@authsignal/browser 1.2.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +41 -24
- package/dist/index.min.js +1 -1
- package/dist/passkey.d.ts +3 -2
- package/package.json +3 -3
package/dist/index.js
CHANGED
|
@@ -198,7 +198,7 @@ var AuthsignalWindowMessage;
|
|
|
198
198
|
AuthsignalWindowMessage["AUTHSIGNAL_CLOSE_POPUP"] = "AUTHSIGNAL_CLOSE_POPUP";
|
|
199
199
|
})(AuthsignalWindowMessage || (AuthsignalWindowMessage = {}));
|
|
200
200
|
|
|
201
|
-
/* [@simplewebauthn/browser@
|
|
201
|
+
/* [@simplewebauthn/browser@11.0.0] */
|
|
202
202
|
function bufferToBase64URLString(buffer) {
|
|
203
203
|
const bytes = new Uint8Array(buffer);
|
|
204
204
|
let str = '';
|
|
@@ -271,6 +271,14 @@ function identifyRegistrationError({ error, options, }) {
|
|
|
271
271
|
cause: error,
|
|
272
272
|
});
|
|
273
273
|
}
|
|
274
|
+
else if (options.mediation === 'conditional' &&
|
|
275
|
+
publicKey.authenticatorSelection?.userVerification === 'required') {
|
|
276
|
+
return new WebAuthnError({
|
|
277
|
+
message: 'User verification was required during automatic registration but it could not be performed',
|
|
278
|
+
code: 'ERROR_AUTO_REGISTER_USER_VERIFICATION_FAILURE',
|
|
279
|
+
cause: error,
|
|
280
|
+
});
|
|
281
|
+
}
|
|
274
282
|
else if (publicKey.authenticatorSelection?.userVerification === 'required') {
|
|
275
283
|
return new WebAuthnError({
|
|
276
284
|
message: 'User verification was required but no available authenticator supported it',
|
|
@@ -377,7 +385,8 @@ function toAuthenticatorAttachment(attachment) {
|
|
|
377
385
|
return attachment;
|
|
378
386
|
}
|
|
379
387
|
|
|
380
|
-
async function startRegistration(
|
|
388
|
+
async function startRegistration(options) {
|
|
389
|
+
const { optionsJSON, useAutoRegister = false } = options;
|
|
381
390
|
if (!browserSupportsWebAuthn()) {
|
|
382
391
|
throw new Error('WebAuthn is not supported in this browser');
|
|
383
392
|
}
|
|
@@ -390,14 +399,18 @@ async function startRegistration(optionsJSON) {
|
|
|
390
399
|
},
|
|
391
400
|
excludeCredentials: optionsJSON.excludeCredentials?.map(toPublicKeyCredentialDescriptor),
|
|
392
401
|
};
|
|
393
|
-
const
|
|
394
|
-
|
|
402
|
+
const createOptions = {};
|
|
403
|
+
if (useAutoRegister) {
|
|
404
|
+
createOptions.mediation = 'conditional';
|
|
405
|
+
}
|
|
406
|
+
createOptions.publicKey = publicKey;
|
|
407
|
+
createOptions.signal = WebAuthnAbortService.createNewAbortSignal();
|
|
395
408
|
let credential;
|
|
396
409
|
try {
|
|
397
|
-
credential = (await navigator.credentials.create(
|
|
410
|
+
credential = (await navigator.credentials.create(createOptions));
|
|
398
411
|
}
|
|
399
412
|
catch (err) {
|
|
400
|
-
throw identifyRegistrationError({ error: err, options });
|
|
413
|
+
throw identifyRegistrationError({ error: err, options: createOptions });
|
|
401
414
|
}
|
|
402
415
|
if (!credential) {
|
|
403
416
|
throw new Error('Registration was not completed');
|
|
@@ -517,7 +530,8 @@ function identifyAuthenticationError({ error, options, }) {
|
|
|
517
530
|
return error;
|
|
518
531
|
}
|
|
519
532
|
|
|
520
|
-
async function startAuthentication(
|
|
533
|
+
async function startAuthentication(options) {
|
|
534
|
+
const { optionsJSON, useBrowserAutofill = false, verifyBrowserAutofillInput = true, } = options;
|
|
521
535
|
if (!browserSupportsWebAuthn()) {
|
|
522
536
|
throw new Error('WebAuthn is not supported in this browser');
|
|
523
537
|
}
|
|
@@ -530,26 +544,26 @@ async function startAuthentication(optionsJSON, useBrowserAutofill = false) {
|
|
|
530
544
|
challenge: base64URLStringToBuffer(optionsJSON.challenge),
|
|
531
545
|
allowCredentials,
|
|
532
546
|
};
|
|
533
|
-
const
|
|
547
|
+
const getOptions = {};
|
|
534
548
|
if (useBrowserAutofill) {
|
|
535
549
|
if (!(await browserSupportsWebAuthnAutofill())) {
|
|
536
550
|
throw Error('Browser does not support WebAuthn autofill');
|
|
537
551
|
}
|
|
538
552
|
const eligibleInputs = document.querySelectorAll("input[autocomplete$='webauthn']");
|
|
539
|
-
if (eligibleInputs.length < 1) {
|
|
553
|
+
if (eligibleInputs.length < 1 && verifyBrowserAutofillInput) {
|
|
540
554
|
throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
|
|
541
555
|
}
|
|
542
|
-
|
|
556
|
+
getOptions.mediation = 'conditional';
|
|
543
557
|
publicKey.allowCredentials = [];
|
|
544
558
|
}
|
|
545
|
-
|
|
546
|
-
|
|
559
|
+
getOptions.publicKey = publicKey;
|
|
560
|
+
getOptions.signal = WebAuthnAbortService.createNewAbortSignal();
|
|
547
561
|
let credential;
|
|
548
562
|
try {
|
|
549
|
-
credential = (await navigator.credentials.get(
|
|
563
|
+
credential = (await navigator.credentials.get(getOptions));
|
|
550
564
|
}
|
|
551
565
|
catch (err) {
|
|
552
|
-
throw identifyAuthenticationError({ error: err, options });
|
|
566
|
+
throw identifyAuthenticationError({ error: err, options: getOptions });
|
|
553
567
|
}
|
|
554
568
|
if (!credential) {
|
|
555
569
|
throw new Error('Authentication was not completed');
|
|
@@ -769,9 +783,9 @@ var Passkey = /** @class */ (function () {
|
|
|
769
783
|
Passkey.prototype.signUp = function (_a) {
|
|
770
784
|
return __awaiter(this, arguments, void 0, function (_b) {
|
|
771
785
|
var userToken, optionsInput, optionsResponse, registrationResponse, addAuthenticatorResponse;
|
|
772
|
-
var username = _b.username, displayName = _b.displayName, token = _b.token, _c = _b.authenticatorAttachment, authenticatorAttachment = _c === void 0 ? "platform" : _c;
|
|
773
|
-
return __generator(this, function (
|
|
774
|
-
switch (
|
|
786
|
+
var username = _b.username, displayName = _b.displayName, token = _b.token, _c = _b.authenticatorAttachment, authenticatorAttachment = _c === void 0 ? "platform" : _c, _d = _b.useAutoRegister, useAutoRegister = _d === void 0 ? false : _d;
|
|
787
|
+
return __generator(this, function (_e) {
|
|
788
|
+
switch (_e.label) {
|
|
775
789
|
case 0:
|
|
776
790
|
userToken = token !== null && token !== void 0 ? token : this.cache.token;
|
|
777
791
|
if (!userToken) {
|
|
@@ -785,20 +799,20 @@ var Passkey = /** @class */ (function () {
|
|
|
785
799
|
};
|
|
786
800
|
return [4 /*yield*/, this.api.registrationOptions(optionsInput)];
|
|
787
801
|
case 1:
|
|
788
|
-
optionsResponse =
|
|
802
|
+
optionsResponse = _e.sent();
|
|
789
803
|
if ("error" in optionsResponse) {
|
|
790
804
|
return [2 /*return*/, handleErrorResponse(optionsResponse)];
|
|
791
805
|
}
|
|
792
|
-
return [4 /*yield*/, startRegistration(optionsResponse.options)];
|
|
806
|
+
return [4 /*yield*/, startRegistration({ optionsJSON: optionsResponse.options, useAutoRegister: useAutoRegister })];
|
|
793
807
|
case 2:
|
|
794
|
-
registrationResponse =
|
|
808
|
+
registrationResponse = _e.sent();
|
|
795
809
|
return [4 /*yield*/, this.api.addAuthenticator({
|
|
796
810
|
challengeId: optionsResponse.challengeId,
|
|
797
811
|
registrationCredential: registrationResponse,
|
|
798
812
|
token: userToken,
|
|
799
813
|
})];
|
|
800
814
|
case 3:
|
|
801
|
-
addAuthenticatorResponse =
|
|
815
|
+
addAuthenticatorResponse = _e.sent();
|
|
802
816
|
if ("error" in addAuthenticatorResponse) {
|
|
803
817
|
return [2 /*return*/, handleErrorResponse(addAuthenticatorResponse)];
|
|
804
818
|
}
|
|
@@ -852,7 +866,10 @@ var Passkey = /** @class */ (function () {
|
|
|
852
866
|
if ("error" in optionsResponse) {
|
|
853
867
|
return [2 /*return*/, handleErrorResponse(optionsResponse)];
|
|
854
868
|
}
|
|
855
|
-
return [4 /*yield*/, startAuthentication(
|
|
869
|
+
return [4 /*yield*/, startAuthentication({
|
|
870
|
+
optionsJSON: optionsResponse.options,
|
|
871
|
+
useBrowserAutofill: params === null || params === void 0 ? void 0 : params.autofill,
|
|
872
|
+
})];
|
|
856
873
|
case 5:
|
|
857
874
|
authenticationResponse = _b.sent();
|
|
858
875
|
if (params === null || params === void 0 ? void 0 : params.onVerificationStarted) {
|
|
@@ -2192,7 +2209,7 @@ var SecurityKey = /** @class */ (function () {
|
|
|
2192
2209
|
if ("error" in optionsResponse) {
|
|
2193
2210
|
return [2 /*return*/, handleErrorResponse(optionsResponse)];
|
|
2194
2211
|
}
|
|
2195
|
-
return [4 /*yield*/, startRegistration(optionsResponse)];
|
|
2212
|
+
return [4 /*yield*/, startRegistration({ optionsJSON: optionsResponse })];
|
|
2196
2213
|
case 2:
|
|
2197
2214
|
registrationResponse = _a.sent();
|
|
2198
2215
|
