@descope/web-js-sdk 1.45.0 → 1.46.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/cjs/index.cjs.js +1 -1
  2. package/dist/cjs/index.cjs.js.map +1 -1
  3. package/dist/index.d.ts +1 -1
  4. package/dist/index.esm.js +1 -1
  5. package/dist/index.esm.js.map +1 -1
  6. package/dist/index.umd.js +2 -2
  7. package/dist/index.umd.js.map +1 -1
  8. package/package.json +2 -2
package/dist/index.umd.js CHANGED
@@ -1,4 +1,4 @@
1
- !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).Descope=t()}(this,(function(){"use strict";var e=function(){return e=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e},e.apply(this,arguments)};function t(e,t){var n={};for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var r=0;for(o=Object.getOwnPropertySymbols(e);r<o.length;r++)t.indexOf(o[r])<0&&Object.prototype.propertyIsEnumerable.call(e,o[r])&&(n[o[r]]=e[o[r]])}return n}"function"==typeof SuppressedError&&SuppressedError;class n extends Error{}function o(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw new Error("base64 string is not of the correct length")}try{return function(e){return decodeURIComponent(atob(e).replace(/(.)/g,((e,t)=>{let n=t.charCodeAt(0).toString(16).toUpperCase();return n.length<2&&(n="0"+n),"%"+n})))}(t)}catch(e){return atob(t)}}function r(e,t){if("string"!=typeof e)throw new n("Invalid token specified: must be a string");t||(t={});const r=!0===t.header?0:1,i=e.split(".")[r];if("string"!=typeof i)throw new n(`Invalid token specified: missing part #${r+1}`);let s;try{s=o(i)}catch(e){throw new n(`Invalid token specified: invalid base64 for part #${r+1} (${e.message})`)}try{return JSON.parse(s)}catch(e){throw new n(`Invalid token specified: invalid json for part #${r+1} (${e.message})`)}}n.prototype.name="InvalidTokenError";const i="3.2.0",s="undefined"!=typeof window,a=Math.pow(2,31)-1,c=`https://descopecdn.com/npm/oidc-client-ts@${i}/dist/browser/oidc-client-ts.min.js`,l=`https://cdn.jsdelivr.net/npm/oidc-client-ts@${i}/dist/browser/oidc-client-ts.min.js`;const d=["/v1/auth/refresh","/v1/auth/try-refresh","/v1/auth/me","/v1/auth/me/tenants","/v1/auth/me/history"];let u;const p=e=>{try{return r(e).exp}catch(e){return null}},g=e=>{const{refresh_expire_in:t,refresh_token:n}=e;return t?Math.floor(Date.now()/1e3)+t:p(n)},h=e=>{const{expires_in:t,expires_at:n,access_token:o}=e;return n||(t?Math.floor(Date.now()/1e3)+t:o?p(o):void 0)},v=e=>{const{access_token:n,id_token:o,refresh_token:r,refresh_expire_in:i}=e,s=t(e,["access_token","id_token","refresh_token","refresh_expire_in"]);return Object.assign({sessionJwt:e.sessionJwt||n,idToken:o,refreshJwt:e.refreshJwt||r,sessionExpiration:e.sessionExpiration||h(e),cookieExpiration:e.cookieExpiration||g(e)},s)},f=(e,t)=>{var n;return["beforeRequest","afterRequest"].reduce(((n,o)=>{var r;return n[o]=[].concat((null===(r=e.hooks)||void 0===r?void 0:r[o])||[]).concat((null==t?void 0:t[o])||[]),n}),null!==(n=e.hooks)&&void 0!==n?n:e.hooks={}),e},w=async e=>{if(!(null==e?void 0:e.ok))return{};const t=await(null==e?void 0:e.clone().json()),n=(null==t?void 0:t.authInfo)||t||{};return v(n)},m=()=>s&&!!window.descopeBridge,y=(e,t)=>{if(!((null==t?void 0:t.status)>=400&&(null==t?void 0:t.status)<500))return!1;const n=(null==e?void 0:e.path)||"";return d.includes(n)},b=void 0!==u||s&&void 0!==window.localStorage,I=(e,t)=>{var n,o;return null===(o=null===(n=u||s&&window.localStorage)||void 0===n?void 0:n.setItem)||void 0===o?void 0:o.call(n,e,t)},k=e=>{var t,n;return null===(n=null===(t=u||s&&window.localStorage)||void 0===t?void 0:t.getItem)||void 0===n?void 0:n.call(t,e)},O=e=>{var t,n;return null===(n=null===(t=u||s&&window.localStorage)||void 0===t?void 0:t.removeItem)||void 0===n?void 0:n.call(t,e)},j=e=>{var t,n,o,r,i;return null!==(i=null!==(n=null===(t=null==u?void 0:u.key)||void 0===t?void 0:t.call(u,e))&&void 0!==n?n:s&&(null===(r=null===(o=window.localStorage)||void 0===o?void 0:o.key)||void 0===r?void 0:r.call(o,e)))&&void 0!==i?i:null};var S={accessKey:{exchange:"/v1/auth/accesskey/exchange"},otp:{verify:"/v1/auth/otp/verify",signIn:"/v1/auth/otp/signin",signUp:"/v1/auth/otp/signup",update:{email:"/v1/auth/otp/update/email",phone:"/v1/auth/otp/update/phone"},signUpOrIn:"/v1/auth/otp/signup-in"},magicLink:{verify:"/v1/auth/magiclink/verify",signIn:"/v1/auth/magiclink/signin",signUp:"/v1/auth/magiclink/signup",update:{email:"/v1/auth/magiclink/update/email",phone:"/v1/auth/magiclink/update/phone"},signUpOrIn:"/v1/auth/magiclink/signup-in"},enchantedLink:{verify:"/v1/auth/enchantedlink/verify",signIn:"/v1/auth/enchantedlink/signin",signUp:"/v1/auth/enchantedlink/signup",session:"/v1/auth/enchantedlink/pending-session",update:{email:"/v1/auth/enchantedlink/update/email"},signUpOrIn:"/v1/auth/enchantedlink/signup-in"},oauth:{start:"/v1/auth/oauth/authorize",exchange:"/v1/auth/oauth/exchange",startNative:"v1/auth/oauth/native/start",finishNative:"v1/auth/oauth/native/finish",oneTap:{getOneTapClientId:"/v1/auth/onetap/clientid/{provider}",exchangeOneTapIDToken:"/v1/auth/onetap/idtoken/exchange",verifyOneTapIDToken:"/v1/auth/onetap/idtoken/verify"}},outbound:{connect:"/v1/outbound/oauth/connect"},saml:{start:"/v1/auth/saml/authorize",exchange:"/v1/auth/saml/exchange"},totp:{verify:"/v1/auth/totp/verify",signUp:"/v1/auth/totp/signup",update:"/v1/auth/totp/update"},notp:{signIn:"/v1/auth/notp/whatsapp/signin",signUp:"/v1/auth/notp/whatsapp/signup",signUpOrIn:"/v1/auth/notp/whatsapp/signup-in",session:"/v1/auth/notp/pending-session"},webauthn:{signUp:{start:"/v1/auth/webauthn/signup/start",finish:"/v1/auth/webauthn/signup/finish"},signIn:{start:"/v1/auth/webauthn/signin/start",finish:"/v1/auth/webauthn/signin/finish"},signUpOrIn:{start:"/v1/auth/webauthn/signup-in/start"},update:{start:"v1/auth/webauthn/update/start",finish:"/v1/auth/webauthn/update/finish"}},password:{signUp:"/v1/auth/password/signup",signIn:"/v1/auth/password/signin",sendReset:"/v1/auth/password/reset",update:"/v1/auth/password/update",replace:"/v1/auth/password/replace",policy:"/v1/auth/password/policy"},refresh:"/v1/auth/refresh",tryRefresh:"/v1/auth/try-refresh",selectTenant:"/v1/auth/tenant/select",logout:"/v1/auth/logout",logoutAll:"/v1/auth/logoutall",me:"/v1/auth/me",myTenants:"/v1/auth/me/tenants",history:"/v1/auth/me/history",flow:{start:"/v1/flow/start",next:"/v1/flow/next"}};const U="<region>",T=`https://api.${U}descope.com`,x=6e5,R="dct",C=()=>{const e={};return{headers(t){const n="function"==typeof t.entries?Object.fromEntries(t.entries()):t;return e.Headers=JSON.stringify(n),this},body(t){return e.Body=t,this},url(t){return e.Url=t.toString(),this},method(t){return e.Method=t,this},title(t){return e.Title=t,this},status(t){return e.Status=t,this},retries(t){return e.Retries=t,this},build:()=>Object.keys(e).flatMap((t=>e[t]?[`${"Title"!==t?`${t}: `:""}${e[t]}`]:[])).join("\n")}},E=[521,524],P=e=>async(...t)=>{let n=await e(...t);E.includes(n.status)&&(n=await e(...t),n.retries=1);const o=await n.text();return n.text=()=>Promise.resolve(o),n.json=()=>Promise.resolve(JSON.parse(o)),n.clone=()=>n,n},$=(e,t)=>{const n=t||fetch;return n||null==e||e.warn("Fetch is not defined, you will not be able to send http requests, if you are running in a test, make sure fetch is defined globally"),e?async(...t)=>{if(!n)throw Error("Cannot send http request, fetch is not defined, if you are running in a test, make sure fetch is defined globally");e.log((e=>C().title("Request").url(e[0]).method(e[1].method).headers(e[1].headers).body(e[1].body).build())(t));const o=await P(n)(...t);return e[o.ok?"log":"error"](await(async e=>{const t=await e.text();return C().title("Response").url(e.url.toString()).status(`${e.status} ${e.statusText}`).headers(e.headers).body(t).retries(e.retries).build()})(o)),o}:P(n)};let _;const D=()=>{if(_)return _;const e=new Date,t=`${e.getUTCFullYear().toString()}-${(e.getUTCMonth()+1).toString().padStart(2,"0")}-${e.getUTCDate().toString().padStart(2,"0")}-${e.getUTCHours().toString().padStart(2,"0")}:${e.getUTCMinutes().toString().padStart(2,"0")}:${e.getUTCSeconds().toString().padStart(2,"0")}:${e.getUTCMilliseconds().toString()}`,n=Math.floor(1e3+9e3*Math.random());return _=`${t}-${n}`,_};var A,L;(L=A||(A={})).get="GET",L.delete="DELETE",L.post="POST",L.put="PUT",L.patch="PATCH";const q=({path:e,baseUrl:t,queryParams:n,projectId:o})=>{const r=o.slice(1,-27);t=t.replace(U,r?r+".":"");let i=e?`${t.replace(/\/$/,"")}/${null==e?void 0:e.replace(/^\//,"")}`:t;if(n){const e=Object.keys(n);e.forEach(((t,o)=>{i=`${i}${0===o?"?":""}${t}=${encodeURIComponent(n[t])}${o===e.length-1?"":"&"}`}))}return i},N=(...e)=>new Headers(e.reduce(((e,t)=>((e=>Array.isArray(e)?e:e instanceof Headers?Array.from(e.entries()):e?Object.entries(e):[])(t).forEach((([t,n])=>{e[t]="function"==typeof n?n():n})),e)),{})),J={"Content-Type":"application/json"},K=(e,t="")=>{let n=e;return t&&(n=n+":"+t),{Authorization:`Bearer ${n}`}},M=(e,t)=>{const n={"x-descope-sdk-session-id":D(),"x-descope-sdk-name":"core-js","x-descope-sdk-version":"2.57.0","x-descope-project-id":e};return t&&(n["x-descope-refresh-cookie-name"]=t),n},V=e=>{try{e=JSON.parse(e)}catch(e){return!1}return"object"==typeof e&&null!==e};var F=e=>{var t;return(({baseUrl:e,projectId:t,baseConfig:n,refreshCookieName:o,logger:r,hooks:i,cookiePolicy:s,fetch:a})=>{const c=e||T,l=$(r,a),d=async e=>{var r;const a=(null==i?void 0:i.beforeRequest)?i.beforeRequest(e):e,{path:d,body:u,headers:p,queryParams:g,method:h,token:v}=a,f=(e=>void 0===e?void 0:JSON.stringify(e))(u),w={headers:N(K(t,v),M(t,o),(null==n?void 0:n.baseHeaders)||{},V(f)?J:{},p),method:h,body:f};null!==s&&(w.credentials=s||"include");const m=await l(q({path:d,baseUrl:c,queryParams:g,projectId:t}),w);if((null==i?void 0:i.afterRequest)&&await i.afterRequest(e,null==m?void 0:m.clone()),null==i?void 0:i.transformResponse){const e=await m.json(),t=((null===(r=m.headers)||void 0===r?void 0:r.get("set-cookie"))||"").split(";").reduce(((e,t)=>{const[n,o]=t.split("=");return Object.assign(Object.assign({},e),{[n.trim()]:o})}),{}),n=Object.assign(Object.assign({},m),{json:()=>Promise.resolve(e),cookies:t});return n.clone=()=>n,i.transformResponse(n)}return m};return{get:(e,{headers:t,queryParams:n,token:o}={})=>d({path:e,headers:t,queryParams:n,body:void 0,method:A.get,token:o}),post:(e,t,{headers:n,queryParams:o,token:r}={})=>d({path:e,headers:n,queryParams:o,body:t,method:A.post,token:r}),patch:(e,t,{headers:n,queryParams:o,token:r}={})=>d({path:e,headers:n,queryParams:o,body:t,method:A.patch,token:r}),put:(e,t,{headers:n,queryParams:o,token:r}={})=>d({path:e,headers:n,queryParams:o,body:t,method:A.put,token:r}),delete:(e,{headers:t,queryParams:n,token:o}={})=>d({path:e,headers:t,queryParams:n,body:void 0,method:A.delete,token:o}),hooks:i,buildUrl:(e,n)=>q({projectId:t,baseUrl:c,path:e,queryParams:n})}})(Object.assign(Object.assign({},e),{hooks:{beforeRequest:t=>{var n;const o=[].concat((null===(n=e.hooks)||void 0===n?void 0:n.beforeRequest)||[]);return null==o?void 0:o.reduce(((e,t)=>t(e)),t)},afterRequest:async(t,n)=>{var o;const r=[].concat((null===(o=e.hooks)||void 0===o?void 0:o.afterRequest)||[]);0!=r.length&&(await Promise.allSettled(null==r?void 0:r.map((e=>e(t,null==n?void 0:n.clone()))))).forEach((t=>{var n;return"rejected"===t.status&&(null===(n=e.logger)||void 0===n?void 0:n.error(t.reason))}))},transformResponse:null===(t=e.hooks)||void 0===t?void 0:t.transformResponse}}))},H=429;function B(e,t,n){var o;let r=z(e);if(t){if(!(null==r?void 0:r.tenants)&&(null==r?void 0:r[R])===t)return(null==r?void 0:r[n])||[];r=null===(o=null==r?void 0:r.tenants)||void 0===o?void 0:o[t]}const i=null==r?void 0:r[n];return Array.isArray(i)?i:[]}function z(e){if("string"!=typeof e||!e)throw new Error("Invalid token provided");return r(e)}function Z(e){const{exp:t}=z(e);return(new Date).getTime()/1e3>t}function G(e){let t=z(e);const n=Object.keys(null==t?void 0:t.tenants);return Array.isArray(n)?n:[]}function W(e,t){return B(e,t,"permissions")}function X(e,t){return B(e,t,"roles")}const Y=(...e)=>e.join("/").replace(/\/{2,}/g,"/");async function Q(e,t){var n;const o=await e,r={code:o.status,ok:o.ok,response:o},i=await o.clone().json();return o.ok?r.data=i:(r.error=i,o.status===H&&Object.assign(r.error,{retryAfter:Number.parseInt(null===(n=o.headers)||void 0===n?void 0:n.get("retry-after"))||0})),r}function ee(e){var t;return(null===(t=z(e))||void 0===t?void 0:t[R])||""}const te=(e,t)=>(n=t)=>t=>!e(t)&&n.replace("{val}",t),ne=(e,t)=>(n=t)=>t=>{const o=e.filter((e=>e(t)));return!