challengeId = _a.challengeId;
1370
+ return __awaiter(this, void 0, void 0, function () {
1371
+ var body, response;
1372
+ return __generator(this, function (_b) {
1373
+ switch (_b.label) {
1374
+ case 0:
1375
+ body = { challengeId: challengeId };
1376
+ response = fetch("".concat(this.baseUrl, "/client/verify"), {
1377
+ method: "POST",
1378
+ headers: this.buildHeaders(),
1379
+ body: JSON.stringify(body)
1380
+ });
1381
+ return [4 /*yield*/, response];
1382
+ case 1: return [2 /*return*/, (_b.sent()).json()];
1383
+ }
1384
+ });
1385
+ });
1386
+ };
1387
+ AuthsignalApiClient.prototype.buildHeaders = function (token) {
1388
+ var authorizationHeader = token ? "Bearer ".concat(token) : "Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)));
1389
+ return {
1390
+ "Content-Type": "application/json",
1391
+ Authorization: authorizationHeader
1392
+ };
1393
+ };
1394
+ return AuthsignalApiClient;
1395
+ }());
1396
+
1397
+ var Kiosk = /** @class */ (function () {
1398
+ function Kiosk(_a) {
1399
+ var baseUrl = _a.baseUrl, tenantId = _a.tenantId;
1400
+ this.api = new AuthsignalApiClient({ baseUrl: baseUrl, tenantId: tenantId });
1401
+ }
1402
+ Kiosk.prototype.challenge = function (params) {
1403
+ return __awaiter(this, void 0, void 0, function () {
1404
+ var result;
1405
+ return __generator(this, function (_a) {
1406
+ switch (_a.label) {
1407
+ case 0: return [4 /*yield*/, this.api.challenge(params.action)];
1408
+ case 1:
1409
+ result = _a.sent();
1410
+ return [2 /*return*/, result.challengeId];
1411
+ }
1412
+ });
1413
+ });
1414
+ };
1415
+ Kiosk.prototype.verify = function (params) {
1416
+ return __awaiter(this, void 0, void 0, function () {
1417
+ return __generator(this, function (_a) {
1418
+ switch (_a.label) {
1419
+ case 0: return [4 /*yield*/, this.api.verify({ challengeId: params.challengeId })];
1420
+ case 1: return [2 /*return*/, _a.sent()];
1421
+ }
1422
+ });
1423
+ });
1424
+ };
1425
+ return Kiosk;
1426
+ }());
1427
+
1341
1428
  var DEFAULT_COOKIE_NAME = "__as_aid";
1342
1429
  var DEFAULT_PROFILING_COOKIE_NAME = "__as_pid";
1343
1430
  var DEFAULT_BASE_URL = "https://api.authsignal.com/v1";
@@ -1370,6 +1457,7 @@ var Authsignal = /** @class */ (function () {
1370
1457
  });
1371
1458
  }
1372
1459
  this.passkey = new Passkey({ tenantId: tenantId, baseUrl: baseUrl, anonymousId: this.anonymousId });
1460
+ this.kiosk = new Kiosk({ baseUrl: baseUrl, tenantId: tenantId });
1373
1461
  }
1374
1462
  Authsignal.prototype.launch = function (url, options) {
1375
1463
  switch (options === null || options === void 0 ? void 0 : options.mode) {
package/dist/index.min.js CHANGED
@@ -1 +1 @@
1
- var authsignal=function(e){"use strict";let t;const n=new Uint8Array(16);function o(){if(!t&&(t="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!t))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return t(n)}const i=[];for(let e=0;e<256;++e)i.push((e+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function a(e,t,n){if(r.randomUUID&&!t&&!e)return r.randomUUID();const a=(e=e||{}).random||(e.rng||o)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,t){n=n||0;for(let e=0;e<16;++e)t[n+e]=a[e];return t}return function(e,t=0){return(i[e[t+0]]+i[e[t+1]]+i[e[t+2]]+i[e[t+3]]+"-"+i[e[t+4]]+i[e[t+5]]+"-"+i[e[t+6]]+i[e[t+7]]+"-"+i[e[t+8]]+i[e[t+9]]+"-"+i[e[t+10]]+i[e[t+11]]+i[e[t+12]]+i[e[t+13]]+i[e[t+14]]+i[e[t+15]]).toLowerCase()}(a)}var s=function(e){var t=e.name,n=e.value,o=e.expire,i=e.domain,r=e.secure,a=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(t)+"="+n+"; path=/;"+a+(i?"; domain="+i:"")+(r?"; secure":"")};function c(e,t,n,o){return new(n||(n=Promise))((function(i,r){function a(e){try{c(o.next(e))}catch(e){r(e)}}function s(e){try{c(o.throw(e))}catch(e){r(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(a,s)}c((o=o.apply(e,t||[])).next())}))}function u(e,t){var n,o,i,r,a={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return r={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function s(r){return function(s){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;a;)try{if(n=1,o&&(i=2&r[0]?o.return:r[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,r[1])).done)return i;switch(o=0,i&&(r=[2&r[0],i.value]),r[0]){case 0:case 1:i=r;break;case 4:return a.label++,{value:r[1],done:!1};case 5:a.label++,o=r[1],r=[0];continue;case 7:r=a.ops.pop(),a.trys.pop();continue;default:if(!(i=a.trys,(i=i.length>0&&i[i.length-1])||6!==r[0]&&2!==r[0])){a=0;continue}if(3===r[0]&&(!i||r[1]>i[0]&&r[1]<i[3])){a.label=r[1];break}if(6===r[0]&&a.label<i[1]){a.label=i[1],i=r;break}if(i&&a.label<i[2]){a.label=i[2],a.ops.push(r);break}i[2]&&a.ops.pop(),a.trys.pop();continue}r=t.call(e,a)}catch(e){r=[6,e],o=0}finally{n=i=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,s])}}}function l(e){const t=new Uint8Array(e);let n="";for(const e of t)n+=String.fromCharCode(e);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function d(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),n=(4-t.length%4)%4,o=t.padEnd(t.length+n,"="),i=atob(o),r=new ArrayBuffer(i.length),a=new Uint8Array(r);for(let e=0;e<i.length;e++)a[e]=i.charCodeAt(e);return r}function h(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function p(e){const{id:t}=e;return{...e,id:d(t),transports:e.transports}}function f(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}e.AuthsignalWindowMessage=void 0,(e.AuthsignalWindowMessage||(e.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class m extends Error{constructor({message:e,code:t,cause:n,name:o}){super(e,{cause:n}),this.name=o??n.name,this.code=t}}const w=new class{createNewAbortSignal(){if(this.controller){const e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}const e=new AbortController;return this.controller=e,e.signal}cancelCeremony(){if(this.controller){const e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}}},g=["cross-platform","platform"];function y(e){if(e&&!