@bravely-studios/account-web 0.3.9 → 0.4.0

package/README.md

@@ -6,9 +6,23 @@ Bravely Studios apps. Used internally across the Bravely web app family.
 ## What it does
 
 - **OAuth 2.1 + PKCE** sign-in via `auth.bravely.dev` — RFC 7636 S256.
-- **BAS lifecycle** — exchange / refresh against `identity.bravely.dev`.
+- **Session forever (0.4.0, D4)** — durable IndexedDB session plus the
+  `grant_type=refresh_token` rotation loop: pre-expiry background refresh,
+  401 refresh-then-retry-once, and destructive sign-out ONLY on a definitive
+  `invalid_grant` / 401-after-refresh. Transport failures never wipe tokens.
+- **Login-first screen (0.4.0, D1)** — `<BravelySignInScreen>`: icon + name
+  + ONE value-prop line + the locked provider picker + passive legal links;
+  recoverable offline state; `onShown` seam for `login_screen_shown`.
+- **3-slot offer grid (0.4.0, D3)** — `<OfferSlotGrid>` + the locked
+  slot-copy factory (`buildOfferSlots`), per-app themes, full-viewport
+  scale-to-fit INCLUDING scale-up (clamp [0.5, 3.0], scroll fallback below,
+  no max-width column cap), `slot_viewed`/`slot_selected` hooks.
+- **Install metrics (0.4.0, D6)** — `getOrMintInstallId()` +
+  `emitAppFirstOpenedIfNeeded()` (persist-first fire-once sentinel; the
+  host fires the actual analytics event).
 - **Entitlement cache** — 72h offline fallback.
-- **Activation state machine** — checkout-to-active flow.
+- **Activation state machine** — checkout-to-active flow (v1.1.0: the
+  `user_skipped` lane is removed — no skip/guest affordance).
 - **Paddle account actions** — BAS-authed checkout session and
   customer-portal session helpers through `identity.bravely.dev`.
 - **`Bravely-Deprecation` handling** — soft warnings + hard
@@ -82,6 +96,9 @@ window.open(portal.url, "_blank");
 | `components/ActivationLadder.tsx`       | **M3** — post-checkout 4-phase ladder (`Activating <App> Pro…`).                  |
 | `components/CrossAppCard.tsx`           | **M4** — third-quadrant card (`You own N Bravely Pro apps on this account.`).    |
 | `components/BravelyProviderButtons.tsx` | Canonical Apple/Google/Email picker — mirrors the Swift SwiftUI surface.          |
+| `components/BravelySignInScreen.tsx`    | **D1** — the login-first first screen (icon + name + value prop + picker).        |
+| `components/OfferSlotGrid.tsx`          | **D3** — locked 3-slot offer grid + copy factory + viewport fit (scale-up).       |
+| `installMetrics.ts`                     | **D6** — install-id mint + fire-once `app_first_opened` sentinel helpers.          |
 | `hooks/useActivationLaneFromUrl.ts`     | **M3** — detect `?upgraded` / `?checkout` / `?subscription` return params.        |
 | `hooks/useFreshLaunchRestoration.ts`    | **M2** — silent rehydrate + brief `Synced N items from your <device>.` toast.     |
 
@@ -213,9 +230,14 @@ const portal = await manager.createPaddlePortalSession();
 
 ## Storage adapters
 
-- **`sessionStorage`** — BAS, PKCE verifier, state. Wipes on tab close.
-- **`IndexedDB`** — refresh_token, entitlement cache, DPoP key handle.
-  Survives reload; key bytes never leave the browser (extractable=false).
+- **`sessionStorage`** — PKCE verifier + state ONLY (single OAuth-dance
+  secrets; they die with the tab by design).
+- **`IndexedDB`** — the durable session (`bas`, `ba_id`, `email`,
+  `expires_at`, `refresh_token`), entitlement cache, DPoP key handle, and
+  the install metrics keys. Survives tab close, browser restart, and app
+  updates (D4 session-forever). Key bytes never leave the browser
+  (extractable=false). Pre-0.4.0 sessionStorage session rows migrate to
+  IndexedDB on first read.
 - **In-memory** — SSR / test fallback.
 
 Host pages can swap in their own ServiceWorker-backed adapter by passing
@@ -240,8 +262,115 @@ Host pages render UI off the `name` (`restoring_session`, `verifying_entitlement
   `createPaddlePortalSession()`, entitlement refreshes, and activation polls
   already carry proof headers.
 
