@blockspark/chat-widget 1.0.17 → 1.0.18

package/dist/{sanitize-O18C3eqP.js → sanitize-Cm1kskSD.js}

@@ -1,1266 +1,160 @@
-const crypto$1 = crypto;
-const isCryptoKey = (key) => key instanceof CryptoKey;
-const encoder = new TextEncoder();
-const decoder = new TextDecoder();
-function concat(...buffers) {
-  const size = buffers.reduce((acc, { length }) => acc + length, 0);
-  const buf = new Uint8Array(size);
-  let i = 0;
-  for (const buffer of buffers) {
-    buf.set(buffer, i);
-    i += buffer.length;
-  }
-  return buf;
-}
-const encodeBase64 = (input) => {
-  let unencoded = input;
-  if (typeof unencoded === "string") {
-    unencoded = encoder.encode(unencoded);
-  }
-  const CHUNK_SIZE = 32768;
-  const arr = [];
-  for (let i = 0; i < unencoded.length; i += CHUNK_SIZE) {
-    arr.push(String.fromCharCode.apply(null, unencoded.subarray(i, i + CHUNK_SIZE)));
-  }
-  return btoa(arr.join(""));
-};
-const encode = (input) => {
-  return encodeBase64(input).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
-};
-const decodeBase64 = (encoded) => {
-  const binary = atob(encoded);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
-  }
-  return bytes;
-};
-const decode = (input) => {
-  let encoded = input;
-  if (encoded instanceof Uint8Array) {
-    encoded = decoder.decode(encoded);
-  }
-  encoded = encoded.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+const DEFAULT_BASE_URL$1 = typeof process !== "undefined" && process.env?.REACT_APP_BACKEND_BASE_URL || "http://localhost:8012";
+async function createDialogflowSession(config, existingSessionId) {
   try {
-    return decodeBase64(encoded);
-  } catch {
-    throw new TypeError("The input to be decoded is not correctly encoded.");
-  }
-};
-class JOSEError extends Error {
-  constructor(message2, options) {
-    super(message2, options);
-    this.code = "ERR_JOSE_GENERIC";
-    this.name = this.constructor.name;
-    Error.captureStackTrace?.(this, this.constructor);
-  }
-}
-JOSEError.code = "ERR_JOSE_GENERIC";
-class JWTClaimValidationFailed extends JOSEError {
-  constructor(message2, payload, claim = "unspecified", reason = "unspecified") {
-    super(message2, { cause: { claim, reason, payload } });
-    this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
-    this.claim = claim;
-    this.reason = reason;
-    this.payload = payload;
-  }
-}
-JWTClaimValidationFailed.code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
-class JWTExpired extends JOSEError {
-  constructor(message2, payload, claim = "unspecified", reason = "unspecified") {
-    super(message2, { cause: { claim, reason, payload } });
-    this.code = "ERR_JWT_EXPIRED";
-    this.claim = claim;
-    this.reason = reason;
-    this.payload = payload;
-  }
-}
-JWTExpired.code = "ERR_JWT_EXPIRED";
-class JOSEAlgNotAllowed extends JOSEError {
-  constructor() {
-    super(...arguments);
-    this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
-  }
-}
-JOSEAlgNotAllowed.code = "ERR_JOSE_ALG_NOT_ALLOWED";
-class JOSENotSupported extends JOSEError {
-  constructor() {
-    super(...arguments);
-    this.code = "ERR_JOSE_NOT_SUPPORTED";
-  }
-}
-JOSENotSupported.code = "ERR_JOSE_NOT_SUPPORTED";
-class JWEDecryptionFailed extends JOSEError {
-  constructor(message2 = "decryption operation failed", options) {
-    super(message2, options);
-    this.code = "ERR_JWE_DECRYPTION_FAILED";
-  }
-}
-JWEDecryptionFailed.code = "ERR_JWE_DECRYPTION_FAILED";
-class JWEInvalid extends JOSEError {
-  constructor() {
-    super(...arguments);
-    this.code = "ERR_JWE_INVALID";
-  }
-}
-JWEInvalid.code = "ERR_JWE_INVALID";
-class JWSInvalid extends JOSEError {
-  constructor() {
-    super(...arguments);
-    this.code = "ERR_JWS_INVALID";
-  }
-}
-JWSInvalid.code = "ERR_JWS_INVALID";
-class JWTInvalid extends JOSEError {
-  constructor() {
-    super(...arguments);
-    this.code = "ERR_JWT_INVALID";
-  }
-}
-JWTInvalid.code = "ERR_JWT_INVALID";
-class JWKInvalid extends JOSEError {
-  constructor() {
-    super(...arguments);
-    this.code = "ERR_JWK_INVALID";
-  }
-}
-JWKInvalid.code = "ERR_JWK_INVALID";
-class JWKSInvalid extends JOSEError {
-  constructor() {
-    super(...arguments);
-    this.code = "ERR_JWKS_INVALID";
-  }
-}
-JWKSInvalid.code = "ERR_JWKS_INVALID";
-class JWKSNoMatchingKey extends JOSEError {
-  constructor(message2 = "no applicable key found in the JSON Web Key Set", options) {
-    super(message2, options);
-    this.code = "ERR_JWKS_NO_MATCHING_KEY";
-  }
-}
-JWKSNoMatchingKey.code = "ERR_JWKS_NO_MATCHING_KEY";
-class JWKSMultipleMatchingKeys extends JOSEError {
-  constructor(message2 = "multiple matching keys found in the JSON Web Key Set", options) {
-    super(message2, options);
-    this.code = "ERR_JWKS_MULTIPLE_MATCHING_KEYS";
-  }
-}
-JWKSMultipleMatchingKeys.code = "ERR_JWKS_MULTIPLE_MATCHING_KEYS";
-class JWKSTimeout extends JOSEError {
-  constructor(message2 = "request timed out", options) {
-    super(message2, options);
-    this.code = "ERR_JWKS_TIMEOUT";
-  }
-}
-JWKSTimeout.code = "ERR_JWKS_TIMEOUT";
-class JWSSignatureVerificationFailed extends JOSEError {
-  constructor(message2 = "signature verification failed", options) {
-    super(message2, options);
-    this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
-  }
-}
-JWSSignatureVerificationFailed.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
-function unusable(name, prop = "algorithm.name") {
-  return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
-}
-function isAlgorithm(algorithm, name) {
-  return algorithm.name === name;
-}
-function getHashLength(hash) {
-  return parseInt(hash.name.slice(4), 10);
-}
-function getNamedCurve$1(alg) {
-  switch (alg) {
-    case "ES256":
-      return "P-256";
-    case "ES384":
-      return "P-384";
-    case "ES512":
-      return "P-521";
-    default:
-      throw new Error("unreachable");
-  }
-}
-function checkUsage(key, usages) {
-  if (usages.length && !usages.some((expected) => key.usages.includes(expected))) {
-    let msg = "CryptoKey does not support this operation, its usages must include ";
-    if (usages.length > 2) {
-      const last = usages.pop();
-      msg += `one of ${usages.join(", ")}, or ${last}.`;
-    } else if (usages.length === 2) {
-      msg += `one of ${usages[0]} or ${usages[1]}.`;
-    } else {
-      msg += `${usages[0]}.`;
-    }
-    throw new TypeError(msg);
-  }
-}
-function checkSigCryptoKey(key, alg, ...usages) {
-  switch (alg) {
-    case "HS256":
-    case "HS384":
-    case "HS512": {
-      if (!isAlgorithm(key.algorithm, "HMAC"))
-        throw unusable("HMAC");
-      const expected = parseInt(alg.slice(2), 10);
