@authsignal/browser 0.5.10 → 0.5.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/api/helpers.d.ts +1 -1
  2. package/dist/api/types/passkey.d.ts +9 -9
  3. package/dist/api/types/shared.d.ts +6 -6
  4. package/dist/api/types/totp.d.ts +1 -1
  5. package/dist/email.d.ts +3 -3
  6. package/dist/handlers/popup-handler.d.ts +2 -2
  7. package/dist/handlers/window-handler.d.ts +1 -1
  8. package/dist/helpers.d.ts +1 -1
  9. package/dist/index.js +133 -136
  10. package/dist/index.min.js +1 -1
  11. package/dist/passkey.d.ts +8 -6
  12. package/dist/sms.d.ts +3 -3
  13. package/dist/totp.d.ts +2 -2
  14. package/dist/types.d.ts +8 -8
  15. package/package.json +4 -5
package/dist/api/helpers.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- declare type BuildHeadersParams = {
1
+ type BuildHeadersParams = {
2
2
  token?: string;
3
3
  tenantId: string;
4
4
  };
package/dist/api/types/passkey.d.ts CHANGED
@@ -1,34 +1,34 @@
1
1
  import { AuthenticationResponseJSON, AuthenticatorAttachment, PublicKeyCredentialCreationOptionsJSON, RegistrationResponseJSON } from "@simplewebauthn/types";
2
- export declare type RegistrationOptsRequest = {
2
+ export type RegistrationOptsRequest = {
3
3
  username?: string;
4
4
  authenticatorAttachment?: AuthenticatorAttachment | null;
5
5
  };
6
- export declare type RegistrationOptsResponse = {
6
+ export type RegistrationOptsResponse = {
7
7
  challengeId: string;
8
8
  options: PublicKeyCredentialCreationOptionsJSON;
9
9
  };
10
- export declare type AuthenticationOptsRequest = {
10
+ export type AuthenticationOptsRequest = {
11
11
  challengeId?: string;
12
12
  };
13
- export declare type AuthenticationOptsResponse = {
13
+ export type AuthenticationOptsResponse = {
14
14
  challengeId: string;
15
15
  options: PublicKeyCredentialCreationOptionsJSON;
16
16
  };
17
- export declare type AddAuthenticatorRequest = {
17
+ export type AddAuthenticatorRequest = {
18
18
  challengeId: string;
19
19
  registrationCredential: RegistrationResponseJSON;
20
20
  };
21
- export declare type AddAuthenticatorResponse = {
21
+ export type AddAuthenticatorResponse = {
22
22
  isVerified: boolean;
23
23
  accessToken?: string;
24
24
  userAuthenticatorId?: string;
25
25
  };
26
- export declare type VerifyRequest = {
26
+ export type VerifyRequest = {
27
27
  challengeId: string;
28
28
  authenticationCredential: AuthenticationResponseJSON;
29
29
  deviceId?: string;
30
30
  };
31
- export declare type VerifyResponse = {
31
+ export type VerifyResponse = {
32
32
  isVerified: boolean;
33
33
  accessToken?: string;
34
34
  userId?: string;
@@ -36,7 +36,7 @@ export declare type VerifyResponse = {
36
36
  username?: string;
37
37
  userDisplayName?: string;
38
38
  };
39
- export declare type PasskeyAuthenticatorResponse = {
39
+ export type PasskeyAuthenticatorResponse = {
40
40
  credentialId: string;
41
41
  verifiedAt: string;
42
42
  };
package/dist/api/types/shared.d.ts CHANGED
@@ -1,20 +1,20 @@
1
- export declare type ApiClientOptions = {
1
+ export type ApiClientOptions = {
2
2
  baseUrl: string;
3
3
  tenantId: string;
4
4
  };
5
- export declare type EnrollResponse = {
5
+ export type EnrollResponse = {
6
6
  userAuthenticatorId: string;
7
7
  };
8
- export declare type ChallengeResponse = {
8
+ export type ChallengeResponse = {
9
9
  challengeId: string;
10
10
  };
11
- export declare type VerifyResponse = {
11
+ export type VerifyResponse = {
12
12
  isVerified: boolean;
13
13
  accessToken?: string;
14
14
  failureReason?: string;
15
15
  };
16
- export declare type ErrorResponse = {
16
+ export type ErrorResponse = {
17
17
  error: string;
18
18
  errorDescription?: string;
19
19
  };
20
- export declare type AuthsignalResponse<T> = T | ErrorResponse;
20
+ export type AuthsignalResponse<T> = T | ErrorResponse;
package/dist/api/types/totp.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export declare type EnrollResponse = {
1
+ export type EnrollResponse = {
2
2
  userAuthenticatorID: string;
3
3
  uri: string;
4
4
  secret: string;
package/dist/email.d.ts CHANGED
@@ -1,12 +1,12 @@
1
1
  import { AuthsignalResponse, ChallengeResponse, EnrollResponse, VerifyResponse } from "./api/types/shared";
2
- declare type EmailOptions = {
2
+ type EmailOptions = {
3
3
  baseUrl: string;
4
4
  tenantId: string;
5
5
  };
6
- declare type EnrollParams = {
6
+ type EnrollParams = {
7
7
  email: string;
8
8
  };
9
- declare type VerifyParams = {
9
+ type VerifyParams = {
10
10
  code: string;
11
11
  };
12
12
  export declare class Email {
package/dist/handlers/popup-handler.d.ts CHANGED
@@ -1,8 +1,8 @@
1
1
  import { A11yDialogEvent } from "a11y-dialog";
2
- declare type PopupShowInput = {
2
+ type PopupShowInput = {
3
3
  url: string;
4
4
  };
5
- declare type PopupHandlerOptions = {
5
+ type PopupHandlerOptions = {
6
6
  width?: string;
7
7
  isClosable?: boolean;
8
8
  };
package/dist/handlers/window-handler.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- declare type WindowShowInput = {
1
+ type WindowShowInput = {
2
2
  url: string;
3
3
  width?: number;
4
4
  height?: number;
package/dist/helpers.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import { ErrorResponse } from "./api/types/shared";
2
- declare type CookieOptions = {
2
+ type CookieOptions = {
3
3
  name: string;
4
4
  value: string;
5
5
  expire: number;
package/dist/index.js CHANGED
@@ -147,11 +147,7 @@ function __generator(thisArg, body) {
147
147
  }
148
148
  }
149
149
 
150
- /* [@simplewebauthn/browser@9.0.1] */
151
- function utf8StringToBuffer(value) {
152
- return new TextEncoder().encode(value);
153
- }
154
-
150
+ /* [@simplewebauthn/browser@10.0.0] */
155
151
  function bufferToBase64URLString(buffer) {
156
152
  const bytes = new Uint8Array(buffer);
157
153
  let str = '';
@@ -330,18 +326,18 @@ function toAuthenticatorAttachment(attachment) {
330
326
  return attachment;
331
327
  }
332
328
 
333
- async function startRegistration(creationOptionsJSON) {
329
+ async function startRegistration(optionsJSON) {
334
330
  if (!browserSupportsWebAuthn()) {
335
331
  throw new Error('WebAuthn is not supported in this browser');
336
332
  }
337
333
  const publicKey = {
338
- ...creationOptionsJSON,
339
- challenge: base64URLStringToBuffer(creationOptionsJSON.challenge),
334
+ ...optionsJSON,
335
+ challenge: base64URLStringToBuffer(optionsJSON.challenge),
340
336
  user: {
341
- ...creationOptionsJSON.user,
342
- id: utf8StringToBuffer(creationOptionsJSON.user.id),
337
+ ...optionsJSON.user,
338
+ id: base64URLStringToBuffer(optionsJSON.user.id),
343
339
  },
344
- excludeCredentials: creationOptionsJSON.excludeCredentials?.map(toPublicKeyCredentialDescriptor),
340
+ excludeCredentials: optionsJSON.excludeCredentials?.map(toPublicKeyCredentialDescriptor),
345
341
  };
346
342
  const options = { publicKey };
347
343
  options.signal = WebAuthnAbortService.createNewAbortSignal();
@@ -410,11 +406,10 @@ function warnOnBrokenImplementation(methodName, cause) {
410
406
  console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${methodName}. You should report this error to them.\n`, cause);
411
407
  }
412
408
 
413
- function bufferToUTF8String(value) {
414
- return new TextDecoder('utf-8').decode(value);
415
- }
416
-
417
409
  function browserSupportsWebAuthnAutofill() {
410
+ if (!browserSupportsWebAuthn()) {
411
+ return new Promise((resolve) => resolve(false));
412
+ }
418
413
  const globalPublicKeyCredential = window
419
414
  .PublicKeyCredential;
420
415
  if (globalPublicKeyCredential.isConditionalMediationAvailable === undefined) {
@@ -471,17 +466,17 @@ function identifyAuthenticationError({ error, options, }) {
471
466
  return error;
472
467
  }
473
468
 
474
- async function startAuthentication(requestOptionsJSON, useBrowserAutofill = false) {
469
+ async function startAuthentication(optionsJSON, useBrowserAutofill = false) {
475
470
  if (!browserSupportsWebAuthn()) {
476
471
  throw new Error('WebAuthn is not supported in this browser');
477
472
  }
478
473
  let allowCredentials;
479
- if (requestOptionsJSON.allowCredentials?.length !== 0) {
480
- allowCredentials = requestOptionsJSON.allowCredentials?.map(toPublicKeyCredentialDescriptor);
474
+ if (optionsJSON.allowCredentials?.length !== 0) {
475
+ allowCredentials = optionsJSON.allowCredentials?.map(toPublicKeyCredentialDescriptor);
481
476
  }
482
477
  const publicKey = {
483
- ...requestOptionsJSON,
484
- challenge: base64URLStringToBuffer(requestOptionsJSON.challenge),
478
+ ...optionsJSON,
479
+ challenge: base64URLStringToBuffer(optionsJSON.challenge),
485
480
  allowCredentials,
486
481
  };
487
482
  const options = {};
@@ -489,7 +484,7 @@ async function startAuthentication(requestOptionsJSON, useBrowserAutofill = fals
489
484
  if (!(await browserSupportsWebAuthnAutofill())) {
490
485
  throw Error('Browser does not support WebAuthn autofill');
491
486
  }
492
- const eligibleInputs = document.querySelectorAll('input[autocomplete$=\'webauthn\']');
487
+ const eligibleInputs = document.querySelectorAll("input[autocomplete$='webauthn']");
493
488
  if (eligibleInputs.length < 1) {
494
489
  throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
495
490
  }
@@ -511,7 +506,7 @@ async function startAuthentication(requestOptionsJSON, useBrowserAutofill = fals
511
506
  const { id, rawId, response, type } = credential;
512
507
  let userHandle = undefined;
513
508
  if (response.userHandle) {
514
- userHandle = bufferToUTF8String(response.userHandle);
509
+ userHandle = bufferToBase64URLString(response.userHandle);
515
510
  }
516
511
  return {
517
512
  id,
@@ -533,7 +528,7 @@ function buildHeaders(_a) {
533
528
  var authorizationHeader = token ? "Bearer ".concat(token) : "Basic ".concat(window.btoa(encodeURIComponent(tenantId)));
534
529
  return {
535
530
  "Content-Type": "application/json",
536
- Authorization: authorizationHeader
531
+ Authorization: authorizationHeader,
537
532
  };
538
533
  }
539
534
 
@@ -544,11 +539,11 @@ var PasskeyApiClient = /** @class */ (function () {
544
539
  this.baseUrl = baseUrl;
545
540
  }
546
541
  PasskeyApiClient.prototype.registrationOptions = function (_a) {
547
- var token = _a.token, username = _a.username, authenticatorAttachment = _a.authenticatorAttachment;
548
- return __awaiter(this, void 0, void 0, function () {
542
+ return __awaiter(this, arguments, void 0, function (_b) {
549
543
  var body, response;
550
- return __generator(this, function (_b) {
551
- switch (_b.label) {
544
+ var token = _b.token, username = _b.username, authenticatorAttachment = _b.authenticatorAttachment;
545
+ return __generator(this, function (_c) {
546
+ switch (_c.label) {
552
547
  case 0:
553
548
  body = Boolean(authenticatorAttachment)
