@dynamic-labs-sdk/client 1.14.0 → 1.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (80) hide show
  1. package/dist/{InvalidParamError-Cs4ZMEj4.cjs → InvalidParamError-BPY2yug_.cjs} +3 -3
  2. package/dist/{InvalidParamError-Cs4ZMEj4.cjs.map → InvalidParamError-BPY2yug_.cjs.map} +1 -1
  3. package/dist/{InvalidParamError-DZjc7Tjc.esm.js → InvalidParamError-CXCYtY0p.esm.js} +2 -2
  4. package/dist/{InvalidParamError-DZjc7Tjc.esm.js.map → InvalidParamError-CXCYtY0p.esm.js.map} +1 -1
  5. package/dist/{InvalidParamError-BKr8fFc1.native.esm.js → InvalidParamError-DSXDW6g4.native.esm.js} +2 -2
  6. package/dist/{InvalidParamError-BKr8fFc1.native.esm.js.map → InvalidParamError-DSXDW6g4.native.esm.js.map} +1 -1
  7. package/dist/core.cjs +5 -5
  8. package/dist/core.esm.js +7 -7
  9. package/dist/core.esm.js.map +1 -1
  10. package/dist/core.native.esm.js +5 -5
  11. package/dist/{getNetworkProviderFromNetworkId-CdCEFEgT.cjs → getNetworkProviderFromNetworkId-DCwFIoM3.cjs} +4 -4
  12. package/dist/{getNetworkProviderFromNetworkId-CdCEFEgT.cjs.map → getNetworkProviderFromNetworkId-DCwFIoM3.cjs.map} +1 -1
  13. package/dist/{getNetworkProviderFromNetworkId-ChFA088e.esm.js → getNetworkProviderFromNetworkId-_pvqm2fB.esm.js} +7 -7
  14. package/dist/getNetworkProviderFromNetworkId-_pvqm2fB.esm.js.map +1 -0
  15. package/dist/{getNetworkProviderFromNetworkId-DZkq74O7.native.esm.js → getNetworkProviderFromNetworkId-b-H_ta9Q.native.esm.js} +4 -4
  16. package/dist/{getNetworkProviderFromNetworkId-DZkq74O7.native.esm.js.map → getNetworkProviderFromNetworkId-b-H_ta9Q.native.esm.js.map} +1 -1
  17. package/dist/{getSignedSessionId-DmDcWkqB.native.esm.js → getSignedSessionId-Co8y0azF.native.esm.js} +3 -3
  18. package/dist/{getSignedSessionId-DmDcWkqB.native.esm.js.map → getSignedSessionId-Co8y0azF.native.esm.js.map} +1 -1
  19. package/dist/{getSignedSessionId-DrrvGNcG.esm.js → getSignedSessionId-D7Q9q-oy.esm.js} +3 -3
  20. package/dist/{getSignedSessionId-DrrvGNcG.esm.js.map → getSignedSessionId-D7Q9q-oy.esm.js.map} +1 -1
  21. package/dist/{getSignedSessionId-DceZVits.cjs → getSignedSessionId-NZR0A-EZ.cjs} +3 -3
  22. package/dist/{getSignedSessionId-DceZVits.cjs.map → getSignedSessionId-NZR0A-EZ.cjs.map} +1 -1
  23. package/dist/{getWaasWalletProviderFromWalletAccount-CKZIsFWL.cjs → getWaasWalletProviderFromWalletAccount-CUgNeKaa.cjs} +3 -3
  24. package/dist/{getWaasWalletProviderFromWalletAccount-CKZIsFWL.cjs.map → getWaasWalletProviderFromWalletAccount-CUgNeKaa.cjs.map} +1 -1
  25. package/dist/{getWaasWalletProviderFromWalletAccount-C2GdfqUr.native.esm.js → getWaasWalletProviderFromWalletAccount-DLq_TjmC.native.esm.js} +3 -3
  26. package/dist/{getWaasWalletProviderFromWalletAccount-C2GdfqUr.native.esm.js.map → getWaasWalletProviderFromWalletAccount-DLq_TjmC.native.esm.js.map} +1 -1
  27. package/dist/{getWaasWalletProviderFromWalletAccount-B_8slAdm.esm.js → getWaasWalletProviderFromWalletAccount-DNBPKg4j.esm.js} +3 -3
  28. package/dist/{getWaasWalletProviderFromWalletAccount-B_8slAdm.esm.js.map → getWaasWalletProviderFromWalletAccount-DNBPKg4j.esm.js.map} +1 -1
  29. package/dist/{getWalletProviderByKey-DWYF9IxH.esm.js → getWalletProviderByKey-C4KTyeYY.esm.js} +2 -2
  30. package/dist/{getWalletProviderByKey-DWYF9IxH.esm.js.map → getWalletProviderByKey-C4KTyeYY.esm.js.map} +1 -1
  31. package/dist/{getWalletProviderByKey-OD65GUWG.cjs → getWalletProviderByKey-DZrpcmPE.cjs} +3 -3
  32. package/dist/{getWalletProviderByKey-OD65GUWG.cjs.map → getWalletProviderByKey-DZrpcmPE.cjs.map} +1 -1
  33. package/dist/{getWalletProviderByKey-BhisAyZg.native.esm.js → getWalletProviderByKey-Dk_K8Lg8.native.esm.js} +2 -2
  34. package/dist/{getWalletProviderByKey-BhisAyZg.native.esm.js.map → getWalletProviderByKey-Dk_K8Lg8.native.esm.js.map} +1 -1
  35. package/dist/index.cjs +34 -8
  36. package/dist/index.cjs.map +1 -1
  37. package/dist/index.esm.js +37 -11
  38. package/dist/index.esm.js.map +1 -1
  39. package/dist/index.native.esm.js +34 -8
  40. package/dist/index.native.esm.js.map +1 -1
  41. package/dist/{isDynamicWaasEnabled-C9gQ9M80.esm.js → isDynamicWaasEnabled-C9aVoXek.esm.js} +2 -2
  42. package/dist/{isDynamicWaasEnabled-C9gQ9M80.esm.js.map → isDynamicWaasEnabled-C9aVoXek.esm.js.map} +1 -1
  43. package/dist/{isDynamicWaasEnabled-rRFvljev.native.esm.js → isDynamicWaasEnabled-DNtxO0Bc.native.esm.js} +2 -2
  44. package/dist/{isDynamicWaasEnabled-rRFvljev.native.esm.js.map → isDynamicWaasEnabled-DNtxO0Bc.native.esm.js.map} +1 -1
  45. package/dist/{isDynamicWaasEnabled-C90E53x1.cjs → isDynamicWaasEnabled-DQ1mtWZv.cjs} +3 -3
  46. package/dist/{isDynamicWaasEnabled-C90E53x1.cjs.map → isDynamicWaasEnabled-DQ1mtWZv.cjs.map} +1 -1
  47. package/dist/{isMfaRequiredForAction-C1KaU-XS.native.esm.js → isMfaRequiredForAction-BXnpnD2X.native.esm.js} +2 -2
  48. package/dist/{isMfaRequiredForAction-C1KaU-XS.native.esm.js.map → isMfaRequiredForAction-BXnpnD2X.native.esm.js.map} +1 -1
  49. package/dist/{isMfaRequiredForAction-CTQzzCMt.esm.js → isMfaRequiredForAction-BhLg6M8J.esm.js} +2 -2
  50. package/dist/{isMfaRequiredForAction-CTQzzCMt.esm.js.map → isMfaRequiredForAction-BhLg6M8J.esm.js.map} +1 -1
  51. package/dist/{isMfaRequiredForAction-DFowphoV.cjs → isMfaRequiredForAction-DsOwHl4C.cjs} +2 -2
  52. package/dist/{isMfaRequiredForAction-DFowphoV.cjs.map → isMfaRequiredForAction-DsOwHl4C.cjs.map} +1 -1
  53. package/dist/{isUserOnboardingComplete-DfDNapVu.native.esm.js → isUserOnboardingComplete-BRfyMejK.native.esm.js} +3 -3
  54. package/dist/{isUserOnboardingComplete-DfDNapVu.native.esm.js.map → isUserOnboardingComplete-BRfyMejK.native.esm.js.map} +1 -1
  55. package/dist/{isUserOnboardingComplete-77jTT2BB.cjs → isUserOnboardingComplete-DrgtJIFi.cjs} +4 -4
  56. package/dist/{isUserOnboardingComplete-77jTT2BB.cjs.map → isUserOnboardingComplete-DrgtJIFi.cjs.map} +1 -1
  57. package/dist/{isUserOnboardingComplete-D1gGc77y.esm.js → isUserOnboardingComplete-KFfpvN4R.esm.js} +3 -3
  58. package/dist/{isUserOnboardingComplete-D1gGc77y.esm.js.map → isUserOnboardingComplete-KFfpvN4R.esm.js.map} +1 -1
  59. package/dist/modules/wallets/verifyWalletAccountForSignInOrTransfer/verifyWalletAccountForSignInOrTransfer.d.ts.map +1 -1
  60. package/dist/modules/wallets/walletProvider/walletProvider.types.d.ts +8 -0
  61. package/dist/modules/wallets/walletProvider/walletProvider.types.d.ts.map +1 -1
  62. package/dist/{refreshAuth-CAPTC0sg.esm.js → refreshAuth-BnkCuIdw.esm.js} +3 -3
  63. package/dist/{refreshAuth-CAPTC0sg.esm.js.map → refreshAuth-BnkCuIdw.esm.js.map} +1 -1
  64. package/dist/{refreshAuth-aTqsU1uq.native.esm.js → refreshAuth-CfUYFXh_.native.esm.js} +3 -3
  65. package/dist/{refreshAuth-aTqsU1uq.native.esm.js.map → refreshAuth-CfUYFXh_.native.esm.js.map} +1 -1
  66. package/dist/{refreshAuth-B3XSU6GT.cjs → refreshAuth-DvHy0g8j.cjs} +3 -3
  67. package/dist/{refreshAuth-B3XSU6GT.cjs.map → refreshAuth-DvHy0g8j.cjs.map} +1 -1
  68. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  69. package/dist/utils/retryOnFetchError/index.d.ts +2 -0
  70. package/dist/utils/retryOnFetchError/index.d.ts.map +1 -0
  71. package/dist/utils/retryOnFetchError/retryOnFetchError.d.ts +36 -0
  72. package/dist/utils/retryOnFetchError/retryOnFetchError.d.ts.map +1 -0
  73. package/dist/waas.cjs +6 -6
  74. package/dist/waas.esm.js +5 -5
  75. package/dist/waas.native.esm.js +5 -5
  76. package/dist/waasCore.cjs +6 -6
  77. package/dist/waasCore.esm.js +6 -6
  78. package/dist/waasCore.native.esm.js +6 -6
  79. package/package.json +2 -2
  80. package/dist/getNetworkProviderFromNetworkId-ChFA088e.esm.js.map +0 -1
@@ -1,5 +1,5 @@
1
- const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DFowphoV.cjs');
2
- const require_InvalidParamError = require('./InvalidParamError-Cs4ZMEj4.cjs');
1
+ const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DsOwHl4C.cjs');
2
+ const require_InvalidParamError = require('./InvalidParamError-BPY2yug_.cjs');
3
3
 
4
4
  //#region src/modules/mfa/consumeMfaTokenIfRequiredForAction/consumeMfaTokenIfRequiredForAction.ts
5
5
  /** @notInstrumented */
@@ -51,4 +51,4 @@ Object.defineProperty(exports, 'getSignedSessionId', {
51
51
  return getSignedSessionId;
52
52
  }
53
53
  });
54
- //# sourceMappingURL=getSignedSessionId-DceZVits.cjs.map
54
+ //# sourceMappingURL=getSignedSessionId-NZR0A-EZ.cjs.map
@@ -1 +1 @@
1
- {"version":3,"file":"getSignedSessionId-DceZVits.cjs","names":["isMfaRequiredForAction","consumeMfaToken","getCore","getCore","getCore","getNonce"],"sources":["../src/modules/mfa/consumeMfaTokenIfRequiredForAction/consumeMfaTokenIfRequiredForAction.ts","../src/modules/sessionKeys/generateNonceSignature/generateNonceSignature.ts","../src/modules/sessionKeys/generateSessionSignature/generateSessionSignature.ts","../src/modules/sessionKeys/getSignedSessionId/getSignedSessionId.ts"],"sourcesContent":["import type { MFAAction } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { consumeMfaToken } from '../consumeMfaToken';\nimport { isMfaRequiredForAction } from '../isMfaRequiredForAction';\n\ntype ConsumeMfaTokenIfRequiredForActionParams = {\n mfaAction: MFAAction;\n};\n\n/** @notInstrumented */\nexport const consumeMfaTokenIfRequiredForAction = async (\n { mfaAction }: ConsumeMfaTokenIfRequiredForActionParams,\n client: DynamicClient\n): Promise<string | undefined> => {\n const isRequiredForAction = await isMfaRequiredForAction(\n { mfaAction },\n client\n );\n\n if (!isRequiredForAction) {\n return;\n }\n\n return consumeMfaToken(client);\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\n\ntype GenerateNonceSignatureParams = {\n nonce: string;\n};\n\n/** @notInstrumented */\nexport const generateNonceSignature = async (\n { nonce }: GenerateNonceSignatureParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n assertDefined(core.keychain, 'Keychain service not available');\n\n const signature = await core.keychain.sign('session', nonce);\n\n return { signature };\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\n\ntype GenerateSessionSignatureParams = {\n sessionId: string;\n};\n\n/** @notInstrumented */\nexport const generateSessionSignature = async (\n { sessionId }: GenerateSessionSignatureParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const signature = await core.keychain.sign('session', sessionId);\n\n return { signature };\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { getNonce } from '../../../utils/getNonce';\nimport { generateNonceSignature } from '../generateNonceSignature';\nimport { generateSessionSignature } from '../generateSessionSignature';\n\n/** @notInstrumented */\nexport const getSignedSessionId = async (client: DynamicClient) => {\n const core = getCore(client);\n\n const sessionId = core.state.get().user?.sessionId;\n assertDefined(sessionId, 'Session ID is required');\n\n const { signature: signedSessionId } = await generateSessionSignature(\n {\n sessionId,\n },\n client\n );\n\n assertDefined(signedSessionId, 'Signed session ID is required');\n\n const nonce = await getNonce(client);\n\n const { signature: nonceSignature } = await generateNonceSignature(\n {\n nonce,\n },\n client\n );\n\n assertDefined(nonceSignature, 'Nonce signature is required');\n\n const signature = `${signedSessionId}/${nonceSignature}/${nonce}`;\n\n return { signature };\n};\n"],"mappings":";;;;;AAWA,MAAa,qCAAqC,OAChD,EAAE,aACF,WACgC;AAMhC,KAAI,CALwB,MAAMA,sDAChC,EAAE,WAAW,EACb,OACD,CAGC;AAGF,QAAOC,yDAAgB,OAAO;;;;;;ACfhC,MAAa,yBAAyB,OACpC,EAAE,SACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;AAE5B,yCAAc,KAAK,UAAU,iCAAiC;AAI9D,QAAO,EAAE,WAFS,MAAM,KAAK,SAAS,KAAK,WAAW,MAAM,EAExC;;;;;;ACXtB,MAAa,2BAA2B,OACtC,EAAE,aACF,WACG;AAKH,QAAO,EAAE,WAFS,MAFLC,kCAAQ,OAAO,CAEC,SAAS,KAAK,WAAW,UAAU,EAE5C;;;;;;ACRtB,MAAa,qBAAqB,OAAO,WAA0B;CAGjE,MAAM,YAFOC,kCAAQ,OAAO,CAEL,MAAM,KAAK,CAAC,MAAM;AACzC,yCAAc,WAAW,yBAAyB;CAElD,MAAM,EAAE,WAAW,oBAAoB,MAAM,yBAC3C,EACE,WACD,EACD,OACD;AAED,yCAAc,iBAAiB,gCAAgC;CAE/D,MAAM,QAAQ,MAAMC,mCAAS,OAAO;CAEpC,MAAM,EAAE,WAAW,mBAAmB,MAAM,uBAC1C,EACE,OACD,EACD,OACD;AAED,yCAAc,gBAAgB,8BAA8B;AAI5D,QAAO,EAAE,WAFS,GAAG,gBAAgB,GAAG,eAAe,GAAG,SAEtC"}
1
