@authsignal/browser 0.6.2 → 1.0.0-alpha1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/api/email-api-client.d.ts +4 -4
  2. package/dist/api/helpers.d.ts +2 -2
  3. package/dist/api/passkey-api-client.d.ts +12 -12
  4. package/dist/api/sms-api-client.d.ts +4 -4
  5. package/dist/api/totp-api-client.d.ts +4 -4
  6. package/dist/api/types/passkey.d.ts +7 -0
  7. package/dist/api/types/shared.d.ts +0 -1
  8. package/dist/api/types/totp.d.ts +1 -1
  9. package/dist/email.d.ts +5 -3
  10. package/dist/helpers.d.ts +10 -1
  11. package/dist/index.js +159 -85
  12. package/dist/index.min.js +1 -1
  13. package/dist/passkey.d.ts +8 -8
  14. package/dist/sms.d.ts +5 -3
  15. package/dist/totp.d.ts +5 -2
  16. package/dist/types.d.ts +4 -0
  17. package/package.json +1 -1
package/dist/api/email-api-client.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { ApiClientOptions, AuthsignalResponse, ChallengeResponse, EnrollResponse, VerifyResponse } from "./types/shared";
1
+ import { ApiClientOptions, ChallengeResponse, EnrollResponse, ErrorResponse, VerifyResponse } from "./types/shared";
2
2
  export declare class EmailApiClient {
3
3
  tenantId: string;
4
4
  baseUrl: string;
@@ -7,12 +7,12 @@ export declare class EmailApiClient {
7
7
  enroll({ token, email }: {
8
8
  token: string;
9
9
  email: string;
10
- }): Promise<AuthsignalResponse<EnrollResponse>>;
10
+ }): Promise<EnrollResponse | ErrorResponse>;
11
11
  challenge({ token }: {
12
12
  token: string;
13
- }): Promise<AuthsignalResponse<ChallengeResponse>>;
13
+ }): Promise<ChallengeResponse | ErrorResponse>;
14
14
  verify({ token, code }: {
15
15
  token: string;
16
16
  code: string;
17
- }): Promise<AuthsignalResponse<VerifyResponse>>;
17
+ }): Promise<VerifyResponse | ErrorResponse>;
18
18
  }
package/dist/api/helpers.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { AuthsignalResponse } from "./types/shared";
1
+ import { ErrorResponse } from "./types/shared";
2
2
  type BuildHeadersParams = {
3
3
  token?: string;
4
4
  tenantId: string;
@@ -8,7 +8,7 @@ export declare function buildHeaders({ token, tenantId }: BuildHeadersParams): {
8
8
  Authorization: string;
9
9
  };
10
10
  type HandleTokenExpiredParams<T> = {
11
- response: AuthsignalResponse<T>;
11
+ response: T | ErrorResponse;
12
12
  onTokenExpired?: () => void;
13
13
  };
14
14
  export declare function handleTokenExpired<T extends object>({ response, onTokenExpired }: HandleTokenExpiredParams<T>): void;
package/dist/api/passkey-api-client.d.ts CHANGED
@@ -1,24 +1,24 @@
1
- import { AddAuthenticatorRequest, AddAuthenticatorResponse, AuthenticationOptsRequest, AuthenticationOptsResponse, PasskeyAuthenticatorResponse, RegistrationOptsRequest, RegistrationOptsResponse, VerifyRequest, VerifyResponse } from "./types/passkey";
2
- import { ApiClientOptions, AuthsignalResponse, ChallengeResponse } from "./types/shared";
1
+ import { AddAuthenticatorRequest, AddAuthenticatorResponse, AuthenticationOptsRequest, AuthenticationOptsResponse, ErrorResponse, PasskeyAuthenticatorResponse, RegistrationOptsRequest, RegistrationOptsResponse, VerifyRequest, VerifyResponse } from "./types/passkey";
2
+ import { ApiClientOptions, ChallengeResponse } from "./types/shared";
3
3
  export declare class PasskeyApiClient {
4
4
  tenantId: string;
5
5
  baseUrl: string;
6
6
  onTokenExpired?: () => void;
7
7
  constructor({ baseUrl, tenantId, onTokenExpired }: ApiClientOptions);
8
- registrationOptions({ token, username, authenticatorAttachment }: {
8
+ registrationOptions({ token, username, authenticatorAttachment, }: {
9
9
  token: string;
10
- } & RegistrationOptsRequest): Promise<AuthsignalResponse<RegistrationOptsResponse>>;
11
- authenticationOptions({ token, challengeId }: {
10
+ } & RegistrationOptsRequest): Promise<RegistrationOptsResponse | ErrorResponse>;
11
+ authenticationOptions({ token, challengeId, }: {
12
12
  token?: string;
13
- } & AuthenticationOptsRequest): Promise<AuthsignalResponse<AuthenticationOptsResponse>>;
14
- addAuthenticator({ token, challengeId, registrationCredential }: {
13
+ } & AuthenticationOptsRequest): Promise<AuthenticationOptsResponse | ErrorResponse>;
14
+ addAuthenticator({ token, challengeId, registrationCredential, }: {
15
15
  token: string;
16
- } & AddAuthenticatorRequest): Promise<AuthsignalResponse<AddAuthenticatorResponse>>;
17
- verify({ token, challengeId, authenticationCredential, deviceId }: {
16
+ } & AddAuthenticatorRequest): Promise<AddAuthenticatorResponse | ErrorResponse>;
17
+ verify({ token, challengeId, authenticationCredential, deviceId, }: {
18
18
  token?: string;
19
- } & VerifyRequest): Promise<AuthsignalResponse<VerifyResponse>>;
19
+ } & VerifyRequest): Promise<VerifyResponse | ErrorResponse>;
20
20
  getPasskeyAuthenticator({ credentialIds, }: {
21
21
  credentialIds: string[];
22
- }): Promise<AuthsignalResponse<PasskeyAuthenticatorResponse>>;
23
- challenge(action: string): Promise<AuthsignalResponse<ChallengeResponse>>;
22
+ }): Promise<PasskeyAuthenticatorResponse | ErrorResponse>;
23
+ challenge(action: string): Promise<ChallengeResponse | ErrorResponse>;
24
24
  }
package/dist/api/sms-api-client.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { ApiClientOptions, AuthsignalResponse, ChallengeResponse, EnrollResponse, VerifyResponse } from "./types/shared";
1
+ import { ApiClientOptions, ChallengeResponse, EnrollResponse, ErrorResponse, VerifyResponse } from "./types/shared";
2
2
  export declare class SmsApiClient {
3
3
  tenantId: string;
4
4
  baseUrl: string;
@@ -7,12 +7,12 @@ export declare class SmsApiClient {
7
7
  enroll({ token, phoneNumber }: {
8
8
  token: string;
9
9
  phoneNumber: string;
10
- }): Promise<AuthsignalResponse<EnrollResponse>>;
10
+ }): Promise<EnrollResponse | ErrorResponse>;
11
11
  challenge({ token }: {
12
12
  token: string;
13
- }): Promise<AuthsignalResponse<ChallengeResponse>>;
13
+ }): Promise<ChallengeResponse | ErrorResponse>;
14
14
  verify({ token, code }: {
15
15
  token: string;
16
16
  code: string;
17
- }): Promise<AuthsignalResponse<VerifyResponse>>;
17
+ }): Promise<VerifyResponse | ErrorResponse>;
18
18
  }
package/dist/api/totp-api-client.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import { ApiClientOptions, AuthsignalResponse, VerifyResponse } from "./types/shared";
2
- import { EnrollResponse } from "./types/totp";
1
+ import { ApiClientOptions, ErrorResponse, VerifyResponse } from "./types/shared";
2
+ import { EnrollTotpResponse } from "./types/totp";
3
3
  export declare class TotpApiClient {
4
4
  tenantId: string;
5
5
  baseUrl: string;
@@ -7,9 +7,9 @@ export declare class TotpApiClient {
7
7
  constructor({ baseUrl, tenantId, onTokenExpired }: ApiClientOptions);
8
8
  enroll({ token }: {
9
9
  token: string;
10
- }): Promise<AuthsignalResponse<EnrollResponse>>;
10
+ }): Promise<EnrollTotpResponse | ErrorResponse>;
11
11
  verify({ token, code }: {
12
12
  token: string;
13
13
  code: string;
14
- }): Promise<AuthsignalResponse<VerifyResponse>>;
14
+ }): Promise<VerifyResponse | ErrorResponse>;
15
15
  }
package/dist/api/types/passkey.d.ts CHANGED
@@ -41,3 +41,10 @@ export type PasskeyAuthenticatorResponse = {
41
41
  credentialId: string;
42
42
  verifiedAt: string;
43
43
  };
44
+ export type ChallengeResponse = {
45
+ challengeId: string;
46
+ };
47
+ export type ErrorResponse = {
48
+ error: string;
49
+ errorDescription?: string;
50
+ };
package/dist/api/types/shared.d.ts CHANGED
@@ -20,4 +20,3 @@ export type ErrorResponse = {
20
20
  errorCode?: "expired_token" | (string & {});
21
21
  errorDescription?: string;
22
22
  };
23
- export type AuthsignalResponse<T> = T | ErrorResponse;
package/dist/api/types/totp.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export type EnrollResponse = {
1
+ export type EnrollTotpResponse = {
2
2
  userAuthenticatorId: string;
3
3
  userId: string;
4
4
  uri: string;
package/dist/email.d.ts CHANGED
@@ -1,3 +1,5 @@
1
+ import { ChallengeResponse, EnrollResponse, VerifyResponse } from "./api/types/shared";
2
+ import { AuthsignalResponse } from "./types";
1
3
  type EmailOptions = {
2
4
  baseUrl: string;
3
5
  tenantId: string;
@@ -13,8 +15,8 @@ export declare class Email {
13
15
  private api;
14
16
  private cache;
15
17
  constructor({ baseUrl, tenantId, onTokenExpired }: EmailOptions);
16
- enroll({ email }: EnrollParams): Promise<import("./api/types/shared").AuthsignalResponse<import("./api/types/shared").EnrollResponse>>;
17
- challenge(): Promise<import("./api/types/shared").AuthsignalResponse<import("./api/types/shared").ChallengeResponse>>;
18
- verify({ code }: VerifyParams): Promise<import("./api/types/shared").AuthsignalResponse<import("./api/types/shared").VerifyResponse>>;
18
+ enroll({ email }: EnrollParams): Promise<AuthsignalResponse<EnrollResponse>>;
19
+ challenge(): Promise<AuthsignalResponse<ChallengeResponse>>;
20
+ verify({ code }: VerifyParams): Promise<AuthsignalResponse<VerifyResponse>>;
19
21
  }
20
22
  export {};
package/dist/helpers.d.ts CHANGED
@@ -9,5 +9,14 @@ type CookieOptions = {
9
9
  export declare function setCookie({ name, value, expire, domain, secure }: CookieOptions): void;
10
10
  export declare function getCookieDomain(): string;
11
11
  export declare function getCookie(name: string): string | null;
12
- export declare function logErrorResponse(errorResponse: ErrorResponse): void;
12
+ export declare function handleErrorResponse(errorResponse: ErrorResponse): {
13
+ error: string;
14
+ };
15
+ export declare function handleApiResponse<T>(response: ErrorResponse | T): {
16
+ error: string;
17
+ data?: undefined;
18
+ } | {
19
+ data: T;
20
+ error?: undefined;
21
+ };
13
22
  export {};
package/dist/index.js CHANGED
@@ -63,37 +63,6 @@ function v4(options, buf, offset) {
63
63
  return unsafeStringify(rnds);
64
64
  }
65
65
 
66
- function setCookie(_a) {
67