(o.length<e.length)&&(n?n.replace("{val}",t):o.join(" OR "))},oe=(...e)=>({validate:t=>(e.forEach((e=>{const n=e(t);if(n)throw new Error(n)})),!0)}),re=e=>t=>e.test(t),ie=re(/^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/),se=re(/^\+[1-9]{1}[0-9]{3,14}$/),ae=te(ie,'"{val}" is not a valid email'),ce=te(se,'"{val}" is not a valid phone number'),le=te((e=>e.length>=1),"Minimum length is 1");const de=te((e=>"string"==typeof e),"Input is not a string"),ue=te((e=>Array.isArray(e)),"Input is not an array"),pe=te((e=>"boolean"==typeof e),"Input is not a boolean"),ge=te((e=>void 0===e),"Input is defined"),he=ne([de(),ge()],"Input is not a string or undefined"),ve=ne([ue(),pe()],"Input is not an array or boolean"),fe=(...e)=>t=>(...n)=>(e.forEach(((e,t)=>oe(...e).validate(n[t]))),t(...n)),we=e=>[de(`"${e}" must be a string`)],me=e=>[he(`"${e}" must be string or undefined`)],ye=e=>[de(`"${e}" must be a string`),le(`"${e}" must not be empty`)],be=e=>[de(`"${e}" must be a string`),ae()],Ie=e=>[de(`"${e}" must be a string`),ce()],ke=fe(ye("accessKey")),Oe=e=>({exchange:ke(((t,n)=>Q(e.post(S.accessKey.exchange,{loginOptions:n},{token:t}))))}),je=(e,t,n)=>(t.forEach((t=>{const o=t.split(".");let r=o.shift(),i=e;for(;o.length>0;){if(i=i[r],!r||!i)throw Error(`Invalid path "${t}", "${r}" is missing or has no value`);r=o.shift()}if("function"!=typeof i[r])throw Error(`"${t}" is not a function`);const s=i[r];i[r]=n(s)})),e),Se=({pollingIntervalMs:e=1e3,timeoutMs:t=6e5}={})=>({pollingIntervalMs:Math.max(e||1e3,1e3),timeoutMs:Math.min(t||x,x)});var Ue,Te;!function(e){e.sms="sms",e.voice="voice",e.whatsapp="whatsapp",e.im="im"}(Ue||(Ue={})),function(e){e.email="email"}(Te||(Te={}));const xe=Object.assign(Object.assign({},Ue),Te);var Re;!function(e){e.waiting="waiting",e.running="running",e.completed="completed",e.failed="failed"}(Re||(Re={}));const Ce=ye("loginId"),Ee=fe(ye("token")),Pe=fe(Ce),$e=fe(ye("pendingRef")),_e=fe(Ce,be("email")),De=e=>({verify:Ee((t=>Q(e.post(S.enchantedLink.verify,{token:t})))),signIn:Pe(((n,o,r={},i)=>{var{providerId:s}=r,a=t(r,["providerId"]);return Q(e.post(Y(S.enchantedLink.signIn,xe.email),{loginId:n,URI:o,loginOptions:a,providerId:s},{token:i}))})),signUpOrIn:Pe(((n,o,r={})=>{var{providerId:i}=r,s=t(r,["providerId"]);return Q(e.post(Y(S.enchantedLink.signUpOrIn,xe.email),{loginId:n,URI:o,loginOptions:s,providerId:i}))})),signUp:Pe(((n,o,r,i={})=>{var{providerId:s}=i,a=t(i,["providerId"]);return Q(e.post(Y(S.enchantedLink.signUp,xe.email),{loginId:n,URI:o,user:r,loginOptions:a,providerId:s}))})),waitForSession:$e(((t,n)=>new Promise((o=>{const{pollingIntervalMs:r,timeoutMs:i}=Se(n);let s;const a=setInterval((async()=>{const n=await e.post(S.enchantedLink.session,{pendingRef:t});n.ok&&(clearInterval(a),s&&clearTimeout(s),o(Q(Promise.resolve(n))))}),r);s=setTimeout((()=>{o({error:{errorDescription:`Session polling timeout exceeded: ${i}ms`,errorCode:"0"},ok:!1}),clearInterval(a)}),i)})))),update:{email:_e(((t,n,o,r,i)=>Q(e.post(S.enchantedLink.update.email,Object.assign({loginId:t,email:n,URI:o},i),{token:r}))))}}),Ae=fe(ye("flowId")),Le=fe(ye("executionId"),ye("stepId"),ye("interactionId")),qe=e=>({start:Ae(((t,n,o,r,i,s,a,c=!1)=>Q(e.post(S.flow.start,{flowId:t,options:n,conditionInteractionId:o,interactionId:r,componentsVersion:i,flowVersions:s,input:a,isCustomScreen:c})))),next:Le(((t,n,o,r,i,s,a=!1)=>Q(e.post(S.flow.next,{executionId:t,stepId:n,interactionId:o,version:r,componentsVersion:i,input:s,isCustomScreen:a}))))}),Ne=ye("loginId"),Je=fe(ye("token")),Ke=fe(Ne),Me=fe(Ne,Ie("phone")),Ve=fe(Ne,be("email")),Fe=Object.keys(xe).filter((e=>e!==Ue.voice&&e!==Ue.im)),He=e=>({verify:Je((t=>Q(e.post(S.magicLink.verify,{token:t})))),signIn:Fe.reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:Ke(((n,r,i={},s)=>{var{providerId:a}=i,c=t(i,["providerId"]);return Q(e.post(Y(S.magicLink.signIn,o),{loginId:n,URI:r,loginOptions:c,providerId:a},{token:s}))}))})),{}),signUp:Fe.reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:Ke(((n,r,i,s={})=>{var{providerId:a}=s,c=t(s,["providerId"]);return Q(e.post(Y(S.magicLink.signUp,o),{loginId:n,URI:r,user:i,loginOptions:c,providerId:a}))}))})),{}),signUpOrIn:Fe.reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:Ke(((n,r,i={})=>{var{providerId:s}=i,a=t(i,["providerId"]);return Q(e.post(Y(S.magicLink.signUpOrIn,o),{loginId:n,URI:r,loginOptions:a,providerId:s}))}))})),{}),update:{email:Ve(((t,n,o,r,i)=>Q(e.post(S.magicLink.update.email,Object.assign({loginId:t,email:n,URI:o},i),{token:r})))),phone:Object.keys(Ue).filter((e=>e!==Ue.voice)).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Me(((t,o,r,i,s)=>Q(e.post(Y(S.magicLink.update.phone,n),Object.assign({loginId:t,phone:o,URI:r},s),{token:i}))))})),{})}});var Be;!function(e){e.facebook="facebook",e.github="github",e.google="google",e.microsoft="microsoft",e.gitlab="gitlab",e.apple="apple",e.discord="discord",e.linkedin="linkedin",e.slack="slack"}(Be||(Be={}));const ze=fe(ye("code")),Ze=e=>({start:Object.assign(((t,n,o,r,i)=>Q(e.post(S.oauth.start,o||{},{queryParams:Object.assign(Object.assign({provider:t},n&&{redirectURL:n}),i&&{loginHint:i}),token:r}))),Object.keys(Be).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:(t,o,r,i)=>Q(e.post(S.oauth.start,o||{},{queryParams:Object.assign(Object.assign({provider:n},t&&{redirectURL:t}),i&&{loginHint:i}),token:r}))})),{})),exchange:ze((t=>Q(e.post(S.oauth.exchange,{code:t})))),startNative:(t,n,o)=>Q(e.post(S.oauth.startNative,{provider:t,loginOptions:n,implicit:o})),finishNative:(t,n,o,r,i)=>Q(e.post(S.oauth.finishNative,{provider:t,stateId:n,user:o,code:r,idToken:i})),getOneTapClientId:t=>Q(e.get(S.oauth.oneTap.getOneTapClientId.replace("{provider}",t))),verifyOneTapIDToken:(t,n,o,r)=>Q(e.post(S.oauth.oneTap.verifyOneTapIDToken,{provider:t,idToken:n,nonce:o,loginOptions:r})),exchangeOneTapIDToken:(t,n,o,r)=>Q(e.post(S.oauth.oneTap.exchangeOneTapIDToken,{provider:t,idToken:n,nonce:o,loginOptions:r}))}),Ge=ye("appId"),We=fe(Ge),Xe=e=>({connect:We(((t,n,o)=>{const r=null==n?void 0:n.tenantId,i=null==n?void 0:n.tenantLevel;return null==n||delete n.tenantId,null==n||delete n.tenantLevel,Q(e.post(S.outbound.connect,{appId:t,tenantId:r,tenantLevel:i,options:n},{token:o}))}))}),Ye=ye("loginId"),Qe=fe(Ye,ye("code")),et=fe(Ye),tt=fe(Ye,Ie("phone")),nt=fe(Ye,be("email")),ot=e=>({verify:Object.keys(xe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Qe(((t,o)=>Q(e.post(Y(S.otp.verify,n),{code:o,loginId:t}))))})),{}),signIn:Object.keys(xe).reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:et(((n,r={},i)=>{var{providerId:s}=r,a=t(r,["providerId"]);return Q(e.post(Y(S.otp.signIn,o),{loginId:n,loginOptions:a,providerId:s},{token:i}))}))})),{}),signUp:Object.keys(xe).reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:et(((n,r,i={})=>{var{providerId:s}=i,a=t(i,["providerId"]);return Q(e.post(Y(S.otp.signUp,o),{loginId:n,user:r,loginOptions:a,providerId:s}))}))})),{}),signUpOrIn:Object.keys(xe).reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:et(((n,r={})=>{var{providerId:i}=r,s=t(r,["providerId"]);return Q(e.post(Y(S.otp.signUpOrIn,o),{loginId:n,loginOptions:s,providerId:i}))}))})),{}),update:{email:nt(((t,n,o,r)=>Q(e.post(S.otp.update.email,Object.assign({loginId:t,email:n},r),{token:o})))),phone:Object.keys(Ue).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:tt(((t,o,r,i)=>Q(e.post(Y(S.otp.update.phone,n),Object.assign({loginId:t,phone:o},i),{token:r}))))})),{})}}),rt=fe(ye("tenant")),it=fe(ye("code")),st=e=>({start:rt(((t,n,o,r,i,s,a,c)=>Q(e.post(S.saml.start,o||{},Object.assign({queryParams:Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({tenant:t},n&&{redirectURL:n}),i&&{ssoId:i}),s&&{forceAuthn:"true"}),a&&{loginHint:a}),c&&{initiatedEmail:t})},r&&{token:r}))))),exchange:it((t=>Q(e.post(S.saml.exchange,{code:t}))))}),at=ye("loginId"),ct=fe(at,ye("code")),lt=fe(at),dt=fe(at),ut=e=>({signUp:lt(((t,n)=>Q(e.post(S.totp.signUp,{loginId:t,user:n})))),verify:ct(((t,n,o,r)=>Q(e.post(S.totp.verify,{loginId:t,code:n,loginOptions:o},{token:r})))),update:dt(((t,n)=>Q(e.post(S.totp.update,{loginId:t},{token:n}))))}),pt=ye("loginId"),gt=ye("newPassword"),ht=fe(pt,ye("password")),vt=fe(pt),ft=fe(pt,gt),wt=fe(pt,ye("oldPassword"),gt),mt=e=>({signUp:ht(((n,o,r,i={})=>{var{providerId:s}=i,a=t(i,["providerId"]);return Q(e.post(S.password.signUp,{loginId:n,password:o,user:r,loginOptions:a,providerId:s}))})),signIn:ht(((n,o,r={})=>{var{providerId:i}=r,s=t(r,["providerId"]);return Q(e.post(S.password.signIn,{loginId:n,password:o,loginOptions:s,providerId:i}))})),sendReset:vt(((t,n,o)=>Q(e.post(S.password.sendReset,{loginId:t,redirectUrl:n,templateOptions:o})))),update:ft(((t,n,o)=>Q(e.post(S.password.update,{loginId:t,newPassword:n},{token:o})))),replace:wt(((t,n,o)=>Q(e.post(S.password.replace,{loginId:t,oldPassword:n,newPassword:o})))),policy:()=>Q(e.get(S.password.policy))}),yt=we("loginId"),bt=ye("loginId"),It=ye("origin"),kt=fe(bt,It,ye("name")),Ot=fe(bt,It),jt=fe(yt,It),St=fe(bt,It,me("token")),Ut=fe(ye("transactionId"),ye("response")),Tt=e=>({signUp:{start:kt(((t,n,o,r)=>Q(e.post(S.webauthn.signUp.start,{user:{loginId:t,name:o},origin:n,passkeyOptions:r})))),finish:Ut(((t,n)=>Q(e.post(S.webauthn.signUp.finish,{transactionId:t,response:n}))))},signIn:{start:jt(((t,n,o,r,i)=>Q(e.post(S.webauthn.signIn.start,{loginId:t,origin:n,loginOptions:o,passkeyOptions:i},{token:r})))),finish:Ut(((t,n)=>Q(e.post(S.webauthn.signIn.finish,{transactionId:t,response:n}))))},signUpOrIn:{start:Ot(((t,n,o)=>Q(e.post(S.webauthn.signUpOrIn.start,{loginId:t,origin:n,passkeyOptions:o}))))},update:{start:St(((t,n,o,r)=>Q(e.post(S.webauthn.update.start,{loginId:t,origin:n,passkeyOptions:r},{token:o})))),finish:Ut(((t,n)=>Q(e.post(S.webauthn.update.finish,{transactionId:t,response:n}))))}}),xt=we("loginId"),Rt=fe(xt),Ct=fe(ye("pendingRef")),Et=e=>({signUpOrIn:Rt(((n,o={})=>{var{providerId:r}=o,i=t(o,["providerId"]);return Q(e.post(S.notp.signUpOrIn,{loginId:n,loginOptions:i,providerId:r}))})),signUp:Rt(((n,o,r={})=>{var{providerId:i}=r,s=t(r,["providerId"]);return Q(e.post(S.notp.signUp,{loginId:n,user:o,providerId:i,loginOptions:s}))})),signIn:Rt(((n,o={},r)=>{var{providerId:i}=o,s=t(o,["providerId"]);return Q(e.post(S.notp.signIn,{loginId:n,loginOptions:s,providerId:i},{token:r}))})),waitForSession:Ct(((t,n)=>new Promise((o=>{const{pollingIntervalMs:r,timeoutMs:i}=Se(n);let s;const a=setInterval((async()=>{const n=await e.post(S.notp.session,{pendingRef:t});n.ok&&(clearInterval(a),s&&clearTimeout(s),o(Q(Promise.resolve(n))))}),r);s=setTimeout((()=>{o({error:{errorDescription:`Session polling timeout exceeded: ${i}ms`,errorCode:"0"},ok:!1}),clearInterval(a)}),i)}))))}),Pt=fe(ye("token")),$t=fe(me("token"));var _t,Dt=fe([(_t=ye("projectId"),te(((e,t)=>n=>oe(...t).validate(((e,t)=>{const n=(Array.isArray(t)?t.join("."):String(t)).replace(/\[\\?("|')?(\w|d)+\\?("|')?\]/g,((e,t,n)=>"."+n)).split("."),o=n.length;let r=0,i=e===Object(e)?e:void 0;for(;null!=i&&r<o;)i=i[n[r++]];return r&&r===o&&void 0!==i?i:void 0})(n,e)))("projectId",_t))())])((e=>{const{projectId:t,logger:n,baseUrl:o,cookiePolicy:r,baseHeaders:i={},refreshCookieName:s,fetch:a}=e;return c=F({baseUrl:o,projectId:t,logger:n,hooks:{get beforeRequest(){var t;return null===(t=e.hooks)||void 0===t?void 0:t.beforeRequest},get afterRequest(){var t;return null===(t=e.hooks)||void 0===t?void 0:t.afterRequest},get transformResponse(){var t;return null===(t=e.hooks)||void 0===t?void 0:t.transformResponse}},cookiePolicy:r,baseConfig:{baseHeaders:i},refreshCookieName:s,fetch:a}),{accessKey:Oe(c),otp:ot(c),magicLink:He(c),enchantedLink:De(c),oauth:Ze(c),outbound:Xe(c),saml:st(c),totp:ut(c),notp:Et(c),webauthn:Tt(c),password:mt(c),flow:qe(c),refresh:$t(((e,t,n,o)=>{const r={};n&&(r.externalToken=n);const i=o?S.tryRefresh:S.refresh;return Q(c.post(i,r,{token:e,queryParams:t}))})),selectTenant:fe([de("tenantId")],[he('"token" must be string or undefined')])(((e,t)=>Q(c.post(S.selectTenant,{tenant:e},{token:t})))),logout:$t((e=>Q(c.post(S.logout,{},{token:e})))),logoutAll:$t((e=>Q(c.post(S.logoutAll,{},{token:e})))),me:$t((e=>Q(c.get(S.me,{token:e})))),myTenants:fe([ve('"tenants" must a string array or a boolean')],[he('"token" must be string or undefined')])(((e,t)=>{const n={};return"boolean"==typeof e?n.dct=e:n.ids=e,Q(c.post(S.myTenants,n,{token:t}))})),history:$t((e=>Q(c.get(S.history,{token:e})))),isJwtExpired:Pt(Z),getTenants:Pt(G),getJwtPermissions:Pt(W),getJwtRoles:Pt(X),getCurrentTenant:Pt(ee),httpClient:c};var c})),At=Object.assign(Dt,{DeliveryMethods:xe});const Lt=(...e)=>{console.debug(...e)},qt=(...e)=>{console.warn(...e)},Nt=(e,t)=>{let n;var o;return t>0?(n=1e3*t,Lt(`Using provided nextRefreshSeconds: ${t}s`)):n=((o=e)?o.getTime()-(new Date).getTime():0)-2e4,n>a&&(Lt(`Timeout is too large (${n}ms), setting it to ${a}ms`),n=a),n};
1