+ {"version":3,"file":"getSignedSessionId-NZR0A-EZ.cjs","names":["isMfaRequiredForAction","consumeMfaToken","getCore","getCore","getCore","getNonce"],"sources":["../src/modules/mfa/consumeMfaTokenIfRequiredForAction/consumeMfaTokenIfRequiredForAction.ts","../src/modules/sessionKeys/generateNonceSignature/generateNonceSignature.ts","../src/modules/sessionKeys/generateSessionSignature/generateSessionSignature.ts","../src/modules/sessionKeys/getSignedSessionId/getSignedSessionId.ts"],"sourcesContent":["import type { MFAAction } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { consumeMfaToken } from '../consumeMfaToken';\nimport { isMfaRequiredForAction } from '../isMfaRequiredForAction';\n\ntype ConsumeMfaTokenIfRequiredForActionParams = {\n mfaAction: MFAAction;\n};\n\n/** @notInstrumented */\nexport const consumeMfaTokenIfRequiredForAction = async (\n { mfaAction }: ConsumeMfaTokenIfRequiredForActionParams,\n client: DynamicClient\n): Promise<string | undefined> => {\n const isRequiredForAction = await isMfaRequiredForAction(\n { mfaAction },\n client\n );\n\n if (!isRequiredForAction) {\n return;\n }\n\n return consumeMfaToken(client);\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\n\ntype GenerateNonceSignatureParams = {\n nonce: string;\n};\n\n/** @notInstrumented */\nexport const generateNonceSignature = async (\n { nonce }: GenerateNonceSignatureParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n assertDefined(core.keychain, 'Keychain service not available');\n\n const signature = await core.keychain.sign('session', nonce);\n\n return { signature };\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\n\ntype GenerateSessionSignatureParams = {\n sessionId: string;\n};\n\n/** @notInstrumented */\nexport const generateSessionSignature = async (\n { sessionId }: GenerateSessionSignatureParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const signature = await core.keychain.sign('session', sessionId);\n\n return { signature };\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { getNonce } from '../../../utils/getNonce';\nimport { generateNonceSignature } from '../generateNonceSignature';\nimport { generateSessionSignature } from '../generateSessionSignature';\n\n/** @notInstrumented */\nexport const getSignedSessionId = async (client: DynamicClient) => {\n const core = getCore(client);\n\n const sessionId = core.state.get().user?.sessionId;\n assertDefined(sessionId, 'Session ID is required');\n\n const { signature: signedSessionId } = await generateSessionSignature(\n {\n sessionId,\n },\n client\n );\n\n assertDefined(signedSessionId, 'Signed session ID is required');\n\n const nonce = await getNonce(client);\n\n const { signature: nonceSignature } = await generateNonceSignature(\n {\n nonce,\n },\n client\n );\n\n assertDefined(nonceSignature, 'Nonce signature is required');\n\n const signature = `${signedSessionId}/${nonceSignature}/${nonce}`;\n\n return { signature };\n};\n"],"mappings":";;;;;AAWA,MAAa,qCAAqC,OAChD,EAAE,aACF,WACgC;AAMhC,KAAI,CALwB,MAAMA,sDAChC,EAAE,WAAW,EACb,OACD,CAGC;AAGF,QAAOC,yDAAgB,OAAO;;;;;;ACfhC,MAAa,yBAAyB,OACpC,EAAE,SACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;AAE5B,yCAAc,KAAK,UAAU,iCAAiC;AAI9D,QAAO,EAAE,WAFS,MAAM,KAAK,SAAS,KAAK,WAAW,MAAM,EAExC;;;;;;ACXtB,MAAa,2BAA2B,OACtC,EAAE,aACF,WACG;AAKH,QAAO,EAAE,WAFS,MAFLC,kCAAQ,OAAO,CAEC,SAAS,KAAK,WAAW,UAAU,EAE5C;;;;;;ACRtB,MAAa,qBAAqB,OAAO,WAA0B;CAGjE,MAAM,YAFOC,kCAAQ,OAAO,CAEL,MAAM,KAAK,CAAC,MAAM;AACzC,yCAAc,WAAW,yBAAyB;CAElD,MAAM,EAAE,WAAW,oBAAoB,MAAM,yBAC3C,EACE,WACD,EACD,OACD;AAED,yCAAc,iBAAiB,gCAAgC;CAE/D,MAAM,QAAQ,MAAMC,mCAAS,OAAO;CAEpC,MAAM,EAAE,WAAW,mBAAmB,MAAM,uBAC1C,EACE,OACD,EACD,OACD;AAED,yCAAc,gBAAgB,8BAA8B;AAI5D,QAAO,EAAE,WAFS,GAAG,gBAAgB,GAAG,eAAe,GAAG,SAEtC"}
@@ -1,5 +1,5 @@
1
- const require_InvalidParamError = require('./InvalidParamError-Cs4ZMEj4.cjs');
2
- const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-C90E53x1.cjs');
1
+ const require_InvalidParamError = require('./InvalidParamError-BPY2yug_.cjs');
2
+ const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-DQ1mtWZv.cjs');
3
3
 
4
4
  //#region src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts
5
5
  /** @notInstrumented */
@@ -16,4 +16,4 @@ Object.defineProperty(exports, 'getWaasWalletProviderFromWalletAccount', {
16
16
  return getWaasWalletProviderFromWalletAccount;
17
17
  }
18
18
  });
19
- //# sourceMappingURL=getWaasWalletProviderFromWalletAccount-CKZIsFWL.cjs.map
19
+ //# sourceMappingURL=getWaasWalletProviderFromWalletAccount-CUgNeKaa.cjs.map
@@ -1 +1 @@
1
- {"version":3,"file":"getWaasWalletProviderFromWalletAccount-CKZIsFWL.cjs","names":["getWalletProviderFromWalletAccount","isWaasWalletProvider","NotWaasWalletAccountError"],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiBA,6DACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAACC,+CAAqB,eAAe,CACvC,OAAM,IAAIC,uDAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
1
+ {"version":3,"file":"getWaasWalletProviderFromWalletAccount-CUgNeKaa.cjs","names":["getWalletProviderFromWalletAccount","isWaasWalletProvider","NotWaasWalletAccountError"],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiBA,6DACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAACC,+CAAqB,eAAe,CACvC,OAAM,IAAIC,uDAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
@@ -1,5 +1,5 @@
1
- import { g as getWalletProviderFromWalletAccount, n as isWaasWalletProvider } from "./InvalidParamError-BKr8fFc1.native.esm.js";
2
- import { n as NotWaasWalletAccountError } from "./isDynamicWaasEnabled-rRFvljev.native.esm.js";
1
+ import { g as getWalletProviderFromWalletAccount, n as isWaasWalletProvider } from "./InvalidParamError-DSXDW6g4.native.esm.js";
2
+ import { n as NotWaasWalletAccountError } from "./isDynamicWaasEnabled-DNtxO0Bc.native.esm.js";
3
3
 
4
4
  //#region src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts
5
5
  /** @notInstrumented */
@@ -11,4 +11,4 @@ const getWaasWalletProviderFromWalletAccount = ({ walletAccount }, client) => {
11
11
 
12
12
  //#endregion
13
13
  export { getWaasWalletProviderFromWalletAccount as t };
14
- //# sourceMappingURL=getWaasWalletProviderFromWalletAccount-C2GdfqUr.native.esm.js.map
14
+ //# sourceMappingURL=getWaasWalletProviderFromWalletAccount-DLq_TjmC.native.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"getWaasWalletProviderFromWalletAccount-C2GdfqUr.native.esm.js","names":[],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiB,mCACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAAC,qBAAqB,eAAe,CACvC,OAAM,IAAI,0BAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
1
+ {"version":3,"file":"getWaasWalletProviderFromWalletAccount-DLq_TjmC.native.esm.js","names":[],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiB,mCACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAAC,qBAAqB,eAAe,CACvC,OAAM,IAAI,0BAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
@@ -1,5 +1,5 @@
1
- import { _ as getWalletProviderFromWalletAccount, n as isWaasWalletProvider } from "./InvalidParamError-DZjc7Tjc.esm.js";
2
- import { n as NotWaasWalletAccountError } from "./isDynamicWaasEnabled-C9gQ9M80.esm.js";
1
+ import { _ as getWalletProviderFromWalletAccount, n as isWaasWalletProvider } from "./InvalidParamError-CXCYtY0p.esm.js";
2
+ import { n as NotWaasWalletAccountError } from "./isDynamicWaasEnabled-C9aVoXek.esm.js";
3
3
 
4
4
  //#region src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts
5
5
  /** @notInstrumented */
@@ -11,4 +11,4 @@ const getWaasWalletProviderFromWalletAccount = ({ walletAccount }, client) => {
11
11
 
12
12
  //#endregion
13
13
  export { getWaasWalletProviderFromWalletAccount as t };
14
- //# sourceMappingURL=getWaasWalletProviderFromWalletAccount-B_8slAdm.esm.js.map
14
+ //# sourceMappingURL=getWaasWalletProviderFromWalletAccount-DNBPKg4j.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"getWaasWalletProviderFromWalletAccount-B_8slAdm.esm.js","names":[],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiB,mCACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAAC,qBAAqB,eAAe,CACvC,OAAM,IAAI,0BAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
1
+ {"version":3,"file":"getWaasWalletProviderFromWalletAccount-DNBPKg4j.esm.js","names":[],"sources":["../src/modules/waas/getWaasWalletProviderFromWalletAccount/getWaasWalletProviderFromWalletAccount.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types/DynamicClient';\nimport { NotWaasWalletAccountError } from '../../../errors/NotWaasWalletAccountError';\nimport { getWalletProviderFromWalletAccount } from '../../wallets/utils/getWalletProviderFromWalletAccount';\nimport type { WalletAccount } from '../../wallets/walletAccount';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype GetWalletProviderFromWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getWaasWalletProviderFromWalletAccount = (\n { walletAccount }: GetWalletProviderFromWalletAccountParams,\n client: DynamicClient\n): WaasWalletProvider => {\n const walletProvider = getWalletProviderFromWalletAccount(\n { walletAccount },\n client\n );\n\n if (!isWaasWalletProvider(walletProvider)) {\n throw new NotWaasWalletAccountError({\n walletAddress: walletAccount.address,\n });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;AAYA,MAAa,0CACX,EAAE,iBACF,WACuB;CACvB,MAAM,iBAAiB,mCACrB,EAAE,eAAe,EACjB,OACD;AAED,KAAI,CAAC,qBAAqB,eAAe,CACvC,OAAM,IAAI,0BAA0B,EAClC,eAAe,cAAc,SAC9B,CAAC;AAGJ,QAAO"}
@@ -1,4 +1,4 @@
1
- import { C as getWalletAccountsFromState, I as setCookie, M as emitEvent, S as getWalletAccounts, Z as isCookieEnabled, a as DYNAMIC_WAAS_METADATA, g as DYNAMIC_AUTH_COOKIE_NAME, lt as getCore, n as isWaasWalletProvider, o as isUserMissingMfaAuth, t as InvalidParamError, w as formatWalletProviderKey, x as NoWalletProviderFoundError, y as getWalletProviderRegistry } from "./InvalidParamError-DZjc7Tjc.esm.js";
1
+ import { C as getWalletAccountsFromState, I as setCookie, M as emitEvent, S as getWalletAccounts, Z as isCookieEnabled, a as DYNAMIC_WAAS_METADATA, g as DYNAMIC_AUTH_COOKIE_NAME, lt as getCore, n as isWaasWalletProvider, o as isUserMissingMfaAuth, t as InvalidParamError, w as formatWalletProviderKey, x as NoWalletProviderFoundError, y as getWalletProviderRegistry } from "./InvalidParamError-CXCYtY0p.esm.js";
2
2
  import { WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
3
3
 
4
4
  //#region src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts
@@ -252,4 +252,4 @@ const getWalletProviderByKey = ({ walletProviderKey }, client) => {
252
252
 
253
253
  //#endregion
254
254
  export { parseElevatedAccessToken as a, findWaasWalletProviderByChain as c, emitWalletAccountsChangedEvent as d, upsertElevatedAccessToken as i, getWalletProviders as l, getVerifiedCredentialForWalletAccount as n, initializeWaasClientsForEagerRecovery as o, updateAuthFromVerifyResponse as r, isWaasWalletAccount as s, getWalletProviderByKey as t, checkAndRaiseWalletAccountsChangedEvent as u };
255
- //# sourceMappingURL=getWalletProviderByKey-DWYF9IxH.esm.js.map
255
+ //# sourceMappingURL=getWalletProviderByKey-C4KTyeYY.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"getWalletProviderByKey-DWYF9IxH.esm.js","names":["newState: Partial<DynamicCoreState>","walletProvider"],"sources":["../src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts","../src/modules/auth/updateAuthFromVerifyResponse/checkAndRaiseWalletAccountsChangedEvent/checkAndRaiseWalletAccountsChangedEvent.ts","../src/modules/wallets/getWalletProviders/getWalletProviders.ts","../src/modules/waas/findWaasWalletProviderByChain/findWaasWalletProviderByChain.ts","../src/modules/waas/isWaasWalletAccount/isWaasWalletAccount.ts","../src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts","../src/modules/auth/decodeJwt/decodeJwt.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/normalizeScopes/normalizeScopes.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/parseElevatedAccessToken/parseElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/upsertElevatedAccessToken/upsertElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.ts","../src/modules/wallets/utils/getVerifiedCredentialForWalletAccount/getVerifiedCredentialForWalletAccount.ts","../src/modules/wallets/getWalletProviderByKey/getWalletProviderByKey.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types';\nimport { emitEvent } from '../../clientEvents';\nimport { getWalletAccounts } from '../getWalletAccounts';\n\n/**\n * Emits the `walletAccountsChanged` event.\n * @notInstrumented\n */\nexport const emitWalletAccountsChangedEvent = (client: DynamicClient): void => {\n const walletAccounts = getWalletAccounts(client);\n\n emitEvent(\n {\n args: { walletAccounts },\n event: 'walletAccountsChanged',\n },\n client\n );\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { emitWalletAccountsChangedEvent } from '../../../wallets/emitWalletAccountsChangedEvent';\nimport { getWalletAccountsFromState } from '../../../wallets/getWalletAccounts/getWalletAccountsFromState';\n\ntype CheckAndRaiseWalletAccountsChangedEventParams = {\n previousState: Readonly<DynamicCoreState>;\n};\n\n/** @notInstrumented */\nexport const checkAndRaiseWalletAccountsChangedEvent = (\n { previousState }: CheckAndRaiseWalletAccountsChangedEventParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletAccountsHashBefore = getWalletAccountsHash(previousState, client);\n\n const walletAccountsHashAfter = getWalletAccountsHash(\n core.state.get(),\n client\n );\n\n if (walletAccountsHashBefore !