+## Login-first cutover surfaces (0.4.0)
+
+### `<BravelySignInScreen>` (D1)
+
+```tsx
+import { BravelySignInScreen, getOrMintInstallId } from "@bravely-studios/account-web";
+
+<BravelySignInScreen
+  appName="Todoing.ly"
+  appIconSrc="/icon-256.png"
+  valueProp="Every task, every device, always in sync."
+  style={{ variant: "dark", accent: "#3B6EF0" }}
+  isBusy={isAuthorizing}
+  onContinue={(provider) => manager.signIn({ provider })}
+  offline={cantReach}
+  onRetry={() => retryProbe()}
+  onShown={async () => {
+    posthog.capture("login_screen_shown", { install_id: await getOrMintInstallId() });
+  }}
+/>
+```
+
+The first screen on first launch (spec `onboarding.login_first`). No skip,
+no guest lane, no sign-in/sign-up fork — the screen IS both. `onShown`
+fires once per mount; the host MUST emit `login_screen_shown` there.
+
+### `<OfferSlotGrid>` + `buildOfferSlots()` (D3)
+
+```tsx
+import {
+  OfferSlotGrid, buildOfferSlots, offerThemeForSlug,
+  planTokenForSlot, telemetryValueForSlot,
+} from "@bravely-studios/account-web";
+
+const slots = buildOfferSlots({ appName: "Scry", appSlug: "scry", type: "RVA" });
+
+<OfferSlotGrid
+  slots={slots} // provisioned slots only — filter before passing
+  theme={offerThemeForSlug("scry")}
+  onSlotViewed={(s) => posthog.capture("slot_viewed", { offer_slot: telemetryValueForSlot(s) })}
+  onSelect={(s) => {
+    posthog.capture("slot_selected", { offer_slot: telemetryValueForSlot(s) });
+    manager.openCheckout(planTokenForSlot(s, "RVA"));
+  }}
+/>
+```
+
+The web sibling of Swift `OfferSlotGrid` / C# `BravelyOfferGrid`: the locked
+3-slot copy (HOOK → GSO → FRONT_LTV) with full-viewport scale-to-fit
+including scale-up (`scale = min(availW/naturalW, availH/naturalH)` clamped
+to [0.5, 3.0]; scroll fallback below 0.5; single-column stack under 901px;
+NO max-width column cap). The host fires `paywall_shown` when it presents
+the page.
+
+### Install metrics (D6)
+
+```ts
+import { getOrMintInstallId, emitAppFirstOpenedIfNeeded } from "@bravely-studios/account-web";
+
+// At app entry, before any UI gating:
+const { installId } = await emitAppFirstOpenedIfNeeded({
+  emit: ({ installId }) => posthog.capture("app_first_opened", { install_id: installId }),
+});
+manager.setInstallId(installId); // every auth exchange now carries install_id
+```
+
+Persist-first sentinel: the durable IndexedDB sentinel row is written BEFORE
+the emit, so a crash can only under-count — never double-fire.
+
 ## Changelog
 
+### 0.4.0 — 2026-06-11
+
+Login-first cutover W1 (plan §§2, 4, 5, 7 — D1/D3/D4/D6):
+
+- **Session forever (D4):** `bas` / `ba_id` / `email` moved from
+  sessionStorage to IndexedDB (PKCE verifier/state stay session-scoped;
+  legacy rows migrate on first read); `expires_at` persisted from every
+  token response; the `grant_type=refresh_token` rotation loop implemented
+  against `{authority}/oauth/token` (router ≥1.6.0) with single-flight
+  dedupe; pre-expiry background refresh (48h window) on `restore()`;
+  401 → refresh-then-retry-once on every BAS-authed call; session
+  resurrection from a durable refresh token when the BAS row is missing;
+  destructive sign-out ONLY on definitive `invalid_grant` /
+  401-after-refresh — transport/5xx/429 failures keep every token.
+- **`<BravelySignInScreen>` (D1):** the canonical login-first first screen.
+- **`<OfferSlotGrid>` (D3):** the locked 3-slot offer grid + copy factory,
+  per-app themes, viewport fit with scale-up.
+- **Install metrics (D6):** `getOrMintInstallId()` +
+  `emitAppFirstOpenedIfNeeded()`.
+- **Activation machine v1.1.0:** `user_skipped` removed in lockstep with
+  `bravely-commerce-router` (legacy event strings are a no-op).
+- **Types:** `CheckoutPlan` gains `"onetime"` (interval-true IVA Slot-1
+  token per the 2026-06-10 catalog rename); API baseline note → 1.6.0.
+- **Fix:** stale "magic-link only" comment on the email provider button
+  (password is primary per ADR 0014).
+
+### 0.3.10 — 2026-06-05
+
+- **Feature:** optional `install_id` passthrough for PHASE-2 install→account
+  reconcile. `ManagerConfig` gains an optional `installId`; the manager exposes
+  `setInstallId()` / `getInstallId()`, and threads the value onto both legs of
+  sign-in — the `/oauth/authorize` query (persisted to the app-auth code) and
+  the `/oauth/token` exchange body. The wire field name is `install_id`.
+  Strictly additive: with no `install_id`, the authorize URL and token body are
+  byte-identical to prior releases (asserted by an equality test). Server-side
+  persistence/reconcile already live in the commerce router; this release only
+  emits the field.
+
 ### 0.3.9 — 2026-06-03
 
 - **Feature:** added an optional host-injected `log` seam to `ManagerConfig`

package/dist/ActivationStateMachine.d.ts

@@ -1,6 +1,6 @@
 import type { ActivationState, ActivationStateName } from "./types.js";
 /** Canonical event names accepted by `transition()`. */
-export type ActivationEvent = "app_launched" | "app_launched_no_session" | "bas_found" | "bas_missing" | "bas_invalid" | "entitlement_check_success_pro" | "entitlement_check_success_none" | "entitlement_check_failure" | "checkout_completed" | "activation_polled_active" | "activation_polled_inactive" | "activation_timed_out" | "user_signed_in" | "user_skipped" | "user_clicked_retry";
+export type ActivationEvent = "app_launched" | "app_launched_no_session" | "bas_found" | "bas_missing" | "bas_invalid" | "entitlement_check_success_pro" | "entitlement_check_success_none" | "entitlement_check_failure" | "checkout_completed" | "activation_polled_active" | "activation_polled_inactive" | "activation_timed_out" | "user_signed_in" | "user_clicked_retry";
 interface TransitionContext {
     bas_present?: boolean;
     entitlement_cache_present?: boolean;