return [4 /*yield*/, this.api.addAuthenticator({
|
|
@@ -2234,7 +2251,7 @@ var SecurityKey = /** @class */ (function () {
|
|
|
2234
2251
|
if ("error" in optionsResponse) {
|
|
2235
2252
|
return [2 /*return*/, handleErrorResponse(optionsResponse)];
|
|
2236
2253
|
}
|
|
2237
|
-
return [4 /*yield*/, startAuthentication(optionsResponse)];
|
|
2254
|
+
return [4 /*yield*/, startAuthentication({ optionsJSON: optionsResponse })];
|
|
2238
2255
|
case 2:
|
|
2239
2256
|
authenticationResponse = _a.sent();
|
|
2240
2257
|
return [4 /*yield*/, this.api.verify({
|
package/dist/index.min.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
var authsignal=function(e){"use strict";let t;const n=new Uint8Array(16);function o(){if(!t&&(t="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!t))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return t(n)}const r=[];for(let e=0;e<256;++e)r.push((e+256).toString(16).slice(1));var i={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function s(e,t,n){if(i.randomUUID&&!t&&!e)return i.randomUUID();const s=(e=e||{}).random||(e.rng||o)();if(s[6]=15&s[6]|64,s[8]=63&s[8]|128,t){n=n||0;for(let e=0;e<16;++e)t[n+e]=s[e];return t}return function(e,t=0){return(r[e[t+0]]+r[e[t+1]]+r[e[t+2]]+r[e[t+3]]+"-"+r[e[t+4]]+r[e[t+5]]+"-"+r[e[t+6]]+r[e[t+7]]+"-"+r[e[t+8]]+r[e[t+9]]+"-"+r[e[t+10]]+r[e[t+11]]+r[e[t+12]]+r[e[t+13]]+r[e[t+14]]+r[e[t+15]]).toLowerCase()}(s)}var a=function(){return a=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e},a.apply(this,arguments)};function c(e,t,n,o){return new(n||(n=Promise))((function(r,i){function s(e){try{c(o.next(e))}catch(e){i(e)}}function a(e){try{c(o.throw(e))}catch(e){i(e)}}function c(e){var t;e.done?r(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(s,a)}c((o=o.apply(e,t||[])).next())}))}function u(e,t){var n,o,r,i,s={label:0,sent:function(){if(1&r[0])throw r[1];return r[1]},trys:[],ops:[]};return i={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function a(i){return function(a){return function(i){if(n)throw new TypeError("Generator is already executing.");for(;s;)try{if(n=1,o&&(r=2&i[0]?o.return:i[0]?o.throw||((r=o.return)&&r.call(o),0):o.next)&&!(r=r.call(o,i[1])).done)return r;switch(o=0,r&&(i=[2&i[0],r.value]),i[0]){case 0:case 1:r=i;break;case 4:return s.label++,{value:i[1],done:!1};case 5:s.label++,o=i[1],i=[0];continue;case 7:i=s.ops.pop(),s.trys.pop();continue;default:if(!(r=s.trys,(r=r.length>0&&r[r.length-1])||6!==i[0]&&2!==i[0])){s=0;continue}if(3===i[0]&&(!r||i[1]>r[0]&&i[1]<r[3])){s.label=i[1];break}if(6===i[0]&&s.label<r[1]){s.label=r[1],r=i;break}if(r&&s.label<r[2]){s.label=r[2],s.ops.push(i);break}r[2]&&s.ops.pop(),s.trys.pop();continue}i=t.call(e,s)}catch(e){i=[6,e],o=0}finally{n=r=0}if(5&i[0])throw i[1];return{value:i[0]?i[1]:void 0,done:!0}}([i,a])}}}function h(e){var t=e.name,n=e.value,o=e.expire,r=e.domain,i=e.secure,s=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(t)+"="+n+"; path=/;"+s+(r?"; domain="+r:"")+(i?"; secure":"")}function l(e){var t,n=null!==(t=e.errorDescription)&&void 0!==t?t:e.error;return console.error(n),{error:n}}function d(e){var t;if(e&&"object"==typeof e&&"error"in e){var n=null!==(t=e.errorDescription)&&void 0!==t?t:e.error;return console.error(n),{error:n}}if(e&&"object"==typeof e&&"accessToken"in e&&"string"==typeof e.accessToken){var o=e.accessToken,r=function(e,t){var n={};for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var r=0;for(o=Object.getOwnPropertySymbols(e);r<o.length;r++)t.indexOf(o[r])<0&&Object.prototype.propertyIsEnumerable.call(e,o[r])&&(n[o[r]]=e[o[r]])}return n}(e,["accessToken"]);return{data:a(a({},r),{token:o})}}return{data:e}}function p(e){const t=new Uint8Array(e);let n="";for(const e of t)n+=String.fromCharCode(e);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function f(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),n=(4-t.length%4)%4,o=t.padEnd(t.length+n,"="),r=atob(o),i=new ArrayBuffer(r.length),s=new Uint8Array(i);for(let e=0;e<r.length;e++)s[e]=r.charCodeAt(e);return i}function y(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function m(e){const{id:t}=e;return{...e,id:f(t),transports:e.transports}}function v(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}e.AuthsignalWindowMessage=void 0,(e.AuthsignalWindowMessage||(e.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class k extends Error{constructor({message:e,code:t,cause:n,name:o}){super(e,{cause:n}),this.name=o??n.name,this.code=t}}const w=new class{createNewAbortSignal(){if(this.controller){const e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}const e=new AbortController;return this.controller=e,e.signal}cancelCeremony(){if(this.controller){const e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}}},b=["cross-platform","platform"];function g(e){if(e&&!(b.indexOf(e)<0))return e}async function E(e){if(!y())throw new Error("WebAuthn is not supported in this browser");const t={publicKey:{...e,challenge:f(e.challenge),user:{...e.user,id:f(e.user.id)},excludeCredentials:e.excludeCredentials?.map(m)}};let n;t.signal=w.createNewAbortSignal();try{n=await navigator.credentials.create(t)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new k({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if("ConstraintError"===e.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new k({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if("required"===n.authenticatorSelection?.userVerification)return new k({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if("InvalidStateError"===e.name)return new k({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if("NotAllowedError"===e.name)return new k({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("NotSupportedError"===e.name)return 0===n.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new k({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new k({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!v(t))return new k({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rp.id!==t)return new k({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("TypeError"===e.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new k({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if("UnknownError"===e.name)return new k({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:t})}if(!n)throw new Error("Registration was not completed");const{id:o,rawId:r,response:i,type:s}=n;let a,c,u,h;if("function"==typeof i.getTransports&&(a=i.getTransports()),"function"==typeof i.getPublicKeyAlgorithm)try{c=i.getPublicKeyAlgorithm()}catch(e){T("getPublicKeyAlgorithm()",e)}if("function"==typeof i.getPublicKey)try{const e=i.getPublicKey();null!==e&&(u=p(e))}catch(e){T("getPublicKey()",e)}if("function"==typeof i.getAuthenticatorData)try{h=p(i.getAuthenticatorData())}catch(e){T("getAuthenticatorData()",e)}return{id:o,rawId:p(r),response:{attestationObject:p(i.attestationObject),clientDataJSON:p(i.clientDataJSON),transports:a,publicKeyAlgorithm:c,publicKey:u,authenticatorData:h},type:s,clientExtensionResults:n.getClientExtensionResults(),authenticatorAttachment:g(n.authenticatorAttachment)}}function T(e,t){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.\n`,t)}async function I(e,t=!1){if(!y())throw new Error("WebAuthn is not supported in this browser");let n;0!==e.allowCredentials?.length&&(n=e.allowCredentials?.map(m));const o={...e,challenge:f(e.challenge),allowCredentials:n},r={};if(t){if(!await function(){if(!y())return new Promise((e=>e(!1)));const e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((e=>e(!1))):e.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');r.mediation="conditional",o.allowCredentials=[]}let i;r.publicKey=o,r.signal=w.createNewAbortSignal();try{i=await navigator.credentials.get(r)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new k({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else{if("NotAllowedError"===e.name)return new k({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!v(t))return new k({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rpId!