-      const actual = getHashLength(key.algorithm.hash);
-      if (actual !== expected)
-        throw unusable(`SHA-${expected}`, "algorithm.hash");
-      break;
-    }
-    case "RS256":
-    case "RS384":
-    case "RS512": {
-      if (!isAlgorithm(key.algorithm, "RSASSA-PKCS1-v1_5"))
-        throw unusable("RSASSA-PKCS1-v1_5");
-      const expected = parseInt(alg.slice(2), 10);
-      const actual = getHashLength(key.algorithm.hash);
-      if (actual !== expected)
-        throw unusable(`SHA-${expected}`, "algorithm.hash");
-      break;
-    }
-    case "PS256":
-    case "PS384":
-    case "PS512": {
-      if (!isAlgorithm(key.algorithm, "RSA-PSS"))
-        throw unusable("RSA-PSS");
-      const expected = parseInt(alg.slice(2), 10);
-      const actual = getHashLength(key.algorithm.hash);
-      if (actual !== expected)
-        throw unusable(`SHA-${expected}`, "algorithm.hash");
-      break;
-    }
-    case "EdDSA": {
-      if (key.algorithm.name !== "Ed25519" && key.algorithm.name !== "Ed448") {
-        throw unusable("Ed25519 or Ed448");
-      }
-      break;
-    }
-    case "Ed25519": {
-      if (!isAlgorithm(key.algorithm, "Ed25519"))
-        throw unusable("Ed25519");
-      break;
-    }
-    case "ES256":
-    case "ES384":
-    case "ES512": {
-      if (!isAlgorithm(key.algorithm, "ECDSA"))
-        throw unusable("ECDSA");
-      const expected = getNamedCurve$1(alg);
-      const actual = key.algorithm.namedCurve;
-      if (actual !== expected)
-        throw unusable(expected, "algorithm.namedCurve");
-      break;
-    }
-    default:
-      throw new TypeError("CryptoKey does not support this operation");
-  }
-  checkUsage(key, usages);
-}
-function message(msg, actual, ...types2) {
-  types2 = types2.filter(Boolean);
-  if (types2.length > 2) {
-    const last = types2.pop();
-    msg += `one of type ${types2.join(", ")}, or ${last}.`;
-  } else if (types2.length === 2) {
-    msg += `one of type ${types2[0]} or ${types2[1]}.`;
-  } else {
-    msg += `of type ${types2[0]}.`;
-  }
-  if (actual == null) {
-    msg += ` Received ${actual}`;
-  } else if (typeof actual === "function" && actual.name) {
-    msg += ` Received function ${actual.name}`;
-  } else if (typeof actual === "object" && actual != null) {
-    if (actual.constructor?.name) {
-      msg += ` Received an instance of ${actual.constructor.name}`;
-    }
-  }
-  return msg;
-}
-const invalidKeyInput = (actual, ...types2) => {
-  return message("Key must be ", actual, ...types2);
-};
-function withAlg(alg, actual, ...types2) {
-  return message(`Key for the ${alg} algorithm must be `, actual, ...types2);
-}
-const isKeyLike = (key) => {
-  if (isCryptoKey(key)) {
-    return true;
-  }
-  return key?.[Symbol.toStringTag] === "KeyObject";
-};
-const types = ["CryptoKey"];
-const isDisjoint = (...headers) => {
-  const sources = headers.filter(Boolean);
-  if (sources.length === 0 || sources.length === 1) {
-    return true;
-  }
-  let acc;
-  for (const header of sources) {
-    const parameters = Object.keys(header);
-    if (!acc || acc.size === 0) {
-      acc = new Set(parameters);
-      continue;
-    }
-    for (const parameter of parameters) {
-      if (acc.has(parameter)) {
-        return false;
-      }
-      acc.add(parameter);
-    }
-  }
-  return true;
-};
-function isObjectLike(value) {
-  return typeof value === "object" && value !== null;
-}
-function isObject(input) {
-  if (!isObjectLike(input) || Object.prototype.toString.call(input) !== "[object Object]") {
-    return false;
-  }
-  if (Object.getPrototypeOf(input) === null) {
-    return true;
-  }
-  let proto = input;
-  while (Object.getPrototypeOf(proto) !== null) {
-    proto = Object.getPrototypeOf(proto);
-  }
-  return Object.getPrototypeOf(input) === proto;
-}
-const checkKeyLength = (alg, key) => {
-  if (alg.startsWith("RS") || alg.startsWith("PS")) {
-    const { modulusLength } = key.algorithm;
-    if (typeof modulusLength !== "number" || modulusLength < 2048) {
-      throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);
-    }
-  }
-};
-function isJWK(key) {
-  return isObject(key) && typeof key.kty === "string";
-}
-function isPrivateJWK(key) {
-  return key.kty !== "oct" && typeof key.d === "string";
-}
-function isPublicJWK(key) {
-  return key.kty !== "oct" && typeof key.d === "undefined";
-}
-function isSecretJWK(key) {
-  return isJWK(key) && key.kty === "oct" && typeof key.k === "string";
-}
-function subtleMapping(jwk) {
-  let algorithm;
-  let keyUsages;
-  switch (jwk.kty) {
-    case "RSA": {
-      switch (jwk.alg) {
-        case "PS256":
-        case "PS384":
-        case "PS512":
-          algorithm = { name: "RSA-PSS", hash: `SHA-${jwk.alg.slice(-3)}` };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "RS256":
-        case "RS384":
-        case "RS512":
-          algorithm = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${jwk.alg.slice(-3)}` };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "RSA-OAEP":
-        case "RSA-OAEP-256":
-        case "RSA-OAEP-384":
-        case "RSA-OAEP-512":
-          algorithm = {
-            name: "RSA-OAEP",
-            hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`
-          };
-          keyUsages = jwk.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
-          break;
-        default:
-          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
-      }
-      break;
-    }
-    case "EC": {
-      switch (jwk.alg) {
-        case "ES256":
-          algorithm = { name: "ECDSA", namedCurve: "P-256" };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "ES384":
-          algorithm = { name: "ECDSA", namedCurve: "P-384" };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "ES512":
-          algorithm = { name: "ECDSA", namedCurve: "P-521" };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "ECDH-ES":
-        case "ECDH-ES+A128KW":
-        case "ECDH-ES+A192KW":
-        case "ECDH-ES+A256KW":
-          algorithm = { name: "ECDH", namedCurve: jwk.crv };
-          keyUsages = jwk.d ? ["deriveBits"] : [];
-          break;
-        default:
-          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
-      }
-      break;
-    }
-    case "OKP": {
-      switch (jwk.alg) {
-        case "Ed25519":
-          algorithm = { name: "Ed25519" };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "EdDSA":
-          algorithm = { name: jwk.crv };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "ECDH-ES":
-        case "ECDH-ES+A128KW":
-        case "ECDH-ES+A192KW":
-        case "ECDH-ES+A256KW":
-          algorithm = { name: jwk.crv };