package/dist/ActivationStateMachine.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ActivationStateMachine.d.ts","sourceRoot":"","sources":["../src/ActivationStateMachine.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAEvE,wDAAwD;AACxD,MAAM,MAAM,eAAe,GACvB,cAAc,GACd,yBAAyB,GACzB,WAAW,GACX,aAAa,GACb,aAAa,GACb,+BAA+B,GAC/B,gCAAgC,GAChC,2BAA2B,GAC3B,oBAAoB,GACpB,0BAA0B,GAC1B,4BAA4B,GAC5B,sBAAsB,GACtB,gBAAgB,GAChB,cAAc,GACd,oBAAoB,CAAC;AAEzB,UAAU,iBAAiB;IACzB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,yBAAyB,CAAC,EAAE,OAAO,CAAC;CACrC;AAED,KAAK,iBAAiB,GAAG;IACvB,IAAI,EAAE,iBAAiB,CAAC;IACxB,EAAE,EAAE,mBAAmB,CAAC;IACxB,IAAI,CAAC,EAAE,mBAAmB,CAAC;CAC5B,CAAC;AAEF,KAAK,gBAAgB,GAAG,mBAAmB,GAAG,iBAAiB,CAAC;AAwDhE;;;GAGG;AACH,eAAO,MAAM,mBAAmB;;;;;CAKtB,CAAC;AAEX,4EAA4E;AAC5E,eAAO,MAAM,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAKxE,CAAC;AAEF,gEAAgE;AAChE,eAAO,MAAM,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC,CAKrF,CAAC;AAEF,qBAAa,sBAAsB;IACjC,OAAO,CAAC,KAAK,CAAkB;IAC/B,OAAO,CAAC,WAAW,CAA2C;gBAElD,OAAO,GAAE,mBAA4B;IAIjD,OAAO,IAAI,eAAe;IAI1B;;;OAGG;IACH,UAAU,CAAC,KAAK,EAAE,eAAe,EAAE,GAAG,GAAE,iBAAsB,GAAG,eAAe;IAShF,4EAA4E;IAC5E,KAAK,CAAC,IAAI,EAAE,mBAAmB,GAAG,eAAe;IAIjD,mEAAmE;IACnE,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,eAAe,KAAK,IAAI,GAAG,MAAM,IAAI;IAK3D,sDAAsD;IACtD,SAAS,IAAI,MAAM;IAInB,kCAAkC;IAClC,MAAM,CAAC,WAAW,kFAAe;IACjC,MAAM,CAAC,UAAU,2BAAe;IAEhC,OAAO,CAAC,KAAK;CAKd"}
+{"version":3,"file":"ActivationStateMachine.d.ts","sourceRoot":"","sources":["../src/ActivationStateMachine.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAEvE,wDAAwD;AACxD,MAAM,MAAM,eAAe,GACvB,cAAc,GACd,yBAAyB,GACzB,WAAW,GACX,aAAa,GACb,aAAa,GACb,+BAA+B,GAC/B,gCAAgC,GAChC,2BAA2B,GAC3B,oBAAoB,GACpB,0BAA0B,GAC1B,4BAA4B,GAC5B,sBAAsB,GACtB,gBAAgB,GAChB,oBAAoB,CAAC;AAEzB,UAAU,iBAAiB;IACzB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,yBAAyB,CAAC,EAAE,OAAO,CAAC;CACrC;AAED,KAAK,iBAAiB,GAAG;IACvB,IAAI,EAAE,iBAAiB,CAAC;IACxB,EAAE,EAAE,mBAAmB,CAAC;IACxB,IAAI,CAAC,EAAE,mBAAmB,CAAC;CAC5B,CAAC;AAEF,KAAK,gBAAgB,GAAG,mBAAmB,GAAG,iBAAiB,CAAC;AAuDhE;;;GAGG;AACH,eAAO,MAAM,mBAAmB;;;;;CAKtB,CAAC;AAEX,4EAA4E;AAC5E,eAAO,MAAM,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAKxE,CAAC;AAEF,gEAAgE;AAChE,eAAO,MAAM,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC,CAKrF,CAAC;AAEF,qBAAa,sBAAsB;IACjC,OAAO,CAAC,KAAK,CAAkB;IAC/B,OAAO,CAAC,WAAW,CAA2C;gBAElD,OAAO,GAAE,mBAA4B;IAIjD,OAAO,IAAI,eAAe;IAI1B;;;OAGG;IACH,UAAU,CAAC,KAAK,EAAE,eAAe,EAAE,GAAG,GAAE,iBAAsB,GAAG,eAAe;IAShF,4EAA4E;IAC5E,KAAK,CAAC,IAAI,EAAE,mBAAmB,GAAG,eAAe;IAIjD,mEAAmE;IACnE,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,eAAe,KAAK,IAAI,GAAG,MAAM,IAAI;IAK3D,sDAAsD;IACtD,SAAS,IAAI,MAAM;IAInB,kCAAkC;IAClC,MAAM,CAAC,WAAW,kFAAe;IACjC,MAAM,CAAC,UAAU,2BAAe;IAEhC,OAAO,CAAC,KAAK;CAKd"}

package/dist/ActivationStateMachine.js

@@ -1,8 +1,13 @@
-// Port of bravely-commerce-router/docs/activation-state-machine.json (v1.0.0).
+// Port of bravely-commerce-router/docs/activation-state-machine.json (v1.1.0).
 //
 // Keep aligned by hand. The canonical doc is the source of truth; this port
 // is a thin TS surface so host pages can render UI off `getActivationState()`.
 //
+// v1.1.0 (login-first cutover D1/D2): the `user_skipped` lane is REMOVED —
+// there is no skip/guest affordance; sign-in is the only way forward from
+// `pending_user_action`. A stale client firing the legacy `"user_skipped"`
+// string is a NO-OP (state unchanged), never a silent route into a free lane.
+//
 // CLAUDE.md feedback_no_etas: every state surfaces ELAPSED time, never a
 // predicted ETA. Anti-patterns from M5 enforced in the banned-phrases CI
 // check (in bravely-commerce-router); the strings here MUST match the JSON.
@@ -46,7 +51,6 @@ const TRANSITIONS = {
     },
     pending_user_action: {
         user_signed_in: "restoring_session",
-        user_skipped: "entitlement_none",
     },
     failed: {
         user_clicked_retry: "pending_user_action",

