@authsignal/browser 0.5.10 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/dist/api/helpers.d.ts +1 -1
  2. package/dist/api/passkey-api-client.d.ts +3 -1
  3. package/dist/api/types/passkey.d.ts +10 -9
  4. package/dist/api/types/shared.d.ts +7 -6
  5. package/dist/api/types/totp.d.ts +3 -2
  6. package/dist/email.d.ts +3 -3
  7. package/dist/handlers/popup-handler.d.ts +2 -2
  8. package/dist/handlers/window-handler.d.ts +1 -1
  9. package/dist/helpers.d.ts +1 -1
  10. package/dist/index.js +188 -159
  11. package/dist/index.min.js +1 -1
  12. package/dist/passkey.d.ts +11 -7
  13. package/dist/sms.d.ts +3 -3
  14. package/dist/totp.d.ts +2 -2
  15. package/dist/types.d.ts +8 -8
  16. package/package.json +4 -5
package/dist/api/helpers.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- declare type BuildHeadersParams = {
1
+ type BuildHeadersParams = {
2
2
  token?: string;
3
3
  tenantId: string;
4
4
  };
package/dist/api/passkey-api-client.d.ts CHANGED
@@ -16,6 +16,8 @@ export declare class PasskeyApiClient {
16
16
  verify({ token, challengeId, authenticationCredential, deviceId, }: {
17
17
  token?: string;
18
18
  } & VerifyRequest): Promise<AuthsignalResponse<VerifyResponse>>;
19
- getPasskeyAuthenticator(credentialId: string): Promise<AuthsignalResponse<PasskeyAuthenticatorResponse>>;
19
+ getPasskeyAuthenticator({ credentialIds, }: {
20
+ credentialIds: string[];
21
+ }): Promise<AuthsignalResponse<PasskeyAuthenticatorResponse>>;
20
22
  challenge(action: string): Promise<AuthsignalResponse<ChallengeResponse>>;
21
23
  }
package/dist/api/types/passkey.d.ts CHANGED
@@ -1,34 +1,35 @@
1
1
  import { AuthenticationResponseJSON, AuthenticatorAttachment, PublicKeyCredentialCreationOptionsJSON, RegistrationResponseJSON } from "@simplewebauthn/types";
2
- export declare type RegistrationOptsRequest = {
2
+ export type RegistrationOptsRequest = {
3
3
  username?: string;
4
4
  authenticatorAttachment?: AuthenticatorAttachment | null;
5
5
  };
6
- export declare type RegistrationOptsResponse = {
6
+ export type RegistrationOptsResponse = {
7
7
  challengeId: string;
8
8
  options: PublicKeyCredentialCreationOptionsJSON;
9
9
  };
10
- export declare type AuthenticationOptsRequest = {
10
+ export type AuthenticationOptsRequest = {
11
11
  challengeId?: string;
12
12
  };
13
- export declare type AuthenticationOptsResponse = {
13
+ export type AuthenticationOptsResponse = {
14
14
  challengeId: string;
15
15
  options: PublicKeyCredentialCreationOptionsJSON;
16
16
  };
17
- export declare type AddAuthenticatorRequest = {
17
+ export type AddAuthenticatorRequest = {
18
18
  challengeId: string;
19
19
  registrationCredential: RegistrationResponseJSON;
20
20
  };
21
- export declare type AddAuthenticatorResponse = {
21
+ export type AddAuthenticatorResponse = {
22
22
  isVerified: boolean;
23
23
  accessToken?: string;
24
24
  userAuthenticatorId?: string;
25
+ userId?: string;
25
26
  };
26
- export declare type VerifyRequest = {
27
+ export type VerifyRequest = {
27
28
  challengeId: string;
28
29
  authenticationCredential: AuthenticationResponseJSON;
29
30
  deviceId?: string;
30
31
  };
31
- export declare type VerifyResponse = {
32
+ export type VerifyResponse = {
32
33
  isVerified: boolean;
33
34
  accessToken?: string;
34
35
  userId?: string;
@@ -36,7 +37,7 @@ export declare type VerifyResponse = {
36
37
  username?: string;
37
38
  userDisplayName?: string;
38
39
  };
39
- export declare type PasskeyAuthenticatorResponse = {
40
+ export type PasskeyAuthenticatorResponse = {
40
41
  credentialId: string;
41
42
  verifiedAt: string;
42
43
  };
package/dist/api/types/shared.d.ts CHANGED
@@ -1,20 +1,21 @@
1
- export declare type ApiClientOptions = {
1
+ export type ApiClientOptions = {
2
2
  baseUrl: string;
3
3
  tenantId: string;
4
4
  };
5
- export declare type EnrollResponse = {
5
+ export type EnrollResponse = {
6
6
  userAuthenticatorId: string;
7
+ userId: string;
7
8
  };
8
- export declare type ChallengeResponse = {
9
+ export type ChallengeResponse = {
9
10
  challengeId: string;
10
11
  };
11
- export declare type VerifyResponse = {
12
+ export type VerifyResponse = {
12
13
  isVerified: boolean;
13
14
  accessToken?: string;
14
15
  failureReason?: string;
15
16
  };
16
- export declare type ErrorResponse = {
17
+ export type ErrorResponse = {
17
18
  error: string;
18
19
  errorDescription?: string;
19
20
  };
20
- export declare type AuthsignalResponse<T> = T | ErrorResponse;
21
+ export type AuthsignalResponse<T> = T | ErrorResponse;
package/dist/api/types/totp.d.ts CHANGED
@@ -1,5 +1,6 @@
1
- export declare type EnrollResponse = {
2
- userAuthenticatorID: string;
1
+ export type EnrollResponse = {
2
+ userAuthenticatorId: string;
3
+ userId: string;
3
4
  uri: string;
4
5
  secret: string;
5
6
  };
package/dist/email.d.ts CHANGED
@@ -1,12 +1,12 @@
1
1
  import { AuthsignalResponse, ChallengeResponse, EnrollResponse, VerifyResponse } from "./api/types/shared";
2
- declare type EmailOptions = {
2
+ type EmailOptions = {
3
3
  baseUrl: string;
4
4
  tenantId: string;
5
5
  };
6
- declare type EnrollParams = {
6
+ type EnrollParams = {
7
7
  email: string;
8
8
  };
9
- declare type VerifyParams = {
9
+ type VerifyParams = {
10
10
  code: string;
11
11
  };
12
12
  export declare class Email {
package/dist/handlers/popup-handler.d.ts CHANGED
@@ -1,8 +1,8 @@
1
1
  import { A11yDialogEvent } from "a11y-dialog";
2
- declare type PopupShowInput = {
2
+ type PopupShowInput = {
3
3
  url: string;
4
4
  };
5
- declare type PopupHandlerOptions = {
5
+ type PopupHandlerOptions = {
6
6
  width?: string;
7
7
  isClosable?: boolean;
8
8
  };
package/dist/handlers/window-handler.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- declare type WindowShowInput = {
1
+ type WindowShowInput = {
2
2
  url: string;
3
3
  width?: number;
4
4
  height?: number;
package/dist/helpers.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import { ErrorResponse } from "./api/types/shared";
2
- declare type CookieOptions = {
2
+ type CookieOptions = {
3
3
  name: string;
4
4
  value: string;
5
5
  expire: number;
package/dist/index.js CHANGED
@@ -109,6 +109,17 @@ OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
109
109
  PERFORMANCE OF THIS SOFTWARE.
110
110
  ***************************************************************************** */
111
111
 
112
+ var __assign = function() {
113
+ __assign = Object.assign || function __assign(t) {
114
+ for (var s, i = 1, n = arguments.length; i < n; i++) {
115
+ s = arguments[i];
116
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p];
117
+ }
118
+ return t;
119
+ };
120
+ return __assign.apply(this, arguments);
121
+ };
122
+
112
123
  function __awaiter(thisArg, _arguments, P, generator) {
113
124
  function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
114
125
  return new (P || (P = Promise))(function (resolve, reject) {
@@ -147,11 +158,7 @@ function __generator(thisArg, body) {
147
158
  }
148
159
  }
149
160
 
150
- /* [@simplewebauthn/browser@9.0.1] */
151
- function utf8StringToBuffer(value) {
152
- return new TextEncoder().encode(value);
153
- }
154
-
161
+ /* [@simplewebauthn/browser@10.0.0] */
155
162
  function bufferToBase64URLString(buffer) {
156
163
  const bytes = new Uint8Array(buffer);
157
164
  let str = '';
@@ -330,18 +337,18 @@ function toAuthenticatorAttachment(attachment) {
330
337
  return attachment;
331
338
  }
332
339
 
333
- async function startRegistration(creationOptionsJSON) {
340
+ async function startRegistration(optionsJSON) {
334
341
  if (!browserSupportsWebAuthn()) {
335
342
  throw new Error('WebAuthn is not supported in this browser');
336
343
  }
337
344
  const publicKey = {
338
- ...creationOptionsJSON,
339
- challenge: base64URLStringToBuffer(creationOptionsJSON.challenge),
345
+ ...optionsJSON,
346
+ challenge: base64URLStringToBuffer(optionsJSON.challenge),
340
347
  user: {
341
- ...creationOptionsJSON.user,
342
- id: utf8StringToBuffer(creationOptionsJSON.user.id),
348
+ ...optionsJSON.user,
349
+ id: base64URLStringToBuffer(optionsJSON.user.id),
343
350
  },
344
- excludeCredentials: creationOptionsJSON.excludeCredentials?.map(toPublicKeyCredentialDescriptor),
351
+ excludeCredentials: optionsJSON.excludeCredentials?.map(toPublicKeyCredentialDescriptor),
345
352
  };
346
353
  const options = { publicKey };
347
354
  options.signal = WebAuthnAbortService.createNewAbortSignal();
@@ -410,11 +417,10 @@ function warnOnBrokenImplementation(methodName, cause) {
410
417
  console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${methodName}. You should report this error to them.\n`, cause);
411
418
  }
412
419
 
413
- function bufferToUTF8String(value) {
414
- return new TextDecoder('utf-8').decode(value);
415
- }
416
-
417
420
  function browserSupportsWebAuthnAutofill() {
421
+ if (!browserSupportsWebAuthn()) {
422
+ return new Promise((resolve) => resolve(false));
423
+ }
418
424
  const globalPublicKeyCredential = window
419
425
  .PublicKeyCredential;
420
426
  if (globalPublicKeyCredential.isConditionalMediationAvailable === undefined) {
@@ -471,17 +477,17 @@ function identifyAuthenticationError({ error, options, }) {
471
477
  return error;
472
478
  }
473
479
 
474
- async function startAuthentication(requestOptionsJSON, useBrowserAutofill = false) {
480
+ async function startAuthentication(optionsJSON, useBrowserAutofill = false) {
475
481
  if (!browserSupportsWebAuthn()) {
476
482
  throw new Error('WebAuthn is not supported in this browser');
477
483
  }
478
484
  let allowCredentials;
479
- if (requestOptionsJSON.allowCredentials?.length !== 0) {
480
- allowCredentials = requestOptionsJSON.allowCredentials?.map(toPublicKeyCredentialDescriptor);
485
+ if (optionsJSON.allowCredentials?.length !== 0) {
486
+ allowCredentials = optionsJSON.allowCredentials?.map(toPublicKeyCredentialDescriptor);
481
487
  }
482
488
  const publicKey = {
483
- ...requestOptionsJSON,
484
- challenge: base64URLStringToBuffer(requestOptionsJSON.challenge),
489
+ ...optionsJSON,
490
+ challenge: base64URLStringToBuffer(optionsJSON.challenge),
485
491
  allowCredentials,
486
492
  };
487
493
  const options = {};
@@ -489,7 +495,7 @@ async function startAuthentication(requestOptionsJSON, useBrowserAutofill = fals
489
495
  if (!(await browserSupportsWebAuthnAutofill())) {
490
496
  throw Error('Browser does not support WebAuthn autofill');
491
497
  }
492
- const eligibleInputs = document.querySelectorAll('input[autocomplete$=\'webauthn\']');
498
+ const eligibleInputs = document.querySelectorAll("input[autocomplete$='webauthn']");
493
499
  if (eligibleInputs.length < 1) {
494
500
  throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
495
501
  }
@@ -511,7 +517,7 @@ async function startAuthentication(requestOptionsJSON, useBrowserAutofill = fals
511
517
  const { id, rawId, response, type } = credential;
512
518
  let userHandle = undefined;
513
519
  if (response.userHandle) {
514
- userHandle = bufferToUTF8String(response.userHandle);
520
+ userHandle = bufferToBase64URLString(response.userHandle);
515
521
  }
516
522
  return {
517
523
  id,
@@ -533,7 +539,7 @@ function buildHeaders(_a) {
533
539
  var authorizationHeader = token ? "Bearer ".concat(token) : "Basic ".concat(window.btoa(encodeURIComponent(tenantId)));
534
540
  return {
535
541
  "Content-Type": "application/json",
536
- Authorization: authorizationHeader
542
+ Authorization: authorizationHeader,
537
543
  };
538
544
  }
539
545
 
@@ -544,11 +550,11 @@ var PasskeyApiClient = /** @class */ (function () {
544
550
  this.baseUrl = baseUrl;
545
551
  }
546
552
  PasskeyApiClient.prototype.registrationOptions = function (_a) {
547