+ !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).Descope=t()}(this,(function(){"use strict";var e=function(){return e=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e},e.apply(this,arguments)};function t(e,t){var n={};for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&t.indexOf(o)<0&&(n[o]=e[o]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var r=0;for(o=Object.getOwnPropertySymbols(e);r<o.length;r++)t.indexOf(o[r])<0&&Object.prototype.propertyIsEnumerable.call(e,o[r])&&(n[o[r]]=e[o[r]])}return n}"function"==typeof SuppressedError&&SuppressedError;class n extends Error{}function o(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw new Error("base64 string is not of the correct length")}try{return function(e){return decodeURIComponent(atob(e).replace(/(.)/g,((e,t)=>{let n=t.charCodeAt(0).toString(16).toUpperCase();return n.length<2&&(n="0"+n),"%"+n})))}(t)}catch(e){return atob(t)}}function r(e,t){if("string"!=typeof e)throw new n("Invalid token specified: must be a string");t||(t={});const r=!0===t.header?0:1,i=e.split(".")[r];if("string"!=typeof i)throw new n(`Invalid token specified: missing part #${r+1}`);let s;try{s=o(i)}catch(e){throw new n(`Invalid token specified: invalid base64 for part #${r+1} (${e.message})`)}try{return JSON.parse(s)}catch(e){throw new n(`Invalid token specified: invalid json for part #${r+1} (${e.message})`)}}n.prototype.name="InvalidTokenError";const i="3.2.0",s="undefined"!=typeof window,a=Math.pow(2,31)-1,c=`https://descopecdn.com/npm/oidc-client-ts@${i}/dist/browser/oidc-client-ts.min.js`,l=`https://cdn.jsdelivr.net/npm/oidc-client-ts@${i}/dist/browser/oidc-client-ts.min.js`;const d=["/v1/auth/refresh","/v1/auth/try-refresh","/v1/auth/me","/v1/auth/me/tenants","/v1/auth/me/history"];let u;const p=e=>{try{return r(e).exp}catch(e){return null}},g=e=>{const{refresh_expire_in:t,refresh_token:n}=e;return t?Math.floor(Date.now()/1e3)+t:p(n)},h=e=>{const{expires_in:t,expires_at:n,access_token:o}=e;return n||(t?Math.floor(Date.now()/1e3)+t:o?p(o):void 0)},v=e=>{const{access_token:n,id_token:o,refresh_token:r,refresh_expire_in:i}=e,s=t(e,["access_token","id_token","refresh_token","refresh_expire_in"]);return Object.assign({sessionJwt:e.sessionJwt||n,idToken:o,refreshJwt:e.refreshJwt||r,sessionExpiration:e.sessionExpiration||h(e),cookieExpiration:e.cookieExpiration||g(e)},s)},f=(e,t)=>{var n;return["beforeRequest","afterRequest"].reduce(((n,o)=>{var r;return n[o]=[].concat((null===(r=e.hooks)||void 0===r?void 0:r[o])||[]).concat((null==t?void 0:t[o])||[]),n}),null!==(n=e.hooks)&&void 0!==n?n:e.hooks={}),e},w=async e=>{if(!(null==e?void 0:e.ok))return{};const t=await(null==e?void 0:e.clone().json()),n=(null==t?void 0:t.authInfo)||t||{};return v(n)},m=()=>s&&!!window.descopeBridge,y=(e,t)=>{if(!((null==t?void 0:t.status)>=400&&(null==t?void 0:t.status)<500))return!1;const n=(null==e?void 0:e.path)||"";return d.includes(n)},b=void 0!==u||s&&void 0!==window.localStorage,k=(e,t)=>{var n,o;return null===(o=null===(n=u||s&&window.localStorage)||void 0===n?void 0:n.setItem)||void 0===o?void 0:o.call(n,e,t)},I=e=>{var t,n;return null===(n=null===(t=u||s&&window.localStorage)||void 0===t?void 0:t.getItem)||void 0===n?void 0:n.call(t,e)},O=e=>{var t,n;return null===(n=null===(t=u||s&&window.localStorage)||void 0===t?void 0:t.removeItem)||void 0===n?void 0:n.call(t,e)},j=e=>{var t,n,o,r,i;return null!==(i=null!==(n=null===(t=null==u?void 0:u.key)||void 0===t?void 0:t.call(u,e))&&void 0!==n?n:s&&(null===(r=null===(o=window.localStorage)||void 0===o?void 0:o.key)||void 0===r?void 0:r.call(o,e)))&&void 0!==i?i:null};var S={accessKey:{exchange:"/v1/auth/accesskey/exchange"},otp:{verify:"/v1/auth/otp/verify",signIn:"/v1/auth/otp/signin",signUp:"/v1/auth/otp/signup",update:{email:"/v1/auth/otp/update/email",phone:"/v1/auth/otp/update/phone"},signUpOrIn:"/v1/auth/otp/signup-in"},magicLink:{verify:"/v1/auth/magiclink/verify",signIn:"/v1/auth/magiclink/signin",signUp:"/v1/auth/magiclink/signup",update:{email:"/v1/auth/magiclink/update/email",phone:"/v1/auth/magiclink/update/phone"},signUpOrIn:"/v1/auth/magiclink/signup-in"},enchantedLink:{verify:"/v1/auth/enchantedlink/verify",signIn:"/v1/auth/enchantedlink/signin",signUp:"/v1/auth/enchantedlink/signup",session:"/v1/auth/enchantedlink/pending-session",update:{email:"/v1/auth/enchantedlink/update/email"},signUpOrIn:"/v1/auth/enchantedlink/signup-in"},oauth:{start:"/v1/auth/oauth/authorize",exchange:"/v1/auth/oauth/exchange",startNative:"v1/auth/oauth/native/start",finishNative:"v1/auth/oauth/native/finish",oneTap:{getOneTapClientId:"/v1/auth/onetap/clientid/{provider}",exchangeOneTapIDToken:"/v1/auth/onetap/idtoken/exchange",verifyOneTapIDToken:"/v1/auth/onetap/idtoken/verify"}},outbound:{connect:"/v1/outbound/oauth/connect"},saml:{start:"/v1/auth/saml/authorize",exchange:"/v1/auth/saml/exchange"},totp:{verify:"/v1/auth/totp/verify",signUp:"/v1/auth/totp/signup",update:"/v1/auth/totp/update"},notp:{signIn:"/v1/auth/notp/whatsapp/signin",signUp:"/v1/auth/notp/whatsapp/signup",signUpOrIn:"/v1/auth/notp/whatsapp/signup-in",session:"/v1/auth/notp/pending-session"},webauthn:{signUp:{start:"/v1/auth/webauthn/signup/start",finish:"/v1/auth/webauthn/signup/finish"},signIn:{start:"/v1/auth/webauthn/signin/start",finish:"/v1/auth/webauthn/signin/finish"},signUpOrIn:{start:"/v1/auth/webauthn/signup-in/start"},update:{start:"v1/auth/webauthn/update/start",finish:"/v1/auth/webauthn/update/finish"}},password:{signUp:"/v1/auth/password/signup",signIn:"/v1/auth/password/signin",sendReset:"/v1/auth/password/reset",update:"/v1/auth/password/update",replace:"/v1/auth/password/replace",policy:"/v1/auth/password/policy"},refresh:"/v1/auth/refresh",tryRefresh:"/v1/auth/try-refresh",selectTenant:"/v1/auth/tenant/select",logout:"/v1/auth/logout",logoutAll:"/v1/auth/logoutall",me:"/v1/auth/me",myTenants:"/v1/auth/me/tenants",history:"/v1/auth/me/history",flow:{start:"/v1/flow/start",next:"/v1/flow/next"}};const U="<region>",T=`https://api.${U}descope.com`,x=6e5,R="dct",C=()=>{const e={};return{headers(t){const n="function"==typeof t.entries?Object.fromEntries(t.entries()):t;return e.Headers=JSON.stringify(n),this},body(t){return e.Body=t,this},url(t){return e.Url=t.toString(),this},method(t){return e.Method=t,this},title(t){return e.Title=t,this},status(t){return e.Status=t,this},retries(t){return e.Retries=t,this},build:()=>Object.keys(e).flatMap((t=>e[t]?[`${"Title"!==t?`${t}: `:""}${e[t]}`]:[])).join("\n")}},E=[503,521,522,524,530],$=[100,5e3,5e3],P=e=>new Promise((t=>setTimeout(t,e))),D=e=>async(...t)=>{let n=await e(...t),o=0;for(;E.includes(n.status)&&o<$.length;)await P($[o]),n=await e(...t),o++;o>0&&(n.retries=o);const r=await n.text();return n.text=()=>Promise.resolve(r),n.json=()=>Promise.resolve(JSON.parse(r)),n.clone=()=>n,n},_=(e,t)=>{const n=t||fetch;return n||null==e||e.warn("Fetch is not defined, you will not be able to send http requests, if you are running in a test, make sure fetch is defined globally"),e?async(...t)=>{if(!n)throw Error("Cannot send http request, fetch is not defined, if you are running in a test, make sure fetch is defined globally");e.log((e=>C().title("Request").url(e[0]).method(e[1].method).headers(e[1].headers).body(e[1].body).build())(t));const o=await D(n)(...t);return e[o.ok?"log":"error"](await(async e=>{const t=await e.text();return C().title("Response").url(e.url.toString()).status(`${e.status} ${e.statusText}`).headers(e.headers).body(t).retries(e.retries).build()})(o)),o}:D(n)};let A;const L=()=>{if(A)return A;const e=new Date,t=`${e.getUTCFullYear().toString()}-${(e.getUTCMonth()+1).toString().padStart(2,"0")}-${e.getUTCDate().toString().padStart(2,"0")}-${e.getUTCHours().toString().padStart(2,"0")}:${e.getUTCMinutes().toString().padStart(2,"0")}:${e.getUTCSeconds().toString().padStart(2,"0")}:${e.getUTCMilliseconds().toString()}`,n=Math.floor(1e3+9e3*Math.random());return A=`${t}-${n}`,A};var N,q;(q=N||(N={})).get="GET",q.delete="DELETE",q.post="POST",q.put="PUT",q.patch="PATCH";const J=({path:e,baseUrl:t,queryParams:n,projectId:o})=>{const r=o.slice(1,-27);t=t.replace(U,r?r+".":"");let i=e?`${t.replace(/\/$/,"")}/${null==e?void 0:e.replace(/^\//,"")}`:t;if(n){const e=Object.keys(n);e.forEach(((t,o)=>{i=`${i}${0===o?"?":""}${t}=${encodeURIComponent(n[t])}${o===e.length-1?"":"&"}`}))}return i},K=(...e)=>new Headers(e.reduce(((e,t)=>((e=>Array.isArray(e)?e:e instanceof Headers?Array.from(e.entries()):e?Object.entries(e):[])(t).forEach((([t,n])=>{e[t]="function"==typeof n?n():n})),e)),{})),M={"Content-Type":"application/json"},V=(e,t="")=>{let n=e;return t&&(n=n+":"+t),{Authorization:`Bearer ${n}`}},F=(e,t)=>{const n={"x-descope-sdk-session-id":L(),"x-descope-sdk-name":"core-js","x-descope-sdk-version":"2.58.0","x-descope-project-id":e};return t&&(n["x-descope-refresh-cookie-name"]=t),n},H=e=>{try{e=JSON.parse(e)}catch(e){return!1}return"object"==typeof e&&null!==e};var B=e=>{var t;return(({baseUrl:e,projectId:t,baseConfig:n,refreshCookieName:o,logger:r,hooks:i,cookiePolicy:s,fetch:a})=>{const c=e||T,l=_(r,a),d=async e=>{var r;const a=(null==i?void 0:i.beforeRequest)?i.beforeRequest(e):e,{path:d,body:u,headers:p,queryParams:g,method:h,token:v}=a,f=(e=>void 0===e?void 0:JSON.stringify(e))(u),w={headers:K(V(t,v),F(t,o),(null==n?void 0:n.baseHeaders)||{},H(f)?M:{},p),method:h,body:f};null!==s&&(w.credentials=s||"include");const m=await l(J({path:d,baseUrl:c,queryParams:g,projectId:t}),w);if((null==i?void 0:i.afterRequest)&&await i.afterRequest(e,null==m?void 0:m.clone()),null==i?void 0:i.transformResponse){const e=await m.json(),t=((null===(r=m.headers)||void 0===r?void 0:r.get("set-cookie"))||"").split(";").reduce(((e,t)=>{const[n,o]=t.split("=");return Object.assign(Object.assign({},e),{[n.trim()]:o})}),{}),n=Object.assign(Object.assign({},m),{json:()=>Promise.resolve(e),cookies:t});return n.clone=()=>n,i.transformResponse(n)}return m};return{get:(e,{headers:t,queryParams:n,token:o}={})=>d({path:e,headers:t,queryParams:n,body:void 0,method:N.get,token:o}),post:(e,t,{headers:n,queryParams:o,token:r}={})=>d({path:e,headers:n,queryParams:o,body:t,method:N.post,token:r}),patch:(e,t,{headers:n,queryParams:o,token:r}={})=>d({path:e,headers:n,queryParams:o,body:t,method:N.patch,token:r}),put:(e,t,{headers:n,queryParams:o,token:r}={})=>d({path:e,headers:n,queryParams:o,body:t,method:N.put,token:r}),delete:(e,{headers:t,queryParams:n,token:o}={})=>d({path:e,headers:t,queryParams:n,body:void 0,method:N.delete,token:o}),hooks:i,buildUrl:(e,n)=>J({projectId:t,baseUrl:c,path:e,queryParams:n})}})(Object.assign(Object.assign({},e),{hooks:{beforeRequest:t=>{var n;const o=[].concat((null===(n=e.hooks)||void 0===n?void 0:n.beforeRequest)||[]);return null==o?void 0:o.reduce(((e,t)=>t(e)),t)},afterRequest:async(t,n)=>{var o;const r=[].concat((null===(o=e.hooks)||void 0===o?void 0:o.afterRequest)||[]);0!=r.length&&(await Promise.allSettled(null==r?void 0:r.map((e=>e(t,null==n?void 0:n.clone()))))).forEach((t=>{var n;return"rejected"===t.status&&(null===(n=e.logger)||void 0===n?void 0:n.error(t.reason))}))},transformResponse:null===(t=e.hooks)||void 0===t?void 0:t.transformResponse}}))},z=429;function Z(e,t,n){var o;let r=G(e);if(t){if(!(null==r?void 0:r.tenants)&&(null==r?void 0:r[R])===t)return(null==r?void 0:r[n])||[];r=null===(o=null==r?void 0:r.tenants)||void 0===o?void 0:o[t]}const i=null==r?void 0:r[n];return Array.isArray(i)?i:[]}function G(e){if("string"!=typeof e||!e)throw new Error("Invalid token provided");return r(e)}function W(e){const{exp:t}=G(e);return(new Date).getTime()/1e3>t}function X(e){let t=G(e);const n=Object.keys(null==t?void 0:t.tenants);return Array.isArray(n)?n:[]}function Y(e,t){return Z(e,t,"permissions")}function Q(e,t){return Z(e,t,"roles")}const ee=(...e)=>e.join("/").replace(/\/{2,}/g,"/");async function te(e,t){var n;const o=await e,r={code:o.status,ok:o.ok,response:o},i=await o.clone().json();return o.ok?r.data=i:(r.error=i,o.status===z&&Object.assign(r.error,{retryAfter:Number.parseInt(null===(n=o.headers)||void 0===n?void 0:n.get("retry-after"))||0})),r}function ne(e){var t;return(null===(t=G(e))||void 0===t?void 0:t[R])||""}const oe=(e,t)=>(n=t)=>t=>!e(t)&&n.replace("{val}",t),re=(e,t)=>(n=t)=>t=>{const o=e.filter((e=>e(t)));return!(o.length<e.length)&&(n?n.replace("{val}",t):o.join(" OR "))},ie=(...e)=>({validate:t=>(e.forEach((e=>{const n=e(t);if(n)throw new Error(n)})),!0)}),se=e=>t=>e.test(t),ae=se(/^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/),ce=se(/^\+[1-9]{1}[0-9]{3,14}$/),le=oe(ae,'"{val}" is not a valid email'),de=oe(ce,'"{val}" is not a valid phone number'),ue=oe((e=>e.length>=1),"Minimum length is 1");const pe=oe((e=>"string"==typeof e),"Input is not a string"),ge=oe((e=>Array.isArray(e)),"Input is not an array"),he=oe((e=>"boolean"==typeof e),"Input is not a boolean"),ve=oe((e=>void 0===e),"Input is defined"),fe=re([pe(),ve()],"Input is not a string or undefined"),we=re([ge(),he()],"Input is not an array or boolean"),me=(...e)=>t=>(...n)=>(e.forEach(((e,t)=>ie(...e).validate(n[t]))),t(...n)),ye=e=>[pe(`"${e}" must be a string`)],be=e=>[fe(`"${e}" must be string or undefined`)],ke=e=>[pe(`"${e}" must be a string`),ue(`"${e}" must not be empty`)],Ie=e=>[pe(`"${e}" must be a string`),le()],Oe=e=>[pe(`"${e}" must be a string`),de()],je=me(ke("accessKey")),Se=e=>({exchange:je(((t,n)=>te(e.post(S.accessKey.exchange,{loginOptions:n},{token:t}))))}),Ue=(e,t,n)=>(t.forEach((t=>{const o=t.split(".");let r=o.shift(),i=e;for(;o.length>0;){if(i=i[r],!r||!i)throw Error(`Invalid path "${t}", "${r}" is missing or has no value`);r=o.shift()}if("function"!