@descope/web-js-sdk 0.0.1-alpha.6 → 0.1.0-alpha.10

package/dist/index.esm.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.esm.js","sources":["../src/constants.ts","../src/helpers.ts","../src/fp.ts","../src/tokens.ts","../src/index.ts"],"sourcesContent":["export const FP_KEY = 'A9aCLRHzKCv3uL69oqDr';\nexport const VISITOR_SESSION_ID_PARAM = 'vsid';\nexport const VISITOR_REQUEST_ID_PARAM = 'vrid';","export const getQueryParams = () => {\n\tconst params = new Proxy(new URLSearchParams(window.location.search), {\n\t\tget: (searchParams, prop) => searchParams.get(prop.toString()),\n\t});\n\n\treturn params;\n}\n\nexport const getQueryParam = (param: string) => {\n\tconst params = getQueryParams();\n\n\treturn params[param];\n}\n\nexport const generateUUID = () => {\n\t// return alphanumeric, sortable uuid of 27 characters\n  return (\n\t\tDate.now().toString(36) +\n\t\tMath.random().toString(36).substring(2) + // removing '0.' prefix\n\t\tMath.random().toString(36).substring(2)\n\t).substring(0 ,27);\n}","import { load } from '@fingerprintjs/fingerprintjs-pro'\nimport { FP_KEY, VISITOR_REQUEST_ID_PARAM, VISITOR_SESSION_ID_PARAM } from './constants'\nimport { getQueryParam, generateUUID } from './helpers'\n\nconst fp = (fpKey?: string) => {\n  const agentP = load({apiKey: fpKey || FP_KEY})\n  \n  return {\n    get: async () => {\n      try {\n        let sessionId = sessionStorage.getItem(VISITOR_SESSION_ID_PARAM);\n        if (!sessionId) {\n          sessionId = getQueryParam(VISITOR_SESSION_ID_PARAM);\n        }\n\n        if (!sessionId) {\n          sessionId = generateUUID(); \n        }\n\n        sessionStorage.setItem(VISITOR_SESSION_ID_PARAM, sessionId);\n        \n        const agent = await agentP;\n        const res = await agent.get({ linkedId: sessionId });\n        sessionStorage.setItem(VISITOR_REQUEST_ID_PARAM, res.requestId);\n      } catch (ex) {\n        if (global.FB_DEBUG) {\n          // eslint-disable-next-line no-console\n          console.error(ex);\n        }\n      }\n    } \n  }\n}\n\nexport default fp;","import { AuthInfo } from '@descope/core-js-sdk';\nimport Cookies from 'js-cookie';\n\nconst sessionCookieName = 'DS';\nconst refreshStorageKey = 'DSR';\n\nlet refreshTimeoutIds: NodeJS.Timeout[] = [];\n\nfunction setRefreshToken (refreshJwt: string) {\n\tif (localStorage && refreshJwt) {\n\t\tlocalStorage.setItem(refreshStorageKey, refreshJwt);\n\t}\n}\n\nfunction setSessionToken(sessionJwt: string, { cookiePath, cookieDomain, cookieExpiration }: Partial<AuthInfo>) {\n\tif (sessionJwt) {\n\t\tCookies.set(sessionCookieName, sessionJwt, {\n\t\t\tpath: cookiePath,\n\t\t\tdomain: cookieDomain,\n\t\t\texpires: cookieExpiration,\n\t\t\tsameSite: 'None',\n\t\t\tsecure: true\n\t\t})\n\t}\n}\n\nfunction getSessionExpiration (token: string) {\n\tconst parts = token.split('.');\n\ttry {\n\t\tif (parts.length === 3) {\n\t\t\tconst claims = JSON.parse(window.atob(token.split('.')[1]));\n\t\t\tif (claims.exp) {\n\t\t\t\treturn new Date(claims.exp * 1000);\n\t\t\t}\n\t\t}\n\t} catch (ex) {\n\t\t// fallback to null\n\t}\n\treturn null;\n}\n\nfunction setRefreshSessionTimeout(refreshFn: any, sessionJwt: string) {\n\t\tconst sessionExpiration = getSessionExpiration(sessionJwt);\n\t\tif (sessionExpiration) {\n\t\t\tlet previousTimeout;\n\t\t\twhile (previousTimeout = refreshTimeoutIds.pop()) {\n\t\t\t\tclearTimeout(previousTimeout)\n\t\t\t}\n\t\t\t// set refresh to happen 20 (magic number) seconds before session token is expired\n\t\t\tconst refreshTimeout = sessionExpiration.getTime() - 20 * 1000 - new Date().getTime();\n\t\t\tconst timeoutId = setTimeout(() => {\n\t\t\t\tconst token = getRefreshToken();\n\t\t\t\tif (token) {\n\t\t\t\t\trefreshFn(token);\n\t\t\t\t}\n\t\t\t}, refreshTimeout);\n\t\t\trefreshTimeoutIds.push(timeoutId);\n\t\t}\n}\n\n\nfunction setDescopeTokens (authInfo?: AuthInfo) {\n\tconst { sessionJwt, refreshJwt } = authInfo || {};\n\tsetSessionToken(sessionJwt, authInfo || {});\n\tsetRefreshToken(refreshJwt);\n\treturn sessionJwt;\n}\n\nexport async function handleDescopeTokens (refreshFn, _, res: Response)  {\n\ttry {\n\t\tconst body = await res?.json();\n\t\tif (body) {\n\t\t\t// auth info can be under authInfo attribute, or embedded on the body\n\t\t\tconst token = setDescopeTokens(body?.authInfo || body);\n\t\t\tif (token) {\n\t\t\t\tsetRefreshSessionTimeout(refreshFn, token)\n\t\t\t}\n\t\t}\n\t} catch (ex) {\n\t\t// eslint-disable-next-line no-console\n\t\tconsole.error('Could not set tokens from body', ex);\n\t}\n}\n\nexport function getRefreshToken() {\n\treturn localStorage ? localStorage?.getItem(refreshStorageKey) : '';\n}\n\nexport function clearTokens() {\n\tif (localStorage) {\n\t\tlocalStorage.removeItem(refreshStorageKey);\n\t}\n\tCookies.remove(sessionCookieName);\n}\n","import createSdk from '@descope/core-js-sdk'\nimport fp from './fp';\nimport { VISITOR_REQUEST_ID_PARAM, VISITOR_SESSION_ID_PARAM } from './constants';\nimport { handleDescopeTokens, getRefreshToken, clearTokens } from './tokens';\n\nconst prepareQueryParams = (queryParams): {\n\t[key: string]: string;\n} => ({\n\t...queryParams,\n\t[VISITOR_SESSION_ID_PARAM]: sessionStorage.getItem(VISITOR_SESSION_ID_PARAM) || '',\n\t[VISITOR_REQUEST_ID_PARAM]: sessionStorage.getItem(VISITOR_REQUEST_ID_PARAM) || '',\n});\n\ntype Sdk = ReturnType<typeof createSdk>;\n\nexport type WebJSSDKArgs = Parameters<typeof createSdk>[0] & { fpKey?: string, persistTokens?: boolean }\n\nexport default ({ persistTokens=true, ...args }: WebJSSDKArgs) => {\n\tfp(args.fpKey).get().catch(() => null);\n\n\tconst sdkConfig = args;\n\tlet sdk: Sdk;\n\tsdkConfig.hooks = {\n\t\tbeforeRequest: (config) => {\n\t\t\tconfig.queryParams = prepareQueryParams(config.queryParams);\n\t\t\tif (persistTokens && !config.token) {\n\t\t\t\tconfig.token = getRefreshToken();\n\t\t\t}\n\t\t\treturn config;\n\t\t},\n\n\t};\n\n\tif (persistTokens) {\n\t\tsdkConfig.hooks.afterRequest = async (req ,res) => {\n\t\t\thandleDescopeTokens(sdk.refresh, req, res);\n\t\t}\n\t}\n\n\tsdk = createSdk(args)\n\tif (persistTokens) {\n\t\tconst sdkLogout = sdk.logout;\n\t\tsdk.logout = (...args: Parameters<Sdk['logout']>) => {\n\t\t\tclearTokens();\n\t\t\tconst res = sdkLogout(...args);\n\t\t\treturn res;\n\t\t}\n\t}\n\treturn sdk;\n}\n\n"],"names":["getQueryParam","param","Proxy","URLSearchParams","window","location","search","get","searchParams","prop","toString","fp","fpKey","agentP","load","apiKey","async","sessionId","sessionStorage","getItem","Date","now","Math","random","substring","setItem","agent","res","linkedId","requestId","ex","global","FB_DEBUG","console","error","refreshTimeoutIds","setRefreshSessionTimeout","refreshFn","sessionJwt","sessionExpiration","token","parts","split","length","claims","JSON","parse","atob","exp","getSessionExpiration","previousTimeout","pop","clearTimeout","refreshTimeout","getTime","timeoutId","setTimeout","getRefreshToken","push","setDescopeTokens","authInfo","refreshJwt","cookiePath","cookieDomain","cookieExpiration","Cookies","set","path","domain","expires","sameSite","secure","setSessionToken","localStorage","setRefreshToken","index","_a","persistTokens","args","__rest","catch","sdkConfig","sdk","hooks","beforeRequest","config","queryParams","Object","assign","vsid","vrid","afterRequest","req","_","body","json","handleDescopeTokens","refresh","createSdk","sdkLogout","logout","removeItem","remove"],"mappings":"oJAAO,MCQMA,EAAiBC,GAPd,IAAIC,MAAM,IAAIC,gBAAgBC,OAAOC,SAASC,QAAS,CACrEC,IAAK,CAACC,EAAcC,IAASD,EAAaD,IAAIE,EAAKC,cAStCT,GCPTU,EAAMC,IACV,MAAMC,EAASC,EAAK,CAACC,OAAQH,GFLT,yBEOpB,MAAO,CACLL,IAAKS,UACH,IACE,IAAIC,EAAYC,eAAeC,QFTC,QEU3BF,IACHA,EAAYjB,EFXkB,SEc3BiB,IACHA,GDCRG,KAAKC,MAAMX,SAAS,IACpBY,KAAKC,SAASb,SAAS,IAAIc,UAAU,GACrCF,KAAKC,SAASb,SAAS,IAAIc,UAAU,IACpCA,UAAU,EAAG,KCDRN,eAAeO,QFlBiB,OEkBiBR,GAEjD,MAAMS,QAAcb,EACdc,QAAYD,EAAMnB,IAAI,CAAEqB,SAAUX,IACxCC,eAAeO,QFrBiB,OEqBiBE,EAAIE,UAMtD,CALC,MAAOC,GACHC,OAAOC,UAETC,QAAQC,MAAMJ,EAEjB,GAEJ,ECzBH,IAAIK,EAAsC,GAmC1C,SAASC,EAAyBC,EAAgBC,GAChD,MAAMC,EAhBR,SAA+BC,GAC9B,MAAMC,EAAQD,EAAME,MAAM,KAC1B,IACC,GAAqB,IAAjBD,EAAME,OAAc,CACvB,MAAMC,EAASC,KAAKC,MAAM1C,OAAO2C,KAAKP,EAAME,MAAM,KAAK,KACvD,GAAIE,EAAOI,IACV,OAAO,IAAI5B,KAAkB,IAAbwB,EAAOI,IAExB,CAGD,CAFC,MAAOlB,GAER,CACD,OAAO,IACR,CAG4BmB,CAAqBX,GAC/C,GAAIC,EAAmB,CACtB,IAAIW,EACJ,KAAOA,EAAkBf,EAAkBgB,OAC1CC,aAAaF,GAGd,MAAMG,EAAiBd,EAAkBe,UAAY,KAAY,IAAIlC,MAAOkC,UACtEC,EAAYC,YAAW,KAC5B,MAAMhB,EAAQiB,IACVjB,GACHH,EAAUG,EACV,GACCa,GACHlB,EAAkBuB,KAAKH,EACvB,CACH,CAGA,SAASI,EAAkBC,GAC1B,MAAMtB,WAAEA,EAAUuB,WAAEA,GAAeD,GAAY,CAAA,EAG/C,OAnDD,SAAyBtB,GAAoBwB,WAAEA,EAAUC,aAAEA,EAAYC,iBAAEA,IACpE1B,GACH2B,EAAQC,IAbgB,KAaO5B,EAAY,CAC1C6B,KAAML,EACNM,OAAQL,EACRM,QAASL,EACTM,SAAU,OACVC,QAAQ,GAGX,CAuCCC,CAAgBlC,EAAYsB,GAAY,CAAA,GAvDzC,SAA0BC,GACrBY,cAAgBZ,GACnBY,aAAahD,QANW,MAMgBoC,EAE1C,CAoDCa,CAAgBb,GACTvB,CACR,UAkBgBmB,IACf,OAAOgB,aAA2B,OAAZA,mBAAA,IAAAA,kBAAA,EAAAA,aAActD,QAjFX,OAiFwC,EAClE,CCrEA,IAAewD,EAACC,QAAAC,cAAEA,GAAc,GAAID,EAAKE,EAAIC,EAAAH,EAA7B,mBACfjE,EAAGmE,EAAKlE,OAAOL,MAAMyE,OAAM,IAAM,OAEjC,MAAMC,EAAYH,EAClB,IAAII,EAmBJ,GAlBAD,EAAUE,MAAQ,CACjBC,cAAgBC,IAlBS,IAACC,EAuBzB,OAJAD,EAAOC,aAnBkBA,EAmBeD,EAAOC,YAjB7CC,OAAAC,OAAAD,OAAAC,OAAA,GACDF,GAAW,CACdG,KAA4BvE,eAAeC,QJRJ,SIQyC,GAChFuE,KAA4BxE,eAAeC,QJRJ,SIQyC,MAe1E0D,IAAkBQ,EAAO7C,QAC5B6C,EAAO7C,MAAQiB,KAET4B,CAAM,GAKXR,IACHI,EAAUE,MAAMQ,aAAe3E,MAAO4E,EAAKjE,MDkCtCX,eAAoCqB,EAAWwD,EAAGlE,GACxD,IACC,MAAMmE,QAAanE,aAAG,EAAHA,EAAKoE,QACxB,GAAID,EAAM,CAET,MAAMtD,EAAQmB,GAAiBmC,aAAI,EAAJA,EAAMlC,WAAYkC,GAC7CtD,GACHJ,EAAyBC,EAAWG,EAErC,CAID,CAHC,MAAOV,GAERG,QAAQC,MAAM,iCAAkCJ,EAChD,CACF,CC/CGkE,CAAoBd,EAAIe,QAASL,EAAKjE,EAAI,GAI5CuD,EAAMgB,EAAUpB,GACZD,EAAe,CAClB,MAAMsB,EAAYjB,EAAIkB,OACtBlB,EAAIkB,OAAS,IAAItB,KD+CdL,cACHA,aAAa4B,WAtFW,OAwFzBpC,EAAQqC,OAzFiB,MC0CvB,OADYH,KAAarB,EACf,CAEX,CACD,OAAOI,CAAG"}
+{"version":3,"file":"index.esm.js","sources":["../src/constants.ts","../src/fp.ts","../src/helpers.ts","../src/state.ts","../src/tokens.ts","../src/webauthn.ts","../src/index.ts"],"sourcesContent":["const FINGERPRINT_PUBLIC_KEY = 'fingerprint.public.key';\nconst FINGERPRINT_ENDPOINT_URL = 'fingerprint.endpoint.url';\n\n// This sdk can be used in SSR apps\nexport const IS_BROWSER = typeof window !== 'undefined';\n/** Fingerprint.js identity key */\nexport const FP_KEY =\n\t(IS_BROWSER && localStorage.getItem(FINGERPRINT_PUBLIC_KEY)) || 'A9aCLRHzKCv3uL69oqDr';\n/** Fingerprint.js custom API endpoint */\nexport const FP_EP_URL =\n\t(IS_BROWSER && localStorage?.getItem(FINGERPRINT_ENDPOINT_URL)) || 'https://fp.descope.com';\n/** Fingerprint visitor data */\nexport const FP_BODY_DATA = 'fpData';\n/** Session ID for visitor */\nexport const VISITOR_SESSION_ID_PARAM = 'vsid';\n/** Request ID for visitor */\nexport const VISITOR_REQUEST_ID_PARAM = 'vrid';\n/** External Id of the last user logged in */\nexport const LOCAL_STORAGE_LAST_USER_EXTERNAL_ID = 'dls_last_user_external_id';\n","import { load } from '@fingerprintjs/fingerprintjs-pro';\nimport { FP_KEY, FP_EP_URL, VISITOR_REQUEST_ID_PARAM, VISITOR_SESSION_ID_PARAM } from './constants';\nimport { generateUUID } from './helpers';\n\n/** Fingerprint.js API wrapper */\nconst fp = (fpKey?: string) => {\n\tconst agentP = load({ apiKey: fpKey || FP_KEY, endpoint: FP_EP_URL });\n\n\treturn {\n\t\tget: async () => {\n\t\t\ttry {\n\t\t\t\tlet sessionId = sessionStorage.getItem(VISITOR_SESSION_ID_PARAM);\n\n\t\t\t\tif (!sessionId) {\n\t\t\t\t\tsessionId = generateUUID();\n\t\t\t\t}\n\n\t\t\t\tsessionStorage.setItem(VISITOR_SESSION_ID_PARAM, sessionId);\n\n\t\t\t\tconst agent = await agentP;\n\t\t\t\tconst res = await agent.get({ linkedId: sessionId });\n\t\t\t\tsessionStorage.setItem(VISITOR_REQUEST_ID_PARAM, res.requestId);\n\t\t\t} catch (ex) {\n\t\t\t\t// istanbul ignore next\n\t\t\t\tif (global.FB_DEBUG) {\n\t\t\t\t\t// eslint-disable-next-line no-console\n\t\t\t\t\tconsole.error(ex);\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t};\n};\n\nexport default fp;\n","/** Generate UUID based on current time and some randomness */\nexport const generateUUID = () => {\n\t// return alphanumeric, sortable uuid of 27 characters\n\treturn (\n\t\tDate.now().toString(36) +\n\t\tMath.random().toString(36).substring(2) + // removing '0.' prefix\n\t\tMath.random().toString(36).substring(2)\n\t).substring(0, 27);\n};\n","// supported state types are string and object\ntype StateObject = Record<string, any>;\n\ntype Subscribers<T> = Record<string, SubscribeCb<T>>;\n\nconst compare = <T extends StateObject>(a: T, b: T) => {\n\tconst aProperties = (a && Object.getOwnPropertyNames(a)) || [];\n\tconst bProperties = (b && Object.getOwnPropertyNames(b)) || [];\n\n\tif (aProperties.length !