npm - @descope/core-js-sdk - Versions diffs - 2.59.0 → 2.59.1 - Mend

@descope/core-js-sdk 2.59.0 → 2.59.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/cjs/index.cjs.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.cjs.js","sources":["../../src/constants/apiPaths.ts","../../src/constants/index.ts","../../src/httpClient/helpers/createFetchLogger.ts","../../src/httpClient/helpers/getClientSessionId.ts","../../src/httpClient/types.ts","../../src/httpClient/urlBuilder.ts","../../src/httpClient/utils.ts","../../src/httpClient/index.ts","../../src/httpClient/helpers/index.ts","../../src/constants/httpStatusCodes.ts","../../src/sdk/helpers/index.ts","../../src/sdk/validations/core.ts","../../src/sdk/validations/validators.ts","../../src/sdk/validations/index.ts","../../src/sdk/accesskey.ts","../../src/utils/utils.ts","../../src/sdk/types.ts","../../src/sdk/enchantedLink/validations.ts","../../src/sdk/enchantedLink/index.ts","../../src/sdk/flow/index.ts","../../src/sdk/magicLink/validations.ts","../../src/sdk/magicLink/index.ts","../../src/sdk/oauth/types.ts","../../src/sdk/oauth/index.ts","../../src/sdk/outbound/validations.ts","../../src/sdk/outbound/index.ts","../../src/sdk/otp/index.ts","../../src/sdk/saml.ts","../../src/sdk/totp.ts","../../src/sdk/password/validations.ts","../../src/sdk/password/index.ts","../../src/sdk/webauthn.ts","../../src/sdk/notp/index.ts","../../src/sdk/index.ts","../../src/createSdk.ts","../../src/index.ts","../../src/utils/wrapWith/index.ts"],"sourcesContent":["/** API paths for the Descope service APIs /\nexport default {\n accessKey: {\n exchange: '/v1/auth/accesskey/exchange',\n },\n otp: {\n verify: '/v1/auth/otp/verify',\n signIn: '/v1/auth/otp/signin',\n signUp: '/v1/auth/otp/signup',\n update: {\n email: '/v1/auth/otp/update/email',\n phone: '/v1/auth/otp/update/phone',\n },\n signUpOrIn: '/v1/auth/otp/signup-in',\n },\n magicLink: {\n verify: '/v1/auth/magiclink/verify',\n signIn: '/v1/auth/magiclink/signin',\n signUp: '/v1/auth/magiclink/signup',\n update: {\n email: '/v1/auth/magiclink/update/email',\n phone: '/v1/auth/magiclink/update/phone',\n },\n signUpOrIn: '/v1/auth/magiclink/signup-in',\n },\n enchantedLink: {\n verify: '/v1/auth/enchantedlink/verify',\n signIn: '/v1/auth/enchantedlink/signin',\n signUp: '/v1/auth/enchantedlink/signup',\n session: '/v1/auth/enchantedlink/pending-session',\n update: {\n email: '/v1/auth/enchantedlink/update/email',\n },\n signUpOrIn: '/v1/auth/enchantedlink/signup-in',\n },\n oauth: {\n start: '/v1/auth/oauth/authorize',\n exchange: '/v1/auth/oauth/exchange',\n startNative: 'v1/auth/oauth/native/start',\n finishNative: 'v1/auth/oauth/native/finish',\n oneTap: {\n getOneTapClientId: '/v1/auth/onetap/clientid/{provider}',\n exchangeOneTapIDToken: '/v1/auth/onetap/idtoken/exchange',\n verifyOneTapIDToken: '/v1/auth/onetap/idtoken/verify',\n },\n },\n outbound: {\n connect: '/v1/outbound/oauth/connect',\n },\n saml: {\n start: '/v1/auth/saml/authorize',\n exchange: '/v1/auth/saml/exchange',\n },\n totp: {\n verify: '/v1/auth/totp/verify',\n signUp: '/v1/auth/totp/signup',\n update: '/v1/auth/totp/update',\n },\n notp: {\n signIn: '/v1/auth/notp/whatsapp/signin',\n signUp: '/v1/auth/notp/whatsapp/signup',\n signUpOrIn: '/v1/auth/notp/whatsapp/signup-in',\n session: '/v1/auth/notp/pending-session',\n },\n webauthn: {\n signUp: {\n start: '/v1/auth/webauthn/signup/start',\n finish: '/v1/auth/webauthn/signup/finish',\n },\n signIn: {\n start: '/v1/auth/webauthn/signin/start',\n finish: '/v1/auth/webauthn/signin/finish',\n },\n signUpOrIn: {\n start: '/v1/auth/webauthn/signup-in/start',\n },\n update: {\n start: 'v1/auth/webauthn/update/start',\n finish: '/v1/auth/webauthn/update/finish',\n },\n },\n password: {\n signUp: '/v1/auth/password/signup',\n signIn: '/v1/auth/password/signin',\n sendReset: '/v1/auth/password/reset',\n update: '/v1/auth/password/update',\n replace: '/v1/auth/password/replace',\n policy: '/v1/auth/password/policy',\n },\n // NOTE: When adding routes that validate session state (like refresh, me, etc.),\n // consider adding them to SESSION_VALIDATION_ROUTES in web-js-sdk/src/enhancers/helpers/index.ts\n // These routes trigger logout/clear tokens on failure, unlike OTP routes that may fail for invalid input\n refresh: '/v1/auth/refresh',\n tryRefresh: '/v1/auth/try-refresh',\n selectTenant: '/v1/auth/tenant/select',\n logout: '/v1/auth/logout',\n logoutAll: '/v1/auth/logoutall',\n me: '/v1/auth/me',\n myTenants: '/v1/auth/me/tenants',\n history: '/v1/auth/me/history',\n flow: {\n start: '/v2/flow/start',\n next: '/v2/flow/next',\n },\n};\n","/* Default Descope API URL /\nexport const BASE_URL_REGION_PLACEHOLDER = '<region>';\nexport const DEFAULT_BASE_API_URL = `https://api.${BASE_URL_REGION_PLACEHOLDER}descope.com`;\n\n/* Default magic link polling interval for checking if the user clicked on the magic-link/enchanted-link/notp /\nexport const MIN_POLLING_INTERVAL_MS = 1000; // 1 second\n/* Default maximum time we are willing to wait for the magic-link/enchanted-link/notp to be clicked /\nexport const MAX_POLLING_TIMEOUT_MS = 1000 60 * 10; // 10 minutes\n\n/** Descope current tenant claim /\nexport const DESCOPE_CURRENT_TENANT_CLAIM = 'dct';\n\n/* API paths to the Descope service /\nexport { default as apiPaths } from './apiPaths';\n","import { Logger } from '../../sdk/types';\nimport { Fetch } from '../types';\n\n/* Build a log message around HTTP calls /\nconst httpLogBuilder = () => {\n const msg: {\n Title?: string;\n Url?: string;\n Method?: string;\n Headers?: string;\n Body?: string;\n Status?: string;\n Retries?: number;\n } = {};\n\n return {\n headers(headers: HeadersInit) {\n const headersObj =\n typeof headers.entries === 'function'\n ? Object.fromEntries(headers.entries())\n : headers;\n msg.Headers = JSON.stringify(headersObj);\n\n return this;\n },\n\n body(body: string) {\n msg.Body = body;\n return this;\n },\n\n url(url: URL \| string) {\n msg.Url = url.toString();\n return this;\n },\n\n method(method: string) {\n msg.Method = method;\n return this;\n },\n\n title(title: string) {\n msg.Title = title;\n return this;\n },\n\n status(status: string) {\n msg.Status = status;\n return this;\n },\n\n retries(retries: number) {\n msg.Retries = retries;\n return this;\n },\n\n build() {\n return Object.keys(msg)\n .flatMap((key) =>\n msg[key] ? [`${key !== 'Title' ? `${key}: ` : ''}${msg[key]}`] : [],\n )\n .join('\\n');\n },\n };\n};\n\n/* Log the request object /\nconst buildRequestLog = (args: Parameters<Fetch>) =>\n httpLogBuilder()\n .title('Request')\n .url(args[0])\n .method(args[1].method)\n .headers(args[1].headers)\n .body(args[1].body)\n .build();\n\n// we should retry on these status codes:\n// 503: Service Unavailable\n// 521: Web Server Is Down (Cloudflare error)\n// 522: Connection Timed Out (Cloudflare error)\n// 524: A Timeout Occurred (Cloudflare error)\n// 530: Cloudflare error\nconst retryStatusCodes = [503, 521, 522, 524, 530];\n\n// Retry delays in ms: first retry after 100ms, subsequent retries after 5000ms\nconst retryDelaysMs = [100, 5000, 5000];\n\nconst sleep = (ms: number) =>\n new Promise<void>((resolve) => setTimeout(resolve, ms));\n\n/* Log the response object /\nconst buildResponseLog = async (resp: Response & { retries?: number }) => {\n const respBody = await resp.text();\n\n return httpLogBuilder()\n .title('Response')\n .url(resp.url.toString())\n .status(`${resp.status} ${resp.statusText}`)\n .headers(resp.headers)\n .body(respBody)\n .retries(resp.retries)\n .build();\n};\n\nconst fetchWrapper =\n (fetch: Fetch) =>\n async (...args: Parameters<Fetch>) => {\n let resp: Response & { retries?: number } = await fetch(...args);\n\n let retries = 0;\n while (\n retryStatusCodes.includes(resp.status) &&\n retries < retryDelaysMs.length\n ) {\n await sleep(retryDelaysMs[retries]);\n resp = await fetch(...args);\n retries++;\n }\n\n if (retries > 0) {\n resp.retries = retries;\n }\n\n // we found out that cloning the response is problematic when using node fetch\n // so instead, we are reading the body stream once and overriding the clone, text & json functions\n const respText = await resp.text();\n\n resp.text = () => Promise.resolve(respText);\n resp.json = () => Promise.resolve(JSON.parse(respText));\n resp.clone = () => resp;\n\n return resp;\n };\n\n/\n Create a fetch with a logger wrapped around it if a logger is given\n * @param logger Logger to send the logs to\n * @param receivedFetch Fetch to be used or built-in fetch if not provided\n \n /\nconst createFetchLogger = (logger: Logger, receivedFetch?: Fetch) => {\n const baseFetch = receivedFetch \|\| fetch;\n if (!baseFetch)\n // eslint-disable-next-line no-console\n logger?.warn(\n 'Fetch is not defined, you will not be able to send http requests, if you are running in a test, make sure fetch is defined globally',\n );\n\n if (!logger) return fetchWrapper(baseFetch);\n return async (...args: Parameters<Fetch>) => {\n if (!baseFetch)\n throw Error(\n 'Cannot send http request, fetch is not defined, if you are running in a test, make sure fetch is defined globally',\n );\n logger.log(buildRequestLog(args));\n const resp = await fetchWrapper(baseFetch)(...args);\n\n logger[resp.ok ? 'log' : 'error'](await buildResponseLog(resp));\n\n return resp;\n };\n};\n\nexport default createFetchLogger;\n","let sessionId: string;\n\nexport const getClientSessionId = (): string => {\n if (sessionId) {\n return sessionId;\n }\n const currentDate = new Date();\n const utcString = `${currentDate.getUTCFullYear().toString()}-${(\n currentDate.getUTCMonth() + 1\n )\n .toString()\n .padStart(2, '0')}-${currentDate\n .getUTCDate()\n .toString()\n .padStart(2, '0')}-${currentDate\n .getUTCHours()\n .toString()\n .padStart(2, '0')}:${currentDate\n .getUTCMinutes()\n .toString()\n .padStart(2, '0')}:${currentDate\n .getUTCSeconds()\n .toString()\n .padStart(2, '0')}:${currentDate.getUTCMilliseconds().toString()}`;\n const randomSuffix = Math.floor(1000 + Math.random() * 9000);\n sessionId = `${utcString}-${randomSuffix}`;\n return sessionId;\n};\n","import { Logger } from '../sdk/types';\n\n/** Request configuration including headers, query params and token /\ntype HttpClientReqConfig = {\n headers?: HeadersInit;\n queryParams?: { [key: string]: string };\n token?: string;\n};\n\nexport type ExtendedResponse = Response & { cookies: Record<string, string> };\n\n/* HTTP methods we use in the client /\nexport enum HTTPMethods {\n get = 'GET',\n delete = 'DELETE',\n post = 'POST',\n put = 'PUT',\n patch = 'PATCH',\n}\n\n/* HTTP Client type that implements the HTTP method calls. Descopers can provide their own HTTP client although required only in rare cases. /\nexport type HttpClient = {\n get: (path: string, config?: HttpClientReqConfig) => Promise<Response>;\n post: (\n path: string,\n body?: any,\n config?: HttpClientReqConfig,\n ) => Promise<Response>;\n patch: (\n path: string,\n body?: any,\n config?: HttpClientReqConfig,\n ) => Promise<Response>;\n put: (\n path: string,\n body?: any,\n config?: HttpClientReqConfig,\n ) => Promise<Response>;\n delete: (path: string, config?: HttpClientReqConfig) => Promise<Response>;\n hooks?: Hooks;\n buildUrl: (path: string, queryParams?: { [key: string]: string }) => string;\n};\n\nexport type Fetch = typeof fetch;\n\n/* Parameters for the HTTP client. Defaults should work for most cases. /\nexport type CreateHttpClientConfig = {\n baseUrl?: string;\n projectId: string;\n baseConfig?: { baseHeaders: HeadersInit };\n logger?: Logger;\n hooks?: Hooks;\n cookiePolicy?: RequestCredentials \| null;\n refreshCookieName?: string;\n fetch?: Fetch;\n};\n\n/* For before-request hook allows overriding parts of the request /\nexport type RequestConfig = {\n path: string;\n headers?: HeadersInit;\n queryParams?: { [key: string]: string };\n body?: any;\n method: HTTPMethods;\n token?: string;\n};\n\nexport type BeforeRequest = (config: RequestConfig) => RequestConfig;\n\nexport type AfterRequest = (\n req: RequestConfig,\n res: Response,\n) => void \| Promise<void>;\n\n/* Hooks before and after the request is made /\nexport type Hooks = {\n beforeRequest?: BeforeRequest;\n afterRequest?: AfterRequest;\n transformResponse?: (\n mutableResponse: ExtendedResponse,\n ) => Promise<ExtendedResponse>;\n};\n\nexport type MultipleHooks = {\n beforeRequest?: BeforeRequest \| BeforeRequest[];\n afterRequest?: AfterRequest \| AfterRequest[];\n transformResponse?: (\n mutableResponse: ExtendedResponse,\n ) => Promise<ExtendedResponse>;\n};\n","import { BASE_URL_REGION_PLACEHOLDER } from '../constants';\n\n/* Build URL with given parts /\nexport const urlBuilder = ({\n path,\n baseUrl,\n queryParams,\n projectId,\n}: {\n path: string;\n baseUrl: string;\n queryParams?: { [key: string]: string };\n projectId: string;\n}) => {\n // NOTE: many URL and URLSearchParams functions and fields are NOT SUPPORTED by the react-native runtime.\n // To add insult to injury - it adds a trailing slash almost no matter what the input is:\n // https://github.com/facebook/react-native/blob/main/packages/react-native/Libraries/Blob/URL.js#L144\n // Do not replace unless testing with all of the core-dependent projects\n const region = projectId.slice(1, -27);\n baseUrl = baseUrl.replace(\n BASE_URL_REGION_PLACEHOLDER,\n region ? region + '.' : '',\n );\n // append path to base\n let url = path\n ? `${baseUrl.replace(/\\/$/, '')}/${path?.replace(/^\\//, '')}`\n : baseUrl;\n\n // add query params if given\n if (queryParams) {\n const keys = Object.keys(queryParams);\n keys.forEach((key: string, index: number) => {\n url = `${url}${index === 0 ? '?' : ''}${key}=${encodeURIComponent(\n queryParams[key],\n )}${index === keys.length - 1 ? '' : '&'}`;\n });\n }\n\n return url;\n};\n","/ eslint-disable no-nested-ternary /\n\ntype SdkHeaders = HeadersInit \| Record<string, () => string>;\n\nconst getSrcArr = (source: SdkHeaders) => {\n if (Array.isArray(source)) return source;\n if (source instanceof Headers) return Array.from(source.entries());\n if (!source) return [];\n return Object.entries(source);\n};\n\n/* Merge the given list of headers into a single Headers object /\nexport const mergeHeaders = (...sources: SdkHeaders[]) =>\n new Headers(\n sources.reduce<Record<string, string>>(\n (acc: Record<string, string>, source) => {\n getSrcArr(source).forEach(([key, value]) => {\n acc[key] = typeof value === 'function' ? value() : value;\n });\n\n return acc;\n },\n {},\n ),\n );\n\n/* Serialize the body to JSON /\nexport const serializeBody = (body: Record<string, any>) =>\n body === undefined ? undefined : JSON.stringify(body);\n","import { DEFAULT_BASE_API_URL } from '../constants';\nimport { getClientSessionId, transformSetCookie } from './helpers';\nimport createFetchLogger from './helpers/createFetchLogger';\nimport {\n AfterRequest,\n BeforeRequest,\n CreateHttpClientConfig,\n HttpClient,\n HTTPMethods,\n MultipleHooks,\n RequestConfig,\n} from './types';\nimport { urlBuilder } from './urlBuilder';\nimport { mergeHeaders, serializeBody } from './utils';\n\nconst jsonHeaders = {\n 'Content-Type': 'application/json',\n};\n\n/\n Create a Bearer authorization header with concatenated projectId and token\n * @param projectId The project id to use in the header\n * @param token Token to be concatenated. Defaults to empty.\n /\nconst createAuthorizationHeader = (\n projectId: string,\n token = '',\n): Record<string, string> => {\n let bearer = projectId;\n if (token) {\n bearer = bearer + ':' + token;\n }\n return {\n Authorization: `Bearer ${bearer}`,\n };\n};\n\ndeclare const BUILD_VERSION: string;\n\n/\n Create descope custom headers\n /\nconst createDescopeHeaders = (\n projectId: string,\n refreshCookieName?: string,\n) => {\n const res = {\n 'x-descope-sdk-session-id': getClientSessionId(),\n 'x-descope-sdk-name': 'core-js',\n 'x-descope-sdk-version': BUILD_VERSION,\n 'x-descope-project-id': projectId,\n };\n\n if (refreshCookieName) {\n res['x-descope-refresh-cookie-name'] = refreshCookieName;\n }\n return res;\n};\n\nconst isJson = (value?: string) => {\n try {\n value = JSON.parse(value);\n } catch (e) {\n return false;\n }\n\n return typeof value === 'object' && value !== null;\n};\n\n/* Add the ability to pass multiple hooks instead of one when creating an http client /\nconst withMultipleHooks =\n <T extends object>(createHttpClient: (config: CreateHttpClientConfig) => T) =>\n (\n config: Omit<CreateHttpClientConfig, 'hooks'> & { hooks?: MultipleHooks },\n ) => {\n const beforeRequest: BeforeRequest = (conf) => {\n // get the before hooks from the config while function is running\n // because the hooks might change after sdk creation\n const beforeRequestHooks = [].concat(config.hooks?.beforeRequest \|\| []);\n return beforeRequestHooks?.reduce((acc, fn) => fn(acc), conf);\n };\n\n const afterRequest: AfterRequest = async (req, res) => {\n // get the after hooks from the config while function is running\n // because the hooks might change after sdk creation\n const afterRequestHooks = [].concat(config.hooks?.afterRequest \|\| []);\n // do not remove this check - on old versions of react-native it is required\n if (afterRequestHooks.length == 0) return;\n const results = await Promise.allSettled(\n afterRequestHooks?.map((fn) => fn(req, res?.clone())),\n );\n // eslint-disable-next-line no-console\n results.forEach(\n (result) =>\n result.status === 'rejected' && config.logger?.error(result.reason),\n );\n };\n\n return createHttpClient({\n ...config,\n hooks: {\n beforeRequest,\n afterRequest,\n transformResponse: config.hooks?.transformResponse,\n },\n });\n };\n\n/\n Create the HTTP client used to send HTTP requests to the Descope API\n \n @param CreateHttpClientConfig Configuration for the client\n /\nconst createHttpClient = ({\n baseUrl: recBaseUrl,\n projectId,\n baseConfig,\n refreshCookieName,\n logger,\n hooks,\n cookiePolicy,\n fetch,\n}: CreateHttpClientConfig): HttpClient => {\n const baseUrl = recBaseUrl \|\| DEFAULT_BASE_API_URL;\n const fetchWithLogger = createFetchLogger(logger, fetch);\n\n const sendRequest = async (config: RequestConfig) => {\n const requestConfig = hooks?.beforeRequest\n ? hooks.beforeRequest(config)\n : config;\n\n const { path, body, headers, queryParams, method, token } = requestConfig;\n\n const serializedBody = serializeBody(body);\n const requestInit: RequestInit = {\n headers: mergeHeaders(\n createAuthorizationHeader(projectId, token),\n createDescopeHeaders(projectId, refreshCookieName),\n baseConfig?.baseHeaders \|\| {},\n isJson(serializedBody) ? jsonHeaders : {}, // add json content headers if body is json\n headers,\n ),\n method,\n body: serializedBody,\n };\n\n // On edge runtimes like Cloudflare, the fetch implementation does not support credentials\n // so we allow the caller to omit by specifying null\n // See https://github.com/cloudflare/workerd/blob/main/src/workerd/api/http.h#L591\n if (cookiePolicy !== null) {\n requestInit.credentials = cookiePolicy \|\| 'include';\n }\n\n const res = await fetchWithLogger(\n urlBuilder({ path, baseUrl, queryParams, projectId }),\n requestInit,\n );\n\n if (hooks?.afterRequest) {\n await hooks.afterRequest(config, res?.clone());\n }\n\n if (hooks?.transformResponse) {\n const json = await res.json();\n const cookies = transformSetCookie(res.headers?.get('set-cookie') \|\| '');\n const mutableResponse = {\n ...res,\n json: () => Promise.resolve(json),\n cookies,\n };\n // we want to make sure cloning the response will keep the transformed json data\n mutableResponse.clone = () => mutableResponse;\n return hooks.transformResponse(mutableResponse);\n }\n\n return res;\n };\n\n return {\n get: (path: string, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body: undefined,\n method: HTTPMethods.get,\n token,\n }),\n post: (path, body, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body,\n method: HTTPMethods.post,\n token,\n }),\n patch: (path, body, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body,\n method: HTTPMethods.patch,\n token,\n }),\n put: (path, body, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body,\n method: HTTPMethods.put,\n token,\n }),\n delete: (path, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body: undefined,\n method: HTTPMethods.delete,\n token,\n }),\n hooks,\n buildUrl: (path, queryParams) => {\n return urlBuilder({ projectId, baseUrl, path, queryParams });\n },\n };\n};\n\nexport default withMultipleHooks(createHttpClient);\nexport type { HttpClient };\n","/\n Split a combined Set-Cookie header string into individual cookie strings.\n \n Set-Cookie values are sometimes comma-joined into one string. This splits\n * them without choking on commas that appear inside a single cookie's\n * attributes (e.g. the Expires date \"Sun, 10 May 2026 12:00:00 GMT\").\n \n Based on https://github.com/nfriedly/set-cookie-parser (MIT).\n /\nfunction splitCookiesString(cookiesString: string): string[] {\n if (!cookiesString) return [];\n\n const result: string[] = [];\n let pos = 0;\n\n function skipWhitespace() {\n while (pos < cookiesString.length && /\\s/.test(cookiesString.charAt(pos))) {\n pos += 1;\n }\n return pos < cookiesString.length;\n }\n\n function notSpecialChar() {\n const ch = cookiesString.charAt(pos);\n return ch !== '=' && ch !== ';' && ch !== ',';\n }\n\n while (pos < cookiesString.length) {\n const start = pos;\n let cookiesSeparatorFound = false;\n let lastComma: number;\n let nextStart: number;\n\n while (skipWhitespace()) {\n const ch = cookiesString.charAt(pos);\n if (ch === ',') {\n // ',' is a cookie separator if we later find '=' before ';' or ','\n lastComma = pos;\n pos += 1;\n skipWhitespace();\n nextStart = pos;\n\n while (pos < cookiesString.length && notSpecialChar()) {\n pos += 1;\n }\n\n if (pos < cookiesString.length && cookiesString.charAt(pos) === '=') {\n // found a cookie separator — the comma was between two cookies\n cookiesSeparatorFound = true;\n pos = nextStart;\n result.push(cookiesString.substring(start, lastComma));\n break;\n } else {\n // comma was inside an attribute value (e.g. Expires date)\n pos = lastComma + 1;\n }\n } else {\n pos += 1;\n }\n }\n\n if (!cookiesSeparatorFound \|\| pos >= cookiesString.length) {\n result.push(cookiesString.substring(start, cookiesString.length));\n }\n }\n\n return result;\n}\n\nexport function transformSetCookie(\n setCookieHeader: string,\n): Record<string, string> {\n return Object.fromEntries(\n splitCookiesString(setCookieHeader)\n .map((cookieStr) => {\n const nameValue = cookieStr.split(';')[0];\n const eqIdx = nameValue.indexOf('=');\n if (eqIdx < 1) return null;\n return [\n nameValue.substring(0, eqIdx).trim(),\n nameValue.substring(eqIdx + 1).trim(),\n ];\n })\n .filter(Boolean),\n );\n}\n\n/ istanbul ignore next -- re-exports /\nexport { default as createFetchLogger } from './createFetchLogger';\n/ istanbul ignore next -- re-exports /\nexport { getClientSessionId } from './getClientSessionId';\n","export default {\n TOO_MANY_REQUESTS: 429,\n};\n","import { jwtDecode, JwtPayload } from 'jwt-decode';\nimport { ResponseData, SdkResponse } from '../types';\nimport HttpStatusCodes from '../../constants/httpStatusCodes';\nimport { DESCOPE_CURRENT_TENANT_CLAIM } from '../../constants';\n\nfunction getJwtAuthorizationItems(\n token: string,\n tenant: string,\n claim: string,\n): string[] {\n let claims: any = parseJwt(token);\n if (tenant) {\n if (!claims?.tenants && claims?.[DESCOPE_CURRENT_TENANT_CLAIM] === tenant) {\n // The token may have the current tenant in the \"dct\" claim and without the \"tenants\" claim\n return claims?.[claim] \|\| [];\n } else {\n claims = claims?.tenants?.[tenant];\n }\n }\n const items = claims?.[claim];\n return Array.isArray(items) ? items : [];\n}\n\nfunction parseJwt(token: string): JwtPayload {\n if (typeof token !== 'string' \|\| !token)\n throw new Error('Invalid token provided');\n return jwtDecode(token);\n}\n\n/\n Checks if the given JWT is still valid but DOES NOT check for signature\n \n @param token JWT token\n /\nexport function isJwtExpired(token: string): boolean {\n const { exp } = parseJwt(token);\n const currentTime = new Date().getTime() / 1000;\n return currentTime > exp;\n}\n\n/\n Returns the list of tenants in the given JWT\n \n @param token JWT token\n /\nexport function getTenants(token: string): string[] {\n let claims: any = parseJwt(token);\n const items = Object.keys(claims?.tenants);\n return Array.isArray(items) ? items : [];\n}\n\n/\n Returns the list of permissions granted in the given JWT but DOES NOT check for signature\n \n @param token JWT token\n /\nexport function getJwtPermissions(token: string, tenant?: string): string[] {\n return getJwtAuthorizationItems(token, tenant, 'permissions');\n}\n\n/\n Returns the list of roles specified in the given JWT but DOES NOT check for signature\n \n @param token JWT token\n /\nexport function getJwtRoles(token: string, tenant?: string): string[] {\n return getJwtAuthorizationItems(token, tenant, 'roles');\n}\n\n/* Joins path parts making sure there is only one path separator between parts /\nexport const pathJoin = (...args: string[]) =>\n args.join('/').replace(/\\/{2,}/g, '/');\n\n/* Transform the Promise Response to our internal SdkResponse implementation\n * @param response The Response promise from fetch\n * @param transform Optionally transform the response JSON to another type\n /\nexport async function transformResponse<\n T extends ResponseData,\n S extends ResponseData = T,\n>(\n response: Promise<Response>,\n transform?: (data: T) => S,\n): Promise<SdkResponse<S>> {\n const resp = await response;\n\n const ret: SdkResponse<S> = {\n code: resp.status,\n ok: resp.ok,\n response: resp,\n };\n\n const data = await resp.clone().json();\n\n if (!resp.ok) {\n ret.error = data;\n\n if (resp.status === HttpStatusCodes.TOO_MANY_REQUESTS) {\n Object.assign(ret.error, {\n retryAfter: Number.parseInt(resp.headers?.get('retry-after')) \|\| 0,\n });\n }\n } else if (transform) {\n ret.data = transform(data);\n } else {\n ret.data = <S>data;\n }\n\n return ret;\n}\n\nexport function getCurrentTenant(token: string): string {\n return parseJwt(token)?.[DESCOPE_CURRENT_TENANT_CLAIM] \|\| '';\n}\n","import { Validator, ValidationRule, MakeValidator } from './types';\n\nexport const createValidator =\n (rule: ValidationRule, defaultMsg?: string): MakeValidator =>\n (msg = defaultMsg) =>\n (val) =>\n !rule(val) ? msg.replace('{val}', val) : false;\n\nexport const createOrValidator =\n (validators: Validator[], defaultMsg?: string): MakeValidator =>\n (msg = defaultMsg) =>\n (val) => {\n const errors = validators.filter((validator) => validator(val));\n\n if (errors.length < validators.length) return false;\n\n return msg ? msg.replace('{val}', val) : errors.join(' OR ');\n };\n\nexport const createValidation = (...validators: Validator[]) => ({\n validate: (val: any) => {\n validators.forEach((validator) => {\n const errMsg = validator(val);\n if (errMsg) throw new Error(errMsg);\n });\n\n return true;\n },\n});\n","import { createOrValidator, createValidation, createValidator } from './core';\nimport { Validator } from './types';\n\nconst regexMatch = (regex: RegExp) => (val: any) => regex.test(val);\n\nconst validateString = (val: any) => typeof val === 'string';\n\nconst validateArray = (val: any) => Array.isArray(val);\n\nconst validateBoolean = (val: any) => typeof val === 'boolean';\n\nconst validateUndefined = (val: any) => val === undefined;\n\nconst validateEmail = regexMatch(\n /^[a-zA-Z0-9.!#$%&'+/=?^_`{\|}~-]+@[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)$/,\n);\n\n// A replacement for lodash.get, because it may not integrate well in various runtime environments (Edge).\n// Implementation is based on https://gist.github.com/dfkaye/59263b51cf1e0b633181c5f44ae2066a\nconst get = (object: any, pathName: string, defaultValue?: any) => {\n // Coerce pathName to a string (even it turns into \"[object Object]\").\n const path = Array.isArray(pathName) ? pathName.join('.') : String(pathName);\n\n // Support bracket notation, e.g., \"a[0].b.c\".\n const match = /\\[\\\\?(\"\|')?(\\w\|d)+\\\\?(\"\|')?\\]/g;\n\n const parts = path.replace(match, (m, i, v) => '.' + v).split('.');\n\n const length = parts.length;\n let i = 0;\n\n // In case object isn't a real object, set it to undefined.