-          keyUsages = jwk.d ? ["deriveBits"] : [];
-          break;
-        default:
-          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
-      }
-      break;
-    }
-    default:
-      throw new JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
-  }
-  return { algorithm, keyUsages };
-}
-const parse = async (jwk) => {
-  if (!jwk.alg) {
-    throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
-  }
-  const { algorithm, keyUsages } = subtleMapping(jwk);
-  const rest = [
-    algorithm,
-    jwk.ext ?? false,
-    jwk.key_ops ?? keyUsages
-  ];
-  const keyData = { ...jwk };
-  delete keyData.alg;
-  delete keyData.use;
-  return crypto$1.subtle.importKey("jwk", keyData, ...rest);
-};
-const exportKeyValue = (k) => decode(k);
-let privCache;
-let pubCache;
-const isKeyObject = (key) => {
-  return key?.[Symbol.toStringTag] === "KeyObject";
-};
-const importAndCache = async (cache, key, jwk, alg, freeze2 = false) => {
-  let cached = cache.get(key);
-  if (cached?.[alg]) {
-    return cached[alg];
-  }
-  const cryptoKey = await parse({ ...jwk, alg });
-  if (freeze2)
-    Object.freeze(key);
-  if (!cached) {
-    cache.set(key, { [alg]: cryptoKey });
-  } else {
-    cached[alg] = cryptoKey;
-  }
-  return cryptoKey;
-};
-const normalizePublicKey = (key, alg) => {
-  if (isKeyObject(key)) {
-    let jwk = key.export({ format: "jwk" });
-    delete jwk.d;
-    delete jwk.dp;
-    delete jwk.dq;
-    delete jwk.p;
-    delete jwk.q;
-    delete jwk.qi;
-    if (jwk.k) {
-      return exportKeyValue(jwk.k);
-    }
-    pubCache || (pubCache = /* @__PURE__ */ new WeakMap());
-    return importAndCache(pubCache, key, jwk, alg);
-  }
-  if (isJWK(key)) {
-    if (key.k)
-      return decode(key.k);
-    pubCache || (pubCache = /* @__PURE__ */ new WeakMap());
-    const cryptoKey = importAndCache(pubCache, key, key, alg, true);
-    return cryptoKey;
-  }
-  return key;
-};
-const normalizePrivateKey = (key, alg) => {
-  if (isKeyObject(key)) {
-    let jwk = key.export({ format: "jwk" });
-    if (jwk.k) {
-      return exportKeyValue(jwk.k);
-    }
-    privCache || (privCache = /* @__PURE__ */ new WeakMap());
-    return importAndCache(privCache, key, jwk, alg);
-  }
-  if (isJWK(key)) {
-    if (key.k)
-      return decode(key.k);
-    privCache || (privCache = /* @__PURE__ */ new WeakMap());
-    const cryptoKey = importAndCache(privCache, key, key, alg, true);
-    return cryptoKey;
-  }
-  return key;
-};
-const normalize = { normalizePublicKey, normalizePrivateKey };
-const findOid = (keyData, oid, from = 0) => {
-  if (from === 0) {
-    oid.unshift(oid.length);
-    oid.unshift(6);
-  }
-  const i = keyData.indexOf(oid[0], from);
-  if (i === -1)
-    return false;
-  const sub = keyData.subarray(i, i + oid.length);
-  if (sub.length !== oid.length)
-    return false;
-  return sub.every((value, index) => value === oid[index]) || findOid(keyData, oid, i + 1);
-};
-const getNamedCurve = (keyData) => {
-  switch (true) {
-    case findOid(keyData, [42, 134, 72, 206, 61, 3, 1, 7]):
-      return "P-256";
-    case findOid(keyData, [43, 129, 4, 0, 34]):
-      return "P-384";
-    case findOid(keyData, [43, 129, 4, 0, 35]):
-      return "P-521";
-    case findOid(keyData, [43, 101, 110]):
-      return "X25519";
-    case findOid(keyData, [43, 101, 111]):
-      return "X448";
-    case findOid(keyData, [43, 101, 112]):
-      return "Ed25519";
-    case findOid(keyData, [43, 101, 113]):
-      return "Ed448";
-    default:
-      throw new JOSENotSupported("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
-  }
-};
-const genericImport = async (replace, keyFormat, pem, alg, options) => {
-  let algorithm;
-  let keyUsages;
-  const keyData = new Uint8Array(atob(pem.replace(replace, "")).split("").map((c) => c.charCodeAt(0)));
-  switch (alg) {
-    case "PS256":
-    case "PS384":
-    case "PS512":
-      algorithm = { name: "RSA-PSS", hash: `SHA-${alg.slice(-3)}` };
-      keyUsages = ["sign"];
-      break;
-    case "RS256":
-    case "RS384":
-    case "RS512":
-      algorithm = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${alg.slice(-3)}` };
-      keyUsages = ["sign"];
-      break;
-    case "RSA-OAEP":
-    case "RSA-OAEP-256":
-    case "RSA-OAEP-384":
-    case "RSA-OAEP-512":
-      algorithm = {
-        name: "RSA-OAEP",
-        hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`
-      };
-      keyUsages = ["decrypt", "unwrapKey"];
-      break;
-    case "ES256":
-      algorithm = { name: "ECDSA", namedCurve: "P-256" };
-      keyUsages = ["sign"];
-      break;
-    case "ES384":
-      algorithm = { name: "ECDSA", namedCurve: "P-384" };
-      keyUsages = ["sign"];
-      break;
-    case "ES512":
-      algorithm = { name: "ECDSA", namedCurve: "P-521" };
-      keyUsages = ["sign"];
-      break;
-    case "ECDH-ES":
-    case "ECDH-ES+A128KW":
-    case "ECDH-ES+A192KW":
-    case "ECDH-ES+A256KW": {
-      const namedCurve = getNamedCurve(keyData);
-      algorithm = namedCurve.startsWith("P-") ? { name: "ECDH", namedCurve } : { name: namedCurve };
-      keyUsages = ["deriveBits"];
-      break;
-    }
-    case "Ed25519":
-      algorithm = { name: "Ed25519" };
-      keyUsages = ["sign"];
-      break;
-    case "EdDSA":
-      algorithm = { name: getNamedCurve(keyData) };
-      keyUsages = ["sign"];
-      break;
-    default:
-      throw new JOSENotSupported('Invalid or unsupported "alg" (Algorithm) value');
-  }
-  return crypto$1.subtle.importKey(keyFormat, keyData, algorithm, false, keyUsages);
-};
-const fromPKCS8 = (pem, alg, options) => {
-  return genericImport(/(?:-----(?:BEGIN|END) PRIVATE KEY-----|\s)/g, "pkcs8", pem, alg);
-};
-async function importPKCS8(pkcs8, alg, options) {
-  if (typeof pkcs8 !== "string" || pkcs8.indexOf("-----BEGIN PRIVATE KEY-----") !== 0) {
-    throw new TypeError('"pkcs8" must be PKCS#8 formatted string');
-  }
-  return fromPKCS8(pkcs8, alg);
-}
-const tag = (key) => key?.[Symbol.toStringTag];
-const jwkMatchesOp = (alg, key, usage) => {
-  if (key.use !== void 0 && key.use !== "sig") {
-    throw new TypeError("Invalid key for this operation, when present its use must be sig");
-  }
-  if (key.key_ops !== void 0 && key.key_ops.includes?.(usage) !== true) {
-    throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${usage}`);
-  }
-  if (key.alg !== void 0 && key.alg !== alg) {
-    throw new TypeError(`Invalid key for this operation, when present its alg must be ${alg}`);
-  }
-  return true;
-};
-const symmetricTypeCheck = (alg, key, usage, allowJwk) => {
-  if (key instanceof Uint8Array)
-    return;
-  if (allowJwk && isJWK(key)) {