== bProperties.length) {\n\t\treturn false;\n\t}\n\n\tfor (let i = 0; i < aProperties.length; i += 1) {\n\t\tconst propName = aProperties[i];\n\n\t\tif (a[propName] !== b[propName]) {\n\t\t\treturn false;\n\t\t}\n\t}\n\n\treturn true;\n};\n\nconst clone = (state: StateObject): StateObject => {\n\treturn { ...state };\n};\n\nclass State<T extends StateObject> {\n\t#state: T;\n\n\t#subscribers: Subscribers<T> = {};\n\n\t#token = 0;\n\n\tconstructor(init: T) {\n\t\tthis.#state = init;\n\t}\n\n\tget current() {\n\t\treturn clone(this.#state) as T;\n\t}\n\n\tupdate(newState: T) {\n\t\tconst nextState: T = newState;\n\t\tif (!compare(this.#state, nextState)) {\n\t\t\tconst prevState = this.#state;\n\t\t\tthis.#state = nextState as T;\n\t\t\tObject.freeze(this.#state);\n\n\t\t\tsetTimeout(() => {\n\t\t\t\tObject.values(this.#subscribers).forEach((cb) => cb(clone(nextState) as T, prevState));\n\t\t\t}, 0);\n\t\t}\n\t}\n\n\tsubscribe(cb: SubscribeCb<T>) {\n\t\tthis.#token += 1;\n\t\tthis.#subscribers[this.#token] = cb;\n\n\t\t// return unsubscribe function\n\t\tconst currentToken = this.#token;\n\t\treturn () => this.#unsubscribe(currentToken.toString());\n\t}\n\n\t#unsubscribe(token: string) {\n\t\tconst isFound = !!this.#subscribers[token];\n\n\t\tif (isFound) {\n\t\t\tdelete this.#subscribers[token];\n\t\t}\n\t}\n\n\tunsubscribeAll() {\n\t\tthis.#subscribers = {};\n\t}\n}\nexport type SubscribeCb<T> = (state: T, prevState?: T) => void;\nexport default State;\n","import { JWTResponse } from '@descope/core-js-sdk';\nimport Cookies from 'js-cookie';\nimport { RefreshFn, SdkState, TokensOptions } from './types';\nimport { IS_BROWSER, LOCAL_STORAGE_LAST_USER_EXTERNAL_ID } from './constants';\n\n/** Default name for the session cookie */\nconst sessionCookieName = 'DS';\n/** Default name for the refresh cookie */\nconst refreshStorageKey = 'DSR';\n/** Holds the list of timer IDs for auto-refresh of the session token timers so we can clean them later */\nlet refreshTimeoutIds: NodeJS.Timeout[] = [];\n\n/**\n * Store refresh token in localStorage.\n * This is only relevant for development where the refresh token is returned in the response body.\n * For production, it is recommended to configure Descope project to return refresh token as httpOnly cookie as it is more secure this way.\n * @param refreshJwt The refresh JWT to store\n */\nfunction setRefreshToken(refreshJwt: string) {\n\tif (localStorage && refreshJwt) {\n\t\tlocalStorage.setItem(refreshStorageKey, refreshJwt);\n\t}\n}\n\n/**\n * Store the session JWT as a cookie on the given domain and path with the given expiration.\n * This is useful so that the application backend will automatically get the cookie for the session\n * @param sessionJwt The session JWT to store as a cookie\n * @param cookieParams configuration that is usually returned from the JWT\n */\nfunction setSessionToken(\n\tsessionJwt: string,\n\t{ cookiePath, cookieDomain, cookieExpiration }: Partial<JWTResponse>\n) {\n\tif (sessionJwt) {\n\t\tCookies.set(sessionCookieName, sessionJwt, {\n\t\t\tpath: cookiePath,\n\t\t\tdomain: cookieDomain,\n\t\t\texpires: cookieExpiration,\n\t\t\tsameSite: 'None',\n\t\t\tsecure: true\n\t\t});\n\t}\n}\n\n/**\n * Get the JWT expiration WITHOUT VALIDATING the JWT\n * @param token The JWT to extract expiration from\n * @returns The Date for when the JWT expires or null if there is an issue\n */\nfunction getSessionExpiration(token: string) {\n\tconst parts = token.split('.');\n\ttry {\n\t\tif (parts.length === 3) {\n\t\t\tconst claims = JSON.parse(window.atob(token.split('.')[1]));\n\t\t\tif (claims.exp) {\n\t\t\t\treturn new Date(claims.exp * 1000);\n\t\t\t}\n\t\t}\n\t} catch (ex) {\n\t\t// fallback to null\n\t}\n\t// istanbul ignore next\n\treturn null;\n}\n\n/**\n * Start a timer to auto-refresh the session JWT based on the expiry of the session\n * @param refreshFn The function to actually perform the refresh\n * @param sessionJwt The current session JWT to extract timeout from\n * @param refreshJWT The current refresh JWT to be used for refresh function\n */\nfunction setRefreshSessionTimeout(refreshFn: RefreshFn, sessionJwt: string, refreshJWT: string) {\n\tconst sessionExpiration = getSessionExpiration(sessionJwt);\n\tif (sessionExpiration) {\n\t\tlet previousTimeout: NodeJS.Timeout;\n\t\twhile ((previousTimeout = refreshTimeoutIds.pop())) {\n\t\t\tclearTimeout(previousTimeout);\n\t\t}\n\t\t// set refresh to happen 20 (magic number) seconds before session token is expired\n\t\tconst refreshTimeout = sessionExpiration.getTime() - 20 * 1000 - new Date().getTime();\n\t\tconst timeoutId = setTimeout(() => {\n\t\t\t// token can also be empty if the refresh JWT is returned as httpOnly cookie\n\t\t\trefreshFn(refreshJWT);\n\t\t}, refreshTimeout);\n\t\trefreshTimeoutIds.push(timeoutId);\n\t}\n}\n\n/**\n * Store the Descope session cookie and the refresh localStorage.\n * For production if configured correctly (returning refresh JWT as httpOnly cookie), it will not store the refresh JWT\n * @param sessionJwt The session JWT to store\n * @param refreshJwt The refresh JWT to store\n * @param cookieParams cookie configuration for setting session JWT cookie\n */\nfunction setDescopeTokens(\n\tsessionJwt: string,\n\trefreshJwt: string,\n\tcookieParams: Partial<JWTResponse>\n) {\n\tsetSessionToken(sessionJwt, cookieParams);\n\tsetRefreshToken(refreshJwt);\n}\n\n/**\n * Extracts JWT response from request body.\n * @param body The response body\n */\nfunction extractJWTResponse(body: any): JWTResponse {\n\t// auth info can be in body authInfo attribute, or the body itself, depending on the core-sdk function\n\treturn body?.authInfo || body || ({} as JWTResponse);\n}\n\n/**\n * Hook function to wrap around Descope SDK and handle tokens\n * @param refreshFn The function to use for refreshing token\n * @param res The raw HTTP response\n * @param state The callbacks that are used to update session token\n * @param options token options that are used for tokens management purposes\n */\nexport async function handleDescopeTokens(\n\trefreshFn: RefreshFn,\n\tres: Response,\n\tstate: SdkState,\n\toptions: TokensOptions\n) {\n\ttry {\n\t\tif (res.status === 401) {\n\t\t\t// reset state if got unauthorized status code\n\t\t\tstate.sessionToken.update({ sessionToken: '' });\n\t\t\tstate.user.update({});\n\t\t\treturn;\n\t\t}\n\t\tconst body = await res?.json();\n\t\tif (body) {\n\t\t\tconst { sessionJwt, refreshJwt, user, ...cookieParams } = extractJWTResponse(body);\n\t\t\t// Persist token\n\t\t\tif (options.persistTokens) {\n\t\t\t\tsetDescopeTokens(sessionJwt, refreshJwt, cookieParams);\n\t\t\t}\n\n\t\t\t// Update state\n\t\t\tif (sessionJwt) {\n\t\t\t\tstate.sessionToken.update({ sessionToken: sessionJwt });\n\t\t\t}\n\t\t\tif (user) {\n\t\t\t\tconst externalId = user?.externalIds?.[0];\n\t\t\t\tif (IS_BROWSER && externalId) {\n\t\t\t\t\tlocalStorage?.setItem(LOCAL_STORAGE_LAST_USER_EXTERNAL_ID, externalId);\n\t\t\t\t}\n\t\t\t\tstate.user.update(user);\n\t\t\t}\n\n\t\t\t// Auto refresh\n\t\t\tif (sessionJwt && refreshJwt && options.autoRefresh) {\n\t\t\t\tsetRefreshSessionTimeout(refreshFn, sessionJwt, refreshJwt);\n\t\t\t}\n\t\t}\n\t} catch (ex) {\n\t\t// istanbul ignore next\n\t\t// eslint-disable-next-line no-console\n\t\tconsole.error('Could not set tokens from body', ex);\n\t}\n}\n\n/** Return the refresh token from the localStorage. Not for production usage because refresh token will not be saved in localStorage. */\nexport function getRefreshToken() {\n\treturn localStorage ? localStorage?.getItem(refreshStorageKey) : '';\n}\n\n/** Remove both the localStorage refresh JWT and the session cookie */\nexport function clearTokens() {\n\tif (localStorage) {\n\t\tlocalStorage.removeItem(refreshStorageKey);\n\t}\n\tCookies.remove(sessionCookieName);\n}\n","import { IS_BROWSER } from './constants';\nimport { CoreSdk } from './types';\n\n/** Constructs a higher level WebAuthn API that wraps the functions from code-js-sdk */\nconst createWebAuthn = (sdk: CoreSdk) => ({\n\tasync signUp(identifier: string, name: string) {\n\t\tconst startResponse = await sdk.webauthn.signUp.start(identifier, window.location.origin, name);\n\t\tconst createResponse = await create(startResponse.data.options);\n\t\tconst finishResponse = await sdk.webauthn.signUp.finish(\n\t\t\tstartResponse.data.transactionId,\n\t\t\tcreateResponse\n\t\t);\n\t\treturn finishResponse;\n\t},\n\n\tasync signIn(identifier: string) {\n\t\tconst startResponse = await sdk.webauthn.signIn.start(identifier, window.location.origin);\n\t\tconst getResponse = await get(startResponse.data.options);\n\t\tconst finishResponse = await sdk.webauthn.signIn.finish(\n\t\t\tstartResponse.data.transactionId,\n\t\t\tgetResponse\n\t\t);\n\t\treturn finishResponse;\n\t},\n\n\tasync signUpOrIn(identifier: string) {\n\t\tconst startResponse = await sdk.webauthn.signUpOrIn.start(identifier, window.location.origin);\n\t\tif (startResponse.data?.create) {\n\t\t\tconst createResponse = await create(startResponse.data.options);\n\t\t\tconst finishResponse = await sdk.webauthn.signUp.finish(\n\t\t\t\tstartResponse.data.transactionId,\n\t\t\t\tcreateResponse\n\t\t\t);\n\t\t\treturn finishResponse;\n\t\t} else {\n\t\t\tconst getResponse = await get(startResponse.data.options);\n\t\t\tconst finishResponse = await sdk.webauthn.signIn.finish(\n\t\t\t\tstartResponse.data.transactionId,\n\t\t\t\tgetResponse\n\t\t\t);\n\t\t\treturn finishResponse;\n\t\t}\n\t},\n\n\tasync update(identifier: string, token: string) {\n\t\tconst startResponse = await sdk.webauthn.update.start(\n\t\t\tidentifier,\n\t\t\twindow.location.origin,\n\t\t\ttoken\n\t\t);\n\t\tconst createResponse = await create(startResponse.data.options);\n\t\tconst finishResponse = await sdk.webauthn.update.finish(\n\t\t\tstartResponse.data.transactionId,\n\t\t\tcreateResponse\n\t\t);\n\t\treturn finishResponse;\n\t},\n\n\t/** Helper functions for working with WebAuthn browser APIs using JSON data */\n\thelpers: {\n\t\t/** Wraps the navigation.credentials.create call to translate JSON inputs and outputs */\n\t\tcreate,\n\t\t/** Wraps the navigation.credentials.get call to translate JSON inputs and outputs */\n\t\tget,\n\t\t/** Checks if the browser supports WebAuthn,\n\t\t * and can optionally require in addition that The browser supports WebAuthn with built-in biometrics */\n\t\tisSupported\n\t}\n});\n\n// Helpers functions\n\nasync function create(options: string): Promise<string> {\n\tconst createOptions = decodeCreateOptions(options);\n\tconst createResponse = (await navigator.credentials.create(\n\t\tcreateOptions\n\t)) as AttestationPublicKeyCredential;\n\treturn encodeCreateResponse(createResponse);\n}\n\nasync function get(options: string): Promise<string> {\n\tconst getOptions = decodeGetOptions(options);\n\tconst getResponse = (await navigator.credentials.get(getOptions)) as AssertionPublicKeyCredential;\n\treturn encodeGetResponse(getResponse);\n}\n\nasync function isSupported(requirePlatformAuthenticator: boolean = false): Promise<boolean> {\n\tif (!IS_BROWSER) {\n\t\treturn Promise.resolve(false);\n\t}\n\tconst supported = !!