\n let value = object === Object(object) ? object : undefined;\n\n while (value != null && i < length) {\n value = value[parts[i++]];\n }\n\n /\n returns the resolved value if\n * 1. iteration happened (i > 0)\n * 2. iteration completed (i === length)\n * 3. the value at the path is found in the data structure (not undefined). Note that if the path is found but the\n * value is null, then null is returned.\n * If any of those checks fails, return the defaultValue param, if provided.\n /\n return i && i === length && value !== undefined ? value : defaultValue;\n};\n\nconst validatePhone = regexMatch(/^\\+[1-9]{1}[0-9]{3,14}$/);\nconst validateMinLength = (min: number) => (val: any) => val.length >= min;\n// const validatePlainObject = (val: any) => !!val && Object.getPrototypeOf(val) === Object.prototype;\nconst validatePathValue = (path: string, rules: Validator[]) => (val: any) =>\n createValidation(...rules).validate(get(val, path));\n\nexport const isEmail = createValidator(\n validateEmail,\n '\"{val}\" is not a valid email',\n);\nexport const isPhone = createValidator(\n validatePhone,\n '\"{val}\" is not a valid phone number',\n);\nexport const isNotEmpty = createValidator(\n validateMinLength(1),\n 'Minimum length is 1',\n);\nexport const isString = createValidator(\n validateString,\n 'Input is not a string',\n);\n\nexport const isArray = createValidator(validateArray, 'Input is not an array');\n\nexport const isBoolean = createValidator(\n validateBoolean,\n 'Input is not a boolean',\n);\n\nexport const isUndefined = createValidator(\n validateUndefined,\n 'Input is defined',\n);\n\nexport const isStringOrUndefined = createOrValidator(\n [isString(), isUndefined()],\n 'Input is not a string or undefined',\n);\n\nexport const isArrayOrBool = createOrValidator(\n [isArray(), isBoolean()],\n 'Input is not an array or boolean',\n);\n\n// export const isPlainObject = createValidator(validatePlainObject, 'Input is not a plain object');\nexport const hasPathValue = (path: string, rules: Validator[]) =>\n createValidator(validatePathValue(path, rules))();\n","import { createValidation } from './core';\nimport { Validator } from './types';\nimport {\n isEmail,\n isNotEmpty,\n isPhone,\n isString,\n isStringOrUndefined,\n} from './validators';\n\n/\n \n * Validate that all of the validators passes\n * @params each parameter is an array of validators, those validators will be verified against the wrapped function argument which in the same place\n * @throws if any of the validators fails, an error with the relevant message will be thrown\n /\nexport const withValidations =\n (...argsRules: Validator[][]) =>\n <T extends Array<any>, U>(fn: (...args: T) => U) =>\n (...args: T): U => {\n argsRules.forEach((rulesArr, i) =>\n createValidation(...rulesArr).validate(args[i]),\n );\n\n return fn(...args);\n };\n\nexport const string = (fieldName: string) => [\n isString(`\"${fieldName}\" must be a string`),\n];\n\nexport const isStringOrUndefinedValidator = (fieldName: string) => [\n isStringOrUndefined(`\"${fieldName}\" must be string or undefined`),\n];\n\nexport const stringNonEmpty = (fieldName: string) => [\n isString(`\"${fieldName}\" must be a string`),\n isNotEmpty(`\"${fieldName}\" must not be empty`),\n];\nexport const stringEmail = (fieldName: string) => [\n isString(`\"${fieldName}\" must be a string`),\n isEmail(),\n];\nexport const stringPhone = (fieldName: string) => [\n isString(`\"${fieldName}\" must be a string`),\n isPhone(),\n];\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport { transformResponse } from './helpers';\nimport {\n AccessKeyLoginOptions,\n ExchangeAccessKeyResponse,\n SdkResponse,\n} from './types';\nimport { stringNonEmpty, withValidations } from './validations';\n\nconst withExchangeValidations = withValidations(stringNonEmpty('accessKey'));\n\nconst withAccessKeys = (httpClient: HttpClient) => ({\n exchange: withExchangeValidations(\n (\n accessKey: string,\n loginOptions?: AccessKeyLoginOptions,\n ): Promise<SdkResponse<ExchangeAccessKeyResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.accessKey.exchange,\n { loginOptions },\n { token: accessKey },\n ),\n ),\n ),\n});\n\nexport default withAccessKeys;\n","import { MAX_POLLING_TIMEOUT_MS, MIN_POLLING_INTERVAL_MS } from '../constants';\n\n/* Polling configuration with defaults and normalizing checks /\nexport const normalizeWaitForSessionConfig = ({\n pollingIntervalMs = MIN_POLLING_INTERVAL_MS,\n timeoutMs = MAX_POLLING_TIMEOUT_MS,\n} = {}) => ({\n pollingIntervalMs: Math.max(\n pollingIntervalMs \|\| MIN_POLLING_INTERVAL_MS,\n MIN_POLLING_INTERVAL_MS,\n ),\n timeoutMs: Math.min(\n timeoutMs \|\| MAX_POLLING_TIMEOUT_MS,\n MAX_POLLING_TIMEOUT_MS,\n ),\n});\n","type DeviceInfo = {\n webAuthnSupport?: boolean;\n};\n\ntype LastAuth = {\n authMethod?: AuthMethod;\n oauthProvider?: string;\n name?: string;\n loginId?: string;\n};\n\ntype RedirectAuth = {\n callbackUrl: string;\n codeChallenge: string;\n};\n\n/* Sent in a flow start request when running as a native flow component via a mobile SDK /\ntype NativeOptions = {\n /* What mobile platform we're running on, used to decide between different behaviors on the backend /\n platform: 'ios' \| 'android';\n\n /* The name of an OAuth provider that will use native OAuth (Sign in with Apple/Google) instead of web OAuth when running in a mobile app /\n oauthProvider?: string;\n\n /* An override for web OAuth that sets the address to redirect to after authentication succeeds at the OAuth provider website /\n oauthRedirect?: string;\n};\n\ntype AuthMethod =\n \| 'magiclink'\n \| 'enchantedlink'\n \| 'otp'\n \| 'totp'\n \| 'oauth'\n \| 'saml'\n \| 'webauthn';\n\nexport type SdkFn = (...args: any[]) => Promise<SdkResponse<ResponseData>>;\n\nexport type MaskedPhone = {\n maskedPhone: string;\n};\n\nexport type MaskedEmail = {\n maskedEmail: string;\n};\n\n/* User base details from Descope API /\nexport type User = {\n email?: string;\n name?: string;\n givenName?: string;\n middleName?: string;\n familyName?: string;\n phone?: string;\n};\n\n/* User extended details from Descope API /\nexport type UserResponse = User & {\n loginIds: string[];\n userId: string;\n verifiedEmail?: boolean;\n verifiedPhone?: boolean;\n picture?: string;\n roleNames?: string[];\n userTenants?: UserTenant[];\n createdTime: number;\n TOTP: boolean;\n SAML: boolean;\n SCIM: boolean;\n password: boolean;\n OAuth?: Record<string, boolean>;\n customAttributes?: Record<string, any>;\n status: string;\n test: boolean;\n};\n\nexport type Tenant = {\n id: string;\n name: string;\n customAttributes?: Record<string, any>;\n};\n\nexport type TenantsResponse = {\n tenants: Tenant[];\n};\n\nexport type UserHistoryResponse = {\n userId: string;\n loginTime: number;\n city: string;\n country: string;\n ip: string;\n};\n\n/* A tenant association mapping /\nexport type UserTenant = {\n tenantId: string;\n roleNames?: string[];\n permissions?: string[];\n tenantName: string;\n};\n\nexport type TemplateOptions = Record<string, string>; // for providing messaging template options (templates that are being sent via email / text message)\n\n/* Login options to be added to the different authentication methods /\nexport type LoginOptions = {\n stepup?: boolean;\n mfa?: boolean;\n revokeOtherSessions?: boolean;\n customClaims?: Record<string, any>;\n templateId?: string;\n templateOptions?: TemplateOptions;\n};\n\n/* Access key login options to be added to the different authentication methods /\nexport type AccessKeyLoginOptions = {\n customClaims?: Record<string, any>;\n selectedTenant?: string;\n};\n\n/* Sign Up options to be added to the different authentication methods /\nexport type SignUpOptions = {\n customClaims?: Record<string, any>;\n templateId?: string;\n templateOptions?: TemplateOptions;\n};\n\nexport type Claims = Record<string, any>;\n\n/* Authentication info result from the various JWT validations /\nexport type JWTResponse = {\n sessionJwt: string;\n refreshJwt?: string;\n cookieDomain?: string;\n cookiePath?: string;\n cookieMaxAge?: number;\n cookieExpiration?: number;\n cookieName?: string;\n user?: UserResponse;\n firstSeen?: boolean;\n sessionExpiration: number;\n claims: Claims;\n trustedDeviceJwt?: string;\n nextRefreshSeconds?: number;\n};\n\n/* Authentication info result from exchanging access keys for a session /\nexport type ExchangeAccessKeyResponse = {\n keyId: string;\n sessionJwt: string;\n expiration: number;\n};\n\n/* Options for fine-grained passkey (WebAuthn) control /\nexport type PasskeyOptions = {\n // attestation only (sign up)\n authenticatorSelection?: WebauthnAuthenticatorSelectionCriteria;\n attestation?: 'none' \| 'indirect' \| 'direct';\n // assertion only (sign in)\n userVerification?: 'preferred' \| 'required' \| 'discouraged';\n // shared\n extensionsJSON?: string;\n};\n\n/* Part of the passkey options that apply when performing attestation (sign up) /\nexport type WebauthnAuthenticatorSelectionCriteria = {\n authenticatorAttachment?: 'any' \| 'platform' \| 'crossplatform';\n residentKey?: 'discouraged' \| 'preferred' \| 'required';\n userVerification?: 'preferred' \| 'required' \| 'discouraged';\n};\n\n/* The response returned from the various start webauthn functions /\nexport type WebAuthnStartResponse = {\n transactionId: string;\n options: string;\n create: boolean;\n};\n\n/* Enchanted link response /\nexport type EnchantedLinkResponse = {\n /* Pending reference URL to poll while waiting for user to click magic link /\n pendingRef: string;\n /* Link id, on which link the user should click /\n linkId: string;\n /* Email to which the link was sent to /\n maskedEmail: string;\n};\n\n/* URL response to redirect user in case of OAuth or SSO /\nexport type URLResponse = {\n url: string;\n};\n\n/* TOTP response with the TOTP details /\nexport type TOTPResponse = {\n provisioningURL: string;\n image: string;\n key: string;\n};\n\n/* Password reset response with details according to response method /\nexport type PasswordResetResponse = {\n resetMethod: string;\n pendingRef?: string;\n linkId?: string;\n maskedEmail: string;\n};\n\n/* A subset of the password policy that can be checked on the client side for better UX /\nexport type PasswordPolicyResponse = {\n minLength: number;\n lowercase: boolean;\n uppercase: boolean;\n number: boolean;\n nonAlphanumeric: boolean;\n};\n\nexport type ClientIdResponse = {\n clientId: string;\n};\n\nexport type VerifyOneTapIDTokenResponse = {\n code: string;\n};\n\n/* Phone delivery methods which are currently supported /\nexport enum DeliveryPhone {\n sms = 'sms',\n voice = 'voice',\n whatsapp = 'whatsapp',\n im = 'im',\n}\n\nexport enum DeliveryEmail {\n email = 'email',\n}\n\n/* All delivery methods currently supported /\nexport type DeliveryMethods = DeliveryPhone \| DeliveryEmail;\n\nexport const DeliveryMethods = {\n ...DeliveryPhone,\n ...DeliveryEmail,\n} as const;\n\n/* All flow execution statuses\n * - waiting - flow execution is waiting for user interaction\n * - running - flow execution is currently running\n * - completed - flow execution completed successfully\n * - failed - flow execution failed\n /\nexport enum FlowStatus {\n waiting = 'waiting',\n running = 'running',\n completed = 'completed',\n failed = 'failed',\n}\n\n/* All flow response action\n * - screen - next action is to render screen\n * - poll - next action is poll for next after timeout\n * - redirect - next action is to redirect (redirection details in 'redirect' attribute)\n * - webauthnCreate/webauthnGet - next action is to prompt webauthn (details in 'webauthn' attribute)\n * - nativeBridge - the next action needs to be sent via the native bridge to the native layer\n * - none - no next action\n /\nexport type FlowAction =\n \| 'screen'\n \| 'poll'\n \| 'redirect'\n \| 'webauthnCreate'\n \| 'webauthnGet'\n \| 'nativeBridge'\n \| 'none';\n\nexport type ComponentsConfig = Record<string, any>;\n\n/* Flow response with flow execution details /\nexport type FlowResponse = {\n // current execution identifier\n executionId: string;\n // current step identifier\n stepId: string;\n // current step name\n stepName: string;\n // flow execution status\n status: FlowStatus;\n // the next required action\n action: FlowAction;\n // screen data - if action is 'screen'\n screen?: {\n // screen identifier\n id: string;\n // extra dynamic state required for rendering screen\n state: Record<string, any>;\n componentsConfig: ComponentsConfig;\n };\n // redirect data - if action is 'redirect'\n redirect?: {\n url: string;\n isPopup?: boolean;\n };\n // SAML IDP response (this will be used to build the html form response goes from the IDP through the end user browser to the SP)\n samlIdpResponse?: {\n url: string;\n samlResponse: string;\n relayState: string;\n };\n // WS-Fed IDP response (this will be used to build the html form response goes from the IDP through the end user browser to the RP)\n wsFedIdpResponse?: {\n url: string;\n wresult: string;\n wctx: string;\n };\n // a URL to open in a new tab\n openInNewTabUrl?: string;\n // webauthn data - if action is one of 'webauthnCreate', 'webauthnGet'\n webauthn?: {\n transactionId: string;\n options: string;\n create: boolean;\n };\n // set if the action is 'nativeBridge'\n nativeResponse?: {\n type: 'oauthNative' \| 'oauthWeb' \| 'webauthnGet' \| 'webauthnCreate';\n payload: Record<string, any>;\n };\n // an error that occurred during flow execution, used for debugging / integrating\n error?: {\n code: string;\n description: string;\n message: string;\n };\n // authentication information response, if response is authenticated\n authInfo?: JWTResponse;\n lastAuth?: Pick<LastAuth, 'authMethod' \| 'oauthProvider'>;\n runnerLogs?: {\n title?: string;\n log: string;\n level?: 'info' \| 'debug' \| 'warn' \| 'error';\n }[];\n // general output configured inside the flow's end step\n output?: Record<string, any>;\n};\n\nexport type Options = {\n redirectUrl?: string;\n location?: string;\n tenant?: string;\n deviceInfo?: DeviceInfo;\n lastAuth?: LastAuth;\n redirectAuth?: RedirectAuth;\n oidcIdpStateId?: string;\n preview?: boolean;\n samlIdpStateId?: string;\n wsfedIdpStateId?: string;\n samlIdpUsername?: string;\n ssoAppId?: string;\n thirdPartyAppId?: string;\n oidcLoginHint?: string;\n abTestingKey?: number;\n startOptionsVersion?: number;\n client?: Record<string, any>;\n locale?: string;\n oidcPrompt?: string;\n oidcErrorRedirectUri?: string;\n oidcResource?: string;\n nativeOptions?: NativeOptions;\n thirdPartyAppStateId?: string;\n applicationScopes?: string; // Relevant for sso application and third party application\n outboundAppId?: string;\n outboundAppScopes?: string[];\n};\n\nexport type ResponseData = Record<string, any>;\n\n/\n Response from our SDK calls which includes the result (ok, code, error).\n * The relevant data is provided in the more specific interfaces extending SdkResponse.\n /\nexport type SdkResponse<T extends ResponseData> = {\n code?: number;\n ok: boolean;\n response?: Response;\n error?: {\n errorCode: string;\n errorDescription: string;\n errorMessage?: string;\n retryAfter?: string;\n };\n data?: T;\n};\n\n/* Different delivery method /\nexport type Deliveries<T extends Record<DeliveryMethods, SdkFn>> = {\n [S in DeliveryMethods]: T[S];\n};\n\nexport type DeliveriesPhone<T extends Record<DeliveryPhone, SdkFn> \| SdkFn> = {\n [S in DeliveryPhone]: T extends Record<DeliveryPhone, SdkFn> ? T[S] : T;\n};\n\n/* Map different functions to email vs phone (sms, whatsapp, voice) /\nexport type DeliveriesMap<EmailFn extends SdkFn, PhoneFn extends SdkFn> = {\n [S in DeliveryMethods]: S extends 'email' ? EmailFn : PhoneFn;\n};\n\n/* Logger type that supports the given levels (debug, log, error) /\nexport type Logger = Pick<Console, 'debug' \| 'log' \| 'error' \| 'warn'>;\n\n/* Polling configuration for session waiting /\nexport type WaitForSessionConfig = {\n pollingIntervalMs: number;\n timeoutMs: number;\n};\n\nexport type UpdateOptions<T extends boolean> = {\n addToLoginIDs?: T;\n onMergeUseExisting?: T extends true ? boolean : never;\n templateOptions?: TemplateOptions;\n templateId?: string;\n providerId?: string;\n};\n","import {\n stringNonEmpty,\n withValidations,\n stringPhone,\n stringEmail,\n} from '../validations';\n\nexport const loginIdValidations = stringNonEmpty('loginId');\nexport const withVerifyValidations = withValidations(stringNonEmpty('token'));\nexport const withSignValidations = withValidations(loginIdValidations);\nexport const withWaitForSessionValidations = withValidations(\n stringNonEmpty('pendingRef'),\n);\nexport const withUpdatePhoneValidations = withValidations(\n loginIdValidations,\n stringPhone('phone'),\n);\nexport const withUpdateEmailValidations = withValidations(\n loginIdValidations,\n stringEmail('email'),\n);\n","import {\n apiPaths,\n MAX_POLLING_TIMEOUT_MS,\n MIN_POLLING_INTERVAL_MS,\n} from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { normalizeWaitForSessionConfig } from '../../utils';\nimport { pathJoin, transformResponse } from '../helpers';\nimport {\n DeliveryMethods,\n SdkResponse,\n JWTResponse,\n EnchantedLinkResponse,\n User,\n LoginOptions,\n UpdateOptions,\n SignUpOptions,\n WaitForSessionConfig,\n} from '../types';\nimport {\n withWaitForSessionValidations,\n withSignValidations,\n withVerifyValidations,\n withUpdateEmailValidations,\n} from './validations';\n\nconst withEnchantedLink = (httpClient: HttpClient) => ({\n verify: withVerifyValidations(\n (token: string): Promise<SdkResponse<never>> =>\n transformResponse(\n httpClient.post(apiPaths.enchantedLink.verify, { token }),\n ),\n ),\n\n signIn: withSignValidations(\n (\n loginId: string,\n URI?: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n token?: string,\n ): Promise<SdkResponse<EnchantedLinkResponse>> =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.enchantedLink.signIn, DeliveryMethods.email),\n {\n loginId,\n URI,\n loginOptions,\n providerId,\n },\n { token },\n ),\n ),\n ),\n\n signUpOrIn: withSignValidations(\n (\n loginId: string,\n URI?: string,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<EnchantedLinkResponse>> =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.enchantedLink.signUpOrIn, DeliveryMethods.email),\n {\n loginId,\n URI,\n loginOptions: signUpOptions,\n providerId,\n },\n ),\n ),\n ),\n\n signUp: withSignValidations(\n (\n loginId: string,\n URI?: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<EnchantedLinkResponse>> =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.enchantedLink.signUp, DeliveryMethods.email),\n {\n loginId,\n URI,\n user,\n loginOptions: signUpOptions,\n providerId,\n },\n ),\n ),\n ),\n\n waitForSession: withWaitForSessionValidations(\n (\n pendingRef: string,\n config?: WaitForSessionConfig,\n ): Promise<SdkResponse<JWTResponse>> =>\n new Promise((resolve) => {\n const { pollingIntervalMs, timeoutMs } =\n normalizeWaitForSessionConfig(config);\n let timeout: NodeJS.Timeout \| undefined;\n const interval = setInterval(async () => {\n const resp = await httpClient.post(apiPaths.enchantedLink.session, {\n pendingRef,\n });\n if (resp.ok) {\n clearInterval(interval);\n if (timeout) clearTimeout(timeout);\n resolve(transformResponse(Promise.resolve(resp)));\n }\n }, pollingIntervalMs);\n\n timeout = setTimeout(() => {\n resolve({\n error: {\n errorDescription: `Session polling timeout exceeded: ${timeoutMs}ms`,\n errorCode: '0',\n },\n ok: false,\n });\n clearInterval(interval);\n }, timeoutMs);\n }),\n ),\n\n update: {\n email: withUpdateEmailValidations(\n <T extends boolean>(\n loginId: string,\n email: string,\n URI?: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ): Promise<SdkResponse<EnchantedLinkResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.enchantedLink.update.email,\n { loginId, email, URI, ...updateOptions },\n { token },\n ),\n ),\n ),\n },\n});\n\nexport default withEnchantedLink;\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { transformResponse } from '../helpers';\nimport { FlowResponse, Options, SdkResponse } from '../types';\nimport { stringNonEmpty, withValidations } from '../validations';\nimport { FlowInput } from './types';\n\nconst withStartValidations = withValidations(stringNonEmpty('flowId'));\nconst withNextValidations = withValidations(\n stringNonEmpty('executionId'),\n stringNonEmpty('stepId'),\n stringNonEmpty('interactionId'),\n);\n\nconst withFlow = (httpClient: HttpClient) => ({\n start: withStartValidations(\n (\n flowId: string,\n options?: Options,\n conditionInteractionId?: string,\n interactionId?: string,\n componentsVersion?: string,\n flowVersions?: Record<string, number>,\n input?: FlowInput,\n isCustomScreen = false,\n ): Promise<SdkResponse<FlowResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.flow.start, {\n flowId,\n options,\n conditionInteractionId,\n interactionId,\n componentsVersion,\n flowVersions,\n input,\n isCustomScreen,\n }),\n ),\n ),\n next: withNextValidations(\n (\n executionId: string,\n stepId: string,\n interactionId: string,\n version?: number,\n componentsVersion?: string,\n input?: FlowInput,\n isCustomScreen = false,\n ): Promise<SdkResponse<FlowResponse>> => {\n return transformResponse(\n httpClient.post(apiPaths.flow.next, {\n executionId,\n stepId,\n interactionId,\n version,\n componentsVersion,\n input,\n isCustomScreen,\n }),\n );\n },\n ),\n});\n\nexport default withFlow;\n","import {\n stringNonEmpty,\n withValidations,\n stringPhone,\n stringEmail,\n} from '../validations';\n\nexport const loginIdValidations = stringNonEmpty('loginId');\nexport const withVerifyValidations = withValidations(stringNonEmpty('token'));\nexport const withSignValidations = withValidations(loginIdValidations);\nexport const withWaitForSessionValidations = withValidations(\n stringNonEmpty('pendingRef'),\n);\nexport const withUpdatePhoneValidations = withValidations(\n loginIdValidations,\n stringPhone('phone'),\n);\nexport const withUpdateEmailValidations = withValidations(\n loginIdValidations,\n stringEmail('email'),\n);\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { pathJoin, transformResponse } from '../helpers';\nimport {\n DeliveryMethods,\n DeliveryPhone,\n SdkResponse,\n JWTResponse,\n User,\n LoginOptions,\n MaskedEmail,\n UpdateOptions,\n SignUpOptions,\n} from '../types';\nimport { MagicLink, Routes } from './types';\nimport {\n withSignValidations,\n withVerifyValidations,\n withUpdateEmailValidations,\n withUpdatePhoneValidations,\n} from './validations';\n\nconst deliveryMethods = Object.keys(DeliveryMethods).filter(\n (d) => d !== DeliveryPhone.voice && d !== DeliveryPhone.im,\n);\n\nconst withMagicLink = (httpClient: HttpClient) => ({\n verify: withVerifyValidations(\n (token: string): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(httpClient.post(apiPaths.magicLink.verify, { token })),\n ),\n\n signIn: deliveryMethods.reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n URI?: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n token?: string,\n ) =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.magicLink.signIn, delivery),\n { loginId, URI, loginOptions, providerId },\n { token },\n ),\n ),\n ),\n }),\n {},\n ) as MagicLink[Routes.signIn],\n\n signUp: deliveryMethods.reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n URI?: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ) =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.magicLink.signUp, delivery), {\n loginId,\n URI,\n user,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n }),\n {},\n ) as MagicLink[Routes.signUp],\n\n signUpOrIn: deliveryMethods.reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n URI?: string,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ) =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.magicLink.signUpOrIn, delivery), {\n loginId,\n URI,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n }),\n {},\n ) as MagicLink[Routes.signUpOrIn],\n\n update: {\n email: withUpdateEmailValidations(\n <T extends boolean>(\n loginId: string,\n email: string,\n URI?: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ): Promise<SdkResponse<MaskedEmail>> =>\n transformResponse(\n httpClient.post(\n apiPaths.magicLink.update.email,\n { loginId, email, URI, ...updateOptions },\n { token },\n ),\n ),\n ),\n phone: Object.keys(DeliveryPhone)\n .filter((d) => d !== DeliveryPhone.voice)\n .reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withUpdatePhoneValidations(\n <T extends boolean>(\n loginId: string,\n phone: string,\n URI?: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ) =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.magicLink.update.phone, delivery),\n { loginId, phone, URI, ...updateOptions },\n { token },\n ),\n ),\n ),\n }),\n {},\n ) as MagicLink[Routes.updatePhone],\n },\n});\n\nexport default withMagicLink;\n","import { SdkResponse, URLResponse, JWTResponse, LoginOptions } from '../types';\n\nenum OAuthProviders {\n facebook = 'facebook',\n github = 'github',\n google = 'google',\n microsoft = 'microsoft',\n gitlab = 'gitlab',\n apple = 'apple',\n discord = 'discord',\n linkedin = 'linkedin',\n slack = 'slack',\n}\n\ntype VerifyFn = (code: string) => Promise<SdkResponse<JWTResponse>>;\nexport type StartFn = (\n redirectURL?: string,\n loginOptions?: LoginOptions,\n token?: string,\n) => Promise<SdkResponse<URLResponse>>;\n\nexport type Providers<T> = Record<keyof typeof OAuthProviders, T>;\n\nexport type Oauth = {\n start: Providers<StartFn>;\n verify: Providers<VerifyFn>;\n};\n\nexport { OAuthProviders };\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport {\n SdkResponse,\n JWTResponse,\n LoginOptions,\n ClientIdResponse,\n VerifyOneTapIDTokenResponse,\n} from '../types';\nimport { transformResponse } from '../helpers';\nimport { Oauth, OAuthProviders } from './types';\nimport { stringNonEmpty, withValidations } from '../validations';\n\nconst withExchangeValidations = withValidations(stringNonEmpty('code'));\nconst withOauth = (httpClient: HttpClient) => ({\n start: Object.assign(\n (\n provider: string,\n redirectUrl?: string,\n loginOptions?: LoginOptions,\n token?: string,\n loginHint?: string,\n ) => {\n return transformResponse(\n httpClient.post(apiPaths.oauth.start, loginOptions \|\| {}, {\n queryParams: {\n provider,\n ...(redirectUrl && { redirectURL: redirectUrl }),\n ...(loginHint && { loginHint }),\n },\n token,\n }),\n );\n },\n Object.keys(OAuthProviders).reduce(\n (acc, provider) => ({\n ...acc,\n [provider]: (\n redirectUrl?: string,\n loginOptions?: LoginOptions,\n token?: string,\n loginHint?: string,\n ) =>\n transformResponse(\n httpClient.post(apiPaths.oauth.start, loginOptions \|\| {}, {\n queryParams: {\n provider,\n ...(redirectUrl && { redirectURL: redirectUrl }),\n ...