package/dist/ActivationStateMachine.js.map

@@ -1 +1 @@
-{"version":3,"file":"ActivationStateMachine.js","sourceRoot":"","sources":["../src/ActivationStateMachine.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,EAAE;AACF,4EAA4E;AAC5E,+EAA+E;AAC/E,EAAE;AACF,yEAAyE;AACzE,yEAAyE;AACzE,4EAA4E;AAmC5E,MAAM,WAAW,GAAoF;IACnG,IAAI,EAAE;QACJ,YAAY,EAAE,EAAE,IAAI,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,mBAAmB,EAAE;QACtE,uBAAuB,EAAE,EAAE,IAAI,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,qBAAqB,EAAE;KACrF;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,uBAAuB;QAClC,WAAW,EAAE,0BAA0B;QACvC,WAAW,EAAE,qBAAqB;KACnC;IACD,qBAAqB,EAAE;QACrB,6BAA6B,EAAE,yBAAyB;QACxD,8BAA8B,EAAE,kBAAkB;QAClD,yBAAyB,EAAE;YACzB,IAAI,EAAE,EAAE,yBAAyB,EAAE,IAAI,EAAE;YACzC,EAAE,EAAE,0BAA0B;YAC9B,IAAI,EAAE,QAAQ;SACf;KACF;IACD,wBAAwB,EAAE;QACxB,6BAA6B,EAAE,yBAAyB;QACxD,8BAA8B,EAAE,kBAAkB;QAClD,yBAAyB,EAAE,0BAA0B;KACtD;IACD,uBAAuB,EAAE,EAAE;IAC3B,gBAAgB,EAAE;QAChB,kBAAkB,EAAE,0BAA0B;KAC/C;IACD,wBAAwB,EAAE;QACxB,wBAAwB,EAAE,yBAAyB;QACnD,0BAA0B,EAAE,0BAA0B;QACtD,oBAAoB,EAAE,QAAQ;KAC/B;IACD,wBAAwB,EAAE;QACxB,6BAA6B,EAAE,yBAAyB;QACxD,8BAA8B,EAAE,kBAAkB;QAClD,yBAAyB,EAAE,QAAQ;KACpC;IACD,mBAAmB,EAAE;QACnB,cAAc,EAAE,mBAAmB;QACnC,YAAY,EAAE,kBAAkB;KACjC;IACD,MAAM,EAAE;QACN,kBAAkB,EAAE,qBAAqB;KAC1C;CACF,CAAC;AAEF,MAAM,WAAW,GAAG,IAAI,GAAG,CAAsB;IAC/C,mBAAmB;IACnB,uBAAuB;IACvB,0BAA0B;IAC1B,0BAA0B;CAC3B,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,UAAU,EAAE,EAAE;IACd,gBAAgB,EAAE,IAAI;IACtB,YAAY,EAAE,IAAI;IAClB,iBAAiB,EAAE,GAAG;CACd,CAAC;AAEX,4EAA4E;AAC5E,MAAM,CAAC,MAAM,eAAe,GAAiD;IAC3E,iBAAiB,EAAE,IAAI;IACvB,qBAAqB,EAAE,IAAI;IAC3B,wBAAwB,EAAE,OAAO;IACjC,wBAAwB,EAAE,MAAM;CACjC,CAAC;AAEF,gEAAgE;AAChE,MAAM,CAAC,MAAM,eAAe,GAA8D;IACxF,iBAAiB,EAAE,QAAQ;IAC3B,qBAAqB,EAAE,QAAQ;IAC/B,wBAAwB,EAAE,QAAQ;IAClC,wBAAwB,EAAE,QAAQ;CACnC,CAAC;AAEF,MAAM,OAAO,sBAAsB;IACzB,KAAK,CAAkB;IACvB,WAAW,GAAG,IAAI,GAAG,EAAgC,CAAC;IAE9D,YAAY,UAA+B,MAAM;QAC/C,IAAI,CAAC,KAAK,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IACxF,CAAC;IAED,OAAO;QACL,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,KAAsB,EAAE,MAAyB,EAAE;QAC5D,MAAM,SAAS,GAAG,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAChC,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ;QAC5C,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACxC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,4EAA4E;IAC5E,KAAK,CAAC,IAAyB;QAC7B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,mEAAmE;IACnE,aAAa,CAAC,EAAgC;QAC5C,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACzB,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,sDAAsD;IACtD,SAAS;QACP,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;IACrD,CAAC;IAED,kCAAkC;IAClC,MAAM,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,MAAM,CAAC,UAAU,GAAG,WAAW,CAAC;IAExB,KAAK,CAAC,IAAyB;QACrC,IAAI,CAAC,KAAK,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1E,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,WAAW;YAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IACxB,CAAC;;AAGH,SAAS,aAAa,CAAC,MAAwB,EAAE,GAAsB;IACrE,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC;IAC9C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QACjD,IAAI,GAAG,CAAC,CAA4B,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,OAAO,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC,EAAE,CAAC;AACnB,CAAC"}
