@dynamic-labs-sdk/client 1.16.0 → 1.16.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. package/dist/{InvalidParamError-DYezznCD.native.esm.js → InvalidParamError-5AXtm6Zp.native.esm.js} +2 -2
  2. package/dist/{InvalidParamError-DYezznCD.native.esm.js.map → InvalidParamError-5AXtm6Zp.native.esm.js.map} +1 -1
  3. package/dist/{InvalidParamError-DHriGGNI.cjs → InvalidParamError-DCpeZMBr.cjs} +3 -3
  4. package/dist/{InvalidParamError-DHriGGNI.cjs.map → InvalidParamError-DCpeZMBr.cjs.map} +1 -1
  5. package/dist/{InvalidParamError-Dn_riAvL.esm.js → InvalidParamError-PQ2Xen_o.esm.js} +2 -2
  6. package/dist/{InvalidParamError-Dn_riAvL.esm.js.map → InvalidParamError-PQ2Xen_o.esm.js.map} +1 -1
  7. package/dist/core.cjs +5 -5
  8. package/dist/core.esm.js +7 -7
  9. package/dist/core.esm.js.map +1 -1
  10. package/dist/core.native.esm.js +5 -5
  11. package/dist/{getNetworkProviderFromNetworkId-BpvoqbEH.cjs → getNetworkProviderFromNetworkId-BHxkTbiJ.cjs} +4 -4
  12. package/dist/{getNetworkProviderFromNetworkId-BpvoqbEH.cjs.map → getNetworkProviderFromNetworkId-BHxkTbiJ.cjs.map} +1 -1
  13. package/dist/{getNetworkProviderFromNetworkId-CregkqLB.esm.js → getNetworkProviderFromNetworkId-BPeOK1Xx.esm.js} +7 -7
  14. package/dist/getNetworkProviderFromNetworkId-BPeOK1Xx.esm.js.map +1 -0
  15. package/dist/{getNetworkProviderFromNetworkId-BURAkmc3.native.esm.js → getNetworkProviderFromNetworkId-D79icjmX.native.esm.js} +4 -4
  16. package/dist/{getNetworkProviderFromNetworkId-BURAkmc3.native.esm.js.map → getNetworkProviderFromNetworkId-D79icjmX.native.esm.js.map} +1 -1
  17. package/dist/{getSignedSessionId-C98wdvMw.cjs → getSignedSessionId-BjSUL8Br.cjs} +3 -3
  18. package/dist/{getSignedSessionId-C98wdvMw.cjs.map → getSignedSessionId-BjSUL8Br.cjs.map} +1 -1
  19. package/dist/{getSignedSessionId-upC71vLP.native.esm.js → getSignedSessionId-Dh4Df1mY.native.esm.js} +3 -3
  20. package/dist/{getSignedSessionId-upC71vLP.native.esm.js.map → getSignedSessionId-Dh4Df1mY.native.esm.js.map} +1 -1
  21. package/dist/{getSignedSessionId-Czpvp58E.esm.js → getSignedSessionId-DzjHW7Rw.esm.js} +3 -3
  22. package/dist/{getSignedSessionId-Czpvp58E.esm.js.map → getSignedSessionId-DzjHW7Rw.esm.js.map} +1 -1
  23. package/dist/{getWaasWalletProviderFromWalletAccount-BrskhuL8.cjs → getWaasWalletProviderFromWalletAccount-BxyUZBpT.cjs} +3 -3
  24. package/dist/{getWaasWalletProviderFromWalletAccount-BrskhuL8.cjs.map → getWaasWalletProviderFromWalletAccount-BxyUZBpT.cjs.map} +1 -1
  25. package/dist/{getWaasWalletProviderFromWalletAccount-DHKga3uH.native.esm.js → getWaasWalletProviderFromWalletAccount-Ca0SiNEz.native.esm.js} +3 -3
  26. package/dist/{getWaasWalletProviderFromWalletAccount-DHKga3uH.native.esm.js.map → getWaasWalletProviderFromWalletAccount-Ca0SiNEz.native.esm.js.map} +1 -1
  27. package/dist/{getWaasWalletProviderFromWalletAccount-Dc6QvHVt.esm.js → getWaasWalletProviderFromWalletAccount-CupLo7EC.esm.js} +3 -3
  28. package/dist/{getWaasWalletProviderFromWalletAccount-Dc6QvHVt.esm.js.map → getWaasWalletProviderFromWalletAccount-CupLo7EC.esm.js.map} +1 -1
  29. package/dist/{getWalletProviderByKey-DTi6MhKt.esm.js → getWalletProviderByKey-B6vtKHJy.esm.js} +2 -2
  30. package/dist/{getWalletProviderByKey-DTi6MhKt.esm.js.map → getWalletProviderByKey-B6vtKHJy.esm.js.map} +1 -1
  31. package/dist/{getWalletProviderByKey-DDNCUbUe.cjs → getWalletProviderByKey-DIFBlGlR.cjs} +3 -3
  32. package/dist/{getWalletProviderByKey-DDNCUbUe.cjs.map → getWalletProviderByKey-DIFBlGlR.cjs.map} +1 -1
  33. package/dist/{getWalletProviderByKey-OYhHm11_.native.esm.js → getWalletProviderByKey-Dh2qnBmw.native.esm.js} +2 -2
  34. package/dist/{getWalletProviderByKey-OYhHm11_.native.esm.js.map → getWalletProviderByKey-Dh2qnBmw.native.esm.js.map} +1 -1
  35. package/dist/index.cjs +7 -7
  36. package/dist/index.esm.js +10 -10
  37. package/dist/index.esm.js.map +1 -1
  38. package/dist/index.native.esm.js +7 -7
  39. package/dist/{isDynamicWaasEnabled-Bj3v8LZ_.cjs → isDynamicWaasEnabled-A8Humh0r.cjs} +3 -3
  40. package/dist/{isDynamicWaasEnabled-Bj3v8LZ_.cjs.map → isDynamicWaasEnabled-A8Humh0r.cjs.map} +1 -1
  41. package/dist/{isDynamicWaasEnabled-CuSe2RO1.esm.js → isDynamicWaasEnabled-BmWqrgz1.esm.js} +2 -2
  42. package/dist/{isDynamicWaasEnabled-CuSe2RO1.esm.js.map → isDynamicWaasEnabled-BmWqrgz1.esm.js.map} +1 -1
  43. package/dist/{isDynamicWaasEnabled-CvD8_c7H.native.esm.js → isDynamicWaasEnabled-Djp4QuBw.native.esm.js} +2 -2
  44. package/dist/{isDynamicWaasEnabled-CvD8_c7H.native.esm.js.map → isDynamicWaasEnabled-Djp4QuBw.native.esm.js.map} +1 -1
  45. package/dist/{isMfaRequiredForAction-DECknr5q.cjs → isMfaRequiredForAction-3fWX5MEF.cjs} +2 -2
  46. package/dist/{isMfaRequiredForAction-DECknr5q.cjs.map → isMfaRequiredForAction-3fWX5MEF.cjs.map} +1 -1
  47. package/dist/{isMfaRequiredForAction-juTvf3Pl.native.esm.js → isMfaRequiredForAction-CBW-d9C6.native.esm.js} +2 -2
  48. package/dist/{isMfaRequiredForAction-juTvf3Pl.native.esm.js.map → isMfaRequiredForAction-CBW-d9C6.native.esm.js.map} +1 -1
  49. package/dist/{isMfaRequiredForAction-CgVdSGRA.esm.js → isMfaRequiredForAction-CkX6CfJf.esm.js} +2 -2
  50. package/dist/{isMfaRequiredForAction-CgVdSGRA.esm.js.map → isMfaRequiredForAction-CkX6CfJf.esm.js.map} +1 -1
  51. package/dist/{isUserOnboardingComplete-DFrrp61b.esm.js → isUserOnboardingComplete-C4_b3pDb.esm.js} +3 -3
  52. package/dist/{isUserOnboardingComplete-DFrrp61b.esm.js.map → isUserOnboardingComplete-C4_b3pDb.esm.js.map} +1 -1
  53. package/dist/{isUserOnboardingComplete-DvCQh8Dj.cjs → isUserOnboardingComplete-D0JrQGvR.cjs} +4 -4
  54. package/dist/{isUserOnboardingComplete-DvCQh8Dj.cjs.map → isUserOnboardingComplete-D0JrQGvR.cjs.map} +1 -1
  55. package/dist/{isUserOnboardingComplete-Dtr1_Mi4.native.esm.js → isUserOnboardingComplete-m6E6GbB0.native.esm.js} +3 -3
  56. package/dist/{isUserOnboardingComplete-Dtr1_Mi4.native.esm.js.map → isUserOnboardingComplete-m6E6GbB0.native.esm.js.map} +1 -1
  57. package/dist/{refreshAuth-oycoOXtD.cjs → refreshAuth-BKeW1dSq.cjs} +3 -3
  58. package/dist/{refreshAuth-oycoOXtD.cjs.map → refreshAuth-BKeW1dSq.cjs.map} +1 -1
  59. package/dist/{refreshAuth-CKHkaRJo.native.esm.js → refreshAuth-Cykyxvpz.native.esm.js} +3 -3
  60. package/dist/{refreshAuth-CKHkaRJo.native.esm.js.map → refreshAuth-Cykyxvpz.native.esm.js.map} +1 -1
  61. package/dist/{refreshAuth-Q5fxSi3Z.esm.js → refreshAuth-LzA2xxNC.esm.js} +3 -3
  62. package/dist/{refreshAuth-Q5fxSi3Z.esm.js.map → refreshAuth-LzA2xxNC.esm.js.map} +1 -1
  63. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  64. package/dist/waas.cjs +6 -6
  65. package/dist/waas.esm.js +5 -5
  66. package/dist/waas.native.esm.js +5 -5
  67. package/dist/waasCore.cjs +6 -6
  68. package/dist/waasCore.esm.js +6 -6
  69. package/dist/waasCore.native.esm.js +6 -6
  70. package/package.json +2 -2
  71. package/dist/getNetworkProviderFromNetworkId-CregkqLB.esm.js.map +0 -1
@@ -1,10 +1,10 @@
1
- import { $ as getCore, C as emitEvent, D as fetchAndStoreNonces, E as onceEvent, F as MfaRateLimitedError, G as randomString, H as assertDefined, I as MfaInvalidOtpError, J as NONCE_POOL_SIZE, L as LinkCredentialError, N as getNonce, O as createApiClient, P as SandboxMaximumThresholdReachedError, Q as BaseError, R as InvalidExternalAuthError, S as CHAINS_INFO_MAP, T as onEvent, U as ValueMustBeDefinedError, V as isCookieEnabled, W as getElevatedAccessToken, X as setDefaultClient, Y as getDefaultClient, _ as WalletProviderPriority, b as NoWalletProviderFoundError, c as SDK_API_CORE_VERSION, d as DEFAULT_PII_FIELDS, et as name, f as getUserAgent, g as getWalletProviderFromWalletAccount, h as extractSessionId, k as UnauthorizedError, l as instrumentFunction, m as getOperatingSystem, o as isUserMissingMfaAuth, p as getPlatform, s as DYNAMIC_ICONIC_SPRITE_URL, t as InvalidParamError, tt as version, u as scrubParameters, v as getWalletProviderRegistry, w as offEvent, x as getChainFromVerifiedCredentialChain, z as APIError } from "./InvalidParamError-DYezznCD.native.esm.js";
2
- import { A as GENERATE_SESSION_KEYS_TRACKER_KEY, B as createStorage, C as createKeychainService, D as CannotTrackError, F as getBuffer, G as subscribeWithSelector, H as createLocalStorageAdapter, I as __logoutWithReason_wrapped, K as isEqualShallow, L as generateSessionKeys, M as REFRESH_USER_STATE_FROM_COOKIE_TRACKER_KEY, N as REFRESH_USER_STATE_FROM_VALID_TOKEN_TRACKER_KEY, O as createDeferredPromise, P as isServerSideRendering, R as fetchProjectSettings, S as createRealtimeService, T as createCrossTabBroadcast, U as isSignedIn, W as retryOnFail, _ as getAppMetadata, a as verifyMessageSignatureOwnership, b as NoNetworkProvidersError, c as formatSignInMessage, d as setUnverifiedWalletAccounts, f as createVisit, g as isCaptchaRequired, h as consumeCaptchaToken, i as getNetworksData, j as INITIALIZE_STORAGE_SYNC_TRACKER_KEY, k as FETCH_PROJECT_SETTINGS_TRACKER_KEY, l as reconcileWalletAccountsAgainstClient, m as __setCaptchaToken_wrapped, o as removeUnverifiedWalletAccount, p as hasExtension, s as createSignInMessageStatement, t as getNetworkProviderFromNetworkId, u as updateWalletProviderKeysForVerifiedCredentials, v as MethodNotImplementedError, w as createLogger, x as getKeychainIndexedDBName, y as WalletAlreadyLinkedToAnotherUserError, z as createStorageKeySchema } from "./getNetworkProviderFromNetworkId-BURAkmc3.native.esm.js";
3
- import { _ as normalizeAddress, a as parseElevatedAccessToken, g as formatWalletAccountId, i as upsertElevatedAccessToken, l as getWalletProviders, n as getVerifiedCredentialForWalletAccount, o as initializeWaasClientsForEagerRecovery, p as getWalletAccounts, r as updateAuthFromVerifyResponse, t as getWalletProviderByKey, u as checkAndRaiseWalletAccountsChangedEvent, v as splitWalletProviderKey } from "./getWalletProviderByKey-OYhHm11_.native.esm.js";
4
- import { t as __refreshAuth_wrapped } from "./refreshAuth-CKHkaRJo.native.esm.js";
5
- import { n as getMfaMethods, r as __consumeMfaToken_wrapped, t as isMfaRequiredForAction } from "./isMfaRequiredForAction-juTvf3Pl.native.esm.js";
6
- import { n as NotWaasWalletAccountError } from "./isDynamicWaasEnabled-CvD8_c7H.native.esm.js";
7
- import { a as WaasOnboardingIncompleteError, i as preconnectWaasIframe, n as isPendingRecoveryCodesAcknowledgment, r as isDeviceRegistrationRequired, t as isUserOnboardingComplete } from "./isUserOnboardingComplete-Dtr1_Mi4.native.esm.js";
1
+ import { $ as getCore, C as emitEvent, D as fetchAndStoreNonces, E as onceEvent, F as MfaRateLimitedError, G as randomString, H as assertDefined, I as MfaInvalidOtpError, J as NONCE_POOL_SIZE, L as LinkCredentialError, N as getNonce, O as createApiClient, P as SandboxMaximumThresholdReachedError, Q as BaseError, R as InvalidExternalAuthError, S as CHAINS_INFO_MAP, T as onEvent, U as ValueMustBeDefinedError, V as isCookieEnabled, W as getElevatedAccessToken, X as setDefaultClient, Y as getDefaultClient, _ as WalletProviderPriority, b as NoWalletProviderFoundError, c as SDK_API_CORE_VERSION, d as DEFAULT_PII_FIELDS, et as name, f as getUserAgent, g as getWalletProviderFromWalletAccount, h as extractSessionId, k as UnauthorizedError, l as instrumentFunction, m as getOperatingSystem, o as isUserMissingMfaAuth, p as getPlatform, s as DYNAMIC_ICONIC_SPRITE_URL, t as InvalidParamError, tt as version, u as scrubParameters, v as getWalletProviderRegistry, w as offEvent, x as getChainFromVerifiedCredentialChain, z as APIError } from "./InvalidParamError-5AXtm6Zp.native.esm.js";
2
+ import { A as GENERATE_SESSION_KEYS_TRACKER_KEY, B as createStorage, C as createKeychainService, D as CannotTrackError, F as getBuffer, G as subscribeWithSelector, H as createLocalStorageAdapter, I as __logoutWithReason_wrapped, K as isEqualShallow, L as generateSessionKeys, M as REFRESH_USER_STATE_FROM_COOKIE_TRACKER_KEY, N as REFRESH_USER_STATE_FROM_VALID_TOKEN_TRACKER_KEY, O as createDeferredPromise, P as isServerSideRendering, R as fetchProjectSettings, S as createRealtimeService, T as createCrossTabBroadcast, U as isSignedIn, W as retryOnFail, _ as getAppMetadata, a as verifyMessageSignatureOwnership, b as NoNetworkProvidersError, c as formatSignInMessage, d as setUnverifiedWalletAccounts, f as createVisit, g as isCaptchaRequired, h as consumeCaptchaToken, i as getNetworksData, j as INITIALIZE_STORAGE_SYNC_TRACKER_KEY, k as FETCH_PROJECT_SETTINGS_TRACKER_KEY, l as reconcileWalletAccountsAgainstClient, m as __setCaptchaToken_wrapped, o as removeUnverifiedWalletAccount, p as hasExtension, s as createSignInMessageStatement, t as getNetworkProviderFromNetworkId, u as updateWalletProviderKeysForVerifiedCredentials, v as MethodNotImplementedError, w as createLogger, x as getKeychainIndexedDBName, y as WalletAlreadyLinkedToAnotherUserError, z as createStorageKeySchema } from "./getNetworkProviderFromNetworkId-D79icjmX.native.esm.js";
3
+ import { _ as normalizeAddress, a as parseElevatedAccessToken, g as formatWalletAccountId, i as upsertElevatedAccessToken, l as getWalletProviders, n as getVerifiedCredentialForWalletAccount, o as initializeWaasClientsForEagerRecovery, p as getWalletAccounts, r as updateAuthFromVerifyResponse, t as getWalletProviderByKey, u as checkAndRaiseWalletAccountsChangedEvent, v as splitWalletProviderKey } from "./getWalletProviderByKey-Dh2qnBmw.native.esm.js";
4
+ import { t as __refreshAuth_wrapped } from "./refreshAuth-Cykyxvpz.native.esm.js";
5
+ import { n as getMfaMethods, r as __consumeMfaToken_wrapped, t as isMfaRequiredForAction } from "./isMfaRequiredForAction-CBW-d9C6.native.esm.js";
6
+ import { n as NotWaasWalletAccountError } from "./isDynamicWaasEnabled-Djp4QuBw.native.esm.js";
7
+ import { a as WaasOnboardingIncompleteError, i as preconnectWaasIframe, n as isPendingRecoveryCodesAcknowledgment, r as isDeviceRegistrationRequired, t as isUserOnboardingComplete } from "./isUserOnboardingComplete-m6E6GbB0.native.esm.js";
8
8
  import { assertPackageVersion } from "@dynamic-labs-sdk/assert-package-version";