=typeof i[r])throw Error(`"${t}" is not a function`);const s=i[r];i[r]=n(s)})),e),Te=({pollingIntervalMs:e=1e3,timeoutMs:t=6e5}={})=>({pollingIntervalMs:Math.max(e||1e3,1e3),timeoutMs:Math.min(t||x,x)});var xe,Re;!function(e){e.sms="sms",e.voice="voice",e.whatsapp="whatsapp",e.im="im"}(xe||(xe={})),function(e){e.email="email"}(Re||(Re={}));const Ce=Object.assign(Object.assign({},xe),Re);var Ee;!function(e){e.waiting="waiting",e.running="running",e.completed="completed",e.failed="failed"}(Ee||(Ee={}));const $e=ke("loginId"),Pe=me(ke("token")),De=me($e),_e=me(ke("pendingRef")),Ae=me($e,Ie("email")),Le=e=>({verify:Pe((t=>te(e.post(S.enchantedLink.verify,{token:t})))),signIn:De(((n,o,r={},i)=>{var{providerId:s}=r,a=t(r,["providerId"]);return te(e.post(ee(S.enchantedLink.signIn,Ce.email),{loginId:n,URI:o,loginOptions:a,providerId:s},{token:i}))})),signUpOrIn:De(((n,o,r={})=>{var{providerId:i}=r,s=t(r,["providerId"]);return te(e.post(ee(S.enchantedLink.signUpOrIn,Ce.email),{loginId:n,URI:o,loginOptions:s,providerId:i}))})),signUp:De(((n,o,r,i={})=>{var{providerId:s}=i,a=t(i,["providerId"]);return te(e.post(ee(S.enchantedLink.signUp,Ce.email),{loginId:n,URI:o,user:r,loginOptions:a,providerId:s}))})),waitForSession:_e(((t,n)=>new Promise((o=>{const{pollingIntervalMs:r,timeoutMs:i}=Te(n);let s;const a=setInterval((async()=>{const n=await e.post(S.enchantedLink.session,{pendingRef:t});n.ok&&(clearInterval(a),s&&clearTimeout(s),o(te(Promise.resolve(n))))}),r);s=setTimeout((()=>{o({error:{errorDescription:`Session polling timeout exceeded: ${i}ms`,errorCode:"0"},ok:!1}),clearInterval(a)}),i)})))),update:{email:Ae(((t,n,o,r,i)=>te(e.post(S.enchantedLink.update.email,Object.assign({loginId:t,email:n,URI:o},i),{token:r}))))}}),Ne=me(ke("flowId")),qe=me(ke("executionId"),ke("stepId"),ke("interactionId")),Je=e=>({start:Ne(((t,n,o,r,i,s,a,c=!1)=>te(e.post(S.flow.start,{flowId:t,options:n,conditionInteractionId:o,interactionId:r,componentsVersion:i,flowVersions:s,input:a,isCustomScreen:c})))),next:qe(((t,n,o,r,i,s,a=!1)=>te(e.post(S.flow.next,{executionId:t,stepId:n,interactionId:o,version:r,componentsVersion:i,input:s,isCustomScreen:a}))))}),Ke=ke("loginId"),Me=me(ke("token")),Ve=me(Ke),Fe=me(Ke,Oe("phone")),He=me(Ke,Ie("email")),Be=Object.keys(Ce).filter((e=>e!==xe.voice&&e!==xe.im)),ze=e=>({verify:Me((t=>te(e.post(S.magicLink.verify,{token:t})))),signIn:Be.reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:Ve(((n,r,i={},s)=>{var{providerId:a}=i,c=t(i,["providerId"]);return te(e.post(ee(S.magicLink.signIn,o),{loginId:n,URI:r,loginOptions:c,providerId:a},{token:s}))}))})),{}),signUp:Be.reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:Ve(((n,r,i,s={})=>{var{providerId:a}=s,c=t(s,["providerId"]);return te(e.post(ee(S.magicLink.signUp,o),{loginId:n,URI:r,user:i,loginOptions:c,providerId:a}))}))})),{}),signUpOrIn:Be.reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:Ve(((n,r,i={})=>{var{providerId:s}=i,a=t(i,["providerId"]);return te(e.post(ee(S.magicLink.signUpOrIn,o),{loginId:n,URI:r,loginOptions:a,providerId:s}))}))})),{}),update:{email:He(((t,n,o,r,i)=>te(e.post(S.magicLink.update.email,Object.assign({loginId:t,email:n,URI:o},i),{token:r})))),phone:Object.keys(xe).filter((e=>e!==xe.voice)).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:Fe(((t,o,r,i,s)=>te(e.post(ee(S.magicLink.update.phone,n),Object.assign({loginId:t,phone:o,URI:r},s),{token:i}))))})),{})}});var Ze;!function(e){e.facebook="facebook",e.github="github",e.google="google",e.microsoft="microsoft",e.gitlab="gitlab",e.apple="apple",e.discord="discord",e.linkedin="linkedin",e.slack="slack"}(Ze||(Ze={}));const Ge=me(ke("code")),We=e=>({start:Object.assign(((t,n,o,r,i)=>te(e.post(S.oauth.start,o||{},{queryParams:Object.assign(Object.assign({provider:t},n&&{redirectURL:n}),i&&{loginHint:i}),token:r}))),Object.keys(Ze).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:(t,o,r,i)=>te(e.post(S.oauth.start,o||{},{queryParams:Object.assign(Object.assign({provider:n},t&&{redirectURL:t}),i&&{loginHint:i}),token:r}))})),{})),exchange:Ge((t=>te(e.post(S.oauth.exchange,{code:t})))),startNative:(t,n,o)=>te(e.post(S.oauth.startNative,{provider:t,loginOptions:n,implicit:o})),finishNative:(t,n,o,r,i)=>te(e.post(S.oauth.finishNative,{provider:t,stateId:n,user:o,code:r,idToken:i})),getOneTapClientId:t=>te(e.get(S.oauth.oneTap.getOneTapClientId.replace("{provider}",t))),verifyOneTapIDToken:(t,n,o,r)=>te(e.post(S.oauth.oneTap.verifyOneTapIDToken,{provider:t,idToken:n,nonce:o,loginOptions:r})),exchangeOneTapIDToken:(t,n,o,r)=>te(e.post(S.oauth.oneTap.exchangeOneTapIDToken,{provider:t,idToken:n,nonce:o,loginOptions:r}))}),Xe=ke("appId"),Ye=me(Xe),Qe=e=>({connect:Ye(((t,n,o)=>{const r=null==n?void 0:n.tenantId,i=null==n?void 0:n.tenantLevel;return null==n||delete n.tenantId,null==n||delete n.tenantLevel,te(e.post(S.outbound.connect,{appId:t,tenantId:r,tenantLevel:i,options:n},{token:o}))}))}),et=ke("loginId"),tt=me(et,ke("code")),nt=me(et),ot=me(et,Oe("phone")),rt=me(et,Ie("email")),it=e=>({verify:Object.keys(Ce).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:tt(((t,o)=>te(e.post(ee(S.otp.verify,n),{code:o,loginId:t}))))})),{}),signIn:Object.keys(Ce).reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:nt(((n,r={},i)=>{var{providerId:s}=r,a=t(r,["providerId"]);return te(e.post(ee(S.otp.signIn,o),{loginId:n,loginOptions:a,providerId:s},{token:i}))}))})),{}),signUp:Object.keys(Ce).reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:nt(((n,r,i={})=>{var{providerId:s}=i,a=t(i,["providerId"]);return te(e.post(ee(S.otp.signUp,o),{loginId:n,user:r,loginOptions:a,providerId:s}))}))})),{}),signUpOrIn:Object.keys(Ce).reduce(((n,o)=>Object.assign(Object.assign({},n),{[o]:nt(((n,r={})=>{var{providerId:i}=r,s=t(r,["providerId"]);return te(e.post(ee(S.otp.signUpOrIn,o),{loginId:n,loginOptions:s,providerId:i}))}))})),{}),update:{email:rt(((t,n,o,r)=>te(e.post(S.otp.update.email,Object.assign({loginId:t,email:n},r),{token:o})))),phone:Object.keys(xe).reduce(((t,n)=>Object.assign(Object.assign({},t),{[n]:ot(((t,o,r,i)=>te(e.post(ee(S.otp.update.phone,n),Object.assign({loginId:t,phone:o},i),{token:r}))))})),{})}}),st=me(ke("tenant")),at=me(ke("code")),ct=e=>({start:st(((t,n,o,r,i,s,a,c)=>te(e.post(S.saml.start,o||{},Object.assign({queryParams:Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({tenant:t},n&&{redirectURL:n}),i&&{ssoId:i}),s&&{forceAuthn:"true"}),a&&{loginHint:a}),c&&{initiatedEmail:t})},r&&{token:r}))))),exchange:at((t=>te(e.post(S.saml.exchange,{code:t}))))}),lt=ke("loginId"),dt=me(lt,ke("code")),ut=me(lt),pt=me(lt),gt=e=>({signUp:ut(((t,n)=>te(e.post(S.totp.signUp,{loginId:t,user:n})))),verify:dt(((t,n,o,r)=>te(e.post(S.totp.verify,{loginId:t,code:n,loginOptions:o},{token:r})))),update:pt(((t,n)=>te(e.post(S.totp.update,{loginId:t},{token:n}))))}),ht=ke("loginId"),vt=ke("newPassword"),ft=me(ht,ke("password")),wt=me(ht),mt=me(ht,vt),yt=me(ht,ke("oldPassword"),vt),bt=e=>({signUp:ft(((n,o,r,i={})=>{var{providerId:s}=i,a=t(i,["providerId"]);return te(e.post(S.password.signUp,{loginId:n,password:o,user:r,loginOptions:a,providerId:s}))})),signIn:ft(((n,o,r={})=>{var{providerId:i}=r,s=t(r,["providerId"]);return te(e.post(S.password.signIn,{loginId:n,password:o,loginOptions:s,providerId:i}))})),sendReset:wt(((t,n,o)=>te(e.post(S.password.sendReset,{loginId:t,redirectUrl:n,templateOptions:o})))),update:mt(((t,n,o)=>te(e.post(S.password.update,{loginId:t,newPassword:n},{token:o})))),replace:yt(((t,n,o)=>te(e.post(S.password.replace,{loginId:t,oldPassword:n,newPassword:o})))),policy:()=>te(e.get(S.password.policy))}),kt=ye("loginId"),It=ke("loginId"),Ot=ke("origin"),jt=me(It,Ot,ke("name")),St=me(It,Ot),Ut=me(kt,Ot),Tt=me(It,Ot,be("token")),xt=me(ke("transactionId"),ke("response")),Rt=e=>({signUp:{start:jt(((t,n,o,r)=>te(e.post(S.webauthn.signUp.start,{user:{loginId:t,name:o},origin:n,passkeyOptions:r})))),finish:xt(((t,n)=>te(e.post(S.webauthn.signUp.finish,{transactionId:t,response:n}))))},signIn:{start:Ut(((t,n,o,r,i)=>te(e.post(S.webauthn.signIn.start,{loginId:t,origin:n,loginOptions:o,passkeyOptions:i},{token:r})))),finish:xt(((t,n)=>te(e.post(S.webauthn.signIn.finish,{transactionId:t,response:n}))))},signUpOrIn:{start:St(((t,n,o)=>te(e.post(S.webauthn.signUpOrIn.start,{loginId:t,origin:n,passkeyOptions:o}))))},update:{start:Tt(((t,n,o,r)=>te(e.post(S.webauthn.update.start,{loginId:t,origin:n,passkeyOptions:r},{token:o})))),finish:xt(((t,n)=>te(e.post(S.webauthn.update.finish,{transactionId:t,response:n}))))}}),Ct=ye("loginId"),Et=me(Ct),$t=me(ke("pendingRef")),Pt=e=>({signUpOrIn:Et(((n,o={})=>{var{providerId:r}=o,i=t(o,["providerId"]);return te(e.post(S.notp.signUpOrIn,{loginId:n,loginOptions:i,providerId:r}))})),signUp:Et(((n,o,r={})=>{var{providerId:i}=r,s=t(r,["providerId"]);return te(e.post(S.notp.signUp,{loginId:n,user:o,providerId:i,loginOptions:s}))})),signIn:Et(((n,o={},r)=>{var{providerId:i}=o,s=t(o,["providerId"]);return te(e.post(S.notp.signIn,{loginId:n,loginOptions:s,providerId:i},{token:r}))})),waitForSession:$t(((t,n)=>new Promise((o=>{const{pollingIntervalMs:r,timeoutMs:i}=Te(n);let s;const a=setInterval((async()=>{const n=await e.post(S.notp.session,{pendingRef:t});n.ok&&(clearInterval(a),s&&clearTimeout(s),o(te(Promise.resolve(n))))}),r);s=setTimeout((()=>{o({error:{errorDescription:`Session polling timeout exceeded: ${i}ms`,errorCode:"0"},ok:!1}),clearInterval(a)}),i)}))))}),Dt=me(ke("token")),_t=me(be("token"));var At,Lt=me([(At=ke("projectId"),oe(((e,t)=>n=>ie(...t).validate(((e,t)=>{const n=(Array.isArray(t)?t.join("."):String(t)).replace(/\[\\?("|')?(\w|d)+\\?("|')?\]/g,((e,t,n)=>"."+n)).split("."),o=n.length;let r=0,i=e===Object(e)?e:void 0;for(;null!=i&&r<o;)i=i[n[r++]];return r&&r===o&&void 0!==i?i:void 0})(n,e)))("projectId",At))())])((e=>{const{projectId:t,logger:n,baseUrl:o,cookiePolicy:r,baseHeaders:i={},refreshCookieName:s,fetch:a}=e;return c=B({baseUrl:o,projectId:t,logger:n,hooks:{get beforeRequest(){var t;return null===(t=e.hooks)||void 0===t?void 0:t.beforeRequest},get afterRequest(){var t;return null===(t=e.hooks)||void 0===t?void 0:t.afterRequest},get transformResponse(){var t;return null===(t=e.hooks)||void 0===t?void 0:t.transformResponse}},cookiePolicy:r,baseConfig:{baseHeaders:i},refreshCookieName:s,fetch:a}),{accessKey:Se(c),otp:it(c),magicLink:ze(c),enchantedLink:Le(c),oauth:We(c),outbound:Qe(c),saml:ct(c),totp:gt(c),notp:Pt(c),webauthn:Rt(c),password:bt(c),flow:Je(c),refresh:_t(((e,t,n,o)=>{const r={};n&&(r.externalToken=n);const i=o?S.tryRefresh:S.refresh;return te(c.post(i,r,{token:e,queryParams:t}))})),selectTenant:me([pe("tenantId")],[fe('"token" must be string or undefined')])(((e,t)=>te(c.post(S.selectTenant,{tenant:e},{token:t})))),logout:_t((e=>te(c.post(S.logout,{},{token:e})))),logoutAll:_t((e=>te(c.post(S.logoutAll,{},{token:e})))),me:_t((e=>te(c.get(S.me,{token:e})))),myTenants:me([we('"tenants" must a string array or a boolean')],[fe('"token" must be string or undefined')])(((e,t)=>{const n={};return"boolean"==typeof e?n.dct=e:n.ids=e,te(c.post(S.myTenants,n,{token:t}))})),history:_t((e=>te(c.get(S.history,{token:e})))),isJwtExpired:Dt(W),getTenants:Dt(X),getJwtPermissions:Dt(Y),getJwtRoles:Dt(Q),getCurrentTenant:Dt(ne),httpClient:c};var c})),Nt=Object.assign(Lt,{DeliveryMethods:Ce});const qt=(...e)=>{console.debug(...e)},Jt=(...e)=>{console.warn(...e)},Kt=(e,t)=>{let n;var o;return t>0?(n=1e3*t,qt(`Using provided nextRefreshSeconds: ${t}s`)):n=((o=e)?o.getTime()-(new Date).getTime():0)-2e4,n>a&&(qt(`Timeout is too large (${n}ms), setting it to ${a}ms`),n=a),n};
2
2
  /*! js-cookie v3.0.5 | MIT */
3