(\n\t\tPublicKeyCredential &&\n\t\tnavigator.credentials &&\n\t\tnavigator.credentials.create &&\n\t\tnavigator.credentials.get\n\t);\n\tif (\n\t\tsupported &&\n\t\trequirePlatformAuthenticator &&\n\t\tPublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable\n\t) {\n\t\treturn PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable();\n\t}\n\treturn supported;\n}\n\n// Conversion of data structures for Create/Attestation/Register ceremony\n\ntype AttestationPublicKeyCredential = PublicKeyCredential & {\n\tresponse: AuthenticatorAttestationResponse;\n};\n\nfunction decodeCreateOptions(value: string): CredentialCreationOptions {\n\tconst options = JSON.parse(value);\n\toptions.publicKey.challenge = decodeBase64Url(options.publicKey.challenge);\n\toptions.publicKey.user.id = decodeBase64Url(options.publicKey.user.id);\n\toptions.publicKey.excludeCredentials?.forEach((item: any) => {\n\t\titem.id = decodeBase64Url(item.id);\n\t});\n\treturn options;\n}\n\nfunction encodeCreateResponse(credential: AttestationPublicKeyCredential): string {\n\treturn JSON.stringify({\n\t\t...credential,\n\t\trawId: encodeBase64Url(credential.rawId),\n\t\tresponse: {\n\t\t\t...credential.response,\n\t\t\tattestationObject: encodeBase64Url(credential.response.attestationObject),\n\t\t\tclientDataJSON: encodeBase64Url(credential.response.clientDataJSON)\n\t\t}\n\t});\n}\n\n// Conversion of data structures for Get/Assertion/Login ceremony\n\ntype AssertionPublicKeyCredential = PublicKeyCredential & {\n\tresponse: AuthenticatorAssertionResponse;\n};\n\nfunction decodeGetOptions(value: string): CredentialRequestOptions {\n\tconst options = JSON.parse(value);\n\toptions.publicKey.challenge = decodeBase64Url(options.publicKey.challenge);\n\toptions.publicKey.allowCredentials?.forEach((item: any) => {\n\t\titem.id = decodeBase64Url(item.id);\n\t});\n\treturn options;\n}\n\nfunction encodeGetResponse(credential: AssertionPublicKeyCredential): string {\n\treturn JSON.stringify({\n\t\t...credential,\n\t\trawId: encodeBase64Url(credential.rawId),\n\t\tresponse: {\n\t\t\t...credential.response,\n\t\t\tauthenticatorData: encodeBase64Url(credential.response.authenticatorData),\n\t\t\tclientDataJSON: encodeBase64Url(credential.response.clientDataJSON),\n\t\t\tsignature: encodeBase64Url(credential.response.signature),\n\t\t\tuserHandle: credential.response.userHandle\n\t\t\t\t? encodeBase64Url(credential.response.userHandle)\n\t\t\t\t: undefined\n\t\t}\n\t});\n}\n\n// Conversion between ArrayBuffers and Base64Url strings\n\nfunction decodeBase64Url(value: string): ArrayBufferLike {\n\tconst base64 = value.replace(/_/g, '/').replace(/-/g, '+');\n\treturn Uint8Array.from(atob(base64), (c) => c.charCodeAt(0)).buffer;\n}\n\nfunction encodeBase64Url(value: ArrayBufferLike): string {\n\tconst base64 = btoa(String.fromCharCode.apply(null, new Uint8Array(value)));\n\treturn base64.replace(/\\//g, '_').replace(/\\+/g, '-').replace(/=/g, '');\n}\n\n// Exports\n\nexport default createWebAuthn;\n","import createSdk, { FlowResponse, JWTResponse, UserResponse } from '@descope/core-js-sdk';\nimport {\n\tIS_BROWSER,\n\tFP_BODY_DATA,\n\tLOCAL_STORAGE_LAST_USER_EXTERNAL_ID,\n\tVISITOR_REQUEST_ID_PARAM,\n\tVISITOR_SESSION_ID_PARAM\n} from './constants';\nimport fp from './fp';\nimport State from './state';\nimport { clearTokens, getRefreshToken, handleDescopeTokens } from './tokens';\nimport { CoreSdk, TokensOptions } from './types';\nimport createWebAuthn from './webauthn';\n\ndeclare const BUILD_VERSION: string;\n\n/** Configuration arguments which include the Descope core SDK args and fingerprint configuration.\n * Also specifies token options - if we should persist tokens from responses automatically and auto-refresh.\n */\nexport type WebJSSDKArgs = Parameters<typeof createSdk>[0] &\n\tTokensOptions & {\n\t\t// FingerprintJS API key\n\t\tfpKey?: string;\n\t};\n\n/**\n * Wrapper around DescopeSDK to handle fingerprint.js and storage of JWT tokens in cookies and localStorage,\n * It also sets a timer to refresh session JWT automatically.\n */\nexport default ({ autoRefresh = true, persistTokens = true, ...args }: WebJSSDKArgs) => {\n\t// istanbul ignore next\n\tif (!IS_BROWSER) {\n\t\t// eslint-disable-next-line no-console\n\t\tconsole.warn(\n\t\t\t'Fingerprint is a client side only capability and will not work when running in the server'\n\t\t);\n\t} else {\n\t\tfp(args.fpKey)\n\t\t\t.get()\n\t\t\t.catch(() => null);\n\t}\n\n\tconst sdkConfig = args;\n\n\t// we defer defining the hook implementations themselves until the webSdk is created later, so that the hooks\n\t// call the actual webSdk functions rather than those from coreSdk, and so that the sdk functions used by\n\t// the hooks can be mocked\n\tlet beforeRequestHook: typeof sdkConfig.hooks.beforeRequest;\n\tlet afterRequestHook: typeof sdkConfig.hooks.afterRequest;\n\n\tconst sessionToken = new State<{ sessionToken: string }>({ sessionToken: '' });\n\tconst user = new State<UserResponse>({} as UserResponse);\n\n\tsdkConfig.hooks = {\n\t\tbeforeRequest: (config) => {\n\t\t\treturn beforeRequestHook?.(config);\n\t\t},\n\t\tafterRequest: (req, res) => {\n\t\t\treturn afterRequestHook?.(req, res);\n\t\t}\n\t};\n\n\tconst coreSdk = createSdk(sdkConfig);\n\tconst webauthnSdk = createWebAuthn(coreSdk);\n\n\tconst webSdk = {\n\t\t...coreSdk,\n\t\tflow: {\n\t\t\t...coreSdk.flow,\n\t\t\tstart: async (flowId: string, options?: { tenant?: string }) => {\n\t\t\t\tconst webAuthnSupport = await webauthnSdk.helpers.isSupported();\n\t\t\t\tconst lastUserExternalId = localStorage?.getItem(LOCAL_STORAGE_LAST_USER_EXTERNAL_ID);\n\t\t\t\tconst readyOptions: Parameters<typeof coreSdk.flow.start>[1] = {\n\t\t\t\t\ttenant: options?.tenant,\n\t\t\t\t\tredirectUrl: window.location.href,\n\t\t\t\t\tdeviceInfo: {\n\t\t\t\t\t\twebAuthnSupport\n\t\t\t\t\t}\n\t\t\t\t};\n\t\t\t\tif (lastUserExternalId) {\n\t\t\t\t\treadyOptions.lastUser = {\n\t\t\t\t\t\texternalId: lastUserExternalId\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t\treturn coreSdk.flow.start(flowId, readyOptions);\n\t\t\t}\n\t\t},\n\t\twebauthn: webauthnSdk,\n\t\tonSessionTokenChange: (cb: (sessionToken: string) => void) => {\n\t\t\t// wrapper callback converts from the state object to sessionToken string\n\t\t\tconst bcWrapper = ({ sessionToken }) => {\n\t\t\t\tcb(sessionToken);\n\t\t\t};\n\n\t\t\t// run callback with current state for a case that the state's consumer calls 'subscribe' after state was already updated\n\t\t\tconst currentSessionToken = sessionToken.current?.sessionToken;\n\t\t\tif (currentSessionToken) {\n\t\t\t\tcb(currentSessionToken);\n\t\t\t}\n\t\t\treturn sessionToken.subscribe(bcWrapper);\n\t\t},\n\t\tonUserChange: (cb: (user: UserResponse) => void) => {\n\t\t\tconst bcWrapper = (user: UserResponse) => {\n\t\t\t\tcb(user);\n\t\t\t};\n\t\t\tconst currUser = user.current;\n\t\t\t// run callback with current state for a case that the state's consumer calls 'subscribe' after state was already updated\n\t\t\tif (currUser && Object.entries(currUser).length > 0) {\n\t\t\t\tcb(currUser);\n\t\t\t}\n\n\t\t\treturn user.subscribe(bcWrapper);\n\t\t}\n\t};\n\n\tif (!IS_BROWSER) {\n\t\t// eslint-disable-next-line no-console\n\t\tconsole.warn(\n\t\t\t'Storing auth tokens in local storage and cookies are a client side only capabilities and will not be done when running in the server'\n\t\t);\n\t\treturn webSdk;\n\t}\n\n\tif (autoRefresh) {\n\t\t// Make it easier for Descoper to just call logout/logoutAll without parameters,\n\t\t// In case this is a dev env and refresh is stored in localStorage\n\t\t['logout', 'logoutAll'].forEach((fnName) => {\n\t\t\tconst originFn = coreSdk[fnName] as Function;\n\t\t\twebSdk[fnName] = (...args: any) => {\n\t\t\t\tconst refreshToken = getRefreshToken();\n\t\t\t\tconst token = args?.shift();\n\t\t\t\tconst logoutArgs = [token || refreshToken, ...args];\n\t\t\t\tconst res = originFn(...logoutArgs);\n\t\t\t\tclearTokens();\n\t\t\t\tIS_BROWSER && localStorage?.removeItem(LOCAL_STORAGE_LAST_USER_EXTERNAL_ID);\n\t\t\t\tsessionToken.update({ sessionToken: '' });\n\t\t\t\treturn res;\n\t\t\t};\n\t\t});\n\t}\n\n\tbeforeRequestHook = (config) => {\n\t\tif (config.body) {\n\t\t\tconst fpData = {\n\t\t\t\t[VISITOR_SESSION_ID_PARAM]: sessionStorage.getItem(VISITOR_SESSION_ID_PARAM) || '',\n\t\t\t\t[VISITOR_REQUEST_ID_PARAM]: sessionStorage.getItem(VISITOR_REQUEST_ID_PARAM) || ''\n\t\t\t};\n\t\t\tconfig.body[FP_BODY_DATA] = fpData;\n\t\t}\n\n\t\tif (!config.token && persistTokens) {\n\t\t\tconfig.token = getRefreshToken();\n\t\t}\n\t\tconfig.headers = {\n\t\t\t...config.headers,\n\t\t\t'x-descope-sdk-name': 'web-js',\n\t\t\t'x-descope-sdk-version': BUILD_VERSION\n\t\t};\n\t\treturn config;\n\t};\n\n\twebSdk.me = async (...args: Parameters<CoreSdk['me']>) => {\n\t\tconst res = await coreSdk.me(...args);\n\t\tif (res.ok) {\n\t\t\tconst body = await res.response?.clone().json();\n\t\t\tuser.update(body);\n\t\t}\n\t\treturn res;\n\t};\n\n\tif (autoRefresh || persistTokens) {\n\t\tafterRequestHook = (_, res) => {\n\t\t\thandleDescopeTokens(\n\t\t\t\twebSdk.refresh,\n\t\t\t\tres,\n\t\t\t\t{ sessionToken, user },\n\t\t\t\t{ autoRefresh, persistTokens }\n\t\t\t);\n\t\t};\n\t}\n\n\tif (autoRefresh) {\n\t\tif (getRefreshToken()) {\n\t\t\t// refresh on init is done after afterRequestHook is configured\n\t\t\twebSdk.refresh();\n\t\t}\n\t}\n\n\treturn webSdk;\n};\n"],"names":["IS_BROWSER","window","FP_KEY","localStorage","getItem","FP_EP_URL","fp","fpKey","agentP","load","apiKey","endpoint","get","async","sessionId","sessionStorage","Date","now","toString","Math","random","substring","setItem","agent","res","linkedId","requestId","ex","global","FB_DEBUG","console","error","clone","state","Object","assign","State","constructor","init","_State_state","set","this","_State_subscribers","_State_token","__classPrivateFieldSet","current","__classPrivateFieldGet","update","newState","nextState","a","b","aProperties","getOwnPropertyNames","bProperties","length","i","propName","compare","prevState","freeze","setTimeout","values","forEach","cb","subscribe","currentToken","_State_instances","_State_unsubscribe","call","unsubscribeAll","token","refreshTimeoutIds","setRefreshSessionTimeout","refreshFn","sessionJwt","refreshJWT","sessionExpiration","parts","split","claims","JSON","parse","atob","exp","getSessionExpiration","previousTimeout","pop","clearTimeout","refreshTimeout","getTime","timeoutId","push","setDescopeTokens","refreshJwt","cookieParams","cookiePath","cookieDomain","cookieExpiration","Cookies","path","domain","expires","sameSite","secure","setSessionToken","setRefreshToken","getRefreshToken","create","options","createOptions","value","publicKey","challenge","decodeBase64Url","user","id","_a","excludeCredentials","item","decodeCreateOptions","createResponse","navigator","credentials","credential","stringify","rawId","encodeBase64Url","response","attestationObject","clientDataJSON","getOptions","allowCredentials","decodeGetOptions","getResponse","authenticatorData","signature","userHandle","undefined","isSupported","requirePlatformAuthenticator","Promise","resolve","supported","PublicKeyCredential","isUserVerifyingPlatformAuthenticatorAvailable","base64","replace","Uint8Array","from","c","charCodeAt","buffer","btoa","String","fromCharCode","apply","index","autoRefresh","persistTokens","args","__rest","catch","warn","sdkConfig","beforeRequestHook","afterRequestHook","sessionToken","hooks","beforeRequest","config","afterRequest","req","coreSdk","createSdk","webauthnSdk","sdk","identifier","name","startResponse","webauthn","signUp","start","location","origin","data","finish","transactionId","signIn","signUpOrIn","helpers","webSdk","flow","flowId","webAuthnSupport","lastUserExternalId","readyOptions","tenant","redirectUrl","href","deviceInfo","lastUser","externalId","onSessionTokenChange","currentSessionToken","onUserChange","currUser","entries","fnName","originFn","refreshToken","logoutArgs","shift","removeItem","remove","body","fpData","vsid","vrid","headers","me","ok","json","_","status","_b","authInfo","extractJWTResponse","externalIds","handleDescopeTokens","refresh"],"mappings":"4MAAA,MAIaA,EAA+B,oBAAXC,OAEpBC,EACXF,GAAcG,aAAaC,QAPE,2BAOkC,uBAEpDC,EACXL,IAAc,OAAAG,uBAAAA,oBAAAA,aAAcC,QATG,8BASmC,yBCL9DE,EAAMC,IACX,MAAMC,EAASC,EAAK,CAAEC,OAAQH,GAASL,EAAQS,SAAUN,IAEzD,MAAO,CACNO,IAAKC,UACJ,IACC,IAAIC,EAAYC,eAAeX,QDGK,QCD/BU,IACJA,GCVHE,KAAKC,MAAMC,SAAS,IACpBC,KAAKC,SAASF,SAAS,IAAIG,UAAU,GACrCF,KAAKC,SAASF,SAAS,IAAIG,UAAU,IACpCA,UAAU,EAAG,KDUZN,eAAeO,QDHqB,OCGaR,GAEjD,MAAMS,QAAcf,EACdgB,QAAYD,EAAMX,IAAI,CAAEa,SAAUX,IACxCC,eAAeO,QDLqB,OCKaE,EAAIE,UAOrD,CANC,MAAOC,GAEJC,OAAOC,UAEVC,QAAQC,MAAMJ,EAEf,GAEF,gBEzBF,MAmBMK,EAASC,GACdC,OAAAC,OAAA,CAAA,EAAYF,GAGb,MAAMG,EAOLC,YAAYC,eANZC,EAAUC,IAAAC,UAAA,GAEVC,EAAAF,IAAAC,KAA+B,CAAA,GAE/BE,EAAAH,IAAAC,KAAS,GAGRG,EAAAH,KAAIF,EAAUD,EAAI,IAClB,CAEGO,cACH,OAAOb,EAAMc,EAAAL,KAAIF,EAAA,KACjB,CAEDQ,OAAOC,GACN,MAAMC,EAAeD,EACrB,IAxCc,EAAwBE,EAAMC,KAC7C,MAAMC,EAAeF,GAAKhB,OAAOmB,oBAAoBH,IAAO,GACtDI,EAAeH,GAAKjB,OAAOmB,oBAAoBF,IAAO,GAE5D,GAAIC,EAAYG,SAAWD,EAAYC,OACtC,OAAO,EAGR,IAAK,IAAIC,EAAI,EAAGA,EAAIJ,EAAYG,OAAQC,GAAK,EAAG,CAC/C,MAAMC,EAAWL,EAAYI,GAE7B,GAAIN,EAAEO,KAAcN,EAAEM,GACrB,OAAO,CAER,CAED,OAAO,CAAI,EAwBLC,CAAQZ,EAAAL,KAAWF,EAAA,KAAEU,GAAY,CACrC,MAAMU,EAAYb,EAAAL,YAClBG,EAAAH,KAAIF,EAAUU,EAAc,KAC5Bf,OAAO0B,OAAOd,EAAAL,KAAIF,EAAA,MAElBsB,YAAW,KACV3B,OAAO4B,OAAOhB,EAAAL,aAAmBsB,SAASC,GAAOA,EAAGhC,EAAMiB,GAAiBU,IAAW,GACpF,EACH,CACD,CAEDM,UAAUD,GACTpB,EAAeH,KAAAE,EAAAG,EAAAL,KAAAE,EAAA,KAAA,OACfG,EAAAL,YAAkBK,EAAAL,KAAWE,EAAA,MAAIqB,EAGjC,MAAME,EAAepB,EAAAL,YACrB,MAAO,IAAMK,EAAAL,KAAiB0B,EAAA,IAAAC,GAAAC,KAAjB5B,KAAkByB,EAAahD,WAC5C,CAUDoD,iBACC1B,EAAAH,KAAIC,EAAgB,CAAE,EAAA,IACtB,qEAVY6B,KACMzB,EAAAL,KAAiBC,EAAA,KAAC6B,WAG5BzB,EAAAL,KAAIC,EAAA,KAAc6B,EAE3B,EC7DD,IAAIC,EAAsC,GA8D1C,SAASC,EAAyBC,EAAsBC,EAAoBC,GAC3E,MAAMC,EAvBP,SAA8BN,GAC7B,MAAMO,EAAQP,EAAMQ,MAAM,KAC1B,IACC,GAAqB,IAAjBD,EAAMvB,OAAc,CACvB,MAAMyB,EAASC,KAAKC,MAAMjF,OAAOkF,KAAKZ,EAAMQ,MAAM,KAAK,KACvD,GAAIC,EAAOI,IACV,OAAO,IAAIpE,KAAkB,IAAbgE,EAAOI,IAExB,CAGD,CAFC,MAAOzD,GAER,CAED,OAAO,IACR,CAS2B0D,CAAqBV,GAC/C,GAAIE,EAAmB,CACtB,IAAIS,EACJ,KAAQA,EAAkBd,EAAkBe,OAC3CC,aAAaF,GAGd,MAAMG,EAAiBZ,EAAkBa,UAAY,KAAY,IAAI1E,MAAO0E,UACtEC,EAAY9B,YAAW,KAE5Ba,EAAUE,EAAW,GACnBa,GACHjB,EAAkBoB,KAAKD,EACvB,CACF,CASA,SAASE,EACRlB,EACAmB,EACAC,IArED,SACCpB,GACAqB,WAAEA,EAAUC,aAAEA,EAAYC,iBAAEA,IAExBvB,GACHwB,EAAQ3D,IA7BgB,KA6BOmC,EAAY,CAC1CyB,KAAMJ,EACNK,OAAQJ,EACRK,QAASJ,EACTK,SAAU,OACVC,QAAQ,GAGX,CA0DCC,CAAgB9B,EAAYoB,GAnF7B,SAAyBD,GACpB3F,cAAgB2F,GACnB3F,aAAamB,QAZW,MAYgBwE,EAE1C,CAgFCY,CAAgBZ,EACjB,UAgEgBa,IACf,OAAOxG,aAA2B,OAAZA,mBAAA,IAAAA,kBAAA,EAAAA,aAAcC,QAhKX,OAgKwC,EAClE,CCjGAS,eAAe+F,EAAOC,GACrB,MAAMC,EAuCP,SAA6BC,SAC5B,MAAMF,EAAU5B,KAAKC,MAAM6B,GAM3B,OALAF,EAAQG,UAAUC,UAAYC,EAAgBL,EAAQG,UAAUC,WAChEJ,EAAQG,UAAUG,KAAKC,GAAKF,EAAgBL,EAAQG,UAAUG,KAAKC,IAC7B,QAAtCC,EAAAR,EAAQG,UAAUM,0BAAoB,IAAAD,GAAAA,EAAAtD,SAASwD,IAC9CA,EAAKH,GAAKF,EAAgBK,EAAKH,GAAG,IAE5BP,CACR,CA/CuBW,CAAoBX,GACpCY,QAAwBC,UAAUC,YAAYf,OACnDE,GAED,OA6C6Bc,EA7CDH,EA8CrBxC,KAAK4C,yCACRD,GAAU,CACbE,MAAOC,EAAgBH,EAAWE,OAClCE,SACI9F,OAAAC,OAAAD,OAAAC,OAAA,CAAA,EAAAyF,EAAWI,UAAQ,CACtBC,kBAAmBF,EAAgBH,EAAWI,SAASC,mBACvDC,eAAgBH,EAAgBH,EAAWI,SAASE,qBAPvD,IAA8BN,CA5C9B,CAEA/G,eAAeD,EAAIiG,GAClB,MAAMsB,EA2DP,SAA0BpB,SACzB,MAAMF,EAAU5B,KAAKC,MAAM6B,GAK3B,OAJAF,EAAQG,UAAUC,UAAYC,EAAgBL,EAAQG,UAAUC,WAC5B,QAApCI,EAAAR,EAAQG,UAAUoB,wBAAkB,IAAAf,GAAAA,EAAAtD,SAASwD,IAC5CA,EAAKH,GAAKF,EAAgBK,EAAKH,GAAG,IAE5BP,CACR,CAlEoBwB,CAAiBxB,GAC9ByB,QAAqBZ,UAAUC,YAAY/G,IAAIuH,GACrD,OAkE0BP,EAlEDU,EAmElBrD,KAAK4C,UAAS3F,OAAAC,OAAAD,OAAAC,OAAA,CAAA,EACjByF,GAAU,CACbE,MAAOC,EAAgBH,EAAWE,OAClCE,SACI9F,OAAAC,OAAAD,OAAAC,OAAA,CAAA,EAAAyF,EAAWI,UACd,CAAAO,kBAAmBR,EAAgBH,EAAWI,SAASO,mBACvDL,eAAgBH,EAAgBH,EAAWI,SAASE,gBACpDM,UAAWT,EAAgBH,EAAWI,SAASQ,WAC/CC,WAAYb,EAAWI,SAASS,WAC7BV,EAAgBH,EAAWI,SAASS,iBACpCC,OAXN,IAA2Bd,CAjE3B,CAEA/G,eAAe8H,EAAYC,GAAwC,GAClE,IAAK5I,EACJ,OAAO6I,QAAQC,SAAQ,GAExB,MAAMC,KACLC,qBACAtB,UAAUC,aACVD,UAAUC,YAAYf,QACtBc,UAAUC,YAAY/G,KAEvB,OACCmI,GACAH,GACAI,oBAAoBC,8CAEbD,oBAAoBC,gDAErBF,CACR,CA+DA,SAAS7B,EAAgBH,GACxB,MAAMmC,EAASnC,EAAMoC,QAAQ,KAAM,KAAKA,QAAQ,KAAM,KACtD,OAAOC,WAAWC,KAAKlE,KAAK+D,IAAUI,GAAMA,EAAEC,WAAW,KAAIC,MAC9D,CAEA,SAASzB,EAAgBhB,GAExB,OADe0C,KAAKC,OAAOC,aAAaC,MAAM,KAAM,IAAIR,WAAWrC,KACrDoC,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAKA,QAAQ,KAAM,GACrE,CClJA,IAAeU,EAACxC,IAAA,IAAAyC,YAAEA,GAAc,EAAIC,cAAEA,GAAgB,GAAI1C,EAAK2C,EAA/CC,EAAA5C,EAAA,CAAA,cAAA,kBAEVrH,EAMJM,EAAG0J,EAAKzJ,OACNK,MACAsJ,OAAM,IAAM,OANdpI,QAAQqI,KACP,6FAQF,MAAMC,EAAYJ,EAKlB,IAAIK,EACAC,EAEJ,MAAMC,EAAe,IAAInI,EAAgC,CAAEmI,aAAc,KACnEpD,EAAO,IAAI/E,EAAoB,CAAA,GAErCgI,EAAUI,MAAQ,CACjBC,cAAgBC,GACRL,aAAiB,EAAjBA,EAAoBK,GAE5BC,aAAc,CAACC,EAAKpJ,IACZ8I,aAAA,EAAAA,EAAmBM,EAAKpJ,IAIjC,MAAMqJ,EAAUC,EAAUV,GACpBW,GD3DiBC,EC2DYH,ED3DM,CACzChK,aAAaoK,EAAoBC,GAChC,MAAMC,QAAsBH,EAAII,SAASC,OAAOC,MAAML,EAAYhL,OAAOsL,SAASC,OAAQN,GACpFzD,QAAuBb,EAAOuE,EAAcM,KAAK5E,SAKvD,aAJ6BmE,EAAII,SAASC,OAAOK,OAChDP,EAAcM,KAAKE,cACnBlE,EAGD,EAED5G,aAAaoK,GACZ,MAAME,QAAsBH,EAAII,SAASQ,OAAON,MAAML,EAAYhL,OAAOsL,SAASC,QAC5ElD,QAAoB1H,EAAIuK,EAAcM,KAAK5E,SAKjD,aAJ6BmE,EAAII,SAASQ,OAAOF,OAChDP,EAAcM,KAAKE,cACnBrD,EAGD,EAEDzH,iBAAiBoK,SAChB,MAAME,QAAsBH,EAAII,SAASS,WAAWP,MAAML,EAAYhL,OAAOsL,SAASC,QACtF,GAAsB,UAAlBL,EAAcM,YAAI,IAAApE,OAAA,EAAAA,EAAET,OAAQ,CAC/B,MAAMa,QAAuBb,EAAOuE,EAAcM,KAAK5E,SAKvD,aAJ6BmE,EAAII,SAASC,OAAOK,OAChDP,EAAcM,KAAKE,cACnBlE,EAGD,CAAM,CACN,MAAMa,QAAoB1H,EAAIuK,EAAcM,KAAK5E,SAKjD,aAJ6BmE,EAAII,SAASQ,OAAOF,OAChDP,EAAcM,KAAKE,cACnBrD,EAGD,CACD,EAEDzH,aAAaoK,EAAoB1G,GAChC,MAAM4G,QAAsBH,EAAII,SAASrI,OAAOuI,MAC/CL,EACAhL,OAAOsL,SAASC,OAChBjH,GAEKkD,QAAuBb,EAAOuE,EAAcM,KAAK5E,SAKvD,aAJ6BmE,EAAII,SAASrI,OAAO2I,OAChDP,EAAcM,KAAKE,cACnBlE,EAGD,EAGDqE,QAAS,CAERlF,SAEAhG,MAGA+H,iBA9DqB,IAACqC,EC6DvB,MAAMe,EACF7J,OAAAC,OAAAD,OAAAC,OAAA,GAAA0I,IACHmB,KAAI9J,OAAAC,OAAAD,OAAAC,OAAA,CAAA,EACA0I,EAAQmB,MACX,CAAAV,MAAOzK,MAAOoL,EAAgBpF,KAC7B,MAAMqF,QAAwBnB,EAAYe,QAAQnD,cAC5CwD,EAAiC,OAAZhM,mBAAY,IAAZA,kBAAY,EAAZA,aAAcC,QNrDM,6BMsDzCgM,EAAyD,CAC9DC,OAAQxF,aAAA,EAAAA,EAASwF,OACjBC,YAAarM,OAAOsL,SAASgB,KAC7BC,WAAY,CACXN,oBAQF,OALIC,IACHC,EAAaK,SAAW,CACvBC,WAAYP,IAGPtB,EAAQmB,KAAKV,MAAMW,EAAQG,EAAa,IAGjDhB,SAAUL,EACV4B,qBAAuB3I,UAEtB,MAKM4I,EAA0C,QAApBvF,EAAAkD,EAAa1H,eAAO,IAAAwE,OAAA,EAAAA,EAAEkD,aAIlD,OAHIqC,GACH5I,EAAG4I,GAEGrC,EAAatG,WATF,EAAGsG,mBACpBvG,EAAGuG,EAAa,GAQuB,EAEzCsC,aAAe7I,IACd,MAGM8I,EAAW3F,EAAKtE,QAMtB,OAJIiK,GAAY5K,OAAO6K,QAAQD,GAAUvJ,OAAS,GACjDS,EAAG8I,GAGG3F,EAAKlD,WATOkD,IAClBnD,EAAGmD,EAAK,GAQuB,IAIlC,OAAKnH,GAQD8J,GAGH,CAAC,SAAU,aAAa/F,SAASiJ,IAChC,MAAMC,EAAWpC,EAAQmC,GACzBjB,EAAOiB,GAAU,IAAIhD,KACpB,MAAMkD,EAAevG,IAEfwG,EAAa,EADLnD,eAAAA,EAAMoD,UACSF,KAAiBlD,GACxCxI,EAAMyL,KAAYE,GAIxB,OFqCChN,cACHA,aAAakN,WAtKW,OAwKzBlH,EAAQmH,OA1KiB,MEgItBtN,IAAc,OAAAG,mBAAA,IAAAA,cAAAA,aAAckN,WNpHmB,8BMqH/C9C,EAAaxH,OAAO,CAAEwH,aAAc,KAC7B/I,CAAG,CACV,IAIH6I,EAAqBK,IACpB,GAAIA,EAAO6C,KAAM,CAChB,MAAMC,EAAS,CACdC,KAA4B1M,eAAeX,QNlIP,SMkI4C,GAChFsN,KAA4B3M,eAAeX,QNjIP,SMiI4C,IAEjFsK,EAAO6C,KAAiB,OAAIC,CAC5B,CAUD,OARK9C,EAAOnG,OAASwF,IACpBW,EAAOnG,MAAQoC,KAEhB+D,EAAOiD,QACHzL,OAAAC,OAAAD,OAAAC,OAAA,CAAA,EAAAuI,EAAOiD,SAAO,CACjB,qBAAsB,SACtB,wBAAyB,mBAEnBjD,CAAM,EAGdqB,EAAO6B,GAAK/M,SAAUmJ,WACrB,MAAMxI,QAAYqJ,EAAQ+C,MAAM5D,GAChC,GAAIxI,EAAIqM,GAAI,CACX,MAAMN,QAAyB,UAAZ/L,EAAIwG,gBAAQ,IAAAX,OAAA,EAAAA,EAAErF,QAAQ8L,QACzC3G,EAAKpE,OAAOwK,EACZ,CACD,OAAO/L,CAAG,GAGPsI,GAAeC,KAClBO,EAAmB,CAACyD,EAAGvM,MFlDlBX,eACN6D,EACAlD,EACAS,EACA4E,SAEA,IACC,GAAmB,MAAfrF,EAAIwM,OAIP,OAFA/L,EAAMsI,aAAaxH,OAAO,CAAEwH,aAAc,UAC1CtI,EAAMkF,KAAKpE,OAAO,CAAA,GAGnB,MAAMwK,QAAa/L,aAAG,EAAHA,EAAKsM,QACxB,GAAIP,EAAM,CACT,MAAMU,EA3BT,SAA4BV,GAE3B,OAAOA,aAAA,EAAAA,EAAMW,WAAYX,GAAS,CAAA,CACnC,CAwB6DY,CAAmBZ,IAAvE5I,WAAEA,EAAUmB,WAAEA,EAAUqB,KAAEA,GAAkD8G,EAAzClI,EAAnCkE,EAAAgE,EAAA,CAAA,aAAA,aAAA,SAUN,GARIpH,EAAQkD,eACXlE,EAAiBlB,EAAYmB,EAAYC,GAItCpB,GACH1C,EAAMsI,aAAaxH,OAAO,CAAEwH,aAAc5F,IAEvCwC,EAAM,CACT,MAAMuF,EAAiC,QAApBrF,EAAAF,aAAA,EAAAA,EAAMiH,mBAAc,IAAA/G,OAAA,EAAAA,EAAA,GACnCrH,GAAc0M,IACL,OAAZvM,mBAAY,IAAZA,cAAAA,aAAcmB,QJnIgC,4BImIaoL,IAE5DzK,EAAMkF,KAAKpE,OAAOoE,EAClB,CAGGxC,GAAcmB,GAAce,EAAQiD,aACvCrF,EAAyBC,EAAWC,EAAYmB,EAEjD,CAKD,CAJC,MAAOnE,GAGRG,QAAQC,MAAM,iCAAkCJ,EAChD,CACF,CEQG0M,CACCtC,EAAOuC,QACP9M,EACA,CAAE+I,eAAcpD,QAChB,CAAE2C,cAAaC,iBACf,GAICD,GACCnD,KAEHoF,EAAOuC,UAIFvC,IAvENjK,QAAQqI,KACP,wIAEM4B,EAoEK"}

package/dist/index.umd.js

@@ -1,4 +1,4 @@
-!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).descopeSdk=t()}(this,(function(){"use strict";var e=function(){return e=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},e.apply(this,arguments)};function t(e,t){var n={};for(var r in e)Object.prototype.hasOwnProperty.call(e,r)&&t.indexOf(r)<0&&(n[r]=e[r]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var o=0;for(r=Object.getOwnPropertySymbols(e);o<r.length;o++)t.indexOf(r[o])<0&&Object.prototype.propertyIsEnumerable.call(e,r[o])&&(n[r[o]]=e[r[o]])}return n}function n(e){this.message=e}n.prototype=new Error,n.prototype.name="InvalidCharacterError";var r="undefined"!=typeof window&&window.atob&&window.atob.bind(window)||function(e){var t=String(e).replace(/=+$/,"");if(t.length%4==1)throw new n("'atob' failed: The string to be decoded is not correctly encoded.");for(var r,o,i=0,a=0,s="";o=t.charAt(a++);~o&&(r=i%4?64*r+o:o,i++%4)?s+=String.fromCharCode(255&r>>(-2*i&6)):0)o="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=".indexOf(o);return s};function o(e){this.message=e}function i(e,t){if("string"!=typeof e)throw new o("Invalid token specified");var n=!0===(t=t||{}).header?0:1;try{return JSON.parse(function(e){var t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw"Illegal base64url string!"}try{return function(e){return decodeURIComponent(r(e).replace(/(.)/g,(function(e,t){var n=t.charCodeAt(0).toString(16).toUpperCase();return n.length<2&&(n="0"+n),"%"+n})))}(t)}catch(e){return r(t)}}(e.split(".")[n]))}catch(e){throw new o("Invalid token specified: "+e.message)}}o.prototype=new Error,o.prototype.name="InvalidTokenError";var a="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},s="__lodash_hash_undefined__",c="[object Function]",u="[object GeneratorFunction]",l=/\.|\[(?:[^[\]]*|(["'])(?:(?!\1)[^\\]|\\.)*?\1)\]/,p=/^\w*$/,d=/^\./,f=/[^.[\]]+|\[(?:(-?\d+(?:\.\d+)?)|(["'])((?:(?!\2)[^\\]|\\.)*?)\2)\]|(?=(?:\.|\[\])(?:\.|\[\]|$))/g,h=/\\(\\)?/g,g=/^\[object .+?Constructor\]$/,v="object"==typeof a&&a&&a.Object===Object&&a,y="object"==typeof self&&self&&self.Object===Object&&self,m=v||y||Function("return this")();var b,w=Array.prototype,j=Function.prototype,I=Object.prototype,k=m["__core-js_shared__"],O=(b=/[^.]+$/.exec(k&&k.keys&&k.keys.IE_PROTO||""))?"Symbol(src)_1."+b:"",_=j.toString,x=I.hasOwnProperty,P=I.toString,S=RegExp("^"+_.call(x).replace(/[\\^$.*+?()[\]{}|]/g,"\\$&").replace(/hasOwnProperty|(function).*?(?=\\\()| for .+?(?=\\\])/g,"$1.*?")+"$"),U=m.Symbol,R=w.splice,E=z(m,"Map"),C=z(Object,"create"),D=U?U.prototype:void 0,T=D?D.toString:void 0;function q(e){var t=-1,n=e?e.length:0;for(this.clear();++t<n;){var r=e[t];this.set(r[0],r[1])}}function $(e){var t=-1,n=e?e.length:0;for(this.clear();++t<n;){var r=e[t];this.set(r[0],r[1])}}function A(e){var t=-1,n=e?e.length:0;for(this.clear();++t<n;){var r=e[t];this.set(r[0],r[1])}}function M(e,t){for(var n,r,o=e.length;o--;)if((n=e[o][0])===(r=t)||n!=n&&r!=r)return o;return-1}function L(e,t){var n;t=function(e,t){if(H(e))return!1;var n=typeof e;if("number"==n||"symbol"==n||"boolean"==n||null==e||Z(e))return!0;return p.test(e)||!l.test(e)||null!=t&&e in Object(t)}(t,e)?[t]:H(n=t)?n:J(n);for(var r=0,o=t.length;null!=e&&r<o;)e=e[N(t[r++])];return r&&r==o?e:void 0}function B(e){if(!G(e)||(t=e,O&&O in t))return!1;var t,n=function(e){var t=G(e)?P.call(e):"";return t==c||t==u}(e)||function(e){var t=!1;if(null!