- var name = _a.name, value = _a.value, expire = _a.expire, domain = _a.domain, secure = _a.secure;
68
- var expireString = expire === Infinity ? " expires=Fri, 31 Dec 9999 23:59:59 GMT" : "; max-age=" + expire;
69
- document.cookie =
70
- encodeURIComponent(name) +
71
- "=" +
72
- value +
73
- "; path=/;" +
74
- expireString +
75
- (domain ? "; domain=" + domain : "") +
76
- (secure ? "; secure" : "");
77
- }
78
- function getCookieDomain() {
79
- return document.location.hostname.replace("www.", "");
80
- }
81
- function getCookie(name) {
82
- if (!name) {
83
- return null;
84
- }
85
- return (decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*" + encodeURIComponent(name).replace(/[\-\.\+\*]/g, "\\$&") + "\\s*\\=\\s*([^;]*).*$)|^.*$"), "$1")) || null);
86
- }
87
- function logErrorResponse(errorResponse) {
88
- var _a;
89
- console.error((_a = errorResponse.errorDescription) !== null && _a !== void 0 ? _a : errorResponse.error);
90
- }
91
-
92
- var AuthsignalWindowMessage;
93
- (function (AuthsignalWindowMessage) {
94
- AuthsignalWindowMessage["AUTHSIGNAL_CLOSE_POPUP"] = "AUTHSIGNAL_CLOSE_POPUP";
95
- })(AuthsignalWindowMessage || (AuthsignalWindowMessage = {}));
96
-
97
66
  /******************************************************************************
98
67
  Copyright (c) Microsoft Corporation.
99
68
 
@@ -120,6 +89,18 @@ var __assign = function() {
120
89
  return __assign.apply(this, arguments);
121
90
  };
122
91
 
92
+ function __rest(s, e) {
93
+ var t = {};
94
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
95
+ t[p] = s[p];
96
+ if (s != null && typeof Object.getOwnPropertySymbols === "function")
97
+ for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
98
+ if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
99
+ t[p[i]] = s[p[i]];
100
+ }
101
+ return t;
102
+ }
103
+
123
104
  function __awaiter(thisArg, _arguments, P, generator) {
124
105
  function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
125
106
  return new (P || (P = Promise))(function (resolve, reject) {
@@ -158,6 +139,65 @@ function __generator(thisArg, body) {
158
139
  }
159
140
  }
160
141
 
142
+ function setCookie(_a) {
143
+ var name = _a.name, value = _a.value, expire = _a.expire, domain = _a.domain, secure = _a.secure;
144
+ var expireString = expire === Infinity ? " expires=Fri, 31 Dec 9999 23:59:59 GMT" : "; max-age=" + expire;
145
+ document.cookie =
146
+ encodeURIComponent(name) +
147
+ "=" +
148
+ value +
149
+ "; path=/;" +
150
+ expireString +
151
+ (domain ? "; domain=" + domain : "") +
152
+ (secure ? "; secure" : "");
153
+ }
154
+ function getCookieDomain() {
155
+ return document.location.hostname.replace("www.", "");
156
+ }
157
+ function getCookie(name) {
158
+ if (!name) {
159
+ return null;
160
+ }
161
+ return (decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*" + encodeURIComponent(name).replace(/[\-\.\+\*]/g, "\\$&") + "\\s*\\=\\s*([^;]*).*$)|^.*$"), "$1")) || null);
162
+ }
163
+ function handleErrorResponse(errorResponse) {
164
+ var _a;
165
+ var error = (_a = errorResponse.errorDescription) !== null && _a !== void 0 ? _a : errorResponse.error;
166
+ console.error(error);
167
+ return {
168
+ error: error,
169
+ };
170
+ }
171
+ function handleApiResponse(response) {
172
+ var _a;
173
+ if (response && typeof response === "object" && "error" in response) {
174
+ var error = (_a = response.errorDescription) !== null && _a !== void 0 ? _a : response.error;
175
+ console.error(error);
176
+ return {
177
+ error: error,
178
+ };
179
+ }
180
+ else if (response &&
181
+ typeof response === "object" &&
182
+ "accessToken" in response &&
183
+ typeof response.accessToken === "string") {
184
+ var accessToken = response.accessToken, data = __rest(response, ["accessToken"]);
185
+ return {
186
+ data: __assign(__assign({}, data), { token: accessToken }),
187
+ };
188
+ }
189
+ else {
190
+ return {
191
+ data: response,
192
+ };
193
+ }
194
+ }
195
+
196
+ var AuthsignalWindowMessage;
197
+ (function (AuthsignalWindowMessage) {
198
+ AuthsignalWindowMessage["AUTHSIGNAL_CLOSE_POPUP"] = "AUTHSIGNAL_CLOSE_POPUP";
199
+ })(AuthsignalWindowMessage || (AuthsignalWindowMessage = {}));
200
+
161
201
  /* [@simplewebauthn/browser@10.0.0] */
162
202
  function bufferToBase64URLString(buffer) {
163
203
  const bytes = new Uint8Array(buffer);
@@ -729,7 +769,7 @@ var Passkey = /** @class */ (function () {
729
769
  Passkey.prototype.signUp = function (_a) {
730
770
  return __awaiter(this, arguments, void 0, function (_b) {
731
771
  var userToken, optionsInput, optionsResponse, registrationResponse, addAuthenticatorResponse;
732
- var userName = _b.userName, userDisplayName = _b.userDisplayName, token = _b.token, _c = _b.authenticatorAttachment, authenticatorAttachment = _c === void 0 ? "platform" : _c;
772
+ var username = _b.username, displayName = _b.displayName, token = _b.token, _c = _b.authenticatorAttachment, authenticatorAttachment = _c === void 0 ? "platform" : _c;
733
773
  return __generator(this, function (_d) {
734
774
  switch (_d.label) {
735
775
  case 0:
@@ -738,8 +778,8 @@ var Passkey = /** @class */ (function () {
738
778
  return [2 /*return*/, this.cache.handleTokenNotSetError()];
739
779
  }
740
780
  optionsInput = {
741
- username: userName,
742
- displayName: userDisplayName,
781
+ username: username,
782
+ displayName: displayName,
743
783
  token: userToken,
744
784
  authenticatorAttachment: authenticatorAttachment,
745
785
  };
@@ -747,8 +787,7 @@ var Passkey = /** @class */ (function () {
747
787
  case 1:
748
788
  optionsResponse = _d.sent();
749
789
  if ("error" in optionsResponse) {
750
- logErrorResponse(optionsResponse);
751
- return [2 /*return*/, optionsResponse];
790
+ return [2 /*return*/, handleErrorResponse(optionsResponse)];
752
791
  }
753
792
  return [4 /*yield*/, startRegistration(optionsResponse.options)];
754
793
  case 2:
@@ -761,8 +800,7 @@ var Passkey = /** @class */ (function () {
761
800
  case 3:
762
801
  addAuthenticatorResponse = _d.sent();
763
802
  if ("error" in addAuthenticatorResponse) {
764
- logErrorResponse(addAuthenticatorResponse);
765
- return [2 /*return*/, addAuthenticatorResponse];
803
+ return [2 /*return*/, handleErrorResponse(addAuthenticatorResponse)];
766
804
  }
767
805
  if (addAuthenticatorResponse.isVerified) {
768
806
  this.storeCredentialAgainstDevice(__assign(__assign({}, registrationResponse), { userId: addAuthenticatorResponse.userId }));
@@ -771,8 +809,10 @@ var Passkey = /** @class */ (function () {
771
809
  this.cache.token = addAuthenticatorResponse.accessToken;
772
810
  }
773
811
  return [2 /*return*/, {
774
- token: addAuthenticatorResponse.accessToken,
775
- registrationResponse: registrationResponse,
812
+ data: {
813
+ token: addAuthenticatorResponse.accessToken,
814
+ registrationResponse: registrationResponse,
815
+ },
776
816
  }];
777
817
  }
778
818
  });
@@ -780,7 +820,7 @@ var Passkey = /** @class */ (function () {
780
820
  };
781
821
  Passkey.prototype.signIn = function (params) {
782
822
  return __awaiter(this, void 0, void 0, function () {
783
- var challengeResponse, _a, optionsResponse, authenticationResponse, verifyResponse, token, userId, userAuthenticatorId, userName, userDisplayName, isVerified;
823
+ var challengeResponse, _a, optionsResponse, authenticationResponse, verifyResponse, token, userId, userAuthenticatorId, username, userDisplayName, isVerified;
784
824
  return __generator(this, function (_b) {
785
825
  switch (_b.label) {
786
826
  case 0:
@@ -801,8 +841,7 @@ var Passkey = /** @class */ (function () {
801
841
  case 3:
802
842
  challengeResponse = _a;
803
843
  if (challengeResponse && "error" in challengeResponse) {
804
- logErrorResponse(challengeResponse);
805
- return [2 /*return*/, challengeResponse];
844
+ return [2 /*return*/, handleErrorResponse(challengeResponse)];
806
845
  }
807
846
  return [4 /*yield*/, this.api.authenticationOptions({
808
847
  token: params === null || params === void 0 ? void 0 : params.token,
@@ -811,8 +850,7 @@ var Passkey = /** @class */ (function () {
811
850
  case 4:
812
851
  optionsResponse = _b.sent();
813
852
  if ("error" in optionsResponse) {
814
- logErrorResponse(optionsResponse);
815
- return [2 /*return*/, optionsResponse];
853
+ return [2 /*return*/, handleErrorResponse(optionsResponse)];
816
854
  }
817
855
  return [4 /*yield*/, startAuthentication(optionsResponse.options, params === null || params === void 0 ? void 0 : params.autofill)];
818
856
  case 5:
@@ -829,8 +867,7 @@ var Passkey = /** @class */ (function () {
829
867
  case 6:
830
868
  verifyResponse = _b.sent();
831
869
  if ("error" in verifyResponse) {
832
- logErrorResponse(verifyResponse);
833
- return [2 /*return*/, verifyResponse];
870
+ return [2 /*return*/, handleErrorResponse(verifyResponse)];
834
871
  }
835
872
  if (verifyResponse.isVerified) {
836
873
  this.storeCredentialAgainstDevice(__assign(__assign({}, authenticationResponse), { userId: verifyResponse.userId }));
@@ -838,15 +875,17 @@ var Passkey = /** @class */ (function () {
838
875
  if (verifyResponse.accessToken) {
839
876
  this.cache.token = verifyResponse.accessToken;
840
877
  }
841
- token = verifyResponse.accessToken, userId = verifyResponse.userId, userAuthenticatorId = verifyResponse.userAuthenticatorId, userName = verifyResponse.username, userDisplayName = verifyResponse.userDisplayName, isVerified = verifyResponse.isVerified;
878
+ token = verifyResponse.accessToken, userId = verifyResponse.userId, userAuthenticatorId = verifyResponse.userAuthenticatorId, username = verifyResponse.username, userDisplayName = verifyResponse.userDisplayName, isVerified = verifyResponse.isVerified;
842
879
  return [2 /*return*/, {
843
- isVerified: isVerified,
844
- token: token,
845
- userId: userId,
846
- userAuthenticatorId: userAuthenticatorId,
847
- userName: userName,
848
- userDisplayName: userDisplayName,
849