(loginHint && { loginHint }),\n },\n token,\n }),\n ),\n }),\n {},\n ) as Oauth['start'],\n ),\n exchange: withExchangeValidations(\n (code: string): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(httpClient.post(apiPaths.oauth.exchange, { code })),\n ),\n startNative: (\n provider: string,\n loginOptions?: LoginOptions,\n implicit?: boolean,\n ) =>\n transformResponse(\n httpClient.post(apiPaths.oauth.startNative, {\n provider,\n loginOptions,\n implicit,\n }),\n ),\n finishNative: (\n provider: string,\n stateId: string,\n user?: string,\n code?: string,\n idToken?: string,\n ) =>\n transformResponse(\n httpClient.post(apiPaths.oauth.finishNative, {\n provider,\n stateId,\n user,\n code,\n idToken,\n }),\n ),\n getOneTapClientId: (provider: string) =>\n transformResponse<ClientIdResponse>(\n httpClient.get(\n apiPaths.oauth.oneTap.getOneTapClientId.replace('{provider}', provider),\n ),\n ),\n verifyOneTapIDToken: (\n provider: string,\n idToken: string,\n nonce: string,\n loginOptions?: LoginOptions,\n ) =>\n transformResponse<VerifyOneTapIDTokenResponse>(\n httpClient.post(apiPaths.oauth.oneTap.verifyOneTapIDToken, {\n provider,\n idToken,\n nonce,\n loginOptions,\n }),\n ),\n exchangeOneTapIDToken: (\n provider: string,\n idToken: string,\n nonce: string,\n loginOptions?: LoginOptions,\n ) =>\n transformResponse<JWTResponse>(\n httpClient.post(apiPaths.oauth.oneTap.exchangeOneTapIDToken, {\n provider,\n idToken,\n nonce,\n loginOptions,\n }),\n ),\n});\n\nexport default withOauth;\n","import {\n isStringOrUndefinedValidator,\n stringNonEmpty,\n withValidations,\n} from '../validations';\n\nconst appIdValidation = stringNonEmpty('appId');\nexport const withConnectValidations = withValidations(appIdValidation);\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { transformResponse } from '../helpers';\nimport { ConnectOptions } from './types';\nimport { SdkResponse, URLResponse } from '../types';\nimport { withConnectValidations } from './validations';\n\nconst withOutbound = (httpClient: HttpClient) => ({\n connect: withConnectValidations(\n (\n appId: string,\n options?: ConnectOptions,\n token?: string,\n ): Promise<SdkResponse<URLResponse>> => {\n const tenantId = options?.tenantId;\n const tenantLevel = options?.tenantLevel;\n delete options?.tenantId;\n delete options?.tenantLevel;\n return transformResponse(\n httpClient.post(\n apiPaths.outbound.connect,\n {\n appId,\n tenantId,\n tenantLevel,\n options,\n },\n {\n token,\n },\n ),\n );\n },\n ),\n});\n\nexport default withOutbound;\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { pathJoin, transformResponse } from '../helpers';\nimport {\n DeliveryMethods,\n User,\n SdkResponse,\n JWTResponse,\n DeliveryPhone,\n LoginOptions,\n MaskedEmail,\n UpdateOptions,\n SignUpOptions,\n} from '../types';\nimport {\n stringEmail,\n stringNonEmpty,\n stringPhone,\n withValidations,\n} from '../validations';\nimport { Otp, Routes } from './types';\n\nconst loginIdValidations = stringNonEmpty('loginId');\nconst withVerifyValidations = withValidations(\n loginIdValidations,\n stringNonEmpty('code'),\n);\nconst withSignValidations = withValidations(loginIdValidations);\nconst withUpdatePhoneValidations = withValidations(\n loginIdValidations,\n stringPhone('phone'),\n);\nconst withUpdateEmailValidations = withValidations(\n loginIdValidations,\n stringEmail('email'),\n);\n\nconst withOtp = (httpClient: HttpClient) => ({\n verify: Object.keys(DeliveryMethods).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withVerifyValidations(\n (loginId: string, code: string): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.otp.verify, delivery), {\n code,\n loginId,\n }),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.verify],\n\n signIn: Object.keys(DeliveryMethods).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n token?: string,\n ) =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.otp.signIn, delivery),\n { loginId, loginOptions, providerId },\n { token },\n ),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.signIn],\n\n signUp: Object.keys(DeliveryMethods).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ) =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.otp.signUp, delivery), {\n loginId,\n user,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.signUp],\n\n signUpOrIn: Object.keys(DeliveryMethods).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ) =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.otp.signUpOrIn, delivery), {\n loginId,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.signIn],\n\n update: {\n email: withUpdateEmailValidations(\n <T extends boolean>(\n loginId: string,\n email: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ): Promise<SdkResponse<MaskedEmail>> =>\n transformResponse(\n httpClient.post(\n apiPaths.otp.update.email,\n { loginId, email, ...updateOptions },\n { token },\n ),\n ),\n ),\n phone: Object.keys(DeliveryPhone).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withUpdatePhoneValidations(\n <T extends boolean>(\n loginId: string,\n phone: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ) =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.otp.update.phone, delivery),\n { loginId, phone, ...updateOptions },\n { token },\n ),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.updatePhone],\n },\n});\n\nexport default withOtp;\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport { transformResponse } from './helpers';\nimport { SdkResponse, URLResponse, JWTResponse, LoginOptions } from './types';\nimport { stringNonEmpty, withValidations } from './validations';\n\nconst withStartValidations = withValidations(stringNonEmpty('tenant'));\nconst withExchangeValidations = withValidations(stringNonEmpty('code'));\n\nconst withSaml = (httpClient: HttpClient) => ({\n start: withStartValidations(\n (\n tenantIdOrEmail: string,\n redirectUrl?: string,\n loginOptions?: LoginOptions,\n token?: string,\n ssoId?: string,\n forceAuthn?: boolean,\n loginHint?: string,\n enforceInitiatedEmail?: boolean,\n ): Promise<SdkResponse<URLResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.saml.start, loginOptions \|\| {}, {\n queryParams: {\n tenant: tenantIdOrEmail,\n ...(redirectUrl && { redirectURL: redirectUrl }),\n ...(ssoId && { ssoId }),\n ...(forceAuthn && { forceAuthn: 'true' }),\n ...(loginHint && { loginHint }),\n ...(enforceInitiatedEmail && { initiatedEmail: tenantIdOrEmail }),\n },\n ...(token && { token }),\n }),\n ),\n ),\n exchange: withExchangeValidations(\n (code: string): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(httpClient.post(apiPaths.saml.exchange, { code })),\n ),\n});\n\nexport default withSaml;\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport { transformResponse } from './helpers';\nimport {\n User,\n SdkResponse,\n JWTResponse,\n TOTPResponse,\n LoginOptions,\n} from './types';\nimport { stringNonEmpty, withValidations } from './validations';\n\nconst loginIdValidations = stringNonEmpty('loginId');\nconst withVerifyValidations = withValidations(\n loginIdValidations,\n stringNonEmpty('code'),\n);\nconst withSignUpValidations = withValidations(loginIdValidations);\nconst withUpdateValidations = withValidations(loginIdValidations);\n\nconst withTotp = (httpClient: HttpClient) => ({\n signUp: withSignUpValidations(\n (loginId: string, user?: User): Promise<SdkResponse<TOTPResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.totp.signUp, { loginId, user }),\n ),\n ),\n\n verify: withVerifyValidations(\n (\n loginId: string,\n code: string,\n loginOptions?: LoginOptions,\n token?: string,\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.totp.verify,\n { loginId, code, loginOptions },\n { token },\n ),\n ),\n ),\n\n update: withUpdateValidations(\n (loginId: string, token?: string): Promise<SdkResponse<TOTPResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.totp.update, { loginId }, { token }),\n ),\n ),\n});\n\nexport default withTotp;\n","import { stringNonEmpty, withValidations } from '../validations';\n\nconst loginIdValidation = stringNonEmpty('loginId');\nconst newPasswordValidation = stringNonEmpty('newPassword');\nexport const withSignValidations = withValidations(\n loginIdValidation,\n stringNonEmpty('password'),\n);\nexport const withSendResetValidations = withValidations(loginIdValidation);\nexport const withUpdateValidation = withValidations(\n loginIdValidation,\n newPasswordValidation,\n);\nexport const withReplaceValidation = withValidations(\n loginIdValidation,\n stringNonEmpty('oldPassword'),\n newPasswordValidation,\n);\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { transformResponse } from '../helpers';\nimport {\n JWTResponse,\n LoginOptions,\n PasswordPolicyResponse,\n PasswordResetResponse,\n SdkResponse,\n SignUpOptions,\n TemplateOptions,\n User,\n} from '../types';\nimport {\n withReplaceValidation,\n withSendResetValidations,\n withSignValidations,\n withUpdateValidation,\n} from './validations';\n\nconst withPassword = (httpClient: HttpClient) => ({\n signUp: withSignValidations(\n (\n loginId: string,\n password: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.password.signUp, {\n loginId,\n password,\n user,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n\n signIn: withSignValidations(\n (\n loginId: string,\n password: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.password.signIn, {\n loginId,\n password,\n loginOptions,\n providerId,\n }),\n ),\n ),\n\n sendReset: withSendResetValidations(\n (\n loginId: string,\n redirectUrl?: string,\n templateOptions?: TemplateOptions,\n ): Promise<SdkResponse<PasswordResetResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.password.sendReset, {\n loginId,\n redirectUrl,\n templateOptions,\n }),\n ),\n ),\n\n update: withUpdateValidation(\n (\n loginId: string,\n newPassword: string,\n token?: string,\n ): Promise<SdkResponse<never>> =>\n transformResponse(\n httpClient.post(\n apiPaths.password.update,\n {\n loginId,\n newPassword,\n },\n { token },\n ),\n ),\n ),\n\n replace: withReplaceValidation(\n (\n loginId: string,\n oldPassword: string,\n newPassword: string,\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.password.replace, {\n loginId,\n oldPassword,\n newPassword,\n }),\n ),\n ),\n\n policy: (): Promise<SdkResponse<PasswordPolicyResponse>> =>\n transformResponse(httpClient.get(apiPaths.password.policy)),\n});\n\nexport default withPassword;\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport { transformResponse } from './helpers';\nimport {\n SdkResponse,\n ResponseData,\n LoginOptions,\n JWTResponse,\n PasskeyOptions,\n WebAuthnStartResponse,\n} from './types';\nimport {\n isStringOrUndefinedValidator,\n string,\n stringNonEmpty,\n withValidations,\n} from './validations';\n\nconst loginIdStringValidations = string('loginId');\nconst loginIdNonEmptyValidations = stringNonEmpty('loginId');\nconst originValidations = stringNonEmpty('origin');\n\nconst withSignUpStartValidations = withValidations(\n loginIdNonEmptyValidations,\n originValidations,\n stringNonEmpty('name'),\n);\nconst withSignUpOrInStartValidations = withValidations(\n loginIdNonEmptyValidations,\n originValidations,\n);\nconst withSignInStartValidations = withValidations(\n loginIdStringValidations,\n originValidations,\n);\nconst withUpdateStartValidations = withValidations(\n loginIdNonEmptyValidations,\n originValidations,\n isStringOrUndefinedValidator('token'),\n);\nconst withFinishValidations = withValidations(\n stringNonEmpty('transactionId'),\n stringNonEmpty('response'),\n);\n\nconst withWebauthn = (httpClient: HttpClient) => ({\n signUp: {\n start: withSignUpStartValidations(\n (\n loginId: string,\n origin: string,\n name: string,\n passkeyOptions?: PasskeyOptions,\n ): Promise<SdkResponse<WebAuthnStartResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.signUp.start, {\n user: {\n loginId,\n name,\n },\n origin,\n passkeyOptions,\n }),\n ),\n ),\n\n finish: withFinishValidations(\n (\n transactionId: string,\n response: string,\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.signUp.finish, {\n transactionId,\n response,\n }),\n ),\n ),\n },\n\n signIn: {\n start: withSignInStartValidations(\n (\n loginId: string,\n origin: string,\n loginOptions?: LoginOptions,\n token?: string,\n passkeyOptions?: PasskeyOptions,\n ): Promise<SdkResponse<WebAuthnStartResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.webauthn.signIn.start,\n { loginId, origin, loginOptions, passkeyOptions },\n { token },\n ),\n ),\n ),\n\n finish: withFinishValidations(\n (\n transactionId: string,\n response: string,\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.signIn.finish, {\n transactionId,\n response,\n }),\n ),\n ),\n },\n\n signUpOrIn: {\n start: withSignUpOrInStartValidations(\n (\n loginId: string,\n origin: string,\n passkeyOptions?: PasskeyOptions,\n ): Promise<SdkResponse<WebAuthnStartResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.signUpOrIn.start, {\n loginId,\n origin,\n passkeyOptions,\n }),\n ),\n ),\n },\n\n update: {\n start: withUpdateStartValidations(\n (\n loginId: string,\n origin: string,\n token?: string,\n passkeyOptions?: PasskeyOptions,\n ): Promise<SdkResponse<WebAuthnStartResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.webauthn.update.start,\n { loginId, origin, passkeyOptions },\n { token },\n ),\n ),\n ),\n\n finish: withFinishValidations(\n (\n transactionId: string,\n response: string,\n ): Promise<SdkResponse<ResponseData>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.update.finish, {\n transactionId,\n response,\n }),\n ),\n ),\n },\n});\n\nexport default withWebauthn;\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { normalizeWaitForSessionConfig } from '../../utils';\nimport { transformResponse } from '../helpers';\nimport {\n JWTResponse,\n LoginOptions,\n SdkResponse,\n SignUpOptions,\n User,\n WaitForSessionConfig,\n} from '../types';\nimport { stringNonEmpty, string, withValidations } from '../validations';\nimport { NOTPResponse } from './types';\n\nconst loginIdValidations = string('loginId');\n\nconst withSignValidations = withValidations(loginIdValidations);\n\nconst withWaitForSessionValidations = withValidations(\n stringNonEmpty('pendingRef'),\n);\n\nconst withNotp = (httpClient: HttpClient) => ({\n signUpOrIn: withSignValidations(\n (\n loginId?: string,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<NOTPResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.notp.signUpOrIn, {\n loginId,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n signUp: withSignValidations(\n (\n loginId?: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<NOTPResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.notp.signUp, {\n loginId,\n user,\n providerId,\n loginOptions: signUpOptions,\n }),\n ),\n ),\n signIn: withSignValidations(\n (\n loginId?: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n token?: string,\n ): Promise<SdkResponse<NOTPResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.notp.signIn,\n { loginId, loginOptions, providerId },\n { token },\n ),\n ),\n ),\n waitForSession: withWaitForSessionValidations(\n (\n pendingRef: string,\n config?: WaitForSessionConfig,\n ): Promise<SdkResponse<JWTResponse>> =>\n new Promise((resolve) => {\n const { pollingIntervalMs, timeoutMs } =\n normalizeWaitForSessionConfig(config);\n let timeout: NodeJS.Timeout \| undefined;\n const interval = setInterval(async () => {\n const resp = await httpClient.post(apiPaths.notp.session, {\n pendingRef,\n });\n if (resp.ok) {\n clearInterval(interval);\n if (timeout) clearTimeout(timeout);\n resolve(transformResponse(Promise.resolve(resp)));\n }\n }, pollingIntervalMs);\n\n timeout = setTimeout(() => {\n resolve({\n error: {\n errorDescription: `Session polling timeout exceeded: ${timeoutMs}ms`,\n errorCode: '0',\n },\n ok: false,\n });\n clearInterval(interval);\n }, timeoutMs);\n }),\n ),\n});\n\nexport default withNotp;\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport withAccessKeys from './accesskey';\nimport withEnchantedLink from './enchantedLink';\nimport withFlow from './flow';\nimport {\n getTenants,\n getJwtPermissions,\n getJwtRoles,\n getCurrentTenant,\n isJwtExpired,\n transformResponse,\n} from './helpers';\nimport withMagicLink from './magicLink';\nimport withOauth from './oauth';\nimport withOutbound from './outbound';\nimport withOtp from './otp';\nimport withSaml from './saml';\nimport withTotp from './totp';\nimport withPassword from './password';\nimport {\n JWTResponse,\n TenantsResponse,\n UserHistoryResponse,\n UserResponse,\n} from './types';\nimport {\n stringNonEmpty,\n withValidations,\n isStringOrUndefinedValidator,\n} from './validations';\nimport withWebauthn from './webauthn';\nimport {\n isArrayOrBool,\n isString,\n isStringOrUndefined,\n} from './validations/validators';\nimport withNotp from './notp';\n\nconst withJwtValidations = withValidations(stringNonEmpty('token'));\nconst withOptionalTokenValidations = withValidations(\n isStringOrUndefinedValidator('token'),\n);\n\n/* Returns Descope SDK with all available operations /\nexport default (httpClient: HttpClient) => ({\n accessKey: withAccessKeys(httpClient),\n otp: withOtp(httpClient),\n magicLink: withMagicLink(httpClient),\n enchantedLink: withEnchantedLink(httpClient),\n oauth: withOauth(httpClient),\n outbound: withOutbound(httpClient),\n saml: withSaml(httpClient),\n totp: withTotp(httpClient),\n notp: withNotp(httpClient),\n webauthn: withWebauthn(httpClient),\n password: withPassword(httpClient),\n flow: withFlow(httpClient),\n /\n Refreshes a session token\n * Should be called when a session has expired (failed validation) to renew it\n * @param token A valid refresh token\n * @param queryParams Additional query parameters to send with the request.\n * @param externalToken An external token to exchange for a new session token\n * @param tryRefresh If true, will use the tryRefresh endpoint, which will not fail if token is missing, invalid or expired.\n * NOTE - queryParams is used internally and should NOT be used by other consumers, this is subject to change and may be removed in the near future.\n * @returns The updated authentication info (JWTs)\n /\n refresh: withOptionalTokenValidations(\n (\n token?: string,\n queryParams?: { [key: string]: string },\n externalToken?: string,\n tryRefresh?: boolean,\n ) => {\n const body = {};\n if (externalToken) {\n body['externalToken'] = externalToken;\n }\n const path = tryRefresh ? apiPaths.tryRefresh : apiPaths.refresh;\n return transformResponse<JWTResponse>(\n httpClient.post(path, body, { token, queryParams }),\n );\n },\n ),\n /\n Selects a tenant for the current session\n * @param tenantId The tenant to select\n * @param token A valid refresh token\n * @returns The updated authentication info (JWTs). The session token will be updated with the selected tenant under the \"dct\" claim\n /\n selectTenant: withValidations(\n [isString('tenantId')],\n [isStringOrUndefined('\"token\" must be string or undefined')],\n )((tenantId: string, token?: string) =>\n transformResponse<JWTResponse>(\n httpClient.post(apiPaths.selectTenant, { tenant: tenantId }, { token }),\n ),\n ),\n /\n Logs out the current session\n * @param token A valid refresh token\n /\n logout: withOptionalTokenValidations((token?: string) =>\n transformResponse<never>(httpClient.post(apiPaths.logout, {}, { token })),\n ),\n /\n Logs out all sessions for the current user\n * @param token A valid refresh token\n /\n logoutAll: withOptionalTokenValidations((token?: string) =>\n transformResponse<never>(\n httpClient.post(apiPaths.logoutAll, {}, { token }),\n ),\n ),\n /\n Returns the current user details\n * @param token A valid refresh token\n * @returns The current user details\n /\n me: withOptionalTokenValidations((token?: string) =>\n transformResponse<UserResponse>(httpClient.get(apiPaths.me, { token })),\n ),\n /\n Returns the current user details\n * @param tenants set to true IFF the response should include only the selected tenant from JWT, or list of tenant ids\n * @param token A valid refresh token\n * @returns The current user details\n /\n myTenants: withValidations(\n [isArrayOrBool('\"tenants\" must a string array or a boolean')],\n [isStringOrUndefined('\"token\" must be string or undefined')],\n )((tenants: true \| string[], token?: string) => {\n const body = {};\n if (typeof tenants === 'boolean') {\n body['dct'] = tenants;\n } else {\n body['ids'] = tenants;\n }\n return transformResponse<TenantsResponse>(\n httpClient.post(apiPaths.myTenants, body, { token }),\n );\n }),\n /\n Returns the current user authentication history\n * @param token A valid refresh token\n * @returns The current user authentication history\n /\n history: withOptionalTokenValidations((token?: string) =>\n transformResponse<UserHistoryResponse>(\n httpClient.get(apiPaths.history, { token }),\n ),\n ),\n /\n Checks if the given JWT is still valid but DOES NOT check for signature\n * @param token A valid token\n * @returns true if the JWT is expired, false otherwise\n /\n isJwtExpired: withJwtValidations(isJwtExpired),\n /\n Returns the list of tenants in the given JWT but DOES NOT check for signature\n * @param token A valid token\n * @returns The list of tenants in the given JWT\n /\n getTenants: withJwtValidations(getTenants),\n /\n Returns the list of permissions granted in the given JWT but DOES NOT check for signature\n * @param token A valid token\n * @param tenant The tenant to check permissions for. If not provided, the permissions for the current tenant will be returned\n * @returns The list of permissions granted in the given JWT\n /\n getJwtPermissions: withJwtValidations(getJwtPermissions),\n /\n Returns the list of roles specified in the given JWT but DOES NOT check for signature\n * @param token A valid token\n * @param tenant The tenant to check roles for. If not provided, the roles for the current tenant will be returned\n * @returns The list of roles specified in the given JWT\n /\n getJwtRoles: withJwtValidations(getJwtRoles),\n /\n Returns Descope current tenant from the given JWT but DOES NOT check for signature\n * @param token A valid token\n * @returns The current tenant from the given JWT\n /\n getCurrentTenant: withJwtValidations(getCurrentTenant),\n /\n Parses the given JWT token but DOES NOT check for signature\n * @param token A valid token\n * @returns The parsed JWT token\n /\n httpClient,\n});\n","import createHttpClient from './httpClient';\nimport { Fetch, MultipleHooks } from './httpClient/types';\nimport createSdk from './sdk';\nimport { Logger } from './sdk/types';\nimport { stringNonEmpty, withValidations } from './sdk/validations';\nimport { hasPathValue } from './sdk/validations/validators';\n\ntype SdkConfig = {\n projectId: string;\n logger?: Logger;\n baseUrl?: string;\n hooks?: MultipleHooks;\n cookiePolicy?: RequestCredentials \| null;\n baseHeaders?: HeadersInit;\n refreshCookieName?: string;\n fetch?: Fetch;\n};\n\n/* Validate we have non-empty project id /\nconst withSdkConfigValidations = withValidations([\n hasPathValue('projectId', stringNonEmpty('projectId')),\n]);\n\n/* Descope SDK client /\nexport default withSdkConfigValidations((config: SdkConfig) => {\n const {\n projectId,\n logger,\n baseUrl,\n cookiePolicy,\n baseHeaders = {},\n refreshCookieName,\n fetch,\n } = config;\n\n return createSdk(\n createHttpClient({\n baseUrl,\n projectId,\n logger,\n hooks: {\n get beforeRequest() {\n return config.hooks?.beforeRequest;\n },\n get afterRequest() {\n return config.hooks?.afterRequest;\n },\n get transformResponse() {\n return config.hooks?.transformResponse;\n },\n },\n cookiePolicy,\n baseConfig: { baseHeaders },\n refreshCookieName,\n fetch,\n }),\n );\n});\n","import createSdk from './createSdk';\nimport {\n CreateHttpClientConfig,\n ExtendedResponse,\n HttpClient,\n HTTPMethods,\n RequestConfig,\n} from './httpClient/types';\nimport { OAuthProviders } from './sdk/oauth/types';\nimport { DeliveryMethods } from './sdk/types';\n\n/* Descope SDK client with delivery methods enum.\n \n Please see full documentation at {@link https://docs.descope.com/guides Descope Docs}\n * @example Usage\n \n ```js\n * import descopeSdk from '@descope/core-js-sdk';\n \n const myProjectId = 'xxx';\n * const sdk = descopeSdk({ projectId: myProjectId });\n \n const userLoginId = 'loginId';\n * sdk.otp.signIn.email(userLoginId);\n * const jwtResponse = sdk.otp.verify.email(userIdentifier, codeFromEmail);\n * ```\n /\nexport default Object.assign(createSdk, { DeliveryMethods });\n\nexport { default as HttpStatusCodes } from './constants/httpStatusCodes';\nexport { default as createHttpClient } from './httpClient';\nexport { transformResponse } from './sdk/helpers';\nexport type {\n AccessKeyLoginOptions,\n EnchantedLinkResponse,\n ExchangeAccessKeyResponse,\n FlowAction,\n FlowResponse,\n FlowStatus,\n Claims,\n JWTResponse,\n LoginOptions,\n PasskeyOptions,\n ResponseData,\n SdkResponse,\n TOTPResponse,\n URLResponse,\n UserHistoryResponse,\n UserResponse,\n} from './sdk/types';\nexport from './utils';\nexport type { SdkFnWrapper } from './utils';\nexport type {\n CreateHttpClientConfig,\n ExtendedResponse,\n HttpClient,\n HTTPMethods,\n RequestConfig,\n};\n\n/** Type to restrict to valid delivery methods /\nexport type DeliveryMethod = keyof typeof DeliveryMethods;\n/* Type to restrict to valid OAuth providers /\nexport type OAuthProvider = keyof typeof OAuthProviders;\n","/ eslint-disable import/exports-last /\nimport { ResponseData } from '../../sdk/types';\nimport { SdkFnWrapper, ReplacePaths, SdkFnsPaths } from './types';\n\n/\n A wrapper function that allows to wrap multiple Sdk function\n * @param obj: The Sdk instance you want to wrap\n * @param paths: A readonly list of paths of the functions you want to wrap\n * @param wrapper: Your wrapper function, it should gets an Sdk function and return a new Sdk function\n * @returns a mutated instance of the Sdk with updated type definitions based on your wrapper return type\n \n Usage example:\n \n // Assuming this is our SDK instance\n * const sdk = {\n * me: (token) => {...}\n * flow: {\n * start: (...params) => {...}\n * next: (...params) => {...}\n * }\n * ...\n * }\n \n // This is our wrapper\n * const wrapper = (sdkFn) => async (...args) => {\n * const sdkResponse = await sdkFn(...args)\n \n // Modify return value\n * return {...sdkResponse, data: {...sdkResponse.data, myCustomAttribute: 'hello'}}\n * }\n \n // And those are the paths we want to wrap\n * const paths = ['flow.start', 'flow.next'] as const // You MUST add as const!\n \n // We can wrap our SDK functions with the wrapper we created in this way\n * const newlyTypedSdk = wrapWith(sdk, paths, wrapper)\n \n Now the 2 wrapped functions will have the updated type based on the wrapper return value\n */\n\nconst wrapWith = <\n Obj extends object,\n Paths extends ReadonlyArray<SdkFnsPaths<Obj>>,\n WrapperData extends ResponseData,\n>(\n obj: Obj,\n paths: Paths,\n wrapper: SdkFnWrapper<WrapperData>,\n): ReplacePaths<Obj, Paths, WrapperData> => {\n paths.forEach((path) => {\n const sections = path.split('.');\n let section = sections.shift();\n let currentRef: Record<string, any> = obj;\n\n while (sections.length > 0) {\n currentRef = currentRef[section];\n\n if (!section \|\| !currentRef) {\n throw Error(\n `Invalid path \"${path}\", \"${section}\" is missing or has no value`,\n );\n }\n\n section = sections.shift();\n }\n\n if (typeof currentRef[section] !