=e&&"function"!=typeof e.toString)try{t=!!(e+"")}catch(e){}return t}(e)?S:g;return n.test(function(e){if(null!=e){try{return _.call(e)}catch(e){}try{return e+""}catch(e){}}return""}(e))}function F(e,t){var n,r,o=e.__data__;return("string"==(r=typeof(n=t))||"number"==r||"symbol"==r||"boolean"==r?"__proto__"!==n:null===n)?o["string"==typeof t?"string":"hash"]:o.map}function z(e,t){var n=function(e,t){return null==e?void 0:e[t]}(e,t);return B(n)?n:void 0}q.prototype.clear=function(){this.__data__=C?C(null):{}},q.prototype.delete=function(e){return this.has(e)&&delete this.__data__[e]},q.prototype.get=function(e){var t=this.__data__;if(C){var n=t[e];return n===s?void 0:n}return x.call(t,e)?t[e]:void 0},q.prototype.has=function(e){var t=this.__data__;return C?void 0!==t[e]:x.call(t,e)},q.prototype.set=function(e,t){return this.__data__[e]=C&&void 0===t?s:t,this},$.prototype.clear=function(){this.__data__=[]},$.prototype.delete=function(e){var t=this.__data__,n=M(t,e);return!(n<0)&&(n==t.length-1?t.pop():R.call(t,n,1),!0)},$.prototype.get=function(e){var t=this.__data__,n=M(t,e);return n<0?void 0:t[n][1]},$.prototype.has=function(e){return M(this.__data__,e)>-1},$.prototype.set=function(e,t){var n=this.__data__,r=M(n,e);return r<0?n.push([e,t]):n[r][1]=t,this},A.prototype.clear=function(){this.__data__={hash:new q,map:new(E||$),string:new q}},A.prototype.delete=function(e){return F(this,e).delete(e)},A.prototype.get=function(e){return F(this,e).get(e)},A.prototype.has=function(e){return F(this,e).has(e)},A.prototype.set=function(e,t){return F(this,e).set(e,t),this};var J=K((function(e){var t;e=null==(t=e)?"":function(e){if("string"==typeof e)return e;if(Z(e))return T?T.call(e):"";var t=e+"";return"0"==t&&1/e==-1/0?"-0":t}(t);var n=[];return d.test(e)&&n.push(""),e.replace(f,(function(e,t,r,o){n.push(r?o.replace(h,"$1"):t||e)})),n}));function N(e){if("string"==typeof e||Z(e))return e;var t=e+"";return"0"==t&&1/e==-1/0?"-0":t}function K(e,t){if("function"!=typeof e||t&&"function"!=typeof t)throw new TypeError("Expected a function");var n=function(){var r=arguments,o=t?t.apply(this,r):r[0],i=n.cache;if(i.has(o))return i.get(o);var a=e.apply(this,r);return n.cache=i.set(o,a),a};return n.cache=new(K.Cache||A),n}K.Cache=A;var H=Array.isArray;function G(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}function Z(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Symbol]"==P.call(e)}var V,Q=function(e,t,n){var r=null==e?void 0:L(e,t);return void 0===r?n:r},W="/v1/auth/otp/verify",X="/v1/auth/otp/signin",Y="/v1/auth/otp/signup",ee={email:"/v1/auth/otp/update/email",phone:"/v1/auth/otp/update/phone"},te="/v1/auth/otp/signup-in",ne="/v1/auth/magiclink/verify",re="/v1/auth/magiclink/signin",oe="/v1/auth/magiclink/signup",ie="/v1/auth/magiclink/pending-session",ae={email:"/v1/auth/magiclink/update/email",phone:"/v1/auth/magiclink/update/email"},se="/v1/auth/magiclink/signup-in",ce="/v1/auth/oauth/authorize",ue="/v1/auth/saml/authorize",le="/v1/auth/totp/verify",pe="/v1/auth/totp/signup",de="/v1/user/totp/update",fe={start:"/v1/auth/webauthn/signup/start",finish:"/v1/auth/webauthn/signup/finish"},he={start:"/v1/auth/webauthn/signin/start",finish:"/v1/auth/webauthn/signin/finish"},ge={start:"v1/auth/webauthn/update/start",finish:"/v1/auth/webauthn/update/finish"},ve="/v1/flow/start",ye="/v1/flow/next";!function(e){e.get="GET",e.delete="DELETE",e.post="POST",e.put="PUT"}(V||(V={}));const me=()=>{const e={};return{headers(t){const n="function"==typeof t.entries?Object.fromEntries(t.entries()):t;return e.Headers=JSON.stringify(n),this},body(t){return e.Body=t,this},url(t){return e.Url=t.toString(),this},method(t){return e.Method=t,this},title(t){return e.Title=t,this},status(t){return e.Status=t,this},build:()=>Object.keys(e).flatMap((t=>e[t]?[`${"Title"!==t?`${t}: `:""}${e[t]}`]:[])).join("\n")}},be=(...e)=>new Headers(e.reduce(((e,t)=>{const n=(e=>Array.isArray(e)?e:e instanceof Headers?Array.from(e.entries()):e?Object.entries(e):[])(t);return n.reduce(((t,[n,r])=>(e[n]=r,e)),e),e}),{})),we=e=>void 0===e?void 0:JSON.stringify(e),je=(e,t="")=>{let n=e;return""!==t&&(n=n+":"+t),{Authorization:`Bearer ${n}`}},Ie=({baseUrl:e,projectId:t,baseConfig:n,logger:r,hooks:o,cookiePolicy:i})=>{const a=((e,t)=>{const n=t||fetch;if(!n)throw new Error("fetch is not defined");return e?async(...t)=>{e.log((e=>me().title("Request").url(e[0]).method(e[1].method).headers(e[1].headers).body(e[1].body).build())(t));const r=await n(...t);return e[r.ok?"log":"error"](await(async e=>{const t=await e.text();return e.text=()=>Promise.resolve(t),e.json=()=>Promise.resolve(JSON.parse(t)),me().title("Response").url(e.url.toString()).status(`${e.status} ${e.statusText}`).headers(e.headers).body(t).build()})(r)),r}:n})(r),s=async r=>{const s=(null==o?void 0:o.beforeRequest)?o.beforeRequest(r):r,{path:c,body:u,headers:l,queryParams:p,method:d,token:f}=s,h=await a((({path:e,baseUrl:t,queryParams:n})=>{const r=new URL(e,t);return n&&(r.search=new URLSearchParams(n).toString()),r})({path:c,baseUrl:e,queryParams:p}),{headers:be(je(t,f),(null==n?void 0:n.baseHeaders)||{},l),method:d,body:we(u),credentials:i||"include"});return(null==o?void 0:o.afterRequest)&&o.afterRequest(r,null==h?void 0:h.clone()),h};return{get:(e,{headers:t,queryParams:n,token:r}={})=>s({path:e,headers:t,queryParams:n,body:void 0,method:V.get,token:r}),post:(e,t,{headers:n,queryParams:r,token:o}={})=>s({path:e,headers:n,queryParams:r,body:t,method:V.post,token:o}),put:(e,t,{headers:n,queryParams:r,token:o}={})=>s({path:e,headers:n,queryParams:r,body:t,method:V.put,token:o}),delete:(e,t,{headers:n,queryParams:r,token:o}={})=>s({path:e,headers:n,queryParams:r,body:t,method:V.delete,token:o})}},ke=e=>{if("string"!=typeof e||!e)throw new Error("Invalid token provided");const{exp:t}=i(e);return(new Date).getTime()/1e3>t},Oe=(...e)=>e.join("/").replace(/\/{2,}/g,"/"),_e=async e=>{const t=await e,n={code:t.status,ok:t.ok,response:t},r=await t.json();return t.ok?n.data=r:n.error=r,n};var xe,Pe,Se;!function(e){e.sms="sms",e.whatsapp="whatsapp"}(xe||(xe={})),function(e){e.email="email",e.sms="sms",e.whatsapp="whatsapp"}(Pe||(Pe={})),function(e){e.signUp="signup",e.signIn="signin",e.verify="verify"}(Se||(Se={}));const Ue=(e,t)=>(n=t)=>t=>!e(t)&&n.replace("{val}",t),Re=(...e)=>({validate:t=>(e.forEach((e=>{const n=e(t);if(n)throw new Error(n)})),!0)}),Ee=e=>t=>e.test(t),Ce=Ee(/^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/),De=Ee(/^\+[1-9]{1}[0-9]{3,14}$/),Te=Ue(Ce,'"{val}" is not a valid email'),qe=Ue(De,'"{val}" is not a valid phone number'),$e=Ue((1,e=>e.length>=1),"Minimum length is 1");const Ae=Ue((e=>"string"==typeof e),"Input is not a string"),Me=(...e)=>t=>(...n)=>(e.forEach(((e,t)=>Re(...e).validate(n[t]))),t(...n)),Le=e=>[Ae(`"${e}" must be a string`),$e(`"${e}" must not be empty`)],Be=e=>[Ae(`"${e}" must be a string`),Te()],Fe=e=>[Ae(`"${e}" must be a string`),qe()];var ze;!function(e){e.signUp="signup",e.signIn="signin",e.verify="verify",e.updatePhone="updatePhone"}(ze||(ze={}));const Je=Le("identifier"),Ne=Me(Je,Le("code")),Ke=Me(Je),He=Me(Je,Fe("phone")),Ge=Me(Je,Be("email")),Ze=e=>({verify:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Ne(((t,r)=>_e(e.post(Oe(W,n),{code:r,externalId:t}))))})),{}),signIn:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Ke((t=>_e(e.post(Oe(X,n),{externalId:t}))))})),{}),signUp:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Ke(((t,r)=>_e(e.post(Oe(Y,n),{externalId:t,user:r}))))})),{}),signUpOrIn:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Ke((t=>_e(e.post(Oe(te,n),{externalId:t}))))})),{}),update:{email:Ge(((t,n,r)=>_e(e.post(ee.email,{externalId:t,email:n},{token:r})))),phone:Object.keys(xe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:He(((t,r,o)=>_e(e.post(Oe(ee.phone,n),{externalId:t,phone:r},{token:o}))))})),{})}}),Ve=Le("identifier"),Qe=Le("uri"),We=Me(Le("token")),Xe=Me(Ve,Qe),Ye=Me(Le("pendingRef")),et=Me(Ve,Fe("phone"),Qe),tt=Me(Ve,Be("email"),Qe),nt=e=>({verify:We((t=>_e(e.post(ne,{token:t})))),signIn:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Xe(((t,r)=>_e(e.post(Oe(re,n),{externalId:t,URI:r,crossDevice:!0}))))})),{}),signUpOrIn:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Xe(((t,r)=>_e(e.post(Oe(se,n),{externalId:t,URI:r,crossDevice:!0}))))})),{}),signUp:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Xe(((t,r,o)=>_e(e.post(Oe(oe,n),{externalId:t,URI:r,user:o,crossDevice:!0}))))})),{}),waitForSession:Ye(((t,n)=>new Promise((r=>{const{pollingIntervalMs:o,timeoutMs:i}=(({pollingIntervalMs:e=1e3,timeoutMs:t=6e5}={})=>({pollingIntervalMs:Math.max(e||1e3,1e3),timeoutMs:Math.min(t||6e5,6e5)}))(n);let a;const s=setInterval((async()=>{const n=await e.post(ie,{pendingRef:t});n.ok&&(clearInterval(s),a&&clearTimeout(a),r(_e(Promise.resolve(n))))}),o);a=setTimeout((()=>{r({error:{message:`Session polling timeout exceeded: ${i}ms`,code:"0"},ok:!1}),clearInterval(s)}),i)})))),update:{email:tt(((t,n,r,o)=>_e(e.post(ae.email,{externalId:t,email:n,URI:r,crossDevice:!0},{token:o})))),phone:Object.keys(xe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:et(((t,r,o,i)=>_e(e.post(Oe(ae.phone,n),{externalId:t,phone:r,URI:o,crossDevice:!0},{token:i}))))})),{})}}),rt=e=>({verify:We((t=>_e(e.post(ne,{token:t})))),signIn:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Xe(((t,r)=>_e(e.post(Oe(re,n),{externalId:t,URI:r}))))})),{}),signUp:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Xe(((t,r,o)=>_e(e.post(Oe(oe,n),{externalId:t,URI:r,user:o}))))})),{}),signUpOrIn:Object.keys(Pe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Xe(((t,r)=>_e(e.post(Oe(se,n),{externalId:t,URI:r}))))})),{}),update:{email:tt(((t,n,r,o)=>_e(e.post(ae.email,{externalId:t,email:n,URI:r},{token:o})))),phone:Object.keys(xe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:et(((t,r,o,i)=>_e(e.post(Oe(ae.phone,n),{externalId:t,phone:r,URI:o},{token:i}))))})),{})},crossDevice:nt(e)}),ot=Me(Le("code")),it=e=>({exchange:ot((t=>_e(e.get("/v1/auth/exchange",{queryParams:{code:t}}))))});var at;!function(e){e.facebook="facebook",e.github="github",e.google="google",e.microsoft="microsoft",e.gitlab="gitlab",e.apple="apple"}(at||(at={}));const st=e=>Object.assign({start:Object.keys(at).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:async(t,{redirect:r=!1}={})=>{const o=await e.get(ce,{queryParams:Object.assign({provider:n},t&&{redirectURL:t})});if(!r||!o.ok)return _e(Promise.resolve(o));const{url:i}=await o.json();window.location.href=i}})),{})},it(e)),ct=Me(Le("flowId")),ut=Me(Le("executionId"),Le("stepId"),Le("interactionId")),lt=e=>({start:ct((t=>_e(e.post(ve,{flowId:t})))),next:ut(((t,n,r,o)=>_e(e.post(ye,{executionId:t,stepId:n,interactionId:r,input:o}))))}),pt=Me(Le("tenant")),dt=e=>Object.assign({start:pt((async(t,n,{redirect:r=!1}={})=>{const o=await e.get(ue,{queryParams:{tenant:t,redirectURL:n}});if(!r||!o.ok)return _e(Promise.resolve(o));const{url:i}=await o.json();window.location.href=i}))},it(e)),ft=Le("identifier"),ht=Me(ft,Le("code")),gt=Me(ft),vt=Me(ft),yt=e=>({signUp:gt(((t,n)=>_e(e.post(pe,{externalId:t,user:n})))),verify:ht(((t,n)=>_e(e.post(le,{externalId:t,code:n})))),update:vt(((t,n)=>_e(e.post(de,{externalId:t},{token:n}))))}),mt=Le("identifier"),bt=Le("origin"),wt=Me(mt,bt,Le("name")),jt=Me(mt,bt),It=Me(mt,bt,Le("token")),kt=Me(Le("transactionId"),Le("response")),Ot=e=>({signUp:{start:wt(((t,n,r)=>_e(e.post(fe.start,{user:{externalId:t,name:r},origin:n})))),finish:kt(((t,n)=>_e(e.post(fe.finish,{transactionId:t,response:n}))))},signIn:{start:jt(((t,n)=>_e(e.post(he.start,{externalId:t,origin:n})))),finish:kt(((t,n)=>_e(e.post(he.finish,{transactionId:t,response:n}))))},update:{start:It(((t,n,r)=>_e(e.post(ge.start,{externalId:t,origin:n},{token:r})))),finish:kt(((t,n)=>_e(e.post(ge.finish,{transactionId:t,response:n}))))}}),_t=Me(Le("token"));var xt;const Pt=Me([("projectId",xt=Le("projectId"),Ue(((e,t)=>e=>Re(...t).validate(Q(e,"projectId")))(0,xt))())])((({projectId:e,logger:t,baseUrl:n,hooks:r,cookiePolicy:o})=>{return i=Ie({baseUrl:n||"https://api.descope.com",projectId:e,logger:t,hooks:r,cookiePolicy:o}),{otp:Ze(i),magicLink:rt(i),oauth:st(i),saml:dt(i),totp:yt(i),webauthn:Ot(i),flow:lt(i),refresh:e=>_e(i.get("/v1/auth/refresh",{token:e})),logout:e=>_e(i.get("/v1/auth/logoutall",{token:e})),isJwtExpired:_t(ke),httpClient:i};var i}));function St(e,t,n){return void 0===n&&(n=0),t(n).catch((function(r){if(n>=e.maxRetries||!e.shouldRetry(r))throw r;var o,i,a,s,c=(o=e.baseDelay,i=e.maxDelay,a=e.baseDelay*Math.pow(2,n),Math.max(o,Math.min(i,a)));return(s=c,new Promise((function(e){return setTimeout(e,s)}))).then((function(){return St(e,t,n+1)}))}))}Pt.DeliveryMethods=Pe;var Ut="Failed to load the JS script of the agent";function Rt(n){var r,o=n.scriptUrlPattern,i=n.token,a=n.apiKey,s=void 0===a?i:a,c=t(n,["scriptUrlPattern","token","apiKey"]),u=(r=n,"scriptUrlPattern",Object.prototype.hasOwnProperty.call(r,"scriptUrlPattern")?o:void 0),l=[];return Promise.resolve().then((function(){if(!s||"string"!