- authenticationResponse: authenticationResponse,
880
+ data: {
881
+ isVerified: isVerified,
882
+ token: token,
883
+ userId: userId,
884
+ userAuthenticatorId: userAuthenticatorId,
885
+ username: username,
886
+ displayName: userDisplayName,
887
+ authenticationResponse: authenticationResponse,
888
+ },
850
889
  }];
851
890
  }
852
891
  });
@@ -1532,17 +1571,24 @@ var Totp = /** @class */ (function () {
1532
1571
  }
1533
1572
  Totp.prototype.enroll = function () {
1534
1573
  return __awaiter(this, void 0, void 0, function () {
1574
+ var response;
1535
1575
  return __generator(this, function (_a) {
1536
- if (!this.cache.token) {
1537
- return [2 /*return*/, this.cache.handleTokenNotSetError()];
1576
+ switch (_a.label) {
1577
+ case 0:
1578
+ if (!this.cache.token) {
1579
+ return [2 /*return*/, this.cache.handleTokenNotSetError()];
1580
+ }
1581
+ return [4 /*yield*/, this.api.enroll({ token: this.cache.token })];
1582
+ case 1:
1583
+ response = _a.sent();
1584
+ return [2 /*return*/, handleApiResponse(response)];
1538
1585
  }
1539
- return [2 /*return*/, this.api.enroll({ token: this.cache.token })];
1540
1586
  });
1541
1587
  });
1542
1588
  };
1543
1589
  Totp.prototype.verify = function (_a) {
1544
1590
  return __awaiter(this, arguments, void 0, function (_b) {
1545
- var verifyResponse;
1591
+ var response;
1546
1592
  var code = _b.code;
1547
1593
  return __generator(this, function (_c) {
1548
1594
  switch (_c.label) {
@@ -1552,11 +1598,11 @@ var Totp = /** @class */ (function () {
1552
1598
  }
1553
1599
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1554
1600
  case 1:
1555
- verifyResponse = _c.sent();
1556
- if ("accessToken" in verifyResponse && verifyResponse.accessToken) {
1557
- this.cache.token = verifyResponse.accessToken;
1601
+ response = _c.sent();
1602
+ if ("accessToken" in response && response.accessToken) {
1603
+ this.cache.token = response.accessToken;
1558
1604
  }
1559
- return [2 /*return*/, verifyResponse];
1605
+ return [2 /*return*/, handleApiResponse(response)];
1560
1606
  }
1561
1607
  });
1562
1608
  });
@@ -1651,28 +1697,42 @@ var Email = /** @class */ (function () {
1651
1697
  }
1652
1698
  Email.prototype.enroll = function (_a) {
1653
1699
  return __awaiter(this, arguments, void 0, function (_b) {
1700
+ var response;
1654
1701
  var email = _b.email;
1655
1702
  return __generator(this, function (_c) {
1656
- if (!this.cache.token) {
1657
- return [2 /*return*/, this.cache.handleTokenNotSetError()];
1703
+ switch (_c.label) {
1704
+ case 0:
1705
+ if (!this.cache.token) {
1706
+ return [2 /*return*/, this.cache.handleTokenNotSetError()];
1707
+ }
1708
+ return [4 /*yield*/, this.api.enroll({ token: this.cache.token, email: email })];
1709
+ case 1:
1710
+ response = _c.sent();
1711
+ return [2 /*return*/, handleApiResponse(response)];
1658
1712
  }
1659
- return [2 /*return*/, this.api.enroll({ token: this.cache.token, email: email })];
1660
1713
  });
1661
1714
  });
1662
1715
  };
1663
1716
  Email.prototype.challenge = function () {
1664
1717
  return __awaiter(this, void 0, void 0, function () {
1718
+ var response;
1665
1719
  return __generator(this, function (_a) {
1666
- if (!this.cache.token) {
1667
- return [2 /*return*/, this.cache.handleTokenNotSetError()];
1720
+ switch (_a.label) {
1721
+ case 0:
1722
+ if (!this.cache.token) {
1723
+ return [2 /*return*/, this.cache.handleTokenNotSetError()];
1724
+ }
1725
+ return [4 /*yield*/, this.api.challenge({ token: this.cache.token })];
1726
+ case 1:
1727
+ response = _a.sent();
1728
+ return [2 /*return*/, handleApiResponse(response)];
1668
1729
  }
1669
- return [2 /*return*/, this.api.challenge({ token: this.cache.token })];
1670
1730
  });
1671
1731
  });
1672
1732
  };
1673
1733
  Email.prototype.verify = function (_a) {
1674
1734
  return __awaiter(this, arguments, void 0, function (_b) {
1675
- var verifyResponse;
1735
+ var response;
1676
1736
  var code = _b.code;
1677
1737
  return __generator(this, function (_c) {
1678
1738
  switch (_c.label) {
@@ -1682,11 +1742,11 @@ var Email = /** @class */ (function () {
1682
1742
  }
1683
1743
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1684
1744
  case 1:
1685
- verifyResponse = _c.sent();
1686
- if ("accessToken" in verifyResponse && verifyResponse.accessToken) {
1687
- this.cache.token = verifyResponse.accessToken;
1745
+ response = _c.sent();
1746
+ if ("accessToken" in response && response.accessToken) {
1747
+ this.cache.token = response.accessToken;
1688
1748
  }
1689
- return [2 /*return*/, verifyResponse];
1749
+ return [2 /*return*/, handleApiResponse(response)];
1690
1750
  }
1691
1751
  });
1692
1752
  });
@@ -1781,28 +1841,42 @@ var Sms = /** @class */ (function () {
1781
1841
  }
1782
1842
  Sms.prototype.enroll = function (_a) {
1783
1843
  return __awaiter(this, arguments, void 0, function (_b) {
1844
+ var response;
1784
1845
  var phoneNumber = _b.phoneNumber;
1785
1846
  return __generator(this, function (_c) {
1786
- if (!this.cache.token) {
1787
- return [2 /*return*/, this.cache.handleTokenNotSetError()];
1847
+ switch (_c.label) {
1848
+ case 0:
1849
+ if (!this.cache.token) {
1850
+ return [2 /*return*/, this.cache.handleTokenNotSetError()];
1851
+ }
1852
+ return [4 /*yield*/, this.api.enroll({ token: this.cache.token, phoneNumber: phoneNumber })];
1853
+ case 1:
1854
+ response = _c.sent();
1855
+ return [2 /*return*/, handleApiResponse(response)];
1788
1856
  }
1789
- return [2 /*return*/, this.api.enroll({ token: this.cache.token, phoneNumber: phoneNumber })];
1790
1857
  });
1791
1858
  });
1792
1859
  };
1793
1860
  Sms.prototype.challenge = function () {
1794
1861
  return __awaiter(this, void 0, void 0, function () {
1862
+ var response;
1795
1863
  return __generator(this, function (_a) {
1796
- if (!this.cache.token) {
1797
- return [2 /*return*/, this.cache.handleTokenNotSetError()];
1864
+ switch (_a.label) {
1865
+ case 0:
1866
+ if (!this.cache.token) {
1867
+ return [2 /*return*/, this.cache.handleTokenNotSetError()];
1868
+ }
1869
+ return [4 /*yield*/, this.api.challenge({ token: this.cache.token })];
1870
+ case 1:
1871
+ response = _a.sent();
1872
+ return [2 /*return*/, handleApiResponse(response)];
1798
1873
  }
1799
- return [2 /*return*/, this.api.challenge({ token: this.cache.token })];
1800
1874
  });
1801
1875
  });
1802
1876
  };
1803
1877
  Sms.prototype.verify = function (_a) {
1804
1878
  return __awaiter(this, arguments, void 0, function (_b) {
1805
- var verifyResponse;
1879
+ var response;
1806
1880
  var code = _b.code;
1807
1881
  return __generator(this, function (_c) {
1808
1882
  switch (_c.label) {
@@ -1812,11 +1886,11 @@ var Sms = /** @class */ (function () {
1812
1886
  }
1813
1887
  return [4 /*yield*/, this.api.verify({ token: this.cache.token, code: code })];
1814
1888
  case 1:
1815
- verifyResponse = _c.sent();
1816
- if ("accessToken" in verifyResponse && verifyResponse.accessToken) {
1817
- this.cache.token = verifyResponse.accessToken;
1889
+ response = _c.sent();
1890
+ if ("accessToken" in response && response.accessToken) {
1891
+ this.cache.token = response.accessToken;
1818
1892
  }
1819
- return [2 /*return*/, verifyResponse];
1893
+ return [2 /*return*/, handleApiResponse(response)];
1820
1894
  }
1821
1895
  });
1822
1896
  });
package/dist/index.min.js CHANGED
@@ -1 +1 @@
1
- var authsignal=function(e){"use strict";let t;const n=new Uint8Array(16);function o(){if(!t&&(t="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!t))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return t(n)}const i=[];for(let e=0;e<256;++e)i.push((e+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function s(e,t,n){if(r.randomUUID&&!t&&!e)return r.randomUUID();const s=(e=e||{}).random||(e.rng||o)();if(s[6]=15&s[6]|64,s[8]=63&s[8]|128,t){n=n||0;for(let e=0;e<16;++e)t[n+e]=s[e];return t}return function(e,t=0){return(i[e[t+0]]+i[e[t+1]]+i[e[t+2]]+i[e[t+3]]+"-"+i[e[t+4]]+i[e[t+5]]+"-"+i[e[t+6]]+i[e[t+7]]+"-"+i[e[t+8]]+i[e[t+9]]+"-"+i[e[t+10]]+i[e[t+11]]+i[e[t+12]]+i[e[t+13]]+i[e[t+14]]+i[e[t+15]]).toLowerCase()}(s)}function a(e){var t=e.name,n=e.value,o=e.expire,i=e.domain,r=e.secure,s=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(t)+"="+n+"; path=/;"+s+(i?"; domain="+i:"")+(r?"; secure":"")}function c(e){var t;console.error(null!==(t=e.errorDescription)&&void 0!==t?t:e.error)}e.AuthsignalWindowMessage=void 0,(e.AuthsignalWindowMessage||(e.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";var u=function(){return u=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var i in t=arguments[n])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},u.apply(this,arguments)};function l(e,t,n,o){return new(n||(n=Promise))((function(i,r){function s(e){try{c(o.next(e))}catch(e){r(e)}}function a(e){try{c(o.throw(e))}catch(e){r(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(s,a)}c((o=o.apply(e,t||[])).next())}))}function d(e,t){var n,o,i,r,s={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return r={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function a(r){return function(a){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;s;)try{if(n=1,o&&(i=2&r[0]?o.return:r[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,r[1])).done)return i;switch(o=0,i&&(r=[2&r[0],i.value]),r[0]){case 0:case 1:i=r;break;case 4:return s.label++,{value:r[1],done:!1};case 5:s.label++,o=r[1],r=[0];continue;case 7:r=s.ops.pop(),s.trys.pop();continue;default:if(!(i=s.trys,(i=i.length>0&&i[i.length-1])||6!==r[0]&&2!