== 'function') {\n throw Error(`\"${path}\" is not a function`);\n }\n const origFn = currentRef[section];\n currentRef[section] = wrapper(origFn);\n });\n\n return obj as any;\n};\n\nexport default wrapWith;\n"],"names":["apiPaths","accessKey","exchange","otp","verify","signIn","signUp","update","email","phone","signUpOrIn","magicLink","enchantedLink","session","oauth","start","startNative","finishNative","oneTap","getOneTapClientId","exchangeOneTapIDToken","verifyOneTapIDToken","outbound","connect","saml","totp","notp","webauthn","finish","password","sendReset","replace","policy","refresh","tryRefresh","selectTenant","logout","logoutAll","me","myTenants","history","flow","next","BASE_URL_REGION_PLACEHOLDER","DEFAULT_BASE_API_URL","MIN_POLLING_INTERVAL_MS","MAX_POLLING_TIMEOUT_MS","DESCOPE_CURRENT_TENANT_CLAIM","httpLogBuilder","msg","headers","headersObj","entries","Object","fromEntries","Headers","JSON","stringify","this","body","Body","url","Url","toString","method","Method","title","Title","status","Status","retries","Retries","build","keys","flatMap","key","join","retryStatusCodes","retryDelaysMs","sleep","ms","Promise","resolve","setTimeout","fetchWrapper","fetch","async","args","resp","includes","length","respText","text","json","parse","clone","createFetchLogger","logger","receivedFetch","baseFetch","warn","Error","log","buildRequestLog","ok","respBody","statusText","buildResponseLog","sessionId","getClientSessionId","currentDate","Date","utcString","getUTCFullYear","getUTCMonth","padStart","getUTCDate","getUTCHours","getUTCMinutes","getUTCSeconds","getUTCMilliseconds","randomSuffix","Math","floor","random","HTTPMethods","urlBuilder","path","baseUrl","queryParams","projectId","region","slice","forEach","index","encodeURIComponent","mergeHeaders","sources","reduce","acc","source","Array","isArray","from","getSrcArr","value","jsonHeaders","createAuthorizationHeader","token","bearer","Authorization","createDescopeHeaders","refreshCookieName","res","isJson","e","createHttpClient$1","createHttpClient","config","assign","hooks","beforeRequest","conf","beforeRequestHooks","concat","_a","fn","afterRequest","req","afterRequestHooks","allSettled","map","result","error","reason","transformResponse","withMultipleHooks","recBaseUrl","baseConfig","cookiePolicy","fetchWithLogger","sendRequest","requestConfig","serializedBody","undefined","serializeBody","requestInit","baseHeaders","credentials","cookies","setCookieHeader","get","cookiesString","pos","skipWhitespace","test","charAt","notSpecialChar","ch","lastComma","nextStart","cookiesSeparatorFound","push","substring","splitCookiesString","cookieStr","nameValue","split","eqIdx","indexOf","trim","filter","Boolean","mutableResponse","post","patch","put","delete","buildUrl","HttpStatusCodes","TOO_MANY_REQUESTS","getJwtAuthorizationItems","tenant","claim","claims","parseJwt","tenants","items","jwtDecode","isJwtExpired","exp","getTime","getTenants","getJwtPermissions","getJwtRoles","pathJoin","response","transform","ret","code","data","retryAfter","Number","parseInt","getCurrentTenant","createValidator","rule","defaultMsg","val","createOrValidator","validators","errors","validator","createValidation","validate","errMsg","regexMatch","regex","validateEmail","validatePhone","validatePathValue","rules","object","pathName","defaultValue","parts","String","m","i","v","isEmail","isPhone","isNotEmpty","min","isString","isBoolean","isUndefined","isStringOrUndefined","isArrayOrBool","withValidations","argsRules","rulesArr","string","fieldName","isStringOrUndefinedValidator","stringNonEmpty","stringEmail","stringPhone","withExchangeValidations","withAccessKeys","httpClient","loginOptions","normalizeWaitForSessionConfig","pollingIntervalMs","timeoutMs","max","DeliveryPhone","DeliveryEmail","DeliveryMethods","FlowStatus","loginIdValidations","withVerifyValidations","withSignValidations","withWaitForSessionValidations","withUpdateEmailValidations","withEnchantedLink","loginId","URI","providerId","__rest","signUpOptions","user","waitForSession","pendingRef","timeout","interval","setInterval","clearInterval","clearTimeout","errorDescription","errorCode","updateOptions","withStartValidations","withNextValidations","withFlow","flowId","options","conditionInteractionId","interactionId","componentsVersion","flowVersions","input","isCustomScreen","executionId","stepId","version","withUpdatePhoneValidations","deliveryMethods","d","voice","im","withMagicLink","delivery","OAuthProviders","withOauth","provider","redirectUrl","loginHint","redirectURL","implicit","stateId","idToken","nonce","appIdValidation","withConnectValidations","withOutbound","appId","tenantId","tenantLevel","withOtp","withSaml","tenantIdOrEmail","ssoId","forceAuthn","enforceInitiatedEmail","initiatedEmail","withSignUpValidations","withUpdateValidations","withTotp","loginIdValidation","newPasswordValidation","withSendResetValidations","withUpdateValidation","withReplaceValidation","withPassword","templateOptions","newPassword","oldPassword","loginIdStringValidations","loginIdNonEmptyValidations","originValidations","withSignUpStartValidations","withSignUpOrInStartValidations","withSignInStartValidations","withUpdateStartValidations","withFinishValidations","withWebauthn","origin","name","passkeyOptions","transactionId","withNotp","withJwtValidations","withOptionalTokenValidations","createSdk","withSdkConfigValidations","externalToken","obj","paths","wrapper","sections","section","shift","currentRef","origFn"],"mappings":"mHACeA,EAAA,CACbC,UAAW,CACTC,SAAU,+BAEZC,IAAK,CACHC,OAAQ,sBACRC,OAAQ,sBACRC,OAAQ,sBACRC,OAAQ,CACNC,MAAO,4BACPC,MAAO,6BAETC,WAAY,0BAEdC,UAAW,CACTP,OAAQ,4BACRC,OAAQ,4BACRC,OAAQ,4BACRC,OAAQ,CACNC,MAAO,kCACPC,MAAO,mCAETC,WAAY,gCAEdE,cAAe,CACbR,OAAQ,gCACRC,OAAQ,gCACRC,OAAQ,gCACRO,QAAS,yCACTN,OAAQ,CACNC,MAAO,uCAETE,WAAY,oCAEdI,MAAO,CACLC,MAAO,2BACPb,SAAU,0BACVc,YAAa,6BACbC,aAAc,8BACdC,OAAQ,CACNC,kBAAmB,sCACnBC,sBAAuB,mCACvBC,oBAAqB,mCAGzBC,SAAU,CACRC,QAAS,8BAEXC,KAAM,CACJT,MAAO,0BACPb,SAAU,0BAEZuB,KAAM,CACJrB,OAAQ,uBACRE,OAAQ,uBACRC,OAAQ,wBAEVmB,KAAM,CACJrB,OAAQ,gCACRC,OAAQ,gCACRI,WAAY,mCACZG,QAAS,iCAEXc,SAAU,CACRrB,OAAQ,CACNS,MAAO,iCACPa,OAAQ,mCAEVvB,OAAQ,CACNU,MAAO,iCACPa,OAAQ,mCAEVlB,WAAY,CACVK,MAAO,qCAETR,OAAQ,CACNQ,MAAO,gCACPa,OAAQ,oCAGZC,SAAU,CACRvB,OAAQ,2BACRD,OAAQ,2BACRyB,UAAW,0BACXvB,OAAQ,2BACRwB,QAAS,4BACTC,OAAQ,4BAKVC,QAAS,mBACTC,WAAY,uBACZC,aAAc,yBACdC,OAAQ,kBACRC,UAAW,qBACXC,GAAI,cACJC,UAAW,sBACXC,QAAS,sBACTC,KAAM,CACJ1B,MAAO,iBACP2B,KAAM,kBCrGH,MAAMC,EAA8B,WAC9BC,EAAuB,eAAeD,eAGtCE,EAA0B,IAE1BC,EAAyB,IAGzBC,EAA+B,MCNtCC,EAAiB,KACrB,MAAMC,EAQF,CAAA,EAEJ,MAAO,CACL,OAAAC,CAAQA,GACN,MAAMC,EACuB,mBAApBD,EAAQE,QACXC,OAAOC,YAAYJ,EAAQE,WAC3BF,EAGN,OAFAD,EAAIM,QAAUC,KAAKC,UAAUN,GAEtBO,IACR,EAED,IAAAC,CAAKA,GAEH,OADAV,EAAIW,KAAOD,EACJD,IACR,EAED,GAAAG,CAAIA,GAEF,OADAZ,EAAIa,IAAMD,EAAIE,WACPL,IACR,EAED,MAAAM,CAAOA,GAEL,OADAf,EAAIgB,OAASD,EACNN,IACR,EAED,KAAAQ,CAAMA,GAEJ,OADAjB,EAAIkB,MAAQD,EACLR,IACR,EAED,MAAAU,CAAOA,GAEL,OADAnB,EAAIoB,OAASD,EACNV,IACR,EAED,OAAAY,CAAQA,GAEN,OADArB,EAAIsB,QAAUD,EACPZ,IACR,EAEDc,MAAK,IACInB,OAAOoB,KAAKxB,GAChByB,SAASC,GACR1B,EAAI0B,GAAO,CAAC,GAAW,UAARA,EAAkB,GAAGA,MAAU,KAAK1B,EAAI0B,MAAU,KAElEC,KAAK,MAEX,EAmBGC,EAAmB,CAAC,IAAK,IAAK,IAAK,IAAK,KAGxCC,EAAgB,CAAC,IAAK,IAAM,KAE5BC,EAASC,GACb,IAAIC,SAAeC,GAAYC,WAAWD,EAASF,KAgB/CI,EACHC,GACDC,SAAUC,KACR,IAAIC,QAA8CH,KAASE,GAEvDjB,EAAU,EACd,KACEO,EAAiBY,SAASD,EAAKpB,SAC/BE,EAAUQ,EAAcY,cAElBX,EAAMD,EAAcR,IAC1BkB,QAAaH,KAASE,GACtBjB,IAGEA,EAAU,IACZkB,EAAKlB,QAAUA,GAKjB,MAAMqB,QAAiBH,EAAKI,OAM5B,OAJAJ,EAAKI,KAAO,IAAMX,QAAQC,QAAQS,GAClCH,EAAKK,KAAO,IAAMZ,QAAQC,QAAQ1B,KAAKsC,MAAMH,IAC7CH,EAAKO,MAAQ,IAAMP,EAEZA,CAAI,EASTQ,EAAoB,CAACC,EAAgBC,KACzC,MAAMC,EAAYD,GAAiBb,MAOnC,OANKc,GAEHF,SAAAA,EAAQG,KACN,uIAGCH,EACEX,SAAUC,KACf,IAAKY,EACH,MAAME,MACJ,qHAEJJ,EAAOK,IAvFa,CAACf,GACvBvC,IACGkB,MAAM,WACNL,IAAI0B,EAAK,IACTvB,OAAOuB,EAAK,GAAGvB,QACfd,QAAQqC,EAAK,GAAGrC,SAChBS,KAAK4B,EAAK,GAAG5B,MACba,QAgFU+B,CAAgBhB,IAC3B,MAAMC,QAAaJ,EAAae,EAAbf,IAA2BG,GAI9C,OAFAU,EAAOT,EAAKgB,GAAK,MAAQ,cAlEJlB,OAAOE,IAC9B,MAAMiB,QAAiBjB,EAAKI,OAE5B,OAAO5C,IACJkB,MAAM,YACNL,IAAI2B,EAAK3B,IAAIE,YACbK,OAAO,GAAGoB,EAAKpB,UAAUoB,EAAKkB,cAC9BxD,QAAQsC,EAAKtC,SACbS,KAAK8C,GACLnC,QAAQkB,EAAKlB,SACbE,OAAO,EAwDgCmC,CAAiBnB,IAElDA,CAAI,EAXOJ,EAAae,EAYhC,EChKH,IAAIS,EAEG,MAAMC,EAAqB,KAChC,GAAID,EACF,OAAOA,EAET,MAAME,EAAc,IAAIC,KAClBC,EAAY,GAAGF,EAAYG,iBAAiBlD,eAChD+C,EAAYI,cAAgB,GAE3BnD,WACAoD,SAAS,EAAG,QAAQL,EACpBM,aACArD,WACAoD,SAAS,EAAG,QAAQL,EACpBO,cACAtD,WACAoD,SAAS,EAAG,QAAQL,EACpBQ,gBACAvD,WACAoD,SAAS,EAAG,QAAQL,EACpBS,gBACAxD,WACAoD,SAAS,EAAG,QAAQL,EAAYU,qBAAqBzD,aAClD0D,EAAeC,KAAKC,MAAM,IAAuB,IAAhBD,KAAKE,UAE5C,OADAhB,EAAY,GAAGI,KAAaS,IACrBb,CAAS,ECdlB,IAAYiB,GAAZ,SAAYA,GACVA,EAAA,IAAA,MACAA,EAAA,OAAA,SACAA,EAAA,KAAA,OACAA,EAAA,IAAA,MACAA,EAAA,MAAA,OACD,CAND,CAAYA,IAAAA,EAMX,CAAA,ICfM,MAAMC,EAAa,EACxBC,OACAC,UACAC,cACAC,gBAWA,MAAMC,EAASD,EAAUE,MAAM,GAAI,IACnCJ,EAAUA,EAAQjG,QAChBY,EACAwF,EAASA,EAAS,IAAM,IAG1B,IAAItE,EAAMkE,EACN,GAAGC,EAAQjG,QAAQ,MAAO,OAAOgG,aAAA,EAAAA,EAAMhG,QAAQ,MAAO,MACtDiG,EAGJ,GAAIC,EAAa,CACf,MAAMxD,EAAOpB,OAAOoB,KAAKwD,GACzBxD,EAAK4D,SAAQ,CAAC1D,EAAa2D,KACzBzE,EAAM,GAAGA,IAAgB,IAAVyE,EAAc,IAAM,KAAK3D,KAAO4D,mBAC7CN,EAAYtD,MACV2D,IAAU7D,EAAKiB,OAAS,EAAI,GAAK,KAAK,GAE7C,CAED,OAAO7B,CAAG,EC1BC2E,EAAe,IAAIC,IAC9B,IAAIlF,QACFkF,EAAQC,QACN,CAACC,EAA6BC,KAXlB,CAACA,GACbC,MAAMC,QAAQF,GAAgBA,EAC9BA,aAAkBrF,QAAgBsF,MAAME,KAAKH,EAAOxF,WACnDwF,EACEvF,OAAOD,QAAQwF,GADF,GASdI,CAAUJ,GAAQP,SAAQ,EAAE1D,EAAKsE,MAC/BN,EAAIhE,GAAwB,mBAAVsE,EAAuBA,IAAUA,CAAK,IAGnDN,IAET,CAAA,ICPAO,EAAc,CAClB,eAAgB,oBAQZC,EAA4B,CAChCjB,EACAkB,EAAQ,MAER,IAAIC,EAASnB,EAIb,OAHIkB,IACFC,EAASA,EAAS,IAAMD,GAEnB,CACLE,cAAe,UAAUD,IAC1B,EAQGE,EAAuB,CAC3BrB,EACAsB,KAEA,MAAMC,EAAM,CACV,2BAA4B5C,IAC5B,qBAAsB,UACtB,wBAAyB,SACzB,uBAAwBqB,GAM1B,OAHIsB,IACFC,EAAI,iCAAmCD,GAElCC,CAAG,EAGNC,EAAUT,IACd,IACEA,EAAQzF,KAAKsC,MAAMmD,EACpB,CAAC,MAAOU,GACP,OAAO,CACR,CAED,MAAwB,iBAAVV,GAAgC,OAAVA,CAAc,EAqKpD,IAAeW,EAhKb,CAAmBC,GAEjBC,UAyBA,OAAOD,EAAgBxG,OAAA0G,OAAA1G,OAAA0G,OAAA,GAClBD,GAAM,CACTE,MAAO,CACLC,cA1BkCC,UAGpC,MAAMC,EAAqB,GAAGC,QAAqB,QAAdC,EAAAP,EAAOE,aAAO,IAAAK,OAAA,EAAAA,EAAAJ,gBAAiB,IACpE,OAAOE,aAAkB,EAAlBA,EAAoBzB,QAAO,CAACC,EAAK2B,IAAOA,EAAG3B,IAAMuB,EAAK,EAuB3DK,aApB+BjF,MAAOkF,EAAKf,WAG7C,MAAMgB,EAAoB,GAAGL,QAAqB,QAAdC,EAAAP,EAAOE,aAAO,IAAAK,OAAA,EAAAA,EAAAE,eAAgB,IAElE,GAAgC,GAA5BE,EAAkB/E,OAAa,cACbT,QAAQyF,WAC5BD,aAAA,EAAAA,EAAmBE,KAAKL,GAAOA,EAAGE,EAAKf,aAAA,EAAAA,EAAK1D,aAGtCsC,SACLuC,IAAU,IAAAP,EACT,MAAkB,aAAlBO,EAAOxG,SAAwC,QAAfiG,EAAAP,EAAO7D,cAAQ,IAAAoE,OAAA,EAAAA,EAAAQ,MAAMD,EAAOE,QAAO,GACtE,EAQCC,0BAAmBV,EAAAP,EAAOE,4BAAOe,qBAEnC,EA8HSC,EAtHU,EACvBhD,QAASiD,EACT/C,YACAgD,aACA1B,oBACAvD,SACA+D,QACAmB,eACA9F,YAEA,MAAM2C,EAAUiD,GAAcrI,EACxBwI,EAAkBpF,EAAkBC,EAAQZ,GAE5CgG,EAAc/F,MAAOwE,UACzB,MAAMwB,GAAgBtB,aAAK,EAALA,EAAOC,eACzBD,EAAMC,cAAcH,GACpBA,GAEE/B,KAAEA,EAAIpE,KAAEA,EAAIT,QAAEA,EAAO+E,YAAEA,EAAWjE,OAAEA,EAAMoF,MAAEA,GAAUkC,EAEtDC,ED1GmB,CAAC5H,QACnB6H,IAAT7H,OAAqB6H,EAAYhI,KAAKC,UAAUE,GCyGvB8H,CAAc9H,GAC/B+H,EAA2B,CAC/BxI,QAASsF,EACPW,EAA0BjB,EAAWkB,GACrCG,EAAqBrB,EAAWsB,IAChC0B,aAAU,EAAVA,EAAYS,cAAe,CAAE,EAC7BjC,EAAO6B,GAAkBrC,EAAc,CAAE,EACzChG,GAEFc,SACAL,KAAM4H,GAMa,OAAjBJ,IACFO,EAAYE,YAAcT,GAAgB,WAG5C,MAAM1B,QAAY2B,EAChBtD,EAAW,CAAEC,OAAMC,UAASC,cAAaC,cACzCwD,GAOF,IAJI1B,aAAK,EAALA,EAAOO,qBACHP,EAAMO,aAAaT,EAAQL,eAAAA,EAAK1D,SAGpCiE,aAAK,EAALA,EAAOe,kBAAmB,CAC5B,MAAMlF,QAAa4D,EAAI5D,OACjBgG,GC9FVC,GD8FkD,UAAXrC,EAAIvG,eAAO,IAAAmH,OAAA,EAAAA,EAAE0B,IAAI,gBAAiB,GC5FlE1I,OAAOC,YA/DhB,SAA4B0I,GAC1B,IAAKA,EAAe,MAAO,GAE3B,MAAMpB,EAAmB,GACzB,IAAIqB,EAAM,EAEV,SAASC,IACP,KAAOD,EAAMD,EAActG,QAAU,KAAKyG,KAAKH,EAAcI,OAAOH,KAClEA,GAAO,EAET,OAAOA,EAAMD,EAActG,MAC5B,CAED,SAAS2G,IACP,MAAMC,EAAKN,EAAcI,OAAOH,GAChC,MAAc,MAAPK,GAAqB,MAAPA,GAAqB,MAAPA,CACpC,CAED,KAAOL,EAAMD,EAActG,QAAQ,CACjC,MAAM3E,EAAQkL,EACd,IACIM,EACAC,EAFAC,GAAwB,EAI5B,KAAOP,KAEL,GAAW,MADAF,EAAcI,OAAOH,GAChB,CAOd,IALAM,EAAYN,EACZA,GAAO,EACPC,IACAM,EAAYP,EAELA,EAAMD,EAActG,QAAU2G,KACnCJ,GAAO,EAGT,GAAIA,EAAMD,EAActG,QAAwC,MAA9BsG,EAAcI,OAAOH,GAAc,CAEnEQ,GAAwB,EACxBR,EAAMO,EACN5B,EAAO8B,KAAKV,EAAcW,UAAU5L,EAAOwL,IAC3C,KACD,CAECN,EAAMM,EAAY,CAErB,MACCN,GAAO,IAINQ,GAAyBR,GAAOD,EAActG,SACjDkF,EAAO8B,KAAKV,EAAcW,UAAU5L,EAAOiL,EAActG,QAE5D,CAED,OAAOkF,CACT,CAMIgC,CAAmBd,GAChBnB,KAAKkC,IACJ,MAAMC,EAAYD,EAAUE,MAAM,KAAK,GACjCC,EAAQF,EAAUG,QAAQ,KAChC,OAAID,EAAQ,EAAU,KACf,CACLF,EAAUH,UAAU,EAAGK,GAAOE,OAC9BJ,EAAUH,UAAUK,EAAQ,GAAGE,OAChC,IAEFC,OAAOC,WDkFFC,EACDhK,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EAAAN,IACH5D,KAAM,IAAMZ,QAAQC,QAAQW,GAC5BgG,YAIF,OADAwB,EAAgBtH,MAAQ,IAAMsH,EACvBrD,EAAMe,kBAAkBsC,EAChC,CCxGC,IACJvB,EDyGE,OAAOrC,CAAG,EAGZ,MAAO,CACLsC,IAAK,CAAChE,GAAgB7E,UAAS+E,cAAamB,SAAU,CAAE,IACtDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,UAAM6H,EACNxH,OAAQ6D,EAAYkE,IACpB3C,UAEJkE,KAAM,CAACvF,EAAMpE,GAAQT,UAAS+E,cAAamB,SAAU,CAAE,IACrDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,OACAK,OAAQ6D,EAAYyF,KACpBlE,UAEJmE,MAAO,CAACxF,EAAMpE,GAAQT,UAAS+E,cAAamB,SAAU,CAAE,IACtDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,OACAK,OAAQ6D,EAAY0F,MACpBnE,UAEJoE,IAAK,CAACzF,EAAMpE,GAAQT,UAAS+E,cAAamB,SAAU,CAAE,IACpDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,OACAK,OAAQ6D,EAAY2F,IACpBpE,UAEJqE,OAAQ,CAAC1F,GAAQ7E,UAAS+E,cAAamB,SAAU,CAAE,IACjDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,UAAM6H,EACNxH,OAAQ6D,EAAY4F,OACpBrE,UAEJY,QACA0D,SAAU,CAAC3F,EAAME,IACRH,EAAW,CAAEI,YAAWF,UAASD,OAAME,gBAEjD,IEpOY0F,EAAA,CACbC,kBAAmB,KCIrB,SAASC,EACPzE,EACA0E,EACAC,SAEA,IAAIC,EAAcC,EAAS7E,GAC3B,GAAI0E,EAAQ,CACV,KAAKE,aAAA,EAAAA,EAAQE,WAAWF,aAAM,EAANA,EAASjL,MAAkC+K,EAEjE,OAAOE,aAAM,EAANA,EAASD,KAAU,GAE1BC,EAAwB,QAAf3D,EAAA2D,aAAM,EAANA,EAAQE,eAAO,IAAA7D,OAAA,EAAAA,EAAGyD,EAE9B,CACD,MAAMK,EAAQH,eAAAA,EAASD,GACvB,OAAOlF,MAAMC,QAAQqF,GAASA,EAAQ,EACxC,CAEA,SAASF,EAAS7E,GAChB,GAAqB,iBAAVA,IAAuBA,EAChC,MAAM,IAAI/C,MAAM,0BAClB,OAAO+H,EAAAA,UAAUhF,EACnB,CAOM,SAAUiF,EAAajF,GAC3B,MAAMkF,IAAEA,GAAQL,EAAS7E,GAEzB,OADoB,IAAIrC,MAAOwH,UAAY,IACtBD,CACvB,CAOM,SAAUE,EAAWpF,GACzB,IAAI4E,EAAcC,EAAS7E,GAC3B,MAAM+E,EAAQ9K,OAAOoB,KAAKuJ,aAAA,EAAAA,EAAQE,SAClC,OAAOrF,MAAMC,QAAQqF,GAASA,EAAQ,EACxC,CAOgB,SAAAM,EAAkBrF,EAAe0E,GAC/C,OAAOD,EAAyBzE,EAAO0E,EAAQ,cACjD,CAOgB,SAAAY,EAAYtF,EAAe0E,GACzC,OAAOD,EAAyBzE,EAAO0E,EAAQ,QACjD,CAGO,MAAMa,EAAW,IAAIpJ,IAC1BA,EAAKX,KAAK,KAAK7C,QAAQ,UAAW,KAM7BuD,eAAeyF,EAIpB6D,EACAC,SAEA,MAAMrJ,QAAaoJ,EAEbE,EAAsB,CAC1BC,KAAMvJ,EAAKpB,OACXoC,GAAIhB,EAAKgB,GACToI,SAAUpJ,GAGNwJ,QAAaxJ,EAAKO,QAAQF,OAgBhC,OAdKL,EAAKgB,GASRsI,EAAIE,KADKH,EACEA,EAAUG,GAEPA,GAVdF,EAAIjE,MAAQmE,EAERxJ,EAAKpB,SAAWuJ,EAAgBC,mBAClCvK,OAAO0G,OAAO+E,EAAIjE,MAAO,CACvBoE,WAAYC,OAAOC,SAAqB,UAAZ3J,EAAKtC,eAAO,IAAAmH,OAAA,EAAAA,EAAE0B,IAAI,iBAAmB,KAShE+C,CACT,CAEM,SAAUM,EAAiBhG,SAC/B,OAAsB,QAAfiB,EAAA4D,EAAS7E,UAAM,IAAAiB,OAAA,EAAAA,EAAGtH,KAAiC,EAC5D,CC/GO,MAAMsM,EACX,CAACC,EAAsBC,IACvB,CAACtM,EAAMsM,IACNC,IACEF,EAAKE,IAAOvM,EAAIlB,QAAQ,QAASyN,GAEzBC,EACX,CAACC,EAAyBH,IAC1B,CAACtM,EAAMsM,IACNC,IACC,MAAMG,EAASD,EAAWvC,QAAQyC,GAAcA,EAAUJ,KAE1D,QAAIG,EAAOjK,OAASgK,EAAWhK,UAExBzC,EAAMA,EAAIlB,QAAQ,QAASyN,GAAOG,EAAO/K,KAAK,QAAO,EAGnDiL,EAAmB,IAAIH,KAA6B,CAC/DI,SAAWN,IACTE,EAAWrH,SAASuH,IAClB,MAAMG,EAASH,EAAUJ,GACzB,GAAIO,EAAQ,MAAM,IAAI1J,MAAM0J,EAAO,KAG9B,KCvBLC,EAAcC,GAAmBT,GAAaS,EAAM9D,KAAKqD,GAUzDU,EAAgBF,EACpB,wEAmCIG,EAAgBH,EAAW,2BAG3BI,EAAoB,CAACrI,EAAcsI,IAAwBb,GAC/DK,KAAoBQ,GAAOP,SAlCjB,EAACQ,EAAaC,EAAkBC,KAE1C,MAKMC,GALO5H,MAAMC,QAAQyH,GAAYA,EAAS3L,KAAK,KAAO8L,OAAOH,IAKhDxO,QAFL,kCAEoB,CAAC4O,EAAGC,EAAGC,IAAM,IAAMA,IAAG9D,MAAM,KAExDrH,EAAS+K,EAAM/K,OACrB,IAAIkL,EAAI,EAGJ3H,EAAQqH,IAAWjN,OAAOiN,GAAUA,OAAS9E,EAEjD,KAAgB,MAATvC,GAAiB2H,EAAIlL,GAC1BuD,EAAQA,EAAMwH,EAAMG,MAWtB,OAAOA,GAAKA,IAAMlL,QAAoB8F,IAAVvC,EAAsBA,EAAQuH,CAAY,EAOlCzE,CAAIyD,EAAKzH,IAElC+I,EAAUzB,EACrBa,EACA,gCAEWa,EAAU1B,EACrBc,EACA,uCAEWa,EAAa3B,GAbC4B,EAcP,EAdwBzB,GAAaA,EAAI9J,QAAUuL,GAerE,uBAfwB,IAACA,EAiBpB,MAAMC,EAAW7B,GA9DAG,GAA4B,iBAARA,GAgE1C,yBAGW1G,EAAUuG,GAjEAG,GAAa3G,MAAMC,QAAQ0G,IAiEI,yBAEzC2B,EAAY9B,GAjEAG,GAA4B,kBAARA,GAmE3C,0BAGW4B,EAAc/B,GApEAG,QAAqBhE,IAARgE,GAsEtC,oBAGW6B,EAAsB5B,EACjC,CAACyB,IAAYE,KACb,sCAGWE,EAAgB7B,EAC3B,CAAC3G,IAAWqI,KACZ,oCC3EWI,EACX,IAAIC,IACsBlH,GAC1B,IAAI/E,KACFiM,EAAUnJ,SAAQ,CAACoJ,EAAUb,IAC3Bf,KAAoB4B,GAAU3B,SAASvK,EAAKqL,MAGvCtG,KAAM/E,IAGJmM,EAAUC,GAAsB,CAC3CT,EAAS,IAAIS,wBAGFC,EAAgCD,GAAsB,CACjEN,EAAoB,IAAIM,mCAGbE,GAAkBF,GAAsB,CACnDT,EAAS,IAAIS,uBACbX,EAAW,IAAIW,yBAEJG,GAAeH,GAAsB,CAChDT,EAAS,IAAIS,uBACbb,KAEWiB,GAAeJ,GAAsB,CAChDT,EAAS,IAAIS,uBACbZ,KCnCIiB,GAA0BT,EAAgBM,GAAe,cAEzDI,GAAkBC,IAA4B,CAClDhS,SAAU8R,IACR,CACE/R,EACAkS,IAEApH,EACEmH,EAAW5E,KACTtN,EAASC,UAAUC,SACnB,CAAEiS,gBACF,CAAE/I,MAAOnJ,SCnBNmS,GAAgC,EAC3CC,oBAAoBxP,IACpByP,YAAYxP,KACV,MAAQ,CACVuP,kBAAmB3K,KAAK6K,IACtBF,GAAqBxP,EACrBA,GAEFyP,UAAW5K,KAAKuJ,IACdqB,GAAaxP,EACbA,KCsNJ,IAAY0P,GAOAC,IAPZ,SAAYD,GACVA,EAAA,IAAA,MACAA,EAAA,MAAA,QACAA,EAAA,SAAA,WACAA,EAAA,GAAA,IACD,CALD,CAAYA,KAAAA,GAKX,CAAA,IAED,SAAYC,GACVA,EAAA,MAAA,OACD,CAFD,CAAYA,KAAAA,GAEX,CAAA,IAKM,MAAMC,GAAkBrP,+BAC1BmP,IACAC,IASL,IAAYE,IAAZ,SAAYA,GACVA,EAAA,QAAA,UACAA,EAAA,QAAA,UACAA,EAAA,UAAA,YACAA,EAAA,OAAA,QACD,CALD,CAAYA,KAAAA,GAKX,CAAA,IC1PM,MAAMC,GAAqBf,GAAe,WACpCgB,GAAwBtB,EAAgBM,GAAe,UACvDiB,GAAsBvB,EAAgBqB,IACtCG,GAAgCxB,EAC3CM,GAAe,eAMJmB,GAA6BzB,EACxCqB,GACAd,GAAY,UCORmB,GAAqBf,IAA4B,CACrD9R,OAAQyS,IACLzJ,GACC2B,EACEmH,EAAW5E,KAAKtN,EAASY,cAAcR,OAAQ,CAAEgJ,aAIvD/I,OAAQyS,IACN,CACEI,EACAC,EACA9I,EAG4C,CAAE,EAC9CjB,KAJA,IAAAgK,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAMA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASY,cAAcP,OAAQqS,GAAgBlS,OACxD,CACE0S,UACAC,MACAhB,eACAiB,cAEF,CAAEhK,UAEL,IAGL1I,WAAYoS,IACV,CACEI,EACAC,EACA9I,EAG6C,CAAA,KAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASY,cAAcF,WAAYgS,GAAgBlS,OAC5D,CACE0S,UACAC,MACAhB,aAAcmB,EACdF,eAGL,IAGL9S,OAAQwS,IACN,CACEI,EACAC,EACAI,EACAlJ,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASY,cAAcN,OAAQoS,GAAgBlS,OACxD,CACE0S,UACAC,MACAI,OACApB,aAAcmB,EACdF,eAGL,IAGLI,eAAgBT,IACd,CACEU,EACA3J,IAEA,IAAI7E,SAASC,IACX,MAAMmN,kBAAEA,EAAiBC,UAAEA,GACzBF,GAA8BtI,GAChC,IAAI4J,EACJ,MAAMC,EAAWC,aAAYtO,UAC3B,MAAME,QAAa0M,EAAW5E,KAAKtN,EAASY,cAAcC,QAAS,CACjE4S,eAEEjO,EAAKgB,KACPqN,cAAcF,GACVD,GAASI,aAAaJ,GAC1BxO,EAAQ6F,EAAkB9F,QAAQC,QAAQM,KAC3C,GACA6M,GAEHqB,EAAUvO,YAAW,KACnBD,EAAQ,CACN2F,MAAO,CACLkJ,iBAAkB,qCAAqCzB,MACvD0B,UAAW,KAEbxN,IAAI,IAENqN,cAAcF,EAAS,GACtBrB,EAAU,MAInB/R,OAAQ,CACNC,MAAOwS,IACL,CACEE,EACA1S,EACA2S,EACA/J,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTtN,EAASY,cAAcL,OAAOC,MAAK6C,OAAA0G,OAAA,CACjCmJ,UAAS1S,QAAO2S,OAAQc,GAC1B,CAAE7K,gBC/IR8K,GAAuB3C,EAAgBM,GAAe,WACtDsC,GAAsB5C,EAC1BM,GAAe,eACfA,GAAe,UACfA,GAAe,kBAGXuC,GAAYlC,IAA4B,CAC5CnR,MAAOmT,IACL,CACEG,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,GAAiB,IAEjB7J,EACEmH,EAAW5E,KAAKtN,EAASyC,KAAK1B,MAAO,CACnCsT,SACAC,UACAC,yBACAC,gBACAC,oBACAC,eACAC,QACAC,sBAIRlS,KAAMyR,IACJ,CACEU,EACAC,EACAN,EACAO,EACAN,EACAE,EACAC,GAAiB,IAEV7J,EACLmH,EAAW5E,KAAKtN,EAASyC,KAAKC,KAAM,CAClCmS,cACAC,SACAN,gBACAO,UACAN,oBACAE,QACAC,wBClDGhC,GAAqBf,GAAe,WACpCgB,GAAwBtB,EAAgBM,GAAe,UACvDiB,GAAsBvB,EAAgBqB,IAItCoC,GAA6BzD,EACxCqB,GACAb,GAAY,UAEDiB,GAA6BzB,EACxCqB,GACAd,GAAY,UCGRmD,GAAkB5R,OAAOoB,KAAKiO,IAAiBvF,QAClD+H,GAAMA,IAAM1C,GAAc2C,OAASD,IAAM1C,GAAc4C,KAGpDC,GAAiBnD,IAA4B,CACjD9R,OAAQyS,IACLzJ,GACC2B,EAAkBmH,EAAW5E,KAAKtN,EAASW,UAAUP,OAAQ,CAAEgJ,aAGnE/I,OAAQ4U,GAAgBvM,QACtB,CAACC,EAAK2M,mCACD3M,GAAG,CACN2M,CAACA,GAAWxC,IACV,CACEI,EACAC,EACA9I,EAG4C,CAAE,EAC9CjB,KAJA,IAAAgK,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAMA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASW,UAAUN,OAAQiV,GACpC,CAAEpC,UAASC,MAAKhB,eAAciB,cAC9B,CAAEhK,UAEL,OAGP,IAGF9I,OAAQ2U,GAAgBvM,QACtB,CAACC,EAAK2M,mCACD3M,GAAG,CACN2M,CAACA,GAAWxC,IACV,CACEI,EACAC,EACAI,EACAlJ,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASW,UAAUL,OAAQgV,GAAW,CAC7DpC,UACAC,MACAI,OACApB,aAAcmB,EACdF,eAEH,OAGP,IAGF1S,WAAYuU,GAAgBvM,QAC1B,CAACC,EAAK2M,IACDjS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EAAApB,GACH,CAAA2M,CAACA,GAAWxC,IACV,CACEI,EACAC,EACA9I,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASW,UAAUD,WAAY4U,GAAW,CACjEpC,UACAC,MACAhB,aAAcmB,EACdF,eAEH,OAGP,IAGF7S,OAAQ,CACNC,MAAOwS,IACL,CACEE,EACA1S,EACA2S,EACA/J,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTtN,EAASW,UAAUJ,OAAOC,MAAK6C,OAAA0G,OAAA,CAC7BmJ,UAAS1S,QAAO2S,OAAQc,GAC1B,CAAE7K,aAIV3I,MAAO4C,OAAOoB,KAAK+N,IAChBrF,QAAQ+H,GAAMA,IAAM1C,GAAc2C,QAClCzM,QACC,CAACC,EAAK2M,IACDjS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EAAApB,GACH,CAAA2M,CAACA,GAAWN,IACV,CACE9B,EACAzS,EACA0S,EACA/J,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASW,UAAUJ,OAAOE,MAAO6U,GACxCjS,OAAA0G,OAAA,CAAAmJ,UAASzS,QAAO0S,OAAQc,GAC1B,CAAE7K,gBAKZ,OClJR,IAAKmM,IAAL,SAAKA,GACHA,EAAA,SAAA,WACAA,EAAA,OAAA,SACAA,EAAA,OAAA,SACAA,EAAA,UAAA,YACAA,EAAA,OAAA,SACAA,EAAA,MAAA,QACAA,EAAA,QAAA,UACAA,EAAA,SAAA,WACAA,EAAA,MAAA,OACD,CAVD,CAAKA,KAAAA,GAUJ,CAAA,ICCD,MAAMvD,GAA0BT,EAAgBM,GAAe,SACzD2D,GAAatD,IAA4B,CAC7CnR,MAAOsC,OAAO0G,QACZ,CACE0L,EACAC,EACAvD,EACA/I,EACAuM,IAEO5K,EACLmH,EAAW5E,KAAKtN,EAASc,MAAMC,MAAOoR,GAAgB,GAAI,CACxDlK,YAAW5E,OAAA0G,OAAA1G,OAAA0G,OAAA,CACT0L,YACIC,GAAe,CAAEE,YAAaF,IAC9BC,GAAa,CAAEA,cAErBvM,YAIN/F,OAAOoB,KAAK8Q,IAAgB7M,QAC1B,CAACC,EAAK8M,IAAapS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EACdpB,GACH,CAAA8M,CAACA,GAAW,CACVC,EACAvD,EACA/I,EACAuM,IAEA5K,EACEmH,EAAW5E,KAAKtN,EAASc,MAAMC,MAAOoR,GAAgB,CAAA,EAAI,CACxDlK,YAAW5E,OAAA0G,OAAA1G,OAAA0G,OAAA,CACT0L,YACIC,GAAe,CAAEE,YAAaF,IAC9BC,GAAa,CAAEA,cAErBvM,cAIR,CAAA,IAGJlJ,SAAU8R,IACPjD,GACChE,EAAkBmH,EAAW5E,KAAKtN,EAASc,MAAMZ,SAAU,CAAE6O,YAEjE/N,YAAa,CACXyU,EACAtD,EACA0D,IAEA9K,EACEmH,EAAW5E,KAAKtN,EAASc,MAAME,YAAa,CAC1CyU,WACAtD,eACA0D,cAGN5U,aAAc,CACZwU,EACAK,EACAvC,EACAxE,EACAgH,IAEAhL,EACEmH,EAAW5E,KAAKtN,EAASc,MAAMG,aAAc,CAC3CwU,WACAK,UACAvC,OACAxE,OACAgH,aAGN5U,kBAAoBsU,GAClB1K,EACEmH,EAAWnG,IACT/L,EAASc,MAAMI,OAAOC,kBAAkBY,QAAQ,aAAc0T,KAGpEpU,oBAAqB,CACnBoU,EACAM,EACAC,EACA7D,IAEApH,EACEmH,EAAW5E,KAAKtN,EAASc,MAAMI,OAAOG,oBAAqB,CACzDoU,WACAM,UACAC,QACA7D,kBAGN/Q,sBAAuB,CACrBqU,EACAM,EACAC,EACA7D,IAEApH,EACEmH,EAAW5E,KAAKtN,EAASc,MAAMI,OAAOE,sBAAuB,CAC3DqU,WACAM,UACAC,QACA7D,oBClHF8D,GAAkBpE,GAAe,SAC1BqE,GAAyB3E,EAAgB0E,ICAhDE,GAAgBjE,IAA4B,CAChD3Q,QAAS2U,IACP,CACEE,EACA9B,EACAlL,KAEA,MAAMiN,EAAW/B,aAAA,EAAAA,EAAS+B,SACpBC,EAAchC,aAAA,EAAAA,EAASgC,YAG7B,OAFOhC,gBAAAA,EAAS+B,SACT/B,gBAAAA,EAASgC,YACTvL,EACLmH,EAAW5E,KACTtN,EAASsB,SAASC,QAClB,CACE6U,QACAC,WACAC,cACAhC,WAEF,CACElL,UAGL,MCTDwJ,GAAqBf,GAAe,WACpCgB,GAAwBtB,EAC5BqB,GACAf,GAAe,SAEXiB,GAAsBvB,EAAgBqB,IACtCoC,GAA6BzD,EACjCqB,GACAb,GAAY,UAERiB,GAA6BzB,EACjCqB,GACAd,GAAY,UAGRyE,GAAWrE,IAA4B,CAC3C9R,OAAQiD,OAAOoB,KAAKiO,IAAiBhK,QACnC,CAACC,EAAK2M,mCACD3M,GAAG,CACN2M,CAACA,GAAWzC,IACV,CAACK,EAAiBnE,IAChBhE,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASG,IAAIC,OAAQkV,GAAW,CACvDvG,OACAmE,kBAKV,IAGF7S,OAAQgD,OAAOoB,KAAKiO,IAAiBhK,QACnC,CAACC,EAAK2M,IACDjS,OAAA0G,OAAA1G,OAAA0G,OAAA,GAAApB,GACH,CAAA2M,CAACA,GAAWxC,IACV,CACEI,EACA7I,EAG4C,CAAE,EAC9CjB,KAJA,IAAAgK,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAMA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASG,IAAIE,OAAQiV,GAC9B,CAAEpC,UAASf,eAAciB,cACzB,CAAEhK,UAEL,OAGP,IAGF9I,OAAQ+C,OAAOoB,KAAKiO,IAAiBhK,QACnC,CAACC,EAAK2M,IACDjS,OAAA0G,OAAA1G,OAAA0G,OAAA,GAAApB,GACH,CAAA2M,CAACA,GAAWxC,IACV,CACEI,EACAK,EACAlJ,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASG,IAAIG,OAAQgV,GAAW,CACvDpC,UACAK,OACApB,aAAcmB,EACdF,eAEH,OAGP,IAGF1S,WAAY2C,OAAOoB,KAAKiO,IAAiBhK,QACvC,CAACC,EAAK2M,IAAajS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EACdpB,GAAG,CACN2M,CAACA,GAAWxC,IACV,CACEI,EACA7I,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASG,IAAIO,WAAY4U,GAAW,CAC3DpC,UACAf,aAAcmB,EACdF,eAEH,OAGP,IAGF7S,OAAQ,CACNC,MAAOwS,IACL,CACEE,EACA1S,EACA4I,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTtN,EAASG,IAAII,OAAOC,qBAClB0S,UAAS1S,SAAUyT,GACrB,CAAE7K,aAIV3I,MAAO4C,OAAOoB,KAAK+N,IAAe9J,QAChC,CAACC,EAAK2M,IAAajS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EACdpB,GAAG,CACN2M,CAACA,GAAWN,IACV,CACE9B,EACAzS,EACA2I,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASG,IAAII,OAAOE,MAAO6U,GAASjS,OAAA0G,OAAA,CAC3CmJ,UAASzS,SAAUwT,GACrB,CAAE7K,gBAKZ,OC3JA8K,GAAuB3C,EAAgBM,GAAe,WACtDG,GAA0BT,EAAgBM,GAAe,SAEzD2E,GAAYtE,IAA4B,CAC5CnR,MAAOmT,IACL,CACEuC,EACAf,EACAvD,EACA/I,EACAsN,EACAC,EACAhB,EACAiB,IAEA7L,EACEmH,EAAW5E,KAAKtN,EAASwB,KAAKT,MAAOoR,GAAgB,CAAA,EACnD9O,OAAA0G,OAAA,CAAA9B,mFACE6F,OAAQ2I,GACJf,GAAe,CAAEE,YAAaF,IAC9BgB,GAAS,CAAEA,UACXC,GAAc,CAAEA,WAAY,SAC5BhB,GAAa,CAAEA,cACfiB,GAAyB,CAAEC,eAAgBJ,KAE7CrN,GAAS,CAAEA,cAIvBlJ,SAAU8R,IACPjD,GACChE,EAAkBmH,EAAW5E,KAAKtN,EAASwB,KAAKtB,SAAU,CAAE6O,cCzB5D6D,GAAqBf,GAAe,WACpCgB,GAAwBtB,EAC5BqB,GACAf,GAAe,SAEXiF,GAAwBvF,EAAgBqB,IACxCmE,GAAwBxF,EAAgBqB,IAExCoE,GAAY9E,IAA4B,CAC5C5R,OAAQwW,IACN,CAAC5D,EAAiBK,IAChBxI,EACEmH,EAAW5E,KAAKtN,EAASyB,KAAKnB,OAAQ,CAAE4S,UAASK,YAIvDnT,OAAQyS,IACN,CACEK,EACAnE,EACAoD,EACA/I,IAEA2B,EACEmH,EAAW5E,KACTtN,EAASyB,KAAKrB,OACd,CAAE8S,UAASnE,OAAMoD,gBACjB,CAAE/I,aAKV7I,OAAQwW,IACN,CAAC7D,EAAiB9J,IAChB2B,EACEmH,EAAW5E,KAAKtN,EAASyB,KAAKlB,OAAQ,CAAE2S,WAAW,CAAE9J,eC7CvD6N,GAAoBpF,GAAe,WACnCqF,GAAwBrF,GAAe,eAChCiB,GAAsBvB,EACjC0F,GACApF,GAAe,aAEJsF,GAA2B5F,EAAgB0F,IAC3CG,GAAuB7F,EAClC0F,GACAC,IAEWG,GAAwB9F,EACnC0F,GACApF,GAAe,eACfqF,ICIII,GAAgBpF,IAA4B,CAChD5R,OAAQwS,IACN,CACEI,EACArR,EACA0R,EACAlJ,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKtN,EAAS6B,SAASvB,OAAQ,CACxC4S,UACArR,WACA0R,OACApB,aAAcmB,EACdF,eAEH,IAGL/S,OAAQyS,IACN,CACEI,EACArR,EACAwI,EAG4C,CAAA,KAH5C,IAAA+I,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKtN,EAAS6B,SAASxB,OAAQ,CACxC6S,UACArR,WACAsQ,eACAiB,eAEH,IAGLtR,UAAWqV,IACT,CACEjE,EACAwC,EACA6B,IAEAxM,EACEmH,EAAW5E,KAAKtN,EAAS6B,SAASC,UAAW,CAC3CoR,UACAwC,cACA6B,uBAKRhX,OAAQ6W,IACN,CACElE,EACAsE,EACApO,IAEA2B,EACEmH,EAAW5E,KACTtN,EAAS6B,SAAStB,OAClB,CACE2S,UACAsE,eAEF,CAAEpO,aAKVrH,QAASsV,IACP,CACEnE,EACAuE,EACAD,IAEAzM,EACEmH,EAAW5E,KAAKtN,EAAS6B,SAASE,QAAS,CACzCmR,UACAuE,cACAD,mBAKRxV,OAAQ,IACN+I,EAAkBmH,EAAWnG,IAAI/L,EAAS6B,SAASG,WC5FjD0V,GAA2BhG,EAAO,WAClCiG,GAA6B9F,GAAe,WAC5C+F,GAAoB/F,GAAe,UAEnCgG,GAA6BtG,EACjCoG,GACAC,GACA/F,GAAe,SAEXiG,GAAiCvG,EACrCoG,GACAC,IAEIG,GAA6BxG,EACjCmG,GACAE,IAEII,GAA6BzG,EACjCoG,GACAC,GACAhG,EAA6B,UAEzBqG,GAAwB1G,EAC5BM,GAAe,iBACfA,GAAe,aAGXqG,GAAgBhG,IAA4B,CAChD5R,OAAQ,CACNS,MAAO8W,IACL,CACE3E,EACAiF,EACAC,EACAC,IAEAtN,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAASrB,OAAOS,MAAO,CAC9CwS,KAAM,CACJL,UACAkF,QAEFD,SACAE,sBAKRzW,OAAQqW,IACN,CACEK,EACA1J,IAEA7D,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAASrB,OAAOsB,OAAQ,CAC/C0W,gBACA1J,iBAMVvO,OAAQ,CACNU,MAAOgX,IACL,CACE7E,EACAiF,EACAhG,EACA/I,EACAiP,IAEAtN,EACEmH,EAAW5E,KACTtN,EAAS2B,SAAStB,OAAOU,MACzB,CAAEmS,UAASiF,SAAQhG,eAAckG,kBACjC,CAAEjP,aAKVxH,OAAQqW,IACN,CACEK,EACA1J,IAEA7D,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAAStB,OAAOuB,OAAQ,CAC/C0W,gBACA1J,iBAMVlO,WAAY,CACVK,MAAO+W,IACL,CACE5E,EACAiF,EACAE,IAEAtN,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAASjB,WAAWK,MAAO,CAClDmS,UACAiF,SACAE,uBAMV9X,OAAQ,CACNQ,MAAOiX,IACL,CACE9E,EACAiF,EACA/O,EACAiP,IAEAtN,EACEmH,EAAW5E,KACTtN,EAAS2B,SAASpB,OAAOQ,MACzB,CAAEmS,UAASiF,SAAQE,kBACnB,CAAEjP,aAKVxH,OAAQqW,IACN,CACEK,EACA1J,IAEA7D,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAASpB,OAAOqB,OAAQ,CAC/C0W,gBACA1J,mBC3INgE,GAAqBlB,EAAO,WAE5BoB,GAAsBvB,EAAgBqB,IAEtCG,GAAgCxB,EACpCM,GAAe,eAGX0G,GAAYrG,IAA4B,CAC5CxR,WAAYoS,IACV,CACEI,EACA7I,EAG6C,CAAA,KAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKtN,EAAS0B,KAAKhB,WAAY,CACxCwS,UACAf,aAAcmB,EACdF,eAEH,IAEL9S,OAAQwS,IACN,CACEI,EACAK,EACAlJ,EAG6C,CAAA,KAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKtN,EAAS0B,KAAKpB,OAAQ,CACpC4S,UACAK,OACAH,aACAjB,aAAcmB,IAEjB,IAELjT,OAAQyS,IACN,CACEI,EACA7I,EAG4C,CAAA,EAC5CjB,KAJA,IAAAgK,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAMA,OAAAU,EACEmH,EAAW5E,KACTtN,EAAS0B,KAAKrB,OACd,CAAE6S,UAASf,eAAciB,cACzB,CAAEhK,UAEL,IAELoK,eAAgBT,IACd,CACEU,EACA3J,IAEA,IAAI7E,SAASC,IACX,MAAMmN,kBAAEA,EAAiBC,UAAEA,GACzBF,GAA8BtI,GAChC,IAAI4J,EACJ,MAAMC,EAAWC,aAAYtO,UAC3B,MAAME,QAAa0M,EAAW5E,KAAKtN,EAAS0B,KAAKb,QAAS,CACxD4S,eAEEjO,EAAKgB,KACPqN,cAAcF,GACVD,GAASI,aAAaJ,GAC1BxO,EAAQ6F,EAAkB9F,QAAQC,QAAQM,KAC3C,GACA6M,GAEHqB,EAAUvO,YAAW,KACnBD,EAAQ,CACN2F,MAAO,CACLkJ,iBAAkB,qCAAqCzB,MACvD0B,UAAW,KAEbxN,IAAI,IAENqN,cAAcF,EAAS,GACtBrB,EAAU,QCjEfkG,GAAqBjH,EAAgBM,GAAe,UACpD4G,GAA+BlH,EACnCK,EAA6B,UrBsDH,IAAC7J,GAAcsI,GsBvE3CqI,GALiCnH,EAAgB,EtB4EpBxJ,GsB3Ed,YtB2E4BsI,GsB3EfwB,GAAe,atB4EzCxC,EAAgBe,EAAkBrI,GAAMsI,IAAxChB,KsBxEasJ,EAA0B7O,IACvC,MAAM5B,UACJA,EAASjC,OACTA,EAAM+B,QACNA,EAAOmD,aACPA,EAAYQ,YACZA,EAAc,CAAA,EAAEnC,kBAChBA,EAAiBnE,MACjBA,GACEyE,EAEJ,ODUcoI,ECTZrI,EAAiB,CACf7B,UACAE,YACAjC,SACA+D,MAAO,CACL,iBAAIC,SACF,OAAmB,UAAZH,EAAOE,aAAK,IAAAK,OAAA,EAAAA,EAAEJ,aACtB,EACD,gBAAIM,SACF,OAAmB,UAAZT,EAAOE,aAAK,IAAAK,OAAA,EAAAA,EAAEE,YACtB,EACD,qBAAIQ,SACF,OAAmB,UAAZjB,EAAOE,aAAK,IAAAK,OAAA,EAAAA,EAAEU,iBACtB,GAEHI,eACAD,WAAY,CAAES,eACdnC,oBACAnE,UDTsC,CAC1CpF,UAAWgS,GAAeC,GAC1B/R,IAAKoW,GAAQrE,GACbvR,UAAW0U,GAAcnD,GACzBtR,cAAeqS,GAAkBf,GACjCpR,MAAO0U,GAAUtD,GACjB5Q,SAAU6U,GAAajE,GACvB1Q,KAAMgV,GAAStE,GACfzQ,KAAMuV,GAAS9E,GACfxQ,KAAM6W,GAASrG,GACfvQ,SAAUuW,GAAahG,GACvBrQ,SAAUyV,GAAapF,GACvBzP,KAAM2R,GAASlC,GAWfjQ,QAASwW,IACP,CACErP,EACAnB,EACA2Q,EACA1W,KAEA,MAAMyB,EAAO,CAAA,EACTiV,IACFjV,EAAoB,cAAIiV,GAE1B,MAAM7Q,EAAO7F,EAAalC,EAASkC,WAAalC,EAASiC,QACzD,OAAO8I,EACLmH,EAAW5E,KAAKvF,EAAMpE,EAAM,CAAEyF,QAAOnB,gBACtC,IASL9F,aAAcoP,EACZ,CAACL,EAAS,aACV,CAACG,EAAoB,wCAFTE,EAGZ,CAAC8E,EAAkBjN,IACnB2B,EACEmH,EAAW5E,KAAKtN,EAASmC,aAAc,CAAE2L,OAAQuI,GAAY,CAAEjN,aAOnEhH,OAAQqW,IAA8BrP,GACpC2B,EAAyBmH,EAAW5E,KAAKtN,EAASoC,OAAQ,CAAE,EAAE,CAAEgH,aAMlE/G,UAAWoW,IAA8BrP,GACvC2B,EACEmH,EAAW5E,KAAKtN,EAASqC,UAAW,CAAE,EAAE,CAAE+G,aAQ9C9G,GAAImW,IAA8BrP,GAChC2B,EAAgCmH,EAAWnG,IAAI/L,EAASsC,GAAI,CAAE8G,aAQhE7G,UAAWgP,EACT,CAACD,EAAc,+CACf,CAACD,EAAoB,wCAFZE,EAGT,CAACrD,EAA0B9E,KAC3B,MAAMzF,EAAO,CAAA,EAMb,MALuB,kBAAZuK,EACTvK,EAAU,IAAIuK,EAEdvK,EAAU,IAAIuK,EAETnD,EACLmH,EAAW5E,KAAKtN,EAASuC,UAAWoB,EAAM,CAAEyF,UAC7C,IAOH5G,QAASiW,IAA8BrP,GACrC2B,EACEmH,EAAWnG,IAAI/L,EAASwC,QAAS,CAAE4G,aAQvCiF,aAAcmK,GAAmBnK,GAMjCG,WAAYgK,GAAmBhK,GAO/BC,kBAAmB+J,GAAmB/J,GAOtCC,YAAa8J,GAAmB9J,GAMhCU,iBAAkBoJ,GAAmBpJ,GAMrC8C,cAjJa,IAACA,CCWb,IC7BY5J,GAAAjF,OAAO0G,OAAO2O,GAAW,CAAEhG,mLCazB,CAKfmG,EACAC,EACAC,KAEAD,EAAMzQ,SAASN,IACb,MAAMiR,EAAWjR,EAAKgF,MAAM,KAC5B,IAAIkM,EAAUD,EAASE,QACnBC,EAAkCN,EAEtC,KAAOG,EAAStT,OAAS,GAAG,CAG1B,GAFAyT,EAAaA,EAAWF,IAEnBA,IAAYE,EACf,MAAM9S,MACJ,iBAAiB0B,QAAWkR,iCAIhCA,EAAUD,EAASE,OACpB,CAED,GAAmC,mBAAxBC,EAAWF,GACpB,MAAM5S,MAAM,IAAI0B,wBAElB,MAAMqR,EAASD,EAAWF,GAC1BE,EAAWF,GAAWF,EAAQK,EAAO,IAGhCP"}