(g.indexOf(e)<0))return e}async function v(e){if(!h())throw new Error("WebAuthn is not supported in this browser");var t;const n={publicKey:{...e,challenge:d(e.challenge),user:{...e.user,id:(t=e.user.id,(new TextEncoder).encode(t))},excludeCredentials:e.excludeCredentials?.map(p)}};let o;n.signal=w.createNewAbortSignal();try{o=await navigator.credentials.create(n)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new m({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if("ConstraintError"===e.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new m({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if("required"===n.authenticatorSelection?.userVerification)return new m({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if("InvalidStateError"===e.name)return new m({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if("NotAllowedError"===e.name)return new m({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("NotSupportedError"===e.name)return 0===n.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new m({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new m({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!f(t))return new m({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rp.id!==t)return new m({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("TypeError"===e.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new m({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if("UnknownError"===e.name)return new m({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:n})}if(!o)throw new Error("Registration was not completed");const{id:i,rawId:r,response:a,type:s}=o;let c,u,g,v;if("function"==typeof a.getTransports&&(c=a.getTransports()),"function"==typeof a.getPublicKeyAlgorithm)try{u=a.getPublicKeyAlgorithm()}catch(e){b("getPublicKeyAlgorithm()",e)}if("function"==typeof a.getPublicKey)try{const e=a.getPublicKey();null!==e&&(g=l(e))}catch(e){b("getPublicKey()",e)}if("function"==typeof a.getAuthenticatorData)try{v=l(a.getAuthenticatorData())}catch(e){b("getAuthenticatorData()",e)}return{id:i,rawId:l(r),response:{attestationObject:l(a.attestationObject),clientDataJSON:l(a.clientDataJSON),transports:c,publicKeyAlgorithm:u,publicKey:g,authenticatorData:v},type:s,clientExtensionResults:o.getClientExtensionResults(),authenticatorAttachment:y(o.authenticatorAttachment)}}function b(e,t){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.\n`,t)}async function E(e,t=!1){if(!h())throw new Error("WebAuthn is not supported in this browser");let n;0!==e.allowCredentials?.length&&(n=e.allowCredentials?.map(p));const o={...e,challenge:d(e.challenge),allowCredentials:n},i={};if(t){if(!await function(){const e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((e=>e(!1))):e.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');i.mediation="conditional",o.allowCredentials=[]}let r;i.publicKey=o,i.signal=w.createNewAbortSignal();try{r=await navigator.credentials.get(i)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new m({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else{if("NotAllowedError"===e.name)return new m({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!f(t))return new m({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rpId!==t)return new m({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("UnknownError"===e.name)return new m({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:i})}if(!r)throw new Error("Authentication was not completed");const{id:a,rawId:s,response:c,type:u}=r;let g;var v;return c.userHandle&&(v=c.userHandle,g=new TextDecoder("utf-8").decode(v)),{id:a,rawId:l(s),response:{authenticatorData:l(c.authenticatorData),clientDataJSON:l(c.clientDataJSON),signature:l(c.signature),userHandle:g},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:y(r.authenticatorAttachment)}}var A=function(){function e(e){var t=e.baseUrl,n=e.tenantId;this.tenantId=n,this.baseUrl=t}return e.prototype.registrationOptions=function(e){var t=e.token,n=e.username,o=e.authenticatorAttachment;return c(this,void 0,void 0,(function(){var e;return u(this,(function(i){switch(i.label){case 0:return e=Boolean(o)?{username:n,authenticatorAttachment:o}:{username:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:this.buildHeaders(t),body:JSON.stringify(e)})];case 1:return[2,i.sent().json()]}}))}))},e.prototype.authenticationOptions=function(e){var t=e.token,n=e.challengeId;return c(this,void 0,void 0,(function(){var e;return u(this,(function(o){switch(o.label){case 0:return e={challengeId:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:this.buildHeaders(t),body:JSON.stringify(e)})];case 1:return[2,o.sent().json()]}}))}))},e.prototype.addAuthenticator=function(e){var t=e.token,n=e.challengeId,o=e.registrationCredential;return c(this,void 0,void 0,(function(){var e;return u(this,(function(i){switch(i.label){case 0:return e={challengeId:n,registrationCredential:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:this.buildHeaders(t),body:JSON.stringify(e)})];case 1:return[2,i.sent().json()]}}))}))},e.prototype.verify=function(e){var t=e.token,n=e.challengeId,o=e.authenticationCredential,i=e.deviceId;return c(this,void 0,void 0,(function(){var e;return u(this,(function(r){switch(r.label){case 0:return e={challengeId:n,authenticationCredential:o,deviceId:i},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:this.buildHeaders(t),body:JSON.stringify(e)})];case 1:return[2,r.sent().json()]}}))}))},e.prototype.getPasskeyAuthenticator=function(e){return c(this,void 0,void 0,(function(){var t;return u(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialId=").concat(e),{method:"GET",headers:this.buildHeaders()})];case 1:if(!