==r[0])){s=0;continue}if(3===r[0]&&(!i||r[1]>i[0]&&r[1]<i[3])){s.label=r[1];break}if(6===r[0]&&s.label<i[1]){s.label=i[1],i=r;break}if(i&&s.label<i[2]){s.label=i[2],s.ops.push(r);break}i[2]&&s.ops.pop(),s.trys.pop();continue}r=t.call(e,s)}catch(e){r=[6,e],o=0}finally{n=i=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,a])}}}function h(e){const t=new Uint8Array(e);let n="";for(const e of t)n+=String.fromCharCode(e);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function p(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),n=(4-t.length%4)%4,o=t.padEnd(t.length+n,"="),i=atob(o),r=new ArrayBuffer(i.length),s=new Uint8Array(r);for(let e=0;e<i.length;e++)s[e]=i.charCodeAt(e);return r}function f(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function m(e){const{id:t}=e;return{...e,id:p(t),transports:e.transports}}function y(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}class w extends Error{constructor({message:e,code:t,cause:n,name:o}){super(e,{cause:n}),this.name=o??n.name,this.code=t}}const g=new class{createNewAbortSignal(){if(this.controller){const e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}const e=new AbortController;return this.controller=e,e.signal}cancelCeremony(){if(this.controller){const e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}}},v=["cross-platform","platform"];function b(e){if(e&&!(v.indexOf(e)<0))return e}async function E(e){if(!f())throw new Error("WebAuthn is not supported in this browser");const t={publicKey:{...e,challenge:p(e.challenge),user:{...e.user,id:p(e.user.id)},excludeCredentials:e.excludeCredentials?.map(m)}};let n;t.signal=g.createNewAbortSignal();try{n=await navigator.credentials.create(t)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new w({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if("ConstraintError"===e.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new w({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if("required"===n.authenticatorSelection?.userVerification)return new w({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if("InvalidStateError"===e.name)return new w({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if("NotAllowedError"===e.name)return new w({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("NotSupportedError"===e.name)return 0===n.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new w({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new w({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!y(t))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rp.id!==t)return new w({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("TypeError"===e.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new w({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if("UnknownError"===e.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:t})}if(!n)throw new Error("Registration was not completed");const{id:o,rawId:i,response:r,type:s}=n;let a,c,u,l;if("function"==typeof r.getTransports&&(a=r.getTransports()),"function"==typeof r.getPublicKeyAlgorithm)try{c=r.getPublicKeyAlgorithm()}catch(e){k("getPublicKeyAlgorithm()",e)}if("function"==typeof r.getPublicKey)try{const e=r.getPublicKey();null!==e&&(u=h(e))}catch(e){k("getPublicKey()",e)}if("function"==typeof r.getAuthenticatorData)try{l=h(r.getAuthenticatorData())}catch(e){k("getAuthenticatorData()",e)}return{id:o,rawId:h(i),response:{attestationObject:h(r.attestationObject),clientDataJSON:h(r.clientDataJSON),transports:a,publicKeyAlgorithm:c,publicKey:u,authenticatorData:l},type:s,clientExtensionResults:n.getClientExtensionResults(),authenticatorAttachment:b(n.authenticatorAttachment)}}function k(e,t){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.\n`,t)}async function I(e,t=!1){if(!f())throw new Error("WebAuthn is not supported in this browser");let n;0!==e.allowCredentials?.length&&(n=e.allowCredentials?.map(m));const o={...e,challenge:p(e.challenge),allowCredentials:n},i={};if(t){if(!await function(){if(!f())return new Promise((e=>e(!1)));const e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((e=>e(!1))):e.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');i.mediation="conditional",o.allowCredentials=[]}let r;i.publicKey=o,i.signal=g.createNewAbortSignal();try{r=await navigator.credentials.get(i)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new w({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else{if("NotAllowedError"===e.name)return new w({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!y(t))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rpId!==t)return new w({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("UnknownError"===e.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:i})}if(!r)throw new Error("Authentication was not completed");const{id:s,rawId:a,response:c,type:u}=r;let l;return c.userHandle&&(l=h(c.userHandle)),{id:s,rawId:h(a),response:{authenticatorData:h(c.authenticatorData),clientDataJSON:h(c.clientDataJSON),signature:h(c.signature),userHandle:l},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:b(r.authenticatorAttachment)}}function T(e){var t=e.token,n=e.tenantId;return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}function A(e){var t=e.response,n=e.onTokenExpired;"error"in t&&"expired_token"===t.errorCode&&n&&n()}var R=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.registrationOptions=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.username,r=e.authenticatorAttachment;return d(this,(function(e){switch(e.label){case 0:return t=Boolean(r)?{username:i,authenticatorAttachment:r}:{username:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.authenticationOptions=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.challengeId;return d(this,(function(e){switch(e.label){case 0:return t={challengeId:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.addAuthenticator=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.challengeId,r=e.registrationCredential;return d(this,(function(e){switch(e.label){case 0:return t={challengeId:i,registrationCredential:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.verify=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.challengeId,r=e.authenticationCredential,s=e.deviceId;return d(this,(function(e){switch(e.label){case 0:return t={challengeId:i,authenticationCredential:r,deviceId:s},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.getPasskeyAuthenticator=function(e){return l(this,arguments,void 0,(function(e){var t,n=e.credentialIds;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialIds=").concat(n),{method:"GET",headers:T({tenantId:this.tenantId})})];case 1:if(!(t=e.sent()).ok)throw new Error(t.statusText);return[2,t.json()]}}))}))},e.prototype.challenge=function(e){return l(this,void 0,void 0,(function(){var t;return d(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:T({tenantId:this.tenantId}),body:JSON.stringify({action:e})})];case 1:return[4,n.sent().json()];case 2:return A({response:t=n.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e}(),S=function(){function e(){this.token=null}return e.prototype.handleTokenNotSetError=function(){var e="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(e)),{error:"TOKEN_NOT_SET",errorDescription:e}},e.shared=new e,e}(),_=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.anonymousId,i=e.onTokenExpired;this.passkeyLocalStorageKey="as_user_passkey_map",this.cache=S.shared,this.api=new R({baseUrl:t,tenantId:n,onTokenExpired:i}),this.anonymousId=o}return e.prototype.signUp=function(e){return l(this,arguments,void 0,(function(e){var t,n,o,i,r,s=e.userName,a=e.userDisplayName,l=e.token,h=e.authenticatorAttachment,p=void 0===h?"platform":h;return d(this,(function(e){switch(e.label){case 0:return(t=null!=l?l:this.cache.token)?(n={username:s,displayName:a,token:t,authenticatorAttachment:p},[4,this.api.registrationOptions(n)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(o=e.sent())?(c(o),[2,o]):[4,E(o.options)];case 2:return i=e.sent(),[4,this.api.addAuthenticator({challengeId:o.challengeId,registrationCredential:i,token:t})];case 3:return"error"in(r=e.sent())?(c(r),[2,r]):(r.isVerified&&this.storeCredentialAgainstDevice(u(u({},i),{userId:r.userId})),r.accessToken&&(this.cache.token=r.accessToken),[2,{token:r.accessToken,registrationResponse:i}])}}))}))},e.prototype.signIn=function(e){return l(this,void 0,void 0,(function(){var t,n,o,i,r,s,a,l,h,p;return d(this,(function(d){switch(d.label){case 0:if((null==e?void 0:e.token)&&e.autofill)throw new Error("autofill is not supported when providing a token");if((null==e?void 0:e.action)&&e.token)throw new Error("action is not supported when providing a token");return(null==e?void 0:e.action)?[4,this.api.challenge(e.action)]:[3,2];case 1:return n=d.sent(),[3,3];case 2:n=null,d.label=3;case 3:return(t=n)&&"error"in t?(c(t),[2,t]):[4,this.api.authenticationOptions({token:null==e?void 0:e.token,challengeId:null==t?void 0:t.challengeId})];case 4:return"error"in(o=d.sent())?(c(o),[2,o]):[4,I(o.options,null==e?void 0:e.autofill)];case 5:return i=d.sent(),(null==e?void 0:e.onVerificationStarted)&&e.onVerificationStarted(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:i,token:null==e?void 0:e.token,deviceId:this.anonymousId})];case 6:return"error"in(r=d.sent())?(c(r),[2,r]):(r.isVerified&&this.storeCredentialAgainstDevice(u(u({},i),{userId:r.userId})),r.accessToken&&(this.cache.token=r.accessToken),s=r.accessToken,a=r.userId,l=r.userAuthenticatorId,h=r.username,p=r.userDisplayName,[2,{isVerified:r.isVerified,token:s,userId:a,userAuthenticatorId:l,userName:h,userDisplayName:p,authenticationResponse:i}])}}))}))},e.prototype.isAvailableOnDevice=function(e){return l(this,arguments,void 0,(function(e){var t,n,o,i,r=e.userId;return d(this,(function(e){switch(e.label){case 0:if(!r)throw new Error("userId is required");if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];if(n=JSON.parse(t),0===(o=null!==(i=n[r])&&void 0!==i?i:[]).length)return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator({credentialIds:o})];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},e.prototype.storeCredentialAgainstDevice=function(e){var t=e.id,n=e.authenticatorAttachment,o=e.userId,i=void 0===o?"":o;if("cross-platform"!