- var token = _a.token, username = _a.username, authenticatorAttachment = _a.authenticatorAttachment;
548
- return __awaiter(this, void 0, void 0, function () {
553
+ return __awaiter(this, arguments, void 0, function (_b) {
549
554
  var body, response;
550
- return __generator(this, function (_b) {
551
- switch (_b.label) {
555
+ var token = _b.token, username = _b.username, authenticatorAttachment = _b.authenticatorAttachment;
556
+ return __generator(this, function (_c) {
557
+ switch (_c.label) {
552
558
  case 0:
553
559
  body = Boolean(authenticatorAttachment)
554
560
  ? { username: username, authenticatorAttachment: authenticatorAttachment }
@@ -556,85 +562,86 @@ var PasskeyApiClient = /** @class */ (function () {
556
562
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/registration-options"), {
557
563
  method: "POST",
558
564
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
559
- body: JSON.stringify(body)
565
+ body: JSON.stringify(body),
560
566
  });
561
567
  return [4 /*yield*/, response];
562
- case 1: return [2 /*return*/, (_b.sent()).json()];
568
+ case 1: return [2 /*return*/, (_c.sent()).json()];
563
569
  }
564
570
  });
565
571
  });
566
572
  };
567
573
  PasskeyApiClient.prototype.authenticationOptions = function (_a) {
568
- var token = _a.token, challengeId = _a.challengeId;
569
- return __awaiter(this, void 0, void 0, function () {
574
+ return __awaiter(this, arguments, void 0, function (_b) {
570
575
  var body, response;
571
- return __generator(this, function (_b) {
572
- switch (_b.label) {
576
+ var token = _b.token, challengeId = _b.challengeId;
577
+ return __generator(this, function (_c) {
578
+ switch (_c.label) {
573
579
  case 0:
574
580
  body = { challengeId: challengeId };
575
581
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/authentication-options"), {
576
582
  method: "POST",
577
583
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
578
- body: JSON.stringify(body)
584
+ body: JSON.stringify(body),
579
585
  });
580
586
  return [4 /*yield*/, response];
581
- case 1: return [2 /*return*/, (_b.sent()).json()];
587
+ case 1: return [2 /*return*/, (_c.sent()).json()];
582
588
  }
583
589
  });
584
590
  });
585
591
  };
586
592
  PasskeyApiClient.prototype.addAuthenticator = function (_a) {
587
- var token = _a.token, challengeId = _a.challengeId, registrationCredential = _a.registrationCredential;
588
- return __awaiter(this, void 0, void 0, function () {
593
+ return __awaiter(this, arguments, void 0, function (_b) {
589
594
  var body, response;
590
- return __generator(this, function (_b) {
591
- switch (_b.label) {
595
+ var token = _b.token, challengeId = _b.challengeId, registrationCredential = _b.registrationCredential;
596
+ return __generator(this, function (_c) {
597
+ switch (_c.label) {
592
598
  case 0:
593
599
  body = {
594
600
  challengeId: challengeId,
595
- registrationCredential: registrationCredential
601
+ registrationCredential: registrationCredential,
596
602
  };
597
603
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey"), {
598
604
  method: "POST",
599
605
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
600
- body: JSON.stringify(body)
606
+ body: JSON.stringify(body),
601
607
  });
602
608
  return [4 /*yield*/, response];
603
- case 1: return [2 /*return*/, (_b.sent()).json()];
609
+ case 1: return [2 /*return*/, (_c.sent()).json()];
604
610
  }
605
611
  });
606
612
  });
607
613
  };
608
614
  PasskeyApiClient.prototype.verify = function (_a) {
609
- var token = _a.token, challengeId = _a.challengeId, authenticationCredential = _a.authenticationCredential, deviceId = _a.deviceId;
610
- return __awaiter(this, void 0, void 0, function () {
615
+ return __awaiter(this, arguments, void 0, function (_b) {
611
616
  var body, response;
612
- return __generator(this, function (_b) {
613
- switch (_b.label) {
617
+ var token = _b.token, challengeId = _b.challengeId, authenticationCredential = _b.authenticationCredential, deviceId = _b.deviceId;
618
+ return __generator(this, function (_c) {
619
+ switch (_c.label) {
614
620
  case 0:
615
621
  body = { challengeId: challengeId, authenticationCredential: authenticationCredential, deviceId: deviceId };
616
622
  response = fetch("".concat(this.baseUrl, "/client/verify/passkey"), {
617
623
  method: "POST",
618
624
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
619
- body: JSON.stringify(body)
625
+ body: JSON.stringify(body),
620
626
  });
621
627
  return [4 /*yield*/, response];
622
- case 1: return [2 /*return*/, (_b.sent()).json()];
628
+ case 1: return [2 /*return*/, (_c.sent()).json()];
623
629
  }
624
630
  });
625
631
  });
626
632
  };
627
- PasskeyApiClient.prototype.getPasskeyAuthenticator = function (credentialId) {
628
- return __awaiter(this, void 0, void 0, function () {
633
+ PasskeyApiClient.prototype.getPasskeyAuthenticator = function (_a) {
634
+ return __awaiter(this, arguments, void 0, function (_b) {
629
635
  var response;
630
- return __generator(this, function (_a) {
631
- switch (_a.label) {
632
- case 0: return [4 /*yield*/, fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey?credentialId=").concat(credentialId), {
636
+ var credentialIds = _b.credentialIds;
637
+ return __generator(this, function (_c) {
638
+ switch (_c.label) {
639
+ case 0: return [4 /*yield*/, fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey?credentialIds=").concat(credentialIds), {
633
640
  method: "GET",
634
- headers: buildHeaders({ tenantId: this.tenantId })
641
+ headers: buildHeaders({ tenantId: this.tenantId }),
635
642
  })];
636
643
  case 1:
637
- response = _a.sent();
644
+ response = _c.sent();
638
645
  if (!response.ok) {
639
646
  throw new Error(response.statusText);
640
647
  }
@@ -652,7 +659,7 @@ var PasskeyApiClient = /** @class */ (function () {
652
659
  response = fetch("".concat(this.baseUrl, "/client/challenge"), {
653
660
  method: "POST",
654
661
  headers: buildHeaders({ tenantId: this.tenantId }),
655
- body: JSON.stringify({ action: action })
662
+ body: JSON.stringify({ action: action }),
656
663
  });
657
664
  return [4 /*yield*/, response];
658
665
  case 1: return [2 /*return*/, (_a.sent()).json()];
@@ -673,7 +680,7 @@ var TokenCache = /** @class */ (function () {
673
680
  console.error("Error: ".concat(error));
674
681
  return {
675
682
  error: errorCode,
676
- errorDescription: error
683
+ errorDescription: error,
677
684
  };
678
685
  };
679
686
  TokenCache.shared = new TokenCache();
@@ -683,17 +690,17 @@ var TokenCache = /** @class */ (function () {
683
690
  var Passkey = /** @class */ (function () {
684
691
  function Passkey(_a) {
685
692
  var baseUrl = _a.baseUrl, tenantId = _a.tenantId, anonymousId = _a.anonymousId;
686
- this.passkeyLocalStorageKey = "as_passkey_credential_id";
693
+ this.passkeyLocalStorageKey = "as_user_passkey_map";
687
694
  this.cache = TokenCache.shared;
688
695
  this.api = new PasskeyApiClient({ baseUrl: baseUrl, tenantId: tenantId });
689
696
  this.anonymousId = anonymousId;
690
697
  }
691
698
  Passkey.prototype.signUp = function (_a) {
692
- var userName = _a.userName, userDisplayName = _a.userDisplayName, token = _a.token, _b = _a.authenticatorAttachment, authenticatorAttachment = _b === void 0 ? "platform" : _b;
693
- return __awaiter(this, void 0, void 0, function () {
699
+ return __awaiter(this, arguments, void 0, function (_b) {
694
700
  var userToken, optionsInput, optionsResponse, registrationResponse, addAuthenticatorResponse;
695
- return __generator(this, function (_c) {
696
- switch (_c.label) {
701
+ var userName = _b.userName, userDisplayName = _b.userDisplayName, token = _b.token, _c = _b.authenticatorAttachment, authenticatorAttachment = _c === void 0 ? "platform" : _c;
702
+ return __generator(this, function (_d) {
703
+ switch (_d.label) {
697
704
  case 0:
698
705
  userToken = token !== null && token !== void 0 ? token : this.cache.token;
699
706
  if (!userToken) {
@@ -703,37 +710,38 @@ var Passkey = /** @class */ (function () {
703
710
  username: userName,
704
711
  displayName: userDisplayName,
705
712
  token: userToken,
706
- authenticatorAttachment: authenticatorAttachment
713
+ authenticatorAttachment: authenticatorAttachment,
707
714
  };
708
715
  return [4 /*yield*/, this.api.registrationOptions(optionsInput)];
709
716
  case 1:
710
- optionsResponse = _c.sent();
717
+ optionsResponse = _d.sent();
711
718
  if ("error" in optionsResponse) {
712
719
  logErrorResponse(optionsResponse);
713
720
  return [2 /*return*/, optionsResponse];
714
721
  }
715
722
  return [4 /*yield*/, startRegistration(optionsResponse.options)];
716
723
  case 2:
717
- registrationResponse = _c.sent();
724
+ registrationResponse = _d.sent();
718
725
  return [4 /*yield*/, this.api.addAuthenticator({
719
726
  challengeId: optionsResponse.challengeId,
720
727
  registrationCredential: registrationResponse,
721
- token: userToken
728
+ token: userToken,
722
729
  })];
723
730
  case 3:
724
- addAuthenticatorResponse = _c.sent();
731
+ addAuthenticatorResponse = _d.sent();
725
732
  if ("error" in addAuthenticatorResponse) {
726
733
  logErrorResponse(addAuthenticatorResponse);
727
734
  return [2 /*return*/, addAuthenticatorResponse];
728
735
  }
729
736
  if (addAuthenticatorResponse.isVerified) {
730
- this.storeCredentialAgainstDevice(registrationResponse);
737
+ this.storeCredentialAgainstDevice(__assign(__assign({}, registrationResponse), { userId: addAuthenticatorResponse.userId }));
731
738
  }
732
739
  if (addAuthenticatorResponse.accessToken) {
733
740
  this.cache.token = addAuthenticatorResponse.accessToken;
734
741
  }
735
742
  return [2 /*return*/, {
736
- token: addAuthenticatorResponse.accessToken
743
+ token: addAuthenticatorResponse.accessToken,
744
+ registrationResponse: registrationResponse,
737
745
  }];
738
746
  }
739
747
  });
@@ -767,7 +775,7 @@ var Passkey = /** @class */ (function () {
767
775
  }
768
776
  return [4 /*yield*/, this.api.authenticationOptions({
769
777
  token: params === null || params === void 0 ? void 0 : params.token,
770
- challengeId: challengeResponse === null || challengeResponse === void 0 ? void 0 : challengeResponse.challengeId
778
+ challengeId: challengeResponse === null || challengeResponse === void 0 ? void 0 : challengeResponse.challengeId,
771
779
  })];
772
780
  case 4:
773
781
  optionsResponse = _b.sent();
@@ -785,7 +793,7 @@ var Passkey = /** @class */ (function () {
785
793
  challengeId: optionsResponse.challengeId,
786
794
  authenticationCredential: authenticationResponse,
787
795
  token: params === null || params === void 0 ? void 0 : params.token,
788
- deviceId: this.anonymousId
796
+ deviceId: this.anonymousId,
789
797
  })];
790
798
  case 6:
791
799
  verifyResponse = _b.sent();
@@ -794,7 +802,7 @@ var Passkey = /** @class */ (function () {
794
802
  return [2 /*return*/, verifyResponse];
795
803
  }
796
804
  if (verifyResponse.isVerified) {
797
- this.storeCredentialAgainstDevice(authenticationResponse);
805
+ this.storeCredentialAgainstDevice(__assign(__assign({}, authenticationResponse), { userId: verifyResponse.userId }));
798
806
  }
799
807
  if (verifyResponse.accessToken) {
800
808
  this.cache.token = verifyResponse.accessToken;
@@ -805,31 +813,42 @@ var Passkey = /** @class */ (function () {
805
813
  userId: userId,
806
814
  userAuthenticatorId: userAuthenticatorId,
807
815
  userName: userName,
808
- userDisplayName: userDisplayName
816
+ userDisplayName: userDisplayName,
817
+ authenticationResponse: authenticationResponse,
809
818
  }];
810
819
  }
811
820
  });
812
821
  });
813
822
  };
814
- Passkey.prototype.isAvailableOnDevice = function () {
815