9
9
  import { AuthModeEnum, ExchangeKeyEnum, JwtVerifiedCredentialFormatEnum, MFAAction, MfaBackupCodeAcknowledgement, ProviderEnum, TokenScope, WaasBackupOptionsEnum, WalletProviderEnum } from "@dynamic-labs/sdk-api-core";
10
10
  import * as z from "zod/mini";
@@ -1,5 +1,5 @@
1
- const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DECknr5q.cjs');
2
- const require_InvalidParamError = require('./InvalidParamError-DHriGGNI.cjs');
1
+ const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-3fWX5MEF.cjs');
2
+ const require_InvalidParamError = require('./InvalidParamError-DCpeZMBr.cjs');
3
3
  let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
4
4
 
5
5
  //#region src/errors/NotWaasWalletAccountError.ts
@@ -46,4 +46,4 @@ Object.defineProperty(exports, 'isDynamicWaasEnabled', {
46
46
  return isDynamicWaasEnabled;
47
47
  }
48
48
  });
49
- //# sourceMappingURL=isDynamicWaasEnabled-Bj3v8LZ_.cjs.map
49
+ //# sourceMappingURL=isDynamicWaasEnabled-A8Humh0r.cjs.map
@@ -1 +1 @@
1
- {"version":3,"file":"isDynamicWaasEnabled-Bj3v8LZ_.cjs","names":["BaseError","getDefaultClient","EmbeddedWalletVersionEnum"],"sources":["../src/errors/NotWaasWalletAccountError.ts","../src/modules/waas/isDynamicWaasEnabled/isDynamicWaasEnabled.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype NotWaasWalletAccountErrorParams = {\n walletAddress: string;\n};\n\nexport class NotWaasWalletAccountError extends BaseError {\n constructor({ walletAddress }: NotWaasWalletAccountErrorParams) {\n super({\n cause: null,\n code: 'not_waas_wallet_account_error',\n docsUrl: null,\n name: 'NotWaasWalletAccountError',\n shortMessage: `Wallet account ${walletAddress} is not a Dynamic WaaS wallet account`,\n });\n }\n}\n","import { EmbeddedWalletVersionEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if Dynamic WaaS (Wallet as a Service) is enabled for the current project.\n *\n * This function examines the project settings to determine if Dynamic WaaS is\n * enabled in the Dynamic Dashboard or not.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if Dynamic WaaS is enabled, false otherwise.\n * @notInstrumented\n */\nexport const isDynamicWaasEnabled = (client = getDefaultClient()) => {\n const projectSettings = client.projectSettings;\n\n assertDefined(projectSettings, 'Project settings are not available');\n\n const embeddedWalletSettings = projectSettings.sdk.embeddedWallets;\n\n const dynamicWaasIsEnabled =\n embeddedWalletSettings?.defaultWalletVersion ===\n EmbeddedWalletVersionEnum.V3;\n\n return dynamicWaasIsEnabled;\n};\n"],"mappings":";;;;;AAMA,IAAa,4BAAb,cAA+CA,oCAAU;CACvD,YAAY,EAAE,iBAAkD;AAC9D,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,kBAAkB,cAAc;GAC/C,CAAC;;;;;;;;;;;;;;;;ACCN,MAAa,wBAAwB,SAASC,4CAAkB,KAAK;CACnE,MAAM,kBAAkB,OAAO;AAE/B,yCAAc,iBAAiB,qCAAqC;AAQpE,QAN+B,gBAAgB,IAAI,iBAGzB,yBACxBC,qDAA0B"}
1
+ {"version":3,"file":"isDynamicWaasEnabled-A8Humh0r.cjs","names":["BaseError","getDefaultClient","EmbeddedWalletVersionEnum"],"sources":["../src/errors/NotWaasWalletAccountError.ts","../src/modules/waas/isDynamicWaasEnabled/isDynamicWaasEnabled.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype NotWaasWalletAccountErrorParams = {\n walletAddress: string;\n};\n\nexport class NotWaasWalletAccountError extends BaseError {\n constructor({ walletAddress }: NotWaasWalletAccountErrorParams) {\n super({\n cause: null,\n code: 'not_waas_wallet_account_error',\n docsUrl: null,\n name: 'NotWaasWalletAccountError',\n shortMessage: `Wallet account ${walletAddress} is not a Dynamic WaaS wallet account`,\n });\n }\n}\n","import { EmbeddedWalletVersionEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if Dynamic WaaS (Wallet as a Service) is enabled for the current project.\n *\n * This function examines the project settings to determine if Dynamic WaaS is\n * enabled in the Dynamic Dashboard or not.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if Dynamic WaaS is enabled, false otherwise.\n * @notInstrumented\n */\nexport const isDynamicWaasEnabled = (client = getDefaultClient()) => {\n const projectSettings = client.projectSettings;\n\n assertDefined(projectSettings, 'Project settings are not available');\n\n const embeddedWalletSettings = projectSettings.sdk.embeddedWallets;\n\n const dynamicWaasIsEnabled =\n embeddedWalletSettings?.defaultWalletVersion ===\n EmbeddedWalletVersionEnum.V3;\n\n return dynamicWaasIsEnabled;\n};\n"],"mappings":";;;;;AAMA,IAAa,4BAAb,cAA+CA,oCAAU;CACvD,YAAY,EAAE,iBAAkD;AAC9D,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,kBAAkB,cAAc;GAC/C,CAAC;;;;;;;;;;;;;;;;ACCN,MAAa,wBAAwB,SAASC,4CAAkB,KAAK;CACnE,MAAM,kBAAkB,OAAO;AAE/B,yCAAc,iBAAiB,qCAAqC;AAQpE,QAN+B,gBAAgB,IAAI,iBAGzB,yBACxBC,qDAA0B"}
@@ -1,4 +1,4 @@
1
- import { Q as assertDefined, at as getDefaultClient, ct as BaseError } from "./InvalidParamError-Dn_riAvL.esm.js";
1
+ import { Q as assertDefined, at as getDefaultClient, ct as BaseError } from "./InvalidParamError-PQ2Xen_o.esm.js";
2
2
  import { EmbeddedWalletVersionEnum } from "@dynamic-labs/sdk-api-core";
3
3
 
4
4
  //#region src/errors/NotWaasWalletAccountError.ts
@@ -34,4 +34,4 @@ const isDynamicWaasEnabled = (client = getDefaultClient()) => {
34
34
 
35
35
  //#endregion
36
36
  export { NotWaasWalletAccountError as n, isDynamicWaasEnabled as t };
37
- //# sourceMappingURL=isDynamicWaasEnabled-CuSe2RO1.esm.js.map
37
+ //# sourceMappingURL=isDynamicWaasEnabled-BmWqrgz1.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"isDynamicWaasEnabled-CuSe2RO1.esm.js","names":[],"sources":["../src/errors/NotWaasWalletAccountError.ts","../src/modules/waas/isDynamicWaasEnabled/isDynamicWaasEnabled.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype NotWaasWalletAccountErrorParams = {\n walletAddress: string;\n};\n\nexport class NotWaasWalletAccountError extends BaseError {\n constructor({ walletAddress }: NotWaasWalletAccountErrorParams) {\n super({\n cause: null,\n code: 'not_waas_wallet_account_error',\n docsUrl: null,\n name: 'NotWaasWalletAccountError',\n shortMessage: `Wallet account ${walletAddress} is not a Dynamic WaaS wallet account`,\n });\n }\n}\n","import { EmbeddedWalletVersionEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if Dynamic WaaS (Wallet as a Service) is enabled for the current project.\n *\n * This function examines the project settings to determine if Dynamic WaaS is\n * enabled in the Dynamic Dashboard or not.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if Dynamic WaaS is enabled, false otherwise.\n * @notInstrumented\n */\nexport const isDynamicWaasEnabled = (client = getDefaultClient()) => {\n const projectSettings = client.projectSettings;\n\n assertDefined(projectSettings, 'Project settings are not available');\n\n const embeddedWalletSettings = projectSettings.sdk.embeddedWallets;\n\n const dynamicWaasIsEnabled =\n embeddedWalletSettings?.defaultWalletVersion ===\n EmbeddedWalletVersionEnum.V3;\n\n return dynamicWaasIsEnabled;\n};\n"],"mappings":";;;;AAMA,IAAa,4BAAb,cAA+C,UAAU;CACvD,YAAY,EAAE,iBAAkD;AAC9D,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,kBAAkB,cAAc;GAC/C,CAAC;;;;;;;;;;;;;;;;ACCN,MAAa,wBAAwB,SAAS,kBAAkB,KAAK;CACnE,MAAM,kBAAkB,OAAO;AAE/B,eAAc,iBAAiB,qCAAqC;AAQpE,QAN+B,gBAAgB,IAAI,iBAGzB,yBACxB,0BAA0B"}
1
+ {"version":3,"file":"isDynamicWaasEnabled-BmWqrgz1.esm.js","names":[],"sources":["../src/errors/NotWaasWalletAccountError.ts","../src/modules/waas/isDynamicWaasEnabled/isDynamicWaasEnabled.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype NotWaasWalletAccountErrorParams = {\n walletAddress: string;\n};\n\nexport class NotWaasWalletAccountError extends BaseError {\n constructor({ walletAddress }: NotWaasWalletAccountErrorParams) {\n super({\n cause: null,\n code: 'not_waas_wallet_account_error',\n docsUrl: null,\n name: 'NotWaasWalletAccountError',\n shortMessage: `Wallet account ${walletAddress} is not a Dynamic WaaS wallet account`,\n });\n }\n}\n","import { EmbeddedWalletVersionEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if Dynamic WaaS (Wallet as a Service) is enabled for the current project.\n *\n * This function examines the project settings to determine if Dynamic WaaS is\n * enabled in the Dynamic Dashboard or not.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if Dynamic WaaS is enabled, false otherwise.\n * @notInstrumented\n */\nexport const isDynamicWaasEnabled = (client = getDefaultClient()) => {\n const projectSettings = client.projectSettings;\n\n assertDefined(projectSettings, 'Project settings are not available');\n\n const embeddedWalletSettings = projectSettings.sdk.embeddedWallets;\n\n const dynamicWaasIsEnabled =\n embeddedWalletSettings?.defaultWalletVersion ===\n EmbeddedWalletVersionEnum.V3;\n\n return dynamicWaasIsEnabled;\n};\n"],"mappings":";;;;AAMA,IAAa,4BAAb,cAA+C,UAAU;CACvD,YAAY,EAAE,iBAAkD;AAC9D,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,kBAAkB,cAAc;GAC/C,CAAC;;;;;;;;;;;;;;;;ACCN,MAAa,wBAAwB,SAAS,kBAAkB,KAAK;CACnE,MAAM,kBAAkB,OAAO;AAE/B,eAAc,iBAAiB,qCAAqC;AAQpE,QAN+B,gBAAgB,IAAI,iBAGzB,yBACxB,0BAA0B"}
@@ -1,4 +1,4 @@
1
- import { H as assertDefined, Q as BaseError, Y as getDefaultClient } from "./InvalidParamError-DYezznCD.native.esm.js";
1
+ import { H as assertDefined, Q as BaseError, Y as getDefaultClient } from "./InvalidParamError-5AXtm6Zp.native.esm.js";
2
2
  import { EmbeddedWalletVersionEnum } from "@dynamic-labs/sdk-api-core";
3
3
 
4
4
  //#region src/errors/NotWaasWalletAccountError.ts
@@ -34,4 +34,4 @@ const isDynamicWaasEnabled = (client = getDefaultClient()) => {
34
34
 
35
35
  //#endregion
36
36
  export { NotWaasWalletAccountError as n, isDynamicWaasEnabled as t };
37
- //# sourceMappingURL=isDynamicWaasEnabled-CvD8_c7H.native.esm.js.map
37
+ //# sourceMappingURL=isDynamicWaasEnabled-Djp4QuBw.native.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"isDynamicWaasEnabled-CvD8_c7H.native.esm.js","names":[],"sources":["../src/errors/NotWaasWalletAccountError.ts","../src/modules/waas/isDynamicWaasEnabled/isDynamicWaasEnabled.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype NotWaasWalletAccountErrorParams = {\n walletAddress: string;\n};\n\nexport class NotWaasWalletAccountError extends BaseError {\n constructor({ walletAddress }: NotWaasWalletAccountErrorParams) {\n super({\n cause: null,\n code: 'not_waas_wallet_account_error',\n docsUrl: null,\n name: 'NotWaasWalletAccountError',\n shortMessage: `Wallet account ${walletAddress} is not a Dynamic WaaS wallet account`,\n });\n }\n}\n","import { EmbeddedWalletVersionEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if Dynamic WaaS (Wallet as a Service) is enabled for the current project.\n *\n * This function examines the project settings to determine if Dynamic WaaS is\n * enabled in the Dynamic Dashboard or not.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if Dynamic WaaS is enabled, false otherwise.\n * @notInstrumented\n */\nexport const isDynamicWaasEnabled = (client = getDefaultClient()) => {\n const projectSettings = client.projectSettings;\n\n assertDefined(projectSettings, 'Project settings are not available');\n\n const embeddedWalletSettings = projectSettings.sdk.embeddedWallets;\n\n const dynamicWaasIsEnabled =\n embeddedWalletSettings?.defaultWalletVersion ===\n EmbeddedWalletVersionEnum.V3;\n\n return dynamicWaasIsEnabled;\n};\n"],"mappings":";;;;AAMA,IAAa,4BAAb,cAA+C,UAAU;CACvD,YAAY,EAAE,iBAAkD;AAC9D,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,kBAAkB,cAAc;GAC/C,CAAC;;;;;;;;;;;;;;;;ACCN,MAAa,wBAAwB,SAAS,kBAAkB,KAAK;CACnE,MAAM,kBAAkB,OAAO;AAE/B,eAAc,iBAAiB,qCAAqC;AAQpE,QAN+B,gBAAgB,IAAI,iBAGzB,yBACxB,0BAA0B"}
1
+ {"version":3,"file":"isDynamicWaasEnabled-Djp4QuBw.native.esm.js","names":[],"sources":["../src/errors/NotWaasWalletAccountError.ts","../src/modules/waas/isDynamicWaasEnabled/isDynamicWaasEnabled.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype NotWaasWalletAccountErrorParams = {\n walletAddress: string;\n};\n\nexport class NotWaasWalletAccountError extends BaseError {\n constructor({ walletAddress }: NotWaasWalletAccountErrorParams) {\n super({\n cause: null,\n code: 'not_waas_wallet_account_error',\n docsUrl: null,\n name: 'NotWaasWalletAccountError',\n shortMessage: `Wallet account ${walletAddress} is not a Dynamic WaaS wallet account`,\n });\n }\n}\n","import { EmbeddedWalletVersionEnum } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if Dynamic WaaS (Wallet as a Service) is enabled for the current project.\n *\n * This function examines the project settings to determine if Dynamic WaaS is\n * enabled in the Dynamic Dashboard or not.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if Dynamic WaaS is enabled, false otherwise.\n * @notInstrumented\n */\nexport const isDynamicWaasEnabled = (client = getDefaultClient()) => {\n const projectSettings = client.projectSettings;\n\n assertDefined(projectSettings, 'Project settings are not available');\n\n const embeddedWalletSettings = projectSettings.sdk.embeddedWallets;\n\n const dynamicWaasIsEnabled =\n embeddedWalletSettings?.defaultWalletVersion ===\n EmbeddedWalletVersionEnum.V3;\n\n return dynamicWaasIsEnabled;\n};\n"],"mappings":";;;;AAMA,IAAa,4BAAb,cAA+C,UAAU;CACvD,YAAY,EAAE,iBAAkD;AAC9D,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,kBAAkB,cAAc;GAC/C,CAAC;;;;;;;;;;;;;;;;ACCN,MAAa,wBAAwB,SAAS,kBAAkB,KAAK;CACnE,MAAM,kBAAkB,OAAO;AAE/B,eAAc,iBAAiB,qCAAqC;AAQpE,QAN+B,gBAAgB,IAAI,iBAGzB,yBACxB,0BAA0B"}
@@ -25,7 +25,7 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
25
25
  }) : target, mod));
26
26
 
27
27
  //#endregion
28
- const require_InvalidParamError = require('./InvalidParamError-DHriGGNI.cjs');
28
+ const require_InvalidParamError = require('./InvalidParamError-DCpeZMBr.cjs');
29
29
  let zod_mini = require("zod/mini");
30
30
  zod_mini = __toESM(zod_mini);
31
31
 
@@ -403,4 +403,4 @@ Object.defineProperty(exports, 'retryOnFail', {
403
403
  return retryOnFail;
404
404
  }
405
405
  });
406
- //# sourceMappingURL=isMfaRequiredForAction-DECknr5q.cjs.map