1	+ {"version":3,"file":"index.cjs.js","sources":["../../src/constants/apiPaths.ts","../../src/constants/index.ts","../../src/httpClient/helpers/createFetchLogger.ts","../../src/httpClient/helpers/getClientSessionId.ts","../../src/httpClient/types.ts","../../src/httpClient/urlBuilder.ts","../../src/httpClient/utils.ts","../../src/httpClient/index.ts","../../src/httpClient/helpers/index.ts","../../src/constants/httpStatusCodes.ts","../../src/sdk/helpers/index.ts","../../src/sdk/validations/core.ts","../../src/sdk/validations/validators.ts","../../src/sdk/validations/index.ts","../../src/sdk/accesskey.ts","../../src/utils/utils.ts","../../src/sdk/types.ts","../../src/sdk/enchantedLink/validations.ts","../../src/sdk/enchantedLink/index.ts","../../src/sdk/flow/index.ts","../../src/sdk/magicLink/validations.ts","../../src/sdk/magicLink/index.ts","../../src/sdk/oauth/types.ts","../../src/sdk/oauth/index.ts","../../src/sdk/outbound/validations.ts","../../src/sdk/outbound/index.ts","../../src/sdk/otp/index.ts","../../src/sdk/saml.ts","../../src/sdk/totp.ts","../../src/sdk/password/validations.ts","../../src/sdk/password/index.ts","../../src/sdk/webauthn.ts","../../src/sdk/notp/index.ts","../../src/sdk/index.ts","../../src/createSdk.ts","../../src/index.ts","../../src/utils/wrapWith/index.ts"],"sourcesContent":["/** API paths for the Descope service APIs /\nexport default {\n accessKey: {\n exchange: '/v1/auth/accesskey/exchange',\n },\n otp: {\n verify: '/v1/auth/otp/verify',\n signIn: '/v1/auth/otp/signin',\n signUp: '/v1/auth/otp/signup',\n update: {\n email: '/v1/auth/otp/update/email',\n phone: '/v1/auth/otp/update/phone',\n },\n signUpOrIn: '/v1/auth/otp/signup-in',\n },\n magicLink: {\n verify: '/v1/auth/magiclink/verify',\n signIn: '/v1/auth/magiclink/signin',\n signUp: '/v1/auth/magiclink/signup',\n update: {\n email: '/v1/auth/magiclink/update/email',\n phone: '/v1/auth/magiclink/update/phone',\n },\n signUpOrIn: '/v1/auth/magiclink/signup-in',\n },\n enchantedLink: {\n verify: '/v1/auth/enchantedlink/verify',\n signIn: '/v1/auth/enchantedlink/signin',\n signUp: '/v1/auth/enchantedlink/signup',\n session: '/v1/auth/enchantedlink/pending-session',\n update: {\n email: '/v1/auth/enchantedlink/update/email',\n },\n signUpOrIn: '/v1/auth/enchantedlink/signup-in',\n },\n oauth: {\n start: '/v1/auth/oauth/authorize',\n exchange: '/v1/auth/oauth/exchange',\n startNative: 'v1/auth/oauth/native/start',\n finishNative: 'v1/auth/oauth/native/finish',\n oneTap: {\n getOneTapClientId: '/v1/auth/onetap/clientid/{provider}',\n exchangeOneTapIDToken: '/v1/auth/onetap/idtoken/exchange',\n verifyOneTapIDToken: '/v1/auth/onetap/idtoken/verify',\n },\n },\n outbound: {\n connect: '/v1/outbound/oauth/connect',\n },\n saml: {\n start: '/v1/auth/saml/authorize',\n exchange: '/v1/auth/saml/exchange',\n },\n totp: {\n verify: '/v1/auth/totp/verify',\n signUp: '/v1/auth/totp/signup',\n update: '/v1/auth/totp/update',\n },\n notp: {\n signIn: '/v1/auth/notp/whatsapp/signin',\n signUp: '/v1/auth/notp/whatsapp/signup',\n signUpOrIn: '/v1/auth/notp/whatsapp/signup-in',\n session: '/v1/auth/notp/pending-session',\n },\n webauthn: {\n signUp: {\n start: '/v1/auth/webauthn/signup/start',\n finish: '/v1/auth/webauthn/signup/finish',\n },\n signIn: {\n start: '/v1/auth/webauthn/signin/start',\n finish: '/v1/auth/webauthn/signin/finish',\n },\n signUpOrIn: {\n start: '/v1/auth/webauthn/signup-in/start',\n },\n update: {\n start: 'v1/auth/webauthn/update/start',\n finish: '/v1/auth/webauthn/update/finish',\n },\n },\n password: {\n signUp: '/v1/auth/password/signup',\n signIn: '/v1/auth/password/signin',\n sendReset: '/v1/auth/password/reset',\n update: '/v1/auth/password/update',\n replace: '/v1/auth/password/replace',\n policy: '/v1/auth/password/policy',\n },\n // NOTE: When adding routes that validate session state (like refresh, me, etc.),\n // consider adding them to SESSION_VALIDATION_ROUTES in web-js-sdk/src/enhancers/helpers/index.ts\n // These routes trigger logout/clear tokens on failure, unlike OTP routes that may fail for invalid input\n refresh: '/v1/auth/refresh',\n tryRefresh: '/v1/auth/try-refresh',\n selectTenant: '/v1/auth/tenant/select',\n logout: '/v1/auth/logout',\n logoutAll: '/v1/auth/logoutall',\n me: '/v1/auth/me',\n myTenants: '/v1/auth/me/tenants',\n history: '/v1/auth/me/history',\n flow: {\n start: '/v1/flow/start',\n next: '/v1/flow/next',\n },\n};\n","/* Default Descope API URL /\nexport const BASE_URL_REGION_PLACEHOLDER = '<region>';\nexport const DEFAULT_BASE_API_URL = `https://api.${BASE_URL_REGION_PLACEHOLDER}descope.com`;\n\n/* Default magic link polling interval for checking if the user clicked on the magic-link/enchanted-link/notp /\nexport const MIN_POLLING_INTERVAL_MS = 1000; // 1 second\n/* Default maximum time we are willing to wait for the magic-link/enchanted-link/notp to be clicked /\nexport const MAX_POLLING_TIMEOUT_MS = 1000 60 * 10; // 10 minutes\n\n/** Descope current tenant claim /\nexport const DESCOPE_CURRENT_TENANT_CLAIM = 'dct';\n\n/* API paths to the Descope service /\nexport { default as apiPaths } from './apiPaths';\n","import { Logger } from '../../sdk/types';\nimport { Fetch } from '../types';\n\n/* Build a log message around HTTP calls /\nconst httpLogBuilder = () => {\n const msg: {\n Title?: string;\n Url?: string;\n Method?: string;\n Headers?: string;\n Body?: string;\n Status?: string;\n Retries?: number;\n } = {};\n\n return {\n headers(headers: HeadersInit) {\n const headersObj =\n typeof headers.entries === 'function'\n ? Object.fromEntries(headers.entries())\n : headers;\n msg.Headers = JSON.stringify(headersObj);\n\n return this;\n },\n\n body(body: string) {\n msg.Body = body;\n return this;\n },\n\n url(url: URL \| string) {\n msg.Url = url.toString();\n return this;\n },\n\n method(method: string) {\n msg.Method = method;\n return this;\n },\n\n title(title: string) {\n msg.Title = title;\n return this;\n },\n\n status(status: string) {\n msg.Status = status;\n return this;\n },\n\n retries(retries: number) {\n msg.Retries = retries;\n return this;\n },\n\n build() {\n return Object.keys(msg)\n .flatMap((key) =>\n msg[key] ? [`${key !== 'Title' ? `${key}: ` : ''}${msg[key]}`] : [],\n )\n .join('\\n');\n },\n };\n};\n\n/* Log the request object /\nconst buildRequestLog = (args: Parameters<Fetch>) =>\n httpLogBuilder()\n .title('Request')\n .url(args[0])\n .method(args[1].method)\n .headers(args[1].headers)\n .body(args[1].body)\n .build();\n\n// we should retry on these status codes:\n// 503: Service Unavailable\n// 521: Web Server Is Down (Cloudflare error)\n// 522: Connection Timed Out (Cloudflare error)\n// 524: A Timeout Occurred (Cloudflare error)\n// 530: Cloudflare error\nconst retryStatusCodes = [503, 521, 522, 524, 530];\n\n// Retry delays in ms: first retry after 100ms, subsequent retries after 5000ms\nconst retryDelaysMs = [100, 5000, 5000];\n\nconst sleep = (ms: number) =>\n new Promise<void>((resolve) => setTimeout(resolve, ms));\n\n/* Log the response object /\nconst buildResponseLog = async (resp: Response & { retries?: number }) => {\n const respBody = await resp.text();\n\n return httpLogBuilder()\n .title('Response')\n .url(resp.url.toString())\n .status(`${resp.status} ${resp.statusText}`)\n .headers(resp.headers)\n .body(respBody)\n .retries(resp.retries)\n .build();\n};\n\nconst fetchWrapper =\n (fetch: Fetch) =>\n async (...args: Parameters<Fetch>) => {\n let resp: Response & { retries?: number } = await fetch(...args);\n\n let retries = 0;\n while (\n retryStatusCodes.includes(resp.status) &&\n retries < retryDelaysMs.length\n ) {\n await sleep(retryDelaysMs[retries]);\n resp = await fetch(...args);\n retries++;\n }\n\n if (retries > 0) {\n resp.retries = retries;\n }\n\n // we found out that cloning the response is problematic when using node fetch\n // so instead, we are reading the body stream once and overriding the clone, text & json functions\n const respText = await resp.text();\n\n resp.text = () => Promise.resolve(respText);\n resp.json = () => Promise.resolve(JSON.parse(respText));\n resp.clone = () => resp;\n\n return resp;\n };\n\n/\n Create a fetch with a logger wrapped around it if a logger is given\n * @param logger Logger to send the logs to\n * @param receivedFetch Fetch to be used or built-in fetch if not provided\n \n /\nconst createFetchLogger = (logger: Logger, receivedFetch?: Fetch) => {\n const baseFetch = receivedFetch \|\| fetch;\n if (!baseFetch)\n // eslint-disable-next-line no-console\n logger?.warn(\n 'Fetch is not defined, you will not be able to send http requests, if you are running in a test, make sure fetch is defined globally',\n );\n\n if (!logger) return fetchWrapper(baseFetch);\n return async (...args: Parameters<Fetch>) => {\n if (!baseFetch)\n throw Error(\n 'Cannot send http request, fetch is not defined, if you are running in a test, make sure fetch is defined globally',\n );\n logger.log(buildRequestLog(args));\n const resp = await fetchWrapper(baseFetch)(...args);\n\n logger[resp.ok ? 'log' : 'error'](await buildResponseLog(resp));\n\n return resp;\n };\n};\n\nexport default createFetchLogger;\n","let sessionId: string;\n\nexport const getClientSessionId = (): string => {\n if (sessionId) {\n return sessionId;\n }\n const currentDate = new Date();\n const utcString = `${currentDate.getUTCFullYear().toString()}-${(\n currentDate.getUTCMonth() + 1\n )\n .toString()\n .padStart(2, '0')}-${currentDate\n .getUTCDate()\n .toString()\n .padStart(2, '0')}-${currentDate\n .getUTCHours()\n .toString()\n .padStart(2, '0')}:${currentDate\n .getUTCMinutes()\n .toString()\n .padStart(2, '0')}:${currentDate\n .getUTCSeconds()\n .toString()\n .padStart(2, '0')}:${currentDate.getUTCMilliseconds().toString()}`;\n const randomSuffix = Math.floor(1000 + Math.random() * 9000);\n sessionId = `${utcString}-${randomSuffix}`;\n return sessionId;\n};\n","import { Logger } from '../sdk/types';\n\n/** Request configuration including headers, query params and token /\ntype HttpClientReqConfig = {\n headers?: HeadersInit;\n queryParams?: { [key: string]: string };\n token?: string;\n};\n\nexport type ExtendedResponse = Response & { cookies: Record<string, string> };\n\n/* HTTP methods we use in the client /\nexport enum HTTPMethods {\n get = 'GET',\n delete = 'DELETE',\n post = 'POST',\n put = 'PUT',\n patch = 'PATCH',\n}\n\n/* HTTP Client type that implements the HTTP method calls. Descopers can provide their own HTTP client although required only in rare cases. /\nexport type HttpClient = {\n get: (path: string, config?: HttpClientReqConfig) => Promise<Response>;\n post: (\n path: string,\n body?: any,\n config?: HttpClientReqConfig,\n ) => Promise<Response>;\n patch: (\n path: string,\n body?: any,\n config?: HttpClientReqConfig,\n ) => Promise<Response>;\n put: (\n path: string,\n body?: any,\n config?: HttpClientReqConfig,\n ) => Promise<Response>;\n delete: (path: string, config?: HttpClientReqConfig) => Promise<Response>;\n hooks?: Hooks;\n buildUrl: (path: string, queryParams?: { [key: string]: string }) => string;\n};\n\nexport type Fetch = typeof fetch;\n\n/* Parameters for the HTTP client. Defaults should work for most cases. /\nexport type CreateHttpClientConfig = {\n baseUrl?: string;\n projectId: string;\n baseConfig?: { baseHeaders: HeadersInit };\n logger?: Logger;\n hooks?: Hooks;\n cookiePolicy?: RequestCredentials \| null;\n refreshCookieName?: string;\n fetch?: Fetch;\n};\n\n/* For before-request hook allows overriding parts of the request /\nexport type RequestConfig = {\n path: string;\n headers?: HeadersInit;\n queryParams?: { [key: string]: string };\n body?: any;\n method: HTTPMethods;\n token?: string;\n};\n\nexport type BeforeRequest = (config: RequestConfig) => RequestConfig;\n\nexport type AfterRequest = (\n req: RequestConfig,\n res: Response,\n) => void \| Promise<void>;\n\n/* Hooks before and after the request is made /\nexport type Hooks = {\n beforeRequest?: BeforeRequest;\n afterRequest?: AfterRequest;\n transformResponse?: (\n mutableResponse: ExtendedResponse,\n ) => Promise<ExtendedResponse>;\n};\n\nexport type MultipleHooks = {\n beforeRequest?: BeforeRequest \| BeforeRequest[];\n afterRequest?: AfterRequest \| AfterRequest[];\n transformResponse?: (\n mutableResponse: ExtendedResponse,\n ) => Promise<ExtendedResponse>;\n};\n","import { BASE_URL_REGION_PLACEHOLDER } from '../constants';\n\n/* Build URL with given parts /\nexport const urlBuilder = ({\n path,\n baseUrl,\n queryParams,\n projectId,\n}: {\n path: string;\n baseUrl: string;\n queryParams?: { [key: string]: string };\n projectId: string;\n}) => {\n // NOTE: many URL and URLSearchParams functions and fields are NOT SUPPORTED by the react-native runtime.\n // To add insult to injury - it adds a trailing slash almost no matter what the input is:\n // https://github.com/facebook/react-native/blob/main/packages/react-native/Libraries/Blob/URL.js#L144\n // Do not replace unless testing with all of the core-dependent projects\n const region = projectId.slice(1, -27);\n baseUrl = baseUrl.replace(\n BASE_URL_REGION_PLACEHOLDER,\n region ? region + '.' : '',\n );\n // append path to base\n let url = path\n ? `${baseUrl.replace(/\\/$/, '')}/${path?.replace(/^\\//, '')}`\n : baseUrl;\n\n // add query params if given\n if (queryParams) {\n const keys = Object.keys(queryParams);\n keys.forEach((key: string, index: number) => {\n url = `${url}${index === 0 ? '?' : ''}${key}=${encodeURIComponent(\n queryParams[key],\n )}${index === keys.length - 1 ? '' : '&'}`;\n });\n }\n\n return url;\n};\n","/ eslint-disable no-nested-ternary /\n\ntype SdkHeaders = HeadersInit \| Record<string, () => string>;\n\nconst getSrcArr = (source: SdkHeaders) => {\n if (Array.isArray(source)) return source;\n if (source instanceof Headers) return Array.from(source.entries());\n if (!source) return [];\n return Object.entries(source);\n};\n\n/* Merge the given list of headers into a single Headers object /\nexport const mergeHeaders = (...sources: SdkHeaders[]) =>\n new Headers(\n sources.reduce<Record<string, string>>(\n (acc: Record<string, string>, source) => {\n getSrcArr(source).forEach(([key, value]) => {\n acc[key] = typeof value === 'function' ? value() : value;\n });\n\n return acc;\n },\n {},\n ),\n );\n\n/* Serialize the body to JSON /\nexport const serializeBody = (body: Record<string, any>) =>\n body === undefined ? undefined : JSON.stringify(body);\n","import { DEFAULT_BASE_API_URL } from '../constants';\nimport { getClientSessionId, transformSetCookie } from './helpers';\nimport createFetchLogger from './helpers/createFetchLogger';\nimport {\n AfterRequest,\n BeforeRequest,\n CreateHttpClientConfig,\n HttpClient,\n HTTPMethods,\n MultipleHooks,\n RequestConfig,\n} from './types';\nimport { urlBuilder } from './urlBuilder';\nimport { mergeHeaders, serializeBody } from './utils';\n\nconst jsonHeaders = {\n 'Content-Type': 'application/json',\n};\n\n/\n Create a Bearer authorization header with concatenated projectId and token\n * @param projectId The project id to use in the header\n * @param token Token to be concatenated. Defaults to empty.\n /\nconst createAuthorizationHeader = (\n projectId: string,\n token = '',\n): Record<string, string> => {\n let bearer = projectId;\n if (token) {\n bearer = bearer + ':' + token;\n }\n return {\n Authorization: `Bearer ${bearer}`,\n };\n};\n\ndeclare const BUILD_VERSION: string;\n\n/\n Create descope custom headers\n /\nconst createDescopeHeaders = (\n projectId: string,\n refreshCookieName?: string,\n) => {\n const res = {\n 'x-descope-sdk-session-id': getClientSessionId(),\n 'x-descope-sdk-name': 'core-js',\n 'x-descope-sdk-version': BUILD_VERSION,\n 'x-descope-project-id': projectId,\n };\n\n if (refreshCookieName) {\n res['x-descope-refresh-cookie-name'] = refreshCookieName;\n }\n return res;\n};\n\nconst isJson = (value?: string) => {\n try {\n value = JSON.parse(value);\n } catch (e) {\n return false;\n }\n\n return typeof value === 'object' && value !== null;\n};\n\n/* Add the ability to pass multiple hooks instead of one when creating an http client /\nconst withMultipleHooks =\n <T extends object>(createHttpClient: (config: CreateHttpClientConfig) => T) =>\n (\n config: Omit<CreateHttpClientConfig, 'hooks'> & { hooks?: MultipleHooks },\n ) => {\n const beforeRequest: BeforeRequest = (conf) => {\n // get the before hooks from the config while function is running\n // because the hooks might change after sdk creation\n const beforeRequestHooks = [].concat(config.hooks?.beforeRequest \|\| []);\n return beforeRequestHooks?.reduce((acc, fn) => fn(acc), conf);\n };\n\n const afterRequest: AfterRequest = async (req, res) => {\n // get the after hooks from the config while function is running\n // because the hooks might change after sdk creation\n const afterRequestHooks = [].concat(config.hooks?.afterRequest \|\| []);\n // do not remove this check - on old versions of react-native it is required\n if (afterRequestHooks.length == 0) return;\n const results = await Promise.allSettled(\n afterRequestHooks?.map((fn) => fn(req, res?.clone())),\n );\n // eslint-disable-next-line no-console\n results.forEach(\n (result) =>\n result.status === 'rejected' && config.logger?.error(result.reason),\n );\n };\n\n return createHttpClient({\n ...config,\n hooks: {\n beforeRequest,\n afterRequest,\n transformResponse: config.hooks?.transformResponse,\n },\n });\n };\n\n/\n Create the HTTP client used to send HTTP requests to the Descope API\n \n @param CreateHttpClientConfig Configuration for the client\n /\nconst createHttpClient = ({\n baseUrl: recBaseUrl,\n projectId,\n baseConfig,\n refreshCookieName,\n logger,\n hooks,\n cookiePolicy,\n fetch,\n}: CreateHttpClientConfig): HttpClient => {\n const baseUrl = recBaseUrl \|\| DEFAULT_BASE_API_URL;\n const fetchWithLogger = createFetchLogger(logger, fetch);\n\n const sendRequest = async (config: RequestConfig) => {\n const requestConfig = hooks?.beforeRequest\n ? hooks.beforeRequest(config)\n : config;\n\n const { path, body, headers, queryParams, method, token } = requestConfig;\n\n const serializedBody = serializeBody(body);\n const requestInit: RequestInit = {\n headers: mergeHeaders(\n createAuthorizationHeader(projectId, token),\n createDescopeHeaders(projectId, refreshCookieName),\n baseConfig?.baseHeaders \|\| {},\n isJson(serializedBody) ? jsonHeaders : {}, // add json content headers if body is json\n headers,\n ),\n method,\n body: serializedBody,\n };\n\n // On edge runtimes like Cloudflare, the fetch implementation does not support credentials\n // so we allow the caller to omit by specifying null\n // See https://github.com/cloudflare/workerd/blob/main/src/workerd/api/http.h#L591\n if (cookiePolicy !== null) {\n requestInit.credentials = cookiePolicy \|\| 'include';\n }\n\n const res = await fetchWithLogger(\n urlBuilder({ path, baseUrl, queryParams, projectId }),\n requestInit,\n );\n\n if (hooks?.afterRequest) {\n await hooks.afterRequest(config, res?.clone());\n }\n\n if (hooks?.transformResponse) {\n const json = await res.json();\n const cookies = transformSetCookie(res.headers?.get('set-cookie') \|\| '');\n const mutableResponse = {\n ...res,\n json: () => Promise.resolve(json),\n cookies,\n };\n // we want to make sure cloning the response will keep the transformed json data\n mutableResponse.clone = () => mutableResponse;\n return hooks.transformResponse(mutableResponse);\n }\n\n return res;\n };\n\n return {\n get: (path: string, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body: undefined,\n method: HTTPMethods.get,\n token,\n }),\n post: (path, body, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body,\n method: HTTPMethods.post,\n token,\n }),\n patch: (path, body, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body,\n method: HTTPMethods.patch,\n token,\n }),\n put: (path, body, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body,\n method: HTTPMethods.put,\n token,\n }),\n delete: (path, { headers, queryParams, token } = {}) =>\n sendRequest({\n path,\n headers,\n queryParams,\n body: undefined,\n method: HTTPMethods.delete,\n token,\n }),\n hooks,\n buildUrl: (path, queryParams) => {\n return urlBuilder({ projectId, baseUrl, path, queryParams });\n },\n };\n};\n\nexport default withMultipleHooks(createHttpClient);\nexport type { HttpClient };\n","/\n Split a combined Set-Cookie header string into individual cookie strings.\n \n Set-Cookie values are sometimes comma-joined into one string. This splits\n * them without choking on commas that appear inside a single cookie's\n * attributes (e.g. the Expires date \"Sun, 10 May 2026 12:00:00 GMT\").\n \n Based on https://github.com/nfriedly/set-cookie-parser (MIT).\n /\nfunction splitCookiesString(cookiesString: string): string[] {\n if (!cookiesString) return [];\n\n const result: string[] = [];\n let pos = 0;\n\n function skipWhitespace() {\n while (pos < cookiesString.length && /\\s/.test(cookiesString.charAt(pos))) {\n pos += 1;\n }\n return pos < cookiesString.length;\n }\n\n function notSpecialChar() {\n const ch = cookiesString.charAt(pos);\n return ch !== '=' && ch !== ';' && ch !== ',';\n }\n\n while (pos < cookiesString.length) {\n const start = pos;\n let cookiesSeparatorFound = false;\n let lastComma: number;\n let nextStart: number;\n\n while (skipWhitespace()) {\n const ch = cookiesString.charAt(pos);\n if (ch === ',') {\n // ',' is a cookie separator if we later find '=' before ';' or ','\n lastComma = pos;\n pos += 1;\n skipWhitespace();\n nextStart = pos;\n\n while (pos < cookiesString.length && notSpecialChar()) {\n pos += 1;\n }\n\n if (pos < cookiesString.length && cookiesString.charAt(pos) === '=') {\n // found a cookie separator — the comma was between two cookies\n cookiesSeparatorFound = true;\n pos = nextStart;\n result.push(cookiesString.substring(start, lastComma));\n break;\n } else {\n // comma was inside an attribute value (e.g. Expires date)\n pos = lastComma + 1;\n }\n } else {\n pos += 1;\n }\n }\n\n if (!cookiesSeparatorFound \|\| pos >= cookiesString.length) {\n result.push(cookiesString.substring(start, cookiesString.length));\n }\n }\n\n return result;\n}\n\nexport function transformSetCookie(\n setCookieHeader: string,\n): Record<string, string> {\n return Object.fromEntries(\n splitCookiesString(setCookieHeader)\n .map((cookieStr) => {\n const nameValue = cookieStr.split(';')[0];\n const eqIdx = nameValue.indexOf('=');\n if (eqIdx < 1) return null;\n return [\n nameValue.substring(0, eqIdx).trim(),\n nameValue.substring(eqIdx + 1).trim(),\n ];\n })\n .filter(Boolean),\n );\n}\n\n/ istanbul ignore next -- re-exports /\nexport { default as createFetchLogger } from './createFetchLogger';\n/ istanbul ignore next -- re-exports /\nexport { getClientSessionId } from './getClientSessionId';\n","export default {\n TOO_MANY_REQUESTS: 429,\n};\n","import { jwtDecode, JwtPayload } from 'jwt-decode';\nimport { ResponseData, SdkResponse } from '../types';\nimport HttpStatusCodes from '../../constants/httpStatusCodes';\nimport { DESCOPE_CURRENT_TENANT_CLAIM } from '../../constants';\n\nfunction getJwtAuthorizationItems(\n token: string,\n tenant: string,\n claim: string,\n): string[] {\n let claims: any = parseJwt(token);\n if (tenant) {\n if (!claims?.tenants && claims?.[DESCOPE_CURRENT_TENANT_CLAIM] === tenant) {\n // The token may have the current tenant in the \"dct\" claim and without the \"tenants\" claim\n return claims?.[claim] \|\| [];\n } else {\n claims = claims?.tenants?.[tenant];\n }\n }\n const items = claims?.[claim];\n return Array.isArray(items) ? items : [];\n}\n\nfunction parseJwt(token: string): JwtPayload {\n if (typeof token !== 'string' \|\| !token)\n throw new Error('Invalid token provided');\n return jwtDecode(token);\n}\n\n/\n Checks if the given JWT is still valid but DOES NOT check for signature\n \n @param token JWT token\n /\nexport function isJwtExpired(token: string): boolean {\n const { exp } = parseJwt(token);\n const currentTime = new Date().getTime() / 1000;\n return currentTime > exp;\n}\n\n/\n Returns the list of tenants in the given JWT\n \n @param token JWT token\n /\nexport function getTenants(token: string): string[] {\n let claims: any = parseJwt(token);\n const items = Object.keys(claims?.tenants);\n return Array.isArray(items) ? items : [];\n}\n\n/\n Returns the list of permissions granted in the given JWT but DOES NOT check for signature\n \n @param token JWT token\n /\nexport function getJwtPermissions(token: string, tenant?: string): string[] {\n return getJwtAuthorizationItems(token, tenant, 'permissions');\n}\n\n/\n Returns the list of roles specified in the given JWT but DOES NOT check for signature\n \n @param token JWT token\n /\nexport function getJwtRoles(token: string, tenant?: string): string[] {\n return getJwtAuthorizationItems(token, tenant, 'roles');\n}\n\n/* Joins path parts making sure there is only one path separator between parts /\nexport const pathJoin = (...args: string[]) =>\n args.join('/').replace(/\\/{2,}/g, '/');\n\n/* Transform the Promise Response to our internal SdkResponse implementation\n * @param response The Response promise from fetch\n * @param transform Optionally transform the response JSON to another type\n /\nexport async function transformResponse<\n T extends ResponseData,\n S extends ResponseData = T,\n>(\n response: Promise<Response>,\n transform?: (data: T) => S,\n): Promise<SdkResponse<S>> {\n const resp = await response;\n\n const ret: SdkResponse<S> = {\n code: resp.status,\n ok: resp.ok,\n response: resp,\n };\n\n const data = await resp.clone().json();\n\n if (!resp.ok) {\n ret.error = data;\n\n if (resp.status === HttpStatusCodes.TOO_MANY_REQUESTS) {\n Object.assign(ret.error, {\n retryAfter: Number.parseInt(resp.headers?.get('retry-after')) \|\| 0,\n });\n }\n } else if (transform) {\n ret.data = transform(data);\n } else {\n ret.data = <S>data;\n }\n\n return ret;\n}\n\nexport function getCurrentTenant(token: string): string {\n return parseJwt(token)?.[DESCOPE_CURRENT_TENANT_CLAIM] \|\| '';\n}\n","import { Validator, ValidationRule, MakeValidator } from './types';\n\nexport const createValidator =\n (rule: ValidationRule, defaultMsg?: string): MakeValidator =>\n (msg = defaultMsg) =>\n (val) =>\n !rule(val) ? msg.replace('{val}', val) : false;\n\nexport const createOrValidator =\n (validators: Validator[], defaultMsg?: string): MakeValidator =>\n (msg = defaultMsg) =>\n (val) => {\n const errors = validators.filter((validator) => validator(val));\n\n if (errors.length < validators.length) return false;\n\n return msg ? msg.replace('{val}', val) : errors.join(' OR ');\n };\n\nexport const createValidation = (...validators: Validator[]) => ({\n validate: (val: any) => {\n validators.forEach((validator) => {\n const errMsg = validator(val);\n if (errMsg) throw new Error(errMsg);\n });\n\n return true;\n },\n});\n","import { createOrValidator, createValidation, createValidator } from './core';\nimport { Validator } from './types';\n\nconst regexMatch = (regex: RegExp) => (val: any) => regex.test(val);\n\nconst validateString = (val: any) => typeof val === 'string';\n\nconst validateArray = (val: any) => Array.isArray(val);\n\nconst validateBoolean = (val: any) => typeof val === 'boolean';\n\nconst validateUndefined = (val: any) => val === undefined;\n\nconst validateEmail = regexMatch(\n /^[a-zA-Z0-9.!#$%&'+/=?^_`{\|}~-]+@[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)$/,\n);\n\n// A replacement for lodash.get, because it may not integrate well in various runtime environments (Edge).\n// Implementation is based on https://gist.github.com/dfkaye/59263b51cf1e0b633181c5f44ae2066a\nconst get = (object: any, pathName: string, defaultValue?: any) => {\n // Coerce pathName to a string (even it turns into \"[object Object]\").\n const path = Array.isArray(pathName) ? pathName.join('.') : String(pathName);\n\n // Support bracket notation, e.g., \"a[0].b.c\".\n const match = /\\[\\\\?(\"\|')?(\\w\|d)+\\\\?(\"\|')?\\]/g;\n\n const parts = path.replace(match, (m, i, v) => '.' + v).split('.');\n\n const length = parts.length;\n let i = 0;\n\n // In case object isn't a real object, set it to undefined.