554
549
  ? { username: username, authenticatorAttachment: authenticatorAttachment }
@@ -556,70 +551,70 @@ var PasskeyApiClient = /** @class */ (function () {
556
551
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/registration-options"), {
557
552
  method: "POST",
558
553
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
559
- body: JSON.stringify(body)
554
+ body: JSON.stringify(body),
560
555
  });
561
556
  return [4 /*yield*/, response];
562
- case 1: return [2 /*return*/, (_b.sent()).json()];
557
+ case 1: return [2 /*return*/, (_c.sent()).json()];
563
558
  }
564
559
  });
565
560
  });
566
561
  };
567
562
  PasskeyApiClient.prototype.authenticationOptions = function (_a) {
568
- var token = _a.token, challengeId = _a.challengeId;
569
- return __awaiter(this, void 0, void 0, function () {
563
+ return __awaiter(this, arguments, void 0, function (_b) {
570
564
  var body, response;
571
- return __generator(this, function (_b) {
572
- switch (_b.label) {
565
+ var token = _b.token, challengeId = _b.challengeId;
566
+ return __generator(this, function (_c) {
567
+ switch (_c.label) {
573
568
  case 0:
574
569
  body = { challengeId: challengeId };
575
570
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/authentication-options"), {
576
571
  method: "POST",
577
572
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
578
- body: JSON.stringify(body)
573
+ body: JSON.stringify(body),
579
574
  });
580
575
  return [4 /*yield*/, response];
581
- case 1: return [2 /*return*/, (_b.sent()).json()];
576
+ case 1: return [2 /*return*/, (_c.sent()).json()];
582
577
  }
583
578
  });
584
579
  });
585
580
  };
586
581
  PasskeyApiClient.prototype.addAuthenticator = function (_a) {
587
- var token = _a.token, challengeId = _a.challengeId, registrationCredential = _a.registrationCredential;
588
- return __awaiter(this, void 0, void 0, function () {
582
+ return __awaiter(this, arguments, void 0, function (_b) {
589
583
  var body, response;
590
- return __generator(this, function (_b) {
591
- switch (_b.label) {
584
+ var token = _b.token, challengeId = _b.challengeId, registrationCredential = _b.registrationCredential;
585
+ return __generator(this, function (_c) {
586
+ switch (_c.label) {
592
587
  case 0:
593
588
  body = {
594
589
  challengeId: challengeId,
595
- registrationCredential: registrationCredential
590
+ registrationCredential: registrationCredential,
596
591
  };
597
592
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey"), {
598
593
  method: "POST",
599
594
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
600
- body: JSON.stringify(body)
595
+ body: JSON.stringify(body),
601
596
  });
602
597
  return [4 /*yield*/, response];
603
- case 1: return [2 /*return*/, (_b.sent()).json()];
598
+ case 1: return [2 /*return*/, (_c.sent()).json()];
604
599
  }
605
600
  });
606
601
  });
607
602
  };
608
603
  PasskeyApiClient.prototype.verify = function (_a) {
609
- var token = _a.token, challengeId = _a.challengeId, authenticationCredential = _a.authenticationCredential, deviceId = _a.deviceId;
610
- return __awaiter(this, void 0, void 0, function () {
604
+ return __awaiter(this, arguments, void 0, function (_b) {
611
605
  var body, response;
612
- return __generator(this, function (_b) {
613
- switch (_b.label) {
606
+ var token = _b.token, challengeId = _b.challengeId, authenticationCredential = _b.authenticationCredential, deviceId = _b.deviceId;
607
+ return __generator(this, function (_c) {
608
+ switch (_c.label) {
614
609
  case 0:
615
610
  body = { challengeId: challengeId, authenticationCredential: authenticationCredential, deviceId: deviceId };
616
611
  response = fetch("".concat(this.baseUrl, "/client/verify/passkey"), {
617
612
  method: "POST",
618
613
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
619
- body: JSON.stringify(body)
614
+ body: JSON.stringify(body),
620
615
  });
621
616
  return [4 /*yield*/, response];
622
- case 1: return [2 /*return*/, (_b.sent()).json()];
617
+ case 1: return [2 /*return*/, (_c.sent()).json()];
623
618
  }
624
619
  });
625
620
  });
@@ -631,7 +626,7 @@ var PasskeyApiClient = /** @class */ (function () {
631
626
  switch (_a.label) {
632
627
  case 0: return [4 /*yield*/, fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey?credentialId=").concat(credentialId), {
633
628
  method: "GET",
634
- headers: buildHeaders({ tenantId: this.tenantId })
629
+ headers: buildHeaders({ tenantId: this.tenantId }),
635
630
  })];
636
631
  case 1:
637
632
  response = _a.sent();
@@ -652,7 +647,7 @@ var PasskeyApiClient = /** @class */ (function () {
652
647
  response = fetch("".concat(this.baseUrl, "/client/challenge"), {
653
648
  method: "POST",
654
649
  headers: buildHeaders({ tenantId: this.tenantId }),
655
- body: JSON.stringify({ action: action })
650
+ body: JSON.stringify({ action: action }),
656
651
  });
657
652
  return [4 /*yield*/, response];
658
653
  case 1: return [2 /*return*/, (_a.sent()).json()];
@@ -673,7 +668,7 @@ var TokenCache = /** @class */ (function () {
673
668
  console.error("Error: ".concat(error));
674
669
  return {
675
670
  error: errorCode,
676
- errorDescription: error
671
+ errorDescription: error,
677
672
  };
678
673
  };
679
674
  TokenCache.shared = new TokenCache();
@@ -689,11 +684,11 @@ var Passkey = /** @class */ (function () {
689
684
  this.anonymousId = anonymousId;
690
685
  }
691
686
  Passkey.prototype.signUp = function (_a) {
692
- var userName = _a.userName, userDisplayName = _a.userDisplayName, token = _a.token, _b = _a.authenticatorAttachment, authenticatorAttachment = _b === void 0 ? "platform" : _b;
693
- return __awaiter(this, void 0, void 0, function () {
687
+ return __awaiter(this, arguments, void 0, function (_b) {
694
688
  var userToken, optionsInput, optionsResponse, registrationResponse, addAuthenticatorResponse;
695
- return __generator(this, function (_c) {
696
- switch (_c.label) {
689
+ var userName = _b.userName, userDisplayName = _b.userDisplayName, token = _b.token, _c = _b.authenticatorAttachment, authenticatorAttachment = _c === void 0 ? "platform" : _c;
690
+ return __generator(this, function (_d) {
691
+ switch (_d.label) {
697
692
  case 0:
698
693
  userToken = token !== null && token !== void 0 ? token : this.cache.token;
699
694
  if (!userToken) {
@@ -703,25 +698,25 @@ var Passkey = /** @class */ (function () {
703
698
  username: userName,
704
699
  displayName: userDisplayName,
705
700
  token: userToken,
706
- authenticatorAttachment: authenticatorAttachment
701
+ authenticatorAttachment: authenticatorAttachment,
707
702
  };
708
703
  return [4 /*yield*/, this.api.registrationOptions(optionsInput)];
709
704
  case 1:
710
- optionsResponse = _c.sent();
705
+ optionsResponse = _d.sent();
711
706
  if ("error" in optionsResponse) {
712
707
  logErrorResponse(optionsResponse);
713
708
  return [2 /*return*/, optionsResponse];
714
709
  }
715
710
  return [4 /*yield*/, startRegistration(optionsResponse.options)];
716
711
  case 2:
717
- registrationResponse = _c.sent();
712
+ registrationResponse = _d.sent();
718
713
  return [4 /*yield*/, this.api.addAuthenticator({
719
714
  challengeId: optionsResponse.challengeId,
720
715
  registrationCredential: registrationResponse,
721
- token: userToken
716
+ token: userToken,
722
717
  })];
723
718
  case 3:
724
- addAuthenticatorResponse = _c.sent();
719
+ addAuthenticatorResponse = _d.sent();
725
720
  if ("error" in addAuthenticatorResponse) {
726
721
  logErrorResponse(addAuthenticatorResponse);
727
722
  return [2 /*return*/, addAuthenticatorResponse];
@@ -733,7 +728,8 @@ var Passkey = /** @class */ (function () {
733
728
  this.cache.token = addAuthenticatorResponse.accessToken;
734
729
  }
735
730
  return [2 /*return*/, {
736
- token: addAuthenticatorResponse.accessToken
731
+ token: addAuthenticatorResponse.accessToken,
732
+ registrationResponse: registrationResponse,
737
733
  }];
738
734
  }
739
735
  });
@@ -767,7 +763,7 @@ var Passkey = /** @class */ (function () {
767
763
  }
768
764
  return [4 /*yield*/, this.api.authenticationOptions({
769
765
  token: params === null || params === void 0 ? void 0 : params.token,
770
- challengeId: challengeResponse === null || challengeResponse === void 0 ? void 0 : challengeResponse.challengeId
766
+ challengeId: challengeResponse === null || challengeResponse === void 0 ? void 0 : challengeResponse.challengeId,
771
767
  })];
772
768
  case 4:
773
769
  optionsResponse = _b.sent();
@@ -785,7 +781,7 @@ var Passkey = /** @class */ (function () {
785
781
  challengeId: optionsResponse.challengeId,
786
782
  authenticationCredential: authenticationResponse,
787
783
  token: params === null || params === void 0 ? void 0 : params.token,
788
- deviceId: this.anonymousId
784
+ deviceId: this.anonymousId,
789
785
  })];
790
786
  case 6:
791
787
  verifyResponse = _b.sent();
@@ -805,7 +801,8 @@ var Passkey = /** @class */ (function () {
805
801
  userId: userId,
806
802
  userAuthenticatorId: userAuthenticatorId,
807
803
  userName: userName,
808
- userDisplayName: userDisplayName
804
+ userDisplayName: userDisplayName,
805
+ authenticationResponse: authenticationResponse,
809
806
  }];
810
807
  }
811
808
  });
@@ -1415,37 +1412,37 @@ var TotpApiClient = /** @class */ (function () {
1415
1412
  this.baseUrl = baseUrl;
1416
1413
  }
1417
1414
  TotpApiClient.prototype.enroll = function (_a) {
1418
- var token = _a.token;
1419
- return __awaiter(this, void 0, void 0, function () {
1415
+ return __awaiter(this, arguments, void 0, function (_b) {
1420
1416
  var response;
1421
- return __generator(this, function (_b) {
1422
- switch (_b.label) {
1417
+ var token = _b.token;
1418
+ return __generator(this, function (_c) {
1419
+ switch (_c.label) {
1423
1420
  case 0:
1424
1421
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/totp"), {
1425
1422
  method: "POST",
1426
- headers: buildHeaders({ token: token, tenantId: this.tenantId })
1423
+ headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1427
1424
  });
1428
1425
  return [4 /*yield*/, response];
1429
- case 1: return [2 /*return*/, (_b.sent()).json()];
1426
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1430
1427
  }
1431
1428
  });
1432
1429
  });
1433
1430
  };
1434
1431
  TotpApiClient.prototype.verify = function (_a) {
1435
- var token = _a.token, code = _a.code;
1436
- return __awaiter(this, void 0, void 0, function () {
1432
+ return __awaiter(this, arguments, void 0, function (_b) {
1437
1433
  var body, response;
1438
- return __generator(this, function (_b) {
1439
- switch (_b.label) {
1434
+ var token = _b.token, code = _b.code;
1435
+ return __generator(this, function (_c) {
1436
+ switch (_c.label) {