406
+ //# sourceMappingURL=isMfaRequiredForAction-3fWX5MEF.cjs.map
@@ -1 +1 @@
1
- {"version":3,"file":"isMfaRequiredForAction-DECknr5q.cjs","names":["BaseError","getDefaultClient","getWalletAccounts","z","getDefaultClient","getCore","createApiClient","CLIENT_SDK_NAME","getCore","getCore","walletProvidersMap: Map<string, WalletProvider>","getWalletAccounts","getWalletProviderFromWalletAccount","getCore","getDefaultClient","getCore","createApiClient","getDefaultClient"],"sources":["../src/utils/retryOnFail/InvalidRetryOnFailCallError.ts","../src/utils/retryOnFail/retryOnFail.ts","../src/modules/auth/isSignedIn/isSignedIn.ts","../src/services/storage/createStorageKeySchema/createStorageKeySchema.ts","../src/modules/projectSettings/fetchProjectSettings/projectSettingsExpirationScheme.ts","../src/modules/projectSettings/fetchProjectSettings/fetchProjectSettings.ts","../src/modules/sessionKeys/generateSessionKeys/generateSessionKeys.ts","../src/modules/wallets/utils/getAvailableWalletProvidersFromWalletAccounts/getAvailableWalletProvidersFromWalletAccounts.ts","../src/modules/wallets/destroyWalletProviders/destroyWalletProviders.ts","../src/modules/auth/logoutWithReason/logoutWithReason.ts","../src/modules/mfa/consumeMfaToken/consumeMfaToken.ts","../src/modules/mfa/getMfaMethods/getMfaMethods.ts","../src/modules/mfa/isMfaRequiredForAction/isMfaRequiredForAction.ts"],"sourcesContent":["import { BaseError } from '../../errors/base';\n\n/**\n * This error is thrown when the `retryOnFail` function is called with an invalid\n * number of retries (i.e. less than 0).\n */\nexport class InvalidRetryOnFailCallError extends BaseError {\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(maxRetries: number) {\n super({\n cause: null,\n code: 'invalid_retry_on_fail_call_error',\n docsUrl: null,\n name: 'InvalidRetryOnFailCallError',\n shortMessage: `Invalid retries parameter for retryOnFail call: ${maxRetries}`,\n });\n }\n}\n","import { InvalidRetryOnFailCallError } from './InvalidRetryOnFailCallError';\n\nexport type RetryOnFailParams<T> = {\n /**\n * The delay between retries in milliseconds.\n */\n delay?: number;\n /**\n * The function to call.\n */\n fn: () => Promise<T>;\n /**\n * The maximum number of retries.\n *\n * When set to 0, the function will be called only once and is\n * therefore equivalent to calling the function directly.\n */\n maxRetries: number;\n};\n\n/** @notInstrumented */\nexport const retryOnFail = async <T>({\n delay = 0,\n fn,\n maxRetries,\n}: RetryOnFailParams<T>) => {\n for (let retry = 0; retry <= maxRetries; retry++) {\n try {\n return await fn();\n } catch (error) {\n if (retry >= maxRetries) {\n throw error;\n }\n\n if (delay > 0) {\n await new Promise((resolve) => setTimeout(resolve, delay));\n }\n }\n }\n\n /**\n * Reaching this point should never happen and this\n * error is thrown to help us debug the issue.\n */\n throw new InvalidRetryOnFailCallError(maxRetries);\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\n\n/**\n * Checks if the user is currently signed in to the Dynamic client.\n *\n * The client is considered to be in a signed in state if a user has\n * authenticated or if the client has at least one wallet connected.\n *\n * @deprecated What counts as \"signed in\" is your app's business logic, not the\n * SDK's. This helper bakes in one opinion (a user OR any connected wallet),\n * which rarely matches every app and forces a dependency on us for every\n * variation. Compose your own check from the underlying primitives instead —\n * e.g. `Boolean(client.user) || isAnyWalletAccountConnected(client)` — and\n * layer in whatever your app requires (device registration, completed\n * onboarding, satisfied MFA, a required embedded wallet, …). See the\n * \"Check if signed in\" guide:\n * https://www.dynamic.xyz/docs/javascript/user-session-management\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if the user is signed in, false otherwise.\n * @notInstrumented\n */\nexport const isSignedIn = (client = getDefaultClient()) =>\n Boolean(client.user || getWalletAccounts(client).length > 0);\n","import type * as z from 'zod/mini';\n\nimport type { StorageKeySchema, StorageKeySchemaConfig } from '../storage.types';\n\n/** @notInstrumented */\nexport const createStorageKeySchema = <T>(params: {\n config?: StorageKeySchemaConfig;\n key: string;\n schema: z.ZodMiniType<T>;\n}): StorageKeySchema<T> => {\n return params;\n};\n","import * as z from 'zod/mini';\n\nimport { createStorageKeySchema } from '../../../services/storage';\n\n/**\n * The schema to track the expiration time of the project settings.\n */\nexport const projectSettingsExpirationStorageKeySchema = createStorageKeySchema(\n {\n key: 'projectSettingsExpiration',\n schema: z.number(),\n }\n);\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { retryOnFail } from '../../../utils/retryOnFail';\nimport { createApiClient } from '../../apiClient';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { isSignedIn } from '../../auth/isSignedIn';\nimport { projectSettingsExpirationStorageKeySchema } from './projectSettingsExpirationScheme';\n\n/**\n * Expiration time of the project settings in milliseconds.\n */\nexport const PROJECT_SETTINGS_EXPIRATION_TIME = 1000 * 60 * 5; // 5 minutes\n\n/**\n * Fetches and updates the project settings from the API.\n *\n * This function retrieves the latest project configuration settings\n * from Dynamic's servers, including authentication options, enabled chains,\n * and security configurations. The settings are cached for performance.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the updated project settings.\n * @notInstrumented\n * @noHook Internal settings fetch that is not part of the public hook surface.\n */\nexport const fetchProjectSettings = async (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const currentExpiration = await core.storage.getItem(\n projectSettingsExpirationStorageKeySchema\n );\n\n const hasProjectSettings = Boolean(client.projectSettings);\n const isExpired = currentExpiration && currentExpiration < Date.now();\n\n // We want to cache the project settings if its valid and user is connected.\n // This avoids unnecessary API calls and speeds up the initial load.\n if (hasProjectSettings && !isExpired && isSignedIn(client)) {\n return client.projectSettings;\n }\n\n const apiClient = createApiClient({}, client);\n\n core.logger.debug('[fetchProjectSettings] Fetching project settings...');\n\n const doFetch = async () =>\n apiClient.getEnvironmentSettings(\n {\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n },\n {\n credentials: 'omit',\n }\n );\n\n const projectSettings = await retryOnFail({\n fn: doFetch,\n maxRetries: 2,\n });\n\n core.state.set({ projectSettings: projectSettings ?? null });\n\n await core.storage.setItem(\n projectSettingsExpirationStorageKeySchema,\n Date.now() + PROJECT_SETTINGS_EXPIRATION_TIME\n );\n\n return projectSettings;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport type { SessionKeys } from '../sessionKeys.types';\n\n/** @notInstrumented */\nexport const generateSessionKeys = async (\n client: DynamicClient\n): Promise<SessionKeys> => {\n const core = getCore(client);\n\n await core.keychain.removeKey('session');\n\n const publicKey = await core.keychain.generateKey('session');\n\n assertDefined(publicKey, 'Public key not found');\n\n core.state.set({\n sessionKeys: publicKey,\n });\n\n return { publicKey };\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { getWalletAccounts } from '../../getWalletAccounts';\nimport type { WalletProvider } from '../../walletProvider';\nimport { getWalletProviderFromWalletAccount } from '../getWalletProviderFromWalletAccount';\n\n/** @notInstrumented */\nexport const getAvailableWalletProvidersFromWalletAccounts = (\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletProvidersMap: Map<string, WalletProvider> = new Map();\n\n const walletAccounts = getWalletAccounts(client);\n\n walletAccounts.forEach((walletAccount) => {\n if (walletProvidersMap.has(walletAccount.walletProviderKey)) {\n return;\n }\n\n try {\n const walletProvider = getWalletProviderFromWalletAccount(\n {\n walletAccount,\n },\n client\n );\n\n walletProvidersMap.set(walletAccount.walletProviderKey, walletProvider);\n } catch (error) {\n core.logger.debug('Wallet provider not found for wallet account', {\n error,\n walletAccount: walletAccount.address,\n });\n }\n });\n\n return Array.from(walletProvidersMap.values());\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { LogoutReason } from '../../auth/logoutReason';\nimport { getAvailableWalletProvidersFromWalletAccounts } from '../utils/getAvailableWalletProvidersFromWalletAccounts';\n\n/**\n * Tear down every wallet provider on the client.\n *\n * Each provider's `destroy` is responsible for its own local + remote\n * cleanup. We swallow errors so a failing destroy on one provider does not\n * block teardown of the others (e.g. during logout).\n *\n * @notInstrumented\n */\nexport const destroyWalletProviders = async (\n { reason }: { reason?: LogoutReason },\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletProviders = getAvailableWalletProvidersFromWalletAccounts(client);\n\n await Promise.all(\n walletProviders.map(async (walletProvider) => {\n if (!walletProvider.destroy) return;\n try {\n await walletProvider.destroy({ reason });\n } catch (err) {\n core.logger.error(\n `Error destroying wallet provider ${walletProvider.key}`,\n err\n );\n }\n })\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { getCore } from '../../../client/core/getCore';\nimport { setCookie } from '../../../utils/setCookie';\nimport { createApiClient } from '../../apiClient';\nimport { emitEvent } from '../../clientEvents';\nimport { fetchProjectSettings } from '../../projectSettings/fetchProjectSettings';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { generateSessionKeys } from '../../sessionKeys/generateSessionKeys';\nimport { destroyWalletProviders } from '../../wallets/destroyWalletProviders';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport type { LogoutReason } from '../logoutReason';\n\n/**\n * Logs the user out with an explicit reason.\n *\n * Revokes the session, clears auth state, terminates wallet providers, and\n * emits the `logout` client event with the given reason. The reason is also\n * captured as an argument on the function-instrumentation event, which is\n * how Datadog distinguishes between different logout causes.\n *\n * Use this instead of the public `logout` when triggering a logout from\n * internal or extension code — the caller owns the reason string, so the\n * telemetry correctly attributes *why* the logout happened.\n *\n * @param params - The logout params.\n * @param params.reason - Why the logout is being triggered. Extension authors\n * needing a reason outside the SDK catalog can cast with `as LogoutReason`.\n * @param client - The Dynamic client instance.\n * @instrumented\n */\nexport const logoutWithReason = async (\n { reason }: { reason: LogoutReason },\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n core.logger.debug('[logoutWithReason] Logging out...', { reason });\n\n await destroyWalletProviders({ reason }, client);\n\n if (client.user !== null) {\n const apiClient = createApiClient({}, client);\n\n try {\n await apiClient.revokeSession({\n environmentId: core.environmentId,\n });\n } catch (error) {\n core.logger.error('Failed to revoke session', error);\n }\n\n /**\n * This deletes the auth cookie if it exists.\n * If the cookie doesn't exist, this sets a new cookie that expires immediately.\n */\n if (isCookieEnabled(client)) {\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=; Max-Age=-99999999; path=/; SameSite=Lax`\n );\n }\n }\n\n await core.keychain.removeKey('session');\n\n core.state.set({\n captchaToken: null,\n elevatedAccessTokens: [],\n legacyToken: null,\n mfaToken: null,\n sessionExpiresAt: null,\n sessionKeys: null,\n token: null,\n unverifiedWalletAccounts: [],\n user: null,\n });\n\n emitEvent({ args: { reason }, event: 'logout' }, client);\n\n // Refetch project settings\n void fetchProjectSettings(client);\n\n // Regenerate session keys\n void generateSessionKeys(client);\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Consumes and clears the current MFA token from the client state.\n *\n * This function retrieves the MFA token obtained from a successful MFA authentication,\n * and removes it from the client, to prevent it from being used again.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns The MFA token that was consumed.\n * @throws Error if no MFA token is found.\n * @instrumented\n * @redact-params\n */\nexport const consumeMfaToken = (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const mfaToken = core.state.get().mfaToken;\n\n assertDefined(mfaToken, 'No MFA token found');\n\n core.state.set({\n mfaToken: null,\n });\n\n return mfaToken;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { createApiClient } from '../../apiClient';\n\n/**\n * Retrieves the available MFA methods for the current user.\n *\n * This function fetches information about which multi-factor authentication\n * methods are available and configured for the user's account.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the user's MFA methods configuration.\n * @notInstrumented\n */\nexport const getMfaMethods = async (client = getDefaultClient()) => {\n const core = getCore(client);\n const apiClient = createApiClient({}, client);\n\n const userMfaMethods = await apiClient.getUserMfaMethods({\n environmentId: core.environmentId,\n verifiedOnly: true,\n });\n\n return userMfaMethods;\n};\n","import type { MFAAction } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { getMfaMethods } from '../getMfaMethods';\n\ntype IsMfaRequiredForActionParams = {\n mfaAction: MFAAction;\n};\n\n/**\n * Checks if MFA is required for a specific action.