\n let value = object === Object(object) ? object : undefined;\n\n while (value != null && i < length) {\n value = value[parts[i++]];\n }\n\n /\n returns the resolved value if\n * 1. iteration happened (i > 0)\n * 2. iteration completed (i === length)\n * 3. the value at the path is found in the data structure (not undefined). Note that if the path is found but the\n * value is null, then null is returned.\n * If any of those checks fails, return the defaultValue param, if provided.\n /\n return i && i === length && value !== undefined ? value : defaultValue;\n};\n\nconst validatePhone = regexMatch(/^\\+[1-9]{1}[0-9]{3,14}$/);\nconst validateMinLength = (min: number) => (val: any) => val.length >= min;\n// const validatePlainObject = (val: any) => !!val && Object.getPrototypeOf(val) === Object.prototype;\nconst validatePathValue = (path: string, rules: Validator[]) => (val: any) =>\n createValidation(...rules).validate(get(val, path));\n\nexport const isEmail = createValidator(\n validateEmail,\n '\"{val}\" is not a valid email',\n);\nexport const isPhone = createValidator(\n validatePhone,\n '\"{val}\" is not a valid phone number',\n);\nexport const isNotEmpty = createValidator(\n validateMinLength(1),\n 'Minimum length is 1',\n);\nexport const isString = createValidator(\n validateString,\n 'Input is not a string',\n);\n\nexport const isArray = createValidator(validateArray, 'Input is not an array');\n\nexport const isBoolean = createValidator(\n validateBoolean,\n 'Input is not a boolean',\n);\n\nexport const isUndefined = createValidator(\n validateUndefined,\n 'Input is defined',\n);\n\nexport const isStringOrUndefined = createOrValidator(\n [isString(), isUndefined()],\n 'Input is not a string or undefined',\n);\n\nexport const isArrayOrBool = createOrValidator(\n [isArray(), isBoolean()],\n 'Input is not an array or boolean',\n);\n\n// export const isPlainObject = createValidator(validatePlainObject, 'Input is not a plain object');\nexport const hasPathValue = (path: string, rules: Validator[]) =>\n createValidator(validatePathValue(path, rules))();\n","import { createValidation } from './core';\nimport { Validator } from './types';\nimport {\n isEmail,\n isNotEmpty,\n isPhone,\n isString,\n isStringOrUndefined,\n} from './validators';\n\n/\n \n * Validate that all of the validators passes\n * @params each parameter is an array of validators, those validators will be verified against the wrapped function argument which in the same place\n * @throws if any of the validators fails, an error with the relevant message will be thrown\n /\nexport const withValidations =\n (...argsRules: Validator[][]) =>\n <T extends Array<any>, U>(fn: (...args: T) => U) =>\n (...args: T): U => {\n argsRules.forEach((rulesArr, i) =>\n createValidation(...rulesArr).validate(args[i]),\n );\n\n return fn(...args);\n };\n\nexport const string = (fieldName: string) => [\n isString(`\"${fieldName}\" must be a string`),\n];\n\nexport const isStringOrUndefinedValidator = (fieldName: string) => [\n isStringOrUndefined(`\"${fieldName}\" must be string or undefined`),\n];\n\nexport const stringNonEmpty = (fieldName: string) => [\n isString(`\"${fieldName}\" must be a string`),\n isNotEmpty(`\"${fieldName}\" must not be empty`),\n];\nexport const stringEmail = (fieldName: string) => [\n isString(`\"${fieldName}\" must be a string`),\n isEmail(),\n];\nexport const stringPhone = (fieldName: string) => [\n isString(`\"${fieldName}\" must be a string`),\n isPhone(),\n];\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport { transformResponse } from './helpers';\nimport {\n AccessKeyLoginOptions,\n ExchangeAccessKeyResponse,\n SdkResponse,\n} from './types';\nimport { stringNonEmpty, withValidations } from './validations';\n\nconst withExchangeValidations = withValidations(stringNonEmpty('accessKey'));\n\nconst withAccessKeys = (httpClient: HttpClient) => ({\n exchange: withExchangeValidations(\n (\n accessKey: string,\n loginOptions?: AccessKeyLoginOptions,\n ): Promise<SdkResponse<ExchangeAccessKeyResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.accessKey.exchange,\n { loginOptions },\n { token: accessKey },\n ),\n ),\n ),\n});\n\nexport default withAccessKeys;\n","import { MAX_POLLING_TIMEOUT_MS, MIN_POLLING_INTERVAL_MS } from '../constants';\n\n/* Polling configuration with defaults and normalizing checks /\nexport const normalizeWaitForSessionConfig = ({\n pollingIntervalMs = MIN_POLLING_INTERVAL_MS,\n timeoutMs = MAX_POLLING_TIMEOUT_MS,\n} = {}) => ({\n pollingIntervalMs: Math.max(\n pollingIntervalMs \|\| MIN_POLLING_INTERVAL_MS,\n MIN_POLLING_INTERVAL_MS,\n ),\n timeoutMs: Math.min(\n timeoutMs \|\| MAX_POLLING_TIMEOUT_MS,\n MAX_POLLING_TIMEOUT_MS,\n ),\n});\n","type DeviceInfo = {\n webAuthnSupport?: boolean;\n};\n\ntype LastAuth = {\n authMethod?: AuthMethod;\n oauthProvider?: string;\n name?: string;\n loginId?: string;\n};\n\ntype RedirectAuth = {\n callbackUrl: string;\n codeChallenge: string;\n};\n\n/* Sent in a flow start request when running as a native flow component via a mobile SDK /\ntype NativeOptions = {\n /* What mobile platform we're running on, used to decide between different behaviors on the backend /\n platform: 'ios' \| 'android';\n\n /* The name of an OAuth provider that will use native OAuth (Sign in with Apple/Google) instead of web OAuth when running in a mobile app /\n oauthProvider?: string;\n\n /* An override for web OAuth that sets the address to redirect to after authentication succeeds at the OAuth provider website /\n oauthRedirect?: string;\n};\n\ntype AuthMethod =\n \| 'magiclink'\n \| 'enchantedlink'\n \| 'otp'\n \| 'totp'\n \| 'oauth'\n \| 'saml'\n \| 'webauthn';\n\nexport type SdkFn = (...args: any[]) => Promise<SdkResponse<ResponseData>>;\n\nexport type MaskedPhone = {\n maskedPhone: string;\n};\n\nexport type MaskedEmail = {\n maskedEmail: string;\n};\n\n/* User base details from Descope API /\nexport type User = {\n email?: string;\n name?: string;\n givenName?: string;\n middleName?: string;\n familyName?: string;\n phone?: string;\n};\n\n/* User extended details from Descope API /\nexport type UserResponse = User & {\n loginIds: string[];\n userId: string;\n verifiedEmail?: boolean;\n verifiedPhone?: boolean;\n picture?: string;\n roleNames?: string[];\n userTenants?: UserTenant[];\n createdTime: number;\n TOTP: boolean;\n SAML: boolean;\n SCIM: boolean;\n password: boolean;\n OAuth?: Record<string, boolean>;\n customAttributes?: Record<string, any>;\n status: string;\n test: boolean;\n};\n\nexport type Tenant = {\n id: string;\n name: string;\n customAttributes?: Record<string, any>;\n};\n\nexport type TenantsResponse = {\n tenants: Tenant[];\n};\n\nexport type UserHistoryResponse = {\n userId: string;\n loginTime: number;\n city: string;\n country: string;\n ip: string;\n};\n\n/* A tenant association mapping /\nexport type UserTenant = {\n tenantId: string;\n roleNames?: string[];\n permissions?: string[];\n tenantName: string;\n};\n\nexport type TemplateOptions = Record<string, string>; // for providing messaging template options (templates that are being sent via email / text message)\n\n/* Login options to be added to the different authentication methods /\nexport type LoginOptions = {\n stepup?: boolean;\n mfa?: boolean;\n revokeOtherSessions?: boolean;\n customClaims?: Record<string, any>;\n templateId?: string;\n templateOptions?: TemplateOptions;\n};\n\n/* Access key login options to be added to the different authentication methods /\nexport type AccessKeyLoginOptions = {\n customClaims?: Record<string, any>;\n selectedTenant?: string;\n};\n\n/* Sign Up options to be added to the different authentication methods /\nexport type SignUpOptions = {\n customClaims?: Record<string, any>;\n templateId?: string;\n templateOptions?: TemplateOptions;\n};\n\nexport type Claims = Record<string, any>;\n\n/* Authentication info result from the various JWT validations /\nexport type JWTResponse = {\n sessionJwt: string;\n refreshJwt?: string;\n cookieDomain?: string;\n cookiePath?: string;\n cookieMaxAge?: number;\n cookieExpiration?: number;\n cookieName?: string;\n user?: UserResponse;\n firstSeen?: boolean;\n sessionExpiration: number;\n claims: Claims;\n trustedDeviceJwt?: string;\n nextRefreshSeconds?: number;\n};\n\n/* Authentication info result from exchanging access keys for a session /\nexport type ExchangeAccessKeyResponse = {\n keyId: string;\n sessionJwt: string;\n expiration: number;\n};\n\n/* Options for fine-grained passkey (WebAuthn) control /\nexport type PasskeyOptions = {\n // attestation only (sign up)\n authenticatorSelection?: WebauthnAuthenticatorSelectionCriteria;\n attestation?: 'none' \| 'indirect' \| 'direct';\n // assertion only (sign in)\n userVerification?: 'preferred' \| 'required' \| 'discouraged';\n // shared\n extensionsJSON?: string;\n};\n\n/* Part of the passkey options that apply when performing attestation (sign up) /\nexport type WebauthnAuthenticatorSelectionCriteria = {\n authenticatorAttachment?: 'any' \| 'platform' \| 'crossplatform';\n residentKey?: 'discouraged' \| 'preferred' \| 'required';\n userVerification?: 'preferred' \| 'required' \| 'discouraged';\n};\n\n/* The response returned from the various start webauthn functions /\nexport type WebAuthnStartResponse = {\n transactionId: string;\n options: string;\n create: boolean;\n};\n\n/* Enchanted link response /\nexport type EnchantedLinkResponse = {\n /* Pending reference URL to poll while waiting for user to click magic link /\n pendingRef: string;\n /* Link id, on which link the user should click /\n linkId: string;\n /* Email to which the link was sent to /\n maskedEmail: string;\n};\n\n/* URL response to redirect user in case of OAuth or SSO /\nexport type URLResponse = {\n url: string;\n};\n\n/* TOTP response with the TOTP details /\nexport type TOTPResponse = {\n provisioningURL: string;\n image: string;\n key: string;\n};\n\n/* Password reset response with details according to response method /\nexport type PasswordResetResponse = {\n resetMethod: string;\n pendingRef?: string;\n linkId?: string;\n maskedEmail: string;\n};\n\n/* A subset of the password policy that can be checked on the client side for better UX /\nexport type PasswordPolicyResponse = {\n minLength: number;\n lowercase: boolean;\n uppercase: boolean;\n number: boolean;\n nonAlphanumeric: boolean;\n};\n\nexport type ClientIdResponse = {\n clientId: string;\n};\n\nexport type VerifyOneTapIDTokenResponse = {\n code: string;\n};\n\n/* Phone delivery methods which are currently supported /\nexport enum DeliveryPhone {\n sms = 'sms',\n voice = 'voice',\n whatsapp = 'whatsapp',\n im = 'im',\n}\n\nexport enum DeliveryEmail {\n email = 'email',\n}\n\n/* All delivery methods currently supported /\nexport type DeliveryMethods = DeliveryPhone \| DeliveryEmail;\n\nexport const DeliveryMethods = {\n ...DeliveryPhone,\n ...DeliveryEmail,\n} as const;\n\n/* All flow execution statuses\n * - waiting - flow execution is waiting for user interaction\n * - running - flow execution is currently running\n * - completed - flow execution completed successfully\n * - failed - flow execution failed\n /\nexport enum FlowStatus {\n waiting = 'waiting',\n running = 'running',\n completed = 'completed',\n failed = 'failed',\n}\n\n/* All flow response action\n * - screen - next action is to render screen\n * - poll - next action is poll for next after timeout\n * - redirect - next action is to redirect (redirection details in 'redirect' attribute)\n * - webauthnCreate/webauthnGet - next action is to prompt webauthn (details in 'webauthn' attribute)\n * - nativeBridge - the next action needs to be sent via the native bridge to the native layer\n * - none - no next action\n /\nexport type FlowAction =\n \| 'screen'\n \| 'poll'\n \| 'redirect'\n \| 'webauthnCreate'\n \| 'webauthnGet'\n \| 'nativeBridge'\n \| 'none';\n\nexport type ComponentsConfig = Record<string, any>;\n\n/* Flow response with flow execution details /\nexport type FlowResponse = {\n // current execution identifier\n executionId: string;\n // current step identifier\n stepId: string;\n // current step name\n stepName: string;\n // flow execution status\n status: FlowStatus;\n // the next required action\n action: FlowAction;\n // screen data - if action is 'screen'\n screen?: {\n // screen identifier\n id: string;\n // extra dynamic state required for rendering screen\n state: Record<string, any>;\n componentsConfig: ComponentsConfig;\n };\n // redirect data - if action is 'redirect'\n redirect?: {\n url: string;\n isPopup?: boolean;\n };\n // SAML IDP response (this will be used to build the html form response goes from the IDP through the end user browser to the SP)\n samlIdpResponse?: {\n url: string;\n samlResponse: string;\n relayState: string;\n };\n // WS-Fed IDP response (this will be used to build the html form response goes from the IDP through the end user browser to the RP)\n wsFedIdpResponse?: {\n url: string;\n wresult: string;\n wctx: string;\n };\n // a URL to open in a new tab\n openInNewTabUrl?: string;\n // webauthn data - if action is one of 'webauthnCreate', 'webauthnGet'\n webauthn?: {\n transactionId: string;\n options: string;\n create: boolean;\n };\n // set if the action is 'nativeBridge'\n nativeResponse?: {\n type: 'oauthNative' \| 'oauthWeb' \| 'webauthnGet' \| 'webauthnCreate';\n payload: Record<string, any>;\n };\n // an error that occurred during flow execution, used for debugging / integrating\n error?: {\n code: string;\n description: string;\n message: string;\n };\n // authentication information response, if response is authenticated\n authInfo?: JWTResponse;\n lastAuth?: Pick<LastAuth, 'authMethod' \| 'oauthProvider'>;\n runnerLogs?: {\n title?: string;\n log: string;\n level?: 'info' \| 'debug' \| 'warn' \| 'error';\n }[];\n // general output configured inside the flow's end step\n output?: Record<string, any>;\n};\n\nexport type Options = {\n redirectUrl?: string;\n location?: string;\n tenant?: string;\n deviceInfo?: DeviceInfo;\n lastAuth?: LastAuth;\n redirectAuth?: RedirectAuth;\n oidcIdpStateId?: string;\n preview?: boolean;\n samlIdpStateId?: string;\n wsfedIdpStateId?: string;\n samlIdpUsername?: string;\n ssoAppId?: string;\n thirdPartyAppId?: string;\n oidcLoginHint?: string;\n abTestingKey?: number;\n startOptionsVersion?: number;\n client?: Record<string, any>;\n locale?: string;\n oidcPrompt?: string;\n oidcErrorRedirectUri?: string;\n oidcResource?: string;\n nativeOptions?: NativeOptions;\n thirdPartyAppStateId?: string;\n applicationScopes?: string; // Relevant for sso application and third party application\n outboundAppId?: string;\n outboundAppScopes?: string[];\n};\n\nexport type ResponseData = Record<string, any>;\n\n/\n Response from our SDK calls which includes the result (ok, code, error).\n * The relevant data is provided in the more specific interfaces extending SdkResponse.\n /\nexport type SdkResponse<T extends ResponseData> = {\n code?: number;\n ok: boolean;\n response?: Response;\n error?: {\n errorCode: string;\n errorDescription: string;\n errorMessage?: string;\n retryAfter?: string;\n };\n data?: T;\n};\n\n/* Different delivery method /\nexport type Deliveries<T extends Record<DeliveryMethods, SdkFn>> = {\n [S in DeliveryMethods]: T[S];\n};\n\nexport type DeliveriesPhone<T extends Record<DeliveryPhone, SdkFn> \| SdkFn> = {\n [S in DeliveryPhone]: T extends Record<DeliveryPhone, SdkFn> ? T[S] : T;\n};\n\n/* Map different functions to email vs phone (sms, whatsapp, voice) /\nexport type DeliveriesMap<EmailFn extends SdkFn, PhoneFn extends SdkFn> = {\n [S in DeliveryMethods]: S extends 'email' ? EmailFn : PhoneFn;\n};\n\n/* Logger type that supports the given levels (debug, log, error) /\nexport type Logger = Pick<Console, 'debug' \| 'log' \| 'error' \| 'warn'>;\n\n/* Polling configuration for session waiting /\nexport type WaitForSessionConfig = {\n pollingIntervalMs: number;\n timeoutMs: number;\n};\n\nexport type UpdateOptions<T extends boolean> = {\n addToLoginIDs?: T;\n onMergeUseExisting?: T extends true ? boolean : never;\n templateOptions?: TemplateOptions;\n templateId?: string;\n providerId?: string;\n};\n","import {\n stringNonEmpty,\n withValidations,\n stringPhone,\n stringEmail,\n} from '../validations';\n\nexport const loginIdValidations = stringNonEmpty('loginId');\nexport const withVerifyValidations = withValidations(stringNonEmpty('token'));\nexport const withSignValidations = withValidations(loginIdValidations);\nexport const withWaitForSessionValidations = withValidations(\n stringNonEmpty('pendingRef'),\n);\nexport const withUpdatePhoneValidations = withValidations(\n loginIdValidations,\n stringPhone('phone'),\n);\nexport const withUpdateEmailValidations = withValidations(\n loginIdValidations,\n stringEmail('email'),\n);\n","import {\n apiPaths,\n MAX_POLLING_TIMEOUT_MS,\n MIN_POLLING_INTERVAL_MS,\n} from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { normalizeWaitForSessionConfig } from '../../utils';\nimport { pathJoin, transformResponse } from '../helpers';\nimport {\n DeliveryMethods,\n SdkResponse,\n JWTResponse,\n EnchantedLinkResponse,\n User,\n LoginOptions,\n UpdateOptions,\n SignUpOptions,\n WaitForSessionConfig,\n} from '../types';\nimport {\n withWaitForSessionValidations,\n withSignValidations,\n withVerifyValidations,\n withUpdateEmailValidations,\n} from './validations';\n\nconst withEnchantedLink = (httpClient: HttpClient) => ({\n verify: withVerifyValidations(\n (token: string): Promise<SdkResponse<never>> =>\n transformResponse(\n httpClient.post(apiPaths.enchantedLink.verify, { token }),\n ),\n ),\n\n signIn: withSignValidations(\n (\n loginId: string,\n URI?: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n token?: string,\n ): Promise<SdkResponse<EnchantedLinkResponse>> =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.enchantedLink.signIn, DeliveryMethods.email),\n {\n loginId,\n URI,\n loginOptions,\n providerId,\n },\n { token },\n ),\n ),\n ),\n\n signUpOrIn: withSignValidations(\n (\n loginId: string,\n URI?: string,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<EnchantedLinkResponse>> =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.enchantedLink.signUpOrIn, DeliveryMethods.email),\n {\n loginId,\n URI,\n loginOptions: signUpOptions,\n providerId,\n },\n ),\n ),\n ),\n\n signUp: withSignValidations(\n (\n loginId: string,\n URI?: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<EnchantedLinkResponse>> =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.enchantedLink.signUp, DeliveryMethods.email),\n {\n loginId,\n URI,\n user,\n loginOptions: signUpOptions,\n providerId,\n },\n ),\n ),\n ),\n\n waitForSession: withWaitForSessionValidations(\n (\n pendingRef: string,\n config?: WaitForSessionConfig,\n ): Promise<SdkResponse<JWTResponse>> =>\n new Promise((resolve) => {\n const { pollingIntervalMs, timeoutMs } =\n normalizeWaitForSessionConfig(config);\n let timeout: NodeJS.Timeout \| undefined;\n const interval = setInterval(async () => {\n const resp = await httpClient.post(apiPaths.enchantedLink.session, {\n pendingRef,\n });\n if (resp.ok) {\n clearInterval(interval);\n if (timeout) clearTimeout(timeout);\n resolve(transformResponse(Promise.resolve(resp)));\n }\n }, pollingIntervalMs);\n\n timeout = setTimeout(() => {\n resolve({\n error: {\n errorDescription: `Session polling timeout exceeded: ${timeoutMs}ms`,\n errorCode: '0',\n },\n ok: false,\n });\n clearInterval(interval);\n }, timeoutMs);\n }),\n ),\n\n update: {\n email: withUpdateEmailValidations(\n <T extends boolean>(\n loginId: string,\n email: string,\n URI?: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ): Promise<SdkResponse<EnchantedLinkResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.enchantedLink.update.email,\n { loginId, email, URI, ...updateOptions },\n { token },\n ),\n ),\n ),\n },\n});\n\nexport default withEnchantedLink;\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { transformResponse } from '../helpers';\nimport { FlowResponse, Options, SdkResponse } from '../types';\nimport { stringNonEmpty, withValidations } from '../validations';\nimport { FlowInput } from './types';\n\nconst withStartValidations = withValidations(stringNonEmpty('flowId'));\nconst withNextValidations = withValidations(\n stringNonEmpty('executionId'),\n stringNonEmpty('stepId'),\n stringNonEmpty('interactionId'),\n);\n\nconst withFlow = (httpClient: HttpClient) => ({\n start: withStartValidations(\n (\n flowId: string,\n options?: Options,\n conditionInteractionId?: string,\n interactionId?: string,\n componentsVersion?: string,\n flowVersions?: Record<string, number>,\n input?: FlowInput,\n isCustomScreen = false,\n ): Promise<SdkResponse<FlowResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.flow.start, {\n flowId,\n options,\n conditionInteractionId,\n interactionId,\n componentsVersion,\n flowVersions,\n input,\n isCustomScreen,\n }),\n ),\n ),\n next: withNextValidations(\n (\n executionId: string,\n stepId: string,\n interactionId: string,\n version?: number,\n componentsVersion?: string,\n input?: FlowInput,\n isCustomScreen = false,\n ): Promise<SdkResponse<FlowResponse>> => {\n return transformResponse(\n httpClient.post(apiPaths.flow.next, {\n executionId,\n stepId,\n interactionId,\n version,\n componentsVersion,\n input,\n isCustomScreen,\n }),\n );\n },\n ),\n});\n\nexport default withFlow;\n","import {\n stringNonEmpty,\n withValidations,\n stringPhone,\n stringEmail,\n} from '../validations';\n\nexport const loginIdValidations = stringNonEmpty('loginId');\nexport const withVerifyValidations = withValidations(stringNonEmpty('token'));\nexport const withSignValidations = withValidations(loginIdValidations);\nexport const withWaitForSessionValidations = withValidations(\n stringNonEmpty('pendingRef'),\n);\nexport const withUpdatePhoneValidations = withValidations(\n loginIdValidations,\n stringPhone('phone'),\n);\nexport const withUpdateEmailValidations = withValidations(\n loginIdValidations,\n stringEmail('email'),\n);\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { pathJoin, transformResponse } from '../helpers';\nimport {\n DeliveryMethods,\n DeliveryPhone,\n SdkResponse,\n JWTResponse,\n User,\n LoginOptions,\n MaskedEmail,\n UpdateOptions,\n SignUpOptions,\n} from '../types';\nimport { MagicLink, Routes } from './types';\nimport {\n withSignValidations,\n withVerifyValidations,\n withUpdateEmailValidations,\n withUpdatePhoneValidations,\n} from './validations';\n\nconst deliveryMethods = Object.keys(DeliveryMethods).filter(\n (d) => d !== DeliveryPhone.voice && d !== DeliveryPhone.im,\n);\n\nconst withMagicLink = (httpClient: HttpClient) => ({\n verify: withVerifyValidations(\n (token: string): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(httpClient.post(apiPaths.magicLink.verify, { token })),\n ),\n\n signIn: deliveryMethods.reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n URI?: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n token?: string,\n ) =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.magicLink.signIn, delivery),\n { loginId, URI, loginOptions, providerId },\n { token },\n ),\n ),\n ),\n }),\n {},\n ) as MagicLink[Routes.signIn],\n\n signUp: deliveryMethods.reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n URI?: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ) =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.magicLink.signUp, delivery), {\n loginId,\n URI,\n user,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n }),\n {},\n ) as MagicLink[Routes.signUp],\n\n signUpOrIn: deliveryMethods.reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n URI?: string,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ) =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.magicLink.signUpOrIn, delivery), {\n loginId,\n URI,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n }),\n {},\n ) as MagicLink[Routes.signUpOrIn],\n\n update: {\n email: withUpdateEmailValidations(\n <T extends boolean>(\n loginId: string,\n email: string,\n URI?: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ): Promise<SdkResponse<MaskedEmail>> =>\n transformResponse(\n httpClient.post(\n apiPaths.magicLink.update.email,\n { loginId, email, URI, ...updateOptions },\n { token },\n ),\n ),\n ),\n phone: Object.keys(DeliveryPhone)\n .filter((d) => d !== DeliveryPhone.voice)\n .reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withUpdatePhoneValidations(\n <T extends boolean>(\n loginId: string,\n phone: string,\n URI?: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ) =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.magicLink.update.phone, delivery),\n { loginId, phone, URI, ...updateOptions },\n { token },\n ),\n ),\n ),\n }),\n {},\n ) as MagicLink[Routes.updatePhone],\n },\n});\n\nexport default withMagicLink;\n","import { SdkResponse, URLResponse, JWTResponse, LoginOptions } from '../types';\n\nenum OAuthProviders {\n facebook = 'facebook',\n github = 'github',\n google = 'google',\n microsoft = 'microsoft',\n gitlab = 'gitlab',\n apple = 'apple',\n discord = 'discord',\n linkedin = 'linkedin',\n slack = 'slack',\n}\n\ntype VerifyFn = (code: string) => Promise<SdkResponse<JWTResponse>>;\nexport type StartFn = (\n redirectURL?: string,\n loginOptions?: LoginOptions,\n token?: string,\n) => Promise<SdkResponse<URLResponse>>;\n\nexport type Providers<T> = Record<keyof typeof OAuthProviders, T>;\n\nexport type Oauth = {\n start: Providers<StartFn>;\n verify: Providers<VerifyFn>;\n};\n\nexport { OAuthProviders };\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport {\n SdkResponse,\n JWTResponse,\n LoginOptions,\n ClientIdResponse,\n VerifyOneTapIDTokenResponse,\n} from '../types';\nimport { transformResponse } from '../helpers';\nimport { Oauth, OAuthProviders } from './types';\nimport { stringNonEmpty, withValidations } from '../validations';\n\nconst withExchangeValidations = withValidations(stringNonEmpty('code'));\nconst withOauth = (httpClient: HttpClient) => ({\n start: Object.assign(\n (\n provider: string,\n redirectUrl?: string,\n loginOptions?: LoginOptions,\n token?: string,\n loginHint?: string,\n ) => {\n return transformResponse(\n httpClient.post(apiPaths.oauth.start, loginOptions \|\| {}, {\n queryParams: {\n provider,\n ...(redirectUrl && { redirectURL: redirectUrl }),\n ...(loginHint && { loginHint }),\n },\n token,\n }),\n );\n },\n Object.keys(OAuthProviders).reduce(\n (acc, provider) => ({\n ...acc,\n [provider]: (\n redirectUrl?: string,\n loginOptions?: LoginOptions,\n token?: string,\n loginHint?: string,\n ) =>\n transformResponse(\n httpClient.post(apiPaths.oauth.start, loginOptions \|\| {}, {\n queryParams: {\n provider,\n ...(redirectUrl && { redirectURL: redirectUrl }),\n ...