+{"version":3,"file":"ActivationStateMachine.js","sourceRoot":"","sources":["../src/ActivationStateMachine.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,EAAE;AACF,4EAA4E;AAC5E,+EAA+E;AAC/E,EAAE;AACF,2EAA2E;AAC3E,0EAA0E;AAC1E,2EAA2E;AAC3E,8EAA8E;AAC9E,EAAE;AACF,yEAAyE;AACzE,yEAAyE;AACzE,4EAA4E;AAkC5E,MAAM,WAAW,GAAoF;IACnG,IAAI,EAAE;QACJ,YAAY,EAAE,EAAE,IAAI,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,mBAAmB,EAAE;QACtE,uBAAuB,EAAE,EAAE,IAAI,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,qBAAqB,EAAE;KACrF;IACD,iBAAiB,EAAE;QACjB,SAAS,EAAE,uBAAuB;QAClC,WAAW,EAAE,0BAA0B;QACvC,WAAW,EAAE,qBAAqB;KACnC;IACD,qBAAqB,EAAE;QACrB,6BAA6B,EAAE,yBAAyB;QACxD,8BAA8B,EAAE,kBAAkB;QAClD,yBAAyB,EAAE;YACzB,IAAI,EAAE,EAAE,yBAAyB,EAAE,IAAI,EAAE;YACzC,EAAE,EAAE,0BAA0B;YAC9B,IAAI,EAAE,QAAQ;SACf;KACF;IACD,wBAAwB,EAAE;QACxB,6BAA6B,EAAE,yBAAyB;QACxD,8BAA8B,EAAE,kBAAkB;QAClD,yBAAyB,EAAE,0BAA0B;KACtD;IACD,uBAAuB,EAAE,EAAE;IAC3B,gBAAgB,EAAE;QAChB,kBAAkB,EAAE,0BAA0B;KAC/C;IACD,wBAAwB,EAAE;QACxB,wBAAwB,EAAE,yBAAyB;QACnD,0BAA0B,EAAE,0BAA0B;QACtD,oBAAoB,EAAE,QAAQ;KAC/B;IACD,wBAAwB,EAAE;QACxB,6BAA6B,EAAE,yBAAyB;QACxD,8BAA8B,EAAE,kBAAkB;QAClD,yBAAyB,EAAE,QAAQ;KACpC;IACD,mBAAmB,EAAE;QACnB,cAAc,EAAE,mBAAmB;KACpC;IACD,MAAM,EAAE;QACN,kBAAkB,EAAE,qBAAqB;KAC1C;CACF,CAAC;AAEF,MAAM,WAAW,GAAG,IAAI,GAAG,CAAsB;IAC/C,mBAAmB;IACnB,uBAAuB;IACvB,0BAA0B;IAC1B,0BAA0B;CAC3B,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,UAAU,EAAE,EAAE;IACd,gBAAgB,EAAE,IAAI;IACtB,YAAY,EAAE,IAAI;IAClB,iBAAiB,EAAE,GAAG;CACd,CAAC;AAEX,4EAA4E;AAC5E,MAAM,CAAC,MAAM,eAAe,GAAiD;IAC3E,iBAAiB,EAAE,IAAI;IACvB,qBAAqB,EAAE,IAAI;IAC3B,wBAAwB,EAAE,OAAO;IACjC,wBAAwB,EAAE,MAAM;CACjC,CAAC;AAEF,gEAAgE;AAChE,MAAM,CAAC,MAAM,eAAe,GAA8D;IACxF,iBAAiB,EAAE,QAAQ;IAC3B,qBAAqB,EAAE,QAAQ;IAC/B,wBAAwB,EAAE,QAAQ;IAClC,wBAAwB,EAAE,QAAQ;CACnC,CAAC;AAEF,MAAM,OAAO,sBAAsB;IACzB,KAAK,CAAkB;IACvB,WAAW,GAAG,IAAI,GAAG,EAAgC,CAAC;IAE9D,YAAY,UAA+B,MAAM;QAC/C,IAAI,CAAC,KAAK,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;IACxF,CAAC;IAED,OAAO;QACL,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,KAAsB,EAAE,MAAyB,EAAE;QAC5D,MAAM,SAAS,GAAG,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAChC,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ;QAC5C,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACxC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,4EAA4E;IAC5E,KAAK,CAAC,IAAyB;QAC7B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,mEAAmE;IACnE,aAAa,CAAC,EAAgC;QAC5C,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACzB,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,sDAAsD;IACtD,SAAS;QACP,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;IACrD,CAAC;IAED,kCAAkC;IAClC,MAAM,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,MAAM,CAAC,UAAU,GAAG,WAAW,CAAC;IAExB,KAAK,CAAC,IAAyB;QACrC,IAAI,CAAC,KAAK,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1E,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,WAAW;YAAE,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IACxB,CAAC;;AAGH,SAAS,aAAa,CAAC,MAAwB,EAAE,GAAsB;IACrE,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC;IAC9C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QACjD,IAAI,GAAG,CAAC,CAA4B,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,OAAO,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC,EAAE,CAAC;AACnB,CAAC"}