\n *\n * This function determines whether multi-factor authentication is required\n * for the specified action based on project settings and user configuration.\n *\n * @param params.mfaAction - The action to check MFA requirements for.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to true if MFA is required for the action, false otherwise.\n * @notInstrumented\n */\nexport const isMfaRequiredForAction = async (\n { mfaAction }: IsMfaRequiredForActionParams,\n client = getDefaultClient()\n) => {\n const projectSettings = client.projectSettings;\n\n const isRequiredForAction = projectSettings?.security?.mfa?.actions?.some(\n (action) => action.action === mfaAction && action.required\n );\n\n // if mfa is not required for the action, return false\n // no matter if general mfa is set to required or not\n if (!isRequiredForAction) {\n return false;\n }\n\n const isMfaMethodRequired = projectSettings?.security?.mfa?.required;\n\n // if mfa is required for the action and also set as required in general, return true\n if (isMfaMethodRequired) {\n return true;\n }\n\n const mfaMethods = await getMfaMethods(client);\n // if general mfa is optional, but user has registered methods,\n // then it should be required for the action\n return mfaMethods.userHasVerifiedMfaMethods;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA,IAAa,8BAAb,cAAiDA,oCAAU;CAEzD,YAAY,YAAoB;AAC9B,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,mDAAmD;GAClE,CAAC;;;;;;;ACMN,MAAa,cAAc,OAAU,EACnC,QAAQ,GACR,IACA,iBAC0B;AAC1B,MAAK,IAAI,QAAQ,GAAG,SAAS,YAAY,QACvC,KAAI;AACF,SAAO,MAAM,IAAI;UACV,OAAO;AACd,MAAI,SAAS,WACX,OAAM;AAGR,MAAI,QAAQ,EACV,OAAM,IAAI,SAAS,YAAY,WAAW,SAAS,MAAM,CAAC;;;;;;AAShE,OAAM,IAAI,4BAA4B,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;ACrBnD,MAAa,cAAc,SAASC,4CAAkB,KACpD,QAAQ,OAAO,QAAQC,4CAAkB,OAAO,CAAC,SAAS,EAAE;;;;;ACnB9D,MAAa,0BAA6B,WAIf;AACzB,QAAO;;;;;;;;ACHT,MAAa,4CAA4C,uBACvD;CACE,KAAK;CACL,QAAQC,SAAE,QAAQ;CACnB,CACF;;;;;;;ACDD,MAAa,mCAAmC,MAAO,KAAK;;;;;;;;;;;;;AAc5D,MAAa,uBAAuB,OAAO,SAASC,4CAAkB,KAAK;CACzE,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,oBAAoB,MAAM,KAAK,QAAQ,QAC3C,0CACD;AAOD,KAL2B,QAAQ,OAAO,gBAAgB,IAKhC,EAJR,qBAAqB,oBAAoB,KAAK,KAAK,KAI7B,WAAW,OAAO,CACxD,QAAO,OAAO;CAGhB,MAAM,YAAYC,0CAAgB,EAAE,EAAE,OAAO;AAE7C,MAAK,OAAO,MAAM,sDAAsD;CAExE,MAAM,UAAU,YACd,UAAU,uBACR;EACE,eAAe,KAAK;EACpB,YAAY,GAAGC,0CAAgB,GAAG,KAAK;EACxC,EACD,EACE,aAAa,QACd,CACF;CAEH,MAAM,kBAAkB,MAAM,YAAY;EACxC,IAAI;EACJ,YAAY;EACb,CAAC;AAEF,MAAK,MAAM,IAAI,EAAE,iBAAiB,mBAAmB,MAAM,CAAC;AAE5D,OAAM,KAAK,QAAQ,QACjB,2CACA,KAAK,KAAK,GAAG,iCACd;AAED,QAAO;;;;;;AC9DT,MAAa,sBAAsB,OACjC,WACyB;CACzB,MAAM,OAAOC,kCAAQ,OAAO;AAE5B,OAAM,KAAK,SAAS,UAAU,UAAU;CAExC,MAAM,YAAY,MAAM,KAAK,SAAS,YAAY,UAAU;AAE5D,yCAAc,WAAW,uBAAuB;AAEhD,MAAK,MAAM,IAAI,EACb,aAAa,WACd,CAAC;AAEF,QAAO,EAAE,WAAW;;;;;;ACdtB,MAAa,iDACX,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAMC,qCAAkD,IAAI,KAAK;AAIjE,CAFuBC,4CAAkB,OAAO,CAEjC,SAAS,kBAAkB;AACxC,MAAI,mBAAmB,IAAI,cAAc,kBAAkB,CACzD;AAGF,MAAI;GACF,MAAM,iBAAiBC,6DACrB,EACE,eACD,EACD,OACD;AAED,sBAAmB,IAAI,cAAc,mBAAmB,eAAe;WAChE,OAAO;AACd,QAAK,OAAO,MAAM,gDAAgD;IAChE;IACA,eAAe,cAAc;IAC9B,CAAC;;GAEJ;AAEF,QAAO,MAAM,KAAK,mBAAmB,QAAQ,CAAC;;;;;;;;;;;;;;ACxBhD,MAAa,yBAAyB,OACpC,EAAE,UACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,kBAAkB,8CAA8C,OAAO;AAE7E,OAAM,QAAQ,IACZ,gBAAgB,IAAI,OAAO,mBAAmB;AAC5C,MAAI,CAAC,eAAe,QAAS;AAC7B,MAAI;AACF,SAAM,eAAe,QAAQ,EAAE,QAAQ,CAAC;WACjC,KAAK;AACZ,QAAK,OAAO,MACV,oCAAoC,eAAe,OACnD,IACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;;ACDH,MAAK,mBAAA,OACH,EAAA,qBAEA;;;AAKA,OAAE,uBAAkB,EAAA,QAAmB,EAAC,OAAO;AAE/C,KAAE,OAAI,SAAA,MAAA;EACJ,MAAE,YAAgB,0CAAc,EAAA,EAAA,OAAA;AAEhC,MAAI;AACF,SAAM,UAAQ,cAAA,EACd,eAAiB,KAAE,eACrB,CAAA;;AAEE,QAAA,OAAA,MAAA,4BAAA,MAAA;;;;;;AAOF,MAAG,0CAAA,OAAA,CACH,qCACF,GAAA,mDAAA;;AAKA,OAAE,KAAA,SAAkB,UAAA,UAAA;AAEpB,MAAE,MAAA,IAAa;EACb,cAAc;EACd,sBAAsB,EAAA;EACtB,aAAa;EACb,UAAO;EACP,kBAAA;EACA,aAAU;EACV,OAAA;;EAEF,MAAA;;AAGA,qCAAK;EAAA,MAAA,EAAA,QAAqB;EAAA,OAAO;EAAA,EAAA,OAAA;AAGjC,CAAK,qBAAoB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC/DlC,MAAE,mBAAsB,SAAU,4CAAU,KAAA;;;AAK1C,yCAAY,UAAI,qBAAA;kBAGhB,UAAO,MACR,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACdD,MAAa,gBAAgB,OAAO,SAASC,4CAAkB,KAAK;CAClE,MAAM,OAAOC,kCAAQ,OAAO;AAQ5B,QALuB,MAFLC,0CAAgB,EAAE,EAAE,OAAO,CAEN,kBAAkB;EACvD,eAAe,KAAK;EACpB,cAAc;EACf,CAAC;;;;;;;;;;;;;;;;ACDJ,MAAa,yBAAyB,OACpC,EAAE,aACF,SAASC,4CAAkB,KACxB;CACH,MAAM,kBAAkB,OAAO;AAQ/B,KAAI,CANwB,iBAAiB,UAAU,KAAK,SAAS,MAClE,WAAW,OAAO,WAAW,aAAa,OAAO,SACnD,CAKC,QAAO;AAMT,KAH4B,iBAAiB,UAAU,KAAK,SAI1D,QAAO;AAMT,SAHmB,MAAM,cAAc,OAAO,EAG5B"}
1
+ {"version":3,"file":"isMfaRequiredForAction-3fWX5MEF.cjs","names":["BaseError","getDefaultClient","getWalletAccounts","z","getDefaultClient","getCore","createApiClient","CLIENT_SDK_NAME","getCore","getCore","walletProvidersMap: Map<string, WalletProvider>","getWalletAccounts","getWalletProviderFromWalletAccount","getCore","getDefaultClient","getCore","createApiClient","getDefaultClient"],"sources":["../src/utils/retryOnFail/InvalidRetryOnFailCallError.ts","../src/utils/retryOnFail/retryOnFail.ts","../src/modules/auth/isSignedIn/isSignedIn.ts","../src/services/storage/createStorageKeySchema/createStorageKeySchema.ts","../src/modules/projectSettings/fetchProjectSettings/projectSettingsExpirationScheme.ts","../src/modules/projectSettings/fetchProjectSettings/fetchProjectSettings.ts","../src/modules/sessionKeys/generateSessionKeys/generateSessionKeys.ts","../src/modules/wallets/utils/getAvailableWalletProvidersFromWalletAccounts/getAvailableWalletProvidersFromWalletAccounts.ts","../src/modules/wallets/destroyWalletProviders/destroyWalletProviders.ts","../src/modules/auth/logoutWithReason/logoutWithReason.ts","../src/modules/mfa/consumeMfaToken/consumeMfaToken.ts","../src/modules/mfa/getMfaMethods/getMfaMethods.ts","../src/modules/mfa/isMfaRequiredForAction/isMfaRequiredForAction.ts"],"sourcesContent":["import { BaseError } from '../../errors/base';\n\n/**\n * This error is thrown when the `retryOnFail` function is called with an invalid\n * number of retries (i.e. less than 0).\n */\nexport class InvalidRetryOnFailCallError extends BaseError {\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(maxRetries: number) {\n super({\n cause: null,\n code: 'invalid_retry_on_fail_call_error',\n docsUrl: null,\n name: 'InvalidRetryOnFailCallError',\n shortMessage: `Invalid retries parameter for retryOnFail call: ${maxRetries}`,\n });\n }\n}\n","import { InvalidRetryOnFailCallError } from './InvalidRetryOnFailCallError';\n\nexport type RetryOnFailParams<T> = {\n /**\n * The delay between retries in milliseconds.\n */\n delay?: number;\n /**\n * The function to call.\n */\n fn: () => Promise<T>;\n /**\n * The maximum number of retries.\n *\n * When set to 0, the function will be called only once and is\n * therefore equivalent to calling the function directly.\n */\n maxRetries: number;\n};\n\n/** @notInstrumented */\nexport const retryOnFail = async <T>({\n delay = 0,\n fn,\n maxRetries,\n}: RetryOnFailParams<T>) => {\n for (let retry = 0; retry <= maxRetries; retry++) {\n try {\n return await fn();\n } catch (error) {\n if (retry >= maxRetries) {\n throw error;\n }\n\n if (delay > 0) {\n await new Promise((resolve) => setTimeout(resolve, delay));\n }\n }\n }\n\n /**\n * Reaching this point should never happen and this\n * error is thrown to help us debug the issue.\n */\n throw new InvalidRetryOnFailCallError(maxRetries);\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\n\n/**\n * Checks if the user is currently signed in to the Dynamic client.\n *\n * The client is considered to be in a signed in state if a user has\n * authenticated or if the client has at least one wallet connected.\n *\n * @deprecated What counts as \"signed in\" is your app's business logic, not the\n * SDK's. This helper bakes in one opinion (a user OR any connected wallet),\n * which rarely matches every app and forces a dependency on us for every\n * variation. Compose your own check from the underlying primitives instead —\n * e.g. `Boolean(client.user) || isAnyWalletAccountConnected(client)` — and\n * layer in whatever your app requires (device registration, completed\n * onboarding, satisfied MFA, a required embedded wallet, …). See the\n * \"Check if signed in\" guide:\n * https://www.dynamic.xyz/docs/javascript/user-session-management\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if the user is signed in, false otherwise.\n * @notInstrumented\n */\nexport const isSignedIn = (client = getDefaultClient()) =>\n Boolean(client.user || getWalletAccounts(client).length > 0);\n","import type * as z from 'zod/mini';\n\nimport type { StorageKeySchema, StorageKeySchemaConfig } from '../storage.types';\n\n/** @notInstrumented */\nexport const createStorageKeySchema = <T>(params: {\n config?: StorageKeySchemaConfig;\n key: string;\n schema: z.ZodMiniType<T>;\n}): StorageKeySchema<T> => {\n return params;\n};\n","import * as z from 'zod/mini';\n\nimport { createStorageKeySchema } from '../../../services/storage';\n\n/**\n * The schema to track the expiration time of the project settings.\n */\nexport const projectSettingsExpirationStorageKeySchema = createStorageKeySchema(\n {\n key: 'projectSettingsExpiration',\n schema: z.number(),\n }\n);\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { retryOnFail } from '../../../utils/retryOnFail';\nimport { createApiClient } from '../../apiClient';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { isSignedIn } from '../../auth/isSignedIn';\nimport { projectSettingsExpirationStorageKeySchema } from './projectSettingsExpirationScheme';\n\n/**\n * Expiration time of the project settings in milliseconds.\n */\nexport const PROJECT_SETTINGS_EXPIRATION_TIME = 1000 * 60 * 5; // 5 minutes\n\n/**\n * Fetches and updates the project settings from the API.\n *\n * This function retrieves the latest project configuration settings\n * from Dynamic's servers, including authentication options, enabled chains,\n * and security configurations. The settings are cached for performance.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the updated project settings.\n * @notInstrumented\n * @noHook Internal settings fetch that is not part of the public hook surface.\n */\nexport const fetchProjectSettings = async (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const currentExpiration = await core.storage.getItem(\n projectSettingsExpirationStorageKeySchema\n );\n\n const hasProjectSettings = Boolean(client.projectSettings);\n const isExpired = currentExpiration && currentExpiration < Date.now();\n\n // We want to cache the project settings if its valid and user is connected.\n // This avoids unnecessary API calls and speeds up the initial load.\n if (hasProjectSettings && !isExpired && isSignedIn(client)) {\n return client.projectSettings;\n }\n\n const apiClient = createApiClient({}, client);\n\n core.logger.debug('[fetchProjectSettings] Fetching project settings...');\n\n const doFetch = async () =>\n apiClient.getEnvironmentSettings(\n {\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n },\n {\n credentials: 'omit',\n }\n );\n\n const projectSettings = await retryOnFail({\n fn: doFetch,\n maxRetries: 2,\n });\n\n core.state.set({ projectSettings: projectSettings ?? null });\n\n await core.storage.setItem(\n projectSettingsExpirationStorageKeySchema,\n Date.now() + PROJECT_SETTINGS_EXPIRATION_TIME\n );\n\n return projectSettings;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport type { SessionKeys } from '../sessionKeys.types';\n\n/** @notInstrumented */\nexport const generateSessionKeys = async (\n client: DynamicClient\n): Promise<SessionKeys> => {\n const core = getCore(client);\n\n await core.keychain.removeKey('session');\n\n const publicKey = await core.keychain.generateKey('session');\n\n assertDefined(publicKey, 'Public key not found');\n\n core.state.set({\n sessionKeys: publicKey,\n });\n\n return { publicKey };\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { getWalletAccounts } from '../../getWalletAccounts';\nimport type { WalletProvider } from '../../walletProvider';\nimport { getWalletProviderFromWalletAccount } from '../getWalletProviderFromWalletAccount';\n\n/** @notInstrumented */\nexport const getAvailableWalletProvidersFromWalletAccounts = (\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletProvidersMap: Map<string, WalletProvider> = new Map();\n\n const walletAccounts = getWalletAccounts(client);\n\n walletAccounts.forEach((walletAccount) => {\n if (walletProvidersMap.has(walletAccount.walletProviderKey)) {\n return;\n }\n\n try {\n const walletProvider = getWalletProviderFromWalletAccount(\n {\n walletAccount,\n },\n client\n );\n\n walletProvidersMap.set(walletAccount.walletProviderKey, walletProvider);\n } catch (error) {\n core.logger.debug('Wallet provider not found for wallet account', {\n error,\n walletAccount: walletAccount.address,\n });\n }\n });\n\n return Array.from(walletProvidersMap.values());\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { LogoutReason } from '../../auth/logoutReason';\nimport { getAvailableWalletProvidersFromWalletAccounts } from '../utils/getAvailableWalletProvidersFromWalletAccounts';\n\n/**\n * Tear down every wallet provider on the client.\n *\n * Each provider's `destroy` is responsible for its own local + remote\n * cleanup. We swallow errors so a failing destroy on one provider does not\n * block teardown of the others (e.g. during logout).