== walletAccountsHashAfter) {\n emitWalletAccountsChangedEvent(client);\n }\n};\n\n \n \nconst getWalletAccountsHash = (\n state: Readonly<DynamicCoreState>,\n client: DynamicClient\n) =>\n getWalletAccountsFromState(state, client)\n .map((walletAccount) => JSON.stringify(walletAccount))\n .sort()\n .join('-');\n","import type { DynamicClient } from '../../../client/types';\nimport { getWalletProviderRegistry } from '../walletProviderRegistry';\n\n/**\n * Get all available wallet providers to interact with internally.\n * @notInstrumented\n */\nexport const getWalletProviders = (client: DynamicClient) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n return walletProviderRegistry.listProviders();\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { Chain } from '../../chain';\nimport { getWalletProviders } from '../../wallets/getWalletProviders';\nimport { formatWalletProviderKey } from '../../wallets/utils/formatWalletProviderKey';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype FindWaasWalletProviderByChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const findWaasWalletProviderByChain = (\n { chain }: FindWaasWalletProviderByChainParams,\n client: DynamicClient\n): WaasWalletProvider | null => {\n const providers = getWalletProviders(client);\n\n const waasProviderKey = formatWalletProviderKey({\n chain,\n displayName: DYNAMIC_WAAS_METADATA.displayName,\n walletProviderType: WalletProviderEnum.EmbeddedWallet,\n });\n\n const waasProvider = providers.find(\n (provider) => provider.key === waasProviderKey && provider.chain === chain\n );\n\n if (!waasProvider || !isWaasWalletProvider(waasProvider)) {\n return null;\n }\n\n return waasProvider;\n};\n","import type { WalletAccount } from '../../wallets/walletAccount';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype IsWaasWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/**\n * This function determines whether the provided wallet account is a Dynamic\n * WaaS wallet account.\n *\n * @param params.walletAccount - The wallet account to check.\n * @returns True if the wallet account is a WaaS wallet account, false otherwise.\n * @notInstrumented\n */\nexport const isWaasWalletAccount = ({\n walletAccount,\n}: IsWaasWalletAccountParams): boolean => {\n return walletAccount.walletProviderKey.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\nimport { findWaasWalletProviderByChain } from '../findWaasWalletProviderByChain';\nimport { isWaasWalletAccount } from '../isWaasWalletAccount';\n\n/**\n * On login, boots the WaaS client once per chain so the SDK eagerly recovers\n * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the\n * host looping per wallet. Booting calls `initialize()`, which sends the auth\n * token the iframe needs to self-recover.\n *\n * @notInstrumented\n */\nexport const initializeWaasClientsForEagerRecovery = async (\n client: DynamicClient\n): Promise<void> => {\n /**\n * Booting triggers recovery, which fails if the user is missing the MFA auth.\n * This early return avoids attempting a call we know will fail and just adds\n * noise to the logs.\n */\n if (isUserMissingMfaAuth(client)) {\n return;\n }\n\n const waasChains = new Set(\n getWalletAccounts(client)\n .filter((walletAccount) => isWaasWalletAccount({ walletAccount }))\n .map((walletAccount) => walletAccount.chain)\n );\n\n await Promise.all(\n [...waasChains].map(async (chain) => {\n const provider = findWaasWalletProviderByChain({ chain }, client);\n\n /**\n * The environment might not have the embedded wallet extensions installed.\n * In that case there is no provider for the chain and nothing to boot.\n */\n if (!provider) return;\n\n try {\n await provider.getWaasClient();\n } catch (error) {\n getCore(client).logger.warn(\n '[initializeWaasClientsForEagerRecovery] failed to boot waas client',\n error\n );\n }\n })\n );\n};\n","import { InvalidParamError } from '../../../errors/InvalidParamError';\n\nexport type JwtPayload = {\n [key: string]: unknown;\n exp: number;\n iat: number;\n scope: string;\n singleUse?: boolean;\n sub: string;\n};\n\n/**\n * Decodes a JWT token and returns the full payload.\n *\n * This function extracts and returns the complete JWT payload including scopes,\n * expiration time, and other claims.\n *\n * @param jwt - The JWT token string.\n * @returns The decoded JWT payload object.\n * @throws InvalidParamError if the token is invalid or cannot be decoded.\n *\n * @example\n * ```typescript\n * const payload = decodeJwt(jwt);\n * // Returns: { scopes: ['wallet:export'], exp: 1234567890, ... }\n * ```\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const decodeJwt = (jwt: string): JwtPayload => {\n try {\n // JWT format: header.payload.signature\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidParamError('Invalid JWT format');\n }\n\n // Decode the payload (second part)\n // Base64URL decode: replace URL-safe characters and decode\n const base64Payload = parts[1].replaceAll('-', '+').replaceAll('_', '/');\n // Add padding if needed\n const paddedPayload =\n base64Payload + '='.repeat((4 - (base64Payload.length % 4)) % 4);\n const decodedPayload = atob(paddedPayload);\n const claims = JSON.parse(decodedPayload) as JwtPayload;\n\n return claims;\n } catch (error) {\n if (error instanceof InvalidParamError) {\n throw error;\n }\n throw new InvalidParamError(\n `Failed to decode JWT: ${\n error instanceof Error ? error.message : String(error)\n }`\n );\n }\n};\n","/**\n * Normalizes scopes by deduplicating and sorting them.\n * This creates a canonical representation for comparison.\n *\n * @param scopes - Array of scope strings (may contain duplicates)\n * @returns Normalized, sorted array of unique scopes\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const normalizeScopes = (scopes: string[]): string[] => {\n return [...new Set(scopes)].sort((a, b) => a.localeCompare(b));\n};\n","import { decodeJwt } from '../../../decodeJwt';\nimport type { ParsedElevatedAccessToken } from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\nexport type ParseElevatedAccessTokenOptions = {\n /** JWT string containing the elevated access token. */\n token: string;\n};\n\n/**\n * Validates and parses an elevated access token from a JWT string.\n * Extracts scopes, expiration, and validates the token structure.\n *\n * Policy decisions:\n * - Tokens without scopes are rejected (returns null)\n * - Tokens with empty scopes array are rejected (returns null)\n * - Tokens without exp field are rejected (returns null)\n * - Expired tokens are rejected (returns null)\n *\n * @returns Parsed token data or null if token is invalid/expired\n * @notInstrumented\n */\nexport const parseElevatedAccessToken = ({\n token,\n}: ParseElevatedAccessTokenOptions): ParsedElevatedAccessToken | null => {\n const payload = decodeJwt(token);\n const rawScopeClaim = payload?.scope;\n const processedScopes = rawScopeClaim?.split(' ') ?? [];\n const filteredScopes = processedScopes.filter((s) => s.length > 0);\n const singleUse = payload.singleUse ?? false;\n\n // Reject tokens without scopes or with empty scopes\n if (!filteredScopes || filteredScopes.length === 0) {\n return null;\n }\n\n // Reject tokens without exp field\n if (!payload.exp) {\n return null;\n }\n\n // Convert exp (seconds) to Date (milliseconds)\n const expiresAt = new Date(payload.exp * 1000);\n\n // Reject expired tokens\n if (expiresAt <= new Date()) {\n return null;\n }\n\n return {\n expiresAt,\n normalizedScopes: normalizeScopes(filteredScopes),\n scopes: filteredScopes,\n singleUse,\n token,\n };\n};\n","import type {\n ElevatedAccessToken,\n ParsedElevatedAccessToken,\n} from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\n/**\n * Upserts an elevated access token into the current tokens array.\n *\n * Policy: Only one token per normalized scope-set is allowed.\n * If a token with the same normalized scopes exists, it is replaced.\n * This ensures we don't accumulate multiple tokens for the same scope combination.\n *\n * @param currentTokens - Current array of elevated access tokens\n * @param newToken - New token to upsert\n * @returns Updated array of tokens with the new token upserted\n * @notInstrumented\n */\nexport const upsertElevatedAccessToken = ({\n currentTokens,\n newToken,\n}: {\n currentTokens: ElevatedAccessToken[];\n newToken: ParsedElevatedAccessToken;\n}): ElevatedAccessToken[] => {\n const newScopeKey = normalizeScopes(newToken.scopes).join(' ');\n\n // Remove any existing token with the same normalized scopes\n const filteredTokens = currentTokens.filter((existingToken) => {\n const existingScopeKey = normalizeScopes(existingToken.scopes).join(' ');\n return existingScopeKey !== newScopeKey;\n });\n\n // Add the new token\n return [\n ...filteredTokens,\n {\n expiresAt: newToken.expiresAt,\n scopes: newToken.scopes,\n singleUse: newToken.singleUse,\n token: newToken.token,\n },\n ];\n};\n","import type { VerifyResponse } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicCoreState } from '../../../client/core/types';\nimport type { DynamicClient } from '../../../client/types';\nimport { setCookie } from '../../../utils/setCookie';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { initializeWaasClientsForEagerRecovery } from '../../waas/initializeWaasClientsForEagerRecovery';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport { checkAndRaiseWalletAccountsChangedEvent } from './checkAndRaiseWalletAccountsChangedEvent';\nimport { parseElevatedAccessToken } from './elevatedAccessTokens/parseElevatedAccessToken';\nimport { upsertElevatedAccessToken } from './elevatedAccessTokens/upsertElevatedAccessToken';\n\ntype UpdateAuthFromVerifyResponseParams = {\n response: VerifyResponse;\n};\n\n/** @notInstrumented */\nexport const updateAuthFromVerifyResponse = (\n { response }: UpdateAuthFromVerifyResponseParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const previousState = { ...core.state.get() };\n\n const { user, minifiedJwt, jwt, expiresAt, mfaToken, elevatedAccessToken } =\n response;\n\n // Expires at is in seconds, so we need to convert it to milliseconds\n const sessionExpiresAt = new Date(expiresAt * 1000);\n\n const newState: Partial<DynamicCoreState> = {\n legacyToken: jwt ?? null,\n sessionExpiresAt: sessionExpiresAt,\n token: minifiedJwt ?? null,\n user,\n };\n\n // only override the mfaToken if a new one is provided in the response\n if (mfaToken) {\n newState.mfaToken = mfaToken;\n }\n\n // Add elevated access token to the array if a new one is provided in the response\n // Policy: Only one token per normalized scope-set is allowed (old tokens are replaced)\n // Always preserve existing tokens to ensure they're synced to storage\n const currentTokens = core.state.get().elevatedAccessTokens || [];\n newState.elevatedAccessTokens = currentTokens;\n \n if (elevatedAccessToken) {\n const parsedToken = parseElevatedAccessToken({\n token: elevatedAccessToken,\n });\n if (parsedToken) {\n newState.elevatedAccessTokens = upsertElevatedAccessToken({\n currentTokens,\n newToken: parsedToken,\n });\n }\n }\n\n core.state.set(newState);\n\n /**\n * For customers using a sandbox environment with cookies enabled, we need to set the cookie\n * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically\n * so customers can access the cookie from document.cookie consistently between sandbox and live environments.