=typeof s)throw new Error("API key required");return St({maxRetries:5,baseDelay:100,maxDelay:3e3,shouldRetry:function(e){return!(e instanceof Error&&"Blocked by CSP"===e.message)}},(function(){var e,t=new Date,n=function(){return l.push({startedAt:t,finishedAt:new Date})},r=function(e,t,n,r){var o,i=document,a="securitypolicyviolation",s=function(t){var n=new URL(e,location.href),r=t.blockedURI;r!==n.href&&r!==n.protocol.slice(0,-1)&&r!==n.origin||(o=t,c())};i.addEventListener(a,s);var c=function(){return i.removeEventListener(a,s)};return Promise.resolve().then(t).then((function(e){return c(),e}),(function(e){return new Promise((function(e){return setTimeout(e)})).then((function(){if(c(),o)return function(){throw new Error("Blocked by CSP")}();throw e}))}))}(e=function(e,t){void 0===t&&(t="https://fpnpmcdn.net/v<version>/<apiKey>/loader_v<loaderVersion>.js");var n=encodeURIComponent;return t.replace(/<[^<>]+>/g,(function(t){return"<version>"===t?"3":"<apiKey>"===t?n(e):"<loaderVersion>"===t?n("3.7.1"):t}))}(s,u),(function(){return function(e){return new Promise((function(t,n){var r=document.createElement("script"),o=function(){var e;return null===(e=r.parentNode)||void 0===e?void 0:e.removeChild(r)},i=document.head||document.getElementsByTagName("head")[0];r.onload=function(){o(),t()},r.onerror=function(){o(),n(new Error(Ut))},r.async=!0,r.src=e,i.appendChild(r)}))}(e)}));return r.then(n,n),r}))})).then((function(){var t=window,n="__fpjs_p_l_b",r=t[n];if(function(e,t){var n,r=null===(n=Object.getOwnPropertyDescriptor)||void 0===n?void 0:n.call(Object,e,t);(null==r?void 0:r.configurable)?delete e[t]:r&&!r.writable||(e[t]=void 0)}(t,n),"function"!=typeof(null==r?void 0:r.load))throw new Error(Ut);return r.load(e(e({},c),{ldi:{attempts:l}}))}))}const Et="vsid",Ct="vrid",Dt=e=>new Proxy(new URLSearchParams(window.location.search),{get:(e,t)=>e.get(t.toString())})[e],Tt=e=>{const t=Rt({apiKey:e||"A9aCLRHzKCv3uL69oqDr"});return{get:async()=>{try{let e=sessionStorage.getItem(Et);e||(e=Dt(Et)),e||(e=(Date.now().toString(36)+Math.random().toString(36).substring(2)+Math.random().toString(36).substring(2)).substring(0,27)),sessionStorage.setItem(Et,e);const n=await t,r=await n.get({linkedId:e});sessionStorage.setItem(Ct,r.requestId)}catch(e){global.FB_DEBUG&&console.error(e)}}}};
+!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).descopeSdk=t()}(this,(function(){"use strict";var e=function(){return e=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var o in t=arguments[n])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},e.apply(this,arguments)};function t(e,t){var n={};for(var r in e)Object.prototype.hasOwnProperty.call(e,r)&&t.indexOf(r)<0&&(n[r]=e[r]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var o=0;for(r=Object.getOwnPropertySymbols(e);o<r.length;o++)t.indexOf(r[o])<0&&Object.prototype.propertyIsEnumerable.call(e,r[o])&&(n[r[o]]=e[r[o]])}return n}function n(e,t,n,r){if("a"===n&&!r)throw new TypeError("Private accessor was defined without a getter");if("function"==typeof t?e!==t||!r:!t.has(e))throw new TypeError("Cannot read private member from an object whose class did not declare it");return"m"===n?r:"a"===n?r.call(e):r?r.value:t.get(e)}function r(e,t,n,r,o){if("m"===r)throw new TypeError("Private method is not writable");if("a"===r&&!o)throw new TypeError("Private accessor was defined without a setter");if("function"==typeof t?e!==t||!o:!t.has(e))throw new TypeError("Cannot write private member to an object whose class did not declare it");return"a"===r?o.call(e,n):o?o.value=n:t.set(e,n),n}function o(e){this.message=e}o.prototype=new Error,o.prototype.name="InvalidCharacterError";var i="undefined"!=typeof window&&window.atob&&window.atob.bind(window)||function(e){var t=String(e).replace(/=+$/,"");if(t.length%4==1)throw new o("'atob' failed: The string to be decoded is not correctly encoded.");for(var n,r,i=0,a=0,s="";r=t.charAt(a++);~r&&(n=i%4?64*n+r:r,i++%4)?s+=String.fromCharCode(255&n>>(-2*i&6)):0)r="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=".indexOf(r);return s};function a(e){this.message=e}function s(e,t){if("string"!=typeof e)throw new a("Invalid token specified");var n=!0===(t=t||{}).header?0:1;try{return JSON.parse(function(e){var t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw"Illegal base64url string!"}try{return function(e){return decodeURIComponent(i(e).replace(/(.)/g,(function(e,t){var n=t.charCodeAt(0).toString(16).toUpperCase();return n.length<2&&(n="0"+n),"%"+n})))}(t)}catch(e){return i(t)}}(e.split(".")[n]))}catch(e){throw new a("Invalid token specified: "+e.message)}}a.prototype=new Error,a.prototype.name="InvalidTokenError";var c="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},u="__lodash_hash_undefined__",l="[object Function]",d="[object GeneratorFunction]",p=/\.|\[(?:[^[\]]*|(["'])(?:(?!\1)[^\\]|\\.)*?\1)\]/,f=/^\w*$/,h=/^\./,g=/[^.[\]]+|\[(?:(-?\d+(?:\.\d+)?)|(["'])((?:(?!\2)[^\\]|\\.)*?)\2)\]|(?=(?:\.|\[\])(?:\.|\[\]|$))/g,v=/\\(\\)?/g,y=/^\[object .+?Constructor\]$/,b="object"==typeof c&&c&&c.Object===Object&&c,w="object"==typeof self&&self&&self.Object===Object&&self,m=b||w||Function("return this")();var k,I=Array.prototype,O=Function.prototype,j=Object.prototype,S=m["__core-js_shared__"],_=(k=/[^.]+$/.exec(S&&S.keys&&S.keys.IE_PROTO||""))?"Symbol(src)_1."+k:"",x=O.toString,P=j.hasOwnProperty,U=j.toString,T=RegExp("^"+x.call(P).replace(/[\\^$.*+?()[\]{}|]/g,"\\$&").replace(/hasOwnProperty|(function).*?(?=\\\()| for .+?(?=\\\])/g,"$1.*?")+"$"),E=m.Symbol,R=I.splice,C=F(m,"Map"),A=F(Object,"create"),D=E?E.prototype:void 0,q=D?D.toString:void 0;function $(e){var t=-1,n=e?e.length:0;for(this.clear();++t<n;){var r=e[t];this.set(r[0],r[1])}}function J(e){var t=-1,n=e?e.length:0;for(this.clear();++t<n;){var r=e[t];this.set(r[0],r[1])}}function M(e){var t=-1,n=e?e.length:0;for(this.clear();++t<n;){var r=e[t];this.set(r[0],r[1])}}function K(e,t){for(var n,r,o=e.length;o--;)if((n=e[o][0])===(r=t)||n!=n&&r!=r)return o;return-1}function N(e,t){var n;t=function(e,t){if(W(e))return!1;var n=typeof e;if("number"==n||"symbol"==n||"boolean"==n||null==e||Z(e))return!0;return f.test(e)||!p.test(e)||null!=t&&e in Object(t)}(t,e)?[t]:W(n=t)?n:z(n);for(var r=0,o=t.length;null!=e&&r<o;)e=e[H(t[r++])];return r&&r==o?e:void 0}function L(e){if(!G(e)||(t=e,_&&_ in t))return!1;var t,n=function(e){var t=G(e)?U.call(e):"";return t==l||t==d}(e)||function(e){var t=!1;if(null!=e&&"function"!=typeof e.toString)try{t=!!(e+"")}catch(e){}return t}(e)?T:y;return n.test(function(e){if(null!=e){try{return x.call(e)}catch(e){}try{return e+""}catch(e){}}return""}(e))}function B(e,t){var n,r,o=e.__data__;return("string"==(r=typeof(n=t))||"number"==r||"symbol"==r||"boolean"==r?"__proto__"!==n:null===n)?o["string"==typeof t?"string":"hash"]:o.map}function F(e,t){var n=function(e,t){return null==e?void 0:e[t]}(e,t);return L(n)?n:void 0}$.prototype.clear=function(){this.__data__=A?A(null):{}},$.prototype.delete=function(e){return this.has(e)&&delete this.__data__[e]},$.prototype.get=function(e){var t=this.__data__;if(A){var n=t[e];return n===u?void 0:n}return P.call(t,e)?t[e]:void 0},$.prototype.has=function(e){var t=this.__data__;return A?void 0!==t[e]:P.call(t,e)},$.prototype.set=function(e,t){return this.__data__[e]=A&&void 0===t?u:t,this},J.prototype.clear=function(){this.__data__=[]},J.prototype.delete=function(e){var t=this.__data__,n=K(t,e);return!(n<0)&&(n==t.length-1?t.pop():R.call(t,n,1),!0)},J.prototype.get=function(e){var t=this.__data__,n=K(t,e);return n<0?void 0:t[n][1]},J.prototype.has=function(e){return K(this.__data__,e)>-1},J.prototype.set=function(e,t){var n=this.__data__,r=K(n,e);return r<0?n.push([e,t]):n[r][1]=t,this},M.prototype.clear=function(){this.__data__={hash:new $,map:new(C||J),string:new $}},M.prototype.delete=function(e){return B(this,e).delete(e)},M.prototype.get=function(e){return B(this,e).get(e)},M.prototype.has=function(e){return B(this,e).has(e)},M.prototype.set=function(e,t){return B(this,e).set(e,t),this};var z=V((function(e){var t;e=null==(t=e)?"":function(e){if("string"==typeof e)return e;if(Z(e))return q?q.call(e):"";var t=e+"";return"0"==t&&1/e==-1/0?"-0":t}(t);var n=[];return h.test(e)&&n.push(""),e.replace(g,(function(e,t,r,o){n.push(r?o.replace(v,"$1"):t||e)})),n}));function H(e){if("string"==typeof e||Z(e))return e;var t=e+"";return"0"==t&&1/e==-1/0?"-0":t}function V(e,t){if("function"!=typeof e||t&&"function"!=typeof t)throw new TypeError("Expected a function");var n=function(){var r=arguments,o=t?t.apply(this,r):r[0],i=n.cache;if(i.has(o))return i.get(o);var a=e.apply(this,r);return n.cache=i.set(o,a),a};return n.cache=new(V.Cache||M),n}V.Cache=M;var W=Array.isArray;function G(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}function Z(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&"[object Symbol]"==U.call(e)}var Q=function(e,t,n){var r=null==e?void 0:N(e,t);return void 0===r?n:r},X="/v1/auth/accesskey/exchange",Y="/v1/auth/otp/verify",ee="/v1/auth/otp/signin",te="/v1/auth/otp/signup",ne={email:"/v1/auth/otp/update/email",phone:"/v1/auth/otp/update/phone"},re="/v1/auth/otp/signup-in",oe="/v1/auth/magiclink/verify",ie="/v1/auth/magiclink/signin",ae="/v1/auth/magiclink/signup",se={email:"/v1/auth/magiclink/update/email",phone:"/v1/auth/magiclink/update/phone"},ce="/v1/auth/magiclink/signup-in",ue="/v1/auth/enchantedlink/verify",le="/v1/auth/enchantedlink/signin",de="/v1/auth/enchantedlink/signup",pe="/v1/auth/enchantedlink/pending-session",fe={email:"/v1/auth/enchantedlink/update/email"},he="/v1/auth/enchantedlink/signup-in",ge="/v1/auth/oauth/authorize",ve="/v1/auth/oauth/exchange",ye="/v1/auth/saml/authorize",be="/v1/auth/saml/exchange",we="/v1/auth/totp/verify",me="/v1/auth/totp/signup",ke="/v1/user/totp/update",Ie={start:"/v1/auth/webauthn/signup/start",finish:"/v1/auth/webauthn/signup/finish"},Oe={start:"/v1/auth/webauthn/signin/start",finish:"/v1/auth/webauthn/signin/finish"},je={start:"/v1/auth/webauthn/signup-in/start"},Se={start:"v1/auth/webauthn/update/start",finish:"/v1/auth/webauthn/update/finish"},_e="/v1/flow/start",xe="/v1/flow/next";const Pe=()=>{const e={};return{headers(t){const n="function"==typeof t.entries?Object.fromEntries(t.entries()):t;return e.Headers=JSON.stringify(n),this},body(t){return e.Body=t,this},url(t){return e.Url=t.toString(),this},method(t){return e.Method=t,this},title(t){return e.Title=t,this},status(t){return e.Status=t,this},build:()=>Object.keys(e).flatMap((t=>e[t]?[`${"Title"!==t?