==t)return new k({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("UnknownError"===e.name)return new k({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:r})}if(!i)throw new Error("Authentication was not completed");const{id:s,rawId:a,response:c,type:u}=i;let h;return c.userHandle&&(h=p(c.userHandle)),{id:s,rawId:p(a),response:{authenticatorData:p(c.authenticatorData),clientDataJSON:p(c.clientDataJSON),signature:p(c.signature),userHandle:h},type:u,clientExtensionResults:i.getClientExtensionResults(),authenticatorAttachment:g(i.authenticatorAttachment)}}function A(e){var t=e.token,n=e.tenantId;return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}function S(e){var t=e.response,n=e.onTokenExpired;"error"in t&&"expired_token"===t.errorCode&&n&&n()}var O=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.registrationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.username,i=e.authenticatorAttachment;return u(this,(function(e){switch(e.label){case 0:return t=Boolean(i)?{username:r,authenticatorAttachment:i}:{username:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.authenticationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.addAuthenticator=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId,i=e.registrationCredential;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r,registrationCredential:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId,i=e.authenticationCredential,s=e.deviceId;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r,authenticationCredential:i,deviceId:s},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.getPasskeyAuthenticator=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.credentialIds;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialIds=").concat(n),{method:"GET",headers:A({tenantId:this.tenantId})})];case 1:if(!(t=e.sent()).ok)throw new Error(t.statusText);return[2,t.json()]}}))}))},e.prototype.challenge=function(e){return c(this,void 0,void 0,(function(){var t;return u(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:A({tenantId:this.tenantId}),body:JSON.stringify({action:e})})];case 1:return[4,n.sent().json()];case 2:return S({response:t=n.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e}(),R=function(){function e(){this.token=null}return e.prototype.handleTokenNotSetError=function(){var e="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(e)),{error:"TOKEN_NOT_SET",errorDescription:e}},e.shared=new e,e}(),x=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.anonymousId,r=e.onTokenExpired;this.passkeyLocalStorageKey="as_user_passkey_map",this.cache=R.shared,this.api=new O({baseUrl:t,tenantId:n,onTokenExpired:r}),this.anonymousId=o}return e.prototype.signUp=function(e){return c(this,arguments,void 0,(function(e){var t,n,o,r,i,s=e.username,c=e.displayName,h=e.token,d=e.authenticatorAttachment,p=void 0===d?"platform":d;return u(this,(function(e){switch(e.label){case 0:return(t=null!=h?h:this.cache.token)?(n={username:s,displayName:c,token:t,authenticatorAttachment:p},[4,this.api.registrationOptions(n)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(o=e.sent())?[2,l(o)]:[4,E(o.options)];case 2:return r=e.sent(),[4,this.api.addAuthenticator({challengeId:o.challengeId,registrationCredential:r,token:t})];case 3:return"error"in(i=e.sent())?[2,l(i)]:(i.isVerified&&this.storeCredentialAgainstDevice(a(a({},r),{userId:i.userId})),i.accessToken&&(this.cache.token=i.accessToken),[2,{data:{token:i.accessToken,registrationResponse:r}}])}}))}))},e.prototype.signIn=function(e){return c(this,void 0,void 0,(function(){var t,n,o,r,i,s,c,h,d,p;return u(this,(function(u){switch(u.label){case 0:if((null==e?void 0:e.token)&&e.autofill)throw new Error("autofill is not supported when providing a token");if((null==e?void 0:e.action)&&e.token)throw new Error("action is not supported when providing a token");return(null==e?void 0:e.action)?[4,this.api.challenge(e.action)]:[3,2];case 1:return n=u.sent(),[3,3];case 2:n=null,u.label=3;case 3:return(t=n)&&"error"in t?[2,l(t)]:[4,this.api.authenticationOptions({token:null==e?void 0:e.token,challengeId:null==t?void 0:t.challengeId})];case 4:return"error"in(o=u.sent())?[2,l(o)]:[4,I(o.options,null==e?void 0:e.autofill)];case 5:return r=u.sent(),(null==e?void 0:e.onVerificationStarted)&&e.onVerificationStarted(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:r,token:null==e?void 0:e.token,deviceId:this.anonymousId})];case 6:return"error"in(i=u.sent())?[2,l(i)]:(i.isVerified&&this.storeCredentialAgainstDevice(a(a({},r),{userId:i.userId})),i.accessToken&&(this.cache.token=i.accessToken),s=i.accessToken,c=i.userId,h=i.userAuthenticatorId,d=i.username,p=i.userDisplayName,[2,{data:{isVerified:i.isVerified,token:s,userId:c,userAuthenticatorId:h,username:d,displayName:p,authenticationResponse:r}}])}}))}))},e.prototype.isAvailableOnDevice=function(e){return c(this,arguments,void 0,(function(e){var t,n,o,r,i=e.userId;return u(this,(function(e){switch(e.label){case 0:if(!i)throw new Error("userId is required");if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];if(n=JSON.parse(t),0===(o=null!==(r=n[i])&&void 0!==r?r:[]).length)return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator({credentialIds:o})];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},e.prototype.storeCredentialAgainstDevice=function(e){var t=e.id,n=e.authenticatorAttachment,o=e.userId,r=void 0===o?"":o;if("cross-platform"!==n){var i=localStorage.getItem(this.passkeyLocalStorageKey),s=i?JSON.parse(i):{};s[r]?s[r].includes(t)||s[r].push(t):s[r]=[t],localStorage.setItem(this.passkeyLocalStorageKey,JSON.stringify(s))}},e}(),_=function(){function e(){this.windowRef=null}return e.prototype.show=function(e){var t=e.url,n=e.width,o=void 0===n?400:n,r=e.height,i=function(e){var t=e.url,n=e.width,o=e.height,r=e.win;if(!r.top)return null;var i=r.top.outerHeight/2+r.top.screenY-o/2,s=r.top.outerWidth/2+r.top.screenX-n/2;return window.open(t,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(i,", left=").concat(s))}({url:t,width:o,height:void 0===r?500:r,win:window});if(!i)throw new Error("Window is not initialized");return this.windowRef=i,i},e.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},e}();const U=":not([inert]):not([inert] *)",C=':not([tabindex^="-"])',N=":not(:disabled)";var P=[`a[href]${U}${C}`,`area[href]${U}${C}`,`input:not([type="hidden"]):not([type="radio"])${U}${C}${N}`,`input[type="radio"]${U}${C}${N}`,`select${U}${C}${N}`,`textarea${U}${C}${N}`,`button${U}${C}${N}`,`details${U} > summary:first-of-type${C}`,`iframe${U}${C}`,`audio[controls]${U}${C}`,`video[controls]${U}${C}`,`[contenteditable]${U}${C}`,`[tabindex]${U}${C}`];function $(e){(e.querySelector("[autofocus]")||e).focus()}function D(e,t){if(t&&K(e))return e;if(!((n=e).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(e.shadowRoot){let n=L(e.shadowRoot,t);for(;n;){const e=D(n,t);if(e)return e;n=j(n,t)}}else if("slot"===e.localName){const n=e.assignedElements({flatten:!0});t||n.reverse();for(const e of n){const n=D(e,t);if(n)return n}}else{let n=L(e,t);for(;n;){const e=D(n,t);if(e)return e;n=j(n,t)}}var n;return!t&&K(e)?e:null}function L(e,t){return t?e.firstElementChild:e.lastElementChild}function j(e,t){return t?e.nextElementSibling:e.previousElementSibling}const K=e=>!e.shadowRoot?.delegatesFocus&&(e.matches(P.join(","))&&!(e=>!(!e.matches("details:not([open]) *")||e.matches("details>summary:first-of-type"))||!(e.offsetWidth||e.offsetHeight||e.getClientRects().length))(e));function J(e=document){const t=e.activeElement;return t?t.shadowRoot?J(t.shadowRoot)||document.activeElement:t:null}function V(e,t){const[n,o]=function(e){const t=D(e,!0);return[t,t?D(e,!1)||t:null]}(e);if(!n)return t.preventDefault();const r=J();t.shiftKey&&r===n?(o.focus(),t.preventDefault()):t.shiftKey||r!==o||(n.focus(),t.preventDefault())}class W{$el;id;previouslyFocused;shown;constructor(e){this.$el=e,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(e){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=J(),"BODY"===this.previouslyFocused?.tagName&&e?.target&&(this.previouslyFocused=e.target),"focus"===e?.type?this.maintainFocus(e):$(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",e)),this}hide(e){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",e),this):this}on(e,t,n){return this.$el.addEventListener(e,t,n),this}off(e,t,n){return this.$el.removeEventListener(e,t,n),this}fire(e,t){this.$el.dispatchEvent(new CustomEvent(e,{detail:t,cancelable:!0}))}handleTriggerClicks(e){const t=e.target;t.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(e),(t.closest(`[data-a11y-dialog-hide="${this.id}"]`)||t.closest("[data-a11y-dialog-hide]")&&t.closest('[aria-modal="true"]')===this.