\n */\n if (minifiedJwt && isCookieEnabled(client)) {\n const expireDate = sessionExpiresAt.toUTCString();\n\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${expireDate}; path=/; SameSite=Lax`\n );\n }\n\n checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);\n\n // if the user is logging in, boot the waas client(s) so the SDK eagerly\n // recovers key shares for all wallet accounts\n const isUserLoggingIn = !previousState.user && Boolean(newState.user);\n if (isUserLoggingIn) {\n void initializeWaasClientsForEagerRecovery(client);\n }\n};\n","import type { DynamicClient } from '../../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetVerifiedCredentialForWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getVerifiedCredentialForWalletAccount = (\n { walletAccount }: GetVerifiedCredentialForWalletAccountParams,\n client: DynamicClient\n) => {\n return client.user?.verifiedCredentials.find(\n (vc) => vc.id === walletAccount.verifiedCredentialId\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { NoWalletProviderFoundError } from '../../../errors/NoWalletProviderFoundError';\nimport { getWalletProviders } from '../getWalletProviders';\n\ntype GetWalletProviderByKeyParams = {\n walletProviderKey: string;\n};\n\n/** @notInstrumented */\nexport const getWalletProviderByKey = (\n { walletProviderKey }: GetWalletProviderByKeyParams,\n client: DynamicClient\n) => {\n const walletProviders = getWalletProviders(client);\n\n const walletProvider = walletProviders.find(\n (walletProvider) => walletProvider.key === walletProviderKey\n );\n\n if (!walletProvider) {\n throw new NoWalletProviderFoundError({ walletProviderKey });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;;;;AAQA,MAAa,kCAAkC,WAAgC;AAG7E,WACE;EACE,MAAM,EAAE,gBAJW,kBAAkB,OAAO,EAIpB;EACxB,OAAO;EACR,EACD,OACD;;;;;;ACPH,MAAa,2CACX,EAAE,iBACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;AAS5B,KAPiC,sBAAsB,eAAe,OAAO,KAE7C,sBAC9B,KAAK,MAAM,KAAK,EAChB,OACD,CAGC,gCAA+B,OAAO;;AAM1C,MAAM,yBACJ,OACA,WAEA,2BAA2B,OAAO,OAAO,CACtC,KAAK,kBAAkB,KAAK,UAAU,cAAc,CAAC,CACrD,MAAM,CACN,KAAK,IAAI;;;;;;;;AC9Bd,MAAa,sBAAsB,WAA0B;AAG3D,QAF+B,0BAA0B,OAAO,CAElC,eAAe;;;;;;ACK/C,MAAa,iCACX,EAAE,SACF,WAC8B;CAC9B,MAAM,YAAY,mBAAmB,OAAO;CAE5C,MAAM,kBAAkB,wBAAwB;EAC9C;EACA,aAAa,sBAAsB;EACnC,oBAAoB,mBAAmB;EACxC,CAAC;CAEF,MAAM,eAAe,UAAU,MAC5B,aAAa,SAAS,QAAQ,mBAAmB,SAAS,UAAU,MACtE;AAED,KAAI,CAAC,gBAAgB,CAAC,qBAAqB,aAAa,CACtD,QAAO;AAGT,QAAO;;;;;;;;;;;;;ACpBT,MAAa,uBAAuB,EAClC,oBACwC;AACxC,QAAO,cAAc,kBAAkB,SACrC,sBAAsB,qBACvB;;;;;;;;;;;;;ACLH,MAAa,wCAAwC,OACnD,WACkB;;;;;;AAMlB,KAAI,qBAAqB,OAAO,CAC9B;CAGF,MAAM,aAAa,IAAI,IACrB,kBAAkB,OAAO,CACtB,QAAQ,kBAAkB,oBAAoB,EAAE,eAAe,CAAC,CAAC,CACjE,KAAK,kBAAkB,cAAc,MAAM,CAC/C;AAED,OAAM,QAAQ,IACZ,CAAC,GAAG,WAAW,CAAC,IAAI,OAAO,UAAU;EACnC,MAAM,WAAW,8BAA8B,EAAE,OAAO,EAAE,OAAO;;;;;AAMjE,MAAI,CAAC,SAAU;AAEf,MAAI;AACF,SAAM,SAAS,eAAe;WACvB,OAAO;AACd,WAAQ,OAAO,CAAC,OAAO,KACrB,sEACA,MACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;ACvBH,MAAa,aAAa,QAA4B;AACpD,KAAI;EAEF,MAAM,QAAQ,IAAI,MAAM,IAAI;AAC5B,MAAI,MAAM,WAAW,EACnB,OAAM,IAAI,kBAAkB,qBAAqB;EAKnD,MAAM,gBAAgB,MAAM,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;EAExE,MAAM,gBACJ,gBAAgB,IAAI,QAAQ,IAAK,cAAc,SAAS,KAAM,EAAE;EAClE,MAAM,iBAAiB,KAAK,cAAc;AAG1C,SAFe,KAAK,MAAM,eAAe;UAGlC,OAAO;AACd,MAAI,iBAAiB,kBACnB,OAAM;AAER,QAAM,IAAI,kBACR,yBACE,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,GAEzD;;;;;;;;;;;;;;AC9CL,MAAa,mBAAmB,WAA+B;AAC7D,QAAO,CAAC,GAAG,IAAI,IAAI,OAAO,CAAC,CAAC,MAAM,GAAG,MAAM,EAAE,cAAc,EAAE,CAAC;;;;;;;;;;;;;;;;;;ACYhE,MAAa,4BAA4B,EACvC,YACuE;CACvE,MAAM,UAAU,UAAU,MAAM;CAGhC,MAAM,mBAFgB,SAAS,QACQ,MAAM,IAAI,IAAI,EAAE,EAChB,QAAQ,MAAM,EAAE,SAAS,EAAE;CAClE,MAAM,YAAY,QAAQ,aAAa;AAGvC,KAAI,CAAC,kBAAkB,eAAe,WAAW,EAC/C,QAAO;AAIT,KAAI,CAAC,QAAQ,IACX,QAAO;CAIT,MAAM,4BAAY,IAAI,KAAK,QAAQ,MAAM,IAAK;AAG9C,KAAI,6BAAa,IAAI,MAAM,CACzB,QAAO;AAGT,QAAO;EACL;EACA,kBAAkB,gBAAgB,eAAe;EACjD,QAAQ;EACR;EACA;EACD;;;;;;;;;;;;;;;;;ACrCH,MAAa,6BAA6B,EACxC,eACA,eAI2B;CAC3B,MAAM,cAAc,gBAAgB,SAAS,OAAO,CAAC,KAAK,IAAI;AAS9D,QAAO,CACL,GAPqB,cAAc,QAAQ,kBAAkB;AAE7D,SADyB,gBAAgB,cAAc,OAAO,CAAC,KAAK,IAAI,KAC5C;GAC5B,EAKA;EACE,WAAW,SAAS;EACpB,QAAQ,SAAS;EACjB,WAAW,SAAS;EACpB,OAAO,SAAS;EACjB,CACF;;;;;;ACxBH,MAAa,gCACX,EAAE,YACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,gBAAgB,EAAE,GAAG,KAAK,MAAM,KAAK,EAAE;CAE7C,MAAM,EAAE,MAAM,aAAa,KAAK,WAAW,UAAU,wBACnD;CAGF,MAAM,mCAAmB,IAAI,KAAK,YAAY,IAAK;CAEnD,MAAMA,WAAsC;EAC1C,aAAa,OAAO;EACF;EAClB,OAAO,eAAe;EACtB;EACD;AAGD,KAAI,SACF,UAAS,WAAW;CAMtB,MAAM,gBAAgB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;AACjE,UAAS,uBAAuB;AAEhC,KAAI,qBAAqB;EACvB,MAAM,cAAc,yBAAyB,EAC3C,OAAO,qBACR,CAAC;AACF,MAAI,YACF,UAAS,uBAAuB,0BAA0B;GACxD;GACA,UAAU;GACX,CAAC;;AAIN,MAAK,MAAM,IAAI,SAAS;;;;;;AAOxB,KAAI,eAAe,gBAAgB,OAAO,CAGxC,WACE,GAAG,yBAAyB,GAAG,YAAY,YAH1B,iBAAiB,aAAa,CAGmB,wBACnE;AAGH,yCAAwC,EAAE,eAAe,EAAE,OAAO;AAKlE,KADwB,CAAC,cAAc,QAAQ,QAAQ,SAAS,KAAK,CAEnE,CAAK,sCAAsC,OAAO;;;;;;AC3EtD,MAAa,yCACX,EAAE,iBACF,WACG;AACH,QAAO,OAAO,MAAM,oBAAoB,MACrC,OAAO,GAAG,OAAO,cAAc,qBACjC;;;;;;ACLH,MAAa,0BACX,EAAE,qBACF,WACG;CAGH,MAAM,iBAFkB,mBAAmB,OAAO,CAEX,MACpC,qBAAmBC,iBAAe,QAAQ,kBAC5C;AAED,KAAI,CAAC,eACH,OAAM,IAAI,2BAA2B,EAAE,mBAAmB,CAAC;AAG7D,QAAO"}
1
+ {"version":3,"file":"getWalletProviderByKey-C4KTyeYY.esm.js","names":["newState: Partial<DynamicCoreState>","walletProvider"],"sources":["../src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts","../src/modules/auth/updateAuthFromVerifyResponse/checkAndRaiseWalletAccountsChangedEvent/checkAndRaiseWalletAccountsChangedEvent.ts","../src/modules/wallets/getWalletProviders/getWalletProviders.ts","../src/modules/waas/findWaasWalletProviderByChain/findWaasWalletProviderByChain.ts","../src/modules/waas/isWaasWalletAccount/isWaasWalletAccount.ts","../src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts","../src/modules/auth/decodeJwt/decodeJwt.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/normalizeScopes/normalizeScopes.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/parseElevatedAccessToken/parseElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/upsertElevatedAccessToken/upsertElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.ts","../src/modules/wallets/utils/getVerifiedCredentialForWalletAccount/getVerifiedCredentialForWalletAccount.ts","../src/modules/wallets/getWalletProviderByKey/getWalletProviderByKey.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types';\nimport { emitEvent } from '../../clientEvents';\nimport { getWalletAccounts } from '../getWalletAccounts';\n\n/**\n * Emits the `walletAccountsChanged` event.\n * @notInstrumented\n */\nexport const emitWalletAccountsChangedEvent = (client: DynamicClient): void => {\n const walletAccounts = getWalletAccounts(client);\n\n emitEvent(\n {\n args: { walletAccounts },\n event: 'walletAccountsChanged',\n },\n client\n );\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { emitWalletAccountsChangedEvent } from '../../../wallets/emitWalletAccountsChangedEvent';\nimport { getWalletAccountsFromState } from '../../../wallets/getWalletAccounts/getWalletAccountsFromState';\n\ntype CheckAndRaiseWalletAccountsChangedEventParams = {\n previousState: Readonly<DynamicCoreState>;\n};\n\n/** @notInstrumented */\nexport const checkAndRaiseWalletAccountsChangedEvent = (\n { previousState }: CheckAndRaiseWalletAccountsChangedEventParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletAccountsHashBefore = getWalletAccountsHash(previousState, client);\n\n const walletAccountsHashAfter = getWalletAccountsHash(\n core.state.get(),\n client\n );\n\n if (walletAccountsHashBefore !== walletAccountsHashAfter) {\n emitWalletAccountsChangedEvent(client);\n }\n};\n\n \n \nconst getWalletAccountsHash = (\n state: Readonly<DynamicCoreState>,\n client: DynamicClient\n) =>\n getWalletAccountsFromState(state, client)\n .map((walletAccount) => JSON.stringify(walletAccount))\n .sort()\n .join('-');\n","import type { DynamicClient } from '../../../client/types';\nimport { getWalletProviderRegistry } from '../walletProviderRegistry';\n\n/**\n * Get all available wallet providers to interact with internally.\n * @notInstrumented\n */\nexport const getWalletProviders = (client: DynamicClient) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n return walletProviderRegistry.listProviders();\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { Chain } from '../../chain';\nimport { getWalletProviders } from '../../wallets/getWalletProviders';\nimport { formatWalletProviderKey } from '../../wallets/utils/formatWalletProviderKey';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype FindWaasWalletProviderByChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const findWaasWalletProviderByChain = (\n { chain }: FindWaasWalletProviderByChainParams,\n client: DynamicClient\n): WaasWalletProvider | null => {\n const providers = getWalletProviders(client);\n\n const waasProviderKey = formatWalletProviderKey({\n chain,\n displayName: DYNAMIC_WAAS_METADATA.displayName,\n walletProviderType: WalletProviderEnum.EmbeddedWallet,\n });\n\n const waasProvider = providers.find(\n (provider) => provider.key === waasProviderKey && provider.chain === chain\n );\n\n if (!waasProvider || !isWaasWalletProvider(waasProvider)) {\n return null;\n }\n\n return waasProvider;\n};\n","import type { WalletAccount } from '../../wallets/walletAccount';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype IsWaasWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/**\n * This function determines whether the provided wallet account is a Dynamic\n * WaaS wallet account.\n *\n * @param params.walletAccount - The wallet account to check.\n * @returns True if the wallet account is a WaaS wallet account, false otherwise.\n * @notInstrumented\n */\nexport const isWaasWalletAccount = ({\n walletAccount,\n}: IsWaasWalletAccountParams): boolean => {\n return walletAccount.walletProviderKey.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\nimport { findWaasWalletProviderByChain } from '../findWaasWalletProviderByChain';\nimport { isWaasWalletAccount } from '../isWaasWalletAccount';\n\n/**\n * On login, boots the WaaS client once per chain so the SDK eagerly recovers\n * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the\n * host looping per wallet. Booting calls `initialize()`, which sends the auth\n * token the iframe needs to self-recover.\n *\n * @notInstrumented\n */\nexport const initializeWaasClientsForEagerRecovery = async (\n client: DynamicClient\n): Promise<void> => {\n /**\n * Booting triggers recovery, which fails if the user is missing the MFA auth.\n * This early return avoids attempting a call we know will fail and just adds\n * noise to the logs.\n */\n if (isUserMissingMfaAuth(client)) {\n return;\n }\n\n const waasChains = new Set(\n getWalletAccounts(client)\n .filter((walletAccount) => isWaasWalletAccount({ walletAccount }))\n .map((walletAccount) => walletAccount.chain)\n );\n\n await Promise.all(\n [...waasChains].map(async (chain) => {\n const provider = findWaasWalletProviderByChain({ chain }, client);\n\n /**\n * The environment might not have the embedded wallet extensions installed.\n * In that case there is no provider for the chain and nothing to boot.\n */\n if (!provider) return;\n\n try {\n await provider.getWaasClient();\n } catch (error) {\n getCore(client).logger.warn(\n '[initializeWaasClientsForEagerRecovery] failed to boot waas client',\n error\n );\n }\n })\n );\n};\n","import { InvalidParamError } from '../../../errors/InvalidParamError';\n\nexport type JwtPayload = {\n [key: string]: unknown;\n exp: number;\n iat: number;\n scope: string;\n singleUse?: boolean;\n sub: string;\n};\n\n/**\n * Decodes a JWT token and returns the full payload.\n *\n * This function extracts and returns the complete JWT payload including scopes,\n * expiration time, and other claims.\n *\n * @param jwt - The JWT token string.\n * @returns The decoded JWT payload object.\n * @throws InvalidParamError if the token is invalid or cannot be decoded.\n *\n * @example\n * ```typescript\n * const payload = decodeJwt(jwt);\n * // Returns: { scopes: ['wallet:export'], exp: 1234567890, ... }\n * ```\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const decodeJwt = (jwt: string): JwtPayload => {\n try {\n // JWT format: header.payload.signature\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidParamError('Invalid JWT format');\n }\n\n // Decode the payload (second part)\n // Base64URL decode: replace URL-safe characters and decode\n const base64Payload = parts[1].replaceAll('-', '+').replaceAll('_', '/');\n // Add padding if needed\n const paddedPayload =\n base64Payload + '='.repeat((4 - (base64Payload.length % 4)) % 4);\n const decodedPayload = atob(paddedPayload);\n const claims = JSON.parse(decodedPayload) as JwtPayload;\n\n return claims;\n } catch (error) {\n if (error instanceof InvalidParamError) {\n throw error;\n }\n throw new InvalidParamError(\n `Failed to decode JWT: ${\n error instanceof Error ? error.message : String(error)\n }`\n );\n }\n};\n","/**\n * Normalizes scopes by deduplicating and sorting them.\n * This creates a canonical representation for comparison.\n *\n * @param scopes - Array of scope strings (may contain duplicates)\n * @returns Normalized, sorted array of unique scopes\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const normalizeScopes = (scopes: string[]): string[] => {\n return [...new Set(scopes)].sort((a, b) => a.localeCompare(b));\n};\n","import { decodeJwt } from '../../../decodeJwt';\nimport type { ParsedElevatedAccessToken } from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\nexport type ParseElevatedAccessTokenOptions = {\n /** JWT string containing the elevated access token. */\n token: string;\n};\n\n/**\n * Validates and parses an elevated access token from a JWT string.\n * Extracts scopes, expiration, and validates the token structure.\n *\n * Policy decisions:\n * - Tokens without scopes are rejected (returns null)\n * - Tokens with empty scopes array are rejected (returns null)\n * - Tokens without exp field are rejected (returns null)\n * - Expired tokens are rejected (returns null)\n *\n * @returns Parsed token data or null if token is invalid/expired\n * @notInstrumented\n */\nexport const parseElevatedAccessToken = ({\n token,\n}: ParseElevatedAccessTokenOptions): ParsedElevatedAccessToken | null => {\n const payload = decodeJwt(token);\n const rawScopeClaim = payload?.scope;\n const processedScopes = rawScopeClaim?.split(' ') ?? [];\n const filteredScopes = processedScopes.filter((s) => s.length > 0);\n const singleUse = payload.singleUse ?? false;\n\n // Reject tokens without scopes or with empty scopes\n if (!filteredScopes || filteredScopes.length === 0) {\n return null;\n }\n\n // Reject tokens without exp field\n if (!payload.exp) {\n return null;\n }\n\n // Convert exp (seconds) to Date (milliseconds)\n const expiresAt = new Date(payload.exp * 1000);\n\n // Reject expired tokens\n if (expiresAt <= new Date()) {\n return null;\n }\n\n return {\n expiresAt,\n normalizedScopes: normalizeScopes(filteredScopes),\n scopes: filteredScopes,\n singleUse,\n token,\n };\n};\n","import type {\n ElevatedAccessToken,\n ParsedElevatedAccessToken,\n} from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\n/**\n * Upserts an elevated access token into the current tokens array.