==n){var r=localStorage.getItem(this.passkeyLocalStorageKey),s=r?JSON.parse(r):{};s[i]?s[i].includes(t)||s[i].push(t):s[i]=[t],localStorage.setItem(this.passkeyLocalStorageKey,JSON.stringify(s))}},e}(),O=function(){function e(){this.windowRef=null}return e.prototype.show=function(e){var t=e.url,n=e.width,o=void 0===n?400:n,i=e.height,r=function(e){var t=e.url,n=e.width,o=e.height,i=e.win;if(!i.top)return null;var r=i.top.outerHeight/2+i.top.screenY-o/2,s=i.top.outerWidth/2+i.top.screenX-n/2;return window.open(t,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(r,", left=").concat(s))}({url:t,width:o,height:void 0===i?500:i,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},e.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},e}();const x=":not([inert]):not([inert] *)",C=':not([tabindex^="-"])',N=":not(:disabled)";var U=[`a[href]${x}${C}`,`area[href]${x}${C}`,`input:not([type="hidden"]):not([type="radio"])${x}${C}${N}`,`input[type="radio"]${x}${C}${N}`,`select${x}${C}${N}`,`textarea${x}${C}${N}`,`button${x}${C}${N}`,`details${x} > summary:first-of-type${C}`,`iframe${x}${C}`,`audio[controls]${x}${C}`,`video[controls]${x}${C}`,`[contenteditable]${x}${C}`,`[tabindex]${x}${C}`];function P(e){(e.querySelector("[autofocus]")||e).focus()}function $(e,t){if(t&&K(e))return e;if(!((n=e).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(e.shadowRoot){let n=D(e.shadowRoot,t);for(;n;){const e=$(n,t);if(e)return e;n=L(n,t)}}else if("slot"===e.localName){const n=e.assignedElements({flatten:!0});t||n.reverse();for(const e of n){const n=$(e,t);if(n)return n}}else{let n=D(e,t);for(;n;){const e=$(n,t);if(e)return e;n=L(n,t)}}var n;return!t&&K(e)?e:null}function D(e,t){return t?e.firstElementChild:e.lastElementChild}function L(e,t){return t?e.nextElementSibling:e.previousElementSibling}const K=e=>!e.shadowRoot?.delegatesFocus&&(e.matches(U.join(","))&&!(e=>!(!e.matches("details:not([open]) *")||e.matches("details>summary:first-of-type"))||!(e.offsetWidth||e.offsetHeight||e.getClientRects().length))(e));function j(e=document){const t=e.activeElement;return t?t.shadowRoot?j(t.shadowRoot)||document.activeElement:t:null}function W(e,t){const[n,o]=function(e){const t=$(e,!0);return[t,t?$(e,!1)||t:null]}(e);if(!n)return t.preventDefault();const i=j();t.shiftKey&&i===n?(o.focus(),t.preventDefault()):t.shiftKey||i!==o||(n.focus(),t.preventDefault())}class M{$el;id;previouslyFocused;shown;constructor(e){this.$el=e,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(e){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=j(),"BODY"===this.previouslyFocused?.tagName&&e?.target&&(this.previouslyFocused=e.target),"focus"===e?.type?this.maintainFocus(e):P(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",e)),this}hide(e){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",e),this):this}on(e,t,n){return this.$el.addEventListener(e,t,n),this}off(e,t,n){return this.$el.removeEventListener(e,t,n),this}fire(e,t){this.$el.dispatchEvent(new CustomEvent(e,{detail:t,cancelable:!0}))}handleTriggerClicks(e){const t=e.target;t.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(e),(t.closest(`[data-a11y-dialog-hide="${this.id}"]`)||t.closest("[data-a11y-dialog-hide]")&&t.closest('[aria-modal="true"]')===this.$el)&&this.hide(e)}bindKeypress(e){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let t=!1;try{t=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==e.key||"alertdialog"===this.$el.getAttribute("role")||t||(e.preventDefault(),this.hide(e)),"Tab"===e.key&&W(this.$el,e)}maintainFocus(e){e.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||P(this.$el)}}function H(){for(const e of document.querySelectorAll("[data-a11y-dialog]"))new M(e)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",H):H());var J="__authsignal-popup-container",q="__authsignal-popup-content",V="__authsignal-popup-overlay",F="__authsignal-popup-style",G="__authsignal-popup-iframe",z="385px",B=function(){function e(e){var t=e.width,n=e.isClosable;if(this.popup=null,document.querySelector("#".concat(J)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:t,isClosable:n})}return e.prototype.create=function(e){var t=this,n=e.width,o=void 0===n?z:n,i=e.isClosable,r=void 0===i||i,s=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),s=z);var a=document.createElement("div");a.setAttribute("id",J),a.setAttribute("aria-hidden","true"),r||a.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",V),r&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",q),document.body.appendChild(a);var l=document.createElement("style");l.setAttribute("id",F),l.textContent="\n #".concat(J,",\n #").concat(V," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(J," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(J,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(V," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(q," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(s,";\n }\n\n #").concat(q," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",l),a.appendChild(c),a.appendChild(u),this.popup=new M(a),a.focus(),this.popup.on("hide",(function(){t.destroy()}))},e.prototype.destroy=function(){var e=document.querySelector("#".concat(J)),t=document.querySelector("#".concat(F));e&&t&&(document.body.removeChild(e),document.head.removeChild(t)),window.removeEventListener("message",Y)},e.prototype.show=function(e){var t,n=e.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",G),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(q));i&&i.appendChild(o),window.addEventListener("message",Y),null===(t=this.popup)||void 0===t||t.show()},e.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},e.prototype.on=function(e,t){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(e,t)},e}();function Y(e){var t=document.querySelector("#".concat(G));t&&e.data.height&&(t.style.height=e.data.height+"px")}var X=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return l(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:T({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return A({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.code;return d(this,(function(e){switch(e.label){case 0:return t={verificationCode:i},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),Q=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=S.shared,this.api=new X({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(){return l(this,void 0,void 0,(function(){return d(this,(function(e){return this.cache.token?[2,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},e.prototype.verify=function(e){return l(this,arguments,void 0,(function(e){var t,n=e.code;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},e}(),Z=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.email;return d(this,(function(e){switch(e.label){case 0:return t={email:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return l(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:T({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return A({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.code;return d(this,(function(e){switch(e.label){case 0:return t={verificationCode:i},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),ee=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=S.shared,this.api=new Z({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return l(this,arguments,void 0,(function(e){var t=e.email;return d(this,(function(e){return this.cache.token?[2,this.api.enroll({token:this.cache.token,email:t})]:[2,this.cache.handleTokenNotSetError()]}))}))},e.prototype.challenge=function(){return l(this,void 0,void 0,(function(){return d(this,(function(e){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},e.prototype.verify=function(e){return l(this,arguments,void 0,(function(e){var t,n=e.code;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},e}(),te=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.phoneNumber;return d(this,(function(e){switch(e.label){case 0:return t={phoneNumber:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return l(this,arguments,void 0,(function(e){var t,n=e.token;return d(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:T({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return A({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return l(this,arguments,void 0,(function(e){var t,n,o=e.token,i=e.code;return d(this,(function(e){switch(e.label){case 0:return t={verificationCode:i},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:T({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return A({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),ne=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=S.shared,this.api=new te({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return l(this,arguments,void 0,(function(e){var t=e.phoneNumber;return d(this,(function(e){return this.cache.token?[2,this.api.enroll({token:this.cache.token,phoneNumber:t})]:[2,this.cache.handleTokenNotSetError()]}))}))},e.prototype.challenge=function(){return l(this,void 0,void 0,(function(){return d(this,(function(e){return this.cache.token?[2,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()]}))}))},e.prototype.verify=function(e){return l(this,arguments,void 0,(function(e){var t,n=e.code;return d(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,t]}}))}))},e}(),oe="4a08uqve",ie=function(){function t(e){var t=e.cookieDomain,n=e.cookieName,o=void 0===n?"__as_aid":n,i=e.baseUrl,r=void 0===i?"https://api.authsignal.com/v1":i,c=e.tenantId,u=e.onTokenExpired;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this.cookieDomain=t||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!c)throw new Error("tenantId is required");var l,d=(l=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(l).