$el)&&this.hide(e)}bindKeypress(e){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let t=!1;try{t=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==e.key||"alertdialog"===this.$el.getAttribute("role")||t||(e.preventDefault(),this.hide(e)),"Tab"===e.key&&V(this.$el,e)}maintainFocus(e){e.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||$(this.$el)}}function M(){for(const e of document.querySelectorAll("[data-a11y-dialog]"))new W(e)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",M):M());var H="__authsignal-popup-container",q="__authsignal-popup-content",F="__authsignal-popup-overlay",G="__authsignal-popup-style",z="__authsignal-popup-iframe",B="385px",Y=function(){function e(e){var t=e.width,n=e.isClosable;if(this.popup=null,document.querySelector("#".concat(H)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:t,isClosable:n})}return e.prototype.create=function(e){var t=this,n=e.width,o=void 0===n?B:n,r=e.isClosable,i=void 0===r||r,s=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),s=B);var a=document.createElement("div");a.setAttribute("id",H),a.setAttribute("aria-hidden","true"),i||a.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",F),i&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",q),document.body.appendChild(a);var h=document.createElement("style");h.setAttribute("id",G),h.textContent="\n #".concat(H,",\n #").concat(F," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(H," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(H,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(F," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(q," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(s,";\n }\n\n #").concat(q," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",h),a.appendChild(c),a.appendChild(u),this.popup=new W(a),a.focus(),this.popup.on("hide",(function(){t.destroy()}))},e.prototype.destroy=function(){var e=document.querySelector("#".concat(H)),t=document.querySelector("#".concat(G));e&&t&&(document.body.removeChild(e),document.head.removeChild(t)),window.removeEventListener("message",X)},e.prototype.show=function(e){var t,n=e.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",z),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var r=document.querySelector("#".concat(q));r&&r.appendChild(o),window.addEventListener("message",X),null===(t=this.popup)||void 0===t||t.show()},e.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},e.prototype.on=function(e,t){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(e,t)},e}();function X(e){var t=document.querySelector("#".concat(z));t&&e.data.height&&(t.style.height=e.data.height+"px")}var Q=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),Z=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new Q({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,d(t)]}}))}))},e}(),ee=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.email;return u(this,(function(e){switch(e.label){case 0:return t={email:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),te=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new ee({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t=e.email;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,email:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.challenge=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,d(t)]}}))}))},e}(),ne=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.phoneNumber;return u(this,(function(e){switch(e.label){case 0:return t={phoneNumber:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),oe=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new ne({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t=e.phoneNumber;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,phoneNumber:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.challenge=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,d(t)]}}))}))},e}(),re=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.email;return u(this,(function(e){switch(e.label){case 0:return t={email:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-magic-link"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-magic-link"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.checkVerificationStatus=function(e){return c(this,arguments,void 0,(function(e){var t,n=this,o=e.token;return u(this,(function(e){switch(e.label){case 0:return t=function(){return c(n,void 0,void 0,(function(){var e,n=this;return u(this,(function(r){switch(r.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/verify/email-magic-link/finalize"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,r.sent().json()];case 2:return S({response:e=r.sent(),onTokenExpired:this.onTokenExpired}),e.isVerified?[2,e]:[2,new Promise((function(e){setTimeout((function(){return c(n,void 0,void 0,(function(){var n;return u(this,(function(o){switch(o.label){case 0:return n=e,[4,t()];case 1:return n.apply(void 0,[o.sent()]),[2]}}))}))}),1e3)}))]}}))}))},[4,t()];case 1:return[2,e.sent()]}}))}))},e}(),ie=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new re({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t=e.email;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,email:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.challenge=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.checkVerificationStatus=function(){return c(this,void 0,void 0,(function(){var e;return u(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.checkVerificationStatus({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(e=t.sent())&&e.accessToken&&(this.cache.token=e.accessToken),[2,d(e)]}}))}))},e}(),se=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.registrationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key/registration-options"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.authenticationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key/authentication-options"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.addAuthenticator=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token,o=e.registrationCredential;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(o)})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token,o=e.authenticationCredential;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/verify/security-key"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(o)})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e}(),ae=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new se({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(){return c(this,void 0,void 0,(function(){var e,t,n,o;return u(this,(function(r){switch(r.label){case 0:return this.cache.token?(e={token:this.cache.token},[4,this.api.registrationOptions(e)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(t=r.sent())?[2,l(t)]:[4,E(t)];case 2:return n=r.sent(),[4,this.api.addAuthenticator({registrationCredential:n,token:this.cache.token})];case 3:return"error"in(o=r.sent())?[2,l(o)]:(o.accessToken&&(this.cache.token=o.accessToken),[2,{data:{token:o.accessToken,registrationResponse:n}}])}}))}))},e.prototype.verify=function(){return c(this,void 0,void 0,(function(){var e,t,n,o;return u(this,(function(r){switch(r.label){case 0:return this.cache.token?[4,this.api.authenticationOptions({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(e=r.sent())?[2,l(e)]:[4,I(e)];case 2:return t=r.sent(),[4,this.api.verify({authenticationCredential:t,token:this.cache.token})];case 3:return"error"in(n=r.sent())?[2,l(n)]:(n.accessToken&&(this.cache.token=n.accessToken),o=n.accessToken,[2,{data:{isVerified:n.isVerified,token:o,authenticationResponse:t}}])}}))}))},e}(),ce="4a08uqve",ue=function(){function t(e){var t=e.cookieDomain,n=e.cookieName,o=void 0===n?"