- return __awaiter(this, void 0, void 0, function () {
816
- var credentialId;
817
- return __generator(this, function (_b) {
818
- switch (_b.label) {
823
+ Passkey.prototype.isAvailableOnDevice = function (_a) {
824
+ return __awaiter(this, arguments, void 0, function (_b) {
825
+ var storedCredentials, credentialsMap, credentialIds;
826
+ var _d;
827
+ var userId = _b.userId;
828
+ return __generator(this, function (_e) {
829
+ switch (_e.label) {
819
830
  case 0:
820
- credentialId = localStorage.getItem(this.passkeyLocalStorageKey);
821
- if (!credentialId) {
831
+ if (!userId) {
832
+ throw new Error("userId is required");
833
+ }
834
+ storedCredentials = localStorage.getItem(this.passkeyLocalStorageKey);
835
+ if (!storedCredentials) {
836
+ return [2 /*return*/, false];
837
+ }
838
+ credentialsMap = JSON.parse(storedCredentials);
839
+ credentialIds = (_d = credentialsMap[userId]) !== null && _d !== void 0 ? _d : [];
840
+ if (credentialIds.length === 0) {
822
841
  return [2 /*return*/, false];
823
842
  }
824
- _b.label = 1;
843
+ _e.label = 1;
825
844
  case 1:
826
- _b.trys.push([1, 3, , 4]);
827
- return [4 /*yield*/, this.api.getPasskeyAuthenticator(credentialId)];
845
+ _e.trys.push([1, 3, , 4]);
846
+ return [4 /*yield*/, this.api.getPasskeyAuthenticator({ credentialIds: credentialIds })];
828
847
  case 2:
829
- _b.sent();
848
+ _e.sent();
830
849
  return [2 /*return*/, true];
831
850
  case 3:
832
- _b.sent();
851
+ _e.sent();
833
852
  return [2 /*return*/, false];
834
853
  case 4: return [2 /*return*/];
835
854
  }
@@ -837,11 +856,21 @@ var Passkey = /** @class */ (function () {
837
856
  });
838
857
  };
839
858
  Passkey.prototype.storeCredentialAgainstDevice = function (_a) {
840
- var id = _a.id, authenticatorAttachment = _a.authenticatorAttachment;
859
+ var id = _a.id, authenticatorAttachment = _a.authenticatorAttachment, _b = _a.userId, userId = _b === void 0 ? "" : _b;
841
860
  if (authenticatorAttachment === "cross-platform") {
842
861
  return;
843
862
  }
844
- localStorage.setItem(this.passkeyLocalStorageKey, id);
863
+ var storedCredentials = localStorage.getItem(this.passkeyLocalStorageKey);
864
+ var credentialsMap = storedCredentials ? JSON.parse(storedCredentials) : {};
865
+ if (credentialsMap[userId]) {
866
+ if (!credentialsMap[userId].includes(id)) {
867
+ credentialsMap[userId].push(id);
868
+ }
869
+ }
870
+ else {
871
+ credentialsMap[userId] = [id];
872
+ }
873
+ localStorage.setItem(this.passkeyLocalStorageKey, JSON.stringify(credentialsMap));
845
874
  };
846
875
  return Passkey;
847
876
  }());
@@ -1415,37 +1444,37 @@ var TotpApiClient = /** @class */ (function () {
1415
1444
  this.baseUrl = baseUrl;
1416
1445
  }
1417
1446
  TotpApiClient.prototype.enroll = function (_a) {
1418
- var token = _a.token;
1419
- return __awaiter(this, void 0, void 0, function () {
1447
+ return __awaiter(this, arguments, void 0, function (_b) {
1420
1448
  var response;
1421
- return __generator(this, function (_b) {
1422
- switch (_b.label) {
1449
+ var token = _b.token;
1450
+ return __generator(this, function (_c) {
1451
+ switch (_c.label) {
1423
1452
  case 0:
1424
1453
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/totp"), {
1425
1454
  method: "POST",
1426
- headers: buildHeaders({ token: token, tenantId: this.tenantId })
1455
+ headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1427
1456
  });
1428
1457
  return [4 /*yield*/, response];
1429
- case 1: return [2 /*return*/, (_b.sent()).json()];
1458
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1430
1459
  }
1431
1460
  });
1432
1461
  });
1433
1462
  };
1434
1463
  TotpApiClient.prototype.verify = function (_a) {
1435
- var token = _a.token, code = _a.code;
1436
- return __awaiter(this, void 0, void 0, function () {
1464
+ return __awaiter(this, arguments, void 0, function (_b) {
1437
1465
  var body, response;
1438
- return __generator(this, function (_b) {
1439
- switch (_b.label) {
1466
+ var token = _b.token, code = _b.code;
1467
+ return __generator(this, function (_c) {
1468
+ switch (_c.label) {
1440
1469
  case 0:
1441
1470
  body = { verificationCode: code };
1442
1471
  response = fetch("".concat(this.baseUrl, "/client/verify/totp"), {
1443
1472
  method: "POST",
1444
1473
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1445
- body: JSON.stringify(body)
1474
+ body: JSON.stringify(body),
1446
1475
  });
1447
1476
  return [4 /*yield*/, response];
1448
- case 1: return [2 /*return*/, (_b.sent()).json()];
1477
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1449
1478
  }
1450
1479
  });
1451
1480
  });
@@ -1470,18 +1499,18 @@ var Totp = /** @class */ (function () {
1470
1499
  });
1471
1500
  };
1472
1501
  Totp.prototype.verify = function (_a) {
1473
- var code = _a.code;
1474
- return __awaiter(this, void 0, void 0, function () {
1502
+ return __awaiter(this, arguments, void 0, function (_b) {
1475
1503
  var verifyResponse;
1476
- return __generator(this, function (_b) {
1477
- switch (_b.label) {
1504
+ var code = _b.code;
1505
+ return __generator(this, function (_c) {
1506
+ switch (_c.label) {
1478
1507
  case 0:
1479
1508
  if (!this.cache.token) {
1480
1509
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1481
1510
  }
1482
1511
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1483
1512
  case 1:
1484
- verifyResponse = _b.sent();
1513
+ verifyResponse = _c.sent();
1485
1514
  if (verifyResponse.accessToken) {
1486
1515
  this.cache.token = verifyResponse.accessToken;
1487
1516
  }
@@ -1500,56 +1529,56 @@ var EmailApiClient = /** @class */ (function () {
1500
1529
  this.baseUrl = baseUrl;
1501
1530
  }
1502
1531
  EmailApiClient.prototype.enroll = function (_a) {
1503
- var token = _a.token, email = _a.email;
1504
- return __awaiter(this, void 0, void 0, function () {
1532
+ return __awaiter(this, arguments, void 0, function (_b) {
1505
1533
  var body, response;
1506
- return __generator(this, function (_b) {
1507
- switch (_b.label) {
1534
+ var token = _b.token, email = _b.email;
1535
+ return __generator(this, function (_c) {
1536
+ switch (_c.label) {
1508
1537
  case 0:
1509
1538
  body = { email: email };
1510
1539
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/email-otp"), {
1511
1540
  method: "POST",
1512
1541
  headers: this.buildHeaders(token),
1513
- body: JSON.stringify(body)
1542
+ body: JSON.stringify(body),
1514
1543
  });
1515
1544
  return [4 /*yield*/, response];
1516
- case 1: return [2 /*return*/, (_b.sent()).json()];
1545
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1517
1546
  }
1518
1547
  });
1519
1548
  });
1520
1549
  };
1521
1550
  EmailApiClient.prototype.challenge = function (_a) {
1522
- var token = _a.token;
1523
- return __awaiter(this, void 0, void 0, function () {
1551
+ return __awaiter(this, arguments, void 0, function (_b) {
1524
1552
  var response;
1525
- return __generator(this, function (_b) {
1526
- switch (_b.label) {
1553
+ var token = _b.token;
1554
+ return __generator(this, function (_c) {
1555
+ switch (_c.label) {
1527
1556
  case 0:
1528
1557
  response = fetch("".concat(this.baseUrl, "/client/challenge/email-otp"), {
1529
1558
  method: "POST",
1530
- headers: this.buildHeaders(token)
1559
+ headers: this.buildHeaders(token),
1531
1560
  });
1532
1561
  return [4 /*yield*/, response];
1533
- case 1: return [2 /*return*/, (_b.sent()).json()];
1562
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1534
1563
  }
1535
1564
  });
1536
1565
  });
1537
1566
  };
1538
1567
  EmailApiClient.prototype.verify = function (_a) {
1539
- var token = _a.token, code = _a.code;
1540
- return __awaiter(this, void 0, void 0, function () {
1568
+ return __awaiter(this, arguments, void 0, function (_b) {
1541
1569
  var body, response;
1542
- return __generator(this, function (_b) {
1543
- switch (_b.label) {
1570
+ var token = _b.token, code = _b.code;
1571
+ return __generator(this, function (_c) {
1572
+ switch (_c.label) {
1544
1573
  case 0:
1545
1574
  body = { verificationCode: code };
1546
1575
  response = fetch("".concat(this.baseUrl, "/client/verify/email-otp"), {
1547
1576
  method: "POST",
1548
1577
  headers: this.buildHeaders(token),
1549
- body: JSON.stringify(body)
1578
+ body: JSON.stringify(body),
1550
1579
  });
1551
1580
  return [4 /*yield*/, response];
1552
- case 1: return [2 /*return*/, (_b.sent()).json()];
1581
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1553
1582
  }
1554
1583
  });
1555
1584
  });
@@ -1558,7 +1587,7 @@ var EmailApiClient = /** @class */ (function () {
1558
1587
  var authorizationHeader = token ? "Bearer ".concat(token) : "Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)));
1559
1588
  return {
1560
1589
  "Content-Type": "application/json",
1561
- Authorization: authorizationHeader
1590
+ Authorization: authorizationHeader,
1562
1591
  };
1563
1592
  };
1564
1593
  return EmailApiClient;
@@ -1571,9 +1600,9 @@ var Email = /** @class */ (function () {
1571
1600
  this.api = new EmailApiClient({ baseUrl: baseUrl, tenantId: tenantId });
1572
1601
  }
1573
1602
  Email.prototype.enroll = function (_a) {
1574
- var email = _a.email;
1575
- return __awaiter(this, void 0, void 0, function () {
1576
- return __generator(this, function (_b) {
1603
+ return __awaiter(this, arguments, void 0, function (_b) {
1604
+ var email = _b.email;
1605
+ return __generator(this, function (_c) {
1577
1606
  if (!this.cache.token) {
1578
1607
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1579
1608
  }
@@ -1592,18 +1621,18 @@ var Email = /** @class */ (function () {
1592
1621
  });
1593
1622
  };
1594
1623
  Email.prototype.verify = function (_a) {
1595
- var code = _a.code;
1596
- return __awaiter(this, void 0, void 0, function () {
1624
+ return __awaiter(this, arguments, void 0, function (_b) {
1597
1625
  var verifyResponse;
1598
- return __generator(this, function (_b) {
1599
- switch (_b.label) {
1626
+ var code = _b.code;
1627
+ return __generator(this, function (_c) {
1628
+ switch (_c.label) {
1600
1629
  case 0:
1601
1630
  if (!this.cache.token) {
1602
1631
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1603
1632
  }
1604
1633
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1605
1634
  case 1:
1606
- verifyResponse = _b.sent();
1635
+ verifyResponse = _c.sent();
1607
1636
  if (verifyResponse.accessToken) {
1608
1637
  this.cache.token = verifyResponse.accessToken;
1609
1638
  }
@@ -1622,56 +1651,56 @@ var SmsApiClient = /** @class */ (function () {
1622
1651
  this.baseUrl = baseUrl;
1623
1652
  }
1624
1653
  SmsApiClient.prototype.enroll = function (_a) {
1625
- var token = _a.token, phoneNumber = _a.phoneNumber;
1626
- return __awaiter(this, void 0, void 0, function () {
1654
+ return __awaiter(this, arguments, void 0, function (_b) {
1627
1655
  var body, response;
1628
- return __generator(this, function (_b) {
1629
- switch (_b.label) {
1656
+ var token = _b.token, phoneNumber = _b.phoneNumber;
1657
+ return __generator(this, function (_c) {
1658
+ switch (_c.label) {
1630
1659
  case 0:
1631
1660
  body = { phoneNumber: phoneNumber };
1632
1661
  response = fetch("".concat(this.baseUrl, "/client/user-authenticators/sms"), {
1633
1662
  method: "POST",
1634
1663
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1635
- body: JSON.stringify(body)
1664
+ body: JSON.stringify(body),
1636
1665
  });
1637
1666
  return [4 /*yield*/, response];
1638
- case 1: return [2 /*return*/, (_b.sent()).json()];
1667
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1639
1668
  }
1640
1669
  });
1641
1670
  });
1642
1671
  };
1643
1672
  SmsApiClient.prototype.challenge = function (_a) {
1644
- var token = _a.token;
1645
- return __awaiter(this, void 0, void 0, function () {