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;d?this.anonymousId=d:(this.anonymousId=s(),a({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new _({tenantId:c,baseUrl:r,anonymousId:this.anonymousId,onTokenExpired:u}),this.totp=new Q({tenantId:c,baseUrl:r,onTokenExpired:u}),this.email=new ee({tenantId:c,baseUrl:r,onTokenExpired:u}),this.sms=new ne({tenantId:c,baseUrl:r,onTokenExpired:u})}return t.prototype.setToken=function(e){S.shared.token=e},t.prototype.launch=function(e,t){switch(null==t?void 0:t.mode){case"window":return this.launchWithWindow(e,t);case"popup":return this.launchWithPopup(e,t);default:this.launchWithRedirect(e)}},t.prototype.initAdvancedProfiling=function(e){var t=s();this.profilingId=t,a({name:"__as_pid",value:t,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=e?"".concat(e,"/fp/tags.js?org_id=").concat(oe,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(oe,"&session_id=").concat(t),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var i=document.createElement("noscript");i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=e?"".concat(e,"/fp/tags?org_id=").concat(oe,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags?org_id=".concat(oe,"&session_id=").concat(t);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),i&&(i.appendChild(r),document.body.prepend(i))},t.prototype.launchWithRedirect=function(e){window.location.href=e},t.prototype.launchWithPopup=function(t,n){var o=n.popupOptions,i=new B({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),r="".concat(t,"&mode=popup");return i.show({url:r}),new Promise((function(t){var n=void 0;i.on("hide",(function(){t({token:n})})),window.addEventListener("message",(function(t){var o=null;try{o=JSON.parse(t.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(n=o.token,i.close())}),!1)}))},t.prototype.launchWithWindow=function(t,n){var o=n.windowOptions,i=new O,r="".concat(t,"&mode=popup");return i.show({url:r,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(t){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(i.close(),t({token:o.token}))}),!1)}))},t}();return e.Authsignal=ie,Object.defineProperty(e,"__esModule",{value:!0}),e}({});
1
+ var authsignal=function(e){"use strict";let t;const n=new Uint8Array(16);function o(){if(!t&&(t="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!t))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return t(n)}const r=[];for(let e=0;e<256;++e)r.push((e+256).toString(16).slice(1));var i={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function s(e,t,n){if(i.randomUUID&&!t&&!e)return i.randomUUID();const s=(e=e||{}).random||(e.rng||o)();if(s[6]=15&s[6]|64,s[8]=63&s[8]|128,t){n=n||0;for(let e=0;e<16;++e)t[n+e]=s[e];return t}return function(e,t=0){return(r[e[t+0]]+r[e[t+1]]+r[e[t+2]]+r[e[t+3]]+"-"+r[e[t+4]]+r[e[t+5]]+"-"+r[e[t+6]]+r[e[t+7]]+"-"+r[e[t+8]]+r[e[t+9]]+"-"+r[e[t+10]]+r[e[t+11]]+r[e[t+12]]+r[e[t+13]]+r[e[t+14]]+r[e[t+15]]).toLowerCase()}(s)}var a=function(){return a=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e},a.apply(this,arguments)};function c(e,t,n,o){return new(n||(n=Promise))((function(r,i){function s(e){try{c(o.next(e))}catch(e){i(e)}}function a(e){try{c(o.throw(e))}catch(e){i(e)}}function c(e){var t;e.done?r(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(s,a)}c((o=o.apply(e,t||[])).next())}))}function u(e,t){var n,o,r,i,s={label:0,sent:function(){if(1&r[0])throw r[1];return r[1]},trys:[],ops:[]};return i={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function a(i){return function(a){return function(i){if(n)throw new TypeError("Generator is already executing.");for(;s;)try{if(n=1,o&&(r=2&i[0]?o.return:i[0]?o.throw||((r=o.return)&&r.call(o),0):o.next)&&!(r=r.call(o,i[1])).done)return r;switch(o=0,r&&(i=[2&i[0],r.value]),i[0]){case 0:case 1:r=i;break;case 4:return s.label++,{value:i[1],done:!1};case 5:s.label++,o=i[1],i=[0];continue;case 7:i=s.ops.pop(),s.trys.pop();continue;default:if(!(r=s.trys,(r=r.length>0&&r[r.length-1])||6!==i[0]&&2!==i[0])){s=0;continue}if(3===i[0]&&(!r||i[1]>r[0]&&i[1]<r[3])){s.label=i[1];break}if(6===i[0]&&s.label<r[1]){s.label=r[1],r=i;break}if(r&&s.label<r[2]){s.label=r[2],s.ops.push(i);break}r[2]&&s.ops.pop(),s.trys.pop();continue}i=t.call(e,s)}catch(e){i=[6,e],o=0}finally{n=r=0}if(5&i[0])throw i[1];return{value:i[0]?i[1]:void 0,done:!0}}([i,a])}}}function l(e){var t=e.name,n=e.value,o=e.expire,r=e.domain,i=e.secure,s=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(t)+"="+n+"; path=/;"+s+(r?"; domain="+r:"")+(i?"; secure":"")}function d(e){var t,n=null!==(t=e.errorDescription)&&void 0!==t?t:e.error;return console.error(n),{error:n}}function h(e){var t;if(e&&"object"==typeof e&&"error"in e){var n=null!==(t=e.errorDescription)&&void 0!==t?t:e.error;return console.error(n),{error:n}}if(e&&"object"==typeof e&&"accessToken"in e&&"string"==typeof e.accessToken){var o=e.accessToken,r=function(e,t){var n={};for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var r=0;for(o=Object.getOwnPropertySymbols(e);r<o.length;r++)t.indexOf(o[r])<0&&Object.prototype.propertyIsEnumerable.call(e,o[r])&&(n[o[r]]=e[o[r]])}return n}(e,["accessToken"]);return{data:a(a({},r),{token:o})}}return{data:e}}function p(e){const t=new Uint8Array(e);let n="";for(const e of t)n+=String.fromCharCode(e);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function f(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),n=(4-t.length%4)%4,o=t.padEnd(t.length+n,"="),r=atob(o),i=new ArrayBuffer(r.length),s=new Uint8Array(i);for(let e=0;e<r.length;e++)s[e]=r.charCodeAt(e);return i}function m(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function y(e){const{id:t}=e;return{...e,id:f(t),transports:e.transports}}function w(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}e.AuthsignalWindowMessage=void 0,(e.AuthsignalWindowMessage||(e.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class v extends Error{constructor({message:e,code:t,cause:n,name:o}){super(e,{cause:n}),this.name=o??n.name,this.code=t}}const g=new class{createNewAbortSignal(){if(this.controller){const e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}const e=new AbortController;return this.controller=e,e.signal}cancelCeremony(){if(this.controller){const e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}}},b=["cross-platform","platform"];function k(e){if(e&&!(b.indexOf(e)<0))return e}async function E(e){if(!m())throw new Error("WebAuthn is not supported in this browser");const t={publicKey:{...e,challenge:f(e.challenge),user:{...e.user,id:f(e.user.id)},excludeCredentials:e.excludeCredentials?.map(y)}};let n;t.signal=g.createNewAbortSignal();try{n=await navigator.credentials.create(t)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new v({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if("ConstraintError"===e.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new v({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if("required"===n.authenticatorSelection?.userVerification)return new v({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if("InvalidStateError"===e.name)return new v({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if("NotAllowedError"===e.name)return new v({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("NotSupportedError"===e.name)return 0===n.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new v({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new v({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!w(t))return new v({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rp.id!==t)return new v({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("TypeError"===e.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new v({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if("UnknownError"===e.name)return new v({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:t})}if(!n)throw new Error("Registration was not completed");const{id:o,rawId:r,response:i,type:s}=n;let a,c,u,l;if("function"==typeof i.getTransports&&(a=i.getTransports()),"function"==typeof i.getPublicKeyAlgorithm)try{c=i.getPublicKeyAlgorithm()}catch(e){I("getPublicKeyAlgorithm()",e)}if("function"==typeof i.getPublicKey)try{const e=i.getPublicKey();null!==e&&(u=p(e))}catch(e){I("getPublicKey()",e)}if("function"==typeof i.getAuthenticatorData)try{l=p(i.getAuthenticatorData())}catch(e){I("getAuthenticatorData()",e)}return{id:o,rawId:p(r),response:{attestationObject:p(i.attestationObject),clientDataJSON:p(i.clientDataJSON),transports:a,publicKeyAlgorithm:c,publicKey:u,authenticatorData:l},type:s,clientExtensionResults:n.getClientExtensionResults(),authenticatorAttachment:k(n.authenticatorAttachment)}}function I(e,t){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.\n`,t)}async function T(e,t=!1){if(!m())throw new Error("WebAuthn is not supported in this browser");let n;0!==e.allowCredentials?.length&&(n=e.allowCredentials?.map(y));const o={...e,challenge:f(e.challenge),allowCredentials:n},r={};if(t){if(!await function(){if(!m())return new Promise((e=>e(!1)));const e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((e=>e(!1))):e.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');r.mediation="conditional",o.allowCredentials=[]}let i;r.publicKey=o,r.signal=g.createNewAbortSignal();try{i=await navigator.credentials.get(r)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new v({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else{if("NotAllowedError"===e.name)return new v({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!w(t))return new v({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rpId!==t)return new v({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("UnknownError"===e.name)return new v({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:r})}if(!i)throw new Error("Authentication was not completed");const{id:s,rawId:a,response:c,type:u}=i;let l;return c.userHandle&&(l=p(c.userHandle)),{id:s,rawId:p(a),response:{authenticatorData:p(c.authenticatorData),clientDataJSON:p(c.clientDataJSON),signature:p(c.signature),userHandle:l},type:u,clientExtensionResults:i.getClientExtensionResults(),authenticatorAttachment:k(i.authenticatorAttachment)}}function A(e){var t=e.token,n=e.tenantId;return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}function R(e){var t=e.response,n=e.onTokenExpired;"error"in t&&"expired_token"===t.errorCode&&n&&n()}var S=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.registrationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.username,i=e.authenticatorAttachment;return u(this,(function(e){switch(e.label){case 0:return t=Boolean(i)?