package/dist/BravelyAccountManager.d.ts

@@ -15,6 +15,24 @@ export type ActivationResult = {
 } | {
     outcome: "not_signed_in";
 };
+/**
+ * Proactive refresh window (D4): when the BAS has less than this much life
+ * left (or is already past `expires_at`), the manager rotates the session in
+ * the background via `grant_type=refresh_token` instead of waiting for a 401.
+ * BAS access tokens live 14 days; 48h is comfortably inside that while still
+ * rotating well before expiry for any returning visitor.
+ */
+export declare const PRE_EXPIRY_REFRESH_WINDOW_MS: number;
+/**
+ * Outcome of a `grant_type=refresh_token` rotation attempt.
+ *
+ *  - `refreshed`          — new BAS + rotated refresh token persisted.
+ *  - `no_refresh_token`   — nothing to present (legacy session or never granted).
+ *  - `definitive_failure` — server said `invalid_grant` (rotation/reuse/revoked)
+ *                           or 401; the local session has been cleared.
+ *  - `transient_failure`  — network / 5xx / 429; session and tokens KEPT.
+ */
+export type RefreshOutcome = "refreshed" | "no_refresh_token" | "definitive_failure" | "transient_failure";
 type StateListener = (state: BravelyAccountState) => void;
 export declare class BravelyAccountManager {
     private readonly cfg;
@@ -33,6 +51,23 @@ export declare class BravelyAccountManager {
     private libVersionPolicy;
     private dpopKeypairPromise;
     private dpopJktThumbprint;
+    /**
+     * PHASE-2 install→account reconciliation id (optional). When set, it is
+     * forwarded as `install_id` on BOTH the OAuth authorize URL and the
+     * `/oauth/token` exchange so the auth server can reconcile the install onto
+     * the resolved `ba_id`. `null` ⇒ nothing is sent and both legs stay
+     * byte-identical to the pre-`install_id` flow. Settable post-construction
+     * via `setInstallId()` because the host often learns the id asynchronously
+     * (e.g. after reading it from native bridge / first-launch storage).
+     */
+    private installId;
+    /**
+     * Single-flight guard for the refresh grant: concurrent 401s / proactive
+     * refreshes join the in-flight rotation instead of racing the one-time-use
+     * refresh token (a second concurrent presentation of the same token would
+     * trip the server's family reuse detection and revoke the session).
+     */
+    private refreshInFlight;
     constructor(config: ManagerConfig);
     /**
      * Return the current state. The returned reference is **stable across
@@ -55,10 +90,34 @@ export declare class BravelyAccountManager {
     onStateChange(cb: StateListener): () => void;
     getActivationState(): ActivationState;
     getLibVersionPolicy(): LibVersionPolicy | null;
+    /**
+     * Set (or clear) the PHASE-2 install→account reconciliation id. Idempotent.
+     * Pass the per-install identifier the native client minted at
+     * `app_first_opened`; the manager forwards it as `install_id` on the next
+     * OAuth authorize redirect AND on the token exchange, so the auth server's
+     * existing reconcile path can stamp the resolved `ba_id` onto that install.
+     *
+     * Pass `undefined`/`null`/empty to clear it — after which the flow is again
+     * byte-identical to the pre-`install_id` behavior (no param sent). Purely
+     * additive: existing consumers that never call this send no `install_id`.
+     */
+    setInstallId(installId: string | null | undefined): void;
+    /** Current install→account reconciliation id, or `null` if none is set. */
+    getInstallId(): string | null;
     /**
      * Hydrate from persistent storage and (if a BAS is present) verify it
      * against the identity API. Call once on page load before rendering UI
      * that depends on `getState()`.
+     *
+     * D4 session-forever behavior:
+     *   - A stored BAS yields `signed_in` immediately (cache-backed); the
+     *     entitlement check runs in the background. Transport failures NEVER
+     *     wipe tokens or flip the state to signed_out.
+     *   - A BAS near/past `expires_at` triggers a background refresh-grant
+     *     rotation (`PRE_EXPIRY_REFRESH_WINDOW_MS`).
+     *   - No BAS but a stored refresh token → the session is resurrected via
+     *     `grant_type=refresh_token` before giving up (sessions survive even
+     *     if the access token row was lost).
      */
     restore(): Promise<BravelyAccountState>;
     /**
@@ -90,6 +149,14 @@ export declare class BravelyAccountManager {
     }): Promise<BravelyAccountState>;
     /** Sign out: drop local state. Server-side revoke is best-effort. */
     signOut(): Promise<void>;
+    /**
+     * Drop every locally-persisted session artifact and flip to `signed_out`.
+     * The DESTRUCTIVE half of sign-out — only ever called from explicit user
+     * sign-out or a DEFINITIVE auth failure (`invalid_grant` on the refresh
+     * grant, or a 401 that survived a successful refresh-and-retry). Transport