__as_aid":n,r=e.baseUrl,i=void 0===r?"https://api.authsignal.com/v1":r,a=e.tenantId,c=e.onTokenExpired;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this.cookieDomain=t||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!a)throw new Error("tenantId is required");var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=s(),h({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new x({tenantId:a,baseUrl:i,anonymousId:this.anonymousId,onTokenExpired:c}),this.totp=new Z({tenantId:a,baseUrl:i,onTokenExpired:c}),this.email=new te({tenantId:a,baseUrl:i,onTokenExpired:c}),this.emailML=new ie({tenantId:a,baseUrl:i,onTokenExpired:c}),this.sms=new oe({tenantId:a,baseUrl:i,onTokenExpired:c}),this.securityKey=new ae({tenantId:a,baseUrl:i,onTokenExpired:c})}return t.prototype.setToken=function(e){R.shared.token=e},t.prototype.launch=function(e,t){switch(null==t?void 0:t.mode){case"window":return this.launchWithWindow(e,t);case"popup":return this.launchWithPopup(e,t);default:this.launchWithRedirect(e)}},t.prototype.initAdvancedProfiling=function(e){var t=s();this.profilingId=t,h({name:"__as_pid",value:t,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=e?"".concat(e,"/fp/tags.js?org_id=").concat(ce,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(ce,"&session_id=").concat(t),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var r=document.createElement("noscript");r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("aria-hidden","true");var i=document.createElement("iframe"),a=e?"".concat(e,"/fp/tags?org_id=").concat(ce,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags?org_id=".concat(ce,"&session_id=").concat(t);i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("src",a),i.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),r&&(r.appendChild(i),document.body.prepend(r))},t.prototype.launchWithRedirect=function(e){window.location.href=e},t.prototype.launchWithPopup=function(t,n){var o=n.popupOptions,r=new Y({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),i="".concat(t,"&mode=popup");return r.show({url:i}),new Promise((function(t){var n=void 0;r.on("hide",(function(){t({token:n})})),window.addEventListener("message",(function(t){var o=null;try{o=JSON.parse(t.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(n=o.token,r.close())}),!1)}))},t.prototype.launchWithWindow=function(t,n){var o=n.windowOptions,r=new _,i="".concat(t,"&mode=popup");return r.show({url:i,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(t){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(r.close(),t({token:o.token}))}),!1)}))},t}();return e.Authsignal=ue,Object.defineProperty(e,"__esModule",{value:!0}),e}({});
|
|
1
|
+
var authsignal=function(e){"use strict";let t;const n=new Uint8Array(16);function o(){if(!t&&(t="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!t))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return t(n)}const r=[];for(let e=0;e<256;++e)r.push((e+256).toString(16).slice(1));var i={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function s(e,t,n){if(i.randomUUID&&!t&&!e)return i.randomUUID();const s=(e=e||{}).random||(e.rng||o)();if(s[6]=15&s[6]|64,s[8]=63&s[8]|128,t){n=n||0;for(let e=0;e<16;++e)t[n+e]=s[e];return t}return function(e,t=0){return(r[e[t+0]]+r[e[t+1]]+r[e[t+2]]+r[e[t+3]]+"-"+r[e[t+4]]+r[e[t+5]]+"-"+r[e[t+6]]+r[e[t+7]]+"-"+r[e[t+8]]+r[e[t+9]]+"-"+r[e[t+10]]+r[e[t+11]]+r[e[t+12]]+r[e[t+13]]+r[e[t+14]]+r[e[t+15]]).toLowerCase()}(s)}var a=function(){return a=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e},a.apply(this,arguments)};function c(e,t,n,o){return new(n||(n=Promise))((function(r,i){function s(e){try{c(o.next(e))}catch(e){i(e)}}function a(e){try{c(o.throw(e))}catch(e){i(e)}}function c(e){var t;e.done?r(e.value):(t=e.value,t instanceof n?t:new n((function(e){e(t)}))).then(s,a)}c((o=o.apply(e,t||[])).next())}))}function u(e,t){var n,o,r,i,s={label:0,sent:function(){if(1&r[0])throw r[1];return r[1]},trys:[],ops:[]};return i={next:a(0),throw:a(1),return:a(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function a(i){return function(a){return function(i){if(n)throw new TypeError("Generator is already executing.");for(;s;)try{if(n=1,o&&(r=2&i[0]?o.return:i[0]?o.throw||((r=o.return)&&r.call(o),0):o.next)&&!(r=r.call(o,i[1])).done)return r;switch(o=0,r&&(i=[2&i[0],r.value]),i[0]){case 0:case 1:r=i;break;case 4:return s.label++,{value:i[1],done:!1};case 5:s.label++,o=i[1],i=[0];continue;case 7:i=s.ops.pop(),s.trys.pop();continue;default:if(!(r=s.trys,(r=r.length>0&&r[r.length-1])||6!==i[0]&&2!==i[0])){s=0;continue}if(3===i[0]&&(!r||i[1]>r[0]&&i[1]<r[3])){s.label=i[1];break}if(6===i[0]&&s.label<r[1]){s.label=r[1],r=i;break}if(r&&s.label<r[2]){s.label=r[2],s.ops.push(i);break}r[2]&&s.ops.pop(),s.trys.pop();continue}i=t.call(e,s)}catch(e){i=[6,e],o=0}finally{n=r=0}if(5&i[0])throw i[1];return{value:i[0]?i[1]:void 0,done:!0}}([i,a])}}}function h(e){var t=e.name,n=e.value,o=e.expire,r=e.domain,i=e.secure,s=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(t)+"="+n+"; path=/;"+s+(r?"; domain="+r:"")+(i?"; secure":"")}function l(e){var t,n=null!==(t=e.errorDescription)&&void 0!==t?t:e.error;return console.error(n),{error:n}}function d(e){var t;if(e&&"object"==typeof e&&"error"in e){var n=null!==(t=e.errorDescription)&&void 0!==t?t:e.error;return console.error(n),{error:n}}if(e&&"object"==typeof e&&"accessToken"in e&&"string"==typeof e.accessToken){var o=e.accessToken,r=function(e,t){var n={};for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var r=0;for(o=Object.getOwnPropertySymbols(e);r<o.length;r++)t.indexOf(o[r])<0&&Object.prototype.propertyIsEnumerable.call(e,o[r])&&(n[o[r]]=e[o[r]])}return n}(e,["accessToken"]);return{data:a(a({},r),{token:o})}}return{data:e}}function p(e){const t=new Uint8Array(e);let n="";for(const e of t)n+=String.fromCharCode(e);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function f(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),n=(4-t.length%4)%4,o=t.padEnd(t.length+n,"="),r=atob(o),i=new ArrayBuffer(r.length),s=new Uint8Array(i);for(let e=0;e<r.length;e++)s[e]=r.charCodeAt(e);return i}function y(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function m(e){const{id:t}=e;return{...e,id:f(t),transports:e.transports}}function v(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}e.AuthsignalWindowMessage=void 0,(e.AuthsignalWindowMessage||(e.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class w extends Error{constructor({message:e,code:t,cause:n,name:o}){super(e,{cause:n}),this.name=o??n.name,this.code=t}}const k=new class{createNewAbortSignal(){if(this.controller){const e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}const e=new AbortController;return this.controller=e,e.signal}cancelCeremony(){if(this.controller){const e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}}},b=["cross-platform","platform"];function g(e){if(e&&!(b.indexOf(e)<0))return e}async function E(e){const{optionsJSON:t,useAutoRegister:n=!1}=e;if(!y())throw new Error("WebAuthn is not supported in this browser");const o={...t,challenge:f(t.challenge),user:{...t.user,id:f(t.user.id)},excludeCredentials:t.excludeCredentials?.map(m)},r={};let i;n&&(r.mediation="conditional"),r.publicKey=o,r.signal=k.createNewAbortSignal();try{i=await navigator.credentials.create(r)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new w({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if("ConstraintError"===e.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new w({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if("conditional"===t.mediation&&"required"===n.authenticatorSelection?.userVerification)return new w({message:"User verification was required during automatic registration but it could not be performed",code:"ERROR_AUTO_REGISTER_USER_VERIFICATION_FAILURE",cause:e});if("required"===n.authenticatorSelection?.userVerification)return new w({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if("InvalidStateError"===e.name)return new w({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if("NotAllowedError"===e.name)return new w({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("NotSupportedError"===e.name)return 0===n.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new w({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new w({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!v(t))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rp.id!==t)return new w({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("TypeError"===e.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new w({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if("UnknownError"===e.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:r})}if(!i)throw new Error("Registration was not completed");const{id:s,rawId:a,response:c,type:u}=i;let h,l,d,b;if("function"==typeof c.getTransports&&(h=c.getTransports()),"function"==typeof c.getPublicKeyAlgorithm)try{l=c.getPublicKeyAlgorithm()}catch(e){T("getPublicKeyAlgorithm()",e)}if("function"==typeof c.getPublicKey)try{const e=c.getPublicKey();null!