1673
+ return __awaiter(this, arguments, void 0, function (_b) {
1646
1674
  var response;
1647
- return __generator(this, function (_b) {
1648
- switch (_b.label) {
1675
+ var token = _b.token;
1676
+ return __generator(this, function (_c) {
1677
+ switch (_c.label) {
1649
1678
  case 0:
1650
1679
  response = fetch("".concat(this.baseUrl, "/client/challenge/sms"), {
1651
1680
  method: "POST",
1652
- headers: buildHeaders({ token: token, tenantId: this.tenantId })
1681
+ headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1653
1682
  });
1654
1683
  return [4 /*yield*/, response];
1655
- case 1: return [2 /*return*/, (_b.sent()).json()];
1684
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1656
1685
  }
1657
1686
  });
1658
1687
  });
1659
1688
  };
1660
1689
  SmsApiClient.prototype.verify = function (_a) {
1661
- var token = _a.token, code = _a.code;
1662
- return __awaiter(this, void 0, void 0, function () {
1690
+ return __awaiter(this, arguments, void 0, function (_b) {
1663
1691
  var body, response;
1664
- return __generator(this, function (_b) {
1665
- switch (_b.label) {
1692
+ var token = _b.token, code = _b.code;
1693
+ return __generator(this, function (_c) {
1694
+ switch (_c.label) {
1666
1695
  case 0:
1667
1696
  body = { verificationCode: code };
1668
1697
  response = fetch("".concat(this.baseUrl, "/client/verify/sms"), {
1669
1698
  method: "POST",
1670
1699
  headers: buildHeaders({ token: token, tenantId: this.tenantId }),
1671
- body: JSON.stringify(body)
1700
+ body: JSON.stringify(body),
1672
1701
  });
1673
1702
  return [4 /*yield*/, response];
1674
- case 1: return [2 /*return*/, (_b.sent()).json()];
1703
+ case 1: return [2 /*return*/, (_c.sent()).json()];
1675
1704
  }
1676
1705
  });
1677
1706
  });
@@ -1686,9 +1715,9 @@ var Sms = /** @class */ (function () {
1686
1715
  this.api = new SmsApiClient({ baseUrl: baseUrl, tenantId: tenantId });
1687
1716
  }
1688
1717
  Sms.prototype.enroll = function (_a) {
1689
- var phoneNumber = _a.phoneNumber;
1690
- return __awaiter(this, void 0, void 0, function () {
1691
- return __generator(this, function (_b) {
1718
+ return __awaiter(this, arguments, void 0, function (_b) {
1719
+ var phoneNumber = _b.phoneNumber;
1720
+ return __generator(this, function (_c) {
1692
1721
  if (!this.cache.token) {
1693
1722
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1694
1723
  }
@@ -1707,18 +1736,18 @@ var Sms = /** @class */ (function () {
1707
1736
  });
1708
1737
  };
1709
1738
  Sms.prototype.verify = function (_a) {
1710
- var code = _a.code;
1711
- return __awaiter(this, void 0, void 0, function () {
1739
+ return __awaiter(this, arguments, void 0, function (_b) {
1712
1740
  var verifyResponse;
1713
- return __generator(this, function (_b) {
1714
- switch (_b.label) {
1741
+ var code = _b.code;
1742
+ return __generator(this, function (_c) {
1743
+ switch (_c.label) {
1715
1744
  case 0:
1716
1745
  if (!this.cache.token) {
1717
1746
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
1718
1747
  }
1719
1748
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1720
1749
  case 1:
1721
- verifyResponse = _b.sent();
1750
+ verifyResponse = _c.sent();
1722
1751
  if (verifyResponse.accessToken) {
1723
1752
  this.cache.token = verifyResponse.accessToken;
1724
1753
  }
@@ -1757,7 +1786,7 @@ var Authsignal = /** @class */ (function () {
1757
1786
  value: this.anonymousId,
1758
1787
  expire: Infinity,
1759
1788
  domain: this.cookieDomain,
1760
- secure: document.location.protocol !== "http:"
1789
+ secure: document.location.protocol !== "http:",
1761
1790
  });
1762
1791
  }
1763
1792
  this.passkey = new Passkey({ tenantId: tenantId, baseUrl: baseUrl, anonymousId: this.anonymousId });
@@ -1787,7 +1816,7 @@ var Authsignal = /** @class */ (function () {
1787
1816
  value: profilingId,
1788
1817
  expire: Infinity,
1789
1818
  domain: this.cookieDomain,
1790
- secure: document.location.protocol !== "http:"
1819
+ secure: document.location.protocol !== "http:",
1791
1820
  });
1792
1821
  var tmxProfilingScruiptUrl = baseUrl
1793
1822
  ? "".concat(baseUrl, "/fp/tags.js?org_id=").concat(TMX_ORG_ID, "&session_id=").concat(profilingId)
package/dist/index.min.js CHANGED
@@ -1 +1 @@
1
- var authsignal=function(t){"use strict";let e;const n=new Uint8Array(16);function o(){if(!e&&(e="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!e))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return e(n)}const i=[];for(let t=0;t<256;++t)i.push((t+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function a(t,e,n){if(r.randomUUID&&!e&&!t)return r.randomUUID();const a=(t=t||{}).random||(t.rng||o)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,e){n=n||0;for(let t=0;t<16;++t)e[n+t]=a[t];return e}return function(t,e=0){return(i[t[e+0]]+i[t[e+1]]+i[t[e+2]]+i[t[e+3]]+"-"+i[t[e+4]]+i[t[e+5]]+"-"+i[t[e+6]]+i[t[e+7]]+"-"+i[t[e+8]]+i[t[e+9]]+"-"+i[t[e+10]]+i[t[e+11]]+i[t[e+12]]+i[t[e+13]]+i[t[e+14]]+i[t[e+15]]).toLowerCase()}(a)}function s(t){var e=t.name,n=t.value,o=t.expire,i=t.domain,r=t.secure,a=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(e)+"="+n+"; path=/;"+a+(i?"; domain="+i:"")+(r?"; secure":"")}function c(t){var e;console.error(null!==(e=t.errorDescription)&&void 0!==e?e:t.error)}function u(t,e,n,o){return new(n||(n=Promise))((function(i,r){function a(t){try{c(o.next(t))}catch(t){r(t)}}function s(t){try{c(o.throw(t))}catch(t){r(t)}}function c(t){var e;t.done?i(t.value):(e=t.value,e instanceof n?e:new n((function(t){t(e)}))).then(a,s)}c((o=o.apply(t,e||[])).next())}))}function l(t,e){var n,o,i,r,a={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return r={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function s(r){return function(s){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;a;)try{if(n=1,o&&(i=2&r[0]?o.return:r[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,r[1])).done)return i;switch(o=0,i&&(r=[2&r[0],i.value]),r[0]){case 0:case 1:i=r;break;case 4:return a.label++,{value:r[1],done:!1};case 5:a.label++,o=r[1],r=[0];continue;case 7:r=a.ops.pop(),a.trys.pop();continue;default:if(!(i=a.trys,(i=i.length>0&&i[i.length-1])||6!==r[0]&&2!==r[0])){a=0;continue}if(3===r[0]&&(!i||r[1]>i[0]&&r[1]<i[3])){a.label=r[1];break}if(6===r[0]&&a.label<i[1]){a.label=i[1],i=r;break}if(i&&a.label<i[2]){a.label=i[2],a.ops.push(r);break}i[2]&&a.ops.pop(),a.trys.pop();continue}r=e.call(t,a)}catch(t){r=[6,t],o=0}finally{n=i=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,s])}}}function h(t){const e=new Uint8Array(t);let n="";for(const t of e)n+=String.fromCharCode(t);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function d(t){const e=t.replace(/-/g,"+").replace(/_/g,"/"),n=(4-e.length%4)%4,o=e.padEnd(e.length+n,"="),i=atob(o),r=new ArrayBuffer(i.length),a=new Uint8Array(r);for(let t=0;t<i.length;t++)a[t]=i.charCodeAt(t);return r}function p(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function f(t){const{id:e}=t;return{...t,id:d(e),transports:t.transports}}function m(t){return"localhost"===t||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(t)}t.AuthsignalWindowMessage=void 0,(t.AuthsignalWindowMessage||(t.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class v extends Error{constructor({message:t,code:e,cause:n,name:o}){super(t,{cause:n}),this.name=o??n.name,this.code=e}}const y=new class{createNewAbortSignal(){if(this.controller){const t=new Error("Cancelling existing WebAuthn API call for new one");t.name="AbortError",this.controller.abort(t)}const t=new AbortController;return this.controller=t,t.signal}cancelCeremony(){if(this.controller){const t=new Error("Manually cancelling existing WebAuthn API call");t.name="AbortError",this.controller.abort(t),this.controller=void 0}}},w=["cross-platform","platform"];function g(t){if(t&&!(w.indexOf(t)<0))return t}async function b(t){if(!p())throw new Error("WebAuthn is not supported in this browser");var e;const n={publicKey:{...t,challenge:d(t.challenge),user:{...t.user,id:(e=t.user.id,(new TextEncoder).encode(e))},excludeCredentials:t.excludeCredentials?.map(f)}};let o;n.signal=y.createNewAbortSignal();try{o=await navigator.credentials.create(n)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new v({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else if("ConstraintError"===t.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new v({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:t});if("required"===n.authenticatorSelection?.userVerification)return new v({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:t})}else{if("InvalidStateError"===t.name)return new v({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:t});if("NotAllowedError"===t.name)return new v({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("NotSupportedError"===t.name)return 0===n.pubKeyCredParams.filter((t=>"public-key"===t.type)).length?new v({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:t}):new v({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!m(e))return new v({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rp.id!==e)return new v({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("TypeError"===t.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new v({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:t})}else if("UnknownError"===t.name)return new v({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:n})}if(!o)throw new Error("Registration was not completed");const{id:i,rawId:r,response:a,type:s}=o;let c,u,l,w;if("function"==typeof a.getTransports&&(c=a.getTransports()),"function"==typeof a.getPublicKeyAlgorithm)try{u=a.getPublicKeyAlgorithm()}catch(t){E("getPublicKeyAlgorithm()",t)}if("function"==typeof a.getPublicKey)try{const t=a.getPublicKey();null!==t&&(l=h(t))}catch(t){E("getPublicKey()",t)}if("function"==typeof a.getAuthenticatorData)try{w=h(a.getAuthenticatorData())}catch(t){E("getAuthenticatorData()",t)}return{id:i,rawId:h(r),response:{attestationObject:h(a.attestationObject),clientDataJSON:h(a.clientDataJSON),transports:c,publicKeyAlgorithm:u,publicKey:l,authenticatorData:w},type:s,clientExtensionResults:o.getClientExtensionResults(),authenticatorAttachment:g(o.authenticatorAttachment)}}function E(t,e){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${t}. You should report this error to them.\n`,e)}async function k(t,e=!1){if(!p())throw new Error("WebAuthn is not supported in this browser");let n;0!==t.allowCredentials?.length&&(n=t.allowCredentials?.map(f));const o={...t,challenge:d(t.challenge),allowCredentials:n},i={};if(e){if(!await function(){const t=window.PublicKeyCredential;return void 0===t.isConditionalMediationAvailable?new Promise((t=>t(!1))):t.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');i.mediation="conditional",o.allowCredentials=[]}let r;i.publicKey=o,i.signal=y.createNewAbortSignal();try{r=await navigator.credentials.get(i)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new v({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else{if("NotAllowedError"===t.name)return new v({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!m(e))return new v({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rpId!==e)return new v({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("UnknownError"===t.name)return new v({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:i})}if(!r)throw new Error("Authentication was not completed");const{id:a,rawId:s,response:c,type:u}=r;let l;var w;return c.userHandle&&(w=c.userHandle,l=new TextDecoder("utf-8").decode(w)),{id:a,rawId:h(s),response:{authenticatorData:h(c.authenticatorData),clientDataJSON:h(c.clientDataJSON),signature:h(c.signature),userHandle:l},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:g(r.authenticatorAttachment)}}function I(t){var e=t.token,n=t.tenantId;return{"Content-Type":"application/json",Authorization:e?"Bearer ".concat(e):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}var A=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.registrationOptions=function(t){var e=t.token,n=t.username,o=t.authenticatorAttachment;return u(this,void 0,void 0,(function(){var t;return l(this,(function(i){switch(i.label){case 0:return t=Boolean(o)?