- function Jt(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)e[o]=n[o]}return e}var Kt=function e(t,n){function o(e,o,r){if("undefined"!=typeof document){"number"==typeof(r=Jt({},n,r)).expires&&(r.expires=new Date(Date.now()+864e5*r.expires)),r.expires&&(r.expires=r.expires.toUTCString()),e=encodeURIComponent(e).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var i="";for(var s in r)r[s]&&(i+="; "+s,!0!==r[s]&&(i+="="+r[s].split(";")[0]));return document.cookie=e+"="+t.write(o,e)+i}}return Object.create({set:o,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var n=document.cookie?document.cookie.split("; "):[],o={},r=0;r<n.length;r++){var i=n[r].split("="),s=i.slice(1).join("=");try{var a=decodeURIComponent(i[0]);if(o[a]=t.read(s,a),e===a)break}catch(e){}}return e?o[e]:o}},remove:function(e,t){o(e,"",Jt({},t,{expires:-1}))},withAttributes:function(t){return e(this.converter,Jt({},this.attributes,t))},withConverter:function(t){return e(Jt({},this.converter,t),this.attributes)}},{attributes:{value:Object.freeze(n)},converter:{value:Object.freeze(t)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});const Mt="DS",Vt="DSR",Ft="DSI";function Ht(e,t,n){if(t){const{cookieDomain:o,cookiePath:r,cookieSameSite:i,cookieExpiration:s,cookieSecure:a}=n,c=new Date(1e3*s),l=Bt(o);Kt.set(e,t,{path:r,domain:l?o:void 0,expires:c,sameSite:i,secure:a})}}function Bt(e){const t=window.location.hostname.split("."),n=null==e?void 0:e.split(".");return t.slice(-(null==n?void 0:n.length)).join(".")===e}const zt=e=>(null==e?void 0:e.cookieName)||Mt,Zt=e=>(null==e?void 0:e.cookieName)||Vt;function Gt(e="",t){return Kt.get(Zt(t))||k(`${e}${Vt}`)||""}function Wt(e="",t){return Kt.get(zt(t))||k(`${e}${Mt}`)||""}function Xt(e=""){return k(`${e}${Ft}`)||""}function Yt(e="",t,n,o){O(`${e}${Vt}`),O(`${e}${Mt}`),O(`${e}${Ft}`);const r=zt(t);Kt.remove(r,null==o?void 0:o.session);const i=Zt(n);Kt.remove(i,null==o?void 0:o.refresh)}const Qt=(e,t)=>n=>{const o=Object.assign(n,{token:n.token||Gt(e,t)}),r=function(e=""){return k(`${e}DTD`)||""}(e);return r&&(o.headers=Object.assign(Object.assign({},o.headers||{}),{"x-descope-trusted-device-token":r})),o},en=s&&(null===localStorage||void 0===localStorage?void 0:localStorage.getItem("fingerprint.endpoint.url"))||"https://api.descope.com",tn="vsid",nn="vrid";var on={default:"endpoint"},rn="Blocked by CSP",sn="The endpoint parameter is not a valid URL",an="Failed to load the JS script of the agent",cn="9319";function ln(e,t){var n,o,r,i,s,a=[],c=(n=function(e){var t=function(e,t,n){if(n||2===arguments.length)for(var o,r=0,i=t.length;r<i;r++)!o&&r in t||(o||(o=Array.prototype.slice.call(t,0,r)),o[r]=t[r]);return e.concat(o||Array.prototype.slice.call(t))}([],e,!0);return{current:function(){return t[0]},postpone:function(){var e=t.shift();void 0!==e&&t.push(e)},exclude:function(){t.shift()}}}(e),i=0,o=function(){return Math.random()*Math.min(3e3,100*Math.pow(2,i++))},r=new Set,[n.current(),function(e,t){var i,s=t instanceof Error?t.message:"";if(s===rn||s===sn)n.exclude(),i=0;else if(s===cn)n.exclude();else if(s===an){var a=Date.now()-e.getTime()<50,c=n.current();c&&a&&!r.has(c)&&(r.add(c),i=0),n.postpone()}else n.postpone();var l=n.current();return void 0===l?void 0:[l,null!=i?i:e.getTime()+o()-Date.now()]}]),l=c[0],d=c[1];if(void 0===l)return Promise.reject(new TypeError("The list of script URL patterns is empty"));var u=function(e){var n=new Date,o=function(t){return a.push({url:e,startedAt:n,finishedAt:new Date,error:t})},r=t(e);return r.then((function(){return o()}),o),r.catch((function(e){if(null!=s||(s=e),a.length>=5)throw s;var t=d(n,e);if(!t)throw s;var o,r=t[0],i=t[1];return(o=i,new Promise((function(e){return setTimeout(e,o)}))).then((function(){return u(r)}))}))};return u(l).then((function(e){return[e,a]}))}var dn="https://fpnpmcdn.net/v<version>/<apiKey>/loader_v<loaderVersion>.js",un=dn;function pn(n){var o;n.scriptUrlPattern;var r=n.token,i=n.apiKey,s=void 0===i?r:i,a=t(n,["scriptUrlPattern","token","apiKey"]),c=null!==(o=function(e,t){return function(e,t){return Object.prototype.hasOwnProperty.call(e,t)}(e,t)?e[t]:void 0}(n,"scriptUrlPattern"))&&void 0!==o?o:dn,l=function(){var e=[],t=function(){e.push({time:new Date,state:document.visibilityState})},n=function(e,t,n,o){return e.addEventListener(t,n,o),function(){return e.removeEventListener(t,n,o)}}(document,"visibilitychange",t);return t(),[e,n]}(),d=l[0],u=l[1];return Promise.resolve().then((function(){if(!s||"string"!=typeof s)throw new Error("API key required");var e=function(e,t){return(Array.isArray(e)?e:[e]).map((function(e){return function(e,t){var n=encodeURIComponent;return e.replace(/<[^<>]+>/g,(function(e){return"<version>"===e?"3":"<apiKey>"===e?n(t):"<loaderVersion>"===e?n("3.11.6"):e}))}(String(e),t)}))}(c,s);return ln(e,gn)})).catch((function(e){throw u(),function(e){return e instanceof Error&&e.message===cn?new Error(an):e}(e)})).then((function(t){var n=t[0],o=t[1];return u(),n.load(e(e({},a),{ldi:{attempts:o,visibilityStates:d}}))}))}function gn(e){return function(e,t,n){var o,r=document,i="securitypolicyviolation",s=function(t){var n=new URL(e,location.href),r=t.blockedURI;r!==n.href&&r!==n.protocol.slice(0,-1)&&r!==n.origin||(o=t,a())};r.addEventListener(i,s);var a=function(){return r.removeEventListener(i,s)};return Promise.resolve().then(t).then((function(e){return a(),e}),(function(e){return new Promise((function(e){var t=new MessageChannel;t.port1.onmessage=function(){return e()},t.port2.postMessage(null)})).then((function(){if(a(),o)return n(o);throw e}))}))}(e,(function(){return function(e){return new Promise((function(t,n){if(function(e){if(URL.prototype)try{return new URL(e,location.href),!1}catch(e){if(e instanceof Error&&"TypeError"===e.name)return!0;throw e}}(e))throw new Error(sn);var o=document.createElement("script"),r=function(){var e;return null===(e=o.parentNode)||void 0===e?void 0:e.removeChild(o)},i=document.head||document.getElementsByTagName("head")[0];o.onload=function(){r(),t()},o.onerror=function(){r(),n(new Error(an))},o.async=!0,o.src=e,i.appendChild(o)}))}(e)}),(function(){throw new Error(rn)})).then(hn)}function hn(){var e=window,t="__fpjs_p_l_b",n=e[t];if(function(e,t){var n,o=null===(n=Object.getOwnPropertyDescriptor)||void 0===n?void 0:n.call(Object,e,t);(null==o?void 0:o.configurable)?delete e[t]:o&&!o.writable||(e[t]=void 0)}(e,t),"function"!=typeof(null==n?void 0:n.load))throw new Error(cn);return n}const vn=(e=!1)=>{const t=k("fp");if(!t)return null;const n=JSON.parse(t);return(new Date).getTime()>n.expiry&&!e?null:n.value},fn=async(e,t=en)=>{try{if(vn())return;const n=(Date.now().toString(36)+Math.random().toString(36).substring(2)+Math.random().toString(36).substring(2)).substring(0,27),o=new URL(t);o.pathname="/fXj8gt3x8VulJBna/x96Emn69oZwcd7I6";const r=new URL(t);r.pathname="/fXj8gt3x8VulJBna/w78aRZnnDZ3Aqw0I";const i=r.toString()+"?apiKey=<apiKey>&version=<version>&loaderVersion=<loaderVersion>",s=pn({apiKey:e,endpoint:[o.toString(),on],scriptUrlPattern:[i,un]}),a=await s,{requestId:c}=await a.get({linkedId:n}),l=((e,t)=>({[tn]:e,[nn]:t}))(n,c);(e=>{const t={value:e,expiry:(new Date).getTime()+864e5};I("fp",JSON.stringify(t))})(l)}catch(e){console.warn("Could not load fingerprint",e)}},wn=e=>{const t=vn(!0);return t&&e.body&&(e.body.fpData=t),e},mn="descopeFlowNonce",yn="X-Descope-Flow-Nonce",bn="/v1/flow/start",In="/v1/flow/next",kn=(e,t=mn)=>`${t}${e}`,On=(e,t=mn)=>{try{const n=kn(e,t);O(n)}catch(e){console.error("Error removing flow nonce:",e)}},jn=e=>{var t;return(null===(t=/.*\|#\|(.*)/.exec(e))||void 0===t?void 0:t[1])||null},Sn=e=>{var t;return e.path===In&&(null===(t=e.body)||void 0===t?void 0:t.executionId)?jn(e.body.executionId):null},Un="dls_last_user_login_id",Tn="dls_last_user_display_name",xn=e=>I(Un,e),Rn=()=>k(Un),Cn=()=>k(Tn),En=e=>async(...t)=>{var n;t[1]=t[1]||{};const[,o={}]=t,r=Rn(),i=Cn();r&&(null!==(n=o.lastAuth)&&void 0!==n||(o.lastAuth={}),o.lastAuth.loginId=r,o.lastAuth.name=i);return await e(...t)},Pn=e=>t=>async(...n)=>{const o=await t(...n);return e||(O(Un),O(Tn)),o};function $n(){const e=[];return{pub:t=>{e.forEach((e=>e(t)))},sub:t=>{const n=e.push(t)-1;return()=>e.splice(n,1)}}}const _n=(e,t,n,o)=>r=>async(...i)=>{const s=await r(...i);return Yt(e,t,n,null==o?void 0:o()),s};async function Dn(e){const t=function(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=Kn(n.publicKey.challenge),n.publicKey.user.id=Kn(n.publicKey.user.id),null===(t=n.publicKey.excludeCredentials)||void 0===t||t.forEach((e=>{e.id=Kn(e.id)})),n}(e),n=await navigator.credentials.create(t);return o=n,JSON.stringify({id:o.id,rawId:Mn(o.rawId),type:o.type,response:{attestationObject:Mn(o.response.attestationObject),clientDataJSON:Mn(o.response.clientDataJSON)}});var o}async function An(e){const t=Nn(e);return Jn(await navigator.credentials.get(t))}async function Ln(e,t){const n=Nn(e);n.signal=t.signal,n.mediation="conditional";return Jn(await navigator.credentials.get(n))}async function qn(e=!1){var t,n;if(!s)return Promise.resolve(!1);if(m()){const e=null===(n=null===(t=window.descopeBridge)||void 0===t?void 0:t.hostInfo)||void 0===n?void 0:n.webauthn;if("boolean"==typeof e)return e}const o=!!(window.PublicKeyCredential&&navigator.credentials&&navigator.credentials.create&&navigator.credentials.get);return o&&e&&PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable():o}function Nn(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=Kn(n.publicKey.challenge),null===(t=n.publicKey.allowCredentials)||void 0===t||t.forEach((e=>{e.id=Kn(e.id)})),n}function Jn(e){return JSON.stringify({id:e.id,rawId:Mn(e.rawId),type:e.type,response:{authenticatorData:Mn(e.response.authenticatorData),clientDataJSON:Mn(e.response.clientDataJSON),signature:Mn(e.response.signature),userHandle:e.response.userHandle?Mn(e.response.userHandle):void 0}})}function Kn(e){const t=e.replace(/_/g,"/").replace(/-/g,"+");return Uint8Array.from(atob(t),(e=>e.charCodeAt(0))).buffer}function Mn(e){return btoa(String.fromCharCode.apply(null,new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=/g,"")}var Vn,Fn=(Vn=e=>({async signUp(t,n,o){const r=await e.webauthn.signUp.start(t,window.location.origin,n,o);if(!r.ok)return r;const i=await Dn(r.data.options);return await e.webauthn.signUp.finish(r.data.transactionId,i)},async signIn(t,n){const o=await e.webauthn.signIn.start(t,window.location.origin,void 0,void 0,n);if(!o.ok)return o;const r=await An(o.data.options);return await e.webauthn.signIn.finish(o.data.transactionId,r)},async signUpOrIn(t,n){var o;const r=await e.webauthn.signUpOrIn.start(t,window.location.origin,n);if(!r.ok)return r;if(null===(o=r.data)||void 0===o?void 0:o.create){const t=await Dn(r.data.options);return await e.webauthn.signUp.finish(r.data.transactionId,t)}{const t=await An(r.data.options);return await e.webauthn.signIn.finish(r.data.transactionId,t)}},async update(t,n,o){const r=await e.webauthn.update.start(t,window.location.origin,n,o);if(!r.ok)return r;const i=await Dn(r.data.options);return await e.webauthn.update.finish(r.data.transactionId,i)},helpers:{create:Dn,get:An,isSupported:qn,conditional:Ln}}),(...e)=>{const t=Vn(...e);return Object.assign(t.signUp,e[0].webauthn.signUp),Object.assign(t.signIn,e[0].webauthn.signIn),Object.assign(t.signUpOrIn,e[0].webauthn.signUpOrIn),Object.assign(t.update,e[0].webauthn.update),t});const Hn={config:"/fedcm/config"},Bn=()=>{if(window.crypto&&window.crypto.getRandomValues){const e=new Uint8Array(16);return window.crypto.getRandomValues(e),Array.from(e,(e=>e.toString(16).padStart(2,"0"))).join("")}return Math.random().toString(36).substring(2)};async function zn(e,t){var n;try{await Zn(e,t)}catch(e){null===(n=null==t?void 0:t.onFailed)||void 0===n||n.call(t,e)}}async function Zn(e,t){var n,o;const r=await async function(e,t="google",n,o,r){const i=Bn(),s=await async function(){return new Promise(((e,t)=>{if(window.google)return void e(window.google.accounts.id);let n=document.getElementById("google-gsi-client-script");n||(n=document.createElement("script"),document.head.appendChild(n),n.async=!0,n.defer=!0,n.id="google-gsi-client-script",n.src="https://accounts.google.com/gsi/client"),n.onload=function(){window.google?e(window.google.accounts.id):t("Failed to load Google GSI client script - not loaded properly")},n.onerror=function(){t("Failed to load Google GSI client script - failed to load")}}))}(),a=await e.oauth.getOneTapClientId(t);if(!a.ok)throw new Error("Failed to get OneTap client ID for provider "+t);const c=a.data.clientId;return new Promise((e=>{var a,l;const d=n=>{e({provider:t,nonce:i,credential:null==n?void 0:n.credential})};s.initialize(Object.assign(Object.assign({},n),{itp_support:null===(a=null==n?void 0:n.itp_support)||void 0===a||a,use_fedcm_for_prompt:null===(l=null==n?void 0:n.use_fedcm_for_prompt)||void 0===l||l,client_id:c,callback:d,nonce:i})),s.prompt((e=>{var t,n;if(r&&(null==e?void 0:e.isDismissedMoment())){const n=null===(t=e.getDismissedReason)||void 0===t?void 0:t.call(e);return null==r||r(n),void d()}if(o&&(null==e?void 0:e.isSkippedMoment())){const t=null===(n=e.getSkippedReason)||void 0===n?void 0:n.call(e);return null==o||o(t),void d()}}))}))}(e,t.provider,t.oneTapConfig,t.onSkipped,t.onDismissed);if(!r.credential)return null;if(null==t?void 0:t.onCodeReceived){const o=await e.oauth.verifyOneTapIDToken(r.provider,r.credential,r.nonce,null==t?void 0:t.loginOptions);if(!o.ok||!o.data)throw new Error("Failed to verify OneTap client ID for provider "+r.provider);null===(n=null==t?void 0:t.onCodeReceived)||void 0===n||n.call(t,o.data.code)}else{const n=await e.oauth.exchangeOneTapIDToken(r.provider,r.credential,r.nonce,null==t?void 0:t.loginOptions);if(!n.ok||!n.data)throw new Error("Failed to exchange OneTap client ID for provider "+r.provider);null===(o=null==t?void 0:t.onAuthenticated)||void 0===o||o.call(t,n.data)}}var Gn=e=>Object.assign(Object.assign({},e.flow),{start:async(...t)=>{const n=await qn(),o=Object.assign(Object.assign({location:window.location.href},t[1]),{deviceInfo:{webAuthnSupport:n},startOptionsVersion:1});return t[1]=o,e.flow.start(...t)}});let Wn;const Xn=(e,t)=>new Promise(((n,o)=>{if(!e.length)return o(new Error("No URLs provided to loadScriptWithFallback"));const r=t();if(r)return n(r);const i=e.shift(),s=document.createElement("script");s.src=i,s.id=(e=>{let t=0;for(let n=0;n<e.length;n++)t=(t<<5)-t+e.charCodeAt(n),t|=0;return Math.abs(t).toString(16)})(i),s.onload=()=>{const e=t();if(e)return n(e);throw new Error("Could not get entry after loading script from URL")},s.addEventListener("error",(()=>{Xn(e,t),s.setAttribute("data-error","true")})),document.body.appendChild(s)}));const Yn=async(e,t,n)=>{Wn||(Wn=(async()=>{try{return require("oidc-client-ts")}catch(e){return Xn([c,l],(()=>window.oidc))}})());const{OidcClient:o,WebStorageStateStore:r}=await Wn;if(!o)throw new Error("oidc-client-ts is not installed. Please install it by running `npm install oidc-client-ts`");const i=(null==n?void 0:n.redirectUri)||window.location.href;let s,a,d,u;if(null==n?void 0:n.issuer){if(!n.clientId)throw new Error("clientId is required when providing a custom issuer/authority");s=n.issuer,a=n.clientId,d=`${a}_user`,u="openid"}else(null==n?void 0:n.applicationId)?