==e&&(d=p(e))}catch(e){T("getPublicKey()",e)}if("function"==typeof c.getAuthenticatorData)try{b=p(c.getAuthenticatorData())}catch(e){T("getAuthenticatorData()",e)}return{id:s,rawId:p(a),response:{attestationObject:p(c.attestationObject),clientDataJSON:p(c.clientDataJSON),transports:h,publicKeyAlgorithm:l,publicKey:d,authenticatorData:b},type:u,clientExtensionResults:i.getClientExtensionResults(),authenticatorAttachment:g(i.authenticatorAttachment)}}function T(e,t){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.\n`,t)}async function I(e){const{optionsJSON:t,useBrowserAutofill:n=!1,verifyBrowserAutofillInput:o=!0}=e;if(!y())throw new Error("WebAuthn is not supported in this browser");let r;0!==t.allowCredentials?.length&&(r=t.allowCredentials?.map(m));const i={...t,challenge:f(t.challenge),allowCredentials:r},s={};if(n){if(!await function(){if(!y())return new Promise((e=>e(!1)));const e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((e=>e(!1))):e.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1&&o)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');s.mediation="conditional",i.allowCredentials=[]}let a;s.publicKey=i,s.signal=k.createNewAbortSignal();try{a=await navigator.credentials.get(s)}catch(e){throw function({error:e,options:t}){const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new w({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else{if("NotAllowedError"===e.name)return new w({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!v(t))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(n.rpId!==t)return new w({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("UnknownError"===e.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:s})}if(!a)throw new Error("Authentication was not completed");const{id:c,rawId:u,response:h,type:l}=a;let d;return h.userHandle&&(d=p(h.userHandle)),{id:c,rawId:p(u),response:{authenticatorData:p(h.authenticatorData),clientDataJSON:p(h.clientDataJSON),signature:p(h.signature),userHandle:d},type:l,clientExtensionResults:a.getClientExtensionResults(),authenticatorAttachment:g(a.authenticatorAttachment)}}function A(e){var t=e.token,n=e.tenantId;return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(n)))}}function S(e){var t=e.response,n=e.onTokenExpired;"error"in t&&"expired_token"===t.errorCode&&n&&n()}var O=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.registrationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.username,i=e.authenticatorAttachment;return u(this,(function(e){switch(e.label){case 0:return t=Boolean(i)?{username:r,authenticatorAttachment:i}:{username:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.authenticationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.addAuthenticator=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId,i=e.registrationCredential;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r,registrationCredential:i},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.challengeId,i=e.authenticationCredential,s=e.deviceId;return u(this,(function(e){switch(e.label){case 0:return t={challengeId:r,authenticationCredential:i,deviceId:s},[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.getPasskeyAuthenticator=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.credentialIds;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialIds=").concat(n),{method:"GET",headers:A({tenantId:this.tenantId})})];case 1:if(!(t=e.sent()).ok)throw new Error(t.statusText);return[2,t.json()]}}))}))},e.prototype.challenge=function(e){return c(this,void 0,void 0,(function(){var t;return u(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge"),{method:"POST",headers:A({tenantId:this.tenantId}),body:JSON.stringify({action:e})})];case 1:return[4,n.sent().json()];case 2:return S({response:t=n.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e}(),R=function(){function e(){this.token=null}return e.prototype.handleTokenNotSetError=function(){var e="A token has not been set. Call 'setToken' first.";return console.error("Error: ".concat(e)),{error:"TOKEN_NOT_SET",errorDescription:e}},e.shared=new e,e}(),x=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.anonymousId,r=e.onTokenExpired;this.passkeyLocalStorageKey="as_user_passkey_map",this.cache=R.shared,this.api=new O({baseUrl:t,tenantId:n,onTokenExpired:r}),this.anonymousId=o}return e.prototype.signUp=function(e){return c(this,arguments,void 0,(function(e){var t,n,o,r,i,s=e.username,c=e.displayName,h=e.token,d=e.authenticatorAttachment,p=void 0===d?"platform":d,f=e.useAutoRegister,y=void 0!==f&&f;return u(this,(function(e){switch(e.label){case 0:return(t=null!=h?h:this.cache.token)?(n={username:s,displayName:c,token:t,authenticatorAttachment:p},[4,this.api.registrationOptions(n)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(o=e.sent())?[2,l(o)]:[4,E({optionsJSON:o.options,useAutoRegister:y})];case 2:return r=e.sent(),[4,this.api.addAuthenticator({challengeId:o.challengeId,registrationCredential:r,token:t})];case 3:return"error"in(i=e.sent())?[2,l(i)]:(i.isVerified&&this.storeCredentialAgainstDevice(a(a({},r),{userId:i.userId})),i.accessToken&&(this.cache.token=i.accessToken),[2,{data:{token:i.accessToken,registrationResponse:r}}])}}))}))},e.prototype.signIn=function(e){return c(this,void 0,void 0,(function(){var t,n,o,r,i,s,c,h,d,p;return u(this,(function(u){switch(u.label){case 0:if((null==e?void 0:e.token)&&e.autofill)throw new Error("autofill is not supported when providing a token");if((null==e?void 0:e.action)&&e.token)throw new Error("action is not supported when providing a token");return(null==e?void 0:e.action)?[4,this.api.challenge(e.action)]:[3,2];case 1:return n=u.sent(),[3,3];case 2:n=null,u.label=3;case 3:return(t=n)&&"error"in t?[2,l(t)]:[4,this.api.authenticationOptions({token:null==e?void 0:e.token,challengeId:null==t?void 0:t.challengeId})];case 4:return"error"in(o=u.sent())?[2,l(o)]:[4,I({optionsJSON:o.options,useBrowserAutofill:null==e?void 0:e.autofill})];case 5:return r=u.sent(),(null==e?void 0:e.onVerificationStarted)&&e.onVerificationStarted(),[4,this.api.verify({challengeId:o.challengeId,authenticationCredential:r,token:null==e?void 0:e.token,deviceId:this.anonymousId})];case 6:return"error"in(i=u.sent())?[2,l(i)]:(i.isVerified&&this.storeCredentialAgainstDevice(a(a({},r),{userId:i.userId})),i.accessToken&&(this.cache.token=i.accessToken),s=i.accessToken,c=i.userId,h=i.userAuthenticatorId,d=i.username,p=i.userDisplayName,[2,{data:{isVerified:i.isVerified,token:s,userId:c,userAuthenticatorId:h,username:d,displayName:p,authenticationResponse:r}}])}}))}))},e.prototype.isAvailableOnDevice=function(e){return c(this,arguments,void 0,(function(e){var t,n,o,r,i=e.userId;return u(this,(function(e){switch(e.label){case 0:if(!i)throw new Error("userId is required");if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];if(n=JSON.parse(t),0===(o=null!==(r=n[i])&&void 0!==r?r:[]).length)return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator({credentialIds:o})];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},e.prototype.storeCredentialAgainstDevice=function(e){var t=e.id,n=e.authenticatorAttachment,o=e.userId,r=void 0===o?"":o;if("cross-platform"!==n){var i=localStorage.getItem(this.passkeyLocalStorageKey),s=i?JSON.parse(i):{};s[r]?s[r].includes(t)||s[r].push(t):s[r]=[t],localStorage.setItem(this.passkeyLocalStorageKey,JSON.stringify(s))}},e}(),_=function(){function e(){this.windowRef=null}return e.prototype.show=function(e){var t=e.url,n=e.width,o=void 0===n?400:n,r=e.height,i=function(e){var t=e.url,n=e.width,o=e.height,r=e.win;if(!r.top)return null;var i=r.top.outerHeight/2+r.top.screenY-o/2,s=r.top.outerWidth/2+r.top.screenX-n/2;return window.open(t,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(i,", left=").concat(s))}({url:t,width:o,height:void 0===r?500:r,win:window});if(!i)throw new Error("Window is not initialized");return this.windowRef=i,i},e.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},e}();const U=":not([inert]):not([inert] *)",N=':not([tabindex^="-"])',C=":not(:disabled)";var P=[`a[href]${U}${N}`,`area[href]${U}${N}`,`input:not([type="hidden"]):not([type="radio"])${U}${N}${C}`,`input[type="radio"]${U}${N}${C}`,`select${U}${N}${C}`,`textarea${U}${N}${C}`,`button${U}${N}${C}`,`details${U} > summary:first-of-type${N}`,`iframe${U}${N}`,`audio[controls]${U}${N}`,`video[controls]${U}${N}`,`[contenteditable]${U}${N}`,`[tabindex]${U}${N}`];function $(e){(e.querySelector("[autofocus]")||e).focus()}function D(e,t){if(t&&K(e))return e;if(!