-    if (isSecretJWK(key) && jwkMatchesOp(alg, key, usage))
-      return;
-    throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present`);
-  }
-  if (!isKeyLike(key)) {
-    throw new TypeError(withAlg(alg, key, ...types, "Uint8Array", allowJwk ? "JSON Web Key" : null));
-  }
-  if (key.type !== "secret") {
-    throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`);
-  }
-};
-const asymmetricTypeCheck = (alg, key, usage, allowJwk) => {
-  if (allowJwk && isJWK(key)) {
-    switch (usage) {
-      case "sign":
-        if (isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))
-          return;
-        throw new TypeError(`JSON Web Key for this operation be a private JWK`);
-      case "verify":
-        if (isPublicJWK(key) && jwkMatchesOp(alg, key, usage))
-          return;
-        throw new TypeError(`JSON Web Key for this operation be a public JWK`);
-    }
-  }
-  if (!isKeyLike(key)) {
-    throw new TypeError(withAlg(alg, key, ...types, allowJwk ? "JSON Web Key" : null));
-  }
-  if (key.type === "secret") {
-    throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`);
-  }
-  if (usage === "sign" && key.type === "public") {
-    throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`);
-  }
-  if (usage === "decrypt" && key.type === "public") {
-    throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`);
-  }
-  if (key.algorithm && usage === "verify" && key.type === "private") {
-    throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`);
-  }
-  if (key.algorithm && usage === "encrypt" && key.type === "private") {
-    throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`);
-  }
-};
-function checkKeyType(allowJwk, alg, key, usage) {
-  const symmetric = alg.startsWith("HS") || alg === "dir" || alg.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(alg);
-  if (symmetric) {
-    symmetricTypeCheck(alg, key, usage, allowJwk);
-  } else {
-    asymmetricTypeCheck(alg, key, usage, allowJwk);
-  }
-}
-checkKeyType.bind(void 0, false);
-const checkKeyTypeWithJwk = checkKeyType.bind(void 0, true);
-function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {
-  if (joseHeader.crit !== void 0 && protectedHeader?.crit === void 0) {
-    throw new Err('"crit" (Critical) Header Parameter MUST be integrity protected');
-  }
-  if (!protectedHeader || protectedHeader.crit === void 0) {
-    return /* @__PURE__ */ new Set();
-  }
-  if (!Array.isArray(protectedHeader.crit) || protectedHeader.crit.length === 0 || protectedHeader.crit.some((input) => typeof input !== "string" || input.length === 0)) {
-    throw new Err('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
-  }
-  let recognized;
-  if (recognizedOption !== void 0) {
-    recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);
-  } else {
-    recognized = recognizedDefault;
-  }
-  for (const parameter of protectedHeader.crit) {
-    if (!recognized.has(parameter)) {
-      throw new JOSENotSupported(`Extension Header Parameter "${parameter}" is not recognized`);
-    }
-    if (joseHeader[parameter] === void 0) {
-      throw new Err(`Extension Header Parameter "${parameter}" is missing`);
-    }
-    if (recognized.get(parameter) && protectedHeader[parameter] === void 0) {
-      throw new Err(`Extension Header Parameter "${parameter}" MUST be integrity protected`);
-    }
-  }
-  return new Set(protectedHeader.crit);
-}
-function subtleDsa(alg, algorithm) {
-  const hash = `SHA-${alg.slice(-3)}`;
-  switch (alg) {
-    case "HS256":
-    case "HS384":
-    case "HS512":
-      return { hash, name: "HMAC" };
-    case "PS256":
-    case "PS384":
-    case "PS512":
-      return { hash, name: "RSA-PSS", saltLength: alg.slice(-3) >> 3 };
-    case "RS256":
-    case "RS384":
-    case "RS512":
-      return { hash, name: "RSASSA-PKCS1-v1_5" };
-    case "ES256":
-    case "ES384":
-    case "ES512":
-      return { hash, name: "ECDSA", namedCurve: algorithm.namedCurve };
-    case "Ed25519":
-      return { name: "Ed25519" };
-    case "EdDSA":
-      return { name: algorithm.name };
-    default:
-      throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
-  }
-}
-async function getCryptoKey(alg, key, usage) {
-  {
-    key = await normalize.normalizePrivateKey(key, alg);
-  }
-  if (isCryptoKey(key)) {
-    checkSigCryptoKey(key, alg, usage);
-    return key;
-  }
-  if (key instanceof Uint8Array) {
-    if (!alg.startsWith("HS")) {
-      throw new TypeError(invalidKeyInput(key, ...types));
-    }
-    return crypto$1.subtle.importKey("raw", key, { hash: `SHA-${alg.slice(-3)}`, name: "HMAC" }, false, [usage]);
-  }
-  throw new TypeError(invalidKeyInput(key, ...types, "Uint8Array", "JSON Web Key"));
-}
-const epoch = (date) => Math.floor(date.getTime() / 1e3);
-const minute = 60;
-const hour = minute * 60;
-const day = hour * 24;
-const week = day * 7;
-const year = day * 365.25;
-const REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;
-const secs = (str) => {
-  const matched = REGEX.exec(str);
-  if (!matched || matched[4] && matched[1]) {
-    throw new TypeError("Invalid time period format");
-  }
-  const value = parseFloat(matched[2]);
-  const unit = matched[3].toLowerCase();
-  let numericDate;
-  switch (unit) {
-    case "sec":
-    case "secs":
-    case "second":
-    case "seconds":
-    case "s":
-      numericDate = Math.round(value);
-      break;
-    case "minute":
-    case "minutes":
-    case "min":
-    case "mins":
-    case "m":
-      numericDate = Math.round(value * minute);
-      break;
-    case "hour":
-    case "hours":
-    case "hr":
-    case "hrs":
-    case "h":
-      numericDate = Math.round(value * hour);
-      break;
-    case "day":
-    case "days":
-    case "d":
-      numericDate = Math.round(value * day);
-      break;
-    case "week":
-    case "weeks":
-    case "w":
-      numericDate = Math.round(value * week);
-      break;
-    default:
-      numericDate = Math.round(value * year);
-      break;
-  }
-  if (matched[1] === "-" || matched[4] === "ago") {
-    return -numericDate;
-  }
-  return numericDate;
-};
-const sign = async (alg, key, data) => {
-  const cryptoKey = await getCryptoKey(alg, key, "sign");
-  checkKeyLength(alg, cryptoKey);
-  const signature = await crypto$1.subtle.sign(subtleDsa(alg, cryptoKey.algorithm), cryptoKey, data);
-  return new Uint8Array(signature);
-};
-class FlattenedSign {
-  constructor(payload) {
-    if (!(payload instanceof Uint8Array)) {
-      throw new TypeError("payload must be an instance of Uint8Array");
-    }
-    this._payload = payload;
-  }
-  setProtectedHeader(protectedHeader) {
-    if (this._protectedHeader) {