(loginHint && { loginHint }),\n },\n token,\n }),\n ),\n }),\n {},\n ) as Oauth['start'],\n ),\n exchange: withExchangeValidations(\n (code: string): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(httpClient.post(apiPaths.oauth.exchange, { code })),\n ),\n startNative: (\n provider: string,\n loginOptions?: LoginOptions,\n implicit?: boolean,\n ) =>\n transformResponse(\n httpClient.post(apiPaths.oauth.startNative, {\n provider,\n loginOptions,\n implicit,\n }),\n ),\n finishNative: (\n provider: string,\n stateId: string,\n user?: string,\n code?: string,\n idToken?: string,\n ) =>\n transformResponse(\n httpClient.post(apiPaths.oauth.finishNative, {\n provider,\n stateId,\n user,\n code,\n idToken,\n }),\n ),\n getOneTapClientId: (provider: string) =>\n transformResponse<ClientIdResponse>(\n httpClient.get(\n apiPaths.oauth.oneTap.getOneTapClientId.replace('{provider}', provider),\n ),\n ),\n verifyOneTapIDToken: (\n provider: string,\n idToken: string,\n nonce: string,\n loginOptions?: LoginOptions,\n ) =>\n transformResponse<VerifyOneTapIDTokenResponse>(\n httpClient.post(apiPaths.oauth.oneTap.verifyOneTapIDToken, {\n provider,\n idToken,\n nonce,\n loginOptions,\n }),\n ),\n exchangeOneTapIDToken: (\n provider: string,\n idToken: string,\n nonce: string,\n loginOptions?: LoginOptions,\n ) =>\n transformResponse<JWTResponse>(\n httpClient.post(apiPaths.oauth.oneTap.exchangeOneTapIDToken, {\n provider,\n idToken,\n nonce,\n loginOptions,\n }),\n ),\n});\n\nexport default withOauth;\n","import {\n isStringOrUndefinedValidator,\n stringNonEmpty,\n withValidations,\n} from '../validations';\n\nconst appIdValidation = stringNonEmpty('appId');\nexport const withConnectValidations = withValidations(appIdValidation);\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { transformResponse } from '../helpers';\nimport { ConnectOptions } from './types';\nimport { SdkResponse, URLResponse } from '../types';\nimport { withConnectValidations } from './validations';\n\nconst withOutbound = (httpClient: HttpClient) => ({\n connect: withConnectValidations(\n (\n appId: string,\n options?: ConnectOptions,\n token?: string,\n ): Promise<SdkResponse<URLResponse>> => {\n const tenantId = options?.tenantId;\n const tenantLevel = options?.tenantLevel;\n delete options?.tenantId;\n delete options?.tenantLevel;\n return transformResponse(\n httpClient.post(\n apiPaths.outbound.connect,\n {\n appId,\n tenantId,\n tenantLevel,\n options,\n },\n {\n token,\n },\n ),\n );\n },\n ),\n});\n\nexport default withOutbound;\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { pathJoin, transformResponse } from '../helpers';\nimport {\n DeliveryMethods,\n User,\n SdkResponse,\n JWTResponse,\n DeliveryPhone,\n LoginOptions,\n MaskedEmail,\n UpdateOptions,\n SignUpOptions,\n} from '../types';\nimport {\n stringEmail,\n stringNonEmpty,\n stringPhone,\n withValidations,\n} from '../validations';\nimport { Otp, Routes } from './types';\n\nconst loginIdValidations = stringNonEmpty('loginId');\nconst withVerifyValidations = withValidations(\n loginIdValidations,\n stringNonEmpty('code'),\n);\nconst withSignValidations = withValidations(loginIdValidations);\nconst withUpdatePhoneValidations = withValidations(\n loginIdValidations,\n stringPhone('phone'),\n);\nconst withUpdateEmailValidations = withValidations(\n loginIdValidations,\n stringEmail('email'),\n);\n\nconst withOtp = (httpClient: HttpClient) => ({\n verify: Object.keys(DeliveryMethods).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withVerifyValidations(\n (loginId: string, code: string): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.otp.verify, delivery), {\n code,\n loginId,\n }),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.verify],\n\n signIn: Object.keys(DeliveryMethods).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n token?: string,\n ) =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.otp.signIn, delivery),\n { loginId, loginOptions, providerId },\n { token },\n ),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.signIn],\n\n signUp: Object.keys(DeliveryMethods).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ) =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.otp.signUp, delivery), {\n loginId,\n user,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.signUp],\n\n signUpOrIn: Object.keys(DeliveryMethods).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withSignValidations(\n (\n loginId: string,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ) =>\n transformResponse(\n httpClient.post(pathJoin(apiPaths.otp.signUpOrIn, delivery), {\n loginId,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.signIn],\n\n update: {\n email: withUpdateEmailValidations(\n <T extends boolean>(\n loginId: string,\n email: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ): Promise<SdkResponse<MaskedEmail>> =>\n transformResponse(\n httpClient.post(\n apiPaths.otp.update.email,\n { loginId, email, ...updateOptions },\n { token },\n ),\n ),\n ),\n phone: Object.keys(DeliveryPhone).reduce(\n (acc, delivery) => ({\n ...acc,\n [delivery]: withUpdatePhoneValidations(\n <T extends boolean>(\n loginId: string,\n phone: string,\n token?: string,\n updateOptions?: UpdateOptions<T>,\n ) =>\n transformResponse(\n httpClient.post(\n pathJoin(apiPaths.otp.update.phone, delivery),\n { loginId, phone, ...updateOptions },\n { token },\n ),\n ),\n ),\n }),\n {},\n ) as Otp[Routes.updatePhone],\n },\n});\n\nexport default withOtp;\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport { transformResponse } from './helpers';\nimport { SdkResponse, URLResponse, JWTResponse, LoginOptions } from './types';\nimport { stringNonEmpty, withValidations } from './validations';\n\nconst withStartValidations = withValidations(stringNonEmpty('tenant'));\nconst withExchangeValidations = withValidations(stringNonEmpty('code'));\n\nconst withSaml = (httpClient: HttpClient) => ({\n start: withStartValidations(\n (\n tenantIdOrEmail: string,\n redirectUrl?: string,\n loginOptions?: LoginOptions,\n token?: string,\n ssoId?: string,\n forceAuthn?: boolean,\n loginHint?: string,\n enforceInitiatedEmail?: boolean,\n ): Promise<SdkResponse<URLResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.saml.start, loginOptions \|\| {}, {\n queryParams: {\n tenant: tenantIdOrEmail,\n ...(redirectUrl && { redirectURL: redirectUrl }),\n ...(ssoId && { ssoId }),\n ...(forceAuthn && { forceAuthn: 'true' }),\n ...(loginHint && { loginHint }),\n ...(enforceInitiatedEmail && { initiatedEmail: tenantIdOrEmail }),\n },\n ...(token && { token }),\n }),\n ),\n ),\n exchange: withExchangeValidations(\n (code: string): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(httpClient.post(apiPaths.saml.exchange, { code })),\n ),\n});\n\nexport default withSaml;\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport { transformResponse } from './helpers';\nimport {\n User,\n SdkResponse,\n JWTResponse,\n TOTPResponse,\n LoginOptions,\n} from './types';\nimport { stringNonEmpty, withValidations } from './validations';\n\nconst loginIdValidations = stringNonEmpty('loginId');\nconst withVerifyValidations = withValidations(\n loginIdValidations,\n stringNonEmpty('code'),\n);\nconst withSignUpValidations = withValidations(loginIdValidations);\nconst withUpdateValidations = withValidations(loginIdValidations);\n\nconst withTotp = (httpClient: HttpClient) => ({\n signUp: withSignUpValidations(\n (loginId: string, user?: User): Promise<SdkResponse<TOTPResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.totp.signUp, { loginId, user }),\n ),\n ),\n\n verify: withVerifyValidations(\n (\n loginId: string,\n code: string,\n loginOptions?: LoginOptions,\n token?: string,\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.totp.verify,\n { loginId, code, loginOptions },\n { token },\n ),\n ),\n ),\n\n update: withUpdateValidations(\n (loginId: string, token?: string): Promise<SdkResponse<TOTPResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.totp.update, { loginId }, { token }),\n ),\n ),\n});\n\nexport default withTotp;\n","import { stringNonEmpty, withValidations } from '../validations';\n\nconst loginIdValidation = stringNonEmpty('loginId');\nconst newPasswordValidation = stringNonEmpty('newPassword');\nexport const withSignValidations = withValidations(\n loginIdValidation,\n stringNonEmpty('password'),\n);\nexport const withSendResetValidations = withValidations(loginIdValidation);\nexport const withUpdateValidation = withValidations(\n loginIdValidation,\n newPasswordValidation,\n);\nexport const withReplaceValidation = withValidations(\n loginIdValidation,\n stringNonEmpty('oldPassword'),\n newPasswordValidation,\n);\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { transformResponse } from '../helpers';\nimport {\n JWTResponse,\n LoginOptions,\n PasswordPolicyResponse,\n PasswordResetResponse,\n SdkResponse,\n SignUpOptions,\n TemplateOptions,\n User,\n} from '../types';\nimport {\n withReplaceValidation,\n withSendResetValidations,\n withSignValidations,\n withUpdateValidation,\n} from './validations';\n\nconst withPassword = (httpClient: HttpClient) => ({\n signUp: withSignValidations(\n (\n loginId: string,\n password: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.password.signUp, {\n loginId,\n password,\n user,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n\n signIn: withSignValidations(\n (\n loginId: string,\n password: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.password.signIn, {\n loginId,\n password,\n loginOptions,\n providerId,\n }),\n ),\n ),\n\n sendReset: withSendResetValidations(\n (\n loginId: string,\n redirectUrl?: string,\n templateOptions?: TemplateOptions,\n ): Promise<SdkResponse<PasswordResetResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.password.sendReset, {\n loginId,\n redirectUrl,\n templateOptions,\n }),\n ),\n ),\n\n update: withUpdateValidation(\n (\n loginId: string,\n newPassword: string,\n token?: string,\n ): Promise<SdkResponse<never>> =>\n transformResponse(\n httpClient.post(\n apiPaths.password.update,\n {\n loginId,\n newPassword,\n },\n { token },\n ),\n ),\n ),\n\n replace: withReplaceValidation(\n (\n loginId: string,\n oldPassword: string,\n newPassword: string,\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.password.replace, {\n loginId,\n oldPassword,\n newPassword,\n }),\n ),\n ),\n\n policy: (): Promise<SdkResponse<PasswordPolicyResponse>> =>\n transformResponse(httpClient.get(apiPaths.password.policy)),\n});\n\nexport default withPassword;\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport { transformResponse } from './helpers';\nimport {\n SdkResponse,\n ResponseData,\n LoginOptions,\n JWTResponse,\n PasskeyOptions,\n WebAuthnStartResponse,\n} from './types';\nimport {\n isStringOrUndefinedValidator,\n string,\n stringNonEmpty,\n withValidations,\n} from './validations';\n\nconst loginIdStringValidations = string('loginId');\nconst loginIdNonEmptyValidations = stringNonEmpty('loginId');\nconst originValidations = stringNonEmpty('origin');\n\nconst withSignUpStartValidations = withValidations(\n loginIdNonEmptyValidations,\n originValidations,\n stringNonEmpty('name'),\n);\nconst withSignUpOrInStartValidations = withValidations(\n loginIdNonEmptyValidations,\n originValidations,\n);\nconst withSignInStartValidations = withValidations(\n loginIdStringValidations,\n originValidations,\n);\nconst withUpdateStartValidations = withValidations(\n loginIdNonEmptyValidations,\n originValidations,\n isStringOrUndefinedValidator('token'),\n);\nconst withFinishValidations = withValidations(\n stringNonEmpty('transactionId'),\n stringNonEmpty('response'),\n);\n\nconst withWebauthn = (httpClient: HttpClient) => ({\n signUp: {\n start: withSignUpStartValidations(\n (\n loginId: string,\n origin: string,\n name: string,\n passkeyOptions?: PasskeyOptions,\n ): Promise<SdkResponse<WebAuthnStartResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.signUp.start, {\n user: {\n loginId,\n name,\n },\n origin,\n passkeyOptions,\n }),\n ),\n ),\n\n finish: withFinishValidations(\n (\n transactionId: string,\n response: string,\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.signUp.finish, {\n transactionId,\n response,\n }),\n ),\n ),\n },\n\n signIn: {\n start: withSignInStartValidations(\n (\n loginId: string,\n origin: string,\n loginOptions?: LoginOptions,\n token?: string,\n passkeyOptions?: PasskeyOptions,\n ): Promise<SdkResponse<WebAuthnStartResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.webauthn.signIn.start,\n { loginId, origin, loginOptions, passkeyOptions },\n { token },\n ),\n ),\n ),\n\n finish: withFinishValidations(\n (\n transactionId: string,\n response: string,\n ): Promise<SdkResponse<JWTResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.signIn.finish, {\n transactionId,\n response,\n }),\n ),\n ),\n },\n\n signUpOrIn: {\n start: withSignUpOrInStartValidations(\n (\n loginId: string,\n origin: string,\n passkeyOptions?: PasskeyOptions,\n ): Promise<SdkResponse<WebAuthnStartResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.signUpOrIn.start, {\n loginId,\n origin,\n passkeyOptions,\n }),\n ),\n ),\n },\n\n update: {\n start: withUpdateStartValidations(\n (\n loginId: string,\n origin: string,\n token?: string,\n passkeyOptions?: PasskeyOptions,\n ): Promise<SdkResponse<WebAuthnStartResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.webauthn.update.start,\n { loginId, origin, passkeyOptions },\n { token },\n ),\n ),\n ),\n\n finish: withFinishValidations(\n (\n transactionId: string,\n response: string,\n ): Promise<SdkResponse<ResponseData>> =>\n transformResponse(\n httpClient.post(apiPaths.webauthn.update.finish, {\n transactionId,\n response,\n }),\n ),\n ),\n },\n});\n\nexport default withWebauthn;\n","import { apiPaths } from '../../constants';\nimport { HttpClient } from '../../httpClient';\nimport { normalizeWaitForSessionConfig } from '../../utils';\nimport { transformResponse } from '../helpers';\nimport {\n JWTResponse,\n LoginOptions,\n SdkResponse,\n SignUpOptions,\n User,\n WaitForSessionConfig,\n} from '../types';\nimport { stringNonEmpty, string, withValidations } from '../validations';\nimport { NOTPResponse } from './types';\n\nconst loginIdValidations = string('loginId');\n\nconst withSignValidations = withValidations(loginIdValidations);\n\nconst withWaitForSessionValidations = withValidations(\n stringNonEmpty('pendingRef'),\n);\n\nconst withNotp = (httpClient: HttpClient) => ({\n signUpOrIn: withSignValidations(\n (\n loginId?: string,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<NOTPResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.notp.signUpOrIn, {\n loginId,\n loginOptions: signUpOptions,\n providerId,\n }),\n ),\n ),\n signUp: withSignValidations(\n (\n loginId?: string,\n user?: User,\n {\n providerId,\n ...signUpOptions\n }: SignUpOptions & { providerId?: string } = {},\n ): Promise<SdkResponse<NOTPResponse>> =>\n transformResponse(\n httpClient.post(apiPaths.notp.signUp, {\n loginId,\n user,\n providerId,\n loginOptions: signUpOptions,\n }),\n ),\n ),\n signIn: withSignValidations(\n (\n loginId?: string,\n {\n providerId,\n ...loginOptions\n }: LoginOptions & { providerId?: string } = {},\n token?: string,\n ): Promise<SdkResponse<NOTPResponse>> =>\n transformResponse(\n httpClient.post(\n apiPaths.notp.signIn,\n { loginId, loginOptions, providerId },\n { token },\n ),\n ),\n ),\n waitForSession: withWaitForSessionValidations(\n (\n pendingRef: string,\n config?: WaitForSessionConfig,\n ): Promise<SdkResponse<JWTResponse>> =>\n new Promise((resolve) => {\n const { pollingIntervalMs, timeoutMs } =\n normalizeWaitForSessionConfig(config);\n let timeout: NodeJS.Timeout \| undefined;\n const interval = setInterval(async () => {\n const resp = await httpClient.post(apiPaths.notp.session, {\n pendingRef,\n });\n if (resp.ok) {\n clearInterval(interval);\n if (timeout) clearTimeout(timeout);\n resolve(transformResponse(Promise.resolve(resp)));\n }\n }, pollingIntervalMs);\n\n timeout = setTimeout(() => {\n resolve({\n error: {\n errorDescription: `Session polling timeout exceeded: ${timeoutMs}ms`,\n errorCode: '0',\n },\n ok: false,\n });\n clearInterval(interval);\n }, timeoutMs);\n }),\n ),\n});\n\nexport default withNotp;\n","import { apiPaths } from '../constants';\nimport { HttpClient } from '../httpClient';\nimport withAccessKeys from './accesskey';\nimport withEnchantedLink from './enchantedLink';\nimport withFlow from './flow';\nimport {\n getTenants,\n getJwtPermissions,\n getJwtRoles,\n getCurrentTenant,\n isJwtExpired,\n transformResponse,\n} from './helpers';\nimport withMagicLink from './magicLink';\nimport withOauth from './oauth';\nimport withOutbound from './outbound';\nimport withOtp from './otp';\nimport withSaml from './saml';\nimport withTotp from './totp';\nimport withPassword from './password';\nimport {\n JWTResponse,\n TenantsResponse,\n UserHistoryResponse,\n UserResponse,\n} from './types';\nimport {\n stringNonEmpty,\n withValidations,\n isStringOrUndefinedValidator,\n} from './validations';\nimport withWebauthn from './webauthn';\nimport {\n isArrayOrBool,\n isString,\n isStringOrUndefined,\n} from './validations/validators';\nimport withNotp from './notp';\n\nconst withJwtValidations = withValidations(stringNonEmpty('token'));\nconst withOptionalTokenValidations = withValidations(\n isStringOrUndefinedValidator('token'),\n);\n\n/* Returns Descope SDK with all available operations /\nexport default (httpClient: HttpClient) => ({\n accessKey: withAccessKeys(httpClient),\n otp: withOtp(httpClient),\n magicLink: withMagicLink(httpClient),\n enchantedLink: withEnchantedLink(httpClient),\n oauth: withOauth(httpClient),\n outbound: withOutbound(httpClient),\n saml: withSaml(httpClient),\n totp: withTotp(httpClient),\n notp: withNotp(httpClient),\n webauthn: withWebauthn(httpClient),\n password: withPassword(httpClient),\n flow: withFlow(httpClient),\n /\n Refreshes a session token\n * Should be called when a session has expired (failed validation) to renew it\n * @param token A valid refresh token\n * @param queryParams Additional query parameters to send with the request.\n * @param externalToken An external token to exchange for a new session token\n * @param tryRefresh If true, will use the tryRefresh endpoint, which will not fail if token is missing, invalid or expired.\n * NOTE - queryParams is used internally and should NOT be used by other consumers, this is subject to change and may be removed in the near future.\n * @returns The updated authentication info (JWTs)\n /\n refresh: withOptionalTokenValidations(\n (\n token?: string,\n queryParams?: { [key: string]: string },\n externalToken?: string,\n tryRefresh?: boolean,\n ) => {\n const body = {};\n if (externalToken) {\n body['externalToken'] = externalToken;\n }\n const path = tryRefresh ? apiPaths.tryRefresh : apiPaths.refresh;\n return transformResponse<JWTResponse>(\n httpClient.post(path, body, { token, queryParams }),\n );\n },\n ),\n /\n Selects a tenant for the current session\n * @param tenantId The tenant to select\n * @param token A valid refresh token\n * @returns The updated authentication info (JWTs). The session token will be updated with the selected tenant under the \"dct\" claim\n /\n selectTenant: withValidations(\n [isString('tenantId')],\n [isStringOrUndefined('\"token\" must be string or undefined')],\n )((tenantId: string, token?: string) =>\n transformResponse<JWTResponse>(\n httpClient.post(apiPaths.selectTenant, { tenant: tenantId }, { token }),\n ),\n ),\n /\n Logs out the current session\n * @param token A valid refresh token\n /\n logout: withOptionalTokenValidations((token?: string) =>\n transformResponse<never>(httpClient.post(apiPaths.logout, {}, { token })),\n ),\n /\n Logs out all sessions for the current user\n * @param token A valid refresh token\n /\n logoutAll: withOptionalTokenValidations((token?: string) =>\n transformResponse<never>(\n httpClient.post(apiPaths.logoutAll, {}, { token }),\n ),\n ),\n /\n Returns the current user details\n * @param token A valid refresh token\n * @returns The current user details\n /\n me: withOptionalTokenValidations((token?: string) =>\n transformResponse<UserResponse>(httpClient.get(apiPaths.me, { token })),\n ),\n /\n Returns the current user details\n * @param tenants set to true IFF the response should include only the selected tenant from JWT, or list of tenant ids\n * @param token A valid refresh token\n * @returns The current user details\n /\n myTenants: withValidations(\n [isArrayOrBool('\"tenants\" must a string array or a boolean')],\n [isStringOrUndefined('\"token\" must be string or undefined')],\n )((tenants: true \| string[], token?: string) => {\n const body = {};\n if (typeof tenants === 'boolean') {\n body['dct'] = tenants;\n } else {\n body['ids'] = tenants;\n }\n return transformResponse<TenantsResponse>(\n httpClient.post(apiPaths.myTenants, body, { token }),\n );\n }),\n /\n Returns the current user authentication history\n * @param token A valid refresh token\n * @returns The current user authentication history\n /\n history: withOptionalTokenValidations((token?: string) =>\n transformResponse<UserHistoryResponse>(\n httpClient.get(apiPaths.history, { token }),\n ),\n ),\n /\n Checks if the given JWT is still valid but DOES NOT check for signature\n * @param token A valid token\n * @returns true if the JWT is expired, false otherwise\n /\n isJwtExpired: withJwtValidations(isJwtExpired),\n /\n Returns the list of tenants in the given JWT but DOES NOT check for signature\n * @param token A valid token\n * @returns The list of tenants in the given JWT\n /\n getTenants: withJwtValidations(getTenants),\n /\n Returns the list of permissions granted in the given JWT but DOES NOT check for signature\n * @param token A valid token\n * @param tenant The tenant to check permissions for. If not provided, the permissions for the current tenant will be returned\n * @returns The list of permissions granted in the given JWT\n /\n getJwtPermissions: withJwtValidations(getJwtPermissions),\n /\n Returns the list of roles specified in the given JWT but DOES NOT check for signature\n * @param token A valid token\n * @param tenant The tenant to check roles for. If not provided, the roles for the current tenant will be returned\n * @returns The list of roles specified in the given JWT\n /\n getJwtRoles: withJwtValidations(getJwtRoles),\n /\n Returns Descope current tenant from the given JWT but DOES NOT check for signature\n * @param token A valid token\n * @returns The current tenant from the given JWT\n /\n getCurrentTenant: withJwtValidations(getCurrentTenant),\n /\n Parses the given JWT token but DOES NOT check for signature\n * @param token A valid token\n * @returns The parsed JWT token\n /\n httpClient,\n});\n","import createHttpClient from './httpClient';\nimport { Fetch, MultipleHooks } from './httpClient/types';\nimport createSdk from './sdk';\nimport { Logger } from './sdk/types';\nimport { stringNonEmpty, withValidations } from './sdk/validations';\nimport { hasPathValue } from './sdk/validations/validators';\n\ntype SdkConfig = {\n projectId: string;\n logger?: Logger;\n baseUrl?: string;\n hooks?: MultipleHooks;\n cookiePolicy?: RequestCredentials \| null;\n baseHeaders?: HeadersInit;\n refreshCookieName?: string;\n fetch?: Fetch;\n};\n\n/* Validate we have non-empty project id /\nconst withSdkConfigValidations = withValidations([\n hasPathValue('projectId', stringNonEmpty('projectId')),\n]);\n\n/* Descope SDK client /\nexport default withSdkConfigValidations((config: SdkConfig) => {\n const {\n projectId,\n logger,\n baseUrl,\n cookiePolicy,\n baseHeaders = {},\n refreshCookieName,\n fetch,\n } = config;\n\n return createSdk(\n createHttpClient({\n baseUrl,\n projectId,\n logger,\n hooks: {\n get beforeRequest() {\n return config.hooks?.beforeRequest;\n },\n get afterRequest() {\n return config.hooks?.afterRequest;\n },\n get transformResponse() {\n return config.hooks?.transformResponse;\n },\n },\n cookiePolicy,\n baseConfig: { baseHeaders },\n refreshCookieName,\n fetch,\n }),\n );\n});\n","import createSdk from './createSdk';\nimport {\n CreateHttpClientConfig,\n ExtendedResponse,\n HttpClient,\n HTTPMethods,\n RequestConfig,\n} from './httpClient/types';\nimport { OAuthProviders } from './sdk/oauth/types';\nimport { DeliveryMethods } from './sdk/types';\n\n/* Descope SDK client with delivery methods enum.\n \n Please see full documentation at {@link https://docs.descope.com/guides Descope Docs}\n * @example Usage\n \n ```js\n * import descopeSdk from '@descope/core-js-sdk';\n \n const myProjectId = 'xxx';\n * const sdk = descopeSdk({ projectId: myProjectId });\n \n const userLoginId = 'loginId';\n * sdk.otp.signIn.email(userLoginId);\n * const jwtResponse = sdk.otp.verify.email(userIdentifier, codeFromEmail);\n * ```\n /\nexport default Object.assign(createSdk, { DeliveryMethods });\n\nexport { default as HttpStatusCodes } from './constants/httpStatusCodes';\nexport { default as createHttpClient } from './httpClient';\nexport { transformResponse } from './sdk/helpers';\nexport type {\n AccessKeyLoginOptions,\n EnchantedLinkResponse,\n ExchangeAccessKeyResponse,\n FlowAction,\n FlowResponse,\n FlowStatus,\n Claims,\n JWTResponse,\n LoginOptions,\n PasskeyOptions,\n ResponseData,\n SdkResponse,\n TOTPResponse,\n URLResponse,\n UserHistoryResponse,\n UserResponse,\n} from './sdk/types';\nexport from './utils';\nexport type { SdkFnWrapper } from './utils';\nexport type {\n CreateHttpClientConfig,\n ExtendedResponse,\n HttpClient,\n HTTPMethods,\n RequestConfig,\n};\n\n/** Type to restrict to valid delivery methods /\nexport type DeliveryMethod = keyof typeof DeliveryMethods;\n/* Type to restrict to valid OAuth providers /\nexport type OAuthProvider = keyof typeof OAuthProviders;\n","/ eslint-disable import/exports-last /\nimport { ResponseData } from '../../sdk/types';\nimport { SdkFnWrapper, ReplacePaths, SdkFnsPaths } from './types';\n\n/\n A wrapper function that allows to wrap multiple Sdk function\n * @param obj: The Sdk instance you want to wrap\n * @param paths: A readonly list of paths of the functions you want to wrap\n * @param wrapper: Your wrapper function, it should gets an Sdk function and return a new Sdk function\n * @returns a mutated instance of the Sdk with updated type definitions based on your wrapper return type\n \n Usage example:\n \n // Assuming this is our SDK instance\n * const sdk = {\n * me: (token) => {...}\n * flow: {\n * start: (...params) => {...}\n * next: (...params) => {...}\n * }\n * ...\n * }\n \n // This is our wrapper\n * const wrapper = (sdkFn) => async (...args) => {\n * const sdkResponse = await sdkFn(...args)\n \n // Modify return value\n * return {...sdkResponse, data: {...sdkResponse.data, myCustomAttribute: 'hello'}}\n * }\n \n // And those are the paths we want to wrap\n * const paths = ['flow.start', 'flow.next'] as const // You MUST add as const!\n \n // We can wrap our SDK functions with the wrapper we created in this way\n * const newlyTypedSdk = wrapWith(sdk, paths, wrapper)\n \n Now the 2 wrapped functions will have the updated type based on the wrapper return value\n */\n\nconst wrapWith = <\n Obj extends object,\n Paths extends ReadonlyArray<SdkFnsPaths<Obj>>,\n WrapperData extends ResponseData,\n>(\n obj: Obj,\n paths: Paths,\n wrapper: SdkFnWrapper<WrapperData>,\n): ReplacePaths<Obj, Paths, WrapperData> => {\n paths.forEach((path) => {\n const sections = path.split('.');\n let section = sections.shift();\n let currentRef: Record<string, any> = obj;\n\n while (sections.length > 0) {\n currentRef = currentRef[section];\n\n if (!section \|\| !currentRef) {\n throw Error(\n `Invalid path \"${path}\", \"${section}\" is missing or has no value`,\n );\n }\n\n section = sections.shift();\n }\n\n if (typeof currentRef[section] !