(t=n.sent()).ok)throw new Error(t.statusText);return[2,t.json()]}}))}))},e.prototype.challenge=function(e){return c(this,void 0,void 0,(function(){return u(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:this.buildHeaders(),body:JSON.stringify({action:e})})];case 1:return[2,t.sent().json()]}}))}))},e.prototype.buildHeaders=function(e){return{"Content-Type":"application/json",Authorization:e?"Bearer ".concat(e):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},e}(),R=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.anonymousId;this.passkeyLocalStorageKey="as_passkey_credential_id",this.api=new A({baseUrl:t,tenantId:n}),this.anonymousId=o}return e.prototype.signUp=function(e){var t=e.userName,n=e.token,o=e.authenticatorAttachment,i=void 0===o?"platform":o;return c(this,void 0,void 0,(function(){var e,o,r;return u(this,(function(a){switch(a.label){case 0:return[4,this.api.registrationOptions({username:t,token:n,authenticatorAttachment:i})];case 1:return[4,v((e=a.sent()).options)];case 2:return o=a.sent(),[4,this.api.addAuthenticator({challengeId:e.challengeId,registrationCredential:o,token:n})];case 3:return(null==(r=a.sent())?void 0:r.isVerified)&&this.storeCredentialAgainstDevice(o),[2,null==r?void 0:r.accessToken]}}))}))},e.prototype.signIn=function(e){var t;return c(this,void 0,void 0,(function(){var n,o,i,r,a;return u(this,(function(s){switch(s.label){case 0:if((null==e?void 0:e.token)&&e.autofill)throw new Error("autofill is not supported when providing a token");if((null==e?void 0:e.action)&&e.token)throw new Error("action is not supported when providing a token");if((null==e?void 0:e.action)&&(null==e?void 0:e.challengeId))throw new Error("action is not supported when providing a challengeId");if((null==e?void 0:e.challengeId)&&e.token)throw new Error("challengeId is not supported when providing a token");return(null==e?void 0:e.action)?[4,this.api.challenge(e.action)]:[3,2];case 1:return o=s.sent(),[3,3];case 2:o=null,s.label=3;case 3:return n=o,[4,this.api.authenticationOptions({token:null==e?void 0:e.token,challengeId:null!==(t=null==n?void 0:n.challengeId)&&void 0!==t?t:null==e?void 0:e.challengeId})];case 4:return[4,E((i=s.sent()).options,null==e?void 0:e.autofill)];case 5:return r=s.sent(),[4,this.api.verify({challengeId:i.challengeId,authenticationCredential:r,token:null==e?void 0:e.token,deviceId:this.anonymousId})];case 6:return(null==(a=s.sent())?void 0:a.isVerified)&&this.storeCredentialAgainstDevice(r),[2,null==a?void 0:a.accessToken]}}))}))},e.prototype.isAvailableOnDevice=function(){return c(this,void 0,void 0,(function(){var e;return u(this,(function(t){switch(t.label){case 0:if(!(e=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];t.label=1;case 1:return t.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator(e)];case 2:return t.sent(),[2,!0];case 3:return t.sent(),[2,!1];case 4:return[2]}}))}))},e.prototype.storeCredentialAgainstDevice=function(e){var t=e.id;"cross-platform"!==e.authenticatorAttachment&&localStorage.setItem(this.passkeyLocalStorageKey,t)},e}(),I=function(){function e(){this.windowRef=null}return e.prototype.show=function(e){var t=e.url,n=e.width,o=void 0===n?400:n,i=e.height,r=function(e){var t=e.url,n=e.width,o=e.height,i=e.win;if(!i.top)return null;var r=i.top.outerHeight/2+i.top.screenY-o/2,a=i.top.outerWidth/2+i.top.screenX-n/2;return window.open(t,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(r,", left=").concat(a))}({url:t,width:o,height:void 0===i?500:i,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},e.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},e}();const _=":not([inert]):not([inert] *)",C=':not([tabindex^="-"])',S=":not(:disabled)";var O=[`a[href]${_}${C}`,`area[href]${_}${C}`,`input:not([type="hidden"]):not([type="radio"])${_}${C}${S}`,`input[type="radio"]${_}${C}${S}`,`select${_}${C}${S}`,`textarea${_}${C}${S}`,`button${_}${C}${S}`,`details${_} > summary:first-of-type${C}`,`iframe${_}${C}`,`audio[controls]${_}${C}`,`video[controls]${_}${C}`,`[contenteditable]${_}${C}`,`[tabindex]${_}${C}`];function k(e){(e.querySelector("[autofocus]")||e).focus()}function $(e,t){if(t&&U(e))return e;if(!((n=e).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(e.shadowRoot){let n=P(e.shadowRoot,t);for(;n;){const e=$(n,t);if(e)return e;n=T(n,t)}}else if("slot"===e.localName){const n=e.assignedElements({flatten:!0});t||n.reverse();for(const e of n){const n=$(e,t);if(n)return n}}else{let n=P(e,t);for(;n;){const e=$(n,t);if(e)return e;n=T(n,t)}}var n;return!t&&U(e)?e:null}function P(e,t){return t?e.firstElementChild:e.lastElementChild}function T(e,t){return t?e.nextElementSibling:e.previousElementSibling}const U=e=>!e.shadowRoot?.delegatesFocus&&(e.matches(O.join(","))&&!(e=>!(!e.matches("details:not([open]) *")||e.matches("details>summary:first-of-type"))||!(e.offsetWidth||e.offsetHeight||e.getClientRects().length))(e));function N(e=document){const t=e.activeElement;return t?t.shadowRoot?N(t.shadowRoot)||document.activeElement:t:null}function D(e,t){const[n,o]=function(e){const t=$(e,!0);return[t,t?$(e,!1)||t:null]}(e);if(!n)return t.preventDefault();const i=N();t.shiftKey&&i===n?(o.focus(),t.preventDefault()):t.shiftKey||i!==o||(n.focus(),t.preventDefault())}class x{$el;id;previouslyFocused;shown;constructor(e){this.$el=e,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(e){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=N(),"BODY"===this.previouslyFocused?.tagName&&e?.target&&(this.previouslyFocused=e.target),"focus"===e?.type?this.maintainFocus(e):k(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",e)),this}hide(e){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",e),this):this}on(e,t,n){return this.$el.addEventListener(e,t,n),this}off(e,t,n){return this.$el.removeEventListener(e,t,n),this}fire(e,t){this.$el.dispatchEvent(new CustomEvent(e,{detail:t,cancelable:!0}))}handleTriggerClicks(e){const t=e.target;t.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(e),(t.closest(`[data-a11y-dialog-hide="${this.id}"]`)||t.closest("[data-a11y-dialog-hide]")&&t.closest('[aria-modal="true"]')===this.$el)&&this.hide(e)}bindKeypress(e){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let t=!1;try{t=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==e.key||"alertdialog"===this.$el.getAttribute("role")||t||(e.preventDefault(),this.hide(e)),"Tab"===e.key&&D(this.$el,e)}maintainFocus(e){e.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||k(this.$el)}}function L(){for(const e of document.querySelectorAll("[data-a11y-dialog]"))new x(e)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",L):L());var K="__authsignal-popup-container",H="__authsignal-popup-content",W="__authsignal-popup-overlay",M="__authsignal-popup-style",q="__authsignal-popup-iframe",F="385px",G=function(){function e(e){var t=e.width,n=e.isClosable;if(this.popup=null,document.querySelector("#".concat(K)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:t,isClosable:n})}return e.prototype.create=function(e){var t=this,n=e.width,o=void 0===n?F:n,i=e.isClosable,r=void 0===i||i,a=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),a=F);var s=document.createElement("div");s.setAttribute("id",K),s.setAttribute("aria-hidden","true"),r||s.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",W),r&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",H),document.body.appendChild(s);var l=document.createElement("style");l.setAttribute("id",M),l.textContent="\n #".concat(K,",\n #").concat(W," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(K," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(K,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(W," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(H," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(a,";\n }\n\n #").concat(H," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",l),s.appendChild(c),s.appendChild(u),this.popup=new x(s),this.popup.on("hide",(function(){t.destroy()}))},e.prototype.destroy=function(){var e=document.querySelector("#".concat(K)),t=document.querySelector("#".concat(M));e&&t&&(document.body.removeChild(e),document.head.removeChild(t)),window.removeEventListener("message",j)},e.prototype.show=function(e){var t,n=e.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",q),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(H));i&&i.appendChild(o),window.addEventListener("message",j),null===(t=this.popup)||void 0===t||t.show()},e.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},e.prototype.on=function(e,t){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(e,t)},e}();function j(e){var t=document.querySelector("#".concat(q));t&&e.data.height&&(t.style.height=e.data.height+"px")}var V="4a08uqve",z=function(){function t(e){var t=e.cookieDomain,n=e.cookieName,o=void 0===n?"__as_aid":n,i=e.baseUrl,r=void 0===i?"https://api.authsignal.com/v1":i,c=e.tenantId;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this._token=void 0,this.cookieDomain=t||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!c)throw new Error("tenantId is required");var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=a(),s({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new R({tenantId:c,baseUrl:r,anonymousId:this.anonymousId})}return t.prototype.launch=function(e,t){switch(null==t?void 0:t.mode){case"window":return this.launchWithWindow(e,t);case"popup":return this.launchWithPopup(e,t);default:this.launchWithRedirect(e)}},t.prototype.initAdvancedProfiling=function(e){var t=a();this.profilingId=t,s({name:"__as_pid",value:t,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=e?"".concat(e,"/fp/tags.js?org_id=").concat(V,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(V,"&session_id=").concat(t),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var i=document.createElement("noscript");i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=e?"".concat(e,"/fp/tags?org_id=").concat(V,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags?org_id=".concat(V,"&session_id=").concat(t);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),i&&(i.appendChild(r),document.body.prepend(i))},t.prototype.launchWithRedirect=function(e){window.location.href=e},t.prototype.launchWithPopup=function(t,n){var o=this,i=n.popupOptions,r=new G({width:null==i?void 0:i.width,isClosable:null==i?void 0:i.isClosable}),a="".concat(t,"&mode=popup");return r.show({url:a}),new Promise((function(t){r.on("hide",(function(){t({token:o._token})})),window.addEventListener("message",(function(t){var n=null;try{n=JSON.parse(t.data)}catch(e){}(null==n?void 0:n.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(o._token=n.token,r.close())}),!1)}))},t.prototype.launchWithWindow=function(t,n){var o=this,i=n.windowOptions,r=new I,a="".concat(t,"&mode=popup");return r.show({url:a,width:null==i?void 0:i.width,height:null==i?void 0:i.height}),new Promise((function(t){window.addEventListener("message",(function(n){var i=null;try{i=JSON.parse(n.data)}catch(e){}(null==i?void 0:i.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(o._token=i.token,r.close(),t({token:o._token}))}),!1)}))},t}();return e.Authsignal=z,Object.defineProperty(e,"__esModule",{value:!0}),e}({});
1