1440
1437
  case 0:
1441
1438
  body = { verificationCode: code };
1442
1439
  response = fetch("".concat(this.baseUrl, "/client/verify/totp"), {
1443
1440
  method: "POST",
1444
1441
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1445
- body: JSON.stringify(body)
1442
+ body: JSON.stringify(body),
1446
1443
  });
1447
1444
  return [4 /*yield*/, response];
1448
- case 1: return [2 /*return*/, (_b.sent()).json()];
1445
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1449
1446
  }
1450
1447
  });
1451
1448
  });
@@ -1470,18 +1467,18 @@ var Totp = /** @class */ (function () {
1470
1467
  });
1471
1468
  };
1472
1469
  Totp.prototype.verify = function (_a) {
1473
- var code = _a.code;
1474
- return __awaiter(this, void 0, void 0, function () {
1470
+ return __awaiter(this, arguments, void 0, function (_b) {
1475
1471
  var verifyResponse;
1476
- return __generator(this, function (_b) {
1477
- switch (_b.label) {
1472
+ var code = _b.code;
1473
+ return __generator(this, function (_c) {
1474
+ switch (_c.label) {
1478
1475
  case 0:
1479
1476
  if (!this.cache.token) {
1480
1477
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1481
1478
  }
1482
1479
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1483
1480
  case 1:
1484
- verifyResponse = _b.sent();
1481
+ verifyResponse = _c.sent();
1485
1482
  if (verifyResponse.accessToken) {
1486
1483
  this.cache.token = verifyResponse.accessToken;
1487
1484
  }
@@ -1500,56 +1497,56 @@ var EmailApiClient = /** @class */ (function () {
1500
1497
  this.baseUrl = baseUrl;
1501
1498
  }
1502
1499
  EmailApiClient.prototype.enroll = function (_a) {
1503
- var token = _a.token, email = _a.email;
1504
- return __awaiter(this, void 0, void 0, function () {
1500
+ return __awaiter(this, arguments, void 0, function (_b) {
1505
1501
  var body, response;
1506
- return __generator(this, function (_b) {
1507
- switch (_b.label) {
1502
+ var token = _b.token, email = _b.email;
1503
+ return __generator(this, function (_c) {
1504
+ switch (_c.label) {
1508
1505
  case 0:
1509
1506
  body = { email: email };
1510
1507
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/email-otp"), {
1511
1508
  method: "POST",
1512
1509
  headers: this.buildHeaders(token),
1513
- body: JSON.stringify(body)
1510
+ body: JSON.stringify(body),
1514
1511
  });
1515
1512
  return [4 /*yield*/, response];
1516
- case 1: return [2 /*return*/, (_b.sent()).json()];
1513
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1517
1514
  }
1518
1515
  });
1519
1516
  });
1520
1517
  };
1521
1518
  EmailApiClient.prototype.challenge = function (_a) {
1522
- var token = _a.token;
1523
- return __awaiter(this, void 0, void 0, function () {
1519
+ return __awaiter(this, arguments, void 0, function (_b) {
1524
1520
  var response;
1525
- return __generator(this, function (_b) {
1526
- switch (_b.label) {
1521
+ var token = _b.token;
1522
+ return __generator(this, function (_c) {
1523
+ switch (_c.label) {
1527
1524
  case 0:
1528
1525
  response = fetch("".concat(this.baseUrl, "/client/challenge/email-otp"), {
1529
1526
  method: "POST",
1530
- headers: this.buildHeaders(token)
1527
+ headers: this.buildHeaders(token),
1531
1528
  });
1532
1529
  return [4 /*yield*/, response];
1533
- case 1: return [2 /*return*/, (_b.sent()).json()];
1530
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1534
1531
  }
1535
1532
  });
1536
1533
  });
1537
1534
  };
1538
1535
  EmailApiClient.prototype.verify = function (_a) {
1539
- var token = _a.token, code = _a.code;
1540
- return __awaiter(this, void 0, void 0, function () {
1536
+ return __awaiter(this, arguments, void 0, function (_b) {
1541
1537
  var body, response;
1542
- return __generator(this, function (_b) {
1543
- switch (_b.label) {
1538
+ var token = _b.token, code = _b.code;
1539
+ return __generator(this, function (_c) {
1540
+ switch (_c.label) {
1544
1541
  case 0:
1545
1542
  body = { verificationCode: code };
1546
1543
  response = fetch("".concat(this.baseUrl, "/client/verify/email-otp"), {
1547
1544
  method: "POST",
1548
1545
  headers: this.buildHeaders(token),
1549
- body: JSON.stringify(body)
1546
+ body: JSON.stringify(body),
1550
1547
  });
1551
1548
  return [4 /*yield*/, response];
1552
- case 1: return [2 /*return*/, (_b.sent()).json()];
1549
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1553
1550
  }
1554
1551
  });
1555
1552
  });
@@ -1558,7 +1555,7 @@ var EmailApiClient = /** @class */ (function () {
1558
1555
  var authorizationHeader = token ? "Bearer ".concat(token) : "Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)));
1559
1556
  return {
1560
1557
  "Content-Type": "application/json",
1561
- Authorization: authorizationHeader
1558
+ Authorization: authorizationHeader,
1562
1559
  };
1563
1560
  };
1564
1561
  return EmailApiClient;
@@ -1571,9 +1568,9 @@ var Email = /** @class */ (function () {
1571
1568
  this.api = new EmailApiClient({ baseUrl: baseUrl, tenantId: tenantId });
1572
1569
  }
1573
1570
  Email.prototype.enroll = function (_a) {
1574
- var email = _a.email;
1575
- return __awaiter(this, void 0, void 0, function () {
1576
- return __generator(this, function (_b) {
1571
+ return __awaiter(this, arguments, void 0, function (_b) {
1572
+ var email = _b.email;
1573
+ return __generator(this, function (_c) {
1577
1574
  if (!this.cache.token) {
1578
1575
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1579
1576
  }
@@ -1592,18 +1589,18 @@ var Email = /** @class */ (function () {
1592
1589
  });
1593
1590
  };
1594
1591
  Email.prototype.verify = function (_a) {
1595
- var code = _a.code;
1596
- return __awaiter(this, void 0, void 0, function () {
1592
+ return __awaiter(this, arguments, void 0, function (_b) {
1597
1593
  var verifyResponse;
1598
- return __generator(this, function (_b) {
1599
- switch (_b.label) {
1594
+ var code = _b.code;
1595
+ return __generator(this, function (_c) {
1596
+ switch (_c.label) {
1600
1597
  case 0:
1601
1598
  if (!this.cache.token) {
1602
1599
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1603
1600
  }
1604
1601
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1605
1602
  case 1:
1606
- verifyResponse = _b.sent();
1603
+ verifyResponse = _c.sent();
1607
1604
  if (verifyResponse.accessToken) {
1608
1605
  this.cache.token = verifyResponse.accessToken;
1609
1606
  }
@@ -1622,56 +1619,56 @@ var SmsApiClient = /** @class */ (function () {
1622
1619
  this.baseUrl = baseUrl;
1623
1620
  }
1624
1621
  SmsApiClient.prototype.enroll = function (_a) {
1625
- var token = _a.token, phoneNumber = _a.phoneNumber;
1626
- return __awaiter(this, void 0, void 0, function () {
1622
+ return __awaiter(this, arguments, void 0, function (_b) {
1627
1623
  var body, response;
1628
- return __generator(this, function (_b) {
1629
- switch (_b.label) {
1624
+ var token = _b.token, phoneNumber = _b.phoneNumber;
1625
+ return __generator(this, function (_c) {
1626
+ switch (_c.label) {
1630
1627
  case 0:
1631
1628
  body = { phoneNumber: phoneNumber };
1632
1629
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/sms"), {
1633
1630
  method: "POST",
1634
1631
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1635
- body: JSON.stringify(body)
1632
+ body: JSON.stringify(body),
1636
1633
  });
1637
1634
  return [4 /*yield*/, response];
1638
- case 1: return [2 /*return*/, (_b.sent()).json()];
1635
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1639
1636
  }
1640
1637
  });
1641
1638
  });
1642
1639
  };
1643
1640
  SmsApiClient.prototype.challenge = function (_a) {
1644
- var token = _a.token;
1645
- return __awaiter(this, void 0, void 0, function () {
1641
+ return __awaiter(this, arguments, void 0, function (_b) {
1646
1642
  var response;
1647
- return __generator(this, function (_b) {
1648
- switch (_b.label) {
1643
+ var token = _b.token;
1644
+ return __generator(this, function (_c) {
1645
+ switch (_c.label) {
1649
1646
  case 0:
1650
1647
  response = fetch("".concat(this.baseUrl, "/client/challenge/sms"), {
1651
1648
  method: "POST",
1652
- headers: buildHeaders({ token: token, tenantId: this.tenantId })
1649
+ headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1653
1650
  });
1654
1651
  return [4 /*yield*/, response];
1655
- case 1: return [2 /*return*/, (_b.sent()).json()];
1652
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1656
1653
  }
1657
1654
  });
1658
1655
  });
1659
1656
  };
1660
1657
  SmsApiClient.prototype.verify = function (_a) {
1661
- var token = _a.token, code = _a.code;
1662
- return __awaiter(this, void 0, void 0, function () {
1658
+ return __awaiter(this, arguments, void 0, function (_b) {
1663
1659
  var body, response;
1664
- return __generator(this, function (_b) {
1665
- switch (_b.label) {
1660
+ var token = _b.token, code = _b.code;
1661
+ return __generator(this, function (_c) {
1662
+ switch (_c.label) {
1666
1663
  case 0:
1667
1664
  body = { verificationCode: code };
1668
1665
  response = fetch("".concat(this.baseUrl, "/client/verify/sms"), {
1669
1666
  method: "POST",
1670
1667
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1671
- body: JSON.stringify(body)
1668
+ body: JSON.stringify(body),
1672
1669
  });
1673
1670
  return [4 /*yield*/, response];
1674
- case 1: return [2 /*return*/, (_b.sent()).json()];
1671
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1675
1672
  }
1676
1673
  });
1677
1674
  });
@@ -1686,9 +1683,9 @@ var Sms = /** @class */ (function () {
1686
1683
  this.api = new SmsApiClient({ baseUrl: baseUrl, tenantId: tenantId });
1687
1684
  }
1688
1685
  Sms.prototype.enroll = function (_a) {
1689
- var phoneNumber = _a.phoneNumber;
1690
- return __awaiter(this, void 0, void 0, function () {
1691
- return __generator(this, function (_b) {
1686
+ return __awaiter(this, arguments, void 0, function (_b) {
1687
+ var phoneNumber = _b.phoneNumber;
1688
+ return __generator(this, function (_c) {
1692
1689
  if (!this.cache.token) {
1693
1690
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1694
1691
  }
@@ -1707,18 +1704,18 @@ var Sms = /** @class */ (function () {
1707
1704
  });
1708
1705
  };
1709
1706
  Sms.prototype.verify = function (_a) {
1710
- var code = _a.code;
1711
- return __awaiter(this, void 0, void 0, function () {
1707
+ return __awaiter(this, arguments, void 0, function (_b) {
1712
1708
  var verifyResponse;
1713
- return __generator(this, function (_b) {
1714
- switch (_b.label) {
1709
+ var code = _b.code;
1710
+ return __generator(this, function (_c) {
1711
+ switch (_c.label) {
1715
1712
  case 0:
1716
1713
  if (!this.cache.token) {
1717
1714
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1718
1715
  }
1719
1716
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1720
1717