\n *\n * Policy: Only one token per normalized scope-set is allowed.\n * If a token with the same normalized scopes exists, it is replaced.\n * This ensures we don't accumulate multiple tokens for the same scope combination.\n *\n * @param currentTokens - Current array of elevated access tokens\n * @param newToken - New token to upsert\n * @returns Updated array of tokens with the new token upserted\n * @notInstrumented\n */\nexport const upsertElevatedAccessToken = ({\n currentTokens,\n newToken,\n}: {\n currentTokens: ElevatedAccessToken[];\n newToken: ParsedElevatedAccessToken;\n}): ElevatedAccessToken[] => {\n const newScopeKey = normalizeScopes(newToken.scopes).join(' ');\n\n // Remove any existing token with the same normalized scopes\n const filteredTokens = currentTokens.filter((existingToken) => {\n const existingScopeKey = normalizeScopes(existingToken.scopes).join(' ');\n return existingScopeKey !== newScopeKey;\n });\n\n // Add the new token\n return [\n ...filteredTokens,\n {\n expiresAt: newToken.expiresAt,\n scopes: newToken.scopes,\n singleUse: newToken.singleUse,\n token: newToken.token,\n },\n ];\n};\n","import type { VerifyResponse } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicCoreState } from '../../../client/core/types';\nimport type { DynamicClient } from '../../../client/types';\nimport { setCookie } from '../../../utils/setCookie';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { initializeWaasClientsForEagerRecovery } from '../../waas/initializeWaasClientsForEagerRecovery';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport { checkAndRaiseWalletAccountsChangedEvent } from './checkAndRaiseWalletAccountsChangedEvent';\nimport { parseElevatedAccessToken } from './elevatedAccessTokens/parseElevatedAccessToken';\nimport { upsertElevatedAccessToken } from './elevatedAccessTokens/upsertElevatedAccessToken';\n\ntype UpdateAuthFromVerifyResponseParams = {\n response: VerifyResponse;\n};\n\n/** @notInstrumented */\nexport const updateAuthFromVerifyResponse = (\n { response }: UpdateAuthFromVerifyResponseParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const previousState = { ...core.state.get() };\n\n const { user, minifiedJwt, jwt, expiresAt, mfaToken, elevatedAccessToken } =\n response;\n\n // Expires at is in seconds, so we need to convert it to milliseconds\n const sessionExpiresAt = new Date(expiresAt * 1000);\n\n const newState: Partial<DynamicCoreState> = {\n legacyToken: jwt ?? null,\n sessionExpiresAt: sessionExpiresAt,\n token: minifiedJwt ?? null,\n user,\n };\n\n // only override the mfaToken if a new one is provided in the response\n if (mfaToken) {\n newState.mfaToken = mfaToken;\n }\n\n // Add elevated access token to the array if a new one is provided in the response\n // Policy: Only one token per normalized scope-set is allowed (old tokens are replaced)\n // Always preserve existing tokens to ensure they're synced to storage\n const currentTokens = core.state.get().elevatedAccessTokens || [];\n newState.elevatedAccessTokens = currentTokens;\n \n if (elevatedAccessToken) {\n const parsedToken = parseElevatedAccessToken({\n token: elevatedAccessToken,\n });\n if (parsedToken) {\n newState.elevatedAccessTokens = upsertElevatedAccessToken({\n currentTokens,\n newToken: parsedToken,\n });\n }\n }\n\n core.state.set(newState);\n\n /**\n * For customers using a sandbox environment with cookies enabled, we need to set the cookie\n * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically\n * so customers can access the cookie from document.cookie consistently between sandbox and live environments.\n */\n if (minifiedJwt && isCookieEnabled(client)) {\n const expireDate = sessionExpiresAt.toUTCString();\n\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${expireDate}; path=/; SameSite=Lax`\n );\n }\n\n checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);\n\n // if the user is logging in, boot the waas client(s) so the SDK eagerly\n // recovers key shares for all wallet accounts\n const isUserLoggingIn = !previousState.user && Boolean(newState.user);\n if (isUserLoggingIn) {\n void initializeWaasClientsForEagerRecovery(client);\n }\n};\n","import type { DynamicClient } from '../../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetVerifiedCredentialForWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getVerifiedCredentialForWalletAccount = (\n { walletAccount }: GetVerifiedCredentialForWalletAccountParams,\n client: DynamicClient\n) => {\n return client.user?.verifiedCredentials.find(\n (vc) => vc.id === walletAccount.verifiedCredentialId\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { NoWalletProviderFoundError } from '../../../errors/NoWalletProviderFoundError';\nimport { getWalletProviders } from '../getWalletProviders';\n\ntype GetWalletProviderByKeyParams = {\n walletProviderKey: string;\n};\n\n/** @notInstrumented */\nexport const getWalletProviderByKey = (\n { walletProviderKey }: GetWalletProviderByKeyParams,\n client: DynamicClient\n) => {\n const walletProviders = getWalletProviders(client);\n\n const walletProvider = walletProviders.find(\n (walletProvider) => walletProvider.key === walletProviderKey\n );\n\n if (!walletProvider) {\n throw new NoWalletProviderFoundError({ walletProviderKey });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;;;;AAQA,MAAa,kCAAkC,WAAgC;AAG7E,WACE;EACE,MAAM,EAAE,gBAJW,kBAAkB,OAAO,EAIpB;EACxB,OAAO;EACR,EACD,OACD;;;;;;ACPH,MAAa,2CACX,EAAE,iBACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;AAS5B,KAPiC,sBAAsB,eAAe,OAAO,KAE7C,sBAC9B,KAAK,MAAM,KAAK,EAChB,OACD,CAGC,gCAA+B,OAAO;;AAM1C,MAAM,yBACJ,OACA,WAEA,2BAA2B,OAAO,OAAO,CACtC,KAAK,kBAAkB,KAAK,UAAU,cAAc,CAAC,CACrD,MAAM,CACN,KAAK,IAAI;;;;;;;;AC9Bd,MAAa,sBAAsB,WAA0B;AAG3D,QAF+B,0BAA0B,OAAO,CAElC,eAAe;;;;;;ACK/C,MAAa,iCACX,EAAE,SACF,WAC8B;CAC9B,MAAM,YAAY,mBAAmB,OAAO;CAE5C,MAAM,kBAAkB,wBAAwB;EAC9C;EACA,aAAa,sBAAsB;EACnC,oBAAoB,mBAAmB;EACxC,CAAC;CAEF,MAAM,eAAe,UAAU,MAC5B,aAAa,SAAS,QAAQ,mBAAmB,SAAS,UAAU,MACtE;AAED,KAAI,CAAC,gBAAgB,CAAC,qBAAqB,aAAa,CACtD,QAAO;AAGT,QAAO;;;;;;;;;;;;;ACpBT,MAAa,uBAAuB,EAClC,oBACwC;AACxC,QAAO,cAAc,kBAAkB,SACrC,sBAAsB,qBACvB;;;;;;;;;;;;;ACLH,MAAa,wCAAwC,OACnD,WACkB;;;;;;AAMlB,KAAI,qBAAqB,OAAO,CAC9B;CAGF,MAAM,aAAa,IAAI,IACrB,kBAAkB,OAAO,CACtB,QAAQ,kBAAkB,oBAAoB,EAAE,eAAe,CAAC,CAAC,CACjE,KAAK,kBAAkB,cAAc,MAAM,CAC/C;AAED,OAAM,QAAQ,IACZ,CAAC,GAAG,WAAW,CAAC,IAAI,OAAO,UAAU;EACnC,MAAM,WAAW,8BAA8B,EAAE,OAAO,EAAE,OAAO;;;;;AAMjE,MAAI,CAAC,SAAU;AAEf,MAAI;AACF,SAAM,SAAS,eAAe;WACvB,OAAO;AACd,WAAQ,OAAO,CAAC,OAAO,KACrB,sEACA,MACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;ACvBH,MAAa,aAAa,QAA4B;AACpD,KAAI;EAEF,MAAM,QAAQ,IAAI,MAAM,IAAI;AAC5B,MAAI,MAAM,WAAW,EACnB,OAAM,IAAI,kBAAkB,qBAAqB;EAKnD,MAAM,gBAAgB,MAAM,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;EAExE,MAAM,gBACJ,gBAAgB,IAAI,QAAQ,IAAK,cAAc,SAAS,KAAM,EAAE;EAClE,MAAM,iBAAiB,KAAK,cAAc;AAG1C,SAFe,KAAK,MAAM,eAAe;UAGlC,OAAO;AACd,MAAI,iBAAiB,kBACnB,OAAM;AAER,QAAM,IAAI,kBACR,yBACE,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,GAEzD;;;;;;;;;;;;;;AC9CL,MAAa,mBAAmB,WAA+B;AAC7D,QAAO,CAAC,GAAG,IAAI,IAAI,OAAO,CAAC,CAAC,MAAM,GAAG,MAAM,EAAE,cAAc,EAAE,CAAC;;;;;;;;;;;;;;;;;;ACYhE,MAAa,4BAA4B,EACvC,YACuE;CACvE,MAAM,UAAU,UAAU,MAAM;CAGhC,MAAM,mBAFgB,SAAS,QACQ,MAAM,IAAI,IAAI,EAAE,EAChB,QAAQ,MAAM,EAAE,SAAS,EAAE;CAClE,MAAM,YAAY,QAAQ,aAAa;AAGvC,KAAI,CAAC,kBAAkB,eAAe,WAAW,EAC/C,QAAO;AAIT,KAAI,CAAC,QAAQ,IACX,QAAO;CAIT,MAAM,4BAAY,IAAI,KAAK,QAAQ,MAAM,IAAK;AAG9C,KAAI,6BAAa,IAAI,MAAM,CACzB,QAAO;AAGT,QAAO;EACL;EACA,kBAAkB,gBAAgB,eAAe;EACjD,QAAQ;EACR;EACA;EACD;;;;;;;;;;;;;;;;;ACrCH,MAAa,6BAA6B,EACxC,eACA,eAI2B;CAC3B,MAAM,cAAc,gBAAgB,SAAS,OAAO,CAAC,KAAK,IAAI;AAS9D,QAAO,CACL,GAPqB,cAAc,QAAQ,kBAAkB;AAE7D,SADyB,gBAAgB,cAAc,OAAO,CAAC,KAAK,IAAI,KAC5C;GAC5B,EAKA;EACE,WAAW,SAAS;EACpB,QAAQ,SAAS;EACjB,WAAW,SAAS;EACpB,OAAO,SAAS;EACjB,CACF;;;;;;ACxBH,MAAa,gCACX,EAAE,YACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,gBAAgB,EAAE,GAAG,KAAK,MAAM,KAAK,EAAE;CAE7C,MAAM,EAAE,MAAM,aAAa,KAAK,WAAW,UAAU,wBACnD;CAGF,MAAM,mCAAmB,IAAI,KAAK,YAAY,IAAK;CAEnD,MAAMA,WAAsC;EAC1C,aAAa,OAAO;EACF;EAClB,OAAO,eAAe;EACtB;EACD;AAGD,KAAI,SACF,UAAS,WAAW;CAMtB,MAAM,gBAAgB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;AACjE,UAAS,uBAAuB;AAEhC,KAAI,qBAAqB;EACvB,MAAM,cAAc,yBAAyB,EAC3C,OAAO,qBACR,CAAC;AACF,MAAI,YACF,UAAS,uBAAuB,0BAA0B;GACxD;GACA,UAAU;GACX,CAAC;;AAIN,MAAK,MAAM,IAAI,SAAS;;;;;;AAOxB,KAAI,eAAe,gBAAgB,OAAO,CAGxC,WACE,GAAG,yBAAyB,GAAG,YAAY,YAH1B,iBAAiB,aAAa,CAGmB,wBACnE;AAGH,yCAAwC,EAAE,eAAe,EAAE,OAAO;AAKlE,KADwB,CAAC,cAAc,QAAQ,QAAQ,SAAS,KAAK,CAEnE,CAAK,sCAAsC,OAAO;;;;;;AC3EtD,MAAa,yCACX,EAAE,iBACF,WACG;AACH,QAAO,OAAO,MAAM,oBAAoB,MACrC,OAAO,GAAG,OAAO,cAAc,qBACjC;;;;;;ACLH,MAAa,0BACX,EAAE,qBACF,WACG;CAGH,MAAM,iBAFkB,mBAAmB,OAAO,CAEX,MACpC,qBAAmBC,iBAAe,QAAQ,kBAC5C;AAED,KAAI,CAAC,eACH,OAAM,IAAI,2BAA2B,EAAE,mBAAmB,CAAC;AAG7D,QAAO"}
@@ -1,5 +1,5 @@
1
- const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DFowphoV.cjs');
2
- const require_InvalidParamError = require('./InvalidParamError-Cs4ZMEj4.cjs');
1
+ const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DsOwHl4C.cjs');
2
+ const require_InvalidParamError = require('./InvalidParamError-BPY2yug_.cjs');
3
3
  let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
4
4
 
5
5
  //#region src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts
@@ -318,4 +318,4 @@ Object.defineProperty(exports, 'upsertElevatedAccessToken', {
318
318
  return upsertElevatedAccessToken;
319
319
  }
320
320
  });
321
- //# sourceMappingURL=getWalletProviderByKey-OD65GUWG.cjs.map
321
+ //# sourceMappingURL=getWalletProviderByKey-DZrpcmPE.cjs.map
@@ -1 +1 @@
1
- {"version":3,"file":"getWalletProviderByKey-OD65GUWG.cjs","names":["getWalletAccounts","getCore","getWalletAccountsFromState","getWalletProviderRegistry","formatWalletProviderKey","DYNAMIC_WAAS_METADATA","WalletProviderEnum","isWaasWalletProvider","DYNAMIC_WAAS_METADATA","isUserMissingMfaAuth","getWalletAccounts","InvalidParamError","getCore","newState: Partial<DynamicCoreState>","isCookieEnabled","DYNAMIC_AUTH_COOKIE_NAME","walletProvider","NoWalletProviderFoundError"],"sources":["../src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts","../src/modules/auth/updateAuthFromVerifyResponse/checkAndRaiseWalletAccountsChangedEvent/checkAndRaiseWalletAccountsChangedEvent.ts","../src/modules/wallets/getWalletProviders/getWalletProviders.ts","../src/modules/waas/findWaasWalletProviderByChain/findWaasWalletProviderByChain.ts","../src/modules/waas/isWaasWalletAccount/isWaasWalletAccount.ts","../src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts","../src/modules/auth/decodeJwt/decodeJwt.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/normalizeScopes/normalizeScopes.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/parseElevatedAccessToken/parseElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/upsertElevatedAccessToken/upsertElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.ts","../src/modules/wallets/utils/getVerifiedCredentialForWalletAccount/getVerifiedCredentialForWalletAccount.ts","../src/modules/wallets/getWalletProviderByKey/getWalletProviderByKey.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types';\nimport { emitEvent } from '../../clientEvents';\nimport { getWalletAccounts } from '../getWalletAccounts';\n\n/**\n * Emits the `walletAccountsChanged` event.\n * @notInstrumented\n */\nexport const emitWalletAccountsChangedEvent = (client: DynamicClient): void => {\n const walletAccounts = getWalletAccounts(client);\n\n emitEvent(\n {\n args: { walletAccounts },\n event: 'walletAccountsChanged',\n },\n client\n );\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { emitWalletAccountsChangedEvent } from '../../../wallets/emitWalletAccountsChangedEvent';\nimport { getWalletAccountsFromState } from '../../../wallets/getWalletAccounts/getWalletAccountsFromState';\n\ntype CheckAndRaiseWalletAccountsChangedEventParams = {\n previousState: Readonly<DynamicCoreState>;\n};\n\n/** @notInstrumented */\nexport const checkAndRaiseWalletAccountsChangedEvent = (\n { previousState }: CheckAndRaiseWalletAccountsChangedEventParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletAccountsHashBefore = getWalletAccountsHash(previousState, client);\n\n const walletAccountsHashAfter = getWalletAccountsHash(\n core.state.get(),\n client\n );\n\n if (walletAccountsHashBefore !