+ var authsignal=function(e){"use strict";let t;const n=new Uint8Array(16);function i(){if(!t&&(t="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!t))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return t(n)}const o=[];for(let e=0;e<256;++e)o.push((e+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function a(e,t,n){if(r.randomUUID&&!t&&!e)return r.randomUUID();const a=(e=e||{}).random||(e.rng||i)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,t){n=n||0;for(let e=0;e<16;++e)t[n+e]=a[e];return t}return function(e,t=0){return(o[e[t+0]]+o[e[t+1]]+o[e[t+2]]+o[e[t+3]]+"-"+o[e[t+4]]+o[e[t+5]]+"-"+o[e[t+6]]+o[e[t+7]]+"-"+o[e[t+8]]+o[e[t+9]]+"-"+o[e[t+10]]+o[e[t+11]]+o[e[t+12]]+o[e[t+13]]+o[e[t+14]]+o[e[t+15]]).toLowerCase()}(a)}var s=function(e){var t=e.name,n=e.value,i=e.expire,o=e.domain,r=e.secure,a=i===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+i;document.cookie=encodeURIComponent(t)+"="+n+"; path=/;"+a+(o?"; domain="+o:"")+(r?"; secure":"")};function c(e,t,n,i){return new(n||(n=Promise))((function(o,r){function a(e){try{c(i.next(e))}catch(e){r(e)}}function s(e){try{c(i.throw(e))}catch(e){r(e)}}function c(e){var t;e.done?o(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(a,s)}c((i=i.apply(e,t||[])).next())}))}function u(e,t){var n,i,o,r,a={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return r={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function s(r){return function(s){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;a;)try{if(n=1,i&&(o=2&r[0]?i.return:r[0]?i.throw||((o=i.return)&&o.call(i),0):i.next)&&!(o=o.call(i,r[1])).done)return o;switch(i=0,o&&(r=[2&r[0],o.value]),r[0]){case 0:case 1:o=r;break;case 4:return a.label++,{value:r[1],done:!1};case 5:a.label++,i=r[1],r=[0];continue;case 7:r=a.ops.pop(),a.trys.pop();continue;default:if(!(o=a.trys,(o=o.length>0&&o[o.length-1])||6!==r[0]&&2!==r[0])){a=0;continue}if(3===r[0]&&(!o||r[1]>o[0]&&r[1]<o[3])){a.label=r[1];break}if(6===r[0]&&a.label<o[1]){a.label=o[1],o=r;break}if(o&&a.label<o[2]){a.label=o[2],a.ops.push(r);break}o[2]&&a.ops.pop(),a.trys.pop();continue}r=t.call(e,a)}catch(e){r=[6,e],i=0}finally{n=o=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,s])}}}function l(e){const t=new Uint8Array(e);let n="";for(const e of t)n+=String.fromCharCode(e);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function d(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),n=(4-t.length%4)%4,i=t.padEnd(t.length+n,"="),o=atob(i),r=new ArrayBuffer(o.length),a=new Uint8Array(r);for(let e=0;e<o.length;e++)a[e]=o.charCodeAt(e);return r}function h(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function p(e){const{id:t}=e;return{...e,id:d(t),transports:e.transports}}function f(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}e.AuthsignalWindowMessage=void 0,(e.AuthsignalWindowMessage||(e.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class w extends Error{constructor({message:e,code:t,cause:n,name:i}){super(e,{cause:n}),this.name=i??n.name,this.code=t}}const m=new class{createNewAbortSignal(){if(this.controller){const e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}const e=new AbortController;return this.controller=e,e.signal}cancelCeremony(){if(this.controller){const e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}}},g=["cross-platform","platform"];function y(e){if(e&&!(g.indexOf(e)<0))return e}async function v(e){if(!h())throw new Error("WebAuthn is not supported in this browser");var t;const n={publicKey:{...e,challenge:d(e.challenge),user:{...e.user,id:(t=e.user.id,(new TextEncoder).encode(t))},excludeCredentials:e.excludeCredentials?.map(p)}};let i;n.signal=m.createNewAbortSignal();try{i=await navigator.credentials.create(n)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new w({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if("ConstraintError"===e.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new w({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if("required"===n.authenticatorSelection?.userVerification)return new w({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if("InvalidStateError"===e.name)return new w({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if("NotAllowedError"===e.name)return new w({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("NotSupportedError"===e.name)return 0===n.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new w({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new w({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!f(t))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rp.id!==t)return new w({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("TypeError"===e.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new w({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if("UnknownError"===e.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:n})}if(!i)throw new Error("Registration was not completed");const{id:o,rawId:r,response:a,type:s}=i;let c,u,g,v;if("function"==typeof a.getTransports&&(c=a.getTransports()),"function"==typeof a.getPublicKeyAlgorithm)try{u=a.getPublicKeyAlgorithm()}catch(e){b("getPublicKeyAlgorithm()",e)}if("function"==typeof a.getPublicKey)try{const e=a.getPublicKey();null!==e&&(g=l(e))}catch(e){b("getPublicKey()",e)}if("function"==typeof a.getAuthenticatorData)try{v=l(a.getAuthenticatorData())}catch(e){b("getAuthenticatorData()",e)}return{id:o,rawId:l(r),response:{attestationObject:l(a.attestationObject),clientDataJSON:l(a.clientDataJSON),transports:c,publicKeyAlgorithm:u,publicKey:g,authenticatorData:v},type:s,clientExtensionResults:i.getClientExtensionResults(),authenticatorAttachment:y(i.authenticatorAttachment)}}function b(e,t){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.\n`,t)}async function E(e,t=!1){if(!h())throw new Error("WebAuthn is not supported in this browser");let n;0!