  case 1:
1721
- verifyResponse = _b.sent();
1718
+ verifyResponse = _c.sent();
1722
1719
  if (verifyResponse.accessToken) {
1723
1720
  this.cache.token = verifyResponse.accessToken;
1724
1721
  }
@@ -1757,7 +1754,7 @@ var Authsignal = /** @class */ (function () {
1757
1754
  value: this.anonymousId,
1758
1755
  expire: Infinity,
1759
1756
  domain: this.cookieDomain,
1760
- secure: document.location.protocol !== "http:"
1757
+ secure: document.location.protocol !== "http:",
1761
1758
  });
1762
1759
  }
1763
1760
  this.passkey = new Passkey({ tenantId: tenantId, baseUrl: baseUrl, anonymousId: this.anonymousId });
@@ -1787,7 +1784,7 @@ var Authsignal = /** @class */ (function () {
1787
1784
  value: profilingId,
1788
1785
  expire: Infinity,
1789
1786
  domain: this.cookieDomain,
1790
- secure: document.location.protocol !== "http:"
1787
+ secure: document.location.protocol !== "http:",
1791
1788
  });
1792
1789
  var tmxProfilingScruiptUrl = baseUrl
1793
1790
  ? "".concat(baseUrl, "/fp/tags.js?org_id=").concat(TMX_ORG_ID, "&session_id=").concat(profilingId)
package/dist/index.min.js CHANGED
@@ -1 +1 @@
1
- var authsignal=function(t){"use strict";let e;const n=new Uint8Array(16);function o(){if(!e&&(e="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!e))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return e(n)}const i=[];for(let t=0;t<256;++t)i.push((t+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function a(t,e,n){if(r.randomUUID&&!e&&!t)return r.randomUUID();const a=(t=t||{}).random||(t.rng||o)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,e){n=n||0;for(let t=0;t<16;++t)e[n+t]=a[t];return e}return function(t,e=0){return(i[t[e+0]]+i[t[e+1]]+i[t[e+2]]+i[t[e+3]]+"-"+i[t[e+4]]+i[t[e+5]]+"-"+i[t[e+6]]+i[t[e+7]]+"-"+i[t[e+8]]+i[t[e+9]]+"-"+i[t[e+10]]+i[t[e+11]]+i[t[e+12]]+i[t[e+13]]+i[t[e+14]]+i[t[e+15]]).toLowerCase()}(a)}function s(t){var e=t.name,n=t.value,o=t.expire,i=t.domain,r=t.secure,a=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(e)+"="+n+"; path=/;"+a+(i?"; domain="+i:"")+(r?"; secure":"")}function c(t){var e;console.error(null!==(e=t.errorDescription)&&void 0!==e?e:t.error)}function u(t,e,n,o){return new(n||(n=Promise))((function(i,r){function a(t){try{c(o.next(t))}catch(t){r(t)}}function s(t){try{c(o.throw(t))}catch(t){r(t)}}function c(t){var e;t.done?i(t.value):(e=t.value,e instanceof n?e:new n((function(t){t(e)}))).then(a,s)}c((o=o.apply(t,e||[])).next())}))}function l(t,e){var n,o,i,r,a={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return r={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function s(r){return function(s){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;a;)try{if(n=1,o&&(i=2&r[0]?o.return:r[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,r[1])).done)return i;switch(o=0,i&&(r=[2&r[0],i.value]),r[0]){case 0:case 1:i=r;break;case 4:return a.label++,{value:r[1],done:!1};case 5:a.label++,o=r[1],r=[0];continue;case 7:r=a.ops.pop(),a.trys.pop();continue;default:if(!(i=a.trys,(i=i.length>0&&i[i.length-1])||6!==r[0]&&2!==r[0])){a=0;continue}if(3===r[0]&&(!i||r[1]>i[0]&&r[1]<i[3])){a.label=r[1];break}if(6===r[0]&&a.label<i[1]){a.label=i[1],i=r;break}if(i&&a.label<i[2]){a.label=i[2],a.ops.push(r);break}i[2]&&a.ops.pop(),a.trys.pop();continue}r=e.call(t,a)}catch(t){r=[6,t],o=0}finally{n=i=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,s])}}}function h(t){const e=new Uint8Array(t);let n="";for(const t of e)n+=String.fromCharCode(t);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function d(t){const e=t.replace(/-/g,"+").replace(/_/g,"/"),n=(4-e.length%4)%4,o=e.padEnd(e.length+n,"="),i=atob(o),r=new ArrayBuffer(i.length),a=new Uint8Array(r);for(let t=0;t<i.length;t++)a[t]=i.charCodeAt(t);return r}function p(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function f(t){const{id:e}=t;return{...t,id:d(e),transports:t.transports}}function m(t){return"localhost"===t||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(t)}t.AuthsignalWindowMessage=void 0,(t.AuthsignalWindowMessage||(t.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class v extends Error{constructor({message:t,code:e,cause:n,name:o}){super(t,{cause:n}),this.name=o??n.name,this.code=e}}const y=new class{createNewAbortSignal(){if(this.controller){const t=new Error("Cancelling existing WebAuthn API call for new one");t.name="AbortError",this.controller.abort(t)}const t=new AbortController;return this.controller=t,t.signal}cancelCeremony(){if(this.controller){const t=new Error("Manually cancelling existing WebAuthn API call");t.name="AbortError",this.controller.abort(t),this.controller=void 0}}},w=["cross-platform","platform"];function g(t){if(t&&!(w.indexOf(t)<0))return t}async function b(t){if(!p())throw new Error("WebAuthn is not supported in this browser");var e;const n={publicKey:{...t,challenge:d(t.challenge),user:{...t.user,id:(e=t.user.id,(new TextEncoder).encode(e))},excludeCredentials:t.excludeCredentials?.map(f)}};let o;n.signal=y.createNewAbortSignal();try{o=await navigator.credentials.create(n)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new v({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else if("ConstraintError"===t.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new v({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:t});if("required"===n.authenticatorSelection?.userVerification)return new v({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:t})}else{if("InvalidStateError"===t.name)return new v({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:t});if("NotAllowedError"===t.name)return new v({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("NotSupportedError"===t.name)return 0===n.pubKeyCredParams.filter((t=>"public-key"===t.type)).length?new v({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:t}):new v({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!m(e))return new v({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rp.id!==e)return new v({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("TypeError"===t.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new v({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:t})}else if("UnknownError"===t.name)return new v({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:n})}if(!o)throw new Error("Registration was not completed");const{id:i,rawId:r,response:a,type:s}=o;let c,u,l,w;if("function"==typeof a.getTransports&&(c=a.getTransports()),"function"==typeof a.getPublicKeyAlgorithm)try{u=a.getPublicKeyAlgorithm()}catch(t){E("getPublicKeyAlgorithm()",t)}if("function"==typeof a.getPublicKey)try{const t=a.getPublicKey();null!==t&&(l=h(t))}catch(t){E("getPublicKey()",t)}if("function"==typeof a.getAuthenticatorData)try{w=h(a.getAuthenticatorData())}catch(t){E("getAuthenticatorData()",t)}return{id:i,rawId:h(r),response:{attestationObject:h(a.attestationObject),clientDataJSON:h(a.clientDataJSON),transports:c,publicKeyAlgorithm:u,publicKey:l,authenticatorData:w},type:s,clientExtensionResults:o.getClientExtensionResults(),authenticatorAttachment:g(o.authenticatorAttachment)}}function E(t,e){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${t}. You should report this error to them.\n`,e)}async function k(t,e=!1){if(!p())throw new Error("WebAuthn is not supported in this browser");let n;0!==t.allowCredentials?.length&&(n=t.allowCredentials?.map(f));const o={...t,challenge:d(t.challenge),allowCredentials:n},i={};if(e){if(!await function(){const t=window.PublicKeyCredential;return void 0===t.isConditionalMediationAvailable?new Promise((t=>t(!1))):t.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');i.mediation="conditional",o.allowCredentials=[]}let r;i.publicKey=o,i.signal=y.createNewAbortSignal();try{r=await navigator.credentials.get(i)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new v({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else{if("NotAllowedError"===t.name)return new v({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!m(e))return new v({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rpId!==e)return new v({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("UnknownError"===t.name)return new v({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:i})}if(!r)throw new Error("Authentication was not completed");const{id:a,rawId:s,response:c,type:u}=r;let l;var w;return c.userHandle&&(w=c.userHandle,l=new TextDecoder("utf-8").decode(w)),{id:a,rawId:h(s),response:{authenticatorData:h(c.authenticatorData),clientDataJSON:h(c.clientDataJSON),signature:h(c.signature),userHandle:l},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:g(r.authenticatorAttachment)}}function I(t){var e=t.token,n=t.tenantId;return{"Content-Type":"application/json",Authorization:e?"Bearer ".concat(e):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}var A=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.registrationOptions=function(t){var e=t.token,n=t.username,o=t.authenticatorAttachment;return u(this,void 0,void 0,(function(){var t;return l(this,(function(i){switch(i.label){case 0:return t=Boolean(o)?{username:n,authenticatorAttachment:o}:{username:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,i.sent().json()]}}))}))},t.prototype.authenticationOptions=function(t){var e=t.token,n=t.challengeId;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={challengeId:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t.prototype.addAuthenticator=function(t){var e=t.token,n=t.challengeId,o=t.registrationCredential;return u(this,void 0,void 0,(function(){var t;return l(this,(function(i){switch(i.label){case 0:return t={challengeId:n,registrationCredential:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,i.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=t.challengeId,o=t.authenticationCredential,i=t.deviceId;return u(this,void 0,void 0,(function(){var t;return l(this,(function(r){switch(r.label){case 0:return t={challengeId:n,authenticationCredential:o,deviceId:i},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,r.sent().json()]}}))}))},t.prototype.getPasskeyAuthenticator=function(t){return u(this,void 0,void 0,(function(){var e;return l(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialId=").concat(t),{method:"GET",headers:I({tenantId:this.tenantId})})];case 1:if(!