+     * failures must never reach this.
+     */
+    private clearLocalSession;
     /**
      * Read entitlements, serving the cached row if fresh and refreshing
      * opportunistically. Always returns an array (possibly empty).
@@ -138,8 +205,9 @@ export declare class BravelyAccountManager {
      * introduced in the Mac/iOS v2 onboarding port.
      *
      * Throws if the user is not signed in (`not_signed_in`) or if the server
-     * returns a non-2xx status. 401 is surfaced as a sign-out (matching the
-     * pattern in `refreshEntitlements`).
+     * returns a non-2xx status. A definitive 401 (refresh-and-retry exhausted)
+     * is surfaced as `not_signed_in`; a 401 riding a transient refresh failure
+     * keeps the session and throws a plain request failure.
      */
     getAccountEntitlements(): Promise<AccountEntitlements>;
     /**
@@ -163,15 +231,77 @@ export declare class BravelyAccountManager {
      */
     pollForActivation(): Promise<ActivationResult>;
     private completeAuthorization;
+    /**
+     * Persist the token + identity rows shared by the sign-in and refresh
+     * legs (BAS, rotated refresh token, ba_id, email, expires_at, lib version
+     * policy). Returns the inline entitlement snapshot.
+     */
+    private persistSessionCore;
     private persistToken;
+    /**
+     * Persist a `grant_type=refresh_token` rotation result. Differs from the
+     * sign-in leg deliberately:
+     *   - The inline entitlement snapshot is best-effort on the server (an RC
+     *     hiccup yields `[]` so rotation never fails) — so an EMPTY snapshot
+     *     must not downgrade the 72h offline cache mid-session. Non-empty
+     *     snapshots update cache + state; empty ones leave the authoritative
+     *     `/api/entitlements` check (which runs on every restore) in charge.
+     *   - No `entitlement_check_*` activation events are fired here for the
+     *     same reason; only `bas_found` advances the restore lane.
+     */
+    private persistRefreshedToken;
+    /**
+     * True when the stored BAS is inside the proactive-refresh window (or past
+     * expiry). Unknown expiry (legacy rows) ⇒ false — the 401-retry path
+     * covers those sessions.
+     */
+    private shouldProactivelyRefresh;
+    /**
+     * Rotate the session via `POST {authority}/oauth/token` with
+     * `grant_type=refresh_token` (router ≥1.6.0). Single-flight: concurrent
+     * callers join the in-flight rotation (the refresh token is one-time-use;
+     * racing it would trip server-side reuse detection).
+     *
+     * Cross-TAB races are handled by two layers: (a) where available, a Web
+     * Lock (`bravely:session_refresh:<slug>`) serializes rotations across tabs
+     * sharing the same IndexedDB token; (b) the token is re-read inside the
+     * critical section, and if another tab already rotated (stored BAS changed
+     * while we waited) the rotation is skipped. Browsers without Web Locks
+     * fall back to the server's 30s idempotent-retry grace for near-
+     * simultaneous presentations of the same token.
+     *
+     * Destructive ONLY on a definitive rejection (`invalid_grant` / 401):
+     * transport failures, 5xx, and 429 keep every token in place.
+     */
+    private refreshSession;
+    private refreshSessionCrossTab;
+    private doRefreshSession;
     private refreshEntitlements;
     /**
      * Gate 1 compatibility path: keep `Authorization: Bearer <bas>` because
      * the current router accepts Bearer on shared BAS endpoints, but attach a
      * real RFC 9449 proof in the `DPoP` header so Gate 2 traffic is already
      * exercising proof generation.
+     *
+     * D4 401 handling — refresh-then-retry-once: a 401 triggers ONE refresh
+     * grant; on success the request is retried with the new BAS. Destructive
+     * sign-out happens ONLY when the failure is definitive:
+     *   - the refresh grant itself was rejected (`invalid_grant`/401), or
+     *   - there is no refresh token to present, or
+     *   - the retried request STILL came back 401 after a successful refresh.
+     * A transient refresh failure (offline/5xx/429) returns the original 401
+     * response WITHOUT touching the stored session — callers must treat a 401
+     * with the session still present as a transient failure (serve cache).
      */
     private fetchWithBas;
+    /**
+     * True when a 401 response should be treated as a signed-out verdict:
+     * `fetchWithBas` has already run the refresh-then-retry dance and cleared
+     * local storage iff the failure was definitive. If the BAS row is still
+     * present, the 401 rode a TRANSIENT refresh failure — the session is kept
+     * and callers must degrade gracefully (serve cache) instead of signing out.
+     */
+    private sessionWasCleared;
     private dpopProof;
     private getDpopKeypair;
     /** Fetch wrapper that processes the `Bravely-Deprecation` header on every response. */