==e.allowCredentials?.length&&(n=e.allowCredentials?.map(p));const i={...e,challenge:d(e.challenge),allowCredentials:n},o={};if(t){if(!await function(){const e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((e=>e(!1))):e.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');o.mediation="conditional",i.allowCredentials=[]}let r;o.publicKey=i,o.signal=m.createNewAbortSignal();try{r=await navigator.credentials.get(o)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new w({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else{if("NotAllowedError"===e.name)return new w({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!f(t))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rpId!==t)return new w({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("UnknownError"===e.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:o})}if(!r)throw new Error("Authentication was not completed");const{id:a,rawId:s,response:c,type:u}=r;let g;var v;return c.userHandle&&(v=c.userHandle,g=new TextDecoder("utf-8").decode(v)),{id:a,rawId:l(s),response:{authenticatorData:l(c.authenticatorData),clientDataJSON:l(c.clientDataJSON),signature:l(c.signature),userHandle:g},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:y(r.authenticatorAttachment)}}var A=function(){function e(e){var t=e.baseUrl,n=e.tenantId;this.tenantId=n,this.baseUrl=t}return e.prototype.registrationOptions=function(e){var t=e.token,n=e.username,i=e.authenticatorAttachment;return c(this,void 0,void 0,(function(){var e;return u(this,(function(o){switch(o.label){case 0:return e=Boolean(i)?{username:n,authenticatorAttachment:i}:{username:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:this.buildHeaders(t),body:JSON.stringify(e)})];case 1:return[2,o.sent().json()]}}))}))},e.prototype.authenticationOptions=function(e){var t=e.token,n=e.challengeId;return c(this,void 0,void 0,(function(){var e,i;return u(this,(function(o){switch(o.label){case 0:return e={challengeId:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:this.buildHeaders(t),body:JSON.stringify(e)})];case 1:if(!(i=o.sent()).ok)throw new Error(i.statusText);return[2,i.json()]}}))}))},e.prototype.addAuthenticator=function(e){var t=e.token,n=e.challengeId,i=e.registrationCredential;return c(this,void 0,void 0,(function(){var e;return u(this,(function(o){switch(o.label){case 0:return e={challengeId:n,registrationCredential:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:this.buildHeaders(t),body:JSON.stringify(e)})];case 1:return[2,o.sent().json()]}}))}))},e.prototype.verify=function(e){var t=e.token,n=e.challengeId,i=e.authenticationCredential,o=e.deviceId;return c(this,void 0,void 0,(function(){var e;return u(this,(function(r){switch(r.label){case 0:return e={challengeId:n,authenticationCredential:i,deviceId:o},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:this.buildHeaders(t),body:JSON.stringify(e)})];case 1:return[2,r.sent().json()]}}))}))},e.prototype.getPasskeyAuthenticator=function(e){return c(this,void 0,void 0,(function(){var t;return u(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialId=").concat(e),{method:"GET",headers:this.buildHeaders()})];case 1:if(!(t=n.sent()).ok)throw new Error(t.statusText);return[2,t.json()]}}))}))},e.prototype.challenge=function(e){return c(this,void 0,void 0,(function(){return u(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:this.buildHeaders(),body:JSON.stringify({action:e})})];case 1:return[2,t.sent().json()]}}))}))},e.prototype.buildHeaders=function(e){return{"Content-Type":"application/json",Authorization:e?"Bearer ".concat(e):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},e}(),R=function(){function e(e){var t=e.baseUrl,n=e.tenantId,i=e.anonymousId;this.passkeyLocalStorageKey="as_passkey_credential_id",this.api=new A({baseUrl:t,tenantId:n}),this.anonymousId=i}return e.prototype.signUp=function(e){var t=e.userName,n=e.token,i=e.authenticatorAttachment,o=void 0===i?"platform":i;return c(this,void 0,void 0,(function(){var e,i,r;return u(this,(function(a){switch(a.label){case 0:return[4,this.api.registrationOptions({username:t,token:n,authenticatorAttachment:o})];case 1:return[4,v((e=a.sent()).options)];case 2:return i=a.sent(),[4,this.api.addAuthenticator({challengeId:e.challengeId,registrationCredential:i,token:n})];case 3:return(null==(r=a.sent())?void 0:r.isVerified)&&this.storeCredentialAgainstDevice(i),[2,null==r?void 0:r.accessToken]}}))}))},e.prototype.signIn=function(e){var t;return c(this,void 0,void 0,(function(){var n,i,o,r,a;return u(this,(function(s){switch(s.label){case 0:if((null==e?void 0:e.token)&&e.autofill)throw new Error("autofill is not supported when providing a token");if((null==e?void 0:e.action)&&e.token)throw new Error("action is not supported when providing a token");if((null==e?void 0:e.action)&&(null==e?void 0:e.challengeId))throw new Error("action is not supported when providing a challengeId");if((null==e?void 0:e.challengeId)&&e.token)throw new Error("challengeId is not supported when providing a token");return(null==e?void 0:e.action)?[4,this.api.challenge(e.action)]:[3,2];case 1:return i=s.sent(),[3,3];case 2:i=null,s.label=3;case 3:return n=i,[4,this.api.authenticationOptions({token:null==e?void 0:e.token,challengeId:null!==(t=null==n?void 0:n.challengeId)&&void 0!==t?t:null==e?void 0:e.challengeId})];case 4:return[4,E((o=s.sent()).options,null==e?void 0:e.autofill)];case 5:return r=s.sent(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:r,token:null==e?void 0:e.token,deviceId:this.anonymousId})];case 6:return(null==(a=s.sent())?void 0:a.isVerified)&&this.storeCredentialAgainstDevice(r),[2,null==a?void 0:a.accessToken]}}))}))},e.prototype.isAvailableOnDevice=function(){return c(this,void 0,void 0,(function(){var e;return u(this,(function(t){switch(t.label){case 0:if(!