-      throw new TypeError("setProtectedHeader can only be called once");
-    }
-    this._protectedHeader = protectedHeader;
-    return this;
-  }
-  setUnprotectedHeader(unprotectedHeader) {
-    if (this._unprotectedHeader) {
-      throw new TypeError("setUnprotectedHeader can only be called once");
-    }
-    this._unprotectedHeader = unprotectedHeader;
-    return this;
-  }
-  async sign(key, options) {
-    if (!this._protectedHeader && !this._unprotectedHeader) {
-      throw new JWSInvalid("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");
-    }
-    if (!isDisjoint(this._protectedHeader, this._unprotectedHeader)) {
-      throw new JWSInvalid("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
-    }
-    const joseHeader = {
-      ...this._protectedHeader,
-      ...this._unprotectedHeader
+    const backendBaseUrl = config.backendBaseUrl || DEFAULT_BASE_URL$1;
+    const requestBody = {
+      dfProjectId: config.dfProjectId,
+      dfLocation: config.dfLocation || "us-central1",
+      dfAgentId: config.dfAgentId,
+      languageCode: config.languageCode || "en"
     };
-    const extensions = validateCrit(JWSInvalid, /* @__PURE__ */ new Map([["b64", true]]), options?.crit, this._protectedHeader, joseHeader);
-    let b64 = true;
-    if (extensions.has("b64")) {
-      b64 = this._protectedHeader.b64;
-      if (typeof b64 !== "boolean") {
-        throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
-      }
-    }
-    const { alg } = joseHeader;
-    if (typeof alg !== "string" || !alg) {
-      throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-    }
-    checkKeyTypeWithJwk(alg, key, "sign");
-    let payload = this._payload;
-    if (b64) {
-      payload = encoder.encode(encode(payload));
-    }
-    let protectedHeader;
-    if (this._protectedHeader) {
-      protectedHeader = encoder.encode(encode(JSON.stringify(this._protectedHeader)));
-    } else {
-      protectedHeader = encoder.encode("");
-    }
-    const data = concat(protectedHeader, encoder.encode("."), payload);
-    const signature = await sign(alg, key, data);
-    const jws = {
-      signature: encode(signature),
-      payload: ""
-    };
-    if (b64) {
-      jws.payload = decoder.decode(payload);
-    }
-    if (this._unprotectedHeader) {
-      jws.header = this._unprotectedHeader;
-    }
-    if (this._protectedHeader) {
-      jws.protected = decoder.decode(protectedHeader);
-    }
-    return jws;
-  }
-}
-class CompactSign {
-  constructor(payload) {
-    this._flattened = new FlattenedSign(payload);
-  }
-  setProtectedHeader(protectedHeader) {
-    this._flattened.setProtectedHeader(protectedHeader);
-    return this;
-  }
-  async sign(key, options) {
-    const jws = await this._flattened.sign(key, options);
-    if (jws.payload === void 0) {
-      throw new TypeError("use the flattened module for creating JWS with b64: false");
-    }
-    return `${jws.protected}.${jws.payload}.${jws.signature}`;
-  }
-}
-function validateInput(label, input) {
-  if (!Number.isFinite(input)) {
-    throw new TypeError(`Invalid ${label} input`);
-  }
-  return input;
-}
-class ProduceJWT {
-  constructor(payload = {}) {
-    if (!isObject(payload)) {
-      throw new TypeError("JWT Claims Set MUST be an object");
-    }
-    this._payload = payload;
-  }
-  setIssuer(issuer) {
-    this._payload = { ...this._payload, iss: issuer };
-    return this;
-  }
-  setSubject(subject) {
-    this._payload = { ...this._payload, sub: subject };
-    return this;
-  }
-  setAudience(audience) {
-    this._payload = { ...this._payload, aud: audience };
-    return this;
-  }
-  setJti(jwtId) {
-    this._payload = { ...this._payload, jti: jwtId };
-    return this;
-  }
-  setNotBefore(input) {
-    if (typeof input === "number") {
-      this._payload = { ...this._payload, nbf: validateInput("setNotBefore", input) };
-    } else if (input instanceof Date) {
-      this._payload = { ...this._payload, nbf: validateInput("setNotBefore", epoch(input)) };
-    } else {
-      this._payload = { ...this._payload, nbf: epoch(/* @__PURE__ */ new Date()) + secs(input) };
-    }
-    return this;
-  }
-  setExpirationTime(input) {
-    if (typeof input === "number") {
-      this._payload = { ...this._payload, exp: validateInput("setExpirationTime", input) };
-    } else if (input instanceof Date) {
-      this._payload = { ...this._payload, exp: validateInput("setExpirationTime", epoch(input)) };
-    } else {
-      this._payload = { ...this._payload, exp: epoch(/* @__PURE__ */ new Date()) + secs(input) };
-    }
-    return this;
-  }
-  setIssuedAt(input) {
-    if (typeof input === "undefined") {
-      this._payload = { ...this._payload, iat: epoch(/* @__PURE__ */ new Date()) };
-    } else if (input instanceof Date) {
-      this._payload = { ...this._payload, iat: validateInput("setIssuedAt", epoch(input)) };
-    } else if (typeof input === "string") {
-      this._payload = {
-        ...this._payload,
-        iat: validateInput("setIssuedAt", epoch(/* @__PURE__ */ new Date()) + secs(input))
-      };
-    } else {
-      this._payload = { ...this._payload, iat: validateInput("setIssuedAt", input) };
-    }
-    return this;
-  }
-}
-class SignJWT extends ProduceJWT {
-  setProtectedHeader(protectedHeader) {
-    this._protectedHeader = protectedHeader;
-    return this;
-  }
-  async sign(key, options) {
-    const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload)));
-    sig.setProtectedHeader(this._protectedHeader);
-    if (Array.isArray(this._protectedHeader?.crit) && this._protectedHeader.crit.includes("b64") && this._protectedHeader.b64 === false) {
-      throw new JWTInvalid("JWTs MUST NOT use unencoded payload");
-    }
-    return sig.sign(key, options);
-  }
-}
-async function getAccessTokenFromServiceAccount(serviceAccountKey) {
-  const now = Math.floor(Date.now() / 1e3);
-  let privateKeyPem = serviceAccountKey.private_key;
-  if (privateKeyPem) {
-    privateKeyPem = privateKeyPem.trim();
-    if (!privateKeyPem.includes("-----BEGIN")) {
-      const keyContent = privateKeyPem.replace(/\s/g, "");
-      const formattedKey = keyContent.match(/.{1,64}/g)?.join("\n") || keyContent;
-      privateKeyPem = `-----BEGIN PRIVATE KEY-----
-${formattedKey}
------END PRIVATE KEY-----`;
-    } else {
-      privateKeyPem = privateKeyPem.replace(/\r\n/g, "\n").replace(/\r/g, "\n");
-      if (privateKeyPem.includes("BEGIN RSA PRIVATE KEY")) {
-        throw new Error(
-          "Private key is in PKCS#1 format (RSA PRIVATE KEY). Please download a new service account key from Google Cloud Console. The key should be in PKCS#8 format (PRIVATE KEY)."