== 'function') {\n throw Error(`\"${path}\" is not a function`);\n }\n const origFn = currentRef[section];\n currentRef[section] = wrapper(origFn);\n });\n\n return obj as any;\n};\n\nexport default wrapWith;\n"],"names":["apiPaths","accessKey","exchange","otp","verify","signIn","signUp","update","email","phone","signUpOrIn","magicLink","enchantedLink","session","oauth","start","startNative","finishNative","oneTap","getOneTapClientId","exchangeOneTapIDToken","verifyOneTapIDToken","outbound","connect","saml","totp","notp","webauthn","finish","password","sendReset","replace","policy","refresh","tryRefresh","selectTenant","logout","logoutAll","me","myTenants","history","flow","next","BASE_URL_REGION_PLACEHOLDER","DEFAULT_BASE_API_URL","MIN_POLLING_INTERVAL_MS","MAX_POLLING_TIMEOUT_MS","DESCOPE_CURRENT_TENANT_CLAIM","httpLogBuilder","msg","headers","headersObj","entries","Object","fromEntries","Headers","JSON","stringify","this","body","Body","url","Url","toString","method","Method","title","Title","status","Status","retries","Retries","build","keys","flatMap","key","join","retryStatusCodes","retryDelaysMs","sleep","ms","Promise","resolve","setTimeout","fetchWrapper","fetch","async","args","resp","includes","length","respText","text","json","parse","clone","createFetchLogger","logger","receivedFetch","baseFetch","warn","Error","log","buildRequestLog","ok","respBody","statusText","buildResponseLog","sessionId","getClientSessionId","currentDate","Date","utcString","getUTCFullYear","getUTCMonth","padStart","getUTCDate","getUTCHours","getUTCMinutes","getUTCSeconds","getUTCMilliseconds","randomSuffix","Math","floor","random","HTTPMethods","urlBuilder","path","baseUrl","queryParams","projectId","region","slice","forEach","index","encodeURIComponent","mergeHeaders","sources","reduce","acc","source","Array","isArray","from","getSrcArr","value","jsonHeaders","createAuthorizationHeader","token","bearer","Authorization","createDescopeHeaders","refreshCookieName","res","isJson","e","createHttpClient$1","createHttpClient","config","assign","hooks","beforeRequest","conf","beforeRequestHooks","concat","_a","fn","afterRequest","req","afterRequestHooks","allSettled","map","result","error","reason","transformResponse","withMultipleHooks","recBaseUrl","baseConfig","cookiePolicy","fetchWithLogger","sendRequest","requestConfig","serializedBody","undefined","serializeBody","requestInit","baseHeaders","credentials","cookies","setCookieHeader","get","cookiesString","pos","skipWhitespace","test","charAt","notSpecialChar","ch","lastComma","nextStart","cookiesSeparatorFound","push","substring","splitCookiesString","cookieStr","nameValue","split","eqIdx","indexOf","trim","filter","Boolean","mutableResponse","post","patch","put","delete","buildUrl","HttpStatusCodes","TOO_MANY_REQUESTS","getJwtAuthorizationItems","tenant","claim","claims","parseJwt","tenants","items","jwtDecode","isJwtExpired","exp","getTime","getTenants","getJwtPermissions","getJwtRoles","pathJoin","response","transform","ret","code","data","retryAfter","Number","parseInt","getCurrentTenant","createValidator","rule","defaultMsg","val","createOrValidator","validators","errors","validator","createValidation","validate","errMsg","regexMatch","regex","validateEmail","validatePhone","validatePathValue","rules","object","pathName","defaultValue","parts","String","m","i","v","isEmail","isPhone","isNotEmpty","min","isString","isBoolean","isUndefined","isStringOrUndefined","isArrayOrBool","withValidations","argsRules","rulesArr","string","fieldName","isStringOrUndefinedValidator","stringNonEmpty","stringEmail","stringPhone","withExchangeValidations","withAccessKeys","httpClient","loginOptions","normalizeWaitForSessionConfig","pollingIntervalMs","timeoutMs","max","DeliveryPhone","DeliveryEmail","DeliveryMethods","FlowStatus","loginIdValidations","withVerifyValidations","withSignValidations","withWaitForSessionValidations","withUpdateEmailValidations","withEnchantedLink","loginId","URI","providerId","__rest","signUpOptions","user","waitForSession","pendingRef","timeout","interval","setInterval","clearInterval","clearTimeout","errorDescription","errorCode","updateOptions","withStartValidations","withNextValidations","withFlow","flowId","options","conditionInteractionId","interactionId","componentsVersion","flowVersions","input","isCustomScreen","executionId","stepId","version","withUpdatePhoneValidations","deliveryMethods","d","voice","im","withMagicLink","delivery","OAuthProviders","withOauth","provider","redirectUrl","loginHint","redirectURL","implicit","stateId","idToken","nonce","appIdValidation","withConnectValidations","withOutbound","appId","tenantId","tenantLevel","withOtp","withSaml","tenantIdOrEmail","ssoId","forceAuthn","enforceInitiatedEmail","initiatedEmail","withSignUpValidations","withUpdateValidations","withTotp","loginIdValidation","newPasswordValidation","withSendResetValidations","withUpdateValidation","withReplaceValidation","withPassword","templateOptions","newPassword","oldPassword","loginIdStringValidations","loginIdNonEmptyValidations","originValidations","withSignUpStartValidations","withSignUpOrInStartValidations","withSignInStartValidations","withUpdateStartValidations","withFinishValidations","withWebauthn","origin","name","passkeyOptions","transactionId","withNotp","withJwtValidations","withOptionalTokenValidations","createSdk","withSdkConfigValidations","externalToken","obj","paths","wrapper","sections","section","shift","currentRef","origFn"],"mappings":"mHACeA,EAAA,CACbC,UAAW,CACTC,SAAU,+BAEZC,IAAK,CACHC,OAAQ,sBACRC,OAAQ,sBACRC,OAAQ,sBACRC,OAAQ,CACNC,MAAO,4BACPC,MAAO,6BAETC,WAAY,0BAEdC,UAAW,CACTP,OAAQ,4BACRC,OAAQ,4BACRC,OAAQ,4BACRC,OAAQ,CACNC,MAAO,kCACPC,MAAO,mCAETC,WAAY,gCAEdE,cAAe,CACbR,OAAQ,gCACRC,OAAQ,gCACRC,OAAQ,gCACRO,QAAS,yCACTN,OAAQ,CACNC,MAAO,uCAETE,WAAY,oCAEdI,MAAO,CACLC,MAAO,2BACPb,SAAU,0BACVc,YAAa,6BACbC,aAAc,8BACdC,OAAQ,CACNC,kBAAmB,sCACnBC,sBAAuB,mCACvBC,oBAAqB,mCAGzBC,SAAU,CACRC,QAAS,8BAEXC,KAAM,CACJT,MAAO,0BACPb,SAAU,0BAEZuB,KAAM,CACJrB,OAAQ,uBACRE,OAAQ,uBACRC,OAAQ,wBAEVmB,KAAM,CACJrB,OAAQ,gCACRC,OAAQ,gCACRI,WAAY,mCACZG,QAAS,iCAEXc,SAAU,CACRrB,OAAQ,CACNS,MAAO,iCACPa,OAAQ,mCAEVvB,OAAQ,CACNU,MAAO,iCACPa,OAAQ,mCAEVlB,WAAY,CACVK,MAAO,qCAETR,OAAQ,CACNQ,MAAO,gCACPa,OAAQ,oCAGZC,SAAU,CACRvB,OAAQ,2BACRD,OAAQ,2BACRyB,UAAW,0BACXvB,OAAQ,2BACRwB,QAAS,4BACTC,OAAQ,4BAKVC,QAAS,mBACTC,WAAY,uBACZC,aAAc,yBACdC,OAAQ,kBACRC,UAAW,qBACXC,GAAI,cACJC,UAAW,sBACXC,QAAS,sBACTC,KAAM,CACJ1B,MAAO,iBACP2B,KAAM,kBCrGH,MAAMC,EAA8B,WAC9BC,EAAuB,eAAeD,eAGtCE,EAA0B,IAE1BC,EAAyB,IAGzBC,EAA+B,MCNtCC,EAAiB,KACrB,MAAMC,EAQF,CAAA,EAEJ,MAAO,CACL,OAAAC,CAAQA,GACN,MAAMC,EACuB,mBAApBD,EAAQE,QACXC,OAAOC,YAAYJ,EAAQE,WAC3BF,EAGN,OAFAD,EAAIM,QAAUC,KAAKC,UAAUN,GAEtBO,IACR,EAED,IAAAC,CAAKA,GAEH,OADAV,EAAIW,KAAOD,EACJD,IACR,EAED,GAAAG,CAAIA,GAEF,OADAZ,EAAIa,IAAMD,EAAIE,WACPL,IACR,EAED,MAAAM,CAAOA,GAEL,OADAf,EAAIgB,OAASD,EACNN,IACR,EAED,KAAAQ,CAAMA,GAEJ,OADAjB,EAAIkB,MAAQD,EACLR,IACR,EAED,MAAAU,CAAOA,GAEL,OADAnB,EAAIoB,OAASD,EACNV,IACR,EAED,OAAAY,CAAQA,GAEN,OADArB,EAAIsB,QAAUD,EACPZ,IACR,EAEDc,MAAK,IACInB,OAAOoB,KAAKxB,GAChByB,SAASC,GACR1B,EAAI0B,GAAO,CAAC,GAAW,UAARA,EAAkB,GAAGA,MAAU,KAAK1B,EAAI0B,MAAU,KAElEC,KAAK,MAEX,EAmBGC,EAAmB,CAAC,IAAK,IAAK,IAAK,IAAK,KAGxCC,EAAgB,CAAC,IAAK,IAAM,KAE5BC,EAASC,GACb,IAAIC,SAAeC,GAAYC,WAAWD,EAASF,KAgB/CI,EACHC,GACDC,SAAUC,KACR,IAAIC,QAA8CH,KAASE,GAEvDjB,EAAU,EACd,KACEO,EAAiBY,SAASD,EAAKpB,SAC/BE,EAAUQ,EAAcY,cAElBX,EAAMD,EAAcR,IAC1BkB,QAAaH,KAASE,GACtBjB,IAGEA,EAAU,IACZkB,EAAKlB,QAAUA,GAKjB,MAAMqB,QAAiBH,EAAKI,OAM5B,OAJAJ,EAAKI,KAAO,IAAMX,QAAQC,QAAQS,GAClCH,EAAKK,KAAO,IAAMZ,QAAQC,QAAQ1B,KAAKsC,MAAMH,IAC7CH,EAAKO,MAAQ,IAAMP,EAEZA,CAAI,EASTQ,EAAoB,CAACC,EAAgBC,KACzC,MAAMC,EAAYD,GAAiBb,MAOnC,OANKc,GAEHF,SAAAA,EAAQG,KACN,uIAGCH,EACEX,SAAUC,KACf,IAAKY,EACH,MAAME,MACJ,qHAEJJ,EAAOK,IAvFa,CAACf,GACvBvC,IACGkB,MAAM,WACNL,IAAI0B,EAAK,IACTvB,OAAOuB,EAAK,GAAGvB,QACfd,QAAQqC,EAAK,GAAGrC,SAChBS,KAAK4B,EAAK,GAAG5B,MACba,QAgFU+B,CAAgBhB,IAC3B,MAAMC,QAAaJ,EAAae,EAAbf,IAA2BG,GAI9C,OAFAU,EAAOT,EAAKgB,GAAK,MAAQ,cAlEJlB,OAAOE,IAC9B,MAAMiB,QAAiBjB,EAAKI,OAE5B,OAAO5C,IACJkB,MAAM,YACNL,IAAI2B,EAAK3B,IAAIE,YACbK,OAAO,GAAGoB,EAAKpB,UAAUoB,EAAKkB,cAC9BxD,QAAQsC,EAAKtC,SACbS,KAAK8C,GACLnC,QAAQkB,EAAKlB,SACbE,OAAO,EAwDgCmC,CAAiBnB,IAElDA,CAAI,EAXOJ,EAAae,EAYhC,EChKH,IAAIS,EAEG,MAAMC,EAAqB,KAChC,GAAID,EACF,OAAOA,EAET,MAAME,EAAc,IAAIC,KAClBC,EAAY,GAAGF,EAAYG,iBAAiBlD,eAChD+C,EAAYI,cAAgB,GAE3BnD,WACAoD,SAAS,EAAG,QAAQL,EACpBM,aACArD,WACAoD,SAAS,EAAG,QAAQL,EACpBO,cACAtD,WACAoD,SAAS,EAAG,QAAQL,EACpBQ,gBACAvD,WACAoD,SAAS,EAAG,QAAQL,EACpBS,gBACAxD,WACAoD,SAAS,EAAG,QAAQL,EAAYU,qBAAqBzD,aAClD0D,EAAeC,KAAKC,MAAM,IAAuB,IAAhBD,KAAKE,UAE5C,OADAhB,EAAY,GAAGI,KAAaS,IACrBb,CAAS,ECdlB,IAAYiB,GAAZ,SAAYA,GACVA,EAAA,IAAA,MACAA,EAAA,OAAA,SACAA,EAAA,KAAA,OACAA,EAAA,IAAA,MACAA,EAAA,MAAA,OACD,CAND,CAAYA,IAAAA,EAMX,CAAA,ICfM,MAAMC,EAAa,EACxBC,OACAC,UACAC,cACAC,gBAWA,MAAMC,EAASD,EAAUE,MAAM,GAAI,IACnCJ,EAAUA,EAAQjG,QAChBY,EACAwF,EAASA,EAAS,IAAM,IAG1B,IAAItE,EAAMkE,EACN,GAAGC,EAAQjG,QAAQ,MAAO,OAAOgG,aAAA,EAAAA,EAAMhG,QAAQ,MAAO,MACtDiG,EAGJ,GAAIC,EAAa,CACf,MAAMxD,EAAOpB,OAAOoB,KAAKwD,GACzBxD,EAAK4D,SAAQ,CAAC1D,EAAa2D,KACzBzE,EAAM,GAAGA,IAAgB,IAAVyE,EAAc,IAAM,KAAK3D,KAAO4D,mBAC7CN,EAAYtD,MACV2D,IAAU7D,EAAKiB,OAAS,EAAI,GAAK,KAAK,GAE7C,CAED,OAAO7B,CAAG,EC1BC2E,EAAe,IAAIC,IAC9B,IAAIlF,QACFkF,EAAQC,QACN,CAACC,EAA6BC,KAXlB,CAACA,GACbC,MAAMC,QAAQF,GAAgBA,EAC9BA,aAAkBrF,QAAgBsF,MAAME,KAAKH,EAAOxF,WACnDwF,EACEvF,OAAOD,QAAQwF,GADF,GASdI,CAAUJ,GAAQP,SAAQ,EAAE1D,EAAKsE,MAC/BN,EAAIhE,GAAwB,mBAAVsE,EAAuBA,IAAUA,CAAK,IAGnDN,IAET,CAAA,ICPAO,EAAc,CAClB,eAAgB,oBAQZC,EAA4B,CAChCjB,EACAkB,EAAQ,MAER,IAAIC,EAASnB,EAIb,OAHIkB,IACFC,EAASA,EAAS,IAAMD,GAEnB,CACLE,cAAe,UAAUD,IAC1B,EAQGE,EAAuB,CAC3BrB,EACAsB,KAEA,MAAMC,EAAM,CACV,2BAA4B5C,IAC5B,qBAAsB,UACtB,wBAAyB,SACzB,uBAAwBqB,GAM1B,OAHIsB,IACFC,EAAI,iCAAmCD,GAElCC,CAAG,EAGNC,EAAUT,IACd,IACEA,EAAQzF,KAAKsC,MAAMmD,EACpB,CAAC,MAAOU,GACP,OAAO,CACR,CAED,MAAwB,iBAAVV,GAAgC,OAAVA,CAAc,EAqKpD,IAAeW,EAhKb,CAAmBC,GAEjBC,UAyBA,OAAOD,EAAgBxG,OAAA0G,OAAA1G,OAAA0G,OAAA,GAClBD,GAAM,CACTE,MAAO,CACLC,cA1BkCC,UAGpC,MAAMC,EAAqB,GAAGC,QAAqB,QAAdC,EAAAP,EAAOE,aAAO,IAAAK,OAAA,EAAAA,EAAAJ,gBAAiB,IACpE,OAAOE,aAAkB,EAAlBA,EAAoBzB,QAAO,CAACC,EAAK2B,IAAOA,EAAG3B,IAAMuB,EAAK,EAuB3DK,aApB+BjF,MAAOkF,EAAKf,WAG7C,MAAMgB,EAAoB,GAAGL,QAAqB,QAAdC,EAAAP,EAAOE,aAAO,IAAAK,OAAA,EAAAA,EAAAE,eAAgB,IAElE,GAAgC,GAA5BE,EAAkB/E,OAAa,cACbT,QAAQyF,WAC5BD,aAAA,EAAAA,EAAmBE,KAAKL,GAAOA,EAAGE,EAAKf,aAAA,EAAAA,EAAK1D,aAGtCsC,SACLuC,IAAU,IAAAP,EACT,MAAkB,aAAlBO,EAAOxG,SAAwC,QAAfiG,EAAAP,EAAO7D,cAAQ,IAAAoE,OAAA,EAAAA,EAAAQ,MAAMD,EAAOE,QAAO,GACtE,EAQCC,0BAAmBV,EAAAP,EAAOE,4BAAOe,qBAEnC,EA8HSC,EAtHU,EACvBhD,QAASiD,EACT/C,YACAgD,aACA1B,oBACAvD,SACA+D,QACAmB,eACA9F,YAEA,MAAM2C,EAAUiD,GAAcrI,EACxBwI,EAAkBpF,EAAkBC,EAAQZ,GAE5CgG,EAAc/F,MAAOwE,UACzB,MAAMwB,GAAgBtB,aAAK,EAALA,EAAOC,eACzBD,EAAMC,cAAcH,GACpBA,GAEE/B,KAAEA,EAAIpE,KAAEA,EAAIT,QAAEA,EAAO+E,YAAEA,EAAWjE,OAAEA,EAAMoF,MAAEA,GAAUkC,EAEtDC,ED1GmB,CAAC5H,QACnB6H,IAAT7H,OAAqB6H,EAAYhI,KAAKC,UAAUE,GCyGvB8H,CAAc9H,GAC/B+H,EAA2B,CAC/BxI,QAASsF,EACPW,EAA0BjB,EAAWkB,GACrCG,EAAqBrB,EAAWsB,IAChC0B,aAAU,EAAVA,EAAYS,cAAe,CAAE,EAC7BjC,EAAO6B,GAAkBrC,EAAc,CAAE,EACzChG,GAEFc,SACAL,KAAM4H,GAMa,OAAjBJ,IACFO,EAAYE,YAAcT,GAAgB,WAG5C,MAAM1B,QAAY2B,EAChBtD,EAAW,CAAEC,OAAMC,UAASC,cAAaC,cACzCwD,GAOF,IAJI1B,aAAK,EAALA,EAAOO,qBACHP,EAAMO,aAAaT,EAAQL,eAAAA,EAAK1D,SAGpCiE,aAAK,EAALA,EAAOe,kBAAmB,CAC5B,MAAMlF,QAAa4D,EAAI5D,OACjBgG,GC9FVC,GD8FkD,UAAXrC,EAAIvG,eAAO,IAAAmH,OAAA,EAAAA,EAAE0B,IAAI,gBAAiB,GC5FlE1I,OAAOC,YA/DhB,SAA4B0I,GAC1B,IAAKA,EAAe,MAAO,GAE3B,MAAMpB,EAAmB,GACzB,IAAIqB,EAAM,EAEV,SAASC,IACP,KAAOD,EAAMD,EAActG,QAAU,KAAKyG,KAAKH,EAAcI,OAAOH,KAClEA,GAAO,EAET,OAAOA,EAAMD,EAActG,MAC5B,CAED,SAAS2G,IACP,MAAMC,EAAKN,EAAcI,OAAOH,GAChC,MAAc,MAAPK,GAAqB,MAAPA,GAAqB,MAAPA,CACpC,CAED,KAAOL,EAAMD,EAActG,QAAQ,CACjC,MAAM3E,EAAQkL,EACd,IACIM,EACAC,EAFAC,GAAwB,EAI5B,KAAOP,KAEL,GAAW,MADAF,EAAcI,OAAOH,GAChB,CAOd,IALAM,EAAYN,EACZA,GAAO,EACPC,IACAM,EAAYP,EAELA,EAAMD,EAActG,QAAU2G,KACnCJ,GAAO,EAGT,GAAIA,EAAMD,EAActG,QAAwC,MAA9BsG,EAAcI,OAAOH,GAAc,CAEnEQ,GAAwB,EACxBR,EAAMO,EACN5B,EAAO8B,KAAKV,EAAcW,UAAU5L,EAAOwL,IAC3C,KACD,CAECN,EAAMM,EAAY,CAErB,MACCN,GAAO,IAINQ,GAAyBR,GAAOD,EAActG,SACjDkF,EAAO8B,KAAKV,EAAcW,UAAU5L,EAAOiL,EAActG,QAE5D,CAED,OAAOkF,CACT,CAMIgC,CAAmBd,GAChBnB,KAAKkC,IACJ,MAAMC,EAAYD,EAAUE,MAAM,KAAK,GACjCC,EAAQF,EAAUG,QAAQ,KAChC,OAAID,EAAQ,EAAU,KACf,CACLF,EAAUH,UAAU,EAAGK,GAAOE,OAC9BJ,EAAUH,UAAUK,EAAQ,GAAGE,OAChC,IAEFC,OAAOC,WDkFFC,EACDhK,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EAAAN,IACH5D,KAAM,IAAMZ,QAAQC,QAAQW,GAC5BgG,YAIF,OADAwB,EAAgBtH,MAAQ,IAAMsH,EACvBrD,EAAMe,kBAAkBsC,EAChC,CCxGC,IACJvB,EDyGE,OAAOrC,CAAG,EAGZ,MAAO,CACLsC,IAAK,CAAChE,GAAgB7E,UAAS+E,cAAamB,SAAU,CAAE,IACtDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,UAAM6H,EACNxH,OAAQ6D,EAAYkE,IACpB3C,UAEJkE,KAAM,CAACvF,EAAMpE,GAAQT,UAAS+E,cAAamB,SAAU,CAAE,IACrDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,OACAK,OAAQ6D,EAAYyF,KACpBlE,UAEJmE,MAAO,CAACxF,EAAMpE,GAAQT,UAAS+E,cAAamB,SAAU,CAAE,IACtDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,OACAK,OAAQ6D,EAAY0F,MACpBnE,UAEJoE,IAAK,CAACzF,EAAMpE,GAAQT,UAAS+E,cAAamB,SAAU,CAAE,IACpDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,OACAK,OAAQ6D,EAAY2F,IACpBpE,UAEJqE,OAAQ,CAAC1F,GAAQ7E,UAAS+E,cAAamB,SAAU,CAAE,IACjDiC,EAAY,CACVtD,OACA7E,UACA+E,cACAtE,UAAM6H,EACNxH,OAAQ6D,EAAY4F,OACpBrE,UAEJY,QACA0D,SAAU,CAAC3F,EAAME,IACRH,EAAW,CAAEI,YAAWF,UAASD,OAAME,gBAEjD,IEpOY0F,EAAA,CACbC,kBAAmB,KCIrB,SAASC,EACPzE,EACA0E,EACAC,SAEA,IAAIC,EAAcC,EAAS7E,GAC3B,GAAI0E,EAAQ,CACV,KAAKE,aAAA,EAAAA,EAAQE,WAAWF,aAAM,EAANA,EAASjL,MAAkC+K,EAEjE,OAAOE,aAAM,EAANA,EAASD,KAAU,GAE1BC,EAAwB,QAAf3D,EAAA2D,aAAM,EAANA,EAAQE,eAAO,IAAA7D,OAAA,EAAAA,EAAGyD,EAE9B,CACD,MAAMK,EAAQH,eAAAA,EAASD,GACvB,OAAOlF,MAAMC,QAAQqF,GAASA,EAAQ,EACxC,CAEA,SAASF,EAAS7E,GAChB,GAAqB,iBAAVA,IAAuBA,EAChC,MAAM,IAAI/C,MAAM,0BAClB,OAAO+H,EAAAA,UAAUhF,EACnB,CAOM,SAAUiF,EAAajF,GAC3B,MAAMkF,IAAEA,GAAQL,EAAS7E,GAEzB,OADoB,IAAIrC,MAAOwH,UAAY,IACtBD,CACvB,CAOM,SAAUE,EAAWpF,GACzB,IAAI4E,EAAcC,EAAS7E,GAC3B,MAAM+E,EAAQ9K,OAAOoB,KAAKuJ,aAAA,EAAAA,EAAQE,SAClC,OAAOrF,MAAMC,QAAQqF,GAASA,EAAQ,EACxC,CAOgB,SAAAM,EAAkBrF,EAAe0E,GAC/C,OAAOD,EAAyBzE,EAAO0E,EAAQ,cACjD,CAOgB,SAAAY,EAAYtF,EAAe0E,GACzC,OAAOD,EAAyBzE,EAAO0E,EAAQ,QACjD,CAGO,MAAMa,EAAW,IAAIpJ,IAC1BA,EAAKX,KAAK,KAAK7C,QAAQ,UAAW,KAM7BuD,eAAeyF,EAIpB6D,EACAC,SAEA,MAAMrJ,QAAaoJ,EAEbE,EAAsB,CAC1BC,KAAMvJ,EAAKpB,OACXoC,GAAIhB,EAAKgB,GACToI,SAAUpJ,GAGNwJ,QAAaxJ,EAAKO,QAAQF,OAgBhC,OAdKL,EAAKgB,GASRsI,EAAIE,KADKH,EACEA,EAAUG,GAEPA,GAVdF,EAAIjE,MAAQmE,EAERxJ,EAAKpB,SAAWuJ,EAAgBC,mBAClCvK,OAAO0G,OAAO+E,EAAIjE,MAAO,CACvBoE,WAAYC,OAAOC,SAAqB,UAAZ3J,EAAKtC,eAAO,IAAAmH,OAAA,EAAAA,EAAE0B,IAAI,iBAAmB,KAShE+C,CACT,CAEM,SAAUM,EAAiBhG,SAC/B,OAAsB,QAAfiB,EAAA4D,EAAS7E,UAAM,IAAAiB,OAAA,EAAAA,EAAGtH,KAAiC,EAC5D,CC/GO,MAAMsM,EACX,CAACC,EAAsBC,IACvB,CAACtM,EAAMsM,IACNC,IACEF,EAAKE,IAAOvM,EAAIlB,QAAQ,QAASyN,GAEzBC,EACX,CAACC,EAAyBH,IAC1B,CAACtM,EAAMsM,IACNC,IACC,MAAMG,EAASD,EAAWvC,QAAQyC,GAAcA,EAAUJ,KAE1D,QAAIG,EAAOjK,OAASgK,EAAWhK,UAExBzC,EAAMA,EAAIlB,QAAQ,QAASyN,GAAOG,EAAO/K,KAAK,QAAO,EAGnDiL,EAAmB,IAAIH,KAA6B,CAC/DI,SAAWN,IACTE,EAAWrH,SAASuH,IAClB,MAAMG,EAASH,EAAUJ,GACzB,GAAIO,EAAQ,MAAM,IAAI1J,MAAM0J,EAAO,KAG9B,KCvBLC,EAAcC,GAAmBT,GAAaS,EAAM9D,KAAKqD,GAUzDU,EAAgBF,EACpB,wEAmCIG,EAAgBH,EAAW,2BAG3BI,EAAoB,CAACrI,EAAcsI,IAAwBb,GAC/DK,KAAoBQ,GAAOP,SAlCjB,EAACQ,EAAaC,EAAkBC,KAE1C,MAKMC,GALO5H,MAAMC,QAAQyH,GAAYA,EAAS3L,KAAK,KAAO8L,OAAOH,IAKhDxO,QAFL,kCAEoB,CAAC4O,EAAGC,EAAGC,IAAM,IAAMA,IAAG9D,MAAM,KAExDrH,EAAS+K,EAAM/K,OACrB,IAAIkL,EAAI,EAGJ3H,EAAQqH,IAAWjN,OAAOiN,GAAUA,OAAS9E,EAEjD,KAAgB,MAATvC,GAAiB2H,EAAIlL,GAC1BuD,EAAQA,EAAMwH,EAAMG,MAWtB,OAAOA,GAAKA,IAAMlL,QAAoB8F,IAAVvC,EAAsBA,EAAQuH,CAAY,EAOlCzE,CAAIyD,EAAKzH,IAElC+I,EAAUzB,EACrBa,EACA,gCAEWa,EAAU1B,EACrBc,EACA,uCAEWa,EAAa3B,GAbC4B,EAcP,EAdwBzB,GAAaA,EAAI9J,QAAUuL,GAerE,uBAfwB,IAACA,EAiBpB,MAAMC,EAAW7B,GA9DAG,GAA4B,iBAARA,GAgE1C,yBAGW1G,EAAUuG,GAjEAG,GAAa3G,MAAMC,QAAQ0G,IAiEI,yBAEzC2B,EAAY9B,GAjEAG,GAA4B,kBAARA,GAmE3C,0BAGW4B,EAAc/B,GApEAG,QAAqBhE,IAARgE,GAsEtC,oBAGW6B,EAAsB5B,EACjC,CAACyB,IAAYE,KACb,sCAGWE,EAAgB7B,EAC3B,CAAC3G,IAAWqI,KACZ,oCC3EWI,EACX,IAAIC,IACsBlH,GAC1B,IAAI/E,KACFiM,EAAUnJ,SAAQ,CAACoJ,EAAUb,IAC3Bf,KAAoB4B,GAAU3B,SAASvK,EAAKqL,MAGvCtG,KAAM/E,IAGJmM,EAAUC,GAAsB,CAC3CT,EAAS,IAAIS,wBAGFC,EAAgCD,GAAsB,CACjEN,EAAoB,IAAIM,mCAGbE,GAAkBF,GAAsB,CACnDT,EAAS,IAAIS,uBACbX,EAAW,IAAIW,yBAEJG,GAAeH,GAAsB,CAChDT,EAAS,IAAIS,uBACbb,KAEWiB,GAAeJ,GAAsB,CAChDT,EAAS,IAAIS,uBACbZ,KCnCIiB,GAA0BT,EAAgBM,GAAe,cAEzDI,GAAkBC,IAA4B,CAClDhS,SAAU8R,IACR,CACE/R,EACAkS,IAEApH,EACEmH,EAAW5E,KACTtN,EAASC,UAAUC,SACnB,CAAEiS,gBACF,CAAE/I,MAAOnJ,SCnBNmS,GAAgC,EAC3CC,oBAAoBxP,IACpByP,YAAYxP,KACV,MAAQ,CACVuP,kBAAmB3K,KAAK6K,IACtBF,GAAqBxP,EACrBA,GAEFyP,UAAW5K,KAAKuJ,IACdqB,GAAaxP,EACbA,KCsNJ,IAAY0P,GAOAC,IAPZ,SAAYD,GACVA,EAAA,IAAA,MACAA,EAAA,MAAA,QACAA,EAAA,SAAA,WACAA,EAAA,GAAA,IACD,CALD,CAAYA,KAAAA,GAKX,CAAA,IAED,SAAYC,GACVA,EAAA,MAAA,OACD,CAFD,CAAYA,KAAAA,GAEX,CAAA,IAKM,MAAMC,GAAkBrP,+BAC1BmP,IACAC,IASL,IAAYE,IAAZ,SAAYA,GACVA,EAAA,QAAA,UACAA,EAAA,QAAA,UACAA,EAAA,UAAA,YACAA,EAAA,OAAA,QACD,CALD,CAAYA,KAAAA,GAKX,CAAA,IC1PM,MAAMC,GAAqBf,GAAe,WACpCgB,GAAwBtB,EAAgBM,GAAe,UACvDiB,GAAsBvB,EAAgBqB,IACtCG,GAAgCxB,EAC3CM,GAAe,eAMJmB,GAA6BzB,EACxCqB,GACAd,GAAY,UCORmB,GAAqBf,IAA4B,CACrD9R,OAAQyS,IACLzJ,GACC2B,EACEmH,EAAW5E,KAAKtN,EAASY,cAAcR,OAAQ,CAAEgJ,aAIvD/I,OAAQyS,IACN,CACEI,EACAC,EACA9I,EAG4C,CAAE,EAC9CjB,KAJA,IAAAgK,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAMA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASY,cAAcP,OAAQqS,GAAgBlS,OACxD,CACE0S,UACAC,MACAhB,eACAiB,cAEF,CAAEhK,UAEL,IAGL1I,WAAYoS,IACV,CACEI,EACAC,EACA9I,EAG6C,CAAA,KAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASY,cAAcF,WAAYgS,GAAgBlS,OAC5D,CACE0S,UACAC,MACAhB,aAAcmB,EACdF,eAGL,IAGL9S,OAAQwS,IACN,CACEI,EACAC,EACAI,EACAlJ,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASY,cAAcN,OAAQoS,GAAgBlS,OACxD,CACE0S,UACAC,MACAI,OACApB,aAAcmB,EACdF,eAGL,IAGLI,eAAgBT,IACd,CACEU,EACA3J,IAEA,IAAI7E,SAASC,IACX,MAAMmN,kBAAEA,EAAiBC,UAAEA,GACzBF,GAA8BtI,GAChC,IAAI4J,EACJ,MAAMC,EAAWC,aAAYtO,UAC3B,MAAME,QAAa0M,EAAW5E,KAAKtN,EAASY,cAAcC,QAAS,CACjE4S,eAEEjO,EAAKgB,KACPqN,cAAcF,GACVD,GAASI,aAAaJ,GAC1BxO,EAAQ6F,EAAkB9F,QAAQC,QAAQM,KAC3C,GACA6M,GAEHqB,EAAUvO,YAAW,KACnBD,EAAQ,CACN2F,MAAO,CACLkJ,iBAAkB,qCAAqCzB,MACvD0B,UAAW,KAEbxN,IAAI,IAENqN,cAAcF,EAAS,GACtBrB,EAAU,MAInB/R,OAAQ,CACNC,MAAOwS,IACL,CACEE,EACA1S,EACA2S,EACA/J,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTtN,EAASY,cAAcL,OAAOC,MAAK6C,OAAA0G,OAAA,CACjCmJ,UAAS1S,QAAO2S,OAAQc,GAC1B,CAAE7K,gBC/IR8K,GAAuB3C,EAAgBM,GAAe,WACtDsC,GAAsB5C,EAC1BM,GAAe,eACfA,GAAe,UACfA,GAAe,kBAGXuC,GAAYlC,IAA4B,CAC5CnR,MAAOmT,IACL,CACEG,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,EACAC,GAAiB,IAEjB7J,EACEmH,EAAW5E,KAAKtN,EAASyC,KAAK1B,MAAO,CACnCsT,SACAC,UACAC,yBACAC,gBACAC,oBACAC,eACAC,QACAC,sBAIRlS,KAAMyR,IACJ,CACEU,EACAC,EACAN,EACAO,EACAN,EACAE,EACAC,GAAiB,IAEV7J,EACLmH,EAAW5E,KAAKtN,EAASyC,KAAKC,KAAM,CAClCmS,cACAC,SACAN,gBACAO,UACAN,oBACAE,QACAC,wBClDGhC,GAAqBf,GAAe,WACpCgB,GAAwBtB,EAAgBM,GAAe,UACvDiB,GAAsBvB,EAAgBqB,IAItCoC,GAA6BzD,EACxCqB,GACAb,GAAY,UAEDiB,GAA6BzB,EACxCqB,GACAd,GAAY,UCGRmD,GAAkB5R,OAAOoB,KAAKiO,IAAiBvF,QAClD+H,GAAMA,IAAM1C,GAAc2C,OAASD,IAAM1C,GAAc4C,KAGpDC,GAAiBnD,IAA4B,CACjD9R,OAAQyS,IACLzJ,GACC2B,EAAkBmH,EAAW5E,KAAKtN,EAASW,UAAUP,OAAQ,CAAEgJ,aAGnE/I,OAAQ4U,GAAgBvM,QACtB,CAACC,EAAK2M,mCACD3M,GAAG,CACN2M,CAACA,GAAWxC,IACV,CACEI,EACAC,EACA9I,EAG4C,CAAE,EAC9CjB,KAJA,IAAAgK,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAMA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASW,UAAUN,OAAQiV,GACpC,CAAEpC,UAASC,MAAKhB,eAAciB,cAC9B,CAAEhK,UAEL,OAGP,IAGF9I,OAAQ2U,GAAgBvM,QACtB,CAACC,EAAK2M,mCACD3M,GAAG,CACN2M,CAACA,GAAWxC,IACV,CACEI,EACAC,EACAI,EACAlJ,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASW,UAAUL,OAAQgV,GAAW,CAC7DpC,UACAC,MACAI,OACApB,aAAcmB,EACdF,eAEH,OAGP,IAGF1S,WAAYuU,GAAgBvM,QAC1B,CAACC,EAAK2M,IACDjS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EAAApB,GACH,CAAA2M,CAACA,GAAWxC,IACV,CACEI,EACAC,EACA9I,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASW,UAAUD,WAAY4U,GAAW,CACjEpC,UACAC,MACAhB,aAAcmB,EACdF,eAEH,OAGP,IAGF7S,OAAQ,CACNC,MAAOwS,IACL,CACEE,EACA1S,EACA2S,EACA/J,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTtN,EAASW,UAAUJ,OAAOC,MAAK6C,OAAA0G,OAAA,CAC7BmJ,UAAS1S,QAAO2S,OAAQc,GAC1B,CAAE7K,aAIV3I,MAAO4C,OAAOoB,KAAK+N,IAChBrF,QAAQ+H,GAAMA,IAAM1C,GAAc2C,QAClCzM,QACC,CAACC,EAAK2M,IACDjS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EAAApB,GACH,CAAA2M,CAACA,GAAWN,IACV,CACE9B,EACAzS,EACA0S,EACA/J,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASW,UAAUJ,OAAOE,MAAO6U,GACxCjS,OAAA0G,OAAA,CAAAmJ,UAASzS,QAAO0S,OAAQc,GAC1B,CAAE7K,gBAKZ,OClJR,IAAKmM,IAAL,SAAKA,GACHA,EAAA,SAAA,WACAA,EAAA,OAAA,SACAA,EAAA,OAAA,SACAA,EAAA,UAAA,YACAA,EAAA,OAAA,SACAA,EAAA,MAAA,QACAA,EAAA,QAAA,UACAA,EAAA,SAAA,WACAA,EAAA,MAAA,OACD,CAVD,CAAKA,KAAAA,GAUJ,CAAA,ICCD,MAAMvD,GAA0BT,EAAgBM,GAAe,SACzD2D,GAAatD,IAA4B,CAC7CnR,MAAOsC,OAAO0G,QACZ,CACE0L,EACAC,EACAvD,EACA/I,EACAuM,IAEO5K,EACLmH,EAAW5E,KAAKtN,EAASc,MAAMC,MAAOoR,GAAgB,GAAI,CACxDlK,YAAW5E,OAAA0G,OAAA1G,OAAA0G,OAAA,CACT0L,YACIC,GAAe,CAAEE,YAAaF,IAC9BC,GAAa,CAAEA,cAErBvM,YAIN/F,OAAOoB,KAAK8Q,IAAgB7M,QAC1B,CAACC,EAAK8M,IAAapS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EACdpB,GACH,CAAA8M,CAACA,GAAW,CACVC,EACAvD,EACA/I,EACAuM,IAEA5K,EACEmH,EAAW5E,KAAKtN,EAASc,MAAMC,MAAOoR,GAAgB,CAAA,EAAI,CACxDlK,YAAW5E,OAAA0G,OAAA1G,OAAA0G,OAAA,CACT0L,YACIC,GAAe,CAAEE,YAAaF,IAC9BC,GAAa,CAAEA,cAErBvM,cAIR,CAAA,IAGJlJ,SAAU8R,IACPjD,GACChE,EAAkBmH,EAAW5E,KAAKtN,EAASc,MAAMZ,SAAU,CAAE6O,YAEjE/N,YAAa,CACXyU,EACAtD,EACA0D,IAEA9K,EACEmH,EAAW5E,KAAKtN,EAASc,MAAME,YAAa,CAC1CyU,WACAtD,eACA0D,cAGN5U,aAAc,CACZwU,EACAK,EACAvC,EACAxE,EACAgH,IAEAhL,EACEmH,EAAW5E,KAAKtN,EAASc,MAAMG,aAAc,CAC3CwU,WACAK,UACAvC,OACAxE,OACAgH,aAGN5U,kBAAoBsU,GAClB1K,EACEmH,EAAWnG,IACT/L,EAASc,MAAMI,OAAOC,kBAAkBY,QAAQ,aAAc0T,KAGpEpU,oBAAqB,CACnBoU,EACAM,EACAC,EACA7D,IAEApH,EACEmH,EAAW5E,KAAKtN,EAASc,MAAMI,OAAOG,oBAAqB,CACzDoU,WACAM,UACAC,QACA7D,kBAGN/Q,sBAAuB,CACrBqU,EACAM,EACAC,EACA7D,IAEApH,EACEmH,EAAW5E,KAAKtN,EAASc,MAAMI,OAAOE,sBAAuB,CAC3DqU,WACAM,UACAC,QACA7D,oBClHF8D,GAAkBpE,GAAe,SAC1BqE,GAAyB3E,EAAgB0E,ICAhDE,GAAgBjE,IAA4B,CAChD3Q,QAAS2U,IACP,CACEE,EACA9B,EACAlL,KAEA,MAAMiN,EAAW/B,aAAA,EAAAA,EAAS+B,SACpBC,EAAchC,aAAA,EAAAA,EAASgC,YAG7B,OAFOhC,gBAAAA,EAAS+B,SACT/B,gBAAAA,EAASgC,YACTvL,EACLmH,EAAW5E,KACTtN,EAASsB,SAASC,QAClB,CACE6U,QACAC,WACAC,cACAhC,WAEF,CACElL,UAGL,MCTDwJ,GAAqBf,GAAe,WACpCgB,GAAwBtB,EAC5BqB,GACAf,GAAe,SAEXiB,GAAsBvB,EAAgBqB,IACtCoC,GAA6BzD,EACjCqB,GACAb,GAAY,UAERiB,GAA6BzB,EACjCqB,GACAd,GAAY,UAGRyE,GAAWrE,IAA4B,CAC3C9R,OAAQiD,OAAOoB,KAAKiO,IAAiBhK,QACnC,CAACC,EAAK2M,mCACD3M,GAAG,CACN2M,CAACA,GAAWzC,IACV,CAACK,EAAiBnE,IAChBhE,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASG,IAAIC,OAAQkV,GAAW,CACvDvG,OACAmE,kBAKV,IAGF7S,OAAQgD,OAAOoB,KAAKiO,IAAiBhK,QACnC,CAACC,EAAK2M,IACDjS,OAAA0G,OAAA1G,OAAA0G,OAAA,GAAApB,GACH,CAAA2M,CAACA,GAAWxC,IACV,CACEI,EACA7I,EAG4C,CAAE,EAC9CjB,KAJA,IAAAgK,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAMA,OAAAU,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASG,IAAIE,OAAQiV,GAC9B,CAAEpC,UAASf,eAAciB,cACzB,CAAEhK,UAEL,OAGP,IAGF9I,OAAQ+C,OAAOoB,KAAKiO,IAAiBhK,QACnC,CAACC,EAAK2M,IACDjS,OAAA0G,OAAA1G,OAAA0G,OAAA,GAAApB,GACH,CAAA2M,CAACA,GAAWxC,IACV,CACEI,EACAK,EACAlJ,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASG,IAAIG,OAAQgV,GAAW,CACvDpC,UACAK,OACApB,aAAcmB,EACdF,eAEH,OAGP,IAGF1S,WAAY2C,OAAOoB,KAAKiO,IAAiBhK,QACvC,CAACC,EAAK2M,IAAajS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EACdpB,GAAG,CACN2M,CAACA,GAAWxC,IACV,CACEI,EACA7I,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKqB,EAAS3O,EAASG,IAAIO,WAAY4U,GAAW,CAC3DpC,UACAf,aAAcmB,EACdF,eAEH,OAGP,IAGF7S,OAAQ,CACNC,MAAOwS,IACL,CACEE,EACA1S,EACA4I,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTtN,EAASG,IAAII,OAAOC,qBAClB0S,UAAS1S,SAAUyT,GACrB,CAAE7K,aAIV3I,MAAO4C,OAAOoB,KAAK+N,IAAe9J,QAChC,CAACC,EAAK2M,IAAajS,OAAA0G,OAAA1G,OAAA0G,OAAA,CAAA,EACdpB,GAAG,CACN2M,CAACA,GAAWN,IACV,CACE9B,EACAzS,EACA2I,EACA6K,IAEAlJ,EACEmH,EAAW5E,KACTqB,EAAS3O,EAASG,IAAII,OAAOE,MAAO6U,GAASjS,OAAA0G,OAAA,CAC3CmJ,UAASzS,SAAUwT,GACrB,CAAE7K,gBAKZ,OC3JA8K,GAAuB3C,EAAgBM,GAAe,WACtDG,GAA0BT,EAAgBM,GAAe,SAEzD2E,GAAYtE,IAA4B,CAC5CnR,MAAOmT,IACL,CACEuC,EACAf,EACAvD,EACA/I,EACAsN,EACAC,EACAhB,EACAiB,IAEA7L,EACEmH,EAAW5E,KAAKtN,EAASwB,KAAKT,MAAOoR,GAAgB,CAAA,EACnD9O,OAAA0G,OAAA,CAAA9B,mFACE6F,OAAQ2I,GACJf,GAAe,CAAEE,YAAaF,IAC9BgB,GAAS,CAAEA,UACXC,GAAc,CAAEA,WAAY,SAC5BhB,GAAa,CAAEA,cACfiB,GAAyB,CAAEC,eAAgBJ,KAE7CrN,GAAS,CAAEA,cAIvBlJ,SAAU8R,IACPjD,GACChE,EAAkBmH,EAAW5E,KAAKtN,EAASwB,KAAKtB,SAAU,CAAE6O,cCzB5D6D,GAAqBf,GAAe,WACpCgB,GAAwBtB,EAC5BqB,GACAf,GAAe,SAEXiF,GAAwBvF,EAAgBqB,IACxCmE,GAAwBxF,EAAgBqB,IAExCoE,GAAY9E,IAA4B,CAC5C5R,OAAQwW,IACN,CAAC5D,EAAiBK,IAChBxI,EACEmH,EAAW5E,KAAKtN,EAASyB,KAAKnB,OAAQ,CAAE4S,UAASK,YAIvDnT,OAAQyS,IACN,CACEK,EACAnE,EACAoD,EACA/I,IAEA2B,EACEmH,EAAW5E,KACTtN,EAASyB,KAAKrB,OACd,CAAE8S,UAASnE,OAAMoD,gBACjB,CAAE/I,aAKV7I,OAAQwW,IACN,CAAC7D,EAAiB9J,IAChB2B,EACEmH,EAAW5E,KAAKtN,EAASyB,KAAKlB,OAAQ,CAAE2S,WAAW,CAAE9J,eC7CvD6N,GAAoBpF,GAAe,WACnCqF,GAAwBrF,GAAe,eAChCiB,GAAsBvB,EACjC0F,GACApF,GAAe,aAEJsF,GAA2B5F,EAAgB0F,IAC3CG,GAAuB7F,EAClC0F,GACAC,IAEWG,GAAwB9F,EACnC0F,GACApF,GAAe,eACfqF,ICIII,GAAgBpF,IAA4B,CAChD5R,OAAQwS,IACN,CACEI,EACArR,EACA0R,EACAlJ,EAG6C,MAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKtN,EAAS6B,SAASvB,OAAQ,CACxC4S,UACArR,WACA0R,OACApB,aAAcmB,EACdF,eAEH,IAGL/S,OAAQyS,IACN,CACEI,EACArR,EACAwI,EAG4C,CAAA,KAH5C,IAAA+I,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKtN,EAAS6B,SAASxB,OAAQ,CACxC6S,UACArR,WACAsQ,eACAiB,eAEH,IAGLtR,UAAWqV,IACT,CACEjE,EACAwC,EACA6B,IAEAxM,EACEmH,EAAW5E,KAAKtN,EAAS6B,SAASC,UAAW,CAC3CoR,UACAwC,cACA6B,uBAKRhX,OAAQ6W,IACN,CACElE,EACAsE,EACApO,IAEA2B,EACEmH,EAAW5E,KACTtN,EAAS6B,SAAStB,OAClB,CACE2S,UACAsE,eAEF,CAAEpO,aAKVrH,QAASsV,IACP,CACEnE,EACAuE,EACAD,IAEAzM,EACEmH,EAAW5E,KAAKtN,EAAS6B,SAASE,QAAS,CACzCmR,UACAuE,cACAD,mBAKRxV,OAAQ,IACN+I,EAAkBmH,EAAWnG,IAAI/L,EAAS6B,SAASG,WC5FjD0V,GAA2BhG,EAAO,WAClCiG,GAA6B9F,GAAe,WAC5C+F,GAAoB/F,GAAe,UAEnCgG,GAA6BtG,EACjCoG,GACAC,GACA/F,GAAe,SAEXiG,GAAiCvG,EACrCoG,GACAC,IAEIG,GAA6BxG,EACjCmG,GACAE,IAEII,GAA6BzG,EACjCoG,GACAC,GACAhG,EAA6B,UAEzBqG,GAAwB1G,EAC5BM,GAAe,iBACfA,GAAe,aAGXqG,GAAgBhG,IAA4B,CAChD5R,OAAQ,CACNS,MAAO8W,IACL,CACE3E,EACAiF,EACAC,EACAC,IAEAtN,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAASrB,OAAOS,MAAO,CAC9CwS,KAAM,CACJL,UACAkF,QAEFD,SACAE,sBAKRzW,OAAQqW,IACN,CACEK,EACA1J,IAEA7D,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAASrB,OAAOsB,OAAQ,CAC/C0W,gBACA1J,iBAMVvO,OAAQ,CACNU,MAAOgX,IACL,CACE7E,EACAiF,EACAhG,EACA/I,EACAiP,IAEAtN,EACEmH,EAAW5E,KACTtN,EAAS2B,SAAStB,OAAOU,MACzB,CAAEmS,UAASiF,SAAQhG,eAAckG,kBACjC,CAAEjP,aAKVxH,OAAQqW,IACN,CACEK,EACA1J,IAEA7D,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAAStB,OAAOuB,OAAQ,CAC/C0W,gBACA1J,iBAMVlO,WAAY,CACVK,MAAO+W,IACL,CACE5E,EACAiF,EACAE,IAEAtN,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAASjB,WAAWK,MAAO,CAClDmS,UACAiF,SACAE,uBAMV9X,OAAQ,CACNQ,MAAOiX,IACL,CACE9E,EACAiF,EACA/O,EACAiP,IAEAtN,EACEmH,EAAW5E,KACTtN,EAAS2B,SAASpB,OAAOQ,MACzB,CAAEmS,UAASiF,SAAQE,kBACnB,CAAEjP,aAKVxH,OAAQqW,IACN,CACEK,EACA1J,IAEA7D,EACEmH,EAAW5E,KAAKtN,EAAS2B,SAASpB,OAAOqB,OAAQ,CAC/C0W,gBACA1J,mBC3INgE,GAAqBlB,EAAO,WAE5BoB,GAAsBvB,EAAgBqB,IAEtCG,GAAgCxB,EACpCM,GAAe,eAGX0G,GAAYrG,IAA4B,CAC5CxR,WAAYoS,IACV,CACEI,EACA7I,EAG6C,CAAA,KAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKtN,EAAS0B,KAAKhB,WAAY,CACxCwS,UACAf,aAAcmB,EACdF,eAEH,IAEL9S,OAAQwS,IACN,CACEI,EACAK,EACAlJ,EAG6C,CAAA,KAH7C,IAAA+I,WACEA,GAE6C/I,EAD1CiJ,EAAaD,EAAAA,OAAAhJ,EAFlB,gBAKA,OAAAU,EACEmH,EAAW5E,KAAKtN,EAAS0B,KAAKpB,OAAQ,CACpC4S,UACAK,OACAH,aACAjB,aAAcmB,IAEjB,IAELjT,OAAQyS,IACN,CACEI,EACA7I,EAG4C,CAAA,EAC5CjB,KAJA,IAAAgK,WACEA,GAE4C/I,EADzC8H,EAAYkB,EAAAA,OAAAhJ,EAFjB,gBAMA,OAAAU,EACEmH,EAAW5E,KACTtN,EAAS0B,KAAKrB,OACd,CAAE6S,UAASf,eAAciB,cACzB,CAAEhK,UAEL,IAELoK,eAAgBT,IACd,CACEU,EACA3J,IAEA,IAAI7E,SAASC,IACX,MAAMmN,kBAAEA,EAAiBC,UAAEA,GACzBF,GAA8BtI,GAChC,IAAI4J,EACJ,MAAMC,EAAWC,aAAYtO,UAC3B,MAAME,QAAa0M,EAAW5E,KAAKtN,EAAS0B,KAAKb,QAAS,CACxD4S,eAEEjO,EAAKgB,KACPqN,cAAcF,GACVD,GAASI,aAAaJ,GAC1BxO,EAAQ6F,EAAkB9F,QAAQC,QAAQM,KAC3C,GACA6M,GAEHqB,EAAUvO,YAAW,KACnBD,EAAQ,CACN2F,MAAO,CACLkJ,iBAAkB,qCAAqCzB,MACvD0B,UAAW,KAEbxN,IAAI,IAENqN,cAAcF,EAAS,GACtBrB,EAAU,QCjEfkG,GAAqBjH,EAAgBM,GAAe,UACpD4G,GAA+BlH,EACnCK,EAA6B,UrBsDH,IAAC7J,GAAcsI,GsBvE3CqI,GALiCnH,EAAgB,EtB4EpBxJ,GsB3Ed,YtB2E4BsI,GsB3EfwB,GAAe,atB4EzCxC,EAAgBe,EAAkBrI,GAAMsI,IAAxChB,KsBxEasJ,EAA0B7O,IACvC,MAAM5B,UACJA,EAASjC,OACTA,EAAM+B,QACNA,EAAOmD,aACPA,EAAYQ,YACZA,EAAc,CAAA,EAAEnC,kBAChBA,EAAiBnE,MACjBA,GACEyE,EAEJ,ODUcoI,ECTZrI,EAAiB,CACf7B,UACAE,YACAjC,SACA+D,MAAO,CACL,iBAAIC,SACF,OAAmB,UAAZH,EAAOE,aAAK,IAAAK,OAAA,EAAAA,EAAEJ,aACtB,EACD,gBAAIM,SACF,OAAmB,UAAZT,EAAOE,aAAK,IAAAK,OAAA,EAAAA,EAAEE,YACtB,EACD,qBAAIQ,SACF,OAAmB,UAAZjB,EAAOE,aAAK,IAAAK,OAAA,EAAAA,EAAEU,iBACtB,GAEHI,eACAD,WAAY,CAAES,eACdnC,oBACAnE,UDTsC,CAC1CpF,UAAWgS,GAAeC,GAC1B/R,IAAKoW,GAAQrE,GACbvR,UAAW0U,GAAcnD,GACzBtR,cAAeqS,GAAkBf,GACjCpR,MAAO0U,GAAUtD,GACjB5Q,SAAU6U,GAAajE,GACvB1Q,KAAMgV,GAAStE,GACfzQ,KAAMuV,GAAS9E,GACfxQ,KAAM6W,GAASrG,GACfvQ,SAAUuW,GAAahG,GACvBrQ,SAAUyV,GAAapF,GACvBzP,KAAM2R,GAASlC,GAWfjQ,QAASwW,IACP,CACErP,EACAnB,EACA2Q,EACA1W,KAEA,MAAMyB,EAAO,CAAA,EACTiV,IACFjV,EAAoB,cAAIiV,GAE1B,MAAM7Q,EAAO7F,EAAalC,EAASkC,WAAalC,EAASiC,QACzD,OAAO8I,EACLmH,EAAW5E,KAAKvF,EAAMpE,EAAM,CAAEyF,QAAOnB,gBACtC,IASL9F,aAAcoP,EACZ,CAACL,EAAS,aACV,CAACG,EAAoB,wCAFTE,EAGZ,CAAC8E,EAAkBjN,IACnB2B,EACEmH,EAAW5E,KAAKtN,EAASmC,aAAc,CAAE2L,OAAQuI,GAAY,CAAEjN,aAOnEhH,OAAQqW,IAA8BrP,GACpC2B,EAAyBmH,EAAW5E,KAAKtN,EAASoC,OAAQ,CAAE,EAAE,CAAEgH,aAMlE/G,UAAWoW,IAA8BrP,GACvC2B,EACEmH,EAAW5E,KAAKtN,EAASqC,UAAW,CAAE,EAAE,CAAE+G,aAQ9C9G,GAAImW,IAA8BrP,GAChC2B,EAAgCmH,EAAWnG,IAAI/L,EAASsC,GAAI,CAAE8G,aAQhE7G,UAAWgP,EACT,CAACD,EAAc,+CACf,CAACD,EAAoB,wCAFZE,EAGT,CAACrD,EAA0B9E,KAC3B,MAAMzF,EAAO,CAAA,EAMb,MALuB,kBAAZuK,EACTvK,EAAU,IAAIuK,EAEdvK,EAAU,IAAIuK,EAETnD,EACLmH,EAAW5E,KAAKtN,EAASuC,UAAWoB,EAAM,CAAEyF,UAC7C,IAOH5G,QAASiW,IAA8BrP,GACrC2B,EACEmH,EAAWnG,IAAI/L,EAASwC,QAAS,CAAE4G,aAQvCiF,aAAcmK,GAAmBnK,GAMjCG,WAAYgK,GAAmBhK,GAO/BC,kBAAmB+J,GAAmB/J,GAOtCC,YAAa8J,GAAmB9J,GAMhCU,iBAAkBoJ,GAAmBpJ,GAMrC8C,cAjJa,IAACA,CCWb,IC7BY5J,GAAAjF,OAAO0G,OAAO2O,GAAW,CAAEhG,mLCazB,CAKfmG,EACAC,EACAC,KAEAD,EAAMzQ,SAASN,IACb,MAAMiR,EAAWjR,EAAKgF,MAAM,KAC5B,IAAIkM,EAAUD,EAASE,QACnBC,EAAkCN,EAEtC,KAAOG,EAAStT,OAAS,GAAG,CAG1B,GAFAyT,EAAaA,EAAWF,IAEnBA,IAAYE,EACf,MAAM9S,MACJ,iBAAiB0B,QAAWkR,iCAIhCA,EAAUD,EAASE,OACpB,CAED,GAAmC,mBAAxBC,EAAWF,GACpB,MAAM5S,MAAM,IAAI0B,wBAElB,MAAMqR,EAASD,EAAWF,GAC1BE,EAAWF,GAAWF,EAAQK,EAAO,IAGhCP"}