(s=e.httpClient.buildUrl(t),s=`${s}/${n.applicationId}`,a=t,d=`${a}_user`,u="openid email roles descope.custom_claims offline_access"):(s=e.httpClient.buildUrl(t),a=t,d=`${a}_user`,u="openid email roles descope.custom_claims offline_access");const p={authority:s,client_id:a,redirect_uri:i,response_type:"code",scope:(null==n?void 0:n.scope)||u,stateStore:new r({store:window.localStorage,prefix:a}),loadUserInfo:!0,fetchRequestCredentials:"same-origin"};return(null==n?void 0:n.redirectUri)&&(p.redirect_uri=n.redirectUri),{client:new o(p),stateUserKey:d}},Qn=(e,t,n)=>{const o=async()=>{let o,r;return o&&r||({client:o,stateUserKey:r}=await Yn(e,t,n)),{client:o,stateUserKey:r}},r=async(t="")=>{var n;const{client:r,stateUserKey:i}=await o(),s=await r.processSigninResponse(t||window.location.href);var a;return await(null===(n=e.httpClient.hooks)||void 0===n?void 0:n.afterRequest({},new Response(JSON.stringify(s)))),I(i,JSON.stringify({id_token:(a=s).id_token,session_state:a.session_state,profile:a.profile})),(()=>{const e=new URL(window.location.href);e.searchParams.delete("code"),e.searchParams.delete("state"),window.history.replaceState({},document.title,e.toString())})(),s};return{loginWithRedirect:async(e={},t=!1)=>{const{client:n}=await o(),r=await n.createSigninRequest(e),{url:i}=r;return t||(window.location.href=i),{ok:!0,data:r}},finishLogin:r,finishLoginIfNeed:async(e="")=>{if(window.location.search.includes("code")&&window.location.search.includes("state"))return await r(e)},refreshToken:async t=>{var n;const{client:r,stateUserKey:i}=await o(),s=(e=>{const t=k(e);return t?JSON.parse(t):null})(i);if(!s)throw new Error("User not found in storage to refresh token");let a=t;if(!a){const t={};e.httpClient.hooks.beforeRequest(t),a=t.token}const c=await r.useRefreshToken({state:{refresh_token:a,session_state:s.session_state,profile:s.profile}});return await(null===(n=e.httpClient.hooks)||void 0===n?void 0:n.afterRequest({},new Response(JSON.stringify(c)))),c},logout:async(e,t=!1)=>{const{client:n,stateUserKey:r}=await o();e||(e={}),e.id_token_hint=e.id_token_hint||Xt(),e.post_logout_redirect_uri=e.post_logout_redirect_uri||window.location.href;const i=await n.createSignoutRequest(e),{url:s}=i;return O(r),t||window.location.replace(s),i}}},eo=function(...e){return t=>e.reduce(((e,t)=>t(e)),t)}((e=>t=>{var n;return n=t.customStorage,u=n,e(t)}),(e=>n=>{var{fpKey:o,fpLoad:r}=n,i=t(n,["fpKey","fpLoad"]);return s?(o&&r&&fn(o).catch((()=>null)),e(f(i,{beforeRequest:wn}))):e(i)}),(e=>n=>{var{autoRefresh:o}=n,i=t(n,["autoRefresh"]);if(!o||m())return e(i);const{clearAllTimers:a,setTimer:c}=(()=>{const e=[];return{clearAllTimers:()=>{for(;e.length;)clearTimeout(e.pop())},setTimer:(t,n)=>{e.push(setTimeout(t,n))}}})();let l,d;s&&document.addEventListener("visibilitychange",(()=>{"visible"===document.visibilityState&&l&&new Date>l&&(Lt("Expiration time passed, refreshing session"),u.refresh(Gt()||d))}));const u=e(f(i,{afterRequest:async(e,t)=>{const{sessionJwt:n,refreshJwt:o,sessionExpiration:i,nextRefreshSeconds:p}=await w(t);if(y(e,t))Lt("Session invalidated, canceling all timers"),a();else if(n||i){if(l=((e,t)=>{if(t)return new Date(1e3*t);Lt("Could not extract expiration time from session token, trying to decode the token");try{const t=r(e);if(t.exp)return new Date(1e3*t.exp)}catch(e){return null}})(n,i),!l)return void Lt("Could not extract expiration time from session token");d=o;const e=Nt(l,p);if(a(),e<=2e4)return void Lt("Session is too close to expiration, not setting refresh timer");const t=new Date(Date.now()+e).toLocaleTimeString("en-US",{hour12:!1});Lt(`Setting refresh timer for ${t}. (${e}ms)`),c((()=>{s&&"hidden"===document.visibilityState?Lt("Skipping refresh due to timer - document is hidden"):(Lt("Refreshing session due to timer"),u.refresh(Gt()||o))}),e)}}}));return je(u,["logout","logoutAll","oidc.logout"],(e=>async(...t)=>{const n=await e(...t);return Lt("Clearing all timers"),a(),n}))}),(e=>t=>e(Object.assign(Object.assign({},t),{baseHeaders:Object.assign({"x-descope-sdk-name":"web-js","x-descope-sdk-version":"1.45.0"},t.baseHeaders)}))),(e=>t=>{const n=$n(),o=$n(),r=$n(),i=$n(),s=e(f(t,{afterRequest:async(e,t)=>{if(y(e,t))Lt("Session invalidated, notifying subscribers with empty values"),o.pub(null),r.pub(null),n.pub(null),i.pub(null);else{const e=await(async e=>{const t=await w(e);return(null==t?void 0:t.user)||((null==t?void 0:t.hasOwnProperty("userId"))?t:void 0)})(t);e&&r.pub(e);const{sessionJwt:s,sessionExpiration:a,claims:c}=await w(t);s&&o.pub(s),c&&i.pub(c),(a||s)&&n.pub(a||42)}}})),a=je(s,["logout","logoutAll","oidc.logout"],(e=>async(...t)=>{const s=await e(...t);return o.pub(null),r.pub(null),n.pub(null),i.pub(null),s}));return Object.assign(a,{onSessionTokenChange:o.sub,onUserChange:r.sub,onClaimsChange:i.sub,onIsAuthenticatedChange:e=>n.sub((t=>{e(!!t)}))})}),(e=>n=>{const{enableFlowNonce:o=!0,nonceStoragePrefix:r=mn}=n,i=t(n,["enableFlowNonce","nonceStoragePrefix"]);if(!o)return e(i);((e=mn)=>{try{if(!b)return;for(let r=0;r<(t=void 0,n=void 0,o=void 0,null!==(o=null!==(t=null==u?void 0:u.length)&&void 0!==t?t:s&&(null===(n=window.localStorage)||void 0===n?void 0:n.length))&&void 0!==o?o:0);r++){const t=j(r);if(t&&t.startsWith(e)){const e=k(t);if(e)try{JSON.parse(e).expiry<Date.now()&&O(t)}catch(e){O(t)}}}}catch(e){console.error("Error cleaning up expired nonces:",e)}var t,n,o})(r);return e(f(i,{afterRequest:async(e,t)=>{if(e.path!==bn&&e.path!==In)return;const{nonce:n,executionId:o}=await(async(e,t)=>{try{const n=t.headers.get(yn);let o=await t.clone().json().then((e=>(null==e?void 0:e.executionId)||null)).catch((()=>null));return o||(o=Sn(e)),{nonce:n,executionId:jn(o)}}catch(e){return{nonce:null,executionId:null}}})(e,t);if(n&&o){((e,t,n,o=mn)=>{try{const r=kn(e,o),i=n?172800:10800,s={value:t,expiry:Date.now()+1e3*i,isStart:n};I(r,JSON.stringify(s))}catch(e){console.error("Error setting flow nonce:",e)}})(o,n,e.path===bn,r)}},beforeRequest:e=>{if(e.path===In){const t=Sn(e);if(t){const n=((e,t=mn)=>{try{const n=kn(e,t),o=k(n);if(!o)return null;const r=JSON.parse(o);return r.expiry<Date.now()?(On(e,t),null):r.value}catch(e){return console.error("Error getting flow nonce:",e),null}})(t,r);n&&(e.headers=e.headers||{},e.headers[yn]=n)}}return e}}))}),(e=>n=>{var{storeLastAuthenticatedUser:o=!0,keepLastAuthenticatedUserAfterLogout:r=!1}=n,i=t(n,["storeLastAuthenticatedUser","keepLastAuthenticatedUserAfterLogout"]);if(!o)return Object.assign(e(i),{getLastUserLoginId:Rn,getLastUserDisplayName:Cn});const s=e(f(i,{afterRequest:async(e,t)=>{var n;const{userInfo:o,lastAuth:r}=await(async e=>{if(!(null==e?void 0:e.ok))return{userInfo:void 0,lastAuth:void 0};const t=await(null==e?void 0:e.clone().json()),n=v((null==t?void 0:t.authInfo)||t||{});return{userInfo:(null==n?void 0:n.user)||((null==n?void 0:n.hasOwnProperty("userId"))?n:void 0),lastAuth:t.lastAuth}})(t),i=null===(n=null==o?void 0:o.loginIds)||void 0===n?void 0:n[0],s=null==o?void 0:o.name;i?(xn(i),(e=>{I(Tn,e)})(s)):(null==r?void 0:r.loginId)&&xn(r.loginId)}}));let a=je(s,["flow.start"],En);return a=je(a,["logout","logoutAll"],Pn(r)),Object.assign(a,{getLastUserLoginId:Rn,getLastUserDisplayName:Cn})}),(e=>n=>{var{persistTokens:o,sessionTokenViaCookie:r,refreshTokenViaCookie:i,storagePrefix:a}=n,c=t(n,["persistTokens","sessionTokenViaCookie","refreshTokenViaCookie","storagePrefix"]);if(!o||!s)return e(c);let l;const d=e(f(c,{beforeRequest:Qt(a,i),afterRequest:async(e,t)=>{if(y(e,t))Lt("Session invalidated, clearing persisted tokens"),Yt(a,r,i,l);else{const e=((e={},t=!1,n="",o=!1)=>{var r,i,s,a;const{sessionJwt:c,refreshJwt:l,trustedDeviceJwt:d}=e;let u;if(l)if(o){O(`${n}${Vt}`);const t=o.sameSite||"Strict",s=null===(r=o.secure)||void 0===r||r,a=null!==(i=o.domain)&&void 0!==i?i:e.cookieDomain,c=Zt(o);s&&"https:"!==window.location.protocol&&qt("Refresh token cookie is configured with secure=true but the page is not using HTTPS. The cookie will not be set. To fix this, pass refreshTokenViaCookie: { secure: process.env['NODE_ENV'] !== 'development' }");const d=Object.assign(Object.assign({},e),{cookieSameSite:t,cookieSecure:s,cookieDomain:a});Ht(c,l,d);const p=Bt(a);u=Object.assign(Object.assign({},u),{refresh:{path:d.cookiePath,domain:p?a:void 0}})}else{const e=Zt(o);Kt.remove(e),I(`${n}${Vt}`,l)}if(c)if(t){const n=t.sameSite||"Strict",o=null===(s=t.secure)||void 0===s||s,r=null!==(a=t.domain)&&void 0!==a?a:e.cookieDomain,i=zt(t);o&&"https:"!==window.location.protocol&&qt("Session token cookie is configured with secure=true but the page is not using HTTPS. The cookie will not be set. To fix this, pass sessionTokenViaCookie: { secure: process.env['NODE_ENV'] !== 'development' }");const l=Object.assign(Object.assign({},e),{cookieSameSite:n,cookieSecure:o,cookieDomain:r});Ht(i,c,l);const d=Bt(r);u=Object.assign(Object.assign({},u),{session:{path:l.cookiePath,domain:d?r:void 0}})}else I(`${n}${Mt}`,c);return e.idToken&&I(`${n}${Ft}`,e.idToken),d&&I(`${n}DTD`,d),u})(await w(t),r,a,i);e&&(l=e)}}})),u=je(d,["logout","logoutAll","oidc.logout"],_n(a,r,i,(()=>l)));return Object.assign(u,{getRefreshToken:()=>Gt(a,i),getSessionToken:()=>Wt(a,r),getIdToken:()=>Xt(a)})}))((e=>{const t=At(e),n=Qn(t,e.projectId,e.oidcConfig);return Object.assign(Object.assign({},t),{refresh:async(o,r)=>{var i;if(m())return Lt(`Refresh called in native flow: ${(new Error).stack}`),Promise.resolve({ok:!1,error:{errorCode:"J171000",errorDescription:"Refresh is not supported in native flows via the web SDK"}});if(e.oidcConfig)try{return await n.refreshToken(o),Promise.resolve({ok:!0})}catch(e){return Promise.resolve({ok:!1,error:{errorCode:"J161001",errorDescription:e.toString()}})}const s=Wt(),a=Gt();let c="";if(e.getExternalToken)try{c=await(null===(i=e.getExternalToken)||void 0===i?void 0:i.call(e))}catch(e){Lt("Error getting external token while refreshing",e)}return t.refresh(o,{dcs:s?"t":"f",dcr:a?"t":"f"},c,r)},logout:async o=>{if(e.oidcConfig)try{return await n.logout({id_token_hint:o}),Promise.resolve({ok:!0})}catch(e){return Promise.resolve({ok:!1,error:{errorCode:"J161000",errorDescription:e.toString()}})}return t.logout(o)},flow:Gn(t),webauthn:Fn(t),fedcm:(o=t,r=e.projectId,{onetap:{requestExchangeCode(e){zn(o,e)},requestAuthentication(e){zn(o,e)}},async oneTap(e,t,n,r,i){await Zn(o,{provider:e,oneTapConfig:t,loginOptions:n,onSkipped:r,onDismissed:i})},async launch(e){var t;const n={identity:{context:e||"signin",providers:[{configURL:o.httpClient.buildUrl(r+Hn.config),clientId:r}]}},i=await(null===(t=navigator.credentials)||void 0===t?void 0:t.get(n));return o.refresh(i.token)},isSupported:()=>s&&"IdentityCredential"in window,async isLoggedIn(e){var t;const n=o.httpClient.buildUrl(r+Hn.config);try{const o={identity:{context:e||"signin",providers:[{configURL:n,clientId:r}]}},i=await(null===(t=navigator.credentials)||void 0===t?void 0:t.get(o));return!!i&&!!i.token}catch(e){return!1}}}),oidc:n});var o,r}));return eo.REFRESH_TOKEN_KEY=Vt,eo.SESSION_TOKEN_KEY=Mt,eo}));
3