`${t}: `:""}${e[t]}`]:[])).join("\n")}};var Ue;!function(e){e.get="GET",e.delete="DELETE",e.post="POST",e.put="PUT"}(Ue||(Ue={}));const Te=(...e)=>new Headers(e.reduce(((e,t)=>{const n=(e=>Array.isArray(e)?e:e instanceof Headers?Array.from(e.entries()):e?Object.entries(e):[])(t);return n.reduce(((t,[n,r])=>(e[n]=r,e)),e),e}),{})),Ee=e=>void 0===e?void 0:JSON.stringify(e),Re=(e,t="")=>{let n=e;return t&&(n=n+":"+t),{Authorization:`Bearer ${n}`}},Ce=({baseUrl:e,projectId:t,baseConfig:n,logger:r,hooks:o,cookiePolicy:i})=>{const a=((e,t)=>{const n=t||fetch;if(!n)throw new Error("fetch is not defined");return e?async(...t)=>{e.log((e=>Pe().title("Request").url(e[0]).method(e[1].method).headers(e[1].headers).body(e[1].body).build())(t));const r=await n(...t);return e[r.ok?"log":"error"](await(async e=>{const t=await(e.clone?e.clone().text():e.text());return e.text=()=>Promise.resolve(t),e.json=()=>Promise.resolve(JSON.parse(t)),Pe().title("Response").url(e.url.toString()).status(`${e.status} ${e.statusText}`).headers(e.headers).body(t).build()})(r)),r}:n})(r),s=async r=>{const s=(null==o?void 0:o.beforeRequest)?o.beforeRequest(r):r,{path:c,body:u,headers:l,queryParams:d,method:p,token:f}=s,h=await a((({path:e,baseUrl:t,queryParams:n})=>{const r=new URL(e,t);return n&&(r.search=new URLSearchParams(n).toString()),r})({path:c,baseUrl:e,queryParams:d}),{headers:Te(Re(t,f),{"x-descope-sdk-name":"core-js","x-descope-sdk-version":"0.0.41-alpha.30"},(null==n?void 0:n.baseHeaders)||{},l),method:p,body:Ee(u),credentials:i||"include"});return(null==o?void 0:o.afterRequest)&&o.afterRequest(r,null==h?void 0:h.clone()),h};return{get:(e,{headers:t,queryParams:n,token:r}={})=>s({path:e,headers:t,queryParams:n,body:void 0,method:Ue.get,token:r}),post:(e,t,{headers:n,queryParams:r,token:o}={})=>s({path:e,headers:n,queryParams:r,body:t,method:Ue.post,token:o}),put:(e,t,{headers:n,queryParams:r,token:o}={})=>s({path:e,headers:n,queryParams:r,body:t,method:Ue.put,token:o}),delete:(e,t,{headers:n,queryParams:r,token:o}={})=>s({path:e,headers:n,queryParams:r,body:t,method:Ue.delete,token:o})}};function Ae(e,t,n){var r;let o=De(e);t&&(o=null===(r=o.tenants)||void 0===r?void 0:r[t]);const i=o[n];return Array.isArray(i)?i:[]}function De(e){if("string"!=typeof e||!e)throw new Error("Invalid token provided");return s(e)}function qe(e){const{exp:t}=De(e);return(new Date).getTime()/1e3>t}function $e(e,t){return Ae(e,t,"permissions")}function Je(e,t){return Ae(e,t,"roles")}const Me=(...e)=>e.join("/").replace(/\/{2,}/g,"/");async function Ke(e){const t=await e,n={code:t.status,ok:t.ok,response:t},r=await t.clone().json();return t.ok?n.data=r:n.error=r,n}const Ne=(e,t)=>(n=t)=>t=>!e(t)&&n.replace("{val}",t),Le=(...e)=>({validate:t=>(e.forEach((e=>{const n=e(t);if(n)throw new Error(n)})),!0)}),Be=e=>t=>e.test(t),Fe=Be(/^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/),ze=Be(/^\+[1-9]{1}[0-9]{3,14}$/),He=Ne(Fe,'"{val}" is not a valid email'),Ve=Ne(ze,'"{val}" is not a valid phone number'),We=Ne((1,e=>e.length>=1),"Minimum length is 1");const Ge=Ne((e=>"string"==typeof e),"Input is not a string"),Ze=(...e)=>t=>(...n)=>(e.forEach(((e,t)=>Le(...e).validate(n[t]))),t(...n)),Qe=e=>[Ge(`"${e}" must be a string`),We(`"${e}" must not be empty`)],Xe=e=>[Ge(`"${e}" must be a string`),He()],Ye=e=>[Ge(`"${e}" must be a string`),Ve()],et=Ze(Qe("accessKey")),tt=e=>({exchange:et((t=>Ke(e.post(X,{},{token:t}))))});var nt,rt,ot,it,at;!function(e){e.sms="sms",e.whatsapp="whatsapp"}(nt||(nt={})),function(e){e.email="email",e.sms="sms",e.whatsapp="whatsapp"}(rt||(rt={})),function(e){e.waiting="waiting",e.running="running",e.completed="completed",e.failed="failed"}(ot||(ot={})),function(e){e.signUp="signup",e.signIn="signin",e.verify="verify"}(it||(it={})),function(e){e.signUp="signup",e.signIn="signin",e.verify="verify",e.updatePhone="updatePhone"}(at||(at={}));const st=Qe("identifier"),ct=Ze(st,Qe("code")),ut=Ze(st),lt=Ze(st,Ye("phone")),dt=Ze(st,Xe("email")),pt=e=>({verify:Object.keys(rt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:ct(((t,r)=>Ke(e.post(Me(Y,n),{code:r,externalId:t}))))})),{}),signIn:Object.keys(rt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:ut(((t,r,o)=>Ke(e.post(Me(ee,n),{externalId:t,loginOptions:r},{token:o}))))})),{}),signUp:Object.keys(rt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:ut(((t,r)=>Ke(e.post(Me(te,n),{externalId:t,user:r}))))})),{}),signUpOrIn:Object.keys(rt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:ut((t=>Ke(e.post(Me(re,n),{externalId:t}))))})),{}),update:{email:dt(((t,n,r)=>Ke(e.post(ne.email,{externalId:t,email:n},{token:r})))),phone:Object.keys(nt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:lt(((t,r,o)=>Ke(e.post(Me(ne.phone,n),{externalId:t,phone:r},{token:o}))))})),{})}}),ft=Qe("identifier"),ht=Qe("uri"),gt=Ze(Qe("token")),vt=Ze(ft,ht),yt=Ze(ft,Ye("phone"),ht),bt=Ze(ft,Xe("email"),ht),wt=e=>({verify:gt((t=>Ke(e.post(oe,{token:t})))),signIn:Object.keys(rt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:vt(((t,r,o,i)=>Ke(e.post(Me(ie,n),{externalId:t,URI:r,loginOptions:o},{token:i}))))})),{}),signUp:Object.keys(rt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:vt(((t,r,o)=>Ke(e.post(Me(ae,n),{externalId:t,URI:r,user:o}))))})),{}),signUpOrIn:Object.keys(rt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:vt(((t,r)=>Ke(e.post(Me(ce,n),{externalId:t,URI:r}))))})),{}),update:{email:bt(((t,n,r,o)=>Ke(e.post(se.email,{externalId:t,email:n,URI:r},{token:o})))),phone:Object.keys(nt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:yt(((t,r,o,i)=>Ke(e.post(Me(se.phone,n),{externalId:t,phone:r,URI:o},{token:i}))))})),{})}}),mt=Qe("identifier"),kt=Qe("uri"),It=Ze(Qe("token")),Ot=Ze(mt,kt),jt=Ze(Qe("pendingRef")),St=Ze(mt,Xe("email"),kt),_t=e=>({verify:It((t=>Ke(e.post(ue,{token:t})))),signIn:Ot(((t,n,r,o)=>Ke(e.post(Me(le,rt.email),{externalId:t,URI:n,loginOptions:r},{token:o})))),signUpOrIn:Ot(((t,n)=>Ke(e.post(Me(he,rt.email),{externalId:t,URI:n})))),signUp:Ot(((t,n,r)=>Ke(e.post(Me(de,rt.email),{externalId:t,URI:n,user:r})))),waitForSession:jt(((t,n)=>new Promise((r=>{const{pollingIntervalMs:o,timeoutMs:i}=(({pollingIntervalMs:e=1e3,timeoutMs:t=6e5}={})=>({pollingIntervalMs:Math.max(e||1e3,1e3),timeoutMs:Math.min(t||6e5,6e5)}))(n);let a;const s=setInterval((async()=>{const n=await e.post(pe,{pendingRef:t});n.ok&&(clearInterval(s),a&&clearTimeout(a),r(Ke(Promise.resolve(n))))}),o);a=setTimeout((()=>{r({error:{message:`Session polling timeout exceeded: ${i}ms`,code:"0"},ok:!1}),clearInterval(s)}),i)})))),update:{email:St(((t,n,r,o)=>Ke(e.post(fe.email,{externalId:t,email:n,URI:r},{token:o}))))}});var xt;!function(e){e.facebook="facebook",e.github="github",e.google="google",e.microsoft="microsoft",e.gitlab="gitlab",e.apple="apple"}(xt||(xt={}));const Pt=Ze(Qe("code")),Ut=e=>({start:Object.keys(xt).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:async(t,{redirect:r=!1}={},o,i)=>{const a=await e.post(ge,o||{},{queryParams:Object.assign({provider:n},t&&{redirectURL:t}),token:i});if(!r||!a.ok)return Ke(Promise.resolve(a));const{url:s}=await a.json();window.location.href=s}})),{}),exchange:Pt((t=>Ke(e.post(ve,{code:t}))))}),Tt=Ze(Qe("flowId")),Et=Ze(Qe("executionId"),Qe("stepId"),Qe("interactionId")),Rt=e=>({start:Tt(((t,n)=>Ke(e.post(_e,{flowId:t,options:n})))),next:Et(((t,n,r,o)=>Ke(e.post(xe,{executionId:t,stepId:n,interactionId:r,input:o}))))}),Ct=Ze(Qe("tenant")),At=Ze(Qe("code")),Dt=e=>({start:Ct((async(t,n,{redirect:r=!1}={},o,i)=>{const a=await e.post(ye,o||{},{queryParams:{tenant:t,redirectURL:n},token:i});if(!r||!a.ok)return Ke(Promise.resolve(a));const{url:s}=await a.json();window.location.href=s})),exchange:At((t=>Ke(e.post(be,{code:t}))))}),qt=Qe("identifier"),$t=Ze(qt,Qe("code")),Jt=Ze(qt),Mt=Ze(qt),Kt=e=>({signUp:Jt(((t,n)=>Ke(e.post(me,{externalId:t,user:n})))),verify:$t(((t,n,r,o)=>Ke(e.post(we,{externalId:t,code:n,loginOptions:r},{token:o})))),update:Mt(((t,n)=>Ke(e.post(ke,{externalId:t},{token:n}))))}),Nt=Qe("identifier"),Lt=Qe("origin"),Bt=Ze(Nt,Lt,Qe("name")),Ft=Ze(Nt,Lt),zt=Ze(Nt,Lt,Qe("token")),Ht=Ze(Qe("transactionId"),Qe("response")),Vt=e=>({signUp:{start:Bt(((t,n,r)=>Ke(e.post(Ie.start,{user:{externalId:t,name:r},origin:n})))),finish:Ht(((t,n)=>Ke(e.post(Ie.finish,{transactionId:t,response:n}))))},signIn:{start:Ft(((t,n,r,o)=>Ke(e.post(Oe.start,{externalId:t,origin:n,loginOptions:r},{token:o})))),finish:Ht(((t,n)=>Ke(e.post(Oe.finish,{transactionId:t,response:n}))))},signUpOrIn:{start:Ft(((t,n)=>Ke(e.post(je.start,{externalId:t,origin:n}))))},update:{start:zt(((t,n,r)=>Ke(e.post(Se.start,{externalId:t,origin:n},{token:r})))),finish:Ht(((t,n)=>Ke(e.post(Se.finish,{transactionId:t,response:n}))))}}),Wt=Ze(Qe("token"));var Gt;const Zt=Ze([("projectId",Gt=Qe("projectId"),Ne(((e,t)=>e=>Le(...t).validate(Q(e,"projectId")))(0,Gt))())])((({projectId:e,logger:t,baseUrl:n,hooks:r,cookiePolicy:o})=>{return i=Ce({baseUrl:n||"https://api.descope.com",projectId:e,logger:t,hooks:r,cookiePolicy:o}),{accessKey:tt(i),otp:pt(i),magicLink:wt(i),enchantedLink:_t(i),oauth:Ut(i),saml:Dt(i),totp:Kt(i),webauthn:Vt(i),flow:Rt(i),refresh:e=>Ke(i.post("/v1/auth/refresh",{},{token:e})),logout:e=>Ke(i.post("/v1/auth/logout",{},{token:e})),logoutAll:e=>Ke(i.post("/v1/auth/logoutall",{},{token:e})),me:e=>Ke(i.get("/v1/auth/me",{token:e})),isJwtExpired:Wt(qe),getJwtPermissions:Wt($e),getJwtRoles:Wt(Je),httpClient:i};var i}));Zt.DeliveryMethods=rt;const Qt="undefined"!=typeof window,Xt=Qt&&localStorage.getItem("fingerprint.public.key")||"A9aCLRHzKCv3uL69oqDr",Yt=Qt&&(null===localStorage||void 0===localStorage?void 0:localStorage.getItem("fingerprint.endpoint.url"))||"https://fp.descope.com",en="vsid",tn="vrid",nn="dls_last_user_external_id";function rn(e,t){var n=[];return function(e,t){var n,r,o=(r=function(){for(var e=0,t=0,n=arguments.length;t<n;t++)e+=arguments[t].length;var r=Array(e),o=0;for(t=0;t<n;t++)for(var i=arguments[t],a=0,s=i.length;a<s;a++,o++)r[o]=i[a];return r}(e),{current:function(){return r[0]},postpone:function(){var e=r.shift();void 0!==e&&r.push(e)},exclude:function(){r.shift()}}),i=(100,3e3,n=0,function(){return Math.random()*Math.min(3e3,100*Math.pow(2,n++))}),a=o.current();if(void 0===a)return Promise.reject(new TypeError("The list of script URL patterns is empty"));var s=function(e,n){return t(e).catch((function(e){if(n+1>=5)throw e;!function(e){if(!(e instanceof Error))return!1;var t=e.message;return"Blocked by CSP"===t||"9319"===t}(e)?o.postpone():o.exclude();var t,r=o.current();if(void 0===r)throw e;return(t=i(),new Promise((function(e){return setTimeout(e,t)}))).then((function(){return s(r,n+1)}))}))};return s(a,0)}(e,(function(e){var r=new Date,o=function(){return n.push({url:e,startedAt:r,finishedAt:new Date})},i=t(e);return i.then(o,o),i})).then((function(e){return[e,{attempts:n}]}))}var on="Failed to load the JS script of the agent";function an(n){var r;n.scriptUrlPattern;var o=n.token,i=n.apiKey,a=void 0===i?o:i,s=t(n,["scriptUrlPattern","token","apiKey"]),c=null!==(r=function(e,t){return function(e,t){return Object.prototype.hasOwnProperty.call(e,t)}(e,t)?e[t]:void 0}(n,"scriptUrlPattern"))&&void 0!==r?r:"https://fpnpmcdn.net/v<version>/<apiKey>/loader_v<loaderVersion>.js";return Promise.resolve().then((function(){if(!a||"string"!=typeof a)throw new Error("API key required");return rn(function(e,t){return(Array.isArray(e)?e:[e]).map((function(e){return function(e,t){var n=encodeURIComponent;return e.replace(/<[^<>]+>/g,(function(e){return"<version>"===e?"3":"<apiKey>"===e?n(t):"<loaderVersion>"===e?n("3.8.1"):e}))}(String(e),t)}))}(c,a),sn).catch(un)})).then((function(t){var n=t[0],r=t[1];return n.load(e(e({},s),{ldi:r}))}))}function sn(e){return function(e,t,n,r){var o,i=document,a="securitypolicyviolation",s=function(t){var n=new URL(e,location.href),r=t.blockedURI;r!==n.href&&r!==n.protocol.slice(0,-1)&&r!