{username:n,authenticatorAttachment:o}:{username:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,i.sent().json()]}}))}))},t.prototype.authenticationOptions=function(t){var e=t.token,n=t.challengeId;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={challengeId:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t.prototype.addAuthenticator=function(t){var e=t.token,n=t.challengeId,o=t.registrationCredential;return u(this,void 0,void 0,(function(){var t;return l(this,(function(i){switch(i.label){case 0:return t={challengeId:n,registrationCredential:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,i.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=t.challengeId,o=t.authenticationCredential,i=t.deviceId;return u(this,void 0,void 0,(function(){var t;return l(this,(function(r){switch(r.label){case 0:return t={challengeId:n,authenticationCredential:o,deviceId:i},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,r.sent().json()]}}))}))},t.prototype.getPasskeyAuthenticator=function(t){return u(this,void 0,void 0,(function(){var e;return l(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialId=").concat(t),{method:"GET",headers:I({tenantId:this.tenantId})})];case 1:if(!(e=n.sent()).ok)throw new Error(e.statusText);return[2,e.json()]}}))}))},t.prototype.challenge=function(t){return u(this,void 0,void 0,(function(){return l(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:I({tenantId:this.tenantId}),body:JSON.stringify({action:t})})];case 1:return[2,e.sent().json()]}}))}))},t}(),R=function(){function t(){this.token=null}return t.prototype.handleTokenNotSetError=function(){var t="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(t)),{error:"TOKEN_NOT_SET",errorDescription:t}},t.shared=new t,t}(),S=function(){function t(t){var e=t.baseUrl,n=t.tenantId,o=t.anonymousId;this.passkeyLocalStorageKey="as_passkey_credential_id",this.cache=R.shared,this.api=new A({baseUrl:e,tenantId:n}),this.anonymousId=o}return t.prototype.signUp=function(t){var e=t.userName,n=t.userDisplayName,o=t.token,i=t.authenticatorAttachment,r=void 0===i?"platform":i;return u(this,void 0,void 0,(function(){var t,i,a,s,u;return l(this,(function(l){switch(l.label){case 0:return(t=null!=o?o:this.cache.token)?(i={username:e,displayName:n,token:t,authenticatorAttachment:r},[4,this.api.registrationOptions(i)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(a=l.sent())?(c(a),[2,a]):[4,b(a.options)];case 2:return s=l.sent(),[4,this.api.addAuthenticator({challengeId:a.challengeId,registrationCredential:s,token:t})];case 3:return"error"in(u=l.sent())?(c(u),[2,u]):(u.isVerified&&this.storeCredentialAgainstDevice(s),u.accessToken&&(this.cache.token=u.accessToken),[2,{token:u.accessToken}])}}))}))},t.prototype.signIn=function(t){return u(this,void 0,void 0,(function(){var e,n,o,i,r,a,s,u,h,d;return l(this,(function(l){switch(l.label){case 0:if((null==t?void 0:t.token)&&t.autofill)throw new Error("autofill is not supported when providing a token");if((null==t?void 0:t.action)&&t.token)throw new Error("action is not supported when providing a token");return(null==t?void 0:t.action)?[4,this.api.challenge(t.action)]:[3,2];case 1:return n=l.sent(),[3,3];case 2:n=null,l.label=3;case 3:return(e=n)&&"error"in e?(c(e),[2,e]):[4,this.api.authenticationOptions({token:null==t?void 0:t.token,challengeId:null==e?void 0:e.challengeId})];case 4:return"error"in(o=l.sent())?(c(o),[2,o]):[4,k(o.options,null==t?void 0:t.autofill)];case 5:return i=l.sent(),(null==t?void 0:t.onVerificationStarted)&&t.onVerificationStarted(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:i,token:null==t?void 0:t.token,deviceId:this.anonymousId})];case 6:return"error"in(r=l.sent())?(c(r),[2,r]):(r.isVerified&&this.storeCredentialAgainstDevice(i),r.accessToken&&(this.cache.token=r.accessToken),a=r.accessToken,s=r.userId,u=r.userAuthenticatorId,h=r.username,d=r.userDisplayName,[2,{token:a,userId:s,userAuthenticatorId:u,userName:h,userDisplayName:d}])}}))}))},t.prototype.isAvailableOnDevice=function(){return u(this,void 0,void 0,(function(){var t;return l(this,(function(e){switch(e.label){case 0:if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator(t)];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},t.prototype.storeCredentialAgainstDevice=function(t){var e=t.id;"cross-platform"!==t.authenticatorAttachment&&localStorage.setItem(this.passkeyLocalStorageKey,e)},t}(),_=function(){function t(){this.windowRef=null}return t.prototype.show=function(t){var e=t.url,n=t.width,o=void 0===n?400:n,i=t.height,r=function(t){var e=t.url,n=t.width,o=t.height,i=t.win;if(!i.top)return null;var r=i.top.outerHeight/2+i.top.screenY-o/2,a=i.top.outerWidth/2+i.top.screenX-n/2;return window.open(e,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(r,", left=").concat(a))}({url:e,width:o,height:void 0===i?500:i,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},t.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},t}();const T=":not([inert]):not([inert] *)",O=':not([tabindex^="-"])',C=":not(:disabled)";var U=[`a[href]${T}${O}`,`area[href]${T}${O}`,`input:not([type="hidden"]):not([type="radio"])${T}${O}${C}`,`input[type="radio"]${T}${O}${C}`,`select${T}${O}${C}`,`textarea${T}${O}${C}`,`button${T}${O}${C}`,`details${T} > summary:first-of-type${O}`,`iframe${T}${O}`,`audio[controls]${T}${O}`,`video[controls]${T}${O}`,`[contenteditable]${T}${O}`,`[tabindex]${T}${O}`];function N(t){(t.querySelector("[autofocus]")||t).focus()}function P(t,e){if(e&&x(t))return t;if(!((n=t).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(t.shadowRoot){let n=$(t.shadowRoot,e);for(;n;){const t=P(n,e);if(t)return t;n=D(n,e)}}else if("slot"===t.localName){const n=t.assignedElements({flatten:!0});e||n.reverse();for(const t of n){const n=P(t,e);if(n)return n}}else{let n=$(t,e);for(;n;){const t=P(n,e);if(t)return t;n=D(n,e)}}var n;return!e&&x(t)?t:null}function $(t,e){return e?t.firstElementChild:t.lastElementChild}function D(t,e){return e?t.nextElementSibling:t.previousElementSibling}const x=t=>!t.shadowRoot?.delegatesFocus&&(t.matches(U.join(","))&&!(t=>!(!t.matches("details:not([open]) *")||t.matches("details>summary:first-of-type"))||!(t.offsetWidth||t.offsetHeight||t.getClientRects().length))(t));function L(t=document){const e=t.activeElement;return e?e.shadowRoot?L(e.shadowRoot)||document.activeElement:e:null}function K(t,e){const[n,o]=function(t){const e=P(t,!0);return[e,e?P(t,!1)||e:null]}(t);if(!n)return e.preventDefault();const i=L();e.shiftKey&&i===n?(o.focus(),e.preventDefault()):e.shiftKey||i!==o||(n.focus(),e.preventDefault())}class j{$el;id;previouslyFocused;shown;constructor(t){this.$el=t,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(t){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=L(),"BODY"===this.previouslyFocused?.tagName&&t?.target&&(this.previouslyFocused=t.target),"focus"===t?.type?this.maintainFocus(t):N(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",t)),this}hide(t){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",t),this):this}on(t,e,n){return this.$el.addEventListener(t,e,n),this}off(t,e,n){return this.$el.removeEventListener(t,e,n),this}fire(t,e){this.$el.dispatchEvent(new CustomEvent(t,{detail:e,cancelable:!0}))}handleTriggerClicks(t){const e=t.target;e.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(t),(e.closest(`[data-a11y-dialog-hide="${this.id}"]`)||e.closest("[data-a11y-dialog-hide]")&&e.closest('[aria-modal="true"]')===this.$el)&&this.hide(t)}bindKeypress(t){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let e=!1;try{e=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==t.key||"alertdialog"===this.$el.getAttribute("role")||e||(t.preventDefault(),this.hide(t)),"Tab"===t.key&&K(this.$el,t)}maintainFocus(t){t.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||N(this.$el)}}function H(){for(const t of document.querySelectorAll("[data-a11y-dialog]"))new j(t)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",H):H());var W="__authsignal-popup-container",M="__authsignal-popup-content",q="__authsignal-popup-overlay",F="__authsignal-popup-style",G="__authsignal-popup-iframe",J="385px",V=function(){function t(t){var e=t.width,n=t.isClosable;if(this.popup=null,document.querySelector("#".concat(W)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:e,isClosable:n})}return t.prototype.create=function(t){var e=this,n=t.width,o=void 0===n?J:n,i=t.isClosable,r=void 0===i||i,a=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),a=J);var s=document.createElement("div");s.setAttribute("id",W),s.setAttribute("aria-hidden","true"),r||s.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",q),r&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",M),document.body.appendChild(s);var l=document.createElement("style");l.setAttribute("id",F),l.textContent="\n #".concat(W,",\n #").concat(q," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(W," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(W,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(q," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(M," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(a,";\n }\n\n #").concat(M," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",l),s.appendChild(c),s.appendChild(u),this.popup=new j(s),s.focus(),this.popup.on("hide",(function(){e.destroy()}))},t.prototype.destroy=function(){var t=document.querySelector("#".concat(W)),e=document.querySelector("#".concat(F));t&&e&&(document.body.removeChild(t),document.head.removeChild(e)),window.removeEventListener("message",z)},t.prototype.show=function(t){var e,n=t.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",G),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(M));i&&i.appendChild(o),window.addEventListener("message",z),null===(e=this.popup)||void 0===e||e.show()},t.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},t.prototype.on=function(t,e){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(t,e)},t}();function z(t){var e=document.querySelector("#".concat(G));e&&t.data.height&&(e.style.height=t.data.height+"px")}var B=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){var e=t.token;return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:I({token:e,tenantId:this.tenantId})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={verificationCode:n},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t}(),Y=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new B({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){var e=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(n){switch(n.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:e})]:[2,this.cache.handleTokenNotSetError()];case 1:return(t=n.sent()).accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},t}(),X=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){var e=t.token,n=t.email;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={email:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t.prototype.challenge=function(t){var e=t.token;return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:this.buildHeaders(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={verificationCode:n},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t.prototype.buildHeaders=function(t){return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},t}(),Q=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new X({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(t){var e=t.email;return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token,email:e})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){var e=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(n){switch(n.