package/dist/BravelyAccountManager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"BravelyAccountManager.d.ts","sourceRoot":"","sources":["../src/BravelyAccountManager.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EACV,mBAAmB,EACnB,aAAa,EACb,WAAW,EAEX,mBAAmB,EACnB,YAAY,EACZ,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAGjB,MAAM,YAAY,CAAC;AACpB,OAAO,EAA8B,KAAK,YAAY,EAAE,MAAM,YAAY,CAAC;AAK3E,OAAO,EAEL,wBAAwB,EACxB,UAAU,EACX,MAAM,kBAAkB,CAAC;AAE1B,4EAA4E;AAC5E,MAAM,MAAM,gBAAgB,GACxB;IAAE,OAAO,EAAE,QAAQ,CAAC;IAAC,YAAY,EAAE,WAAW,EAAE,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GACpE;IAAE,OAAO,EAAE,SAAS,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GACxC;IAAE,OAAO,EAAE,WAAW,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,OAAO,EAAE,eAAe,CAAA;CAAE,CAAC;AAgBjC,KAAK,aAAa,GAAG,CAAC,KAAK,EAAE,mBAAmB,KAAK,IAAI,CAAC;AAE1D,qBAAa,qBAAqB;IAChC,OAAO,CAAC,QAAQ,CAAC,GAAG,CACmF;IACvG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAClC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAmB;IACzC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAyB;IACpD;;;;;OAKG;IACH,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAwD;IAC5E,OAAO,CAAC,KAAK,CAA+C;IAC5D,OAAO,CAAC,SAAS,CAA4B;IAC7C,OAAO,CAAC,gBAAgB,CAAiC;IACzD,OAAO,CAAC,kBAAkB,CAA4C;IACtE,OAAO,CAAC,iBAAiB,CAAuB;gBAEpC,MAAM,EAAE,aAAa;IA+BjC;;;;;;;;;;;;;;;;OAgBG;IACH,QAAQ,IAAI,mBAAmB;IAI/B,aAAa,CAAC,EAAE,EAAE,aAAa,GAAG,MAAM,IAAI;IAK5C,kBAAkB,IAAI,eAAe;IAIrC,mBAAmB,IAAI,gBAAgB,GAAG,IAAI;IAI9C;;;;OAIG;IACG,OAAO,IAAI,OAAO,CAAC,mBAAmB,CAAC;IA4B7C;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACG,MAAM,CAAC,IAAI,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,YAAY,CAAA;KAAO,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA8BtG,qEAAqE;IAC/D,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IA+B9B;;;OAGG;IACG,eAAe,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;IAU/C,qEAAqE;IAC/D,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKzD,4EAA4E;IACtE,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC;IAYxC;;;;;;;OAOG;IACG,YAAY,CAAC,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBrD;;;;OAIG;IACG,yBAAyB,IAAI,OAAO,CAAC,mBAAmB,CAAC;IAW/D,gEAAgE;IAChE,uBAAuB,IAAI,IAAI;IAI/B;;;;;;;;;;OAUG;IACH,oBAAoB,IAAI,WAAW,EAAE;IAMrC;;;;;;;;;;;;OAYG;IACG,sBAAsB,IAAI,OAAO,CAAC,mBAAmB,CAAC;IAe5D;;;;;;;;;;;;;;;;;;OAkBG;IACG,iBAAiB,IAAI,OAAO,CAAC,gBAAgB,CAAC;YAqFtC,qBAAqB;YAoCrB,YAAY;YA4BZ,mBAAmB;IA6DjC;;;;;OAKG;YACW,YAAY;YASZ,SAAS;YAgBT,cAAc;IAmB5B,uFAAuF;YACzE,oBAAoB;YAkCpB,UAAU;IAMxB;;;;;;;;;;;OAWG;IACH,OAAO,CAAC,QAAQ;CAMjB;AA4CD,OAAO,EAAE,wBAAwB,EAAE,UAAU,EAAE,CAAC"}
+{"version":3,"file":"BravelyAccountManager.d.ts","sourceRoot":"","sources":["../src/BravelyAccountManager.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EACV,mBAAmB,EACnB,aAAa,EACb,WAAW,EAEX,mBAAmB,EACnB,YAAY,EACZ,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAGjB,MAAM,YAAY,CAAC;AACpB,OAAO,EAA8B,KAAK,YAAY,EAAE,MAAM,YAAY,CAAC;AAK3E,OAAO,EAEL,wBAAwB,EACxB,UAAU,EACX,MAAM,kBAAkB,CAAC;AAE1B,4EAA4E;AAC5E,MAAM,MAAM,gBAAgB,GACxB;IAAE,OAAO,EAAE,QAAQ,CAAC;IAAC,YAAY,EAAE,WAAW,EAAE,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GACpE;IAAE,OAAO,EAAE,SAAS,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GACxC;IAAE,OAAO,EAAE,WAAW,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAC1C;IAAE,OAAO,EAAE,eAAe,CAAA;CAAE,CAAC;AAiBjC;;;;;;GAMG;AACH,eAAO,MAAM,4BAA4B,QAAsB,CAAC;AAEhE;;;;;;;;GAQG;AACH,MAAM,MAAM,cAAc,GACtB,WAAW,GACX,kBAAkB,GAClB,oBAAoB,GACpB,mBAAmB,CAAC;AAExB,KAAK,aAAa,GAAG,CAAC,KAAK,EAAE,mBAAmB,KAAK,IAAI,CAAC;AAE1D,qBAAa,qBAAqB;IAChC,OAAO,CAAC,QAAQ,CAAC,GAAG,CACmF;IACvG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAClC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAmB;IACzC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAyB;IACpD;;;;;OAKG;IACH,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAwD;IAC5E,OAAO,CAAC,KAAK,CAA+C;IAC5D,OAAO,CAAC,SAAS,CAA4B;IAC7C,OAAO,CAAC,gBAAgB,CAAiC;IACzD,OAAO,CAAC,kBAAkB,CAA4C;IACtE,OAAO,CAAC,iBAAiB,CAAuB;IAChD;;;;;;;;OAQG;IACH,OAAO,CAAC,SAAS,CAAuB;IACxC;;;;;OAKG;IACH,OAAO,CAAC,eAAe,CAAwC;gBAEnD,MAAM,EAAE,aAAa;IAmCjC;;;;;;;;;;;;;;;;OAgBG;IACH,QAAQ,IAAI,mBAAmB;IAI/B,aAAa,CAAC,EAAE,EAAE,aAAa,GAAG,MAAM,IAAI;IAK5C,kBAAkB,IAAI,eAAe;IAIrC,mBAAmB,IAAI,gBAAgB,GAAG,IAAI;IAI9C;;;;;;;;;;OAUG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,IAAI;IAIxD,2EAA2E;IAC3E,YAAY,IAAI,MAAM,GAAG,IAAI;IAI7B;;;;;;;;;;;;;;OAcG;IACG,OAAO,IAAI,OAAO,CAAC,mBAAmB,CAAC;IAqD7C;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACG,MAAM,CAAC,IAAI,GAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,YAAY,CAAA;KAAO,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAgCtG,qEAAqE;IAC/D,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAgD9B;;;;;;OAMG;YACW,iBAAiB;IAa/B;;;OAGG;IACG,eAAe,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;IAU/C,qEAAqE;IAC/D,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKzD,4EAA4E;IACtE,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC;IAYxC;;;;;;;OAOG;IACG,YAAY,CAAC,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBrD;;;;OAIG;IACG,yBAAyB,IAAI,OAAO,CAAC,mBAAmB,CAAC;IAW/D,gEAAgE;IAChE,uBAAuB,IAAI,IAAI;IAI/B;;;;;;;;;;OAUG;IACH,oBAAoB,IAAI,WAAW,EAAE;IAMrC;;;;;;;;;;;;;OAaG;IACG,sBAAsB,IAAI,OAAO,CAAC,mBAAmB,CAAC;IAkB5D;;;;;;;;;;;;;;;;;;OAkBG;IACG,iBAAiB,IAAI,OAAO,CAAC,gBAAgB,CAAC;YAyFtC,qBAAqB;IAyCnC;;;;OAIG;YACW,kBAAkB;YAqBlB,YAAY;IAmB1B;;;;;;;;;;OAUG;YACW,qBAAqB;IA+BnC;;;;OAIG;YACW,wBAAwB;IAQtC;;;;;;;;;;;;;;;;OAgBG;IACH,OAAO,CAAC,cAAc;YASR,sBAAsB;YAgCtB,gBAAgB;YAyDhB,mBAAmB;IA0EjC;;;;;;;;;;;;;;;OAeG;YACW,YAAY;IA6C1B;;;;;;OAMG;YACW,iBAAiB;YAIjB,SAAS;YAgBT,cAAc;IAmB5B,uFAAuF;YACzE,oBAAoB;YAkCpB,UAAU;IAMxB;;;;;;;;;;;OAWG;IACH,OAAO,CAAC,QAAQ;CAMjB;AAwDD,OAAO,EAAE,wBAAwB,EAAE,UAAU,EAAE,CAAC"}