-        );
-      }
-      const keyMatch = privateKeyPem.match(/-----BEGIN PRIVATE KEY-----\n?([\s\S]*?)\n?-----END PRIVATE KEY-----/);
-      if (keyMatch) {
-        const keyContent = keyMatch[1].replace(/\s/g, "");
-        if (!keyContent.includes("\n") || keyContent.length > 64) {
-          const formattedKey = keyContent.match(/.{1,64}/g)?.join("\n") || keyContent;
-          privateKeyPem = `-----BEGIN PRIVATE KEY-----
-${formattedKey}
------END PRIVATE KEY-----`;
-        }
-      }
-    }
-  } else {
-    throw new Error("Private key is missing from service account key");
-  }
-  try {
-    const privateKey = await importPKCS8(privateKeyPem, "RS256");
-    const jwt = await new SignJWT({
-      scope: "https://www.googleapis.com/auth/cloud-platform"
-    }).setProtectedHeader({ alg: "RS256" }).setIssuedAt(now).setExpirationTime(now + 3600).setIssuer(serviceAccountKey.client_email).setSubject(serviceAccountKey.client_email).setAudience("https://oauth2.googleapis.com/token").sign(privateKey);
-    const response = await fetch("https://oauth2.googleapis.com/token", {
-      method: "POST",
-      headers: { "Content-Type": "application/x-www-form-urlencoded" },
-      body: new URLSearchParams({
-        grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
-        assertion: jwt
-      })
-    });
-    if (!response.ok) {
-      const error = await response.json();
-      throw new Error(error.error_description || "Failed to get access token");
-    }
-    const data = await response.json();
-    return data.access_token;
-  } catch (error) {
-    if (error.message && error.message.includes("pkcs8")) {
-      throw new Error(
-        "Invalid private key format. The service account key must be in PKCS#8 format. Please ensure your service account key JSON file has a properly formatted private_key field. If you downloaded the key from Google Cloud Console, it should already be in the correct format."
-      );
-    }
-    throw error;
-  }
-}
-async function getAccessToken(config) {
-  if (config.accessToken) {
-    return config.accessToken;
-  }
-  if (!config.serviceAccountKey) {
-    throw new Error("Either serviceAccountKey or accessToken must be provided");
-  }
-  return await getAccessTokenFromServiceAccount(config.serviceAccountKey);
-}
-function createSessionPath(projectId, location, agentId, sessionId) {
-  return `projects/${projectId}/locations/${location}/agents/${agentId}/sessions/${sessionId}`;
-}
-function extractRichContent(responseMessages) {
-  let richContent = null;
-  for (const msg of responseMessages) {
-    if (msg.payload) {
-      if (msg.payload.richContent) {
-        richContent = msg.payload.richContent;
-        break;
-      }
-      if (msg.payload.fields && msg.payload.fields.richContent) {
-        const richContentValue = msg.payload.fields.richContent;
-        if (richContentValue.listValue && richContentValue.listValue.values) {
-          richContent = richContentValue.listValue.values.map((v) => {
-            if (v.listValue && v.listValue.values) {
-              return v.listValue.values.map((item) => {
-                if (item.structValue && item.structValue.fields) {
-                  const fields = item.structValue.fields;
-                  if (fields.type && fields.options) {
-                    return {
-                      type: fields.type.stringValue || fields.type,
-                      options: fields.options.listValue ? fields.options.listValue.values.map((opt) => ({
-                        text: opt.structValue?.fields?.text?.stringValue || "",
-                        payload: opt.structValue?.fields?.payload?.stringValue || ""
-                      })) : []
-                    };
-                  }
-                }
-                return item;
-              });
-            }
-            return v;
-          });
-        } else if (typeof richContentValue === "object" && !richContentValue.listValue) {
-          richContent = richContentValue;
-        }
-        break;
-      }
+    if (existingSessionId) {
+      requestBody.sessionId = existingSessionId;
     }
-  }
-  return richContent;
-}
-async function createDialogflowSession(config) {
-  try {
-    const accessToken = await getAccessToken(config);
-    const sessionId = `session_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
-    const location = config.dfLocation.split(" ")[0].trim();
-    const sessionPath = createSessionPath(
-      config.dfProjectId,
-      location,
-      config.dfAgentId,
-      sessionId
-    );
-    const apiEndpoint = `https://${location}-dialogflow.googleapis.com/v3/${sessionPath}:detectIntent`;
-    const request = {
-      queryInput: {
-        text: {
-          text: "hello"
-        },
-        languageCode: config.languageCode || "en"
-      }
-    };
-    const response = await fetch(apiEndpoint, {
+    const response = await fetch(`${backendBaseUrl}/api/dialogflow/session/create`, {
       method: "POST",
       headers: {
-        "Authorization": `Bearer ${accessToken}`,
         "Content-Type": "application/json"
+        // Don't send X-Session-ID header for Dialogflow-only operations
       },
-      body: JSON.stringify(request)
+      body: JSON.stringify(requestBody)
     });
     if (!response.ok) {
-      const error = await response.json().catch(() => ({}));
-      throw new Error(error.error?.message || `HTTP error! status: ${response.status}`);
+      const contentType2 = response.headers.get("content-type");
+      let error = {};
+      if (contentType2 && contentType2.includes("application/json")) {
+        try {
+          error = await response.json();
+        } catch {
+          error = {};
+        }
+      } else {
+        const text2 = await response.text();
+        throw new Error(
+          `API endpoint returned HTML instead of JSON. Status: ${response.status}. Response preview: ${text2.substring(0, 200)}. This usually means the endpoint doesn't exist or the server is misconfigured. URL: ${backendBaseUrl}/api/dialogflow/session/create`
+        );
+      }
+      if (response.status === 400) {
+        throw new Error(error.message || "Bad request. Please check your Dialogflow configuration.");
+      } else if (response.status === 401) {
+        throw new Error(error.message || "Authentication failed. Please check your backend configuration.");
+      } else if (response.status === 403) {
+        throw new Error(error.message || "Access forbidden. Please check your permissions.");
+      } else if (response.status === 404) {
+        throw new Error(error.message || "Dialogflow agent not found. Please check your project ID, location, and agent ID.");
+      } else if (response.status === 500) {
+        throw new Error(error.message || "Internal server error. Please try again later.");
+      }
+      throw new Error(error.message || `HTTP error! status: ${response.status}`);
+    }
+    const contentType = response.headers.get("content-type");
+    if (!contentType || !contentType.includes("application/json")) {
+      const clonedResponse = response.clone();
+      const text2 = await clonedResponse.text();
+      throw new Error(
+        `API endpoint returned non-JSON response. Status: ${response.status}. Content-Type: ${contentType || "unknown"}. Response body: ${text2.substring(0, 200)}. This usually means the endpoint doesn't exist or the server is misconfigured. URL: ${backendBaseUrl}/api/dialogflow/session/create`