(e=n.sent()).ok)throw new Error(e.statusText);return[2,e.json()]}}))}))},t.prototype.challenge=function(t){return u(this,void 0,void 0,(function(){return l(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:I({tenantId:this.tenantId}),body:JSON.stringify({action:t})})];case 1:return[2,e.sent().json()]}}))}))},t}(),R=function(){function t(){this.token=null}return t.prototype.handleTokenNotSetError=function(){var t="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(t)),{error:"TOKEN_NOT_SET",errorDescription:t}},t.shared=new t,t}(),S=function(){function t(t){var e=t.baseUrl,n=t.tenantId,o=t.anonymousId;this.passkeyLocalStorageKey="as_passkey_credential_id",this.cache=R.shared,this.api=new A({baseUrl:e,tenantId:n}),this.anonymousId=o}return t.prototype.signUp=function(t){var e=t.userName,n=t.userDisplayName,o=t.token,i=t.authenticatorAttachment,r=void 0===i?"platform":i;return u(this,void 0,void 0,(function(){var t,i,a,s,u;return l(this,(function(l){switch(l.label){case 0:return(t=null!=o?o:this.cache.token)?(i={username:e,displayName:n,token:t,authenticatorAttachment:r},[4,this.api.registrationOptions(i)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(a=l.sent())?(c(a),[2,a]):[4,b(a.options)];case 2:return s=l.sent(),[4,this.api.addAuthenticator({challengeId:a.challengeId,registrationCredential:s,token:t})];case 3:return"error"in(u=l.sent())?(c(u),[2,u]):(u.isVerified&&this.storeCredentialAgainstDevice(s),u.accessToken&&(this.cache.token=u.accessToken),[2,{token:u.accessToken}])}}))}))},t.prototype.signIn=function(t){return u(this,void 0,void 0,(function(){var e,n,o,i,r,a,s,u,h,d;return l(this,(function(l){switch(l.label){case 0:if((null==t?void 0:t.token)&&t.autofill)throw new Error("autofill is not supported when providing a token");if((null==t?void 0:t.action)&&t.token)throw new Error("action is not supported when providing a token");return(null==t?void 0:t.action)?[4,this.api.challenge(t.action)]:[3,2];case 1:return n=l.sent(),[3,3];case 2:n=null,l.label=3;case 3:return(e=n)&&"error"in e?(c(e),[2,e]):[4,this.api.authenticationOptions({token:null==t?void 0:t.token,challengeId:null==e?void 0:e.challengeId})];case 4:return"error"in(o=l.sent())?(c(o),[2,o]):[4,k(o.options,null==t?void 0:t.autofill)];case 5:return i=l.sent(),(null==t?void 0:t.onVerificationStarted)&&t.onVerificationStarted(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:i,token:null==t?void 0:t.token,deviceId:this.anonymousId})];case 6:return"error"in(r=l.sent())?(c(r),[2,r]):(r.isVerified&&this.storeCredentialAgainstDevice(i),r.accessToken&&(this.cache.token=r.accessToken),a=r.accessToken,s=r.userId,u=r.userAuthenticatorId,h=r.username,d=r.userDisplayName,[2,{token:a,userId:s,userAuthenticatorId:u,userName:h,userDisplayName:d}])}}))}))},t.prototype.isAvailableOnDevice=function(){return u(this,void 0,void 0,(function(){var t;return l(this,(function(e){switch(e.label){case 0:if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator(t)];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},t.prototype.storeCredentialAgainstDevice=function(t){var e=t.id;"cross-platform"!==t.authenticatorAttachment&&localStorage.setItem(this.passkeyLocalStorageKey,e)},t}(),_=function(){function t(){this.windowRef=null}return t.prototype.show=function(t){var e=t.url,n=t.width,o=void 0===n?400:n,i=t.height,r=function(t){var e=t.url,n=t.width,o=t.height,i=t.win;if(!i.top)return null;var r=i.top.outerHeight/2+i.top.screenY-o/2,a=i.top.outerWidth/2+i.top.screenX-n/2;return window.open(e,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(r,", left=").concat(a))}({url:e,width:o,height:void 0===i?500:i,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},t.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},t}();const T=":not([inert]):not([inert] *)",O=':not([tabindex^="-"])',C=":not(:disabled)";var U=[`a[href]${T}${O}`,`area[href]${T}${O}`,`input:not([type="hidden"]):not([type="radio"])${T}${O}${C}`,`input[type="radio"]${T}${O}${C}`,`select${T}${O}${C}`,`textarea${T}${O}${C}`,`button${T}${O}${C}`,`details${T} > summary:first-of-type${O}`,`iframe${T}${O}`,`audio[controls]${T}${O}`,`video[controls]${T}${O}`,`[contenteditable]${T}${O}`,`[tabindex]${T}${O}`];function N(t){(t.querySelector("[autofocus]")||t).focus()}function P(t,e){if(e&&x(t))return t;if(!((n=t).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(t.shadowRoot){let n=$(t.shadowRoot,e);for(;n;){const t=P(n,e);if(t)return t;n=D(n,e)}}else if("slot"===t.localName){const n=t.assignedElements({flatten:!0});e||n.reverse();for(const t of n){const n=P(t,e);if(n)return n}}else{let n=$(t,e);for(;n;){const t=P(n,e);if(t)return t;n=D(n,e)}}var n;return!e&&x(t)?t:null}function $(t,e){return e?t.firstElementChild:t.lastElementChild}function D(t,e){return e?t.nextElementSibling:t.previousElementSibling}const x=t=>!t.shadowRoot?.delegatesFocus&&(t.matches(U.join(","))&&!(t=>!(!t.matches("details:not([open]) *")||t.matches("details>summary:first-of-type"))||!(t.offsetWidth||t.offsetHeight||t.getClientRects().length))(t));function L(t=document){const e=t.activeElement;return e?e.shadowRoot?L(e.shadowRoot)||document.activeElement:e:null}function K(t,e){const[n,o]=function(t){const e=P(t,!0);return[e,e?P(t,!1)||e:null]}(t);if(!n)return e.preventDefault();const i=L();e.shiftKey&&i===n?(o.focus(),e.preventDefault()):e.shiftKey||i!==o||(n.focus(),e.preventDefault())}class j{$el;id;previouslyFocused;shown;constructor(t){this.$el=t,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(t){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=L(),"BODY"===this.previouslyFocused?.tagName&&t?.target&&(this.previouslyFocused=t.target),"focus"===t?.type?this.maintainFocus(t):N(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",t)),this}hide(t){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",t),this):this}on(t,e,n){return this.$el.addEventListener(t,e,n),this}off(t,e,n){return this.$el.removeEventListener(t,e,n),this}fire(t,e){this.$el.dispatchEvent(new CustomEvent(t,{detail:e,cancelable:!0}))}handleTriggerClicks(t){const e=t.target;e.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(t),(e.closest(`[data-a11y-dialog-hide="${this.id}"]`)||e.closest("[data-a11y-dialog-hide]")&&e.closest('[aria-modal="true"]')===this.$el)&&this.hide(t)}bindKeypress(t){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let e=!1;try{e=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==t.key||"alertdialog"===this.$el.getAttribute("role")||e||(t.preventDefault(),this.hide(t)),"Tab"===t.key&&K(this.$el,t)}maintainFocus(t){t.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||N(this.$el)}}function H(){for(const t of document.querySelectorAll("[data-a11y-dialog]"))new j(t)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",H):H());var W="__authsignal-popup-container",M="__authsignal-popup-content",q="__authsignal-popup-overlay",F="__authsignal-popup-style",G="__authsignal-popup-iframe",J="385px",V=function(){function t(t){var e=t.width,n=t.isClosable;if(this.popup=null,document.querySelector("#".concat(W)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:e,isClosable:n})}return t.prototype.create=function(t){var e=this,n=t.width,o=void 0===n?J:n,i=t.isClosable,r=void 0===i||i,a=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),a=J);var s=document.createElement("div");s.setAttribute("id",W),s.setAttribute("aria-hidden","true"),r||s.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",q),r&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",M),document.body.appendChild(s);var l=document.createElement("style");l.setAttribute("id",F),l.textContent="\n #".concat(W,",\n #").concat(q," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(W," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(W,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(q," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(M," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(a,";\n }\n\n #").concat(M," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",l),s.appendChild(c),s.appendChild(u),this.popup=new j(s),s.focus(),this.popup.on("hide",(function(){e.destroy()}))},t.prototype.destroy=function(){var t=document.querySelector("#".concat(W)),e=document.querySelector("#".concat(F));t&&e&&(document.body.removeChild(t),document.head.removeChild(e)),window.removeEventListener("message",z)},t.prototype.show=function(t){var e,n=t.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",G),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(M));i&&i.appendChild(o),window.addEventListener("message",z),null===(e=this.popup)||void 0===e||e.show()},t.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},t.prototype.on=function(t,e){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(t,e)},t}();function z(t){var e=document.querySelector("#".concat(G));e&&t.data.height&&(e.style.height=t.data.height+"px")}var B=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){var e=t.token;return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:I({token:e,tenantId:this.tenantId})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={verificationCode:n},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t}(),Y=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new B({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){var e=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(n){switch(n.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:e})]:[2,this.cache.handleTokenNotSetError()];case 1:return(t=n.sent()).accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},t}(),X=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){var e=t.token,n=t.email;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={email:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t.prototype.challenge=function(t){var e=t.token;return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:this.buildHeaders(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={verificationCode:n},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t.prototype.buildHeaders=function(t){return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},t}(),Q=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new X({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(t){var e=t.email;return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token,email:e})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){var e=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(n){switch(n.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:e})]:[2,this.cache.handleTokenNotSetError()];case 1:return(t=n.sent()).accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},t}(),Z=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){var e=t.token,n=t.phoneNumber;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={phoneNumber:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t.prototype.challenge=function(t){var e=t.token;return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:I({token:e,tenantId:this.tenantId})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={verificationCode:n},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t}(),tt=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new Z({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(t){var e=t.phoneNumber;return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token,phoneNumber:e})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){var e=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(n){switch(n.