== walletAccountsHashAfter) {\n emitWalletAccountsChangedEvent(client);\n }\n};\n\n \n \nconst getWalletAccountsHash = (\n state: Readonly<DynamicCoreState>,\n client: DynamicClient\n) =>\n getWalletAccountsFromState(state, client)\n .map((walletAccount) => JSON.stringify(walletAccount))\n .sort()\n .join('-');\n","import type { DynamicClient } from '../../../client/types';\nimport { getWalletProviderRegistry } from '../walletProviderRegistry';\n\n/**\n * Get all available wallet providers to interact with internally.\n * @notInstrumented\n */\nexport const getWalletProviders = (client: DynamicClient) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n return walletProviderRegistry.listProviders();\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { Chain } from '../../chain';\nimport { getWalletProviders } from '../../wallets/getWalletProviders';\nimport { formatWalletProviderKey } from '../../wallets/utils/formatWalletProviderKey';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype FindWaasWalletProviderByChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const findWaasWalletProviderByChain = (\n { chain }: FindWaasWalletProviderByChainParams,\n client: DynamicClient\n): WaasWalletProvider | null => {\n const providers = getWalletProviders(client);\n\n const waasProviderKey = formatWalletProviderKey({\n chain,\n displayName: DYNAMIC_WAAS_METADATA.displayName,\n walletProviderType: WalletProviderEnum.EmbeddedWallet,\n });\n\n const waasProvider = providers.find(\n (provider) => provider.key === waasProviderKey && provider.chain === chain\n );\n\n if (!waasProvider || !isWaasWalletProvider(waasProvider)) {\n return null;\n }\n\n return waasProvider;\n};\n","import type { WalletAccount } from '../../wallets/walletAccount';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype IsWaasWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/**\n * This function determines whether the provided wallet account is a Dynamic\n * WaaS wallet account.\n *\n * @param params.walletAccount - The wallet account to check.\n * @returns True if the wallet account is a WaaS wallet account, false otherwise.\n * @notInstrumented\n */\nexport const isWaasWalletAccount = ({\n walletAccount,\n}: IsWaasWalletAccountParams): boolean => {\n return walletAccount.walletProviderKey.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\nimport { findWaasWalletProviderByChain } from '../findWaasWalletProviderByChain';\nimport { isWaasWalletAccount } from '../isWaasWalletAccount';\n\n/**\n * On login, boots the WaaS client once per chain so the SDK eagerly recovers\n * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the\n * host looping per wallet. Booting calls `initialize()`, which sends the auth\n * token the iframe needs to self-recover.\n *\n * @notInstrumented\n */\nexport const initializeWaasClientsForEagerRecovery = async (\n client: DynamicClient\n): Promise<void> => {\n /**\n * Booting triggers recovery, which fails if the user is missing the MFA auth.\n * This early return avoids attempting a call we know will fail and just adds\n * noise to the logs.\n */\n if (isUserMissingMfaAuth(client)) {\n return;\n }\n\n const waasChains = new Set(\n getWalletAccounts(client)\n .filter((walletAccount) => isWaasWalletAccount({ walletAccount }))\n .map((walletAccount) => walletAccount.chain)\n );\n\n await Promise.all(\n [...waasChains].map(async (chain) => {\n const provider = findWaasWalletProviderByChain({ chain }, client);\n\n /**\n * The environment might not have the embedded wallet extensions installed.\n * In that case there is no provider for the chain and nothing to boot.\n */\n if (!provider) return;\n\n try {\n await provider.getWaasClient();\n } catch (error) {\n getCore(client).logger.warn(\n '[initializeWaasClientsForEagerRecovery] failed to boot waas client',\n error\n );\n }\n })\n );\n};\n","import { InvalidParamError } from '../../../errors/InvalidParamError';\n\nexport type JwtPayload = {\n [key: string]: unknown;\n exp: number;\n iat: number;\n scope: string;\n singleUse?: boolean;\n sub: string;\n};\n\n/**\n * Decodes a JWT token and returns the full payload.\n *\n * This function extracts and returns the complete JWT payload including scopes,\n * expiration time, and other claims.\n *\n * @param jwt - The JWT token string.\n * @returns The decoded JWT payload object.\n * @throws InvalidParamError if the token is invalid or cannot be decoded.\n *\n * @example\n * ```typescript\n * const payload = decodeJwt(jwt);\n * // Returns: { scopes: ['wallet:export'], exp: 1234567890, ... }\n * ```\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const decodeJwt = (jwt: string): JwtPayload => {\n try {\n // JWT format: header.payload.signature\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidParamError('Invalid JWT format');\n }\n\n // Decode the payload (second part)\n // Base64URL decode: replace URL-safe characters and decode\n const base64Payload = parts[1].replaceAll('-', '+').replaceAll('_', '/');\n // Add padding if needed\n const paddedPayload =\n base64Payload + '='.repeat((4 - (base64Payload.length % 4)) % 4);\n const decodedPayload = atob(paddedPayload);\n const claims = JSON.parse(decodedPayload) as JwtPayload;\n\n return claims;\n } catch (error) {\n if (error instanceof InvalidParamError) {\n throw error;\n }\n throw new InvalidParamError(\n `Failed to decode JWT: ${\n error instanceof Error ? error.message : String(error)\n }`\n );\n }\n};\n","/**\n * Normalizes scopes by deduplicating and sorting them.\n * This creates a canonical representation for comparison.\n *\n * @param scopes - Array of scope strings (may contain duplicates)\n * @returns Normalized, sorted array of unique scopes\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const normalizeScopes = (scopes: string[]): string[] => {\n return [...new Set(scopes)].sort((a, b) => a.localeCompare(b));\n};\n","import { decodeJwt } from '../../../decodeJwt';\nimport type { ParsedElevatedAccessToken } from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\nexport type ParseElevatedAccessTokenOptions = {\n /** JWT string containing the elevated access token. */\n token: string;\n};\n\n/**\n * Validates and parses an elevated access token from a JWT string.\n * Extracts scopes, expiration, and validates the token structure.\n *\n * Policy decisions:\n * - Tokens without scopes are rejected (returns null)\n * - Tokens with empty scopes array are rejected (returns null)\n * - Tokens without exp field are rejected (returns null)\n * - Expired tokens are rejected (returns null)\n *\n * @returns Parsed token data or null if token is invalid/expired\n * @notInstrumented\n */\nexport const parseElevatedAccessToken = ({\n token,\n}: ParseElevatedAccessTokenOptions): ParsedElevatedAccessToken | null => {\n const payload = decodeJwt(token);\n const rawScopeClaim = payload?.scope;\n const processedScopes = rawScopeClaim?.split(' ') ?? [];\n const filteredScopes = processedScopes.filter((s) => s.length > 0);\n const singleUse = payload.singleUse ?? false;\n\n // Reject tokens without scopes or with empty scopes\n if (!filteredScopes || filteredScopes.length === 0) {\n return null;\n }\n\n // Reject tokens without exp field\n if (!payload.exp) {\n return null;\n }\n\n // Convert exp (seconds) to Date (milliseconds)\n const expiresAt = new Date(payload.exp * 1000);\n\n // Reject expired tokens\n if (expiresAt <= new Date()) {\n return null;\n }\n\n return {\n expiresAt,\n normalizedScopes: normalizeScopes(filteredScopes),\n scopes: filteredScopes,\n singleUse,\n token,\n };\n};\n","import type {\n ElevatedAccessToken,\n ParsedElevatedAccessToken,\n} from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\n/**\n * Upserts an elevated access token into the current tokens array.\n *\n * Policy: Only one token per normalized scope-set is allowed.\n * If a token with the same normalized scopes exists, it is replaced.\n * This ensures we don't accumulate multiple tokens for the same scope combination.\n *\n * @param currentTokens - Current array of elevated access tokens\n * @param newToken - New token to upsert\n * @returns Updated array of tokens with the new token upserted\n * @notInstrumented\n */\nexport const upsertElevatedAccessToken = ({\n currentTokens,\n newToken,\n}: {\n currentTokens: ElevatedAccessToken[];\n newToken: ParsedElevatedAccessToken;\n}): ElevatedAccessToken[] => {\n const newScopeKey = normalizeScopes(newToken.scopes).join(' ');\n\n // Remove any existing token with the same normalized scopes\n const filteredTokens = currentTokens.filter((existingToken) => {\n const existingScopeKey = normalizeScopes(existingToken.scopes).join(' ');\n return existingScopeKey !== newScopeKey;\n });\n\n // Add the new token\n return [\n ...filteredTokens,\n {\n expiresAt: newToken.expiresAt,\n scopes: newToken.scopes,\n singleUse: newToken.singleUse,\n token: newToken.token,\n },\n ];\n};\n","import type { VerifyResponse } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicCoreState } from '../../../client/core/types';\nimport type { DynamicClient } from '../../../client/types';\nimport { setCookie } from '../../../utils/setCookie';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { initializeWaasClientsForEagerRecovery } from '../../waas/initializeWaasClientsForEagerRecovery';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport { checkAndRaiseWalletAccountsChangedEvent } from './checkAndRaiseWalletAccountsChangedEvent';\nimport { parseElevatedAccessToken } from './elevatedAccessTokens/parseElevatedAccessToken';\nimport { upsertElevatedAccessToken } from './elevatedAccessTokens/upsertElevatedAccessToken';\n\ntype UpdateAuthFromVerifyResponseParams = {\n response: VerifyResponse;\n};\n\n/** @notInstrumented */\nexport const updateAuthFromVerifyResponse = (\n { response }: UpdateAuthFromVerifyResponseParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const previousState = { ...core.state.get() };\n\n const { user, minifiedJwt, jwt, expiresAt, mfaToken, elevatedAccessToken } =\n response;\n\n // Expires at is in seconds, so we need to convert it to milliseconds\n const sessionExpiresAt = new Date(expiresAt * 1000);\n\n const newState: Partial<DynamicCoreState> = {\n legacyToken: jwt ?? null,\n sessionExpiresAt: sessionExpiresAt,\n token: minifiedJwt ?? null,\n user,\n };\n\n // only override the mfaToken if a new one is provided in the response\n if (mfaToken) {\n newState.mfaToken = mfaToken;\n }\n\n // Add elevated access token to the array if a new one is provided in the response\n // Policy: Only one token per normalized scope-set is allowed (old tokens are replaced)\n // Always preserve existing tokens to ensure they're synced to storage\n const currentTokens = core.state.get().elevatedAccessTokens || [];\n newState.elevatedAccessTokens = currentTokens;\n \n if (elevatedAccessToken) {\n const parsedToken = parseElevatedAccessToken({\n token: elevatedAccessToken,\n });\n if (parsedToken) {\n newState.elevatedAccessTokens = upsertElevatedAccessToken({\n currentTokens,\n newToken: parsedToken,\n });\n }\n }\n\n core.state.set(newState);\n\n /**\n * For customers using a sandbox environment with cookies enabled, we need to set the cookie\n * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically\n * so customers can access the cookie from document.cookie consistently between sandbox and live environments.