{username:r,authenticatorAttachment:i}:{username:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.authenticationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.addAuthenticator=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId,i=e.registrationCredential;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r,registrationCredential:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId,i=e.authenticationCredential,s=e.deviceId;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r,authenticationCredential:i,deviceId:s},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.getPasskeyAuthenticator=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.credentialIds;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialIds=").concat(n),{method:"GET",headers:A({tenantId:this.tenantId})})];case 1:if(!(t=e.sent()).ok)throw new Error(t.statusText);return[2,t.json()]}}))}))},e.prototype.challenge=function(e){return c(this,void 0,void 0,(function(){var t;return u(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:A({tenantId:this.tenantId}),body:JSON.stringify({action:e})})];case 1:return[4,n.sent().json()];case 2:return R({response:t=n.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e}(),O=function(){function e(){this.token=null}return e.prototype.handleTokenNotSetError=function(){var e="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(e)),{error:"TOKEN_NOT_SET",errorDescription:e}},e.shared=new e,e}(),_=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.anonymousId,r=e.onTokenExpired;this.passkeyLocalStorageKey="as_user_passkey_map",this.cache=O.shared,this.api=new S({baseUrl:t,tenantId:n,onTokenExpired:r}),this.anonymousId=o}return e.prototype.signUp=function(e){return c(this,arguments,void 0,(function(e){var t,n,o,r,i,s=e.username,c=e.displayName,l=e.token,h=e.authenticatorAttachment,p=void 0===h?"platform":h;return u(this,(function(e){switch(e.label){case 0:return(t=null!=l?l:this.cache.token)?(n={username:s,displayName:c,token:t,authenticatorAttachment:p},[4,this.api.registrationOptions(n)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(o=e.sent())?[2,d(o)]:[4,E(o.options)];case 2:return r=e.sent(),[4,this.api.addAuthenticator({challengeId:o.challengeId,registrationCredential:r,token:t})];case 3:return"error"in(i=e.sent())?[2,d(i)]:(i.isVerified&&this.storeCredentialAgainstDevice(a(a({},r),{userId:i.userId})),i.accessToken&&(this.cache.token=i.accessToken),[2,{data:{token:i.accessToken,registrationResponse:r}}])}}))}))},e.prototype.signIn=function(e){return c(this,void 0,void 0,(function(){var t,n,o,r,i,s,c,l,h,p;return u(this,(function(u){switch(u.label){case 0:if((null==e?void 0:e.token)&&e.autofill)throw new Error("autofill is not supported when providing a token");if((null==e?void 0:e.action)&&e.token)throw new Error("action is not supported when providing a token");return(null==e?void 0:e.action)?[4,this.api.challenge(e.action)]:[3,2];case 1:return n=u.sent(),[3,3];case 2:n=null,u.label=3;case 3:return(t=n)&&"error"in t?[2,d(t)]:[4,this.api.authenticationOptions({token:null==e?void 0:e.token,challengeId:null==t?void 0:t.challengeId})];case 4:return"error"in(o=u.sent())?[2,d(o)]:[4,T(o.options,null==e?void 0:e.autofill)];case 5:return r=u.sent(),(null==e?void 0:e.onVerificationStarted)&&e.onVerificationStarted(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:r,token:null==e?void 0:e.token,deviceId:this.anonymousId})];case 6:return"error"in(i=u.sent())?[2,d(i)]:(i.isVerified&&this.storeCredentialAgainstDevice(a(a({},r),{userId:i.userId})),i.accessToken&&(this.cache.token=i.accessToken),s=i.accessToken,c=i.userId,l=i.userAuthenticatorId,h=i.username,p=i.userDisplayName,[2,{data:{isVerified:i.isVerified,token:s,userId:c,userAuthenticatorId:l,username:h,displayName:p,authenticationResponse:r}}])}}))}))},e.prototype.isAvailableOnDevice=function(e){return c(this,arguments,void 0,(function(e){var t,n,o,r,i=e.userId;return u(this,(function(e){switch(e.label){case 0:if(!i)throw new Error("userId is required");if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];if(n=JSON.parse(t),0===(o=null!==(r=n[i])&&void 0!==r?r:[]).length)return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator({credentialIds:o})];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},e.prototype.storeCredentialAgainstDevice=function(e){var t=e.id,n=e.authenticatorAttachment,o=e.userId,r=void 0===o?"":o;if("cross-platform"!==n){var i=localStorage.getItem(this.passkeyLocalStorageKey),s=i?JSON.parse(i):{};s[r]?s[r].includes(t)||s[r].push(t):s[r]=[t],localStorage.setItem(this.passkeyLocalStorageKey,JSON.stringify(s))}},e}(),x=function(){function e(){this.windowRef=null}return e.prototype.show=function(e){var t=e.url,n=e.width,o=void 0===n?400:n,r=e.height,i=function(e){var t=e.url,n=e.width,o=e.height,r=e.win;if(!r.top)return null;var i=r.top.outerHeight/2+r.top.screenY-o/2,s=r.top.outerWidth/2+r.top.screenX-n/2;return window.open(t,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(i,", left=").concat(s))}({url:t,width:o,height:void 0===r?500:r,win:window});if(!i)throw new Error("Window is not initialized");return this.windowRef=i,i},e.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},e}();const C=":not([inert]):not([inert] *)",U=':not([tabindex^="-"])',N=":not(:disabled)";var P=[`a[href]${C}${U}`,`area[href]${C}${U}`,`input:not([type="hidden"]):not([type="radio"])${C}${U}${N}`,`input[type="radio"]${C}${U}${N}`,`select${C}${U}${N}`,`textarea${C}${U}${N}`,`button${C}${U}${N}`,`details${C} > summary:first-of-type${U}`,`iframe${C}${U}`,`audio[controls]${C}${U}`,`video[controls]${C}${U}`,`[contenteditable]${C}${U}`,`[tabindex]${C}${U}`];function $(e){(e.querySelector("[autofocus]")||e).focus()}function D(e,t){if(t&&j(e))return e;if(!((n=e).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(e.shadowRoot){let n=L(e.shadowRoot,t);for(;n;){const e=D(n,t);if(e)return e;n=K(n,t)}}else if("slot"===e.localName){const n=e.assignedElements({flatten:!0});t||n.reverse();for(const e of n){const n=D(e,t);if(n)return n}}else{let n=L(e,t);for(;n;){const e=D(n,t);if(e)return e;n=K(n,t)}}var n;return!t&&j(e)?e:null}function L(e,t){return t?e.firstElementChild:e.lastElementChild}function K(e,t){return t?e.nextElementSibling:e.previousElementSibling}const j=e=>!e.shadowRoot?.delegatesFocus&&(e.matches(P.join(","))&&!(e=>!(!e.matches("details:not([open]) *")||e.matches("details>summary:first-of-type"))||!(e.offsetWidth||e.offsetHeight||e.getClientRects().length))(e));function W(e=document){const t=e.activeElement;return t?t.shadowRoot?W(t.shadowRoot)||document.activeElement:t:null}function M(e,t){const[n,o]=function(e){const t=D(e,!0);return[t,t?D(e,!1)||t:null]}(e);if(!n)return t.preventDefault();const r=W();t.shiftKey&&r===n?(o.focus(),t.preventDefault()):t.shiftKey||r!==o||(n.focus(),t.preventDefault())}class H{$el;id;previouslyFocused;shown;constructor(e){this.$el=e,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(e){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=W(),"BODY"===this.previouslyFocused?.tagName&&e?.target&&(this.previouslyFocused=e.target),"focus"===e?.type?this.maintainFocus(e):$(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",e)),this}hide(e){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",e),this):this}on(e,t,n){return this.$el.addEventListener(e,t,n),this}off(e,t,n){return this.$el.removeEventListener(e,t,n),this}fire(e,t){this.$el.dispatchEvent(new CustomEvent(e,{detail:t,cancelable:!0}))}handleTriggerClicks(e){const t=e.target;t.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(e),(t.closest(`[data-a11y-dialog-hide="${this.id}"]`)||t.closest("[data-a11y-dialog-hide]")&&t.closest('[aria-modal="true"]')===this.$el)&&this.hide(e)}bindKeypress(e){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let t=!1;try{t=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==e.key||"alertdialog"===this.$el.getAttribute("role")||t||(e.preventDefault(),this.hide(e)),"Tab"===e.key&&M(this.$el,e)}maintainFocus(e){e.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||$(this.$el)}}function J(){for(const e of document.querySelectorAll("[data-a11y-dialog]"))new H(e)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",J):J());var q="__authsignal-popup-container",V="__authsignal-popup-content",F="__authsignal-popup-overlay",G="__authsignal-popup-style",z="__authsignal-popup-iframe",B="385px",Y=function(){function e(e){var t=e.width,n=e.isClosable;if(this.popup=null,document.querySelector("#".concat(q)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:t,isClosable:n})}return e.prototype.create=function(e){var t=this,n=e.width,o=void 0===n?B:n,r=e.isClosable,i=void 0===r||r,s=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),s=B);var a=document.createElement("div");a.setAttribute("id",q),a.setAttribute("aria-hidden","true"),i||a.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",F),i&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",V),document.body.appendChild(a);var l=document.createElement("style");l.setAttribute("id",G),l.textContent="\n #".concat(q,",\n #").concat(F," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(q," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(q,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(F," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(V," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(s,";\n }\n\n #").concat(V," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",l),a.appendChild(c),a.appendChild(u),this.popup=new H(a),a.focus(),this.popup.on("hide",(function(){t.destroy()}))},e.prototype.destroy=function(){var e=document.querySelector("#".concat(q)),t=document.querySelector("#".concat(G));e&&t&&(document.body.removeChild(e),document.head.removeChild(t)),window.removeEventListener("message",X)},e.prototype.show=function(e){var t,n=e.