\n *\n * @notInstrumented\n */\nexport const destroyWalletProviders = async (\n { reason }: { reason?: LogoutReason },\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletProviders = getAvailableWalletProvidersFromWalletAccounts(client);\n\n await Promise.all(\n walletProviders.map(async (walletProvider) => {\n if (!walletProvider.destroy) return;\n try {\n await walletProvider.destroy({ reason });\n } catch (err) {\n core.logger.error(\n `Error destroying wallet provider ${walletProvider.key}`,\n err\n );\n }\n })\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { getCore } from '../../../client/core/getCore';\nimport { setCookie } from '../../../utils/setCookie';\nimport { createApiClient } from '../../apiClient';\nimport { emitEvent } from '../../clientEvents';\nimport { fetchProjectSettings } from '../../projectSettings/fetchProjectSettings';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { generateSessionKeys } from '../../sessionKeys/generateSessionKeys';\nimport { destroyWalletProviders } from '../../wallets/destroyWalletProviders';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport type { LogoutReason } from '../logoutReason';\n\n/**\n * Logs the user out with an explicit reason.\n *\n * Revokes the session, clears auth state, terminates wallet providers, and\n * emits the `logout` client event with the given reason. The reason is also\n * captured as an argument on the function-instrumentation event, which is\n * how Datadog distinguishes between different logout causes.\n *\n * Use this instead of the public `logout` when triggering a logout from\n * internal or extension code — the caller owns the reason string, so the\n * telemetry correctly attributes *why* the logout happened.\n *\n * @param params - The logout params.\n * @param params.reason - Why the logout is being triggered. Extension authors\n * needing a reason outside the SDK catalog can cast with `as LogoutReason`.\n * @param client - The Dynamic client instance.\n * @instrumented\n */\nexport const logoutWithReason = async (\n { reason }: { reason: LogoutReason },\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n core.logger.debug('[logoutWithReason] Logging out...', { reason });\n\n await destroyWalletProviders({ reason }, client);\n\n if (client.user !== null) {\n const apiClient = createApiClient({}, client);\n\n try {\n await apiClient.revokeSession({\n environmentId: core.environmentId,\n });\n } catch (error) {\n core.logger.error('Failed to revoke session', error);\n }\n\n /**\n * This deletes the auth cookie if it exists.\n * If the cookie doesn't exist, this sets a new cookie that expires immediately.\n */\n if (isCookieEnabled(client)) {\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=; Max-Age=-99999999; path=/; SameSite=Lax`\n );\n }\n }\n\n await core.keychain.removeKey('session');\n\n core.state.set({\n captchaToken: null,\n elevatedAccessTokens: [],\n legacyToken: null,\n mfaToken: null,\n sessionExpiresAt: null,\n sessionKeys: null,\n token: null,\n unverifiedWalletAccounts: [],\n user: null,\n });\n\n emitEvent({ args: { reason }, event: 'logout' }, client);\n\n // Refetch project settings\n void fetchProjectSettings(client);\n\n // Regenerate session keys\n void generateSessionKeys(client);\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Consumes and clears the current MFA token from the client state.\n *\n * This function retrieves the MFA token obtained from a successful MFA authentication,\n * and removes it from the client, to prevent it from being used again.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns The MFA token that was consumed.\n * @throws Error if no MFA token is found.\n * @instrumented\n * @redact-params\n */\nexport const consumeMfaToken = (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const mfaToken = core.state.get().mfaToken;\n\n assertDefined(mfaToken, 'No MFA token found');\n\n core.state.set({\n mfaToken: null,\n });\n\n return mfaToken;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { createApiClient } from '../../apiClient';\n\n/**\n * Retrieves the available MFA methods for the current user.\n *\n * This function fetches information about which multi-factor authentication\n * methods are available and configured for the user's account.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the user's MFA methods configuration.\n * @notInstrumented\n */\nexport const getMfaMethods = async (client = getDefaultClient()) => {\n const core = getCore(client);\n const apiClient = createApiClient({}, client);\n\n const userMfaMethods = await apiClient.getUserMfaMethods({\n environmentId: core.environmentId,\n verifiedOnly: true,\n });\n\n return userMfaMethods;\n};\n","import type { MFAAction } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { getMfaMethods } from '../getMfaMethods';\n\ntype IsMfaRequiredForActionParams = {\n mfaAction: MFAAction;\n};\n\n/**\n * Checks if MFA is required for a specific action.\n *\n * This function determines whether multi-factor authentication is required\n * for the specified action based on project settings and user configuration.\n *\n * @param params.mfaAction - The action to check MFA requirements for.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to true if MFA is required for the action, false otherwise.\n * @notInstrumented\n */\nexport const isMfaRequiredForAction = async (\n { mfaAction }: IsMfaRequiredForActionParams,\n client = getDefaultClient()\n) => {\n const projectSettings = client.projectSettings;\n\n const isRequiredForAction = projectSettings?.security?.mfa?.actions?.some(\n (action) => action.action === mfaAction && action.required\n );\n\n // if mfa is not required for the action, return false\n // no matter if general mfa is set to required or not\n if (!isRequiredForAction) {\n return false;\n }\n\n const isMfaMethodRequired = projectSettings?.security?.mfa?.required;\n\n // if mfa is required for the action and also set as required in general, return true\n if (isMfaMethodRequired) {\n return true;\n }\n\n const mfaMethods = await getMfaMethods(client);\n // if general mfa is optional, but user has registered methods,\n // then it should be required for the action\n return mfaMethods.userHasVerifiedMfaMethods;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA,IAAa,8BAAb,cAAiDA,oCAAU;CAEzD,YAAY,YAAoB;AAC9B,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,mDAAmD;GAClE,CAAC;;;;;;;ACMN,MAAa,cAAc,OAAU,EACnC,QAAQ,GACR,IACA,iBAC0B;AAC1B,MAAK,IAAI,QAAQ,GAAG,SAAS,YAAY,QACvC,KAAI;AACF,SAAO,MAAM,IAAI;UACV,OAAO;AACd,MAAI,SAAS,WACX,OAAM;AAGR,MAAI,QAAQ,EACV,OAAM,IAAI,SAAS,YAAY,WAAW,SAAS,MAAM,CAAC;;;;;;AAShE,OAAM,IAAI,4BAA4B,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;ACrBnD,MAAa,cAAc,SAASC,4CAAkB,KACpD,QAAQ,OAAO,QAAQC,4CAAkB,OAAO,CAAC,SAAS,EAAE;;;;;ACnB9D,MAAa,0BAA6B,WAIf;AACzB,QAAO;;;;;;;;ACHT,MAAa,4CAA4C,uBACvD;CACE,KAAK;CACL,QAAQC,SAAE,QAAQ;CACnB,CACF;;;;;;;ACDD,MAAa,mCAAmC,MAAO,KAAK;;;;;;;;;;;;;AAc5D,MAAa,uBAAuB,OAAO,SAASC,4CAAkB,KAAK;CACzE,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,oBAAoB,MAAM,KAAK,QAAQ,QAC3C,0CACD;AAOD,KAL2B,QAAQ,OAAO,gBAAgB,IAKhC,EAJR,qBAAqB,oBAAoB,KAAK,KAAK,KAI7B,WAAW,OAAO,CACxD,QAAO,OAAO;CAGhB,MAAM,YAAYC,0CAAgB,EAAE,EAAE,OAAO;AAE7C,MAAK,OAAO,MAAM,sDAAsD;CAExE,MAAM,UAAU,YACd,UAAU,uBACR;EACE,eAAe,KAAK;EACpB,YAAY,GAAGC,0CAAgB,GAAG,KAAK;EACxC,EACD,EACE,aAAa,QACd,CACF;CAEH,MAAM,kBAAkB,MAAM,YAAY;EACxC,IAAI;EACJ,YAAY;EACb,CAAC;AAEF,MAAK,MAAM,IAAI,EAAE,iBAAiB,mBAAmB,MAAM,CAAC;AAE5D,OAAM,KAAK,QAAQ,QACjB,2CACA,KAAK,KAAK,GAAG,iCACd;AAED,QAAO;;;;;;AC9DT,MAAa,sBAAsB,OACjC,WACyB;CACzB,MAAM,OAAOC,kCAAQ,OAAO;AAE5B,OAAM,KAAK,SAAS,UAAU,UAAU;CAExC,MAAM,YAAY,MAAM,KAAK,SAAS,YAAY,UAAU;AAE5D,yCAAc,WAAW,uBAAuB;AAEhD,MAAK,MAAM,IAAI,EACb,aAAa,WACd,CAAC;AAEF,QAAO,EAAE,WAAW;;;;;;ACdtB,MAAa,iDACX,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAMC,qCAAkD,IAAI,KAAK;AAIjE,CAFuBC,4CAAkB,OAAO,CAEjC,SAAS,kBAAkB;AACxC,MAAI,mBAAmB,IAAI,cAAc,kBAAkB,CACzD;AAGF,MAAI;GACF,MAAM,iBAAiBC,6DACrB,EACE,eACD,EACD,OACD;AAED,sBAAmB,IAAI,cAAc,mBAAmB,eAAe;WAChE,OAAO;AACd,QAAK,OAAO,MAAM,gDAAgD;IAChE;IACA,eAAe,cAAc;IAC9B,CAAC;;GAEJ;AAEF,QAAO,MAAM,KAAK,mBAAmB,QAAQ,CAAC;;;;;;;;;;;;;;ACxBhD,MAAa,yBAAyB,OACpC,EAAE,UACF,WACG;CACH,MAAM,OAAOC,kCAAQ,OAAO;CAE5B,MAAM,kBAAkB,8CAA8C,OAAO;AAE7E,OAAM,QAAQ,IACZ,gBAAgB,IAAI,OAAO,mBAAmB;AAC5C,MAAI,CAAC,eAAe,QAAS;AAC7B,MAAI;AACF,SAAM,eAAe,QAAQ,EAAE,QAAQ,CAAC;WACjC,KAAK;AACZ,QAAK,OAAO,MACV,oCAAoC,eAAe,OACnD,IACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;;ACDH,MAAK,mBAAA,OACH,EAAA,qBAEA;;;AAKA,OAAE,uBAAkB,EAAA,QAAmB,EAAC,OAAO;AAE/C,KAAE,OAAI,SAAA,MAAA;EACJ,MAAE,YAAgB,0CAAc,EAAA,EAAA,OAAA;AAEhC,MAAI;AACF,SAAM,UAAQ,cAAA,EACd,eAAiB,KAAE,eACrB,CAAA;;AAEE,QAAA,OAAA,MAAA,4BAAA,MAAA;;;;;;AAOF,MAAG,0CAAA,OAAA,CACH,qCACF,GAAA,mDAAA;;AAKA,OAAE,KAAA,SAAkB,UAAA,UAAA;AAEpB,MAAE,MAAA,IAAa;EACb,cAAc;EACd,sBAAsB,EAAA;EACtB,aAAa;EACb,UAAO;EACP,kBAAA;EACA,aAAU;EACV,OAAA;;EAEF,MAAA;;AAGA,qCAAK;EAAA,MAAA,EAAA,QAAqB;EAAA,OAAO;EAAA,EAAA,OAAA;AAGjC,CAAK,qBAAoB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC/DlC,MAAE,mBAAsB,SAAU,4CAAU,KAAA;;;AAK1C,yCAAY,UAAI,qBAAA;kBAGhB,UAAO,MACR,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACdD,MAAa,gBAAgB,OAAO,SAASC,4CAAkB,KAAK;CAClE,MAAM,OAAOC,kCAAQ,OAAO;AAQ5B,QALuB,MAFLC,0CAAgB,EAAE,EAAE,OAAO,CAEN,kBAAkB;EACvD,eAAe,KAAK;EACpB,cAAc;EACf,CAAC;;;;;;;;;;;;;;;;ACDJ,MAAa,yBAAyB,OACpC,EAAE,aACF,SAASC,4CAAkB,KACxB;CACH,MAAM,kBAAkB,OAAO;AAQ/B,KAAI,CANwB,iBAAiB,UAAU,KAAK,SAAS,MAClE,WAAW,OAAO,WAAW,aAAa,OAAO,SACnD,CAKC,QAAO;AAMT,KAH4B,iBAAiB,UAAU,KAAK,SAI1D,QAAO;AAMT,SAHmB,MAAM,cAAc,OAAO,EAG5B"}
@@ -1,4 +1,4 @@
1
- import { $ as getCore, H as assertDefined, O as createApiClient, Q as BaseError, Y as getDefaultClient, l as instrumentFunction } from "./InvalidParamError-DYezznCD.native.esm.js";
1
+ import { $ as getCore, H as assertDefined, O as createApiClient, Q as BaseError, Y as getDefaultClient, l as instrumentFunction } from "./InvalidParamError-5AXtm6Zp.native.esm.js";
2
2
 
3
3
  //#region src/errors/NativeModuleNotLinkedError.ts
4
4
  var NativeModuleNotLinkedError = class extends BaseError {
@@ -105,4 +105,4 @@ const isMfaRequiredForAction = async ({ mfaAction }, client = getDefaultClient()
105
105
 
106
106
  //#endregion
107
107
  export { NativeModuleNotLinkedError as i, getMfaMethods as n, __consumeMfaToken_wrapped as r, isMfaRequiredForAction as t };
108
- //# sourceMappingURL=isMfaRequiredForAction-juTvf3Pl.native.esm.js.map
108
+ //# sourceMappingURL=isMfaRequiredForAction-CBW-d9C6.native.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"isMfaRequiredForAction-juTvf3Pl.native.esm.js","names":[],"sources":["../src/errors/NativeModuleNotLinkedError.ts","../src/modules/mfa/consumeMfaToken/consumeMfaToken.ts","../src/modules/mfa/getMfaMethods/getMfaMethods.ts","../src/modules/mfa/isMfaRequiredForAction/isMfaRequiredForAction.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype NativeModuleNotLinkedErrorParams = {\n moduleName: string;\n};\n\nexport class NativeModuleNotLinkedError extends BaseError {\n constructor({ moduleName }: NativeModuleNotLinkedErrorParams) {\n super({\n cause: null,\n code: 'native_module_not_linked_error',\n details: [\n `The \"${moduleName}\" TurboModule is not registered with React Native.`,\n 'This usually means the native module was not autolinked into the host app,',\n 'or the app binary was not rebuilt after installing the SDK.',\n '',\n 'To resolve:',\n ' 1. Ensure \"@dynamic-labs-sdk/client\" is a direct dependency of the app',\n ' and reinstall (e.g. `pnpm install`).',\n ' 2. Rebuild the native app:',\n ' iOS: `cd ios && pod install && cd .. && npx react-native run-ios`',\n ' Android: `npx react-native run-android`',\n ' Expo: `npx expo prebuild --clean` then run the app.',\n ' 3. Confirm autolinking sees the package:',\n ' `npx expo-modules-autolinking react-native-config --json`',\n ].join('\\n'),\n docsUrl: null,\n name: 'NativeModuleNotLinkedError',\n shortMessage: `Native TurboModule \"${moduleName}\" is not linked.`,\n });\n }\n}\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Consumes and clears the current MFA token from the client state.\n *\n * This function retrieves the MFA token obtained from a successful MFA authentication,\n * and removes it from the client, to prevent it from being used again.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns The MFA token that was consumed.\n * @throws Error if no MFA token is found.\n * @instrumented\n * @redact-params\n */\nexport const consumeMfaToken = (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const mfaToken = core.state.get().mfaToken;\n\n assertDefined(mfaToken, 'No MFA token found');\n\n core.state.set({\n mfaToken: null,\n });\n\n return mfaToken;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { createApiClient } from '../../apiClient';\n\n/**\n * Retrieves the available MFA methods for the current user.\n *\n * This function fetches information about which multi-factor authentication\n * methods are available and configured for the user's account.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the user's MFA methods configuration.\n * @notInstrumented\n */\nexport const getMfaMethods = async (client = getDefaultClient()) => {\n const core = getCore(client);\n const apiClient = createApiClient({}, client);\n\n const userMfaMethods = await apiClient.getUserMfaMethods({\n environmentId: core.environmentId,\n verifiedOnly: true,\n });\n\n return userMfaMethods;\n};\n","import type { MFAAction } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { getMfaMethods } from '../getMfaMethods';\n\ntype IsMfaRequiredForActionParams = {\n mfaAction: MFAAction;\n};\n\n/**\n * Checks if MFA is required for a specific action.\n *\n * This function determines whether multi-factor authentication is required\n * for the specified action based on project settings and user configuration.\n *\n * @param params.mfaAction - The action to check MFA requirements for.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to true if MFA is required for the action, false otherwise.\n * @notInstrumented\n */\nexport const isMfaRequiredForAction = async (\n { mfaAction }: IsMfaRequiredForActionParams,\n client = getDefaultClient()\n) => {\n const projectSettings = client.projectSettings;\n\n const isRequiredForAction = projectSettings?.security?.mfa?.actions?.some(\n (action) => action.action === mfaAction && action.required\n );\n\n // if mfa is not required for the action, return false\n // no matter if general mfa is set to required or not\n if (!isRequiredForAction) {\n return false;\n }\n\n const isMfaMethodRequired = projectSettings?.security?.mfa?.required;\n\n // if mfa is required for the action and also set as required in general, return true\n if (isMfaMethodRequired) {\n return true;\n }\n\n const mfaMethods = await getMfaMethods(client);\n // if general mfa is optional, but user has registered methods,\n // then it should be required for the action\n return mfaMethods.userHasVerifiedMfaMethods;\n};\n"],"mappings":";;;AAMA,IAAa,6BAAb,cAAgD,UAAU;CACxD,YAAY,EAAE,cAAgD;AAC5D,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;IACP,QAAQ,WAAW;IACnB;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACD,CAAC,KAAK,KAAK;GACZ,SAAS;GACT,MAAM;GACN,cAAc,uBAAuB,WAAW;GACjD,CAAC;;;;;;;;;;;;;;;;;;ACVN,MAAE,mBAAsB,SAAU,kBAAU,KAAA;;;AAK1C,eAAY,UAAI,qBAAA;kBAGhB,UAAO,MACR,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACdD,MAAa,gBAAgB,OAAO,SAAS,kBAAkB,KAAK;CAClE,MAAM,OAAO,QAAQ,OAAO;AAQ5B,QALuB,MAFL,gBAAgB,EAAE,EAAE,OAAO,CAEN,kBAAkB;EACvD,eAAe,KAAK;EACpB,cAAc;EACf,CAAC;;;;;;;;;;;;;;;;ACDJ,MAAa,yBAAyB,OACpC,EAAE,aACF,SAAS,kBAAkB,KACxB;CACH,MAAM,kBAAkB,OAAO;AAQ/B,KAAI,CANwB,iBAAiB,UAAU,KAAK,SAAS,MAClE,WAAW,OAAO,WAAW,aAAa,OAAO,SACnD,CAKC,QAAO;AAMT,KAH4B,iBAAiB,UAAU,KAAK,SAI1D,QAAO;AAMT,SAHmB,MAAM,cAAc,OAAO,EAG5B"}