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:e})]:[2,this.cache.handleTokenNotSetError()];case 1:return(t=n.sent()).accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},t}(),Z=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){var e=t.token,n=t.phoneNumber;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={phoneNumber:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t.prototype.challenge=function(t){var e=t.token;return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:I({token:e,tenantId:this.tenantId})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(o){switch(o.label){case 0:return t={verificationCode:n},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:I({token:e,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[2,o.sent().json()]}}))}))},t}(),tt=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=R.shared,this.api=new Z({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(t){var e=t.phoneNumber;return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token,phoneNumber:e})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.challenge=function(){return u(this,void 0,void 0,(function(){return l(this,(function(t){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){var e=t.code;return u(this,void 0,void 0,(function(){var t;return l(this,(function(n){switch(n.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:e})]:[2,this.cache.handleTokenNotSetError()];case 1:return(t=n.sent()).accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},t}(),et="4a08uqve",nt=function(){function e(t){var e=t.cookieDomain,n=t.cookieName,o=void 0===n?"__as_aid":n,i=t.baseUrl,r=void 0===i?"https://api.authsignal.com/v1":i,c=t.tenantId;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this.cookieDomain=e||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!c)throw new Error("tenantId is required");var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=a(),s({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new S({tenantId:c,baseUrl:r,anonymousId:this.anonymousId}),this.totp=new Y({tenantId:c,baseUrl:r}),this.email=new Q({tenantId:c,baseUrl:r}),this.sms=new tt({tenantId:c,baseUrl:r})}return e.prototype.setToken=function(t){R.shared.token=t},e.prototype.launch=function(t,e){switch(null==e?void 0:e.mode){case"window":return this.launchWithWindow(t,e);case"popup":return this.launchWithPopup(t,e);default:this.launchWithRedirect(t)}},e.prototype.initAdvancedProfiling=function(t){var e=a();this.profilingId=e,s({name:"__as_pid",value:e,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=t?"".concat(t,"/fp/tags.js?org_id=").concat(et,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(et,"&session_id=").concat(e),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var i=document.createElement("noscript");i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=t?"".concat(t,"/fp/tags?org_id=").concat(et,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags?org_id=".concat(et,"&session_id=").concat(e);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),i&&(i.appendChild(r),document.body.prepend(i))},e.prototype.launchWithRedirect=function(t){window.location.href=t},e.prototype.launchWithPopup=function(e,n){var o=n.popupOptions,i=new V({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),r="".concat(e,"&mode=popup");return i.show({url:r}),new Promise((function(e){var n=void 0;i.on("hide",(function(){e({token:n})})),window.addEventListener("message",(function(e){var o=null;try{o=JSON.parse(e.data)}catch(t){}(null==o?void 0:o.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(n=o.token,i.close())}),!1)}))},e.prototype.launchWithWindow=function(e,n){var o=n.windowOptions,i=new _,r="".concat(e,"&mode=popup");return i.show({url:r,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(e){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(t){}(null==o?void 0:o.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(i.close(),e({token:o.token}))}),!1)}))},e}();return t.Authsignal=nt,Object.defineProperty(t,"__esModule",{value:!0}),t}({});
1
+ var authsignal=function(t){"use strict";let e;const n=new Uint8Array(16);function o(){if(!e&&(e="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!e))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return e(n)}const i=[];for(let t=0;t<256;++t)i.push((t+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function a(t,e,n){if(r.randomUUID&&!e&&!t)return r.randomUUID();const a=(t=t||{}).random||(t.rng||o)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,e){n=n||0;for(let t=0;t<16;++t)e[n+t]=a[t];return e}return function(t,e=0){return(i[t[e+0]]+i[t[e+1]]+i[t[e+2]]+i[t[e+3]]+"-"+i[t[e+4]]+i[t[e+5]]+"-"+i[t[e+6]]+i[t[e+7]]+"-"+i[t[e+8]]+i[t[e+9]]+"-"+i[t[e+10]]+i[t[e+11]]+i[t[e+12]]+i[t[e+13]]+i[t[e+14]]+i[t[e+15]]).toLowerCase()}(a)}function s(t){var e=t.name,n=t.value,o=t.expire,i=t.domain,r=t.secure,a=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(e)+"="+n+"; path=/;"+a+(i?"; domain="+i:"")+(r?"; secure":"")}function c(t){var e;console.error(null!==(e=t.errorDescription)&&void 0!==e?e:t.error)}t.AuthsignalWindowMessage=void 0,(t.AuthsignalWindowMessage||(t.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";var u=function(){return u=Object.assign||function(t){for(var e,n=1,o=arguments.length;n<o;n++)for(var i in e=arguments[n])Object.prototype.hasOwnProperty.call(e,i)&&(t[i]=e[i]);return t},u.apply(this,arguments)};function l(t,e,n,o){return new(n||(n=Promise))((function(i,r){function a(t){try{c(o.next(t))}catch(t){r(t)}}function s(t){try{c(o.throw(t))}catch(t){r(t)}}function c(t){var e;t.done?i(t.value):(e=t.value,e instanceof n?e:new n((function(t){t(e)}))).then(a,s)}c((o=o.apply(t,e||[])).next())}))}function h(t,e){var n,o,i,r,a={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return r={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function s(r){return function(s){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;a;)try{if(n=1,o&&(i=2&r[0]?o.return:r[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,r[1])).done)return i;switch(o=0,i&&(r=[2&r[0],i.value]),r[0]){case 0:case 1:i=r;break;case 4:return a.label++,{value:r[1],done:!1};case 5:a.label++,o=r[1],r=[0];continue;case 7:r=a.ops.pop(),a.trys.pop();continue;default:if(!(i=a.trys,(i=i.length>0&&i[i.length-1])||6!==r[0]&&2!==r[0])){a=0;continue}if(3===r[0]&&(!i||r[1]>i[0]&&r[1]<i[3])){a.label=r[1];break}if(6===r[0]&&a.label<i[1]){a.label=i[1],i=r;break}if(i&&a.label<i[2]){a.label=i[2],a.ops.push(r);break}i[2]&&a.ops.pop(),a.trys.pop();continue}r=e.call(t,a)}catch(t){r=[6,t],o=0}finally{n=i=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,s])}}}function d(t){const e=new Uint8Array(t);let n="";for(const t of e)n+=String.fromCharCode(t);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function p(t){const e=t.replace(/-/g,"+").replace(/_/g,"/"),n=(4-e.length%4)%4,o=e.padEnd(e.length+n,"="),i=atob(o),r=new ArrayBuffer(i.length),a=new Uint8Array(r);for(let t=0;t<i.length;t++)a[t]=i.charCodeAt(t);return r}function f(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function m(t){const{id:e}=t;return{...t,id:p(e),transports:t.transports}}function y(t){return"localhost"===t||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(t)}class w extends Error{constructor({message:t,code:e,cause:n,name:o}){super(t,{cause:n}),this.name=o??n.name,this.code=e}}const g=new class{createNewAbortSignal(){if(this.controller){const t=new Error("Cancelling existing WebAuthn API call for new one");t.name="AbortError",this.controller.abort(t)}const t=new AbortController;return this.controller=t,t.signal}cancelCeremony(){if(this.controller){const t=new Error("Manually cancelling existing WebAuthn API call");t.name="AbortError",this.controller.abort(t),this.controller=void 0}}},v=["cross-platform","platform"];function b(t){if(t&&!(v.indexOf(t)<0))return t}async function E(t){if(!f())throw new Error("WebAuthn is not supported in this browser");const e={publicKey:{...t,challenge:p(t.challenge),user:{...t.user,id:p(t.user.id)},excludeCredentials:t.excludeCredentials?.map(m)}};let n;e.signal=g.createNewAbortSignal();try{n=await navigator.credentials.create(e)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new w({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else if("ConstraintError"===t.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new w({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:t});if("required"===n.authenticatorSelection?.userVerification)return new w({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:t})}else{if("InvalidStateError"===t.name)return new w({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:t});if("NotAllowedError"===t.name)return new w({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("NotSupportedError"===t.name)return 0===n.pubKeyCredParams.filter((t=>"public-key"===t.type)).length?new w({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:t}):new w({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!y(e))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rp.id!==e)return new w({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("TypeError"===t.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new w({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:t})}else if("UnknownError"===t.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:e})}if(!n)throw new Error("Registration was not completed");const{id:o,rawId:i,response:r,type:a}=n;let s,c,u,l;if("function"==typeof r.getTransports&&(s=r.getTransports()),"function"==typeof r.getPublicKeyAlgorithm)try{c=r.getPublicKeyAlgorithm()}catch(t){I("getPublicKeyAlgorithm()",t)}if("function"==typeof r.getPublicKey)try{const t=r.getPublicKey();null!==t&&(u=d(t))}catch(t){I("getPublicKey()",t)}if("function"==typeof r.getAuthenticatorData)try{l=d(r.getAuthenticatorData())}catch(t){I("getAuthenticatorData()",t)}return{id:o,rawId:d(i),response:{attestationObject:d(r.attestationObject),clientDataJSON:d(r.clientDataJSON),transports:s,publicKeyAlgorithm:c,publicKey:u,authenticatorData:l},type:a,clientExtensionResults:n.getClientExtensionResults(),authenticatorAttachment:b(n.authenticatorAttachment)}}function I(t,e){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${t}. You should report this error to them.\n`,e)}async function k(t,e=!1){if(!f())throw new Error("WebAuthn is not supported in this browser");let n;0!==t.allowCredentials?.length&&(n=t.allowCredentials?.map(m));const o={...t,challenge:p(t.challenge),allowCredentials:n},i={};if(e){if(!await function(){if(!f())return new Promise((t=>t(!1)));const t=window.PublicKeyCredential;return void 0===t.isConditionalMediationAvailable?new Promise((t=>t(!1))):t.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');i.mediation="conditional",o.allowCredentials=[]}let r;i.publicKey=o,i.signal=g.createNewAbortSignal();try{r=await navigator.credentials.get(i)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new w({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else{if("NotAllowedError"===t.name)return new w({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!y(e))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rpId!==e)return new w({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("UnknownError"===t.