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:e})]:[2,this.cache.handleTokenNotSetError()];case 1:return(t=n.sent()).accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},t}(),et="4a08uqve",nt=function(){function e(t){var e=t.cookieDomain,n=t.cookieName,o=void 0===n?"__as_aid":n,i=t.baseUrl,r=void 0===i?"https://api.authsignal.com/v1":i,c=t.tenantId;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this.cookieDomain=e||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!c)throw new Error("tenantId is required");var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=a(),s({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new S({tenantId:c,baseUrl:r,anonymousId:this.anonymousId}),this.totp=new Y({tenantId:c,baseUrl:r}),this.email=new Q({tenantId:c,baseUrl:r}),this.sms=new tt({tenantId:c,baseUrl:r})}return e.prototype.setToken=function(t){R.shared.token=t},e.prototype.launch=function(t,e){switch(null==e?void 0:e.mode){case"window":return this.launchWithWindow(t,e);case"popup":return this.launchWithPopup(t,e);default:this.launchWithRedirect(t)}},e.prototype.initAdvancedProfiling=function(t){var e=a();this.profilingId=e,s({name:"__as_pid",value:e,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=t?"".concat(t,"/fp/tags.js?org_id=").concat(et,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(et,"&session_id=").concat(e),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var i=document.createElement("noscript");i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=t?"".concat(t,"/fp/tags?org_id=").concat(et,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags?org_id=".concat(et,"&session_id=").concat(e);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),i&&(i.appendChild(r),document.body.prepend(i))},e.prototype.launchWithRedirect=function(t){window.location.href=t},e.prototype.launchWithPopup=function(e,n){var o=n.popupOptions,i=new V({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),r="".concat(e,"&mode=popup");return i.show({url:r}),new Promise((function(e){var n=void 0;i.on("hide",(function(){e({token:n})})),window.addEventListener("message",(function(e){var o=null;try{o=JSON.parse(e.data)}catch(t){}(null==o?void 0:o.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(n=o.token,i.close())}),!1)}))},e.prototype.launchWithWindow=function(e,n){var o=n.windowOptions,i=new _,r="".concat(e,"&mode=popup");return i.show({url:r,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(e){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(t){}(null==o?void 0:o.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(i.close(),e({token:o.token}))}),!1)}))},e}();return t.Authsignal=nt,Object.defineProperty(t,"__esModule",{value:!0}),t}({});
1
+ var authsignal=function(t){"use strict";let e;const n=new Uint8Array(16);function o(){if(!e&&(e="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!e))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return e(n)}const i=[];for(let t=0;t<256;++t)i.push((t+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function a(t,e,n){if(r.randomUUID&&!e&&!t)return r.randomUUID();const a=(t=t||{}).random||(t.rng||o)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,e){n=n||0;for(let t=0;t<16;++t)e[n+t]=a[t];return e}return function(t,e=0){return(i[t[e+0]]+i[t[e+1]]+i[t[e+2]]+i[t[e+3]]+"-"+i[t[e+4]]+i[t[e+5]]+"-"+i[t[e+6]]+i[t[e+7]]+"-"+i[t[e+8]]+i[t[e+9]]+"-"+i[t[e+10]]+i[t[e+11]]+i[t[e+12]]+i[t[e+13]]+i[t[e+14]]+i[t[e+15]]).toLowerCase()}(a)}function s(t){var e=t.name,n=t.value,o=t.expire,i=t.domain,r=t.secure,a=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(e)+"="+n+"; path=/;"+a+(i?"; domain="+i:"")+(r?"; secure":"")}function c(t){var e;console.error(null!==(e=t.errorDescription)&&void 0!==e?e:t.error)}function u(t,e,n,o){return new(n||(n=Promise))((function(i,r){function a(t){try{c(o.next(t))}catch(t){r(t)}}function s(t){try{c(o.throw(t))}catch(t){r(t)}}function c(t){var e;t.done?i(t.value):(e=t.value,e instanceof n?e:new n((function(t){t(e)}))).then(a,s)}c((o=o.apply(t,e||[])).next())}))}function l(t,e){var n,o,i,r,a={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return r={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function s(r){return function(s){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;a;)try{if(n=1,o&&(i=2&r[0]?o.return:r[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,r[1])).done)return i;switch(o=0,i&&(r=[2&r[0],i.value]),r[0]){case 0:case 1:i=r;break;case 4:return a.label++,{value:r[1],done:!1};case 5:a.label++,o=r[1],r=[0];continue;case 7:r=a.ops.pop(),a.trys.pop();continue;default:if(!(i=a.trys,(i=i.length>0&&i[i.length-1])||6!==r[0]&&2!==r[0])){a=0;continue}if(3===r[0]&&(!i||r[1]>i[0]&&r[1]<i[3])){a.label=r[1];break}if(6===r[0]&&a.label<i[1]){a.label=i[1],i=r;break}if(i&&a.label<i[2]){a.label=i[2],a.ops.push(r);break}i[2]&&a.ops.pop(),a.trys.pop();continue}r=e.call(t,a)}catch(t){r=[6,t],o=0}finally{n=i=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,s])}}}function h(t){const e=new Uint8Array(t);let n="";for(const t of e)n+=String.fromCharCode(t);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function d(t){const e=t.replace(/-/g,"+").replace(/_/g,"/"),n=(4-e.length%4)%4,o=e.padEnd(e.length+n,"="),i=atob(o),r=new ArrayBuffer(i.length),a=new Uint8Array(r);for(let t=0;t<i.length;t++)a[t]=i.charCodeAt(t);return r}function p(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function f(t){const{id:e}=t;return{...t,id:d(e),transports:t.transports}}function m(t){return"localhost"===t||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(t)}t.AuthsignalWindowMessage=void 0,(t.AuthsignalWindowMessage||(t.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class y extends Error{constructor({message:t,code:e,cause:n,name:o}){super(t,{cause:n}),this.name=o??n.name,this.code=e}}const w=new class{createNewAbortSignal(){if(this.controller){const t=new Error("Cancelling existing WebAuthn API call for new one");t.name="AbortError",this.controller.abort(t)}const t=new AbortController;return this.controller=t,t.signal}cancelCeremony(){if(this.controller){const t=new Error("Manually cancelling existing WebAuthn API call");t.name="AbortError",this.controller.abort(t),this.controller=void 0}}},g=["cross-platform","platform"];function v(t){if(t&&!(g.indexOf(t)<0))return t}async function b(t){if(!p())throw new Error("WebAuthn is not supported in this browser");const e={publicKey:{...t,challenge:d(t.challenge),user:{...t.user,id:d(t.user.id)},excludeCredentials:t.excludeCredentials?.map(f)}};let n;e.signal=w.createNewAbortSignal();try{n=await navigator.credentials.create(e)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new y({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else if("ConstraintError"===t.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new y({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:t});if("required"===n.authenticatorSelection?.userVerification)return new y({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:t})}else{if("InvalidStateError"===t.name)return new y({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:t});if("NotAllowedError"===t.name)return new y({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("NotSupportedError"===t.name)return 0===n.pubKeyCredParams.filter((t=>"public-key"===t.type)).length?new y({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:t}):new y({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!m(e))return new y({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rp.id!==e)return new y({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("TypeError"===t.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new y({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:t})}else if("UnknownError"===t.name)return new y({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:e})}if(!n)throw new Error("Registration was not completed");const{id:o,rawId:i,response:r,type:a}=n;let s,c,u,l;if("function"==typeof r.getTransports&&(s=r.getTransports()),"function"==typeof r.getPublicKeyAlgorithm)try{c=r.getPublicKeyAlgorithm()}catch(t){E("getPublicKeyAlgorithm()",t)}if("function"==typeof r.getPublicKey)try{const t=r.getPublicKey();null!==t&&(u=h(t))}catch(t){E("getPublicKey()",t)}if("function"==typeof r.getAuthenticatorData)try{l=h(r.getAuthenticatorData())}catch(t){E("getAuthenticatorData()",t)}return{id:o,rawId:h(i),response:{attestationObject:h(r.attestationObject),clientDataJSON:h(r.clientDataJSON),transports:s,publicKeyAlgorithm:c,publicKey:u,authenticatorData:l},type:a,clientExtensionResults:n.getClientExtensionResults(),authenticatorAttachment:v(n.authenticatorAttachment)}}function E(t,e){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${t}. You should report this error to them.\n`,e)}async function k(t,e=!1){if(!p())throw new Error("WebAuthn is not supported in this browser");let n;0!==t.allowCredentials?.length&&(n=t.allowCredentials?.map(f));const o={...t,challenge:d(t.challenge),allowCredentials:n},i={};if(e){if(!await function(){if(!p())return new Promise((t=>t(!1)));const t=window.PublicKeyCredential;return void 0===t.isConditionalMediationAvailable?new Promise((t=>t(!1))):t.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');i.mediation="conditional",o.allowCredentials=[]}let r;i.publicKey=o,i.signal=w.createNewAbortSignal();try{r=await navigator.credentials.get(i)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new y({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else{if("NotAllowedError"===t.name)return new y({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!m(e))return new y({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rpId!==e)return new y({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("UnknownError"===t.name)return new y({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:i})}if(!r)throw new Error("Authentication was not completed");const{id:a,rawId:s,response:c,type:u}=r;let l;return c.userHandle&&(l=h(c.userHandle)),{id:a,rawId:h(s),response:{authenticatorData:h(c.authenticatorData),clientDataJSON:h(c.clientDataJSON),signature:h(c.signature),userHandle:l},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:v(r.authenticatorAttachment)}}function I(t){var e=t.token,n=t.tenantId;return{"Content-Type":"application/json",Authorization:e?"Bearer ".concat(e):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}var A=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.registrationOptions=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.username,i=t.authenticatorAttachment;return l(this,(function(t){switch(t.label){case 0:return e=Boolean(i)?