+ function Mt(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)e[o]=n[o]}return e}var Vt=function e(t,n){function o(e,o,r){if("undefined"!=typeof document){"number"==typeof(r=Mt({},n,r)).expires&&(r.expires=new Date(Date.now()+864e5*r.expires)),r.expires&&(r.expires=r.expires.toUTCString()),e=encodeURIComponent(e).replace(/%(2[346B]|5E|60|7C)/g,decodeURIComponent).replace(/[()]/g,escape);var i="";for(var s in r)r[s]&&(i+="; "+s,!0!==r[s]&&(i+="="+r[s].split(";")[0]));return document.cookie=e+"="+t.write(o,e)+i}}return Object.create({set:o,get:function(e){if("undefined"!=typeof document&&(!arguments.length||e)){for(var n=document.cookie?document.cookie.split("; "):[],o={},r=0;r<n.length;r++){var i=n[r].split("="),s=i.slice(1).join("=");try{var a=decodeURIComponent(i[0]);if(o[a]=t.read(s,a),e===a)break}catch(e){}}return e?o[e]:o}},remove:function(e,t){o(e,"",Mt({},t,{expires:-1}))},withAttributes:function(t){return e(this.converter,Mt({},this.attributes,t))},withConverter:function(t){return e(Mt({},this.converter,t),this.attributes)}},{attributes:{value:Object.freeze(n)},converter:{value:Object.freeze(t)}})}({read:function(e){return'"'===e[0]&&(e=e.slice(1,-1)),e.replace(/(%[\dA-F]{2})+/gi,decodeURIComponent)},write:function(e){return encodeURIComponent(e).replace(/%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,decodeURIComponent)}},{path:"/"});const Ft="DS",Ht="DSR",Bt="DSI",zt="DSRCN";function Zt(e,t,n){if(t){const{cookieDomain:o,cookiePath:r,cookieSameSite:i,cookieExpiration:s,cookieSecure:a}=n,c=new Date(1e3*s),l=Gt(o);Vt.set(e,t,{path:r,domain:l?o:void 0,expires:c,sameSite:i,secure:a})}}function Gt(e){const t=window.location.hostname.split("."),n=null==e?void 0:e.split(".");return t.slice(-(null==n?void 0:n.length)).join(".")===e}const Wt=e=>(null==e?void 0:e.cookieName)||Ft,Xt=e=>(null==e?void 0:e.cookieName)||Ht;function Yt(e="",t){return Vt.get(Xt(t))||I(`${e}${Ht}`)||""}function Qt(e="",t){return Vt.get(Wt(t))||I(`${e}${Ft}`)||""}function en(e=""){return I(`${e}${Bt}`)||""}function tn(e="",t,n,o){O(`${e}${Ht}`),O(`${e}${Ft}`),O(`${e}${Bt}`),O(`${e}${zt}`);const r=Wt(t);Vt.remove(r,null==o?void 0:o.session);const i=Xt(n);Vt.remove(i,null==o?void 0:o.refresh)}const nn=(e,t,n)=>o=>{const r=Object.assign(o,{token:o.token||Yt(e,t)});if(!n){const t=function(e=""){return I(`${e}${zt}`)}(e);t&&(r.headers=Object.assign(Object.assign({},r.headers||{}),{"x-descope-refresh-cookie-name":t}))}const i=function(e=""){return I(`${e}DTD`)||""}(e);return i&&(r.headers=Object.assign(Object.assign({},r.headers||{}),{"x-descope-trusted-device-token":i})),r},on=s&&(null===localStorage||void 0===localStorage?void 0:localStorage.getItem("fingerprint.endpoint.url"))||"https://api.descope.com",rn="vsid",sn="vrid";var an={default:"endpoint"},cn="Blocked by CSP",ln="The endpoint parameter is not a valid URL",dn="Failed to load the JS script of the agent",un="9319";function pn(e,t){var n,o,r,i,s,a=[],c=(n=function(e){var t=function(e,t,n){if(n||2===arguments.length)for(var o,r=0,i=t.length;r<i;r++)!o&&r in t||(o||(o=Array.prototype.slice.call(t,0,r)),o[r]=t[r]);return e.concat(o||Array.prototype.slice.call(t))}([],e,!0);return{current:function(){return t[0]},postpone:function(){var e=t.shift();void 0!==e&&t.push(e)},exclude:function(){t.shift()}}}(e),i=0,o=function(){return Math.random()*Math.min(3e3,100*Math.pow(2,i++))},r=new Set,[n.current(),function(e,t){var i,s=t instanceof Error?t.message:"";if(s===cn||s===ln)n.exclude(),i=0;else if(s===un)n.exclude();else if(s===dn){var a=Date.now()-e.getTime()<50,c=n.current();c&&a&&!r.has(c)&&(r.add(c),i=0),n.postpone()}else n.postpone();var l=n.current();return void 0===l?void 0:[l,null!=i?i:e.getTime()+o()-Date.now()]}]),l=c[0],d=c[1];if(void 0===l)return Promise.reject(new TypeError("The list of script URL patterns is empty"));var u=function(e){var n=new Date,o=function(t){return a.push({url:e,startedAt:n,finishedAt:new Date,error:t})},r=t(e);return r.then((function(){return o()}),o),r.catch((function(e){if(null!=s||(s=e),a.length>=5)throw s;var t=d(n,e);if(!t)throw s;var o,r=t[0],i=t[1];return(o=i,new Promise((function(e){return setTimeout(e,o)}))).then((function(){return u(r)}))}))};return u(l).then((function(e){return[e,a]}))}var gn="https://fpnpmcdn.net/v<version>/<apiKey>/loader_v<loaderVersion>.js",hn=gn;function vn(n){var o;n.scriptUrlPattern;var r=n.token,i=n.apiKey,s=void 0===i?r:i,a=t(n,["scriptUrlPattern","token","apiKey"]),c=null!==(o=function(e,t){return function(e,t){return Object.prototype.hasOwnProperty.call(e,t)}(e,t)?e[t]:void 0}(n,"scriptUrlPattern"))&&void 0!==o?o:gn,l=function(){var e=[],t=function(){e.push({time:new Date,state:document.visibilityState})},n=function(e,t,n,o){return e.addEventListener(t,n,o),function(){return e.removeEventListener(t,n,o)}}(document,"visibilitychange",t);return t(),[e,n]}(),d=l[0],u=l[1];return Promise.resolve().then((function(){if(!s||"string"!=typeof s)throw new Error("API key required");var e=function(e,t){return(Array.isArray(e)?e:[e]).map((function(e){return function(e,t){var n=encodeURIComponent;return e.replace(/<[^<>]+>/g,(function(e){return"<version>"===e?"3":"<apiKey>"===e?n(t):"<loaderVersion>"===e?n("3.11.6"):e}))}(String(e),t)}))}(c,s);return pn(e,fn)})).catch((function(e){throw u(),function(e){return e instanceof Error&&e.message===un?new Error(dn):e}(e)})).then((function(t){var n=t[0],o=t[1];return u(),n.load(e(e({},a),{ldi:{attempts:o,visibilityStates:d}}))}))}function fn(e){return function(e,t,n){var o,r=document,i="securitypolicyviolation",s=function(t){var n=new URL(e,location.href),r=t.blockedURI;r!==n.href&&r!==n.protocol.slice(0,-1)&&r!==n.origin||(o=t,a())};r.addEventListener(i,s);var a=function(){return r.removeEventListener(i,s)};return Promise.resolve().then(t).then((function(e){return a(),e}),(function(e){return new Promise((function(e){var t=new MessageChannel;t.port1.onmessage=function(){return e()},t.port2.postMessage(null)})).then((function(){if(a(),o)return n(o);throw e}))}))}(e,(function(){return function(e){return new Promise((function(t,n){if(function(e){if(URL.prototype)try{return new URL(e,location.href),!1}catch(e){if(e instanceof Error&&"TypeError"===e.name)return!0;throw e}}(e))throw new Error(ln);var o=document.createElement("script"),r=function(){var e;return null===(e=o.parentNode)||void 0===e?void 0:e.removeChild(o)},i=document.head||document.getElementsByTagName("head")[0];o.onload=function(){r(),t()},o.onerror=function(){r(),n(new Error(dn))},o.async=!0,o.src=e,i.appendChild(o)}))}(e)}),(function(){throw new Error(cn)})).then(wn)}function wn(){var e=window,t="__fpjs_p_l_b",n=e[t];if(function(e,t){var n,o=null===(n=Object.getOwnPropertyDescriptor)||void 0===n?void 0:n.call(Object,e,t);(null==o?void 0:o.configurable)?delete e[t]:o&&!o.writable||(e[t]=void 0)}(e,t),"function"!=typeof(null==n?void 0:n.load))throw new Error(un);return n}const mn=(e=!1)=>{const t=I("fp");if(!t)return null;const n=JSON.parse(t);return(new Date).getTime()>n.expiry&&!e?null:n.value},yn=async(e,t=on)=>{try{if(mn())return;const n=(Date.now().toString(36)+Math.random().toString(36).substring(2)+Math.random().toString(36).substring(2)).substring(0,27),o=new URL(t);o.pathname="/fXj8gt3x8VulJBna/x96Emn69oZwcd7I6";const r=new URL(t);r.pathname="/fXj8gt3x8VulJBna/w78aRZnnDZ3Aqw0I";const i=r.toString()+"?apiKey=<apiKey>&version=<version>&loaderVersion=<loaderVersion>",s=vn({apiKey:e,endpoint:[o.toString(),an],scriptUrlPattern:[i,hn]}),a=await s,{requestId:c}=await a.get({linkedId:n}),l=((e,t)=>({[rn]:e,[sn]:t}))(n,c);(e=>{const t={value:e,expiry:(new Date).getTime()+864e5};k("fp",JSON.stringify(t))})(l)}catch(e){console.warn("Could not load fingerprint",e)}},bn=e=>{const t=mn(!0);return t&&e.body&&(e.body.fpData=t),e},kn="descopeFlowNonce",In="X-Descope-Flow-Nonce",On="/v1/flow/start",jn="/v1/flow/next",Sn=(e,t=kn)=>`${t}${e}`,Un=(e,t=kn)=>{try{const n=Sn(e,t);O(n)}catch(e){console.error("Error removing flow nonce:",e)}},Tn=e=>{var t;return(null===(t=/.*\|#\|(.*)/.exec(e))||void 0===t?void 0:t[1])||null},xn=e=>{var t;return e.path===jn&&(null===(t=e.body)||void 0===t?void 0:t.executionId)?Tn(e.body.executionId):null},Rn="dls_last_user_login_id",Cn="dls_last_user_display_name",En=e=>k(Rn,e),$n=()=>I(Rn),Pn=()=>I(Cn),Dn=e=>async(...t)=>{var n;t[1]=t[1]||{};const[,o={}]=t,r=$n(),i=Pn();r&&(null!==(n=o.lastAuth)&&void 0!==n||(o.lastAuth={}),o.lastAuth.loginId=r,o.lastAuth.name=i);return await e(...t)},_n=e=>t=>async(...n)=>{const o=await t(...n);return e||(O(Rn),O(Cn)),o};function An(){const e=[];return{pub:t=>{e.forEach((e=>e(t)))},sub:t=>{const n=e.push(t)-1;return()=>e.splice(n,1)}}}const Ln=(e,t,n,o)=>r=>async(...i)=>{const s=await r(...i);return tn(e,t,n,null==o?void 0:o()),s};async function Nn(e){const t=function(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=Fn(n.publicKey.challenge),n.publicKey.user.id=Fn(n.publicKey.user.id),null===(t=n.publicKey.excludeCredentials)||void 0===t||t.forEach((e=>{e.id=Fn(e.id)})),n}(e),n=await navigator.credentials.create(t);return o=n,JSON.stringify({id:o.id,rawId:Hn(o.rawId),type:o.type,response:{attestationObject:Hn(o.response.attestationObject),clientDataJSON:Hn(o.response.clientDataJSON)}});var o}async function qn(e){const t=Mn(e);return Vn(await navigator.credentials.get(t))}async function Jn(e,t){const n=Mn(e);n.signal=t.signal,n.mediation="conditional";return Vn(await navigator.credentials.get(n))}async function Kn(e=!1){var t,n;if(!s)return Promise.resolve(!1);if(m()){const e=null===(n=null===(t=window.descopeBridge)||void 0===t?void 0:t.hostInfo)||void 0===n?void 0:n.webauthn;if("boolean"==typeof e)return e}const o=!!(window.PublicKeyCredential&&navigator.credentials&&navigator.credentials.create&&navigator.credentials.get);return o&&e&&PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable():o}function Mn(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=Fn(n.publicKey.challenge),null===(t=n.publicKey.allowCredentials)||void 0===t||t.forEach((e=>{e.id=Fn(e.id)})),n}function Vn(e){return JSON.stringify({id:e.id,rawId:Hn(e.rawId),type:e.type,response:{authenticatorData:Hn(e.response.authenticatorData),clientDataJSON:Hn(e.response.clientDataJSON),signature:Hn(e.response.signature),userHandle:e.response.userHandle?Hn(e.response.userHandle):void 0}})}function Fn(e){const t=e.replace(/_/g,"/").replace(/-/g,"+");return Uint8Array.from(atob(t),(e=>e.charCodeAt(0))).buffer}function Hn(e){return btoa(String.fromCharCode.apply(null,new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=/g,"")}var Bn,zn=(Bn=e=>({async signUp(t,n,o){const r=await e.webauthn.signUp.start(t,window.location.origin,n,o);if(!r.ok)return r;const i=await Nn(r.data.options);return await e.webauthn.signUp.finish(r.data.transactionId,i)},async signIn(t,n){const o=await e.webauthn.signIn.start(t,window.location.origin,void 0,void 0,n);if(!o.ok)return o;const r=await qn(o.data.options);return await e.webauthn.signIn.finish(o.data.transactionId,r)},async signUpOrIn(t,n){var o;const r=await e.webauthn.signUpOrIn.start(t,window.location.origin,n);if(!r.ok)return r;if(null===(o=r.data)||void 0===o?void 0:o.create){const t=await Nn(r.data.options);return await e.webauthn.signUp.finish(r.data.transactionId,t)}{const t=await qn(r.data.options);return await e.webauthn.signIn.finish(r.data.transactionId,t)}},async update(t,n,o){const r=await e.webauthn.update.start(t,window.location.origin,n,o);if(!r.ok)return r;const i=await Nn(r.data.options);return await e.webauthn.update.finish(r.data.transactionId,i)},helpers:{create:Nn,get:qn,isSupported:Kn,conditional:Jn}}),(...e)=>{const t=Bn(...e);return Object.assign(t.signUp,e[0].webauthn.signUp),Object.assign(t.signIn,e[0].webauthn.signIn),Object.assign(t.signUpOrIn,e[0].webauthn.signUpOrIn),Object.assign(t.update,e[0].webauthn.update),t});const Zn={config:"/fedcm/config"},Gn=()=>{if(window.crypto&&window.crypto.getRandomValues){const e=new Uint8Array(16);return window.crypto.getRandomValues(e),Array.from(e,(e=>e.toString(16).padStart(2,"0"))).join("")}return Math.random().toString(36).substring(2)};async function Wn(e,t){var n;try{await Xn(e,t)}catch(e){null===(n=null==t?void 0:t.onFailed)||void 0===n||n.call(t,e)}}async function Xn(e,t){var n,o;const r=await async function(e,t="google",n,o,r){const i=Gn(),s=await async function(){return new Promise(((e,t)=>{if(window.google)return void e(window.google.accounts.id);let n=document.getElementById("google-gsi-client-script");n||(n=document.createElement("script"),document.head.appendChild(n),n.async=!0,n.defer=!0,n.id="google-gsi-client-script",n.src="https://accounts.google.com/gsi/client"),n.onload=function(){window.google?e(window.google.accounts.id):t("Failed to load Google GSI client script - not loaded properly")},n.onerror=function(){t("Failed to load Google GSI client script - failed to load")}}))}(),a=await e.oauth.getOneTapClientId(t);if(!a.ok)throw new Error("Failed to get OneTap client ID for provider "+t);const c=a.data.clientId;return new Promise((e=>{var a,l;const d=n=>{e({provider:t,nonce:i,credential:null==n?void 0:n.credential})};s.initialize(Object.assign(Object.assign({},n),{itp_support:null===(a=null==n?void 0:n.itp_support)||void 0===a||a,use_fedcm_for_prompt:null===(l=null==n?void 0:n.use_fedcm_for_prompt)||void 0===l||l,client_id:c,callback:d,nonce:i})),s.prompt((e=>{var t,n;if(r&&(null==e?void 0:e.isDismissedMoment())){const n=null===(t=e.getDismissedReason)||void 0===t?void 0:t.call(e);return null==r||r(n),void d()}if(o&&(null==e?void 0:e.isSkippedMoment())){const t=null===(n=e.getSkippedReason)||void 0===n?void 0:n.call(e);return null==o||o(t),void d()}}))}))}(e,t.provider,t.oneTapConfig,t.onSkipped,t.onDismissed);if(!r.credential)return null;if(null==t?void 0:t.onCodeReceived){const o=await e.oauth.verifyOneTapIDToken(r.provider,r.credential,r.nonce,null==t?void 0:t.loginOptions);if(!o.ok||!o.data)throw new Error("Failed to verify OneTap client ID for provider "+r.provider);null===(n=null==t?void 0:t.onCodeReceived)||void 0===n||n.call(t,o.data.code)}else{const n=await e.oauth.exchangeOneTapIDToken(r.provider,r.credential,r.nonce,null==t?void 0:t.loginOptions);if(!n.ok||!n.data)throw new Error("Failed to exchange OneTap client ID for provider "+r.provider);null===(o=null==t?void 0:t.onAuthenticated)||void 0===o||o.call(t,n.data)}}var Yn=e=>Object.assign(Object.assign({},e.flow),{start:async(...t)=>{const n=await Kn(),o=Object.assign(Object.assign({location:window.location.href},t[1]),{deviceInfo:{webAuthnSupport:n},startOptionsVersion:1});return t[1]=o,e.flow.start(...t)}});let Qn;const eo=(e,t)=>new Promise(((n,o)=>{if(!e.length)return o(new Error("No URLs provided to loadScriptWithFallback"));const r=t();if(r)return n(r);const i=e.shift(),s=document.createElement("script");s.src=i,s.id=(e=>{let t=0;for(let n=0;n<e.length;n++)t=(t<<5)-t+e.charCodeAt(n),t|=0;return Math.abs(t).toString(16)})(i),s.onload=()=>{const e=t();if(e)return n(e);throw new Error("Could not get entry after loading script from URL")},s.addEventListener("error",(()=>{eo(e,t),s.setAttribute("data-error","true")})),document.body.appendChild(s)}));const to=async(e,t,n)=>{Qn||(Qn=(async()=>{try{return require("oidc-client-ts")}catch(e){return eo([c,l],(()=>window.oidc))}})());const{OidcClient:o,WebStorageStateStore:r}=await Qn;if(!o)throw new Error("oidc-client-ts is not installed. Please install it by running `npm install oidc-client-ts`");const i=(null==n?void 0:n.redirectUri)||window.location.href;let s,a,d,u;if(null==n?void 0:n.issuer){if(!n.clientId)throw new Error("clientId is required when providing a custom issuer/authority");s=n.issuer,a=n.clientId,d=`${a}_user`,u="openid"}else(null==n?void 0:n.applicationId)?