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:i})}if(!r)throw new Error("Authentication was not completed");const{id:a,rawId:s,response:c,type:u}=r;let l;return c.userHandle&&(l=d(c.userHandle)),{id:a,rawId:d(s),response:{authenticatorData:d(c.authenticatorData),clientDataJSON:d(c.clientDataJSON),signature:d(c.signature),userHandle:l},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:b(r.authenticatorAttachment)}}function A(t){var e=t.token,n=t.tenantId;return{"Content-Type":"application/json",Authorization:e?"Bearer ".concat(e):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}var R=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.registrationOptions=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.username,i=t.authenticatorAttachment;return h(this,(function(t){switch(t.label){case 0:return e=Boolean(i)?{username:o,authenticatorAttachment:i}:{username:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.authenticationOptions=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.challengeId;return h(this,(function(t){switch(t.label){case 0:return e={challengeId:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.addAuthenticator=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.challengeId,i=t.registrationCredential;return h(this,(function(t){switch(t.label){case 0:return e={challengeId:o,registrationCredential:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.challengeId,i=t.authenticationCredential,r=t.deviceId;return h(this,(function(t){switch(t.label){case 0:return e={challengeId:o,authenticationCredential:i,deviceId:r},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.getPasskeyAuthenticator=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.credentialIds;return h(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialIds=").concat(n),{method:"GET",headers:A({tenantId:this.tenantId})})];case 1:if(!(e=t.sent()).ok)throw new Error(e.statusText);return[2,e.json()]}}))}))},t.prototype.challenge=function(t){return l(this,void 0,void 0,(function(){return h(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:A({tenantId:this.tenantId}),body:JSON.stringify({action:t})})];case 1:return[2,e.sent().json()]}}))}))},t}(),S=function(){function t(){this.token=null}return t.prototype.handleTokenNotSetError=function(){var t="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(t)),{error:"TOKEN_NOT_SET",errorDescription:t}},t.shared=new t,t}(),O=function(){function t(t){var e=t.baseUrl,n=t.tenantId,o=t.anonymousId;this.passkeyLocalStorageKey="as_user_passkey_map",this.cache=S.shared,this.api=new R({baseUrl:e,tenantId:n}),this.anonymousId=o}return t.prototype.signUp=function(t){return l(this,arguments,void 0,(function(t){var e,n,o,i,r,a=t.userName,s=t.userDisplayName,l=t.token,d=t.authenticatorAttachment,p=void 0===d?"platform":d;return h(this,(function(t){switch(t.label){case 0:return(e=null!=l?l:this.cache.token)?(n={username:a,displayName:s,token:e,authenticatorAttachment:p},[4,this.api.registrationOptions(n)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(o=t.sent())?(c(o),[2,o]):[4,E(o.options)];case 2:return i=t.sent(),[4,this.api.addAuthenticator({challengeId:o.challengeId,registrationCredential:i,token:e})];case 3:return"error"in(r=t.sent())?(c(r),[2,r]):(r.isVerified&&this.storeCredentialAgainstDevice(u(u({},i),{userId:r.userId})),r.accessToken&&(this.cache.token=r.accessToken),[2,{token:r.accessToken,registrationResponse:i}])}}))}))},t.prototype.signIn=function(t){return l(this,void 0,void 0,(function(){var e,n,o,i,r,a,s,l,d,p;return h(this,(function(h){switch(h.label){case 0:if((null==t?void 0:t.token)&&t.autofill)throw new Error("autofill is not supported when providing a token");if((null==t?void 0:t.action)&&t.token)throw new Error("action is not supported when providing a token");return(null==t?void 0:t.action)?[4,this.api.challenge(t.action)]:[3,2];case 1:return n=h.sent(),[3,3];case 2:n=null,h.label=3;case 3:return(e=n)&&"error"in e?(c(e),[2,e]):[4,this.api.authenticationOptions({token:null==t?void 0:t.token,challengeId:null==e?void 0:e.challengeId})];case 4:return"error"in(o=h.sent())?(c(o),[2,o]):[4,k(o.options,null==t?void 0:t.autofill)];case 5:return i=h.sent(),(null==t?void 0:t.onVerificationStarted)&&t.onVerificationStarted(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:i,token:null==t?void 0:t.token,deviceId:this.anonymousId})];case 6:return"error"in(r=h.sent())?(c(r),[2,r]):(r.isVerified&&this.storeCredentialAgainstDevice(u(u({},i),{userId:r.userId})),r.accessToken&&(this.cache.token=r.accessToken),a=r.accessToken,s=r.userId,l=r.userAuthenticatorId,d=r.username,p=r.userDisplayName,[2,{token:a,userId:s,userAuthenticatorId:l,userName:d,userDisplayName:p,authenticationResponse:i}])}}))}))},t.prototype.isAvailableOnDevice=function(t){return l(this,arguments,void 0,(function(t){var e,n,o,i,r=t.userId;return h(this,(function(t){switch(t.label){case 0:if(!r)throw new Error("userId is required");if(!(e=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];if(n=JSON.parse(e),0===(o=null!==(i=n[r])&&void 0!==i?i:[]).length)return[2,!1];t.label=1;case 1:return t.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator({credentialIds:o})];case 2:return t.sent(),[2,!0];case 3:return t.sent(),[2,!1];case 4:return[2]}}))}))},t.prototype.storeCredentialAgainstDevice=function(t){var e=t.id,n=t.authenticatorAttachment,o=t.userId,i=void 0===o?"":o;if("cross-platform"!==n){var r=localStorage.getItem(this.passkeyLocalStorageKey),a=r?JSON.parse(r):{};a[i]?a[i].includes(e)||a[i].push(e):a[i]=[e],localStorage.setItem(this.passkeyLocalStorageKey,JSON.stringify(a))}},t}(),_=function(){function t(){this.windowRef=null}return t.prototype.show=function(t){var e=t.url,n=t.width,o=void 0===n?400:n,i=t.height,r=function(t){var e=t.url,n=t.width,o=t.height,i=t.win;if(!i.top)return null;var r=i.top.outerHeight/2+i.top.screenY-o/2,a=i.top.outerWidth/2+i.top.screenX-n/2;return window.open(e,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(r,", left=").concat(a))}({url:e,width:o,height:void 0===i?500:i,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},t.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},t}();const T=":not([inert]):not([inert] *)",C=':not([tabindex^="-"])',N=":not(:disabled)";var U=[`a[href]${T}${C}`,`area[href]${T}${C}`,`input:not([type="hidden"]):not([type="radio"])${T}${C}${N}`,`input[type="radio"]${T}${C}${N}`,`select${T}${C}${N}`,`textarea${T}${C}${N}`,`button${T}${C}${N}`,`details${T} > summary:first-of-type${C}`,`iframe${T}${C}`,`audio[controls]${T}${C}`,`video[controls]${T}${C}`,`[contenteditable]${T}${C}`,`[tabindex]${T}${C}`];function P(t){(t.querySelector("[autofocus]")||t).focus()}function $(t,e){if(e&&L(t))return t;if(!((n=t).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(t.shadowRoot){let n=D(t.shadowRoot,e);for(;n;){const t=$(n,e);if(t)return t;n=x(n,e)}}else if("slot"===t.localName){const n=t.assignedElements({flatten:!0});e||n.reverse();for(const t of n){const n=$(t,e);if(n)return n}}else{let n=D(t,e);for(;n;){const t=$(n,e);if(t)return t;n=x(n,e)}}var n;return!e&&L(t)?t:null}function D(t,e){return e?t.firstElementChild:t.lastElementChild}function x(t,e){return e?t.nextElementSibling:t.previousElementSibling}const L=t=>!t.shadowRoot?.delegatesFocus&&(t.matches(U.join(","))&&!(t=>!(!t.matches("details:not([open]) *")||t.matches("details>summary:first-of-type"))||!(t.offsetWidth||t.offsetHeight||t.getClientRects().length))(t));function K(t=document){const e=t.activeElement;return e?e.shadowRoot?K(e.shadowRoot)||document.activeElement:e:null}function j(t,e){const[n,o]=function(t){const e=$(t,!0);return[e,e?$(t,!1)||e:null]}(t);if(!n)return e.preventDefault();const i=K();e.shiftKey&&i===n?(o.focus(),e.preventDefault()):e.shiftKey||i!==o||(n.focus(),e.preventDefault())}class H{$el;id;previouslyFocused;shown;constructor(t){this.$el=t,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(t){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=K(),"BODY"===this.previouslyFocused?.tagName&&t?.target&&(this.previouslyFocused=t.target),"focus"===t?.type?this.maintainFocus(t):P(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",t)),this}hide(t){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",t),this):this}on(t,e,n){return this.$el.addEventListener(t,e,n),this}off(t,e,n){return this.$el.removeEventListener(t,e,n),this}fire(t,e){this.$el.dispatchEvent(new CustomEvent(t,{detail:e,cancelable:!0}))}handleTriggerClicks(t){const e=t.target;e.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(t),(e.closest(`[data-a11y-dialog-hide="${this.id}"]`)||e.closest("[data-a11y-dialog-hide]")&&e.closest('[aria-modal="true"]')===this.$el)&&this.hide(t)}bindKeypress(t){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let e=!1;try{e=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==t.key||"alertdialog"===this.$el.getAttribute("role")||e||(t.preventDefault(),this.hide(t)),"Tab"===t.key&&j(this.$el,t)}maintainFocus(t){t.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||P(this.$el)}}function W(){for(const t of document.querySelectorAll("[data-a11y-dialog]"))new H(t)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",W):W());var M="__authsignal-popup-container",J="__authsignal-popup-content",q="__authsignal-popup-overlay",F="__authsignal-popup-style",G="__authsignal-popup-iframe",V="385px",z=function(){function t(t){var e=t.width,n=t.isClosable;if(this.popup=null,document.querySelector("#".concat(M)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:e,isClosable:n})}return t.prototype.create=function(t){var e=this,n=t.width,o=void 0===n?V:n,i=t.isClosable,r=void 0===i||i,a=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),a=V);var s=document.createElement("div");s.setAttribute("id",M),s.setAttribute("aria-hidden","true"),r||s.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",q),r&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",J),document.body.appendChild(s);var l=document.createElement("style");l.setAttribute("id",F),l.textContent="\n #".concat(M,",\n #").concat(q," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(M," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(M,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(q," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(J," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(a,";\n }\n\n #").concat(J," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",l),s.appendChild(c),s.appendChild(u),this.popup=new H(s),s.focus(),this.popup.on("hide",(function(){e.destroy()}))},t.prototype.destroy=function(){var t=document.querySelector("#".concat(M)),e=document.querySelector("#".concat(F));t&&e&&(document.body.removeChild(t),document.head.removeChild(e)),window.removeEventListener("message",B)},t.prototype.show=function(t){var e,n=t.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",G),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(J));i&&i.appendChild(o),window.addEventListener("message",B),null===(e=this.popup)||void 0===e||e.show()},t.