==n.origin||(o=t,c())};i.addEventListener(a,s);var c=function(){return i.removeEventListener(a,s)};return Promise.resolve().then(t).then((function(e){return c(),e}),(function(e){return new Promise((function(e){return setTimeout(e)})).then((function(){if(c(),o)return function(){throw new Error("Blocked by CSP")}();throw e}))}))}(e,(function(){return function(e){return new Promise((function(t,n){var r=document.createElement("script"),o=function(){var e;return null===(e=r.parentNode)||void 0===e?void 0:e.removeChild(r)},i=document.head||document.getElementsByTagName("head")[0];r.onload=function(){o(),t()},r.onerror=function(){o(),n(new Error(on))},r.async=!0,r.src=e,i.appendChild(r)}))}(e)})).then(cn)}function cn(){var e=window,t="__fpjs_p_l_b",n=e[t];if(function(e,t){var n,r=null===(n=Object.getOwnPropertyDescriptor)||void 0===n?void 0:n.call(Object,e,t);(null==r?void 0:r.configurable)?delete e[t]:r&&!r.writable||(e[t]=void 0)}(e,t),"function"!=typeof(null==n?void 0:n.load))throw new Error("9319");return n}function un(e){throw e instanceof Error&&"9319"===e.message?new Error(on):e}const ln=e=>{const t=an({apiKey:e||Xt,endpoint:Yt});return{get:async()=>{try{let e=sessionStorage.getItem(en);e||(e=(Date.now().toString(36)+Math.random().toString(36).substring(2)+Math.random().toString(36).substring(2)).substring(0,27)),sessionStorage.setItem(en,e);const n=await t,r=await n.get({linkedId:e});sessionStorage.setItem(tn,r.requestId)}catch(e){global.FB_DEBUG&&console.error(e)}}}};var dn,pn,fn,hn,gn;const vn=e=>Object.assign({},e);class yn{constructor(e){dn.add(this),pn.set(this,void 0),fn.set(this,{}),hn.set(this,0),r(this,pn,e,"f")}get current(){return vn(n(this,pn,"f"))}update(e){const t=e;if(!((e,t)=>{const n=e&&Object.getOwnPropertyNames(e)||[],r=t&&Object.getOwnPropertyNames(t)||[];if(n.length!==r.length)return!1;for(let r=0;r<n.length;r+=1){const o=n[r];if(e[o]!==t[o])return!1}return!0})(n(this,pn,"f"),t)){const e=n(this,pn,"f");r(this,pn,t,"f"),Object.freeze(n(this,pn,"f")),setTimeout((()=>{Object.values(n(this,fn,"f")).forEach((n=>n(vn(t),e)))}),0)}}subscribe(e){r(this,hn,n(this,hn,"f")+1,"f"),n(this,fn,"f")[n(this,hn,"f")]=e;const t=n(this,hn,"f");return()=>n(this,dn,"m",gn).call(this,t.toString())}unsubscribeAll(){r(this,fn,{},"f")}}
 /*! js-cookie v3.0.1 | MIT */
-function qt(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var r in n)e[r]=n[r]}return e}var $t=function e(t,n){function r(e,r,o){if("undefined"!=typeof document){"number"==typeof(o=qt({},n,o)).expires&&(o.expires=new Date(Date.now()+864e5*o.expires)),o.expires&&(o.expires=o.expires.toUTCString()),e=encodeURIComponent(e).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var i="";for(var a in o)o[a]&&(i+="; "+a,!0!==o[a]&&(i+="="+o[a].split(";")[0]));return document.cookie=e+"="+t.write(r,e)+i}}return Object.create({set:r,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var n=document.cookie?document.cookie.split("; "):[],r={},o=0;o<n.length;o++){var i=n[o].split("="),a=i.slice(1).join("=");try{var s=decodeURIComponent(i[0]);if(r[s]=t.read(a,s),e===s)break}catch(e){}}return e?r[e]:r}},remove:function(e,t){r(e,"",qt({},t,{expires:-1}))},withAttributes:function(t){return e(this.converter,qt({},this.attributes,t))},withConverter:function(t){return e(qt({},this.converter,t),this.attributes)}},{attributes:{value:Object.freeze(n)},converter:{value:Object.freeze(t)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});const At="DSR";let Mt=[];function Lt(e,t){const n=function(e){const t=e.split(".");try{if(3===t.length){const t=JSON.parse(window.atob(e.split(".")[1]));if(t.exp)return new Date(1e3*t.exp)}}catch(e){}return null}(t);if(n){let t;for(;t=Mt.pop();)clearTimeout(t);const r=n.getTime()-2e4-(new Date).getTime(),o=setTimeout((()=>{const t=Ft();t&&e(t)}),r);Mt.push(o)}}function Bt(e){const{sessionJwt:t,refreshJwt:n}=e||{};return function(e,{cookiePath:t,cookieDomain:n,cookieExpiration:r}){e&&$t.set("DS",e,{path:t,domain:n,expires:r,sameSite:"None",secure:!0})}(t,e||{}),function(e){localStorage&&e&&localStorage.setItem(At,e)}(n),t}function Ft(){return localStorage?null===localStorage||void 0===localStorage?void 0:localStorage.getItem(At):""}return e=>{var{persistTokens:n=!0}=e,r=t(e,["persistTokens"]);Tt(r.fpKey).get().catch((()=>null));const o=r;let i;if(o.hooks={beforeRequest:e=>{var t;return e.queryParams=(t=e.queryParams,Object.assign(Object.assign({},t),{[Et]:sessionStorage.getItem(Et)||"",[Ct]:sessionStorage.getItem(Ct)||""})),n&&!e.token&&(e.token=Ft()),e}},n&&(o.hooks.afterRequest=async(e,t)=>{!async function(e,t,n){try{const t=await(null==n?void 0:n.json());if(t){const n=Bt((null==t?void 0:t.authInfo)||t);n&&Lt(e,n)}}catch(e){console.error("Could not set tokens from body",e)}}(i.refresh,0,t)}),i=Pt(r),n){const e=i.logout;i.logout=(...t)=>{localStorage&&localStorage.removeItem(At),$t.remove("DS");return e(...t)}}return i}}));
+function bn(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var r in n)e[r]=n[r]}return e}pn=new WeakMap,fn=new WeakMap,hn=new WeakMap,dn=new WeakSet,gn=function(e){!!n(this,fn,"f")[e]&&delete n(this,fn,"f")[e]};var wn=function e(t,n){function r(e,r,o){if("undefined"!=typeof document){"number"==typeof(o=bn({},n,o)).expires&&(o.expires=new Date(Date.now()+864e5*o.expires)),o.expires&&(o.expires=o.expires.toUTCString()),e=encodeURIComponent(e).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var i="";for(var a in o)o[a]&&(i+="; "+a,!0!==o[a]&&(i+="="+o[a].split(";")[0]));return document.cookie=e+"="+t.write(r,e)+i}}return Object.create({set:r,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var n=document.cookie?document.cookie.split("; "):[],r={},o=0;o<n.length;o++){var i=n[o].split("="),a=i.slice(1).join("=");try{var s=decodeURIComponent(i[0]);if(r[s]=t.read(a,s),e===s)break}catch(e){}}return e?r[e]:r}},remove:function(e,t){r(e,"",bn({},t,{expires:-1}))},withAttributes:function(t){return e(this.converter,bn({},this.attributes,t))},withConverter:function(t){return e(bn({},this.converter,t),this.attributes)}},{attributes:{value:Object.freeze(n)},converter:{value:Object.freeze(t)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});const mn="DSR";let kn=[];function In(e,t,n){const r=function(e){const t=e.split(".");try{if(3===t.length){const t=JSON.parse(window.atob(e.split(".")[1]));if(t.exp)return new Date(1e3*t.exp)}}catch(e){}return null}(t);if(r){let t;for(;t=kn.pop();)clearTimeout(t);const o=r.getTime()-2e4-(new Date).getTime(),i=setTimeout((()=>{e(n)}),o);kn.push(i)}}function On(e,t,n){!function(e,{cookiePath:t,cookieDomain:n,cookieExpiration:r}){e&&wn.set("DS",e,{path:t,domain:n,expires:r,sameSite:"None",secure:!0})}(e,n),function(e){localStorage&&e&&localStorage.setItem(mn,e)}(t)}function jn(){return localStorage?null===localStorage||void 0===localStorage?void 0:localStorage.getItem(mn):""}async function Sn(e){const t=function(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=Pn(n.publicKey.challenge),n.publicKey.user.id=Pn(n.publicKey.user.id),null===(t=n.publicKey.excludeCredentials)||void 0===t||t.forEach((e=>{e.id=Pn(e.id)})),n}(e),n=await navigator.credentials.create(t);return r=n,JSON.stringify(Object.assign(Object.assign({},r),{rawId:Un(r.rawId),response:Object.assign(Object.assign({},r.response),{attestationObject:Un(r.response.attestationObject),clientDataJSON:Un(r.response.clientDataJSON)})}));var r}async function _n(e){const t=function(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=Pn(n.publicKey.challenge),null===(t=n.publicKey.allowCredentials)||void 0===t||t.forEach((e=>{e.id=Pn(e.id)})),n}(e),n=await navigator.credentials.get(t);return r=n,JSON.stringify(Object.assign(Object.assign({},r),{rawId:Un(r.rawId),response:Object.assign(Object.assign({},r.response),{authenticatorData:Un(r.response.authenticatorData),clientDataJSON:Un(r.response.clientDataJSON),signature:Un(r.response.signature),userHandle:r.response.userHandle?Un(r.response.userHandle):void 0})}));var r}async function xn(e=!1){if(!Qt)return Promise.resolve(!1);const t=!!(PublicKeyCredential&&navigator.credentials&&navigator.credentials.create&&navigator.credentials.get);return t&&e&&PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable():t}function Pn(e){const t=e.replace(/_/g,"/").replace(/-/g,"+");return Uint8Array.from(atob(t),(e=>e.charCodeAt(0))).buffer}function Un(e){return btoa(String.fromCharCode.apply(null,new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=/g,"")}return e=>{var{autoRefresh:n=!0,persistTokens:r=!0}=e,o=t(e,["autoRefresh","persistTokens"]);Qt?ln(o.fpKey).get().catch((()=>null)):console.warn("Fingerprint is a client side only capability and will not work when running in the server");const i=o;let a,s;const c=new yn({sessionToken:""}),u=new yn({});i.hooks={beforeRequest:e=>null==a?void 0:a(e),afterRequest:(e,t)=>null==s?void 0:s(e,t)};const l=Zt(i),d=(p=l,{async signUp(e,t){const n=await p.webauthn.signUp.start(e,window.location.origin,t),r=await Sn(n.data.options);return await p.webauthn.signUp.finish(n.data.transactionId,r)},async signIn(e){const t=await p.webauthn.signIn.start(e,window.location.origin),n=await _n(t.data.options);return await p.webauthn.signIn.finish(t.data.transactionId,n)},async signUpOrIn(e){var t;const n=await p.webauthn.signUpOrIn.start(e,window.location.origin);if(null===(t=n.data)||void 0===t?void 0:t.create){const e=await Sn(n.data.options);return await p.webauthn.signUp.finish(n.data.transactionId,e)}{const e=await _n(n.data.options);return await p.webauthn.signIn.finish(n.data.transactionId,e)}},async update(e,t){const n=await p.webauthn.update.start(e,window.location.origin,t),r=await Sn(n.data.options);return await p.webauthn.update.finish(n.data.transactionId,r)},helpers:{create:Sn,get:_n,isSupported:xn}});var p;const f=Object.assign(Object.assign({},l),{flow:Object.assign(Object.assign({},l.flow),{start:async(e,t)=>{const n=await d.helpers.isSupported(),r=null===localStorage||void 0===localStorage?void 0:localStorage.getItem(nn),o={tenant:null==t?void 0:t.tenant,redirectUrl:window.location.href,deviceInfo:{webAuthnSupport:n}};return r&&(o.lastUser={externalId:r}),l.flow.start(e,o)}}),webauthn:d,onSessionTokenChange:e=>{var t;const n=null===(t=c.current)||void 0===t?void 0:t.sessionToken;return n&&e(n),c.subscribe((({sessionToken:t})=>{e(t)}))},onUserChange:e=>{const t=u.current;return t&&Object.entries(t).length>0&&e(t),u.subscribe((t=>{e(t)}))}});return Qt?(n&&["logout","logoutAll"].forEach((e=>{const t=l[e];f[e]=(...e)=>{const n=jn(),r=[(null==e?void 0:e.shift())||n,...e],o=t(...r);return localStorage&&localStorage.removeItem(mn),wn.remove("DS"),Qt&&(null===localStorage||void 0===localStorage||localStorage.removeItem(nn)),c.update({sessionToken:""}),o}})),a=e=>{if(e.body){const t={[en]:sessionStorage.getItem(en)||"",[tn]:sessionStorage.getItem(tn)||""};e.body.fpData=t}return!e.token&&r&&(e.token=jn()),e.headers=Object.assign(Object.assign({},e.headers),{"x-descope-sdk-name":"web-js","x-descope-sdk-version":"0.1.0-alpha.10"}),e},f.me=async(...e)=>{var t;const n=await l.me(...e);if(n.ok){const e=await(null===(t=n.response)||void 0===t?void 0:t.clone().json());u.update(e)}return n},(n||r)&&(s=(e,o)=>{!async function(e,n,r,o){var i;try{if(401===n.status)return r.sessionToken.update({sessionToken:""}),void r.user.update({});const a=await(null==n?void 0:n.json());if(a){const n=function(e){return(null==e?void 0:e.authInfo)||e||{}}(a),{sessionJwt:s,refreshJwt:c,user:u}=n,l=t(n,["sessionJwt","refreshJwt","user"]);if(o.persistTokens&&On(s,c,l),s&&r.sessionToken.update({sessionToken:s}),u){const e=null===(i=null==u?void 0:u.externalIds)||void 0===i?void 0:i[0];Qt&&e&&(null===localStorage||void 0===localStorage||localStorage.setItem(nn,e)),r.user.update(u)}s&&c&&o.autoRefresh&&In(e,s,c)}}catch(e){console.error("Could not set tokens from body",e)}}(f.refresh,o,{sessionToken:c,user:u},{autoRefresh:n,persistTokens:r})}),n&&jn()&&f.refresh(),f):(console.warn("Storing auth tokens in local storage and cookies are a client side only capabilities and will not be done when running in the server"),f)}}));
 //# sourceMappingURL=index.umd.js.map