+      );
     }
     const data = await response.json();
-    let welcomeMessage = "Hello! I'm BlockSpark AI Assistant. How can I help you today?";
-    let richContent = null;
-    if (data.queryResult?.responseMessages) {
-      const textMessages = data.queryResult.responseMessages.filter((msg) => msg.text).map((msg) => msg.text.text.join(" "));
-      if (textMessages.length > 0) {
-        welcomeMessage = textMessages.join(" ");
-      }
-      richContent = extractRichContent(data.queryResult.responseMessages);
-    } else if (data.queryResult?.fulfillmentText) {
-      welcomeMessage = data.queryResult.fulfillmentText;
+    if (data.status !== "success") {
+      throw new Error(data.message || "Failed to create session. Backend returned unsuccessful status.");
     }
+    const responseData = data.data || data;
     return {
-      session_id: sessionId,
-      message: welcomeMessage,
-      ...richContent && { richContent }
+      session_id: responseData.session_id || data.session_id,
+      message: responseData.message || "Hello! How can I help you today?",
+      ...responseData.richContent && { richContent: responseData.richContent }
     };
   } catch (error) {
     console.error("Error creating Dialogflow session:", error);
-    const errorMessage = error.message || "Failed to create session";
-    if (errorMessage.includes("401") || errorMessage.includes("Unauthorized")) {
-      throw new Error("Authentication failed. Please check your service account key or access token.");
-    } else if (errorMessage.includes("403") || errorMessage.includes("Forbidden")) {
-      throw new Error("Access forbidden. Please check your Dialogflow API permissions.");
-    } else if (errorMessage.includes("404") || errorMessage.includes("Not Found")) {
-      throw new Error("Dialogflow agent not found. Please check your project ID, location, and agent ID.");
-    }
-    throw new Error(errorMessage);
+    if (error.message?.includes("Failed to fetch") || error.message?.includes("CORS")) {
+      throw new Error("Network error. Unable to connect to backend. Please check your network connection and CORS settings.");
+    }
+    if (error.message && !error.message.includes("HTTP error")) {
+      throw error;
+    }
+    throw new Error(error.message || "Failed to create Dialogflow session");
   }
 }
-async function sendDialogflowMessage(message2, sessionId, config) {
+async function sendDialogflowMessage(message, sessionId, config) {
   try {
-    const accessToken = await getAccessToken(config);
-    const location = config.dfLocation.split(" ")[0].trim();
-    const sessionPath = createSessionPath(
-      config.dfProjectId,
-      location,
-      config.dfAgentId,
-      sessionId
-    );
-    const apiEndpoint = `https://${location}-dialogflow.googleapis.com/v3/${sessionPath}:detectIntent`;
-    const request = {
-      queryInput: {
-        text: {
-          text: message2.trim()
+    const backendBaseUrl = config.backendBaseUrl || DEFAULT_BASE_URL$1;
+    const requestBody = {
+      message: message.trim(),
+      dfProjectId: config.dfProjectId,
+      dfLocation: config.dfLocation || "us-central1",
+      dfAgentId: config.dfAgentId,
+      languageCode: config.languageCode || "en"
+    };
+    const response = await fetch(
+      `${backendBaseUrl}/api/dialogflow/session/${encodeURIComponent(sessionId)}/message`,
+      {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+          // Don't send X-Session-ID header for Dialogflow-only operations
         },
-        languageCode: config.languageCode || "en"
+        body: JSON.stringify(requestBody)
       }
-    };
-    const response = await fetch(apiEndpoint, {
-      method: "POST",
-      headers: {
-        "Authorization": `Bearer ${accessToken}`,
-        "Content-Type": "application/json"
-      },
-      body: JSON.stringify(request)
-    });
+    );
     if (!response.ok) {
-      const errorText = await response.text();
-      let errorData = {};
-      try {
-        errorData = JSON.parse(errorText);
-      } catch {
-        errorData = { message: errorText || `HTTP ${response.status}` };
-      }
-      const errorMessage = errorData.error?.message || errorData.message || `HTTP error! status: ${response.status}`;
-      console.error("Dialogflow API Error (sendMessage):", {
-        status: response.status,
-        statusText: response.statusText,
-        error: errorData,
-        endpoint: apiEndpoint
-      });
-      throw new Error(errorMessage);
-    }
-    const data = await response.json();
-    let responseText = "I'm sorry, I didn't understand that. Could you please rephrase?";
-    let richContent = null;
-    let handoff = false;
-    if (data.queryResult?.parameters?.fields?.handoff?.boolValue === true) {
-      handoff = true;
-    } else if (data.queryResult?.responseMessages) {
-      for (const msg of data.queryResult.responseMessages) {
-        if (msg.payload) {
-          if (typeof msg.payload === "object") {
-            if (msg.payload.handoff === true) {
-              handoff = true;
-              break;
-            }
-            if (msg.payload.fields?.handoff?.boolValue === true) {
-              handoff = true;
-              break;
-            }
-          }
+      const contentType2 = response.headers.get("content-type");
+      let error = {};
+      if (contentType2 && contentType2.includes("application/json")) {
+        try {
+          error = await response.json();
+        } catch {
+          error = {};
         }
+      } else {
+        const text2 = await response.text();
+        throw new Error(
+          `API endpoint returned HTML instead of JSON. Status: ${response.status}. Response preview: ${text2.substring(0, 200)}. This usually means the endpoint doesn't exist or the server is misconfigured. URL: ${backendBaseUrl}/api/dialogflow/session/${encodeURIComponent(sessionId)}/message`
+        );
       }
+      if (response.status === 400) {
+        throw new Error(error.message || "Bad request. Please check your message and configuration.");
+      } else if (response.status === 401) {
+        throw new Error(error.message || "Authentication failed. Please check your backend configuration.");
+      } else if (response.status === 403) {
+        throw new Error(error.message || "Access forbidden. Please check your permissions.");
+      } else if (response.status === 404) {
+        throw new Error(error.message || "Dialogflow session not found. Please check your session ID.");
+      } else if (response.status === 500) {
+        throw new Error(error.message || "Internal server error. Please try again later.");
+      }
+      throw new Error(error.message || `HTTP error! status: ${response.status}`);
+    }
+    const contentType = response.headers.get("content-type");
+    if (!contentType || !contentType.includes("application/json")) {
+      const clonedResponse = response.clone();
+      const text2 = await clonedResponse.text();
+      throw new Error(
+        `API endpoint returned non-JSON response. Status: ${response.status}. Content-Type: ${contentType || "unknown"}. Response body: ${text2.substring(0, 200)}. This usually means the endpoint doesn't exist or the server is misconfigured. URL: ${backendBaseUrl}/api/dialogflow/session/${encodeURIComponent(sessionId)}/message`
+      );
     }
-    if (data.handoff === true) {
-      handoff = true;
-    }
-    if (data.queryResult?.responseMessages) {