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},t.prototype.on=function(t,e){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(t,e)},t}();function B(t){var e=document.querySelector("#".concat(G));e&&t.data.height&&(e.style.height=t.data.height+"px")}var Y=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){return l(this,arguments,void 0,(function(t){var e=t.token;return h(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:A({token:e,tenantId:this.tenantId})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.code;return h(this,(function(t){switch(t.label){case 0:return e={verificationCode:o},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t}(),X=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=S.shared,this.api=new Y({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(){return l(this,void 0,void 0,(function(){return h(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.code;return h(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return(e=t.sent()).accessToken&&(this.cache.token=e.accessToken),[2,e]}}))}))},t}(),Q=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.email;return h(this,(function(t){switch(t.label){case 0:return e={email:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:this.buildHeaders(n),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.challenge=function(t){return l(this,arguments,void 0,(function(t){var e=t.token;return h(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:this.buildHeaders(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.code;return h(this,(function(t){switch(t.label){case 0:return e={verificationCode:o},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:this.buildHeaders(n),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.buildHeaders=function(t){return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},t}(),Z=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=S.shared,this.api=new Q({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(t){return l(this,arguments,void 0,(function(t){var e=t.email;return h(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token,email:e})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.challenge=function(){return l(this,void 0,void 0,(function(){return h(this,(function(t){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.code;return h(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return(e=t.sent()).accessToken&&(this.cache.token=e.accessToken),[2,e]}}))}))},t}(),tt=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.enroll=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.phoneNumber;return h(this,(function(t){switch(t.label){case 0:return e={phoneNumber:o},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.challenge=function(t){return l(this,arguments,void 0,(function(t){var e=t.token;return h(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:A({token:e,tenantId:this.tenantId})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.token,o=t.code;return h(this,(function(t){switch(t.label){case 0:return e={verificationCode:o},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(e)})];case 1:return[2,t.sent().json()]}}))}))},t}(),et=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.cache=S.shared,this.api=new tt({baseUrl:e,tenantId:n})}return t.prototype.enroll=function(t){return l(this,arguments,void 0,(function(t){var e=t.phoneNumber;return h(this,(function(t){return this.cache.token?[2,this.api.enroll({token:this.cache.token,phoneNumber:e})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.challenge=function(){return l(this,void 0,void 0,(function(){return h(this,(function(t){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},t.prototype.verify=function(t){return l(this,arguments,void 0,(function(t){var e,n=t.code;return h(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return(e=t.sent()).accessToken&&(this.cache.token=e.accessToken),[2,e]}}))}))},t}(),nt="4a08uqve",ot=function(){function e(t){var e=t.cookieDomain,n=t.cookieName,o=void 0===n?"__as_aid":n,i=t.baseUrl,r=void 0===i?"https://api.authsignal.com/v1":i,c=t.tenantId;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this.cookieDomain=e||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!c)throw new Error("tenantId is required");var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=a(),s({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new O({tenantId:c,baseUrl:r,anonymousId:this.anonymousId}),this.totp=new X({tenantId:c,baseUrl:r}),this.email=new Z({tenantId:c,baseUrl:r}),this.sms=new et({tenantId:c,baseUrl:r})}return e.prototype.setToken=function(t){S.shared.token=t},e.prototype.launch=function(t,e){switch(null==e?void 0:e.mode){case"window":return this.launchWithWindow(t,e);case"popup":return this.launchWithPopup(t,e);default:this.launchWithRedirect(t)}},e.prototype.initAdvancedProfiling=function(t){var e=a();this.profilingId=e,s({name:"__as_pid",value:e,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=t?"".concat(t,"/fp/tags.js?org_id=").concat(nt,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(nt,"&session_id=").concat(e),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var i=document.createElement("noscript");i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=t?"".concat(t,"/fp/tags?org_id=").concat(nt,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags?org_id=".concat(nt,"&session_id=").concat(e);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),i&&(i.appendChild(r),document.body.prepend(i))},e.prototype.launchWithRedirect=function(t){window.location.href=t},e.prototype.launchWithPopup=function(e,n){var o=n.popupOptions,i=new z({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),r="".concat(e,"&mode=popup");return i.show({url:r}),new Promise((function(e){var n=void 0;i.on("hide",(function(){e({token:n})})),window.addEventListener("message",(function(e){var o=null;try{o=JSON.parse(e.data)}catch(t){}(null==o?void 0:o.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(n=o.token,i.close())}),!1)}))},e.prototype.launchWithWindow=function(e,n){var o=n.windowOptions,i=new _,r="".concat(e,"&mode=popup");return i.show({url:r,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(e){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(t){}(null==o?void 0:o.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(i.close(),e({token:o.token}))}),!1)}))},e}();return t.Authsignal=ot,Object.defineProperty(t,"__esModule",{value:!0}),t}({});
package/dist/passkey.d.ts CHANGED
@@ -1,32 +1,34 @@
1
1
  import { PasskeyApiClient } from "./api";
2
- import { AuthenticatorAttachment } from "@simplewebauthn/types";
2
+ import { AuthenticationResponseJSON, RegistrationResponseJSON, AuthenticatorAttachment } from "@simplewebauthn/types";
3
3
  import { AuthsignalResponse } from "./api/types/shared";
4
- declare type PasskeyOptions = {
4
+ type PasskeyOptions = {
5
5
  baseUrl: string;
6
6
  tenantId: string;
7
7
  anonymousId: string;
8
8
  };
9
- declare type SignUpParams = {
9
+ type SignUpParams = {
10
10
  userName?: string;
11
11
  userDisplayName?: string;
12
12
  token?: string;
13
13
  authenticatorAttachment?: AuthenticatorAttachment | null;
14
14
  };
15
- declare type SignUpResponse = {
15
+ type SignUpResponse = {
16
16
  token?: string;
17
+ registrationResponse?: RegistrationResponseJSON;
17
18
  };
18
- declare type SignInParams = {
19
+ type SignInParams = {
19
20
  token?: string;
20
21
  autofill?: boolean;
21
22
  action?: string;
22
23
  onVerificationStarted?: () => unknown;
23
24
  };
24
- declare type SignInResponse = {
25
+ type SignInResponse = {
25
26
  token?: string;
26
27
  userId?: string;
27
28
  userAuthenticatorId?: string;
28
29
  userName?: string;
29
30
  userDisplayName?: string;
31
+ authenticationResponse?: AuthenticationResponseJSON;
30
32
  };
31
33
  export declare class Passkey {
32
34
  api: PasskeyApiClient;
@@ -36,7 +38,9 @@ export declare class Passkey {
36
38
  constructor({ baseUrl, tenantId, anonymousId }: PasskeyOptions);
37
39
  signUp({ userName, userDisplayName, token, authenticatorAttachment, }: SignUpParams): Promise<AuthsignalResponse<SignUpResponse>>;
38
40
  signIn(params?: SignInParams): Promise<AuthsignalResponse<SignInResponse>>;
39
- isAvailableOnDevice(): Promise<boolean>;
41
+ isAvailableOnDevice({ userId }: {
42
+ userId: string;
43
+ }): Promise<boolean>;
40
44
  private storeCredentialAgainstDevice;
41
45
  }
42
46
  export {};
package/dist/sms.d.ts CHANGED
@@ -1,12 +1,12 @@
1
1
  import { AuthsignalResponse, ChallengeResponse, EnrollResponse, VerifyResponse } from "./api/types/shared";
2
- declare type SmsOptions = {
2
+ type SmsOptions = {
3
3
  baseUrl: string;
4
4
  tenantId: string;
5
5
  };
6
- declare type EnrollParams = {
6
+ type EnrollParams = {
7
7
  phoneNumber: string;
8
8
  };
9
- declare type VerifyParams = {
9
+ type VerifyParams = {
10
10
  code: string;
11
11
  };
12
12
  export declare class Sms {
package/dist/totp.d.ts CHANGED
@@ -1,10 +1,10 @@
1
1
  import { AuthsignalResponse, VerifyResponse } from "./api/types/shared";
2
2
  import { EnrollResponse } from "./api/types/totp";
3
- declare type TotpOptions = {
3
+ type TotpOptions = {
4
4
  baseUrl: string;
5
5
  tenantId: string;
6
6
  };
7
- declare type VerifyParams = {
7
+ type VerifyParams = {
8
8
  code: string;
9
9
  };
10
10
  export declare class Totp {
package/dist/types.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- declare type BaseLaunchOptions = {
1
+ type BaseLaunchOptions = {
2
2
  /**
3
3
  * How the Authsignal Prebuilt MFA page should launch.
4
4
  * `popup` will cause it to open in a overlay, whilst `redirect`
@@ -7,10 +7,10 @@ declare type BaseLaunchOptions = {
7
7
  */
8
8
  mode?: "popup" | "redirect" | "window";
9
9
  };
10
- export declare type RedirectLaunchOptions = BaseLaunchOptions & {
10
+ export type RedirectLaunchOptions = BaseLaunchOptions & {
11
11
  mode: "redirect";
12
12
  };
13
- export declare type PopupLaunchOptions = BaseLaunchOptions & {
13
+ export type PopupLaunchOptions = BaseLaunchOptions & {
14
14
  mode: "popup";
15
15
  popupOptions?: {
16
16
  /** Any valid CSS value for the `width` property. */
@@ -25,15 +25,15 @@ export declare type PopupLaunchOptions = BaseLaunchOptions & {
25
25
  isClosable?: boolean;
26
26
  };
27
27
  };
28
- export declare type WindowLaunchOptions = BaseLaunchOptions & {
28
+ export type WindowLaunchOptions = BaseLaunchOptions & {
29
29
  mode: "window";
30
30
  windowOptions?: {
31
31
  width?: number;
32
32
  height?: number;
33
33
  };
34
34
  };
35
- export declare type LaunchOptions = RedirectLaunchOptions | PopupLaunchOptions | WindowLaunchOptions;
36
- export declare type AuthsignalOptions = {
35
+ export type LaunchOptions = RedirectLaunchOptions | PopupLaunchOptions | WindowLaunchOptions;
36
+ export type AuthsignalOptions = {
37
37
  /**
38
38
  * Cookie domain that will be used to identify
39
39
  * users. If not set, location.hostname will be used
@@ -56,11 +56,11 @@ export declare type AuthsignalOptions = {
56
56
  export declare enum AuthsignalWindowMessage {
57
57
  AUTHSIGNAL_CLOSE_POPUP = "AUTHSIGNAL_CLOSE_POPUP"
58
58
  }
59
- export declare type AuthsignalWindowMessageData = {
59
+ export type AuthsignalWindowMessageData = {
60
60
  event: AuthsignalWindowMessage;
61
61
  token: string;
62
62
  };
63
- export declare type TokenPayload = {
63
+ export type TokenPayload = {
64
64
  token?: string;
65
65
  };
66
66
  export {};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@authsignal/browser",
3
- "version": "0.5.10",
3
+ "version": "0.6.0",
4
4
  "type": "module",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.js",
@@ -28,8 +28,8 @@
28
28
  },
29
29
  "dependencies": {
30
30
  "@fingerprintjs/fingerprintjs": "^3.3.6",
31
- "@simplewebauthn/browser": "^9.0.1",
32
- "@simplewebauthn/types": "^9.0.1",
31
+ "@simplewebauthn/browser": "^10.0.0",
32
+ "@simplewebauthn/types": "^10.0.0",
33
33
  "a11y-dialog": "8.0.4",
34
34
  "uuid": "^9.0.0"
35
35
  },
@@ -37,7 +37,6 @@
37
37
  "@rollup/plugin-node-resolve": "^14.1.0",
38
38
  "@rollup/plugin-terser": "^0.4.3",
39
39
  "@rollup/plugin-typescript": "^8.5.0",
40
- "@simplewebauthn/typescript-types": "^8.0.0",
41
40
  "@types/iframe-resizer": "^3.5.9",
42
41
  "@types/uuid": "^8.3.4",
43
42
  "@typescript-eslint/eslint-plugin": "^5.39.0",
@@ -48,7 +47,7 @@
48
47
  "prettier": "^2.7.1",
49
48
  "rollup": "^2.79.1",
50
49
  "tslib": "^2.4.0",
51
- "typescript": "^4.8.4"
50
+ "typescript": "^5.6.2"
52
51
  },
53
52
  "files": [
54
53
  "dist"