1
+ {"version":3,"file":"isMfaRequiredForAction-CBW-d9C6.native.esm.js","names":[],"sources":["../src/errors/NativeModuleNotLinkedError.ts","../src/modules/mfa/consumeMfaToken/consumeMfaToken.ts","../src/modules/mfa/getMfaMethods/getMfaMethods.ts","../src/modules/mfa/isMfaRequiredForAction/isMfaRequiredForAction.ts"],"sourcesContent":["import { BaseError } from './base';\n\ntype NativeModuleNotLinkedErrorParams = {\n moduleName: string;\n};\n\nexport class NativeModuleNotLinkedError extends BaseError {\n constructor({ moduleName }: NativeModuleNotLinkedErrorParams) {\n super({\n cause: null,\n code: 'native_module_not_linked_error',\n details: [\n `The \"${moduleName}\" TurboModule is not registered with React Native.`,\n 'This usually means the native module was not autolinked into the host app,',\n 'or the app binary was not rebuilt after installing the SDK.',\n '',\n 'To resolve:',\n ' 1. Ensure \"@dynamic-labs-sdk/client\" is a direct dependency of the app',\n ' and reinstall (e.g. `pnpm install`).',\n ' 2. Rebuild the native app:',\n ' iOS: `cd ios && pod install && cd .. && npx react-native run-ios`',\n ' Android: `npx react-native run-android`',\n ' Expo: `npx expo prebuild --clean` then run the app.',\n ' 3. Confirm autolinking sees the package:',\n ' `npx expo-modules-autolinking react-native-config --json`',\n ].join('\\n'),\n docsUrl: null,\n name: 'NativeModuleNotLinkedError',\n shortMessage: `Native TurboModule \"${moduleName}\" is not linked.`,\n });\n }\n}\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Consumes and clears the current MFA token from the client state.\n *\n * This function retrieves the MFA token obtained from a successful MFA authentication,\n * and removes it from the client, to prevent it from being used again.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns The MFA token that was consumed.\n * @throws Error if no MFA token is found.\n * @instrumented\n * @redact-params\n */\nexport const consumeMfaToken = (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const mfaToken = core.state.get().mfaToken;\n\n assertDefined(mfaToken, 'No MFA token found');\n\n core.state.set({\n mfaToken: null,\n });\n\n return mfaToken;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { createApiClient } from '../../apiClient';\n\n/**\n * Retrieves the available MFA methods for the current user.\n *\n * This function fetches information about which multi-factor authentication\n * methods are available and configured for the user's account.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the user's MFA methods configuration.\n * @notInstrumented\n */\nexport const getMfaMethods = async (client = getDefaultClient()) => {\n const core = getCore(client);\n const apiClient = createApiClient({}, client);\n\n const userMfaMethods = await apiClient.getUserMfaMethods({\n environmentId: core.environmentId,\n verifiedOnly: true,\n });\n\n return userMfaMethods;\n};\n","import type { MFAAction } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { getMfaMethods } from '../getMfaMethods';\n\ntype IsMfaRequiredForActionParams = {\n mfaAction: MFAAction;\n};\n\n/**\n * Checks if MFA is required for a specific action.\n *\n * This function determines whether multi-factor authentication is required\n * for the specified action based on project settings and user configuration.\n *\n * @param params.mfaAction - The action to check MFA requirements for.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to true if MFA is required for the action, false otherwise.\n * @notInstrumented\n */\nexport const isMfaRequiredForAction = async (\n { mfaAction }: IsMfaRequiredForActionParams,\n client = getDefaultClient()\n) => {\n const projectSettings = client.projectSettings;\n\n const isRequiredForAction = projectSettings?.security?.mfa?.actions?.some(\n (action) => action.action === mfaAction && action.required\n );\n\n // if mfa is not required for the action, return false\n // no matter if general mfa is set to required or not\n if (!isRequiredForAction) {\n return false;\n }\n\n const isMfaMethodRequired = projectSettings?.security?.mfa?.required;\n\n // if mfa is required for the action and also set as required in general, return true\n if (isMfaMethodRequired) {\n return true;\n }\n\n const mfaMethods = await getMfaMethods(client);\n // if general mfa is optional, but user has registered methods,\n // then it should be required for the action\n return mfaMethods.userHasVerifiedMfaMethods;\n};\n"],"mappings":";;;AAMA,IAAa,6BAAb,cAAgD,UAAU;CACxD,YAAY,EAAE,cAAgD;AAC5D,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;IACP,QAAQ,WAAW;IACnB;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACD,CAAC,KAAK,KAAK;GACZ,SAAS;GACT,MAAM;GACN,cAAc,uBAAuB,WAAW;GACjD,CAAC;;;;;;;;;;;;;;;;;;ACVN,MAAE,mBAAsB,SAAU,kBAAU,KAAA;;;AAK1C,eAAY,UAAI,qBAAA;kBAGhB,UAAO,MACR,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACdD,MAAa,gBAAgB,OAAO,SAAS,kBAAkB,KAAK;CAClE,MAAM,OAAO,QAAQ,OAAO;AAQ5B,QALuB,MAFL,gBAAgB,EAAE,EAAE,OAAO,CAEN,kBAAkB;EACvD,eAAe,KAAK;EACpB,cAAc;EACf,CAAC;;;;;;;;;;;;;;;;ACDJ,MAAa,yBAAyB,OACpC,EAAE,aACF,SAAS,kBAAkB,KACxB;CACH,MAAM,kBAAkB,OAAO;AAQ/B,KAAI,CANwB,iBAAiB,UAAU,KAAK,SAAS,MAClE,WAAW,OAAO,WAAW,aAAa,OAAO,SACnD,CAKC,QAAO;AAMT,KAH4B,iBAAiB,UAAU,KAAK,SAI1D,QAAO;AAMT,SAHmB,MAAM,cAAc,OAAO,EAG5B"}
@@ -1,4 +1,4 @@
1
- import { I as setCookie, M as emitEvent, Q as assertDefined, R as createApiClient, S as getWalletAccounts, Z as isCookieEnabled, _ as getWalletProviderFromWalletAccount, at as getDefaultClient, ct as BaseError, g as DYNAMIC_AUTH_COOKIE_NAME, l as instrumentFunction, lt as getCore, nt as CLIENT_SDK_NAME } from "./InvalidParamError-Dn_riAvL.esm.js";
1
+ import { I as setCookie, M as emitEvent, Q as assertDefined, R as createApiClient, S as getWalletAccounts, Z as isCookieEnabled, _ as getWalletProviderFromWalletAccount, at as getDefaultClient, ct as BaseError, g as DYNAMIC_AUTH_COOKIE_NAME, l as instrumentFunction, lt as getCore, nt as CLIENT_SDK_NAME } from "./InvalidParamError-PQ2Xen_o.esm.js";
2
2
  import * as z from "zod/mini";
3
3
 
4
4
  //#region src/utils/retryOnFail/InvalidRetryOnFailCallError.ts
@@ -316,4 +316,4 @@ const isMfaRequiredForAction = async ({ mfaAction }, client = getDefaultClient()
316
316
 
317
317
  //#endregion
318
318
  export { generateSessionKeys as a, isSignedIn as c, __logoutWithReason_wrapped as i, retryOnFail as l, getMfaMethods as n, fetchProjectSettings as o, __consumeMfaToken_wrapped as r, createStorageKeySchema as s, isMfaRequiredForAction as t };
319
- //# sourceMappingURL=isMfaRequiredForAction-CgVdSGRA.esm.js.map
319
+ //# sourceMappingURL=isMfaRequiredForAction-CkX6CfJf.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"isMfaRequiredForAction-CgVdSGRA.esm.js","names":["walletProvidersMap: Map<string, WalletProvider>"],"sources":["../src/utils/retryOnFail/InvalidRetryOnFailCallError.ts","../src/utils/retryOnFail/retryOnFail.ts","../src/modules/auth/isSignedIn/isSignedIn.ts","../src/services/storage/createStorageKeySchema/createStorageKeySchema.ts","../src/modules/projectSettings/fetchProjectSettings/projectSettingsExpirationScheme.ts","../src/modules/projectSettings/fetchProjectSettings/fetchProjectSettings.ts","../src/modules/sessionKeys/generateSessionKeys/generateSessionKeys.ts","../src/modules/wallets/utils/getAvailableWalletProvidersFromWalletAccounts/getAvailableWalletProvidersFromWalletAccounts.ts","../src/modules/wallets/destroyWalletProviders/destroyWalletProviders.ts","../src/modules/auth/logoutWithReason/logoutWithReason.ts","../src/modules/mfa/consumeMfaToken/consumeMfaToken.ts","../src/modules/mfa/getMfaMethods/getMfaMethods.ts","../src/modules/mfa/isMfaRequiredForAction/isMfaRequiredForAction.ts"],"sourcesContent":["import { BaseError } from '../../errors/base';\n\n/**\n * This error is thrown when the `retryOnFail` function is called with an invalid\n * number of retries (i.e. less than 0).\n */\nexport class InvalidRetryOnFailCallError extends BaseError {\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(maxRetries: number) {\n super({\n cause: null,\n code: 'invalid_retry_on_fail_call_error',\n docsUrl: null,\n name: 'InvalidRetryOnFailCallError',\n shortMessage: `Invalid retries parameter for retryOnFail call: ${maxRetries}`,\n });\n }\n}\n","import { InvalidRetryOnFailCallError } from './InvalidRetryOnFailCallError';\n\nexport type RetryOnFailParams<T> = {\n /**\n * The delay between retries in milliseconds.\n */\n delay?: number;\n /**\n * The function to call.\n */\n fn: () => Promise<T>;\n /**\n * The maximum number of retries.\n *\n * When set to 0, the function will be called only once and is\n * therefore equivalent to calling the function directly.\n */\n maxRetries: number;\n};\n\n/** @notInstrumented */\nexport const retryOnFail = async <T>({\n delay = 0,\n fn,\n maxRetries,\n}: RetryOnFailParams<T>) => {\n for (let retry = 0; retry <= maxRetries; retry++) {\n try {\n return await fn();\n } catch (error) {\n if (retry >= maxRetries) {\n throw error;\n }\n\n if (delay > 0) {\n await new Promise((resolve) => setTimeout(resolve, delay));\n }\n }\n }\n\n /**\n * Reaching this point should never happen and this\n * error is thrown to help us debug the issue.\n */\n throw new InvalidRetryOnFailCallError(maxRetries);\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\n\n/**\n * Checks if the user is currently signed in to the Dynamic client.\n *\n * The client is considered to be in a signed in state if a user has\n * authenticated or if the client has at least one wallet connected.\n *\n * @deprecated What counts as \"signed in\" is your app's business logic, not the\n * SDK's. This helper bakes in one opinion (a user OR any connected wallet),\n * which rarely matches every app and forces a dependency on us for every\n * variation. Compose your own check from the underlying primitives instead —\n * e.g. `Boolean(client.user) || isAnyWalletAccountConnected(client)` — and\n * layer in whatever your app requires (device registration, completed\n * onboarding, satisfied MFA, a required embedded wallet, …). See the\n * \"Check if signed in\" guide:\n * https://www.dynamic.xyz/docs/javascript/user-session-management\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if the user is signed in, false otherwise.\n * @notInstrumented\n */\nexport const isSignedIn = (client = getDefaultClient()) =>\n Boolean(client.user || getWalletAccounts(client).length > 0);\n","import type * as z from 'zod/mini';\n\nimport type { StorageKeySchema, StorageKeySchemaConfig } from '../storage.types';\n\n/** @notInstrumented */\nexport const createStorageKeySchema = <T>(params: {\n config?: StorageKeySchemaConfig;\n key: string;\n schema: z.ZodMiniType<T>;\n}): StorageKeySchema<T> => {\n return params;\n};\n","import * as z from 'zod/mini';\n\nimport { createStorageKeySchema } from '../../../services/storage';\n\n/**\n * The schema to track the expiration time of the project settings.\n */\nexport const projectSettingsExpirationStorageKeySchema = createStorageKeySchema(\n {\n key: 'projectSettingsExpiration',\n schema: z.number(),\n }\n);\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { retryOnFail } from '../../../utils/retryOnFail';\nimport { createApiClient } from '../../apiClient';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { isSignedIn } from '../../auth/isSignedIn';\nimport { projectSettingsExpirationStorageKeySchema } from './projectSettingsExpirationScheme';\n\n/**\n * Expiration time of the project settings in milliseconds.\n */\nexport const PROJECT_SETTINGS_EXPIRATION_TIME = 1000 * 60 * 5; // 5 minutes\n\n/**\n * Fetches and updates the project settings from the API.\n *\n * This function retrieves the latest project configuration settings\n * from Dynamic's servers, including authentication options, enabled chains,\n * and security configurations. The settings are cached for performance.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the updated project settings.\n * @notInstrumented\n * @noHook Internal settings fetch that is not part of the public hook surface.\n */\nexport const fetchProjectSettings = async (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const currentExpiration = await core.storage.getItem(\n projectSettingsExpirationStorageKeySchema\n );\n\n const hasProjectSettings = Boolean(client.projectSettings);\n const isExpired = currentExpiration && currentExpiration < Date.now();\n\n // We want to cache the project settings if its valid and user is connected.\n // This avoids unnecessary API calls and speeds up the initial load.