((n=e).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(e.shadowRoot){let n=L(e.shadowRoot,t);for(;n;){const e=D(n,t);if(e)return e;n=j(n,t)}}else if("slot"===e.localName){const n=e.assignedElements({flatten:!0});t||n.reverse();for(const e of n){const n=D(e,t);if(n)return n}}else{let n=L(e,t);for(;n;){const e=D(n,t);if(e)return e;n=j(n,t)}}var n;return!t&&K(e)?e:null}function L(e,t){return t?e.firstElementChild:e.lastElementChild}function j(e,t){return t?e.nextElementSibling:e.previousElementSibling}const K=e=>!e.shadowRoot?.delegatesFocus&&(e.matches(P.join(","))&&!(e=>!(!e.matches("details:not([open]) *")||e.matches("details>summary:first-of-type"))||!(e.offsetWidth||e.offsetHeight||e.getClientRects().length))(e));function J(e=document){const t=e.activeElement;return t?t.shadowRoot?J(t.shadowRoot)||document.activeElement:t:null}function V(e,t){const[n,o]=function(e){const t=D(e,!0);return[t,t?D(e,!1)||t:null]}(e);if(!n)return t.preventDefault();const r=J();t.shiftKey&&r===n?(o.focus(),t.preventDefault()):t.shiftKey||r!==o||(n.focus(),t.preventDefault())}class W{$el;id;previouslyFocused;shown;constructor(e){this.$el=e,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(e){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=J(),"BODY"===this.previouslyFocused?.tagName&&e?.target&&(this.previouslyFocused=e.target),"focus"===e?.type?this.maintainFocus(e):$(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",e)),this}hide(e){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",e),this):this}on(e,t,n){return this.$el.addEventListener(e,t,n),this}off(e,t,n){return this.$el.removeEventListener(e,t,n),this}fire(e,t){this.$el.dispatchEvent(new CustomEvent(e,{detail:t,cancelable:!0}))}handleTriggerClicks(e){const t=e.target;t.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(e),(t.closest(`[data-a11y-dialog-hide="${this.id}"]`)||t.closest("[data-a11y-dialog-hide]")&&t.closest('[aria-modal="true"]')===this.$el)&&this.hide(e)}bindKeypress(e){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let t=!1;try{t=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==e.key||"alertdialog"===this.$el.getAttribute("role")||t||(e.preventDefault(),this.hide(e)),"Tab"===e.key&&V(this.$el,e)}maintainFocus(e){e.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||$(this.$el)}}function M(){for(const e of document.querySelectorAll("[data-a11y-dialog]"))new W(e)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",M):M());var q="__authsignal-popup-container",H="__authsignal-popup-content",F="__authsignal-popup-overlay",G="__authsignal-popup-style",B="__authsignal-popup-iframe",z="385px",Y=function(){function e(e){var t=e.width,n=e.isClosable;if(this.popup=null,document.querySelector("#".concat(q)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:t,isClosable:n})}return e.prototype.create=function(e){var t=this,n=e.width,o=void 0===n?z:n,r=e.isClosable,i=void 0===r||r,s=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),s=z);var a=document.createElement("div");a.setAttribute("id",q),a.setAttribute("aria-hidden","true"),i||a.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",F),i&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",H),document.body.appendChild(a);var h=document.createElement("style");h.setAttribute("id",G),h.textContent="\n #".concat(q,",\n #").concat(F," {\n position: fixed;\n top: 0;\n right: 0;\n bottom: 0;\n left: 0;\n }\n\n #").concat(q," {\n z-index: 2147483647;\n display: flex;\n }\n\n #").concat(q,"[aria-hidden='true'] {\n display: none;\n }\n\n #").concat(F," {\n background-color: rgba(0, 0, 0, 0.18);\n }\n\n #").concat(H," {\n margin: auto;\n z-index: 2147483647;\n position: relative;\n background-color: transparent;\n border-radius: 8px;\n width: ").concat(s,";\n }\n\n #").concat(H," iframe {\n width: 1px;\n min-width: 100%;\n border-radius: inherit;\n max-height: 95vh;\n height: ").concat("384px",";\n }\n "),document.head.insertAdjacentElement("beforeend",h),a.appendChild(c),a.appendChild(u),this.popup=new W(a),a.focus(),this.popup.on("hide",(function(){t.destroy()}))},e.prototype.destroy=function(){var e=document.querySelector("#".concat(q)),t=document.querySelector("#".concat(G));e&&t&&(document.body.removeChild(e),document.head.removeChild(t)),window.removeEventListener("message",X)},e.prototype.show=function(e){var t,n=e.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",B),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var r=document.querySelector("#".concat(H));r&&r.appendChild(o),window.addEventListener("message",X),null===(t=this.popup)||void 0===t||t.show()},e.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},e.prototype.on=function(e,t){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(e,t)},e}();function X(e){var t=document.querySelector("#".concat(B));t&&e.data.height&&(t.style.height=e.data.height+"px")}var Q=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/totp"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/totp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),Z=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new Q({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,d(t)]}}))}))},e}(),ee=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.email;return u(this,(function(e){switch(e.label){case 0:return t={email:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-otp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-otp"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/email-otp"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),te=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new ee({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t=e.email;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,email:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.challenge=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,d(t)]}}))}))},e}(),ne=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.phoneNumber;return u(this,(function(e){switch(e.label){case 0:return t={phoneNumber:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/sms"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/sms"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.code;return u(this,(function(e){switch(e.label){case 0:return t={verificationCode:r},[4,fetch("".concat(this.baseUrl,"/client/verify/sms"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e}(),oe=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new ne({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t=e.phoneNumber;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,phoneNumber:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.challenge=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.code;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.verify({token:this.cache.token,code:n})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(t=e.sent())&&t.accessToken&&(this.cache.token=t.accessToken),[2,d(t)]}}))}))},e}(),re=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t,n,o=e.token,r=e.email;return u(this,(function(e){switch(e.label){case 0:return t={email:r},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/email-magic-link"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify(t)})];case 1:return[4,e.sent().json()];case 2:return S({response:n=e.sent(),onTokenExpired:this.onTokenExpired}),[2,n]}}))}))},e.prototype.challenge=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/challenge/email-magic-link"),{method:"POST",headers:A({token:n,tenantId:this.tenantId})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.checkVerificationStatus=function(e){return c(this,arguments,void 0,(function(e){var t,n=this,o=e.token;return u(this,(function(e){switch(e.label){case 0:return t=function(){return c(n,void 0,void 0,(function(){var e,n=this;return u(this,(function(r){switch(r.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/verify/email-magic-link/finalize"),{method:"POST",headers:A({token:o,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,r.sent().json()];case 2:return S({response:e=r.sent(),onTokenExpired:this.onTokenExpired}),e.isVerified?