\n */\n if (minifiedJwt && isCookieEnabled(client)) {\n const expireDate = sessionExpiresAt.toUTCString();\n\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${expireDate}; path=/; SameSite=Lax`\n );\n }\n\n checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);\n\n // if the user is logging in, boot the waas client(s) so the SDK eagerly\n // recovers key shares for all wallet accounts\n const isUserLoggingIn = !previousState.user && Boolean(newState.user);\n if (isUserLoggingIn) {\n void initializeWaasClientsForEagerRecovery(client);\n }\n};\n","import type { DynamicClient } from '../../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetVerifiedCredentialForWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getVerifiedCredentialForWalletAccount = (\n { walletAccount }: GetVerifiedCredentialForWalletAccountParams,\n client: DynamicClient\n) => {\n return client.user?.verifiedCredentials.find(\n (vc) => vc.id === walletAccount.verifiedCredentialId\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { NoWalletProviderFoundError } from '../../../errors/NoWalletProviderFoundError';\nimport { getWalletProviders } from '../getWalletProviders';\n\ntype GetWalletProviderByKeyParams = {\n walletProviderKey: string;\n};\n\n/** @notInstrumented */\nexport const getWalletProviderByKey = (\n { walletProviderKey }: GetWalletProviderByKeyParams,\n client: DynamicClient\n) => {\n const walletProviders = getWalletProviders(client);\n\n const walletProvider = walletProviders.find(\n (walletProvider) => walletProvider.key === walletProviderKey\n );\n\n if (!walletProvider) {\n throw new NoWalletProviderFoundError({ walletProviderKey });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;;;;;AAQA,MAAa,kCAAkC,WAAgC;AAG7E,qCACE;EACE,MAAM,EAAE,gBAJWA,4CAAkB,OAAO,EAIpB;EACxB,OAAO;EACR,EACD,OACD;;;;;;ACPH,MAAa,2CACX,EAAE,iBACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;AAS5B,KAPiC,sBAAsB,eAAe,OAAO,KAE7C,sBAC9B,KAAK,MAAM,KAAK,EAChB,OACD,CAGC,gCAA+B,OAAO;;AAM1C,MAAM,yBACJ,OACA,WAEAC,qDAA2B,OAAO,OAAO,CACtC,KAAK,kBAAkB,KAAK,UAAU,cAAc,CAAC,CACrD,MAAM,CACN,KAAK,IAAI;;;;;;;;AC9Bd,MAAa,sBAAsB,WAA0B;AAG3D,QAF+BC,oDAA0B,OAAO,CAElC,eAAe;;;;;;ACK/C,MAAa,iCACX,EAAE,SACF,WAC8B;CAC9B,MAAM,YAAY,mBAAmB,OAAO;CAE5C,MAAM,kBAAkBC,kDAAwB;EAC9C;EACA,aAAaC,gDAAsB;EACnC,oBAAoBC,8CAAmB;EACxC,CAAC;CAEF,MAAM,eAAe,UAAU,MAC5B,aAAa,SAAS,QAAQ,mBAAmB,SAAS,UAAU,MACtE;AAED,KAAI,CAAC,gBAAgB,CAACC,+CAAqB,aAAa,CACtD,QAAO;AAGT,QAAO;;;;;;;;;;;;;ACpBT,MAAa,uBAAuB,EAClC,oBACwC;AACxC,QAAO,cAAc,kBAAkB,SACrCC,gDAAsB,qBACvB;;;;;;;;;;;;;ACLH,MAAa,wCAAwC,OACnD,WACkB;;;;;;AAMlB,KAAIC,+CAAqB,OAAO,CAC9B;CAGF,MAAM,aAAa,IAAI,IACrBC,4CAAkB,OAAO,CACtB,QAAQ,kBAAkB,oBAAoB,EAAE,eAAe,CAAC,CAAC,CACjE,KAAK,kBAAkB,cAAc,MAAM,CAC/C;AAED,OAAM,QAAQ,IACZ,CAAC,GAAG,WAAW,CAAC,IAAI,OAAO,UAAU;EACnC,MAAM,WAAW,8BAA8B,EAAE,OAAO,EAAE,OAAO;;;;;AAMjE,MAAI,CAAC,SAAU;AAEf,MAAI;AACF,SAAM,SAAS,eAAe;WACvB,OAAO;AACd,qCAAQ,OAAO,CAAC,OAAO,KACrB,sEACA,MACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;ACvBH,MAAa,aAAa,QAA4B;AACpD,KAAI;EAEF,MAAM,QAAQ,IAAI,MAAM,IAAI;AAC5B,MAAI,MAAM,WAAW,EACnB,OAAM,IAAIC,4CAAkB,qBAAqB;EAKnD,MAAM,gBAAgB,MAAM,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;EAExE,MAAM,gBACJ,gBAAgB,IAAI,QAAQ,IAAK,cAAc,SAAS,KAAM,EAAE;EAClE,MAAM,iBAAiB,KAAK,cAAc;AAG1C,SAFe,KAAK,MAAM,eAAe;UAGlC,OAAO;AACd,MAAI,iBAAiBA,4CACnB,OAAM;AAER,QAAM,IAAIA,4CACR,yBACE,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,GAEzD;;;;;;;;;;;;;;AC9CL,MAAa,mBAAmB,WAA+B;AAC7D,QAAO,CAAC,GAAG,IAAI,IAAI,OAAO,CAAC,CAAC,MAAM,GAAG,MAAM,EAAE,cAAc,EAAE,CAAC;;;;;;;;;;;;;;;;;;ACYhE,MAAa,4BAA4B,EACvC,YACuE;CACvE,MAAM,UAAU,UAAU,MAAM;CAGhC,MAAM,mBAFgB,SAAS,QACQ,MAAM,IAAI,IAAI,EAAE,EAChB,QAAQ,MAAM,EAAE,SAAS,EAAE;CAClE,MAAM,YAAY,QAAQ,aAAa;AAGvC,KAAI,CAAC,kBAAkB,eAAe,WAAW,EAC/C,QAAO;AAIT,KAAI,CAAC,QAAQ,IACX,QAAO;CAIT,MAAM,4BAAY,IAAI,KAAK,QAAQ,MAAM,IAAK;AAG9C,KAAI,6BAAa,IAAI,MAAM,CACzB,QAAO;AAGT,QAAO;EACL;EACA,kBAAkB,gBAAgB,eAAe;EACjD,QAAQ;EACR;EACA;EACD;;;;;;;;;;;;;;;;;ACrCH,MAAa,6BAA6B,EACxC,eACA,eAI2B;CAC3B,MAAM,cAAc,gBAAgB,SAAS,OAAO,CAAC,KAAK,IAAI;AAS9D,QAAO,CACL,GAPqB,cAAc,QAAQ,kBAAkB;AAE7D,SADyB,gBAAgB,cAAc,OAAO,CAAC,KAAK,IAAI,KAC5C;GAC5B,EAKA;EACE,WAAW,SAAS;EACpB,QAAQ,SAAS;EACjB,WAAW,SAAS;EACpB,OAAO,SAAS;EACjB,CACF;;;;;;ACxBH,MAAa,gCACX,EAAE,YACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,gBAAgB,EAAE,GAAG,KAAK,MAAM,KAAK,EAAE;CAE7C,MAAM,EAAE,MAAM,aAAa,KAAK,WAAW,UAAU,wBACnD;CAGF,MAAM,mCAAmB,IAAI,KAAK,YAAY,IAAK;CAEnD,MAAMC,WAAsC;EAC1C,aAAa,OAAO;EACF;EAClB,OAAO,eAAe;EACtB;EACD;AAGD,KAAI,SACF,UAAS,WAAW;CAMtB,MAAM,gBAAgB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;AACjE,UAAS,uBAAuB;AAEhC,KAAI,qBAAqB;EACvB,MAAM,cAAc,yBAAyB,EAC3C,OAAO,qBACR,CAAC;AACF,MAAI,YACF,UAAS,uBAAuB,0BAA0B;GACxD;GACA,UAAU;GACX,CAAC;;AAIN,MAAK,MAAM,IAAI,SAAS;;;;;;AAOxB,KAAI,eAAeC,0CAAgB,OAAO,CAGxC,qCACE,GAAGC,mDAAyB,GAAG,YAAY,YAH1B,iBAAiB,aAAa,CAGmB,wBACnE;AAGH,yCAAwC,EAAE,eAAe,EAAE,OAAO;AAKlE,KADwB,CAAC,cAAc,QAAQ,QAAQ,SAAS,KAAK,CAEnE,CAAK,sCAAsC,OAAO;;;;;;AC3EtD,MAAa,yCACX,EAAE,iBACF,WACG;AACH,QAAO,OAAO,MAAM,oBAAoB,MACrC,OAAO,GAAG,OAAO,cAAc,qBACjC;;;;;;ACLH,MAAa,0BACX,EAAE,qBACF,WACG;CAGH,MAAM,iBAFkB,mBAAmB,OAAO,CAEX,MACpC,qBAAmBC,iBAAe,QAAQ,kBAC5C;AAED,KAAI,CAAC,eACH,OAAM,IAAIC,qDAA2B,EAAE,mBAAmB,CAAC;AAG7D,QAAO"}
1
+ {"version":3,"file":"getWalletProviderByKey-DZrpcmPE.cjs","names":["getWalletAccounts","getCore","getWalletAccountsFromState","getWalletProviderRegistry","formatWalletProviderKey","DYNAMIC_WAAS_METADATA","WalletProviderEnum","isWaasWalletProvider","DYNAMIC_WAAS_METADATA","isUserMissingMfaAuth","getWalletAccounts","InvalidParamError","getCore","newState: Partial<DynamicCoreState>","isCookieEnabled","DYNAMIC_AUTH_COOKIE_NAME","walletProvider","NoWalletProviderFoundError"],"sources":["../src/modules/wallets/emitWalletAccountsChangedEvent/emitWalletAccountsChangedEvent.ts","../src/modules/auth/updateAuthFromVerifyResponse/checkAndRaiseWalletAccountsChangedEvent/checkAndRaiseWalletAccountsChangedEvent.ts","../src/modules/wallets/getWalletProviders/getWalletProviders.ts","../src/modules/waas/findWaasWalletProviderByChain/findWaasWalletProviderByChain.ts","../src/modules/waas/isWaasWalletAccount/isWaasWalletAccount.ts","../src/modules/waas/initializeWaasClientsForEagerRecovery/initializeWaasClientsForEagerRecovery.ts","../src/modules/auth/decodeJwt/decodeJwt.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/normalizeScopes/normalizeScopes.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/parseElevatedAccessToken/parseElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/elevatedAccessTokens/upsertElevatedAccessToken/upsertElevatedAccessToken.ts","../src/modules/auth/updateAuthFromVerifyResponse/updateAuthFromVerifyResponse.ts","../src/modules/wallets/utils/getVerifiedCredentialForWalletAccount/getVerifiedCredentialForWalletAccount.ts","../src/modules/wallets/getWalletProviderByKey/getWalletProviderByKey.ts"],"sourcesContent":["import type { DynamicClient } from '../../../client/types';\nimport { emitEvent } from '../../clientEvents';\nimport { getWalletAccounts } from '../getWalletAccounts';\n\n/**\n * Emits the `walletAccountsChanged` event.\n * @notInstrumented\n */\nexport const emitWalletAccountsChangedEvent = (client: DynamicClient): void => {\n const walletAccounts = getWalletAccounts(client);\n\n emitEvent(\n {\n args: { walletAccounts },\n event: 'walletAccountsChanged',\n },\n client\n );\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { emitWalletAccountsChangedEvent } from '../../../wallets/emitWalletAccountsChangedEvent';\nimport { getWalletAccountsFromState } from '../../../wallets/getWalletAccounts/getWalletAccountsFromState';\n\ntype CheckAndRaiseWalletAccountsChangedEventParams = {\n previousState: Readonly<DynamicCoreState>;\n};\n\n/** @notInstrumented */\nexport const checkAndRaiseWalletAccountsChangedEvent = (\n { previousState }: CheckAndRaiseWalletAccountsChangedEventParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletAccountsHashBefore = getWalletAccountsHash(previousState, client);\n\n const walletAccountsHashAfter = getWalletAccountsHash(\n core.state.get(),\n client\n );\n\n if (walletAccountsHashBefore !== walletAccountsHashAfter) {\n emitWalletAccountsChangedEvent(client);\n }\n};\n\n \n \nconst getWalletAccountsHash = (\n state: Readonly<DynamicCoreState>,\n client: DynamicClient\n) =>\n getWalletAccountsFromState(state, client)\n .map((walletAccount) => JSON.stringify(walletAccount))\n .sort()\n .join('-');\n","import type { DynamicClient } from '../../../client/types';\nimport { getWalletProviderRegistry } from '../walletProviderRegistry';\n\n/**\n * Get all available wallet providers to interact with internally.\n * @notInstrumented\n */\nexport const getWalletProviders = (client: DynamicClient) => {\n const walletProviderRegistry = getWalletProviderRegistry(client);\n\n return walletProviderRegistry.listProviders();\n};\n","import { WalletProviderEnum } from '@dynamic-labs/sdk-api-core';\n\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { Chain } from '../../chain';\nimport { getWalletProviders } from '../../wallets/getWalletProviders';\nimport { formatWalletProviderKey } from '../../wallets/utils/formatWalletProviderKey';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\nimport { isWaasWalletProvider } from '../isWaasWalletProvider';\nimport type { WaasWalletProvider } from '../waas.types';\n\ntype FindWaasWalletProviderByChainParams = {\n chain: Chain;\n};\n\n/** @notInstrumented */\nexport const findWaasWalletProviderByChain = (\n { chain }: FindWaasWalletProviderByChainParams,\n client: DynamicClient\n): WaasWalletProvider | null => {\n const providers = getWalletProviders(client);\n\n const waasProviderKey = formatWalletProviderKey({\n chain,\n displayName: DYNAMIC_WAAS_METADATA.displayName,\n walletProviderType: WalletProviderEnum.EmbeddedWallet,\n });\n\n const waasProvider = providers.find(\n (provider) => provider.key === waasProviderKey && provider.chain === chain\n );\n\n if (!waasProvider || !isWaasWalletProvider(waasProvider)) {\n return null;\n }\n\n return waasProvider;\n};\n","import type { WalletAccount } from '../../wallets/walletAccount';\nimport { DYNAMIC_WAAS_METADATA } from '../constants';\n\ntype IsWaasWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/**\n * This function determines whether the provided wallet account is a Dynamic\n * WaaS wallet account.\n *\n * @param params.walletAccount - The wallet account to check.\n * @returns True if the wallet account is a WaaS wallet account, false otherwise.\n * @notInstrumented\n */\nexport const isWaasWalletAccount = ({\n walletAccount,\n}: IsWaasWalletAccountParams): boolean => {\n return walletAccount.walletProviderKey.includes(\n DYNAMIC_WAAS_METADATA.normalizedWalletName\n );\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\nimport { findWaasWalletProviderByChain } from '../findWaasWalletProviderByChain';\nimport { isWaasWalletAccount } from '../isWaasWalletAccount';\n\n/**\n * On login, boots the WaaS client once per chain so the SDK eagerly recovers\n * key shares itself (the `eagerlyRecoverKeyShares` capability) instead of the\n * host looping per wallet. Booting calls `initialize()`, which sends the auth\n * token the iframe needs to self-recover.\n *\n * @notInstrumented\n */\nexport const initializeWaasClientsForEagerRecovery = async (\n client: DynamicClient\n): Promise<void> => {\n /**\n * Booting triggers recovery, which fails if the user is missing the MFA auth.\n * This early return avoids attempting a call we know will fail and just adds\n * noise to the logs.\n */\n if (isUserMissingMfaAuth(client)) {\n return;\n }\n\n const waasChains = new Set(\n getWalletAccounts(client)\n .filter((walletAccount) => isWaasWalletAccount({ walletAccount }))\n .map((walletAccount) => walletAccount.chain)\n );\n\n await Promise.all(\n [...waasChains].map(async (chain) => {\n const provider = findWaasWalletProviderByChain({ chain }, client);\n\n /**\n * The environment might not have the embedded wallet extensions installed.\n * In that case there is no provider for the chain and nothing to boot.\n */\n if (!provider) return;\n\n try {\n await provider.getWaasClient();\n } catch (error) {\n getCore(client).logger.warn(\n '[initializeWaasClientsForEagerRecovery] failed to boot waas client',\n error\n );\n }\n })\n );\n};\n","import { InvalidParamError } from '../../../errors/InvalidParamError';\n\nexport type JwtPayload = {\n [key: string]: unknown;\n exp: number;\n iat: number;\n scope: string;\n singleUse?: boolean;\n sub: string;\n};\n\n/**\n * Decodes a JWT token and returns the full payload.\n *\n * This function extracts and returns the complete JWT payload including scopes,\n * expiration time, and other claims.\n *\n * @param jwt - The JWT token string.\n * @returns The decoded JWT payload object.\n * @throws InvalidParamError if the token is invalid or cannot be decoded.\n *\n * @example\n * ```typescript\n * const payload = decodeJwt(jwt);\n * // Returns: { scopes: ['wallet:export'], exp: 1234567890, ... }\n * ```\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const decodeJwt = (jwt: string): JwtPayload => {\n try {\n // JWT format: header.payload.signature\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidParamError('Invalid JWT format');\n }\n\n // Decode the payload (second part)\n // Base64URL decode: replace URL-safe characters and decode\n const base64Payload = parts[1].replaceAll('-', '+').replaceAll('_', '/');\n // Add padding if needed\n const paddedPayload =\n base64Payload + '='.repeat((4 - (base64Payload.length % 4)) % 4);\n const decodedPayload = atob(paddedPayload);\n const claims = JSON.parse(decodedPayload) as JwtPayload;\n\n return claims;\n } catch (error) {\n if (error instanceof InvalidParamError) {\n throw error;\n }\n throw new InvalidParamError(\n `Failed to decode JWT: ${\n error instanceof Error ? error.message : String(error)\n }`\n );\n }\n};\n","/**\n * Normalizes scopes by deduplicating and sorting them.\n * This creates a canonical representation for comparison.