\n if (hasProjectSettings && !isExpired && isSignedIn(client)) {\n return client.projectSettings;\n }\n\n const apiClient = createApiClient({}, client);\n\n core.logger.debug('[fetchProjectSettings] Fetching project settings...');\n\n const doFetch = async () =>\n apiClient.getEnvironmentSettings(\n {\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n },\n {\n credentials: 'omit',\n }\n );\n\n const projectSettings = await retryOnFail({\n fn: doFetch,\n maxRetries: 2,\n });\n\n core.state.set({ projectSettings: projectSettings ?? null });\n\n await core.storage.setItem(\n projectSettingsExpirationStorageKeySchema,\n Date.now() + PROJECT_SETTINGS_EXPIRATION_TIME\n );\n\n return projectSettings;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport type { SessionKeys } from '../sessionKeys.types';\n\n/** @notInstrumented */\nexport const generateSessionKeys = async (\n client: DynamicClient\n): Promise<SessionKeys> => {\n const core = getCore(client);\n\n await core.keychain.removeKey('session');\n\n const publicKey = await core.keychain.generateKey('session');\n\n assertDefined(publicKey, 'Public key not found');\n\n core.state.set({\n sessionKeys: publicKey,\n });\n\n return { publicKey };\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { getWalletAccounts } from '../../getWalletAccounts';\nimport type { WalletProvider } from '../../walletProvider';\nimport { getWalletProviderFromWalletAccount } from '../getWalletProviderFromWalletAccount';\n\n/** @notInstrumented */\nexport const getAvailableWalletProvidersFromWalletAccounts = (\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletProvidersMap: Map<string, WalletProvider> = new Map();\n\n const walletAccounts = getWalletAccounts(client);\n\n walletAccounts.forEach((walletAccount) => {\n if (walletProvidersMap.has(walletAccount.walletProviderKey)) {\n return;\n }\n\n try {\n const walletProvider = getWalletProviderFromWalletAccount(\n {\n walletAccount,\n },\n client\n );\n\n walletProvidersMap.set(walletAccount.walletProviderKey, walletProvider);\n } catch (error) {\n core.logger.debug('Wallet provider not found for wallet account', {\n error,\n walletAccount: walletAccount.address,\n });\n }\n });\n\n return Array.from(walletProvidersMap.values());\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { LogoutReason } from '../../auth/logoutReason';\nimport { getAvailableWalletProvidersFromWalletAccounts } from '../utils/getAvailableWalletProvidersFromWalletAccounts';\n\n/**\n * Tear down every wallet provider on the client.\n *\n * Each provider's `destroy` is responsible for its own local + remote\n * cleanup. We swallow errors so a failing destroy on one provider does not\n * block teardown of the others (e.g. during logout).\n *\n * @notInstrumented\n */\nexport const destroyWalletProviders = async (\n { reason }: { reason?: LogoutReason },\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletProviders = getAvailableWalletProvidersFromWalletAccounts(client);\n\n await Promise.all(\n walletProviders.map(async (walletProvider) => {\n if (!walletProvider.destroy) return;\n try {\n await walletProvider.destroy({ reason });\n } catch (err) {\n core.logger.error(\n `Error destroying wallet provider ${walletProvider.key}`,\n err\n );\n }\n })\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { getCore } from '../../../client/core/getCore';\nimport { setCookie } from '../../../utils/setCookie';\nimport { createApiClient } from '../../apiClient';\nimport { emitEvent } from '../../clientEvents';\nimport { fetchProjectSettings } from '../../projectSettings/fetchProjectSettings';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { generateSessionKeys } from '../../sessionKeys/generateSessionKeys';\nimport { destroyWalletProviders } from '../../wallets/destroyWalletProviders';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport type { LogoutReason } from '../logoutReason';\n\n/**\n * Logs the user out with an explicit reason.\n *\n * Revokes the session, clears auth state, terminates wallet providers, and\n * emits the `logout` client event with the given reason. The reason is also\n * captured as an argument on the function-instrumentation event, which is\n * how Datadog distinguishes between different logout causes.\n *\n * Use this instead of the public `logout` when triggering a logout from\n * internal or extension code — the caller owns the reason string, so the\n * telemetry correctly attributes *why* the logout happened.\n *\n * @param params - The logout params.\n * @param params.reason - Why the logout is being triggered. Extension authors\n * needing a reason outside the SDK catalog can cast with `as LogoutReason`.\n * @param client - The Dynamic client instance.\n * @instrumented\n */\nexport const logoutWithReason = async (\n { reason }: { reason: LogoutReason },\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n core.logger.debug('[logoutWithReason] Logging out...', { reason });\n\n await destroyWalletProviders({ reason }, client);\n\n if (client.user !== null) {\n const apiClient = createApiClient({}, client);\n\n try {\n await apiClient.revokeSession({\n environmentId: core.environmentId,\n });\n } catch (error) {\n core.logger.error('Failed to revoke session', error);\n }\n\n /**\n * This deletes the auth cookie if it exists.\n * If the cookie doesn't exist, this sets a new cookie that expires immediately.\n */\n if (isCookieEnabled(client)) {\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=; Max-Age=-99999999; path=/; SameSite=Lax`\n );\n }\n }\n\n await core.keychain.removeKey('session');\n\n core.state.set({\n captchaToken: null,\n elevatedAccessTokens: [],\n legacyToken: null,\n mfaToken: null,\n sessionExpiresAt: null,\n sessionKeys: null,\n token: null,\n unverifiedWalletAccounts: [],\n user: null,\n });\n\n emitEvent({ args: { reason }, event: 'logout' }, client);\n\n // Refetch project settings\n void fetchProjectSettings(client);\n\n // Regenerate session keys\n void generateSessionKeys(client);\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Consumes and clears the current MFA token from the client state.\n *\n * This function retrieves the MFA token obtained from a successful MFA authentication,\n * and removes it from the client, to prevent it from being used again.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns The MFA token that was consumed.\n * @throws Error if no MFA token is found.\n * @instrumented\n * @redact-params\n */\nexport const consumeMfaToken = (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const mfaToken = core.state.get().mfaToken;\n\n assertDefined(mfaToken, 'No MFA token found');\n\n core.state.set({\n mfaToken: null,\n });\n\n return mfaToken;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { createApiClient } from '../../apiClient';\n\n/**\n * Retrieves the available MFA methods for the current user.\n *\n * This function fetches information about which multi-factor authentication\n * methods are available and configured for the user's account.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the user's MFA methods configuration.\n * @notInstrumented\n */\nexport const getMfaMethods = async (client = getDefaultClient()) => {\n const core = getCore(client);\n const apiClient = createApiClient({}, client);\n\n const userMfaMethods = await apiClient.getUserMfaMethods({\n environmentId: core.environmentId,\n verifiedOnly: true,\n });\n\n return userMfaMethods;\n};\n","import type { MFAAction } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { getMfaMethods } from '../getMfaMethods';\n\ntype IsMfaRequiredForActionParams = {\n mfaAction: MFAAction;\n};\n\n/**\n * Checks if MFA is required for a specific action.\n *\n * This function determines whether multi-factor authentication is required\n * for the specified action based on project settings and user configuration.\n *\n * @param params.mfaAction - The action to check MFA requirements for.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to true if MFA is required for the action, false otherwise.\n * @notInstrumented\n */\nexport const isMfaRequiredForAction = async (\n { mfaAction }: IsMfaRequiredForActionParams,\n client = getDefaultClient()\n) => {\n const projectSettings = client.projectSettings;\n\n const isRequiredForAction = projectSettings?.security?.mfa?.actions?.some(\n (action) => action.action === mfaAction && action.required\n );\n\n // if mfa is not required for the action, return false\n // no matter if general mfa is set to required or not\n if (!isRequiredForAction) {\n return false;\n }\n\n const isMfaMethodRequired = projectSettings?.security?.mfa?.required;\n\n // if mfa is required for the action and also set as required in general, return true\n if (isMfaMethodRequired) {\n return true;\n }\n\n const mfaMethods = await getMfaMethods(client);\n // if general mfa is optional, but user has registered methods,\n // then it should be required for the action\n return mfaMethods.userHasVerifiedMfaMethods;\n};\n"],"mappings":";;;;;;;;AAMA,IAAa,8BAAb,cAAiD,UAAU;CAEzD,YAAY,YAAoB;AAC9B,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,mDAAmD;GAClE,CAAC;;;;;;;ACMN,MAAa,cAAc,OAAU,EACnC,QAAQ,GACR,IACA,iBAC0B;AAC1B,MAAK,IAAI,QAAQ,GAAG,SAAS,YAAY,QACvC,KAAI;AACF,SAAO,MAAM,IAAI;UACV,OAAO;AACd,MAAI,SAAS,WACX,OAAM;AAGR,MAAI,QAAQ,EACV,OAAM,IAAI,SAAS,YAAY,WAAW,SAAS,MAAM,CAAC;;;;;;AAShE,OAAM,IAAI,4BAA4B,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;ACrBnD,MAAa,cAAc,SAAS,kBAAkB,KACpD,QAAQ,OAAO,QAAQ,kBAAkB,OAAO,CAAC,SAAS,EAAE;;;;;ACnB9D,MAAa,0BAA6B,WAIf;AACzB,QAAO;;;;;;;;ACHT,MAAa,4CAA4C,uBACvD;CACE,KAAK;CACL,QAAQ,EAAE,QAAQ;CACnB,CACF;;;;;;;ACDD,MAAa,mCAAmC,MAAO,KAAK;;;;;;;;;;;;;AAc5D,MAAa,uBAAuB,OAAO,SAAS,kBAAkB,KAAK;CACzE,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,oBAAoB,MAAM,KAAK,QAAQ,QAC3C,0CACD;AAOD,KAL2B,QAAQ,OAAO,gBAAgB,IAKhC,EAJR,qBAAqB,oBAAoB,KAAK,KAAK,KAI7B,WAAW,OAAO,CACxD,QAAO,OAAO;CAGhB,MAAM,YAAY,gBAAgB,EAAE,EAAE,OAAO;AAE7C,MAAK,OAAO,MAAM,sDAAsD;CAExE,MAAM,UAAU,YACd,UAAU,uBACR;EACE,eAAe,KAAK;EACpB,YAAY,GAAG,gBAAgB,GAAG,KAAK;EACxC,EACD,EACE,aAAa,QACd,CACF;CAEH,MAAM,kBAAkB,MAAM,YAAY;EACxC,IAAI;EACJ,YAAY;EACb,CAAC;AAEF,MAAK,MAAM,IAAI,EAAE,iBAAiB,mBAAmB,MAAM,CAAC;AAE5D,OAAM,KAAK,QAAQ,QACjB,2CACA,KAAK,KAAK,GAAG,iCACd;AAED,QAAO;;;;;;AC9DT,MAAa,sBAAsB,OACjC,WACyB;CACzB,MAAM,OAAO,QAAQ,OAAO;AAE5B,OAAM,KAAK,SAAS,UAAU,UAAU;CAExC,MAAM,YAAY,MAAM,KAAK,SAAS,YAAY,UAAU;AAE5D,eAAc,WAAW,uBAAuB;AAEhD,MAAK,MAAM,IAAI,EACb,aAAa,WACd,CAAC;AAEF,QAAO,EAAE,WAAW;;;;;;ACdtB,MAAa,iDACX,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAMA,qCAAkD,IAAI,KAAK;AAIjE,CAFuB,kBAAkB,OAAO,CAEjC,SAAS,kBAAkB;AACxC,MAAI,mBAAmB,IAAI,cAAc,kBAAkB,CACzD;AAGF,MAAI;GACF,MAAM,iBAAiB,mCACrB,EACE,eACD,EACD,OACD;AAED,sBAAmB,IAAI,cAAc,mBAAmB,eAAe;WAChE,OAAO;AACd,QAAK,OAAO,MAAM,gDAAgD;IAChE;IACA,eAAe,cAAc;IAC9B,CAAC;;GAEJ;AAEF,QAAO,MAAM,KAAK,mBAAmB,QAAQ,CAAC;;;;;;;;;;;;;;ACxBhD,MAAa,yBAAyB,OACpC,EAAE,UACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,kBAAkB,8CAA8C,OAAO;AAE7E,OAAM,QAAQ,IACZ,gBAAgB,IAAI,OAAO,mBAAmB;AAC5C,MAAI,CAAC,eAAe,QAAS;AAC7B,MAAI;AACF,SAAM,eAAe,QAAQ,EAAE,QAAQ,CAAC;WACjC,KAAK;AACZ,QAAK,OAAO,MACV,oCAAoC,eAAe,OACnD,IACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;;ACDH,MAAK,mBAAA,OACH,EAAA,qBAEA;;;AAKA,OAAE,uBAAkB,EAAA,QAAmB,EAAC,OAAO;AAE/C,KAAE,OAAI,SAAA,MAAA;EACJ,MAAE,YAAgB,gBAAc,EAAA,EAAA,OAAA;AAEhC,MAAI;AACF,SAAM,UAAQ,cAAA,EACd,eAAiB,KAAE,eACrB,CAAA;;AAEE,QAAA,OAAA,MAAA,4BAAA,MAAA;;;;;;AAOF,MAAG,gBAAA,OAAA,CACH,WACF,GAAA,yBAAA;;AAKA,OAAE,KAAA,SAAkB,UAAA,UAAA;AAEpB,MAAE,MAAA,IAAa;EACb,cAAc;EACd,sBAAsB,EAAA;EACtB,aAAa;EACb,UAAO;EACP,kBAAA;EACA,aAAU;EACV,OAAA;;EAEF,MAAA;;AAGA,WAAK;EAAA,MAAA,EAAA,QAAqB;EAAA,OAAO;EAAA,EAAA,OAAA;AAGjC,CAAK,qBAAoB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC/DlC,MAAE,mBAAsB,SAAU,kBAAU,KAAA;;;AAK1C,eAAY,UAAI,qBAAA;kBAGhB,UAAO,MACR,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACdD,MAAa,gBAAgB,OAAO,SAAS,kBAAkB,KAAK;CAClE,MAAM,OAAO,QAAQ,OAAO;AAQ5B,QALuB,MAFL,gBAAgB,EAAE,EAAE,OAAO,CAEN,kBAAkB;EACvD,eAAe,KAAK;EACpB,cAAc;EACf,CAAC;;;;;;;;;;;;;;;;ACDJ,MAAa,yBAAyB,OACpC,EAAE,aACF,SAAS,kBAAkB,KACxB;CACH,MAAM,kBAAkB,OAAO;AAQ/B,KAAI,CANwB,iBAAiB,UAAU,KAAK,SAAS,MAClE,WAAW,OAAO,WAAW,aAAa,OAAO,SACnD,CAKC,QAAO;AAMT,KAH4B,iBAAiB,UAAU,KAAK,SAI1D,QAAO;AAMT,SAHmB,MAAM,cAAc,OAAO,EAG5B"}
1