[2,e]:[2,new Promise((function(e){setTimeout((function(){return c(n,void 0,void 0,(function(){var n;return u(this,(function(o){switch(o.label){case 0:return n=e,[4,t()];case 1:return n.apply(void 0,[o.sent()]),[2]}}))}))}),1e3)}))]}}))}))},[4,t()];case 1:return[2,e.sent()]}}))}))},e}(),ie=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new re({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(e){return c(this,arguments,void 0,(function(e){var t=e.email;return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.enroll({token:this.cache.token,email:t})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.challenge=function(){return c(this,void 0,void 0,(function(){return u(this,(function(e){switch(e.label){case 0:return this.cache.token?[4,this.api.challenge({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return[2,d(e.sent())]}}))}))},e.prototype.checkVerificationStatus=function(){return c(this,void 0,void 0,(function(){var e;return u(this,(function(t){switch(t.label){case 0:return this.cache.token?[4,this.api.checkVerificationStatus({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return"accessToken"in(e=t.sent())&&e.accessToken&&(this.cache.token=e.accessToken),[2,d(e)]}}))}))},e}(),se=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.tenantId=n,this.baseUrl=t,this.onTokenExpired=o}return e.prototype.registrationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key/registration-options"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.authenticationOptions=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key/authentication-options"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify({})})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.addAuthenticator=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token,o=e.registrationCredential;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/security-key"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(o)})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e.prototype.verify=function(e){return c(this,arguments,void 0,(function(e){var t,n=e.token,o=e.authenticationCredential;return u(this,(function(e){switch(e.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/verify/security-key"),{method:"POST",headers:A({token:n,tenantId:this.tenantId}),body:JSON.stringify(o)})];case 1:return[4,e.sent().json()];case 2:return S({response:t=e.sent(),onTokenExpired:this.onTokenExpired}),[2,t]}}))}))},e}(),ae=function(){function e(e){var t=e.baseUrl,n=e.tenantId,o=e.onTokenExpired;this.cache=R.shared,this.api=new se({baseUrl:t,tenantId:n,onTokenExpired:o})}return e.prototype.enroll=function(){return c(this,void 0,void 0,(function(){var e,t,n,o;return u(this,(function(r){switch(r.label){case 0:return this.cache.token?(e={token:this.cache.token},[4,this.api.registrationOptions(e)]):[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(t=r.sent())?[2,l(t)]:[4,E({optionsJSON:t})];case 2:return n=r.sent(),[4,this.api.addAuthenticator({registrationCredential:n,token:this.cache.token})];case 3:return"error"in(o=r.sent())?[2,l(o)]:(o.accessToken&&(this.cache.token=o.accessToken),[2,{data:{token:o.accessToken,registrationResponse:n}}])}}))}))},e.prototype.verify=function(){return c(this,void 0,void 0,(function(){var e,t,n,o;return u(this,(function(r){switch(r.label){case 0:return this.cache.token?[4,this.api.authenticationOptions({token:this.cache.token})]:[2,this.cache.handleTokenNotSetError()];case 1:return"error"in(e=r.sent())?[2,l(e)]:[4,I({optionsJSON:e})];case 2:return t=r.sent(),[4,this.api.verify({authenticationCredential:t,token:this.cache.token})];case 3:return"error"in(n=r.sent())?[2,l(n)]:(n.accessToken&&(this.cache.token=n.accessToken),o=n.accessToken,[2,{data:{isVerified:n.isVerified,token:o,authenticationResponse:t}}])}}))}))},e}(),ce="4a08uqve",ue=function(){function t(e){var t=e.cookieDomain,n=e.cookieName,o=void 0===n?"__as_aid":n,r=e.baseUrl,i=void 0===r?"https://api.authsignal.com/v1":r,a=e.tenantId,c=e.onTokenExpired;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this.cookieDomain=t||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!a)throw new Error("tenantId is required");var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=s(),h({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol})),this.passkey=new x({tenantId:a,baseUrl:i,anonymousId:this.anonymousId,onTokenExpired:c}),this.totp=new Z({tenantId:a,baseUrl:i,onTokenExpired:c}),this.email=new te({tenantId:a,baseUrl:i,onTokenExpired:c}),this.emailML=new ie({tenantId:a,baseUrl:i,onTokenExpired:c}),this.sms=new oe({tenantId:a,baseUrl:i,onTokenExpired:c}),this.securityKey=new ae({tenantId:a,baseUrl:i,onTokenExpired:c})}return t.prototype.setToken=function(e){R.shared.token=e},t.prototype.launch=function(e,t){switch(null==t?void 0:t.mode){case"window":return this.launchWithWindow(e,t);case"popup":return this.launchWithPopup(e,t);default:this.launchWithRedirect(e)}},t.prototype.initAdvancedProfiling=function(e){var t=s();this.profilingId=t,h({name:"__as_pid",value:t,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=e?"".concat(e,"/fp/tags.js?org_id=").concat(ce,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(ce,"&session_id=").concat(t),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var r=document.createElement("noscript");r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("aria-hidden","true");var i=document.createElement("iframe"),a=e?"".concat(e,"/fp/tags?org_id=").concat(ce,"&session_id=").concat(t):"https://h.online-metrix.net/fp/tags?org_id=".concat(ce,"&session_id=").concat(t);i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("src",a),i.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),r&&(r.appendChild(i),document.body.prepend(r))},t.prototype.launchWithRedirect=function(e){window.location.href=e},t.prototype.launchWithPopup=function(t,n){var o=n.popupOptions,r=new Y({width:null==o?void 0:o.width,isClosable:null==o?void 0:o.isClosable}),i="".concat(t,"&mode=popup");return r.show({url:i}),new Promise((function(t){var n=void 0;r.on("hide",(function(){t({token:n})})),window.addEventListener("message",(function(t){var o=null;try{o=JSON.parse(t.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(n=o.token,r.close())}),!1)}))},t.prototype.launchWithWindow=function(t,n){var o=n.windowOptions,r=new _,i="".concat(t,"&mode=popup");return r.show({url:i,width:null==o?void 0:o.width,height:null==o?void 0:o.height}),new Promise((function(t){window.addEventListener("message",(function(n){var o=null;try{o=JSON.parse(n.data)}catch(e){}(null==o?void 0:o.event)===e.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(r.close(),t({token:o.token}))}),!1)}))},t}();return e.Authsignal=ue,Object.defineProperty(e,"__esModule",{value:!0}),e}({});
|
package/dist/passkey.d.ts
CHANGED
|
@@ -8,10 +8,11 @@ type PasskeyOptions = {
|
|
|
8
8
|
onTokenExpired?: () => void;
|
|
9
9
|
};
|
|
10
10
|
type SignUpParams = {
|
|
11
|
-
token
|
|
11
|
+
token?: string;
|
|
12
12
|
username?: string;
|
|
13
13
|
displayName?: string;
|
|
14
14
|
authenticatorAttachment?: AuthenticatorAttachment | null;
|
|
15
|
+
useAutoRegister?: boolean;
|
|
15
16
|
};
|
|
16
17
|
type SignUpResponse = {
|
|
17
18
|
token?: string;
|
|
@@ -38,7 +39,7 @@ export declare class Passkey {
|
|
|
38
39
|
private anonymousId;
|
|
39
40
|
private cache;
|
|
40
41
|
constructor({ baseUrl, tenantId, anonymousId, onTokenExpired }: PasskeyOptions);
|
|
41
|
-
signUp({ username, displayName, token, authenticatorAttachment, }: SignUpParams): Promise<AuthsignalResponse<SignUpResponse>>;
|
|
42
|
+
signUp({ username, displayName, token, authenticatorAttachment, useAutoRegister, }: SignUpParams): Promise<AuthsignalResponse<SignUpResponse>>;
|
|
42
43
|
signIn(params?: SignInParams): Promise<AuthsignalResponse<SignInResponse>>;
|
|
43
44
|
isAvailableOnDevice({ userId }: {
|
|
44
45
|
userId: string;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@authsignal/browser",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.3.0",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.js",
|
|
@@ -28,8 +28,8 @@
|
|
|
28
28
|
},
|
|
29
29
|
"dependencies": {
|
|
30
30
|
"@fingerprintjs/fingerprintjs": "^3.3.6",
|
|
31
|
-
"@simplewebauthn/browser": "^
|
|
32
|
-
"@simplewebauthn/types": "^
|
|
31
|
+
"@simplewebauthn/browser": "^11.0.0",
|
|
32
|
+
"@simplewebauthn/types": "^11.0.0",
|
|
33
33
|
"a11y-dialog": "8.0.4",
|
|
34
34
|
"uuid": "^9.0.0"
|
|
35
35
|
},
|