(e=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];t.label=1;case 1:return t.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator(e)];case 2:return t.sent(),[2,!0];case 3:return t.sent(),[2,!1];case 4:return[2]}}))}))},e.prototype.storeCredentialAgainstDevice=function(e){var t=e.id;"cross-platform"!==e.authenticatorAttachment&&localStorage.setItem(this.passkeyLocalStorageKey,t)},e}(),I=function(){function e(){this.windowRef=null}return e.prototype.show=function(e){var t=e.url,n=e.width,i=void 0===n?400:n,o=e.height,r=function(e){var t=e.url,n=e.width,i=e.height,o=e.win;if(!o.top)return null;var r=o.top.outerHeight/2+o.top.screenY-i/2,a=o.top.outerWidth/2+o.top.screenX-n/2;return window.open(t,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(i,", top=").concat(r,", left=").concat(a))}({url:t,width:i,height:void 0===o?500:o,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},e.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},e}();const _=":not([inert]):not([inert] *)",C=':not([tabindex^="-"])',S=":not(:disabled)";var O=[`a[href]${_}${C}`,`area[href]${_}${C}`,`input:not([type="hidden"]):not([type="radio"])${_}${C}${S}`,`input[type="radio"]${_}${C}${S}`,`select${_}${C}${S}`,`textarea${_}${C}${S}`,`button${_}${C}${S}`,`details${_} > summary:first-of-type${C}`,`iframe${_}${C}`,`audio[controls]${_}${C}`,`video[controls]${_}${C}`,`[contenteditable]${_}${C}`,`[tabindex]${_}${C}`];function k(e){(e.querySelector("[autofocus]")||e).focus()}function U(e,t){if(t&&T(e))return e;if(!((n=e).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(e.shadowRoot){let n=$(e.shadowRoot,t);for(;n;){const e=U(n,t);if(e)return e;n=P(n,t)}}else if("slot"===e.localName){const n=e.assignedElements({flatten:!0});t||n.reverse();for(const e of n){const n=U(e,t);if(n)return n}}else{let n=$(e,t);for(;n;){const e=U(n,t);if(e)return e;n=P(n,t)}}var n;return!t&&T(e)?e:null}function $(e,t){return t?e.firstElementChild:e.lastElementChild}function P(e,t){return t?e.nextElementSibling:e.previousElementSibling}const T=e=>!e.shadowRoot?.delegatesFocus&&(e.matches(O.join(","))&&!(e=>!(!e.matches("details:not([open]) *")||e.matches("details>summary:first-of-type"))||!(e.offsetWidth||e.offsetHeight||e.getClientRects().length))(e));function N(e=document){const t=e.activeElement;return t?t.shadowRoot?N(t.shadowRoot)||document.activeElement:t:null}function D(e,t){const[n,i]=function(e){const t=U(e,!0);return[t,t?U(e,!1)||t:null]}(e);if(!n)return t.preventDefault();const o=N();t.shiftKey&&o===n?(i.focus(),t.preventDefault()):t.shiftKey||o!==i||(n.focus(),t.preventDefault())}class x{$el;id;previouslyFocused;shown;constructor(e){this.$el=e,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(e){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=N(),"BODY"===this.previouslyFocused?.tagName&&e?.target&&(this.previouslyFocused=e.target),"focus"===e?.type?this.maintainFocus(e):k(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",e)),this}hide(e){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",e),this):this}on(e,t,n){return this.$el.addEventListener(e,t,n),this}off(e,t,n){return this.$el.removeEventListener(e,t,n),this}fire(e,t){this.$el.dispatchEvent(new CustomEvent(e,{detail:t,cancelable:!0}))}handleTriggerClicks(e){const t=e.target;t.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(e),(t.closest(`[data-a11y-dialog-hide="${this.id}"]`)||t.closest("[data-a11y-dialog-hide]")&&t.closest('[aria-modal="true"]')===this.$el)&&this.hide(e)}bindKeypress(e){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let t=!1;try{t=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==e.key||"alertdialog"===this.$el.getAttribute("role")||t||(e.preventDefault(),this.hide(e)),"Tab"===e.key&&D(this.$el,e)}maintainFocus(e){e.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||k(this.$el)}}function L(){for(const e of document.querySelectorAll("[data-a11y-dialog]"))new x(e)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",L):L());var K="__authsignal-popup-container",H="__authsignal-popup-content",W="__authsignal-popup-overlay",M="__authsignal-popup-style",j="__authsignal-popup-iframe",q="385px",F=function(){function e(e){var t=e.width,n=e.isClosable;if(this.popup=null,document.querySelector("#".concat(K)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:t,isClosable:n})}return e.prototype.create=function(e){var t=this,n=e.width,i=void 0===n?q:n,o=e.isClosable,r=void 0===o||o,a=i;CSS.supports("width",i)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),a=q);var s=document.createElement("div");s.setAttribute("id",K),s.setAttribute("aria-hidden","true"),r||s.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",W),r&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",H),document.body.appendChild(s);var l=document.createElement("style");l.setAttribute("id",M),l.textContent="\n #".concat(K,",\n #").concat(W," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(K," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(K,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(W," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(H," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(a,";\n }\n\n #").concat(H," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",l),s.appendChild(c),s.appendChild(u),this.popup=new x(s),this.popup.on("hide",(function(){t.destroy()}))},e.prototype.destroy=function(){var e=document.querySelector("#".concat(K)),t=document.querySelector("#".concat(M));e&&t&&(document.body.removeChild(e),document.head.removeChild(t)),window.removeEventListener("message",G)},e.prototype.show=function(e){var t,n=e.url;if(!this.popup)throw new Error("Popup is not initialized");var i=document.createElement("iframe");i.setAttribute("id",j),i.setAttribute("name","authsignal"),i.setAttribute("title","Authsignal multi-factor authentication"),i.setAttribute("src",n),i.setAttribute("frameborder","0"),i.