{username:o,authenticatorAttachment:i}:{username:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:I({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.authenticationOptions=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.challengeId;return l(this,(function(t){switch(t.label){case 0:return e={challengeId:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:I({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.addAuthenticator=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.challengeId,i=t.registrationCredential;return l(this,(function(t){switch(t.label){case 0:return e={challengeId:o,registrationCredential:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:I({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.challengeId,i=t.authenticationCredential,r=t.deviceId;return l(this,(function(t){switch(t.label){case 0:return e={challengeId:o,authenticationCredential:i,deviceId:r},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:I({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.getPasskeyAuthenticator=function(t){return u(this,void 0,void 0,(function(){var e;return l(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialId=").concat(t),{method:"GET",headers:I({tenantId:this.tenantId})})];case 1:if(!(e=n.sent()).ok)throw new Error(e.statusText);return[2,e.json()]}}))}))},t.prototype.challenge=function(t){return u(this,void 0,void 0,(function(){return l(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:I({tenantId:this.tenantId}),body:JSON.stringify({action:t})})];case 1:return[2,e.sent().json()]}}))}))},t}(),R=function(){function t(){this.token=null}return t.prototype.handleTokenNotSetError=function(){var t="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(t)),{error:"TOKEN_NOT_SET",errorDescription:t}},t.shared=new t,t}(),S=function(){function t(t){var e=t.baseUrl,n=t.tenantId,o=t.anonymousId;this.passkeyLocalStorageKey="as_passkey_credential_id",this.cache=R.shared,this.api=new A({baseUrl:e,tenantId:n}),this.anonymousId=o}return t.prototype.signUp=function(t){return u(this,arguments,void 0,(function(t){var e,n,o,i,r,a=t.userName,s=t.userDisplayName,u=t.token,h=t.authenticatorAttachment,d=void 0===h?"platform":h;return l(this,(function(t){switch(t.label){case 0:return(e=null!=u?u:this.cache.token)?(n={username:a,displayName:s,token:e,authenticatorAttachment:d},[4,this.api.registrationOptions(n)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(o=t.sent())?(c(o),[2,o]):[4,b(o.options)];case 2:return i=t.sent(),[4,this.api.addAuthenticator({challengeId:o.challengeId,registrationCredential:i,token:e})];case 3:return"error"in(r=t.sent())?(c(r),[2,r]):(r.isVerified&&this.storeCredentialAgainstDevice(i),r.accessToken&&(this.cache.token=r.accessToken),[2,{token:r.accessToken,registrationResponse:i}])}}))}))},t.prototype.signIn=function(t){return u(this,void 0,void 0,(function(){var e,n,o,i,r,a,s,u,h,d;return l(this,(function(l){switch(l.label){case 0:if((null==t?void 0:t.token)&&t.autofill)throw new Error("autofill is not supported when providing a token");if((null==t?void 0:t.action)&&t.token)throw new Error("action is not supported when providing a token");return(null==t?void 0:t.action)?[4,this.api.challenge(t.action)]:[3,2];case 1:return n=l.sent(),[3,3];case 2:n=null,l.label=3;case 3:return(e=n)&&"error"in e?(c(e),[2,e]):[4,this.api.authenticationOptions({token:null==t?void 0:t.token,challengeId:null==e?void 0:e.challengeId})];case 4:return"error"in(o=l.sent())?(c(o),[2,o]):[4,k(o.options,null==t?void 0:t.autofill)];case 5:return i=l.sent(),(null==t?void 0:t.onVerificationStarted)&&t.onVerificationStarted(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:i,token:null==t?void 0:t.token,deviceId:this.anonymousId})];case 6:return"error"in(r=l.sent())?(c(r),[2,r]):(r.isVerified&&this.storeCredentialAgainstDevice(i),r.accessToken&&(this.cache.token=r.accessToken),a=r.accessToken,s=r.userId,u=r.userAuthenticatorId,h=r.username,d=r.userDisplayName,[2,{token:a,userId:s,userAuthenticatorId:u,userName:h,userDisplayName:d,authenticationResponse:i}])}}))}))},t.prototype.isAvailableOnDevice=function(){return u(this,void 0,void 0,(function(){var t;return l(this,(function(e){switch(e.label){case 0:if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator(t)];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},t.prototype.storeCredentialAgainstDevice=function(t){var e=t.id;"cross-platform"!==t.authenticatorAttachment&&localStorage.setItem(this.passkeyLocalStorageKey,e)},t}(),_=function(){function t(){this.windowRef=null}return t.prototype.show=function(t){var e=t.url,n=t.width,o=void 0===n?400:n,i=t.height,r=function(t){var e=t.url,n=t.width,o=t.height,i=t.win;if(!i.top)return null;var r=i.top.outerHeight/2+i.top.screenY-o/2,a=i.top.outerWidth/2+i.top.screenX-n/2;return window.open(e,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(r,", left=").concat(a))}({url:e,width:o,height:void 0===i?500:i,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},t.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},t}();const T=":not([inert]):not([inert] *)",O=':not([tabindex^="-"])',C=":not(:disabled)";var U=[`a[href]${T}${O}`,`area[href]${T}${O}`,`input:not([type="hidden"]):not([type="radio"])${T}${O}${C}`,`input[type="radio"]${T}${O}${C}`,`select${T}${O}${C}`,`textarea${T}${O}${C}`,`button${T}${O}${C}`,`details${T} > summary:first-of-type${O}`,`iframe${T}${O}`,`audio[controls]${T}${O}`,`video[controls]${T}${O}`,`[contenteditable]${T}${O}`,`[tabindex]${T}${O}`];function N(t){(t.querySelector("[autofocus]")||t).focus()}function P(t,e){if(e&&x(t))return t;if(!((n=t).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(t.shadowRoot){let n=$(t.shadowRoot,e);for(;n;){const t=P(n,e);if(t)return t;n=D(n,e)}}else if("slot"===t.localName){const n=t.assignedElements({flatten:!0});e||n.reverse();for(const t of n){const n=P(t,e);if(n)return n}}else{let n=$(t,e);for(;n;){const t=P(n,e);if(t)return t;n=D(n,e)}}var n;return!e&&x(t)?t:null}function $(t,e){return e?t.firstElementChild:t.lastElementChild}function D(t,e){return e?t.nextElementSibling:t.previousElementSibling}const x=t=>!t.shadowRoot?.delegatesFocus&&(t.matches(U.join(","))&&!(t=>!(!t.matches("details:not([open]) *")||t.matches("details>summary:first-of-type"))||!(t.offsetWidth||t.offsetHeight||t.getClientRects().length))(t));function L(t=document){const e=t.activeElement;return e?e.shadowRoot?L(e.shadowRoot)||document.activeElement:e:null}function K(t,e){const[n,o]=function(t){const e=P(t,!0);return[e,e?P(t,!1)||e:null]}(t);if(!n)return e.preventDefault();const i=L();e.shiftKey&&i===n?(o.focus(),e.preventDefault()):e.shiftKey||i!==o||(n.focus(),e.preventDefault())}class j{$el;id;previouslyFocused;shown;constructor(t){this.$el=t,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(t){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=L(),"BODY"===this.previouslyFocused?.tagName&&t?.target&&(this.previouslyFocused=t.target),"focus"===t?.type?this.maintainFocus(t):N(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",t)),this}hide(t){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",t),this):this}on(t,e,n){return this.$el.addEventListener(t,e,n),this}off(t,e,n){return this.$el.removeEventListener(t,e,n),this}fire(t,e){this.$el.dispatchEvent(new CustomEvent(t,{detail:e,cancelable:!0}))}handleTriggerClicks(t){const e=t.target;e.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(t),(e.closest(`[data-a11y-dialog-hide="${this.id}"]`)||e.closest("[data-a11y-dialog-hide]")&&e.closest('[aria-modal="true"]')===this.$el)&&this.hide(t)}bindKeypress(t){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let e=!1;try{e=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==t.key||"alertdialog"===this.$el.getAttribute("role")||e||(t.preventDefault(),this.hide(t)),"Tab"===t.key&&K(this.$el,t)}maintainFocus(t){t.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||N(this.$el)}}function H(){for(const t of document.querySelectorAll("[data-a11y-dialog]"))new j(t)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",H):H());var W="__authsignal-popup-container",M="__authsignal-popup-content",q="__authsignal-popup-overlay",F="__authsignal-popup-style",G="__authsignal-popup-iframe",J="385px",V=function(){function t(t){var e=t.width,n=t.isClosable;if(this.popup=null,document.querySelector("#".concat(W)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:e,isClosable:n})}return t.prototype.create=function(t){var e=this,n=t.width,o=void 0===n?J:n,i=t.isClosable,r=void 0===i||i,a=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),a=J);var s=document.createElement("div");s.setAttribute("id",W),s.setAttribute("aria-hidden","true"),r||s.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",q),r&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",M),document.body.appendChild(s);var l=document.createElement("style");l.setAttribute("id",F),l.textContent="\n #".concat(W,",\n #").concat(q," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(W," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(W,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(q," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(M," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(a,";\n }\n\n #").concat(M," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",l),s.appendChild(c),s.appendChild(u),this.popup=new j(s),s.focus(),this.popup.on("hide",(function(){e.destroy()}))},t.prototype.destroy=function(){var t=document.querySelector("#".concat(W)),e=document.querySelector("#".concat(F));t&&e&&(document.body.removeChild(t),document.head.removeChild(e)),window.removeEventListener("message",z)},t.prototype.show=function(t){var e,n=t.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",G),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(M));i&&i.appendChild(o),window.addEventListener("message",z),null===(e=this.popup)||void 0===e||e.show()},t.