(s=e.httpClient.buildUrl(t),s=`${s}/${n.applicationId}`,a=t,d=`${a}_user`,u="openid email roles descope.custom_claims offline_access"):(s=e.httpClient.buildUrl(t),a=t,d=`${a}_user`,u="openid email roles descope.custom_claims offline_access");const p={authority:s,client_id:a,redirect_uri:i,response_type:"code",scope:(null==n?void 0:n.scope)||u,stateStore:new r({store:window.localStorage,prefix:a}),loadUserInfo:!0,fetchRequestCredentials:"same-origin"};return(null==n?void 0:n.redirectUri)&&(p.redirect_uri=n.redirectUri),{client:new o(p),stateUserKey:d}},no=(e,t,n)=>{const o=async()=>{let o,r;return o&&r||({client:o,stateUserKey:r}=await to(e,t,n)),{client:o,stateUserKey:r}},r=async(t="")=>{var n;const{client:r,stateUserKey:i}=await o(),s=await r.processSigninResponse(t||window.location.href);var a;return await(null===(n=e.httpClient.hooks)||void 0===n?void 0:n.afterRequest({},new Response(JSON.stringify(s)))),k(i,JSON.stringify({id_token:(a=s).id_token,session_state:a.session_state,profile:a.profile})),(()=>{const e=new URL(window.location.href);e.searchParams.delete("code"),e.searchParams.delete("state"),window.history.replaceState({},document.title,e.toString())})(),s};return{loginWithRedirect:async(e={},t=!1)=>{const{client:n}=await o(),r=await n.createSigninRequest(e),{url:i}=r;return t||(window.location.href=i),{ok:!0,data:r}},finishLogin:r,finishLoginIfNeed:async(e="")=>{if(window.location.search.includes("code")&&window.location.search.includes("state"))return await r(e)},refreshToken:async t=>{var n;const{client:r,stateUserKey:i}=await o(),s=(e=>{const t=I(e);return t?JSON.parse(t):null})(i);if(!s)throw new Error("User not found in storage to refresh token");let a=t;if(!a){const t={};e.httpClient.hooks.beforeRequest(t),a=t.token}const c=await r.useRefreshToken({state:{refresh_token:a,session_state:s.session_state,profile:s.profile}});return await(null===(n=e.httpClient.hooks)||void 0===n?void 0:n.afterRequest({},new Response(JSON.stringify(c)))),c},logout:async(e,t=!1)=>{const{client:n,stateUserKey:r}=await o();e||(e={}),e.id_token_hint=e.id_token_hint||en(),e.post_logout_redirect_uri=e.post_logout_redirect_uri||window.location.href;const i=await n.createSignoutRequest(e),{url:s}=i;return O(r),t||window.location.replace(s),i}}},oo=function(...e){return t=>e.reduce(((e,t)=>t(e)),t)}((e=>t=>{var n;return n=t.customStorage,u=n,e(t)}),(e=>n=>{var{fpKey:o,fpLoad:r}=n,i=t(n,["fpKey","fpLoad"]);return s?(o&&r&&yn(o).catch((()=>null)),e(f(i,{beforeRequest:bn}))):e(i)}),(e=>n=>{var{autoRefresh:o}=n,i=t(n,["autoRefresh"]);if(!o||m())return e(i);const{clearAllTimers:a,setTimer:c}=(()=>{const e=[];return{clearAllTimers:()=>{for(;e.length;)clearTimeout(e.pop())},setTimer:(t,n)=>{e.push(setTimeout(t,n))}}})();let l,d;s&&document.addEventListener("visibilitychange",(()=>{"visible"===document.visibilityState&&l&&new Date>l&&(qt("Expiration time passed, refreshing session"),u.refresh(Yt()||d))}));const u=e(f(i,{afterRequest:async(e,t)=>{const{sessionJwt:n,refreshJwt:o,sessionExpiration:i,nextRefreshSeconds:p}=await w(t);if(y(e,t))qt("Session invalidated, canceling all timers"),a();else if(n||i){if(l=((e,t)=>{if(t)return new Date(1e3*t);qt("Could not extract expiration time from session token, trying to decode the token");try{const t=r(e);if(t.exp)return new Date(1e3*t.exp)}catch(e){return null}})(n,i),!l)return void qt("Could not extract expiration time from session token");d=o;const e=Kt(l,p);if(a(),e<=2e4)return void qt("Session is too close to expiration, not setting refresh timer");const t=new Date(Date.now()+e).toLocaleTimeString("en-US",{hour12:!1});qt(`Setting refresh timer for ${t}. (${e}ms)`),c((()=>{s&&"hidden"===document.visibilityState?qt("Skipping refresh due to timer - document is hidden"):(qt("Refreshing session due to timer"),u.refresh(Yt()||o))}),e)}}}));return Ue(u,["logout","logoutAll","oidc.logout"],(e=>async(...t)=>{const n=await e(...t);return qt("Clearing all timers"),a(),n}))}),(e=>t=>e(Object.assign(Object.assign({},t),{baseHeaders:Object.assign({"x-descope-sdk-name":"web-js","x-descope-sdk-version":"1.46.0"},t.baseHeaders)}))),(e=>t=>{const n=An(),o=An(),r=An(),i=An(),s=e(f(t,{afterRequest:async(e,t)=>{if(y(e,t))qt("Session invalidated, notifying subscribers with empty values"),o.pub(null),r.pub(null),n.pub(null),i.pub(null);else{const e=await(async e=>{const t=await w(e);return(null==t?void 0:t.user)||((null==t?void 0:t.hasOwnProperty("userId"))?t:void 0)})(t);e&&r.pub(e);const{sessionJwt:s,sessionExpiration:a,claims:c}=await w(t);s&&o.pub(s),c&&i.pub(c),(a||s)&&n.pub(a||42)}}})),a=Ue(s,["logout","logoutAll","oidc.logout"],(e=>async(...t)=>{const s=await e(...t);return o.pub(null),r.pub(null),n.pub(null),i.pub(null),s}));return Object.assign(a,{onSessionTokenChange:o.sub,onUserChange:r.sub,onClaimsChange:i.sub,onIsAuthenticatedChange:e=>n.sub((t=>{e(!!t)}))})}),(e=>n=>{const{enableFlowNonce:o=!0,nonceStoragePrefix:r=kn}=n,i=t(n,["enableFlowNonce","nonceStoragePrefix"]);if(!o)return e(i);((e=kn)=>{try{if(!b)return;for(let r=0;r<(t=void 0,n=void 0,o=void 0,null!==(o=null!==(t=null==u?void 0:u.length)&&void 0!==t?t:s&&(null===(n=window.localStorage)||void 0===n?void 0:n.length))&&void 0!==o?o:0);r++){const t=j(r);if(t&&t.startsWith(e)){const e=I(t);if(e)try{JSON.parse(e).expiry<Date.now()&&O(t)}catch(e){O(t)}}}}catch(e){console.error("Error cleaning up expired nonces:",e)}var t,n,o})(r);return e(f(i,{afterRequest:async(e,t)=>{if(e.path!==On&&e.path!==jn)return;const{nonce:n,executionId:o}=await(async(e,t)=>{try{const n=t.headers.get(In);let o=await t.clone().json().then((e=>(null==e?void 0:e.executionId)||null)).catch((()=>null));return o||(o=xn(e)),{nonce:n,executionId:Tn(o)}}catch(e){return{nonce:null,executionId:null}}})(e,t);if(n&&o){((e,t,n,o=kn)=>{try{const r=Sn(e,o),i=n?172800:10800,s={value:t,expiry:Date.now()+1e3*i,isStart:n};k(r,JSON.stringify(s))}catch(e){console.error("Error setting flow nonce:",e)}})(o,n,e.path===On,r)}},beforeRequest:e=>{if(e.path===jn){const t=xn(e);if(t){const n=((e,t=kn)=>{try{const n=Sn(e,t),o=I(n);if(!o)return null;const r=JSON.parse(o);return r.expiry<Date.now()?(Un(e,t),null):r.value}catch(e){return console.error("Error getting flow nonce:",e),null}})(t,r);n&&(e.headers=e.headers||{},e.headers[In]=n)}}return e}}))}),(e=>n=>{var{storeLastAuthenticatedUser:o=!0,keepLastAuthenticatedUserAfterLogout:r=!1}=n,i=t(n,["storeLastAuthenticatedUser","keepLastAuthenticatedUserAfterLogout"]);if(!o)return Object.assign(e(i),{getLastUserLoginId:$n,getLastUserDisplayName:Pn});const s=e(f(i,{afterRequest:async(e,t)=>{var n;const{userInfo:o,lastAuth:r}=await(async e=>{if(!(null==e?void 0:e.ok))return{userInfo:void 0,lastAuth:void 0};const t=await(null==e?void 0:e.clone().json()),n=v((null==t?void 0:t.authInfo)||t||{});return{userInfo:(null==n?void 0:n.user)||((null==n?void 0:n.hasOwnProperty("userId"))?n:void 0),lastAuth:t.lastAuth}})(t),i=null===(n=null==o?void 0:o.loginIds)||void 0===n?void 0:n[0],s=null==o?void 0:o.name;i?(En(i),(e=>{k(Cn,e)})(s)):(null==r?void 0:r.loginId)&&En(r.loginId)}}));let a=Ue(s,["flow.start"],Dn);return a=Ue(a,["logout","logoutAll"],_n(r)),Object.assign(a,{getLastUserLoginId:$n,getLastUserDisplayName:Pn})}),(e=>n=>{var{persistTokens:o,sessionTokenViaCookie:r,refreshTokenViaCookie:i,storagePrefix:a,refreshCookieName:c}=n,l=t(n,["persistTokens","sessionTokenViaCookie","refreshTokenViaCookie","storagePrefix","refreshCookieName"]);if(!o||!s)return e(Object.assign({refreshCookieName:c},l));let d;const u=e(f(Object.assign({refreshCookieName:c},l),{beforeRequest:nn(a,i,c),afterRequest:async(e,t)=>{if(y(e,t))qt("Session invalidated, clearing persisted tokens"),tn(a,r,i,d);else{const e=await w(t);e.cookieName?k(`${a||""}${zt}`,e.cookieName):e.refreshJwt&&O(`${a||""}${zt}`);const n=((e={},t=!1,n="",o=!1)=>{var r,i,s,a;const{sessionJwt:c,refreshJwt:l,trustedDeviceJwt:d}=e;let u;if(l)if(o){O(`${n}${Ht}`);const t=o.sameSite||"Strict",s=null===(r=o.secure)||void 0===r||r,a=null!==(i=o.domain)&&void 0!==i?i:e.cookieDomain,c=Xt(o);s&&"https:"!==window.location.protocol&&Jt("Refresh token cookie is configured with secure=true but the page is not using HTTPS. The cookie will not be set. To fix this, pass refreshTokenViaCookie: { secure: process.env['NODE_ENV'] !== 'development' }");const d=Object.assign(Object.assign({},e),{cookieSameSite:t,cookieSecure:s,cookieDomain:a});Zt(c,l,d);const p=Gt(a);u=Object.assign(Object.assign({},u),{refresh:{path:d.cookiePath,domain:p?a:void 0}})}else{const e=Xt(o);Vt.remove(e),k(`${n}${Ht}`,l)}if(c)if(t){const n=t.sameSite||"Strict",o=null===(s=t.secure)||void 0===s||s,r=null!==(a=t.domain)&&void 0!==a?a:e.cookieDomain,i=Wt(t);o&&"https:"!==window.location.protocol&&Jt("Session token cookie is configured with secure=true but the page is not using HTTPS. The cookie will not be set. To fix this, pass sessionTokenViaCookie: { secure: process.env['NODE_ENV'] !== 'development' }");const l=Object.assign(Object.assign({},e),{cookieSameSite:n,cookieSecure:o,cookieDomain:r});Zt(i,c,l);const d=Gt(r);u=Object.assign(Object.assign({},u),{session:{path:l.cookiePath,domain:d?r:void 0}})}else k(`${n}${Ft}`,c);return e.idToken&&k(`${n}${Bt}`,e.idToken),d&&k(`${n}DTD`,d),u})(e,r,a,i);n&&(d=n)}}})),p=Ue(u,["logout","logoutAll","oidc.logout"],Ln(a,r,i,(()=>d)));return Object.assign(p,{getRefreshToken:()=>Yt(a,i),getSessionToken:()=>Qt(a,r),getIdToken:()=>en(a)})}))((e=>{const t=Nt(e),n=no(t,e.projectId,e.oidcConfig);return Object.assign(Object.assign({},t),{refresh:async(o,r)=>{var i;if(m())return qt(`Refresh called in native flow: ${(new Error).stack}`),Promise.resolve({ok:!1,error:{errorCode:"J171000",errorDescription:"Refresh is not supported in native flows via the web SDK"}});if(e.oidcConfig)try{return await n.refreshToken(o),Promise.resolve({ok:!0})}catch(e){return Promise.resolve({ok:!1,error:{errorCode:"J161001",errorDescription:e.toString()}})}const s=Qt(),a=Yt();let c="";if(e.getExternalToken)try{c=await(null===(i=e.getExternalToken)||void 0===i?void 0:i.call(e))}catch(e){qt("Error getting external token while refreshing",e)}return t.refresh(o,{dcs:s?"t":"f",dcr:a?"t":"f"},c,r)},logout:async o=>{if(e.oidcConfig)try{return await n.logout({id_token_hint:o}),Promise.resolve({ok:!0})}catch(e){return Promise.resolve({ok:!1,error:{errorCode:"J161000",errorDescription:e.toString()}})}return t.logout(o)},flow:Yn(t),webauthn:zn(t),fedcm:(o=t,r=e.projectId,{onetap:{requestExchangeCode(e){Wn(o,e)},requestAuthentication(e){Wn(o,e)}},async oneTap(e,t,n,r,i){await Xn(o,{provider:e,oneTapConfig:t,loginOptions:n,onSkipped:r,onDismissed:i})},async launch(e){var t;const n={identity:{context:e||"signin",providers:[{configURL:o.httpClient.buildUrl(r+Zn.config),clientId:r}]}},i=await(null===(t=navigator.credentials)||void 0===t?void 0:t.get(n));return o.refresh(i.token)},isSupported:()=>s&&"IdentityCredential"in window,async isLoggedIn(e){var t;const n=o.httpClient.buildUrl(r+Zn.config);try{const o={identity:{context:e||"signin",providers:[{configURL:n,clientId:r}]}},i=await(null===(t=navigator.credentials)||void 0===t?void 0:t.get(o));return!!i&&!!i.token}catch(e){return!1}}}),oidc:n});var o,r}));return oo.REFRESH_TOKEN_KEY=Ht,oo.SESSION_TOKEN_KEY=Ft,oo}));
4
4
  //# sourceMappingURL=index.umd.js.map