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var o=document.querySelector("#".concat(H));o&&o.appendChild(i),window.addEventListener("message",G),null===(t=this.popup)||void 0===t||t.show()},e.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},e.prototype.on=function(e,t){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(e,t)},e}();function G(e){var t=document.querySelector("#".concat(j));t&&e.data.height&&(t.style.height=e.data.height+"px")}var V=function(){function e(e){var t=e.baseUrl,n=e.tenantId;this.tenantId=n,this.baseUrl=t}return e.prototype.challenge=function(e){return c(this,void 0,void 0,(function(){return u(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:this.buildHeaders(),body:JSON.stringify({action:e})})];case 1:return[2,t.sent().json()]}}))}))},e.prototype.verify=function(e){var t=e.challengeId;return c(this,void 0,void 0,(function(){var e;return u(this,(function(n){switch(n.label){case 0:return e={challengeId:t},[4,fetch("".concat(this.baseUrl,"/client/verify"),{method:"POST",headers:this.buildHeaders(),body:JSON.stringify(e)})];case 1:return[2,n.sent().json()]}}))}))},e.prototype.buildHeaders=function(e){return{"Content-Type":"application/json",Authorization:e?"Bearer ".concat(e):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},e}(),z=function(){function e(e){var t=e.baseUrl,n=e.tenantId;this.api=new V({baseUrl:t,tenantId:n})}return e.prototype.challenge=function(e){return c(this,void 0,void 0,(function(){return u(this,(function(t){switch(t.label){case 0:return[4,this.api.challenge(e.action)];case 1:return[2,t.sent().challengeId]}}))}))},e.prototype.verify=function(e){return c(this,void 0,void 0,(function(){return u(this,(function(t){switch(t.label){case 0:return[4,this.api.verify({challengeId:e.challengeId})];case 1:return[2,t.sent()]}}))}))},e}(),B="4a08uqve",J=function(){function t(e){var t=e.cookieDomain,n=e.cookieName,i=void 0===n?"__as_aid":n,o=e.baseUrl,r=void 0===o?"https://api.authsignal.com/v1":o,c=e.tenantId;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this._token=void 0,this.cookieDomain=t||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=i,!c)throw new Error("tenantId is required");var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=a(),s({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new R({tenantId:c,baseUrl:r,anonymousId:this.anonymousId}),this.kiosk=new z({baseUrl:r,tenantId:c})}return t.prototype.launch=function(e,t){switch(null==t?void 0:t.mode){case"window":return this.launchWithWindow(e,t);case"popup":return this.launchWithPopup(e,t);default:this.launchWithRedirect(e)}},t.prototype.initAdvancedProfiling=function(e){var t=a();this.profilingId=t,s({name:"__as_pid",value:t,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=e?"".concat(e,"/fp/tags.js?org_id=").concat(B,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(B,"&session_id=").concat(t),i=document.createElement("script");i.src=n,i.async=!1,i.id="as_adv_profile",document.head.appendChild(i);var o=document.createElement("noscript");o.setAttribute("id","as_adv_profile_pixel"),o.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=e?"".concat(e,"/fp/tags?org_id=").concat(B,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags?org_id=".concat(B,"&session_id=").concat(t);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),o&&(o.appendChild(r),document.body.prepend(o))},t.prototype.launchWithRedirect=function(e){window.location.href=e},t.prototype.launchWithPopup=function(t,n){var i=this,o=n.popupOptions,r=new F({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),a="".concat(t,"&mode=popup");return r.show({url:a}),new Promise((function(t){r.on("hide",(function(){t({token:i._token})})),window.addEventListener("message",(function(t){var n=null;try{n=JSON.parse(t.data)}catch(e){}(null==n?void 0:n.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(i._token=n.token,r.close())}),!1)}))},t.prototype.launchWithWindow=function(t,n){var i=this,o=n.windowOptions,r=new I,a="".concat(t,"&mode=popup");return r.show({url:a,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(t){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(i._token=o.token,r.close(),t({token:i._token}))}),!1)}))},t}();return e.Authsignal=J,Object.defineProperty(e,"__esModule",{value:!0}),e}({});
package/dist/kiosk.d.ts ADDED
@@ -0,0 +1,16 @@
1
+ import { AnonymousVerifyResponse, AuthsignalApiClient } from "./api/authsignal-api-client";
2
+ declare type KioskOptions = {
3
+ baseUrl: string;
4
+ tenantId: string;
5
+ };
6
+ export declare class Kiosk {
7
+ api: AuthsignalApiClient;
8
+ constructor({ baseUrl, tenantId }: KioskOptions);
9
+ challenge(params: {
10
+ action: string;
11
+ }): Promise<string>;
12
+ verify(params: {
13
+ challengeId: string;
14
+ }): Promise<AnonymousVerifyResponse>;
15
+ }
16
+ export {};
package/dist/passkey.d.ts CHANGED
@@ -31,6 +31,9 @@ export declare class Passkey {
31
31
  autofill: boolean;
32
32
  challengeId?: string;
33
33
  }): Promise<string | undefined>;
34
+ signIn(params?: {
35
+ challengeId: string;
36
+ }): Promise<string | undefined>;
34
37
  isAvailableOnDevice(): Promise<boolean>;
35
38
  private storeCredentialAgainstDevice;
36
39
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@authsignal/browser",
3
- "version": "0.4.3",
3
+ "version": "0.4.4-alpha",
4
4
  "type": "module",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.js",