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},t.prototype.on=function(t,e){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(t,e)},t}();function z(t){var e=document.querySelector("#".concat(G));e&&t.data.height&&(e.style.height=t.data.height+"px")}var B=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){return u(this,arguments,void 0,(function(t){var e=t.token;return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:I({token:e,tenantId:this.tenantId})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.code;return l(this,(function(t){switch(t.label){case 0:return e={verificationCode:o},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:I({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t}(),Y=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new B({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.code;return l(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return(e=t.sent()).accessToken&&(this.cache.token=e.accessToken),[2,e]}}))}))},t}(),X=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.email;return l(this,(function(t){switch(t.label){case 0:return e={email:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:this.buildHeaders(n),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.challenge=function(t){return u(this,arguments,void 0,(function(t){var e=t.token;return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:this.buildHeaders(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.code;return l(this,(function(t){switch(t.label){case 0:return e={verificationCode:o},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:this.buildHeaders(n),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.buildHeaders=function(t){return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},t}(),Q=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new X({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(t){return u(this,arguments,void 0,(function(t){var e=t.email;return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token,email:e})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.code;return l(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return(e=t.sent()).accessToken&&(this.cache.token=e.accessToken),[2,e]}}))}))},t}(),Z=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.phoneNumber;return l(this,(function(t){switch(t.label){case 0:return e={phoneNumber:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:I({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.challenge=function(t){return u(this,arguments,void 0,(function(t){var e=t.token;return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:I({token:e,tenantId:this.tenantId})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.token,o=t.code;return l(this,(function(t){switch(t.label){case 0:return e={verificationCode:o},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:I({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t}(),tt=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new Z({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(t){return u(this,arguments,void 0,(function(t){var e=t.phoneNumber;return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token,phoneNumber:e})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){return u(this,arguments,void 0,(function(t){var e,n=t.code;return l(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return(e=t.sent()).accessToken&&(this.cache.token=e.accessToken),[2,e]}}))}))},t}(),et="4a08uqve",nt=function(){function e(t){var e=t.cookieDomain,n=t.cookieName,o=void 0===n?"__as_aid":n,i=t.baseUrl,r=void 0===i?"https://api.authsignal.com/v1":i,c=t.tenantId;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this.cookieDomain=e||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!c)throw new Error("tenantId is required");var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=a(),s({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new S({tenantId:c,baseUrl:r,anonymousId:this.anonymousId}),this.totp=new Y({tenantId:c,baseUrl:r}),this.email=new Q({tenantId:c,baseUrl:r}),this.sms=new tt({tenantId:c,baseUrl:r})}return e.prototype.setToken=function(t){R.shared.token=t},e.prototype.launch=function(t,e){switch(null==e?void 0:e.mode){case"window":return this.launchWithWindow(t,e);case"popup":return this.launchWithPopup(t,e);default:this.launchWithRedirect(t)}},e.prototype.initAdvancedProfiling=function(t){var e=a();this.profilingId=e,s({name:"__as_pid",value:e,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=t?"".concat(t,"/fp/tags.js?org_id=").concat(et,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(et,"&session_id=").concat(e),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var i=document.createElement("noscript");i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=t?"".concat(t,"/fp/tags?org_id=").concat(et,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags?org_id=".concat(et,"&session_id=").concat(e);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),i&&(i.appendChild(r),document.body.prepend(i))},e.prototype.launchWithRedirect=function(t){window.location.href=t},e.prototype.launchWithPopup=function(e,n){var o=n.popupOptions,i=new V({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),r="".concat(e,"&mode=popup");return i.show({url:r}),new Promise((function(e){var n=void 0;i.on("hide",(function(){e({token:n})})),window.addEventListener("message",(function(e){var o=null;try{o=JSON.parse(e.data)}catch(t){}(null==o?void 0:o.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(n=o.token,i.close())}),!1)}))},e.prototype.launchWithWindow=function(e,n){var o=n.windowOptions,i=new _,r="".concat(e,"&mode=popup");return i.show({url:r,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(e){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(t){}(null==o?void 0:o.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(i.close(),e({token:o.token}))}),!1)}))},e}();return t.Authsignal=nt,Object.defineProperty(t,"__esModule",{value:!0}),t}({});
package/dist/passkey.d.ts CHANGED
@@ -1,32 +1,34 @@
1
1
  import { PasskeyApiClient } from "./api";
2
- import { AuthenticatorAttachment } from "@simplewebauthn/types";
2
+ import { AuthenticationResponseJSON, RegistrationResponseJSON, AuthenticatorAttachment } from "@simplewebauthn/types";
3
3
  import { AuthsignalResponse } from "./api/types/shared";
4
- declare type PasskeyOptions = {
4
+ type PasskeyOptions = {
5
5
  baseUrl: string;
6
6
  tenantId: string;
7
7
  anonymousId: string;
8
8
  };
9
- declare type SignUpParams = {
9
+ type SignUpParams = {
10
10
  userName?: string;
11
11
  userDisplayName?: string;
12
12
  token?: string;
13
13
  authenticatorAttachment?: AuthenticatorAttachment | null;
14
14
  };
15
- declare type SignUpResponse = {
15
+ type SignUpResponse = {
16
16
  token?: string;
17
+ registrationResponse?: RegistrationResponseJSON;
17
18
  };
18
- declare type SignInParams = {
19
+ type SignInParams = {
19
20
  token?: string;
20
21
  autofill?: boolean;
21
22
  action?: string;
22
23
  onVerificationStarted?: () => unknown;
23
24
  };
24
- declare type SignInResponse = {
25
+ type SignInResponse = {
25
26
  token?: string;
26
27
  userId?: string;
27
28
  userAuthenticatorId?: string;
28
29
  userName?: string;
29
30
  userDisplayName?: string;
31
+ authenticationResponse?: AuthenticationResponseJSON;
30
32
  };
31
33
  export declare class Passkey {
32
34
  api: PasskeyApiClient;
package/dist/sms.d.ts CHANGED
@@ -1,12 +1,12 @@
1
1
  import { AuthsignalResponse, ChallengeResponse, EnrollResponse, VerifyResponse } from "./api/types/shared";
2
- declare type SmsOptions = {
2
+ type SmsOptions = {
3
3
  baseUrl: string;
4
4
  tenantId: string;
5
5
  };
6
- declare type EnrollParams = {
6
+ type EnrollParams = {
7
7
  phoneNumber: string;
8
8
  };
9
- declare type VerifyParams = {
9
+ type VerifyParams = {
10
10
  code: string;
11
11
  };
12
12
  export declare class Sms {
package/dist/totp.d.ts CHANGED
@@ -1,10 +1,10 @@
1
1
  import { AuthsignalResponse, VerifyResponse } from "./api/types/shared";
2
2
  import { EnrollResponse } from "./api/types/totp";
3
- declare type TotpOptions = {
3
+ type TotpOptions = {
4
4
  baseUrl: string;
5
5
  tenantId: string;
6
6
  };
7
- declare type VerifyParams = {
7
+ type VerifyParams = {
8
8
  code: string;
9
9
  };
10
10
  export declare class Totp {
package/dist/types.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- declare type BaseLaunchOptions = {
1
+ type BaseLaunchOptions = {
2
2
  /**
3
3
  * How the Authsignal Prebuilt MFA page should launch.
4
4
  * `popup` will cause it to open in a overlay, whilst `redirect`
@@ -7,10 +7,10 @@ declare type BaseLaunchOptions = {
7
7
  */
8
8
  mode?: "popup" | "redirect" | "window";
9
9
  };
10
- export declare type RedirectLaunchOptions = BaseLaunchOptions & {
10
+ export type RedirectLaunchOptions = BaseLaunchOptions & {
11
11
  mode: "redirect";
12
12
  };
13
- export declare type PopupLaunchOptions = BaseLaunchOptions & {
13
+ export type PopupLaunchOptions = BaseLaunchOptions & {
14
14
  mode: "popup";
15
15
  popupOptions?: {
16
16
  /** Any valid CSS value for the `width` property. */
@@ -25,15 +25,15 @@ export declare type PopupLaunchOptions = BaseLaunchOptions & {
25
25
  isClosable?: boolean;
26
26
  };
27
27
  };
28
- export declare type WindowLaunchOptions = BaseLaunchOptions & {
28
+ export type WindowLaunchOptions = BaseLaunchOptions & {
29
29
  mode: "window";
30
30
  windowOptions?: {
31
31
  width?: number;
32
32
  height?: number;
33
33
  };
34
34
  };
35
- export declare type LaunchOptions = RedirectLaunchOptions | PopupLaunchOptions | WindowLaunchOptions;
36
- export declare type AuthsignalOptions = {
35
+ export type LaunchOptions = RedirectLaunchOptions | PopupLaunchOptions | WindowLaunchOptions;
36
+ export type AuthsignalOptions = {
37
37
  /**
38
38
  * Cookie domain that will be used to identify
39
39
  * users. If not set, location.hostname will be used
@@ -56,11 +56,11 @@ export declare type AuthsignalOptions = {
56
56
  export declare enum AuthsignalWindowMessage {
57
57
  AUTHSIGNAL_CLOSE_POPUP = "AUTHSIGNAL_CLOSE_POPUP"
58
58
  }
59
- export declare type AuthsignalWindowMessageData = {
59
+ export type AuthsignalWindowMessageData = {
60
60
  event: AuthsignalWindowMessage;
61
61
  token: string;
62
62
  };
63
- export declare type TokenPayload = {
63
+ export type TokenPayload = {
64
64
  token?: string;
65
65
  };
66
66
  export {};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@authsignal/browser",
3
- "version": "0.5.10",
3
+ "version": "0.5.11",
4
4
  "type": "module",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.js",
@@ -28,8 +28,8 @@
28
28
  },
29
29
  "dependencies": {
30
30
  "@fingerprintjs/fingerprintjs": "^3.3.6",
31
- "@simplewebauthn/browser": "^9.0.1",
32
- "@simplewebauthn/types": "^9.0.1",
31
+ "@simplewebauthn/browser": "^10.0.0",
32
+ "@simplewebauthn/types": "^10.0.0",
33
33
  "a11y-dialog": "8.0.4",
34
34
  "uuid": "^9.0.0"
35
35
  },
@@ -37,7 +37,6 @@
37
37
  "@rollup/plugin-node-resolve": "^14.1.0",
38
38
  "@rollup/plugin-terser": "^0.4.3",
39
39
  "@rollup/plugin-typescript": "^8.5.0",
40
- "@simplewebauthn/typescript-types": "^8.0.0",
41
40
  "@types/iframe-resizer": "^3.5.9",
42
41
  "@types/uuid": "^8.3.4",
43
42
  "@typescript-eslint/eslint-plugin": "^5.39.0",
@@ -48,7 +47,7 @@
48
47
  "prettier": "^2.7.1",
49
48
  "rollup": "^2.79.1",
50
49
  "tslib": "^2.4.0",
51
- "typescript": "^4.8.4"
50
+ "typescript": "^5.6.2"
52
51
  },
53
52
  "files": [
54
53
  "dist"