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",z),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var r=document.querySelector("#".concat(V));r&&r.appendChild(o),window.addEventListener("message",X),null===(t=this.popup)||void 0===t||t.show()},e.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},e.prototype.on=function(e,t){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(e,t)},e}();function X(e){var t=document.querySelector("#".concat(z));t&&e.data.height&&(t.style.height=e.data.height+"px")}var Q=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return R({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),Z=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=O.shared,this.api=new Q({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,h(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,h(t)]}}))}))},e}(),ee=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.email;return u(this,(function(e){switch(e.label){case 0:return t={email:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return R({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),te=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=O.shared,this.api=new ee({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t=e.email;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,email:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,h(e.sent())]}}))}))},e.prototype.challenge=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,h(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,h(t)]}}))}))},e}(),ne=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.phoneNumber;return u(this,(function(e){switch(e.label){case 0:return t={phoneNumber:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return R({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return R({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),oe=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=O.shared,this.api=new ne({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t=e.phoneNumber;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,phoneNumber:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,h(e.sent())]}}))}))},e.prototype.challenge=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,h(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,h(t)]}}))}))},e}(),re="4a08uqve",ie=function(){function t(e){var t=e.cookieDomain,n=e.cookieName,o=void 0===n?"__as_aid":n,r=e.baseUrl,i=void 0===r?"https://api.authsignal.com/v1":r,a=e.tenantId,c=e.onTokenExpired;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this.cookieDomain=t||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!a)throw new Error("tenantId is required");var u,d=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;d?this.anonymousId=d:(this.anonymousId=s(),l({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new _({tenantId:a,baseUrl:i,anonymousId:this.anonymousId,onTokenExpired:c}),this.totp=new Z({tenantId:a,baseUrl:i,onTokenExpired:c}),this.email=new te({tenantId:a,baseUrl:i,onTokenExpired:c}),this.sms=new oe({tenantId:a,baseUrl:i,onTokenExpired:c})}return t.prototype.setToken=function(e){O.shared.token=e},t.prototype.launch=function(e,t){switch(null==t?void 0:t.mode){case"window":return this.launchWithWindow(e,t);case"popup":return this.launchWithPopup(e,t);default:this.launchWithRedirect(e)}},t.prototype.initAdvancedProfiling=function(e){var t=s();this.profilingId=t,l({name:"__as_pid",value:t,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=e?"".concat(e,"/fp/tags.js?org_id=").concat(re,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(re,"&session_id=").concat(t),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var r=document.createElement("noscript");r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("aria-hidden","true");var i=document.createElement("iframe"),a=e?"".concat(e,"/fp/tags?org_id=").concat(re,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags?org_id=".concat(re,"&session_id=").concat(t);i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("src",a),i.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),r&&(r.appendChild(i),document.body.prepend(r))},t.prototype.launchWithRedirect=function(e){window.location.href=e},t.prototype.launchWithPopup=function(t,n){var o=n.popupOptions,r=new Y({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),i="".concat(t,"&mode=popup");return r.show({url:i}),new Promise((function(t){var n=void 0;r.on("hide",(function(){t({token:n})})),window.addEventListener("message",(function(t){var o=null;try{o=JSON.parse(t.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(n=o.token,r.close())}),!1)}))},t.prototype.launchWithWindow=function(t,n){var o=n.windowOptions,r=new x,i="".concat(t,"&mode=popup");return r.show({url:i,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(t){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(r.close(),t({token:o.token}))}),!1)}))},t}();return e.Authsignal=ie,Object.defineProperty(e,"__esModule",{value:!0}),e}({});
package/dist/passkey.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { PasskeyApiClient } from "./api";
2
2
  import { AuthenticationResponseJSON, RegistrationResponseJSON, AuthenticatorAttachment } from "@simplewebauthn/types";
3
- import { AuthsignalResponse } from "./api/types/shared";
3
+ import { AuthsignalResponse } from "./types";
4
4
  type PasskeyOptions = {
5
5
  baseUrl: string;
6
6
  tenantId: string;
@@ -8,9 +8,9 @@ type PasskeyOptions = {
8
8
  onTokenExpired?: () => void;
9
9
  };
10
10
  type SignUpParams = {
11
- userName?: string;
12
- userDisplayName?: string;
13
- token?: string;
11
+ token: string;
12
+ username?: string;
13
+ displayName?: string;
14
14
  authenticatorAttachment?: AuthenticatorAttachment | null;
15
15
  };
16
16
  type SignUpResponse = {
@@ -18,9 +18,9 @@ type SignUpResponse = {
18
18
  registrationResponse?: RegistrationResponseJSON;
19
19
  };
20
20
  type SignInParams = {
21
- token?: string;
22
21
  autofill?: boolean;
23
22
  action?: string;
23
+ token?: string;
24
24
  onVerificationStarted?: () => unknown;
25
25
  };
26
26
  type SignInResponse = {
@@ -28,8 +28,8 @@ type SignInResponse = {
28
28
  token?: string;
29
29
  userId?: string;
30
30
  userAuthenticatorId?: string;
31
- userName?: string;
32
- userDisplayName?: string;
31
+ username?: string;
32
+ displayName?: string;
33
33
  authenticationResponse?: AuthenticationResponseJSON;
34
34
  };
35
35
  export declare class Passkey {
@@ -38,7 +38,7 @@ export declare class Passkey {
38
38
  private anonymousId;
39
39
  private cache;
40
40
  constructor({ baseUrl, tenantId, anonymousId, onTokenExpired }: PasskeyOptions);
41
- signUp({ userName, userDisplayName, token, authenticatorAttachment, }: SignUpParams): Promise<AuthsignalResponse<SignUpResponse>>;
41
+ signUp({ username, displayName, token, authenticatorAttachment, }: SignUpParams): Promise<AuthsignalResponse<SignUpResponse>>;
42
42
  signIn(params?: SignInParams): Promise<AuthsignalResponse<SignInResponse>>;
43
43
  isAvailableOnDevice({ userId }: {
44
44
  userId: string;
package/dist/sms.d.ts CHANGED
@@ -1,3 +1,5 @@
1
+ import { ChallengeResponse, EnrollResponse, VerifyResponse } from "./api/types/shared";
2
+ import { AuthsignalResponse } from "./types";
1
3
  type SmsOptions = {
2
4
  baseUrl: string;
3
5
  tenantId: string;
@@ -13,8 +15,8 @@ export declare class Sms {
13
15
  private api;
14
16
  private cache;
15
17
  constructor({ baseUrl, tenantId, onTokenExpired }: SmsOptions);
16
- enroll({ phoneNumber }: EnrollParams): Promise<import("./api/types/shared").AuthsignalResponse<import("./api/types/shared").EnrollResponse>>;
17
- challenge(): Promise<import("./api/types/shared").AuthsignalResponse<import("./api/types/shared").ChallengeResponse>>;
18
- verify({ code }: VerifyParams): Promise<import("./api/types/shared").AuthsignalResponse<import("./api/types/shared").VerifyResponse>>;
18
+ enroll({ phoneNumber }: EnrollParams): Promise<AuthsignalResponse<EnrollResponse>>;
19
+ challenge(): Promise<AuthsignalResponse<ChallengeResponse>>;
20
+ verify({ code }: VerifyParams): Promise<AuthsignalResponse<VerifyResponse>>;
19
21
  }
20
22
  export {};
package/dist/totp.d.ts CHANGED
@@ -1,3 +1,6 @@
1
+ import { VerifyResponse } from "./api/types/shared";
2
+ import { EnrollTotpResponse } from "./api/types/totp";
3
+ import { AuthsignalResponse } from "./types";
1
4
  type TotpOptions = {
2
5
  baseUrl: string;
3
6
  tenantId: string;
@@ -10,7 +13,7 @@ export declare class Totp {
10
13
  private api;
11
14
  private cache;
12
15
  constructor({ baseUrl, tenantId, onTokenExpired }: TotpOptions);
13
- enroll(): Promise<import("./api/types/shared").AuthsignalResponse<import("./api/types/totp").EnrollResponse>>;
14
- verify({ code }: VerifyParams): Promise<import("./api/types/shared").AuthsignalResponse<import("./api/types/shared").VerifyResponse>>;
16
+ enroll(): Promise<AuthsignalResponse<EnrollTotpResponse>>;
17
+ verify({ code }: VerifyParams): Promise<AuthsignalResponse<VerifyResponse>>;
15
18
  }
16
19
  export {};
package/dist/types.d.ts CHANGED
@@ -64,4 +64,8 @@ export type AuthsignalWindowMessageData = {
64
64
  export type TokenPayload = {
65
65
  token?: string;
66
66
  };
67
+ export type AuthsignalResponse<T> = {
68
+ error?: string;
69
+ data?: T;
70
+ };
67
71
  export {};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@authsignal/browser",
3
- "version": "0.6.2",
3
+ "version": "1.0.0-alpha1",
4
4
  "type": "module",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.js",