\n *\n * @param scopes - Array of scope strings (may contain duplicates)\n * @returns Normalized, sorted array of unique scopes\n * @notInstrumented\n */\n// eslint-disable-next-line custom-rules/require-single-object-param\nexport const normalizeScopes = (scopes: string[]): string[] => {\n return [...new Set(scopes)].sort((a, b) => a.localeCompare(b));\n};\n","import { decodeJwt } from '../../../decodeJwt';\nimport type { ParsedElevatedAccessToken } from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\nexport type ParseElevatedAccessTokenOptions = {\n /** JWT string containing the elevated access token. */\n token: string;\n};\n\n/**\n * Validates and parses an elevated access token from a JWT string.\n * Extracts scopes, expiration, and validates the token structure.\n *\n * Policy decisions:\n * - Tokens without scopes are rejected (returns null)\n * - Tokens with empty scopes array are rejected (returns null)\n * - Tokens without exp field are rejected (returns null)\n * - Expired tokens are rejected (returns null)\n *\n * @returns Parsed token data or null if token is invalid/expired\n * @notInstrumented\n */\nexport const parseElevatedAccessToken = ({\n token,\n}: ParseElevatedAccessTokenOptions): ParsedElevatedAccessToken | null => {\n const payload = decodeJwt(token);\n const rawScopeClaim = payload?.scope;\n const processedScopes = rawScopeClaim?.split(' ') ?? [];\n const filteredScopes = processedScopes.filter((s) => s.length > 0);\n const singleUse = payload.singleUse ?? false;\n\n // Reject tokens without scopes or with empty scopes\n if (!filteredScopes || filteredScopes.length === 0) {\n return null;\n }\n\n // Reject tokens without exp field\n if (!payload.exp) {\n return null;\n }\n\n // Convert exp (seconds) to Date (milliseconds)\n const expiresAt = new Date(payload.exp * 1000);\n\n // Reject expired tokens\n if (expiresAt <= new Date()) {\n return null;\n }\n\n return {\n expiresAt,\n normalizedScopes: normalizeScopes(filteredScopes),\n scopes: filteredScopes,\n singleUse,\n token,\n };\n};\n","import type {\n ElevatedAccessToken,\n ParsedElevatedAccessToken,\n} from '../elevatedAccessTokens.types';\nimport { normalizeScopes } from '../normalizeScopes';\n\n/**\n * Upserts an elevated access token into the current tokens array.\n *\n * Policy: Only one token per normalized scope-set is allowed.\n * If a token with the same normalized scopes exists, it is replaced.\n * This ensures we don't accumulate multiple tokens for the same scope combination.\n *\n * @param currentTokens - Current array of elevated access tokens\n * @param newToken - New token to upsert\n * @returns Updated array of tokens with the new token upserted\n * @notInstrumented\n */\nexport const upsertElevatedAccessToken = ({\n currentTokens,\n newToken,\n}: {\n currentTokens: ElevatedAccessToken[];\n newToken: ParsedElevatedAccessToken;\n}): ElevatedAccessToken[] => {\n const newScopeKey = normalizeScopes(newToken.scopes).join(' ');\n\n // Remove any existing token with the same normalized scopes\n const filteredTokens = currentTokens.filter((existingToken) => {\n const existingScopeKey = normalizeScopes(existingToken.scopes).join(' ');\n return existingScopeKey !== newScopeKey;\n });\n\n // Add the new token\n return [\n ...filteredTokens,\n {\n expiresAt: newToken.expiresAt,\n scopes: newToken.scopes,\n singleUse: newToken.singleUse,\n token: newToken.token,\n },\n ];\n};\n","import type { VerifyResponse } from '@dynamic-labs/sdk-api-core';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicCoreState } from '../../../client/core/types';\nimport type { DynamicClient } from '../../../client/types';\nimport { setCookie } from '../../../utils/setCookie';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { initializeWaasClientsForEagerRecovery } from '../../waas/initializeWaasClientsForEagerRecovery';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport { checkAndRaiseWalletAccountsChangedEvent } from './checkAndRaiseWalletAccountsChangedEvent';\nimport { parseElevatedAccessToken } from './elevatedAccessTokens/parseElevatedAccessToken';\nimport { upsertElevatedAccessToken } from './elevatedAccessTokens/upsertElevatedAccessToken';\n\ntype UpdateAuthFromVerifyResponseParams = {\n response: VerifyResponse;\n};\n\n/** @notInstrumented */\nexport const updateAuthFromVerifyResponse = (\n { response }: UpdateAuthFromVerifyResponseParams,\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const previousState = { ...core.state.get() };\n\n const { user, minifiedJwt, jwt, expiresAt, mfaToken, elevatedAccessToken } =\n response;\n\n // Expires at is in seconds, so we need to convert it to milliseconds\n const sessionExpiresAt = new Date(expiresAt * 1000);\n\n const newState: Partial<DynamicCoreState> = {\n legacyToken: jwt ?? null,\n sessionExpiresAt: sessionExpiresAt,\n token: minifiedJwt ?? null,\n user,\n };\n\n // only override the mfaToken if a new one is provided in the response\n if (mfaToken) {\n newState.mfaToken = mfaToken;\n }\n\n // Add elevated access token to the array if a new one is provided in the response\n // Policy: Only one token per normalized scope-set is allowed (old tokens are replaced)\n // Always preserve existing tokens to ensure they're synced to storage\n const currentTokens = core.state.get().elevatedAccessTokens || [];\n newState.elevatedAccessTokens = currentTokens;\n \n if (elevatedAccessToken) {\n const parsedToken = parseElevatedAccessToken({\n token: elevatedAccessToken,\n });\n if (parsedToken) {\n newState.elevatedAccessTokens = upsertElevatedAccessToken({\n currentTokens,\n newToken: parsedToken,\n });\n }\n }\n\n core.state.set(newState);\n\n /**\n * For customers using a sandbox environment with cookies enabled, we need to set the cookie\n * programmatically because Redcoast won't set the cookie via headers. We set the cookie programmatically\n * so customers can access the cookie from document.cookie consistently between sandbox and live environments.\n */\n if (minifiedJwt && isCookieEnabled(client)) {\n const expireDate = sessionExpiresAt.toUTCString();\n\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=${minifiedJwt}; expires=${expireDate}; path=/; SameSite=Lax`\n );\n }\n\n checkAndRaiseWalletAccountsChangedEvent({ previousState }, client);\n\n // if the user is logging in, boot the waas client(s) so the SDK eagerly\n // recovers key shares for all wallet accounts\n const isUserLoggingIn = !previousState.user && Boolean(newState.user);\n if (isUserLoggingIn) {\n void initializeWaasClientsForEagerRecovery(client);\n }\n};\n","import type { DynamicClient } from '../../../../client/types/DynamicClient';\nimport type { WalletAccount } from '../../walletAccount';\n\ntype GetVerifiedCredentialForWalletAccountParams = {\n walletAccount: WalletAccount;\n};\n\n/** @notInstrumented */\nexport const getVerifiedCredentialForWalletAccount = (\n { walletAccount }: GetVerifiedCredentialForWalletAccountParams,\n client: DynamicClient\n) => {\n return client.user?.verifiedCredentials.find(\n (vc) => vc.id === walletAccount.verifiedCredentialId\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { NoWalletProviderFoundError } from '../../../errors/NoWalletProviderFoundError';\nimport { getWalletProviders } from '../getWalletProviders';\n\ntype GetWalletProviderByKeyParams = {\n walletProviderKey: string;\n};\n\n/** @notInstrumented */\nexport const getWalletProviderByKey = (\n { walletProviderKey }: GetWalletProviderByKeyParams,\n client: DynamicClient\n) => {\n const walletProviders = getWalletProviders(client);\n\n const walletProvider = walletProviders.find(\n (walletProvider) => walletProvider.key === walletProviderKey\n );\n\n if (!walletProvider) {\n throw new NoWalletProviderFoundError({ walletProviderKey });\n }\n\n return walletProvider;\n};\n"],"mappings":";;;;;;;;;AAQA,MAAa,kCAAkC,WAAgC;AAG7E,qCACE;EACE,MAAM,EAAE,gBAJWA,4CAAkB,OAAO,EAIpB;EACxB,OAAO;EACR,EACD,OACD;;;;;;ACPH,MAAa,2CACX,EAAE,iBACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;AAS5B,KAPiC,sBAAsB,eAAe,OAAO,KAE7C,sBAC9B,KAAK,MAAM,KAAK,EAChB,OACD,CAGC,gCAA+B,OAAO;;AAM1C,MAAM,yBACJ,OACA,WAEAC,qDAA2B,OAAO,OAAO,CACtC,KAAK,kBAAkB,KAAK,UAAU,cAAc,CAAC,CACrD,MAAM,CACN,KAAK,IAAI;;;;;;;;AC9Bd,MAAa,sBAAsB,WAA0B;AAG3D,QAF+BC,oDAA0B,OAAO,CAElC,eAAe;;;;;;ACK/C,MAAa,iCACX,EAAE,SACF,WAC8B;CAC9B,MAAM,YAAY,mBAAmB,OAAO;CAE5C,MAAM,kBAAkBC,kDAAwB;EAC9C;EACA,aAAaC,gDAAsB;EACnC,oBAAoBC,8CAAmB;EACxC,CAAC;CAEF,MAAM,eAAe,UAAU,MAC5B,aAAa,SAAS,QAAQ,mBAAmB,SAAS,UAAU,MACtE;AAED,KAAI,CAAC,gBAAgB,CAACC,+CAAqB,aAAa,CACtD,QAAO;AAGT,QAAO;;;;;;;;;;;;;ACpBT,MAAa,uBAAuB,EAClC,oBACwC;AACxC,QAAO,cAAc,kBAAkB,SACrCC,gDAAsB,qBACvB;;;;;;;;;;;;;ACLH,MAAa,wCAAwC,OACnD,WACkB;;;;;;AAMlB,KAAIC,+CAAqB,OAAO,CAC9B;CAGF,MAAM,aAAa,IAAI,IACrBC,4CAAkB,OAAO,CACtB,QAAQ,kBAAkB,oBAAoB,EAAE,eAAe,CAAC,CAAC,CACjE,KAAK,kBAAkB,cAAc,MAAM,CAC/C;AAED,OAAM,QAAQ,IACZ,CAAC,GAAG,WAAW,CAAC,IAAI,OAAO,UAAU;EACnC,MAAM,WAAW,8BAA8B,EAAE,OAAO,EAAE,OAAO;;;;;AAMjE,MAAI,CAAC,SAAU;AAEf,MAAI;AACF,SAAM,SAAS,eAAe;WACvB,OAAO;AACd,qCAAQ,OAAO,CAAC,OAAO,KACrB,sEACA,MACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;ACvBH,MAAa,aAAa,QAA4B;AACpD,KAAI;EAEF,MAAM,QAAQ,IAAI,MAAM,IAAI;AAC5B,MAAI,MAAM,WAAW,EACnB,OAAM,IAAIC,4CAAkB,qBAAqB;EAKnD,MAAM,gBAAgB,MAAM,GAAG,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;EAExE,MAAM,gBACJ,gBAAgB,IAAI,QAAQ,IAAK,cAAc,SAAS,KAAM,EAAE;EAClE,MAAM,iBAAiB,KAAK,cAAc;AAG1C,SAFe,KAAK,MAAM,eAAe;UAGlC,OAAO;AACd,MAAI,iBAAiBA,4CACnB,OAAM;AAER,QAAM,IAAIA,4CACR,yBACE,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM,GAEzD;;;;;;;;;;;;;;AC9CL,MAAa,mBAAmB,WAA+B;AAC7D,QAAO,CAAC,GAAG,IAAI,IAAI,OAAO,CAAC,CAAC,MAAM,GAAG,MAAM,EAAE,cAAc,EAAE,CAAC;;;;;;;;;;;;;;;;;;ACYhE,MAAa,4BAA4B,EACvC,YACuE;CACvE,MAAM,UAAU,UAAU,MAAM;CAGhC,MAAM,mBAFgB,SAAS,QACQ,MAAM,IAAI,IAAI,EAAE,EAChB,QAAQ,MAAM,EAAE,SAAS,EAAE;CAClE,MAAM,YAAY,QAAQ,aAAa;AAGvC,KAAI,CAAC,kBAAkB,eAAe,WAAW,EAC/C,QAAO;AAIT,KAAI,CAAC,QAAQ,IACX,QAAO;CAIT,MAAM,4BAAY,IAAI,KAAK,QAAQ,MAAM,IAAK;AAG9C,KAAI,6BAAa,IAAI,MAAM,CACzB,QAAO;AAGT,QAAO;EACL;EACA,kBAAkB,gBAAgB,eAAe;EACjD,QAAQ;EACR;EACA;EACD;;;;;;;;;;;;;;;;;ACrCH,MAAa,6BAA6B,EACxC,eACA,eAI2B;CAC3B,MAAM,cAAc,gBAAgB,SAAS,OAAO,CAAC,KAAK,IAAI;AAS9D,QAAO,CACL,GAPqB,cAAc,QAAQ,kBAAkB;AAE7D,SADyB,gBAAgB,cAAc,OAAO,CAAC,KAAK,IAAI,KAC5C;GAC5B,EAKA;EACE,WAAW,SAAS;EACpB,QAAQ,SAAS;EACjB,WAAW,SAAS;EACpB,OAAO,SAAS;EACjB,CACF;;;;;;ACxBH,MAAa,gCACX,EAAE,YACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,gBAAgB,EAAE,GAAG,KAAK,MAAM,KAAK,EAAE;CAE7C,MAAM,EAAE,MAAM,aAAa,KAAK,WAAW,UAAU,wBACnD;CAGF,MAAM,mCAAmB,IAAI,KAAK,YAAY,IAAK;CAEnD,MAAMC,WAAsC;EAC1C,aAAa,OAAO;EACF;EAClB,OAAO,eAAe;EACtB;EACD;AAGD,KAAI,SACF,UAAS,WAAW;CAMtB,MAAM,gBAAgB,KAAK,MAAM,KAAK,CAAC,wBAAwB,EAAE;AACjE,UAAS,uBAAuB;AAEhC,KAAI,qBAAqB;EACvB,MAAM,cAAc,yBAAyB,EAC3C,OAAO,qBACR,CAAC;AACF,MAAI,YACF,UAAS,uBAAuB,0BAA0B;GACxD;GACA,UAAU;GACX,CAAC;;AAIN,MAAK,MAAM,IAAI,SAAS;;;;;;AAOxB,KAAI,eAAeC,0CAAgB,OAAO,CAGxC,qCACE,GAAGC,mDAAyB,GAAG,YAAY,YAH1B,iBAAiB,aAAa,CAGmB,wBACnE;AAGH,yCAAwC,EAAE,eAAe,EAAE,OAAO;AAKlE,KADwB,CAAC,cAAc,QAAQ,QAAQ,SAAS,KAAK,CAEnE,CAAK,sCAAsC,OAAO;;;;;;AC3EtD,MAAa,yCACX,EAAE,iBACF,WACG;AACH,QAAO,OAAO,MAAM,oBAAoB,MACrC,OAAO,GAAG,OAAO,cAAc,qBACjC;;;;;;ACLH,MAAa,0BACX,EAAE,qBACF,WACG;CAGH,MAAM,iBAFkB,mBAAmB,OAAO,CAEX,MACpC,qBAAmBC,iBAAe,QAAQ,kBAC5C;AAED,KAAI,CAAC,eACH,OAAM,IAAIC,qDAA2B,EAAE,mBAAmB,CAAC;AAG7D,QAAO"}
@@ -1,4 +1,4 @@
1
- import { $ as getCore, C as emitEvent, H as assertDefined, Q as BaseError, V as isCookieEnabled, Y as getDefaultClient, a as DYNAMIC_WAAS_METADATA, b as NoWalletProviderFoundError, n as isWaasWalletProvider, o as isUserMissingMfaAuth, t as InvalidParamError, v as getWalletProviderRegistry, x as getChainFromVerifiedCredentialChain } from "./InvalidParamError-BKr8fFc1.native.esm.js";
1
+ import { $ as getCore, C as emitEvent, H as assertDefined, Q as BaseError, V as isCookieEnabled, Y as getDefaultClient, a as DYNAMIC_WAAS_METADATA, b as NoWalletProviderFoundError, n as isWaasWalletProvider, o as isUserMissingMfaAuth, t as InvalidParamError, v as getWalletProviderRegistry, x as getChainFromVerifiedCredentialChain } from "./InvalidParamError-DSXDW6g4.native.esm.js";
2
2
  import { JwtVerifiedCredentialFormatEnum, WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
3
3
 
4
4
  //#region src/utils/setCookie/setCookie.ts
@@ -471,4 +471,4 @@ const getWalletProviderByKey = ({ walletProviderKey }, client) => {
471
471
 
472
472
  //#endregion
473
473
  export { normalizeAddress as _, parseElevatedAccessToken as a, setCookie as b, findWaasWalletProviderByChain as c, emitWalletAccountsChangedEvent as d, DYNAMIC_AUTH_COOKIE_NAME as f, formatWalletAccountId as g, normalizeWalletNameWithChain as h, upsertElevatedAccessToken as i, getWalletProviders as l, formatWalletProviderKey as m, getVerifiedCredentialForWalletAccount as n, initializeWaasClientsForEagerRecovery as o, getWalletAccounts as p, updateAuthFromVerifyResponse as r, isWaasWalletAccount as s, getWalletProviderByKey as t, checkAndRaiseWalletAccountsChangedEvent as u, splitWalletProviderKey as v, InvalidWalletProviderKeyError as y };
474
- //# sourceMappingURL=getWalletProviderByKey-BhisAyZg.native.esm.js.map
474
+ //# sourceMappingURL=getWalletProviderByKey-Dk_K8Lg8.native.esm.js.map