-      const textMessages = data.queryResult.responseMessages.filter((msg) => msg.text).map((msg) => msg.text.text.join(" "));
-      if (textMessages.length > 0) {
-        responseText = textMessages.join(" ");
-      }
-      richContent = extractRichContent(data.queryResult.responseMessages);
-    } else if (data.queryResult?.fulfillmentText) {
-      responseText = data.queryResult.fulfillmentText;
+    const data = await response.json();
+    if (data.status !== "success") {
+      throw new Error(data.message || "Failed to send message. Backend returned unsuccessful status.");
     }
+    const responseData = data.data || data;
     return {
-      response: responseText,
-      session_id: sessionId,
-      source: "dialogflow",
-      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-      ...richContent && { richContent },
-      ...handoff && { handoff: true }
+      response: responseData.response || responseData.message || "I'm sorry, I didn't understand that. Could you please rephrase?",
+      session_id: responseData.session_id || data.session_id || sessionId,
+      source: responseData.source || "dialogflow",
+      timestamp: responseData.timestamp || (/* @__PURE__ */ new Date()).toISOString(),
+      ...responseData.richContent && { richContent: responseData.richContent },
+      ...responseData.handoff !== void 0 && { handoff: responseData.handoff }
     };
   } catch (error) {
     console.error("Error sending message to Dialogflow:", error);
-    const errorMessage = error.message || "Failed to send message";
-    if (errorMessage.includes("401") || errorMessage.includes("Unauthorized")) {
-      throw new Error("Authentication failed. Please check your service account key or access token.");
-    } else if (errorMessage.includes("403") || errorMessage.includes("Forbidden")) {
-      throw new Error("Access forbidden. Please check your Dialogflow API permissions.");
-    } else if (errorMessage.includes("404") || errorMessage.includes("Not Found")) {
-      throw new Error("Dialogflow agent not found. Please check your project ID, location, and agent ID.");
-    } else if (errorMessage.includes("CORS")) {
-      throw new Error("CORS error. Dialogflow API may not allow browser requests. Consider using a backend proxy.");
-    }
-    throw new Error(errorMessage);
+    if (error.message?.includes("Failed to fetch") || error.message?.includes("CORS")) {
+      throw new Error("Network error. Unable to connect to backend. Please check your network connection and CORS settings.");
+    }
+    if (error.message && !error.message.includes("HTTP error")) {
+      throw error;
+    }
+    throw new Error(error.message || "Failed to send message to Dialogflow");
   }
 }
 const SESSION_KEY = "chat_session_id";
@@ -1308,8 +202,8 @@ function getSessionManager() {
   return sessionManagerInstance;
 }
 class ChatResolvedError extends Error {
-  constructor(message2 = "chat_resolved") {
-    super(message2);
+  constructor(message = "chat_resolved") {
+    super(message);
     this.reason = "chat_resolved";
     this.name = "ChatResolvedError";
   }
@@ -1505,7 +399,7 @@ class ChatService {
   /**
    * Send message to agent via REST API
    */
-  async sendMessageToAgent(chatId, sessionId, message2) {
+  async sendMessageToAgent(chatId, sessionId, message) {
     try {
       const headers = {
         "Content-Type": "application/json",
@@ -1520,7 +414,7 @@ class ChatService {
           method: "POST",
           headers,
           body: JSON.stringify({
-            content: message2
+            content: message
           })
         }
       );
@@ -1575,7 +469,7 @@ class ChatService {
       return {
         id: data.id,
         sender_type: "customer",
-        content: message2,
+        content: message,
         timestamp: data.timestamp || (/* @__PURE__ */ new Date()).toISOString()
       };
     } catch (error) {
@@ -1717,35 +611,35 @@ class ChatService {
       };
       this.ws.onmessage = (event) => {
         try {
-          const message2 = JSON.parse(event.data);
+          const message = JSON.parse(event.data);
           if (this.debug) {
             console.log("WebSocket raw message received:", event.data);
-            console.log("WebSocket parsed message:", message2);
+            console.log("WebSocket parsed message:", message);
           }
-          if (message2.session_id) {
-            this.sessionManager.updateSessionFromResponse({ session_id: message2.session_id });
+          if (message.session_id) {
+            this.sessionManager.updateSessionFromResponse({ session_id: message.session_id });
           }
-          if (message2.type === "agent_accepted" || message2.type === "chat_resolved" || message2.type === "chat_ended") {
+          if (message.type === "agent_accepted" || message.type === "chat_resolved" || message.type === "chat_ended") {
             console.log("🔔 Received notification message:", {
-              type: message2.type,
-              chat_id: message2.chat_id,
-              timestamp: message2.timestamp,
-              to_agent: message2.to_agent,
-              to_agent_id: message2.to_agent_id
+              type: message.type,
+              chat_id: message.chat_id,
+              timestamp: message.timestamp,
+              to_agent: message.to_agent,
+              to_agent_id: message.to_agent_id
             });
           }
-          if (message2.type === "pong") {
+          if (message.type === "pong") {
             return;
           }
-          if (this.debug && message2.type === "message") {
+          if (this.debug && message.type === "message") {
             console.log("Processing message type:", {
-              type: message2.type,
-              sender_type: message2.sender_type,
-              content: message2.content?.substring(0, 50) + "...",
-              id: message2.id
+              type: message.type,
+              sender_type: message.sender_type,
+              content: message.content?.substring(0, 50) + "...",
+              id: message.id
             });
           }
-          this.messageHandlers.forEach((handler) => handler(message2));
+          this.messageHandlers.forEach((handler) => handler(message));
         } catch (error) {
           console.error("Error parsing WebSocket message:", error);
           if (this.debug) {
@@ -1795,7 +689,7 @@ class ChatService {
   /**
    * Send message via WebSocket
    */
-  sendMessageViaWebSocket(message2) {
+  sendMessageViaWebSocket(message) {
     if (!this.ws || this.ws.readyState !== WebSocket.OPEN) {
       return false;
     }
@@ -1803,7 +697,7 @@ class ChatService {
       this.ws.send(
         JSON.stringify({
           type: "message",
-          content: message2
+          content: message
         })
       );
       return true;
@@ -2875,11 +1769,11 @@ function createDOMPurify() {
     CONFIG = null;
     SET_CONFIG = false;
   };
-  DOMPurify.isValidAttribute = function(tag2, attr, value) {
+  DOMPurify.isValidAttribute = function(tag, attr, value) {
     if (!CONFIG) {
       _parseConfig({});
     }
-    const lcTag = transformCaseFunc(tag2);
+    const lcTag = transformCaseFunc(tag);
     const lcName = transformCaseFunc(attr);
     return _isValidAttribute(lcTag, lcName, value);
   };
@@ -2945,4 +1839,4 @@ export {
   linkifyText as l,
   sendDialogflowMessage as s
 };
-//# sourceMappingURL=sanitize-O18C3eqP.js.map
+//# sourceMappingURL=sanitize-Cm1kskSD.js.map