+ {"version":3,"file":"isMfaRequiredForAction-CkX6CfJf.esm.js","names":["walletProvidersMap: Map<string, WalletProvider>"],"sources":["../src/utils/retryOnFail/InvalidRetryOnFailCallError.ts","../src/utils/retryOnFail/retryOnFail.ts","../src/modules/auth/isSignedIn/isSignedIn.ts","../src/services/storage/createStorageKeySchema/createStorageKeySchema.ts","../src/modules/projectSettings/fetchProjectSettings/projectSettingsExpirationScheme.ts","../src/modules/projectSettings/fetchProjectSettings/fetchProjectSettings.ts","../src/modules/sessionKeys/generateSessionKeys/generateSessionKeys.ts","../src/modules/wallets/utils/getAvailableWalletProvidersFromWalletAccounts/getAvailableWalletProvidersFromWalletAccounts.ts","../src/modules/wallets/destroyWalletProviders/destroyWalletProviders.ts","../src/modules/auth/logoutWithReason/logoutWithReason.ts","../src/modules/mfa/consumeMfaToken/consumeMfaToken.ts","../src/modules/mfa/getMfaMethods/getMfaMethods.ts","../src/modules/mfa/isMfaRequiredForAction/isMfaRequiredForAction.ts"],"sourcesContent":["import { BaseError } from '../../errors/base';\n\n/**\n * This error is thrown when the `retryOnFail` function is called with an invalid\n * number of retries (i.e. less than 0).\n */\nexport class InvalidRetryOnFailCallError extends BaseError {\n // eslint-disable-next-line custom-rules/require-single-object-param\n constructor(maxRetries: number) {\n super({\n cause: null,\n code: 'invalid_retry_on_fail_call_error',\n docsUrl: null,\n name: 'InvalidRetryOnFailCallError',\n shortMessage: `Invalid retries parameter for retryOnFail call: ${maxRetries}`,\n });\n }\n}\n","import { InvalidRetryOnFailCallError } from './InvalidRetryOnFailCallError';\n\nexport type RetryOnFailParams<T> = {\n /**\n * The delay between retries in milliseconds.\n */\n delay?: number;\n /**\n * The function to call.\n */\n fn: () => Promise<T>;\n /**\n * The maximum number of retries.\n *\n * When set to 0, the function will be called only once and is\n * therefore equivalent to calling the function directly.\n */\n maxRetries: number;\n};\n\n/** @notInstrumented */\nexport const retryOnFail = async <T>({\n delay = 0,\n fn,\n maxRetries,\n}: RetryOnFailParams<T>) => {\n for (let retry = 0; retry <= maxRetries; retry++) {\n try {\n return await fn();\n } catch (error) {\n if (retry >= maxRetries) {\n throw error;\n }\n\n if (delay > 0) {\n await new Promise((resolve) => setTimeout(resolve, delay));\n }\n }\n }\n\n /**\n * Reaching this point should never happen and this\n * error is thrown to help us debug the issue.\n */\n throw new InvalidRetryOnFailCallError(maxRetries);\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { getWalletAccounts } from '../../wallets/getWalletAccounts';\n\n/**\n * Checks if the user is currently signed in to the Dynamic client.\n *\n * The client is considered to be in a signed in state if a user has\n * authenticated or if the client has at least one wallet connected.\n *\n * @deprecated What counts as \"signed in\" is your app's business logic, not the\n * SDK's. This helper bakes in one opinion (a user OR any connected wallet),\n * which rarely matches every app and forces a dependency on us for every\n * variation. Compose your own check from the underlying primitives instead —\n * e.g. `Boolean(client.user) || isAnyWalletAccountConnected(client)` — and\n * layer in whatever your app requires (device registration, completed\n * onboarding, satisfied MFA, a required embedded wallet, …). See the\n * \"Check if signed in\" guide:\n * https://www.dynamic.xyz/docs/javascript/user-session-management\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if the user is signed in, false otherwise.\n * @notInstrumented\n */\nexport const isSignedIn = (client = getDefaultClient()) =>\n Boolean(client.user || getWalletAccounts(client).length > 0);\n","import type * as z from 'zod/mini';\n\nimport type { StorageKeySchema, StorageKeySchemaConfig } from '../storage.types';\n\n/** @notInstrumented */\nexport const createStorageKeySchema = <T>(params: {\n config?: StorageKeySchemaConfig;\n key: string;\n schema: z.ZodMiniType<T>;\n}): StorageKeySchema<T> => {\n return params;\n};\n","import * as z from 'zod/mini';\n\nimport { createStorageKeySchema } from '../../../services/storage';\n\n/**\n * The schema to track the expiration time of the project settings.\n */\nexport const projectSettingsExpirationStorageKeySchema = createStorageKeySchema(\n {\n key: 'projectSettingsExpiration',\n schema: z.number(),\n }\n);\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { retryOnFail } from '../../../utils/retryOnFail';\nimport { createApiClient } from '../../apiClient';\nimport { CLIENT_SDK_NAME } from '../../apiClient/constants';\nimport { isSignedIn } from '../../auth/isSignedIn';\nimport { projectSettingsExpirationStorageKeySchema } from './projectSettingsExpirationScheme';\n\n/**\n * Expiration time of the project settings in milliseconds.\n */\nexport const PROJECT_SETTINGS_EXPIRATION_TIME = 1000 * 60 * 5; // 5 minutes\n\n/**\n * Fetches and updates the project settings from the API.\n *\n * This function retrieves the latest project configuration settings\n * from Dynamic's servers, including authentication options, enabled chains,\n * and security configurations. The settings are cached for performance.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the updated project settings.\n * @notInstrumented\n * @noHook Internal settings fetch that is not part of the public hook surface.\n */\nexport const fetchProjectSettings = async (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const currentExpiration = await core.storage.getItem(\n projectSettingsExpirationStorageKeySchema\n );\n\n const hasProjectSettings = Boolean(client.projectSettings);\n const isExpired = currentExpiration && currentExpiration < Date.now();\n\n // We want to cache the project settings if its valid and user is connected.\n // This avoids unnecessary API calls and speeds up the initial load.\n if (hasProjectSettings && !isExpired && isSignedIn(client)) {\n return client.projectSettings;\n }\n\n const apiClient = createApiClient({}, client);\n\n core.logger.debug('[fetchProjectSettings] Fetching project settings...');\n\n const doFetch = async () =>\n apiClient.getEnvironmentSettings(\n {\n environmentId: core.environmentId,\n sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`,\n },\n {\n credentials: 'omit',\n }\n );\n\n const projectSettings = await retryOnFail({\n fn: doFetch,\n maxRetries: 2,\n });\n\n core.state.set({ projectSettings: projectSettings ?? null });\n\n await core.storage.setItem(\n projectSettingsExpirationStorageKeySchema,\n Date.now() + PROJECT_SETTINGS_EXPIRATION_TIME\n );\n\n return projectSettings;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport type { SessionKeys } from '../sessionKeys.types';\n\n/** @notInstrumented */\nexport const generateSessionKeys = async (\n client: DynamicClient\n): Promise<SessionKeys> => {\n const core = getCore(client);\n\n await core.keychain.removeKey('session');\n\n const publicKey = await core.keychain.generateKey('session');\n\n assertDefined(publicKey, 'Public key not found');\n\n core.state.set({\n sessionKeys: publicKey,\n });\n\n return { publicKey };\n};\n","import { getCore } from '../../../../client/core/getCore';\nimport type { DynamicClient } from '../../../../client/types';\nimport { getWalletAccounts } from '../../getWalletAccounts';\nimport type { WalletProvider } from '../../walletProvider';\nimport { getWalletProviderFromWalletAccount } from '../getWalletProviderFromWalletAccount';\n\n/** @notInstrumented */\nexport const getAvailableWalletProvidersFromWalletAccounts = (\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletProvidersMap: Map<string, WalletProvider> = new Map();\n\n const walletAccounts = getWalletAccounts(client);\n\n walletAccounts.forEach((walletAccount) => {\n if (walletProvidersMap.has(walletAccount.walletProviderKey)) {\n return;\n }\n\n try {\n const walletProvider = getWalletProviderFromWalletAccount(\n {\n walletAccount,\n },\n client\n );\n\n walletProvidersMap.set(walletAccount.walletProviderKey, walletProvider);\n } catch (error) {\n core.logger.debug('Wallet provider not found for wallet account', {\n error,\n walletAccount: walletAccount.address,\n });\n }\n });\n\n return Array.from(walletProvidersMap.values());\n};\n","import { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types/DynamicClient';\nimport type { LogoutReason } from '../../auth/logoutReason';\nimport { getAvailableWalletProvidersFromWalletAccounts } from '../utils/getAvailableWalletProvidersFromWalletAccounts';\n\n/**\n * Tear down every wallet provider on the client.\n *\n * Each provider's `destroy` is responsible for its own local + remote\n * cleanup. We swallow errors so a failing destroy on one provider does not\n * block teardown of the others (e.g. during logout).\n *\n * @notInstrumented\n */\nexport const destroyWalletProviders = async (\n { reason }: { reason?: LogoutReason },\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n const walletProviders = getAvailableWalletProvidersFromWalletAccounts(client);\n\n await Promise.all(\n walletProviders.map(async (walletProvider) => {\n if (!walletProvider.destroy) return;\n try {\n await walletProvider.destroy({ reason });\n } catch (err) {\n core.logger.error(\n `Error destroying wallet provider ${walletProvider.key}`,\n err\n );\n }\n })\n );\n};\n","import type { DynamicClient } from '../../../client/types';\nimport { getCore } from '../../../client/core/getCore';\nimport { setCookie } from '../../../utils/setCookie';\nimport { createApiClient } from '../../apiClient';\nimport { emitEvent } from '../../clientEvents';\nimport { fetchProjectSettings } from '../../projectSettings/fetchProjectSettings';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { generateSessionKeys } from '../../sessionKeys/generateSessionKeys';\nimport { destroyWalletProviders } from '../../wallets/destroyWalletProviders';\nimport { DYNAMIC_AUTH_COOKIE_NAME } from '../consts';\nimport type { LogoutReason } from '../logoutReason';\n\n/**\n * Logs the user out with an explicit reason.\n *\n * Revokes the session, clears auth state, terminates wallet providers, and\n * emits the `logout` client event with the given reason. The reason is also\n * captured as an argument on the function-instrumentation event, which is\n * how Datadog distinguishes between different logout causes.\n *\n * Use this instead of the public `logout` when triggering a logout from\n * internal or extension code — the caller owns the reason string, so the\n * telemetry correctly attributes *why* the logout happened.\n *\n * @param params - The logout params.\n * @param params.reason - Why the logout is being triggered. Extension authors\n * needing a reason outside the SDK catalog can cast with `as LogoutReason`.\n * @param client - The Dynamic client instance.\n * @instrumented\n */\nexport const logoutWithReason = async (\n { reason }: { reason: LogoutReason },\n client: DynamicClient\n) => {\n const core = getCore(client);\n\n core.logger.debug('[logoutWithReason] Logging out...', { reason });\n\n await destroyWalletProviders({ reason }, client);\n\n if (client.user !== null) {\n const apiClient = createApiClient({}, client);\n\n try {\n await apiClient.revokeSession({\n environmentId: core.environmentId,\n });\n } catch (error) {\n core.logger.error('Failed to revoke session', error);\n }\n\n /**\n * This deletes the auth cookie if it exists.\n * If the cookie doesn't exist, this sets a new cookie that expires immediately.\n */\n if (isCookieEnabled(client)) {\n setCookie(\n `${DYNAMIC_AUTH_COOKIE_NAME}=; Max-Age=-99999999; path=/; SameSite=Lax`\n );\n }\n }\n\n await core.keychain.removeKey('session');\n\n core.state.set({\n captchaToken: null,\n elevatedAccessTokens: [],\n legacyToken: null,\n mfaToken: null,\n sessionExpiresAt: null,\n sessionKeys: null,\n token: null,\n unverifiedWalletAccounts: [],\n user: null,\n });\n\n emitEvent({ args: { reason }, event: 'logout' }, client);\n\n // Refetch project settings\n void fetchProjectSettings(client);\n\n // Regenerate session keys\n void generateSessionKeys(client);\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Consumes and clears the current MFA token from the client state.\n *\n * This function retrieves the MFA token obtained from a successful MFA authentication,\n * and removes it from the client, to prevent it from being used again.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns The MFA token that was consumed.\n * @throws Error if no MFA token is found.\n * @instrumented\n * @redact-params\n */\nexport const consumeMfaToken = (client = getDefaultClient()) => {\n const core = getCore(client);\n\n const mfaToken = core.state.get().mfaToken;\n\n assertDefined(mfaToken, 'No MFA token found');\n\n core.state.set({\n mfaToken: null,\n });\n\n return mfaToken;\n};\n","import { getCore } from '../../../client/core/getCore';\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { createApiClient } from '../../apiClient';\n\n/**\n * Retrieves the available MFA methods for the current user.\n *\n * This function fetches information about which multi-factor authentication\n * methods are available and configured for the user's account.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to the user's MFA methods configuration.\n * @notInstrumented\n */\nexport const getMfaMethods = async (client = getDefaultClient()) => {\n const core = getCore(client);\n const apiClient = createApiClient({}, client);\n\n const userMfaMethods = await apiClient.getUserMfaMethods({\n environmentId: core.environmentId,\n verifiedOnly: true,\n });\n\n return userMfaMethods;\n};\n","import type { MFAAction } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { getMfaMethods } from '../getMfaMethods';\n\ntype IsMfaRequiredForActionParams = {\n mfaAction: MFAAction;\n};\n\n/**\n * Checks if MFA is required for a specific action.\n *\n * This function determines whether multi-factor authentication is required\n * for the specified action based on project settings and user configuration.\n *\n * @param params.mfaAction - The action to check MFA requirements for.\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns A promise that resolves to true if MFA is required for the action, false otherwise.\n * @notInstrumented\n */\nexport const isMfaRequiredForAction = async (\n { mfaAction }: IsMfaRequiredForActionParams,\n client = getDefaultClient()\n) => {\n const projectSettings = client.projectSettings;\n\n const isRequiredForAction = projectSettings?.security?.mfa?.actions?.some(\n (action) => action.action === mfaAction && action.required\n );\n\n // if mfa is not required for the action, return false\n // no matter if general mfa is set to required or not\n if (!isRequiredForAction) {\n return false;\n }\n\n const isMfaMethodRequired = projectSettings?.security?.mfa?.required;\n\n // if mfa is required for the action and also set as required in general, return true\n if (isMfaMethodRequired) {\n return true;\n }\n\n const mfaMethods = await getMfaMethods(client);\n // if general mfa is optional, but user has registered methods,\n // then it should be required for the action\n return mfaMethods.userHasVerifiedMfaMethods;\n};\n"],"mappings":";;;;;;;;AAMA,IAAa,8BAAb,cAAiD,UAAU;CAEzD,YAAY,YAAoB;AAC9B,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cAAc,mDAAmD;GAClE,CAAC;;;;;;;ACMN,MAAa,cAAc,OAAU,EACnC,QAAQ,GACR,IACA,iBAC0B;AAC1B,MAAK,IAAI,QAAQ,GAAG,SAAS,YAAY,QACvC,KAAI;AACF,SAAO,MAAM,IAAI;UACV,OAAO;AACd,MAAI,SAAS,WACX,OAAM;AAGR,MAAI,QAAQ,EACV,OAAM,IAAI,SAAS,YAAY,WAAW,SAAS,MAAM,CAAC;;;;;;AAShE,OAAM,IAAI,4BAA4B,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;ACrBnD,MAAa,cAAc,SAAS,kBAAkB,KACpD,QAAQ,OAAO,QAAQ,kBAAkB,OAAO,CAAC,SAAS,EAAE;;;;;ACnB9D,MAAa,0BAA6B,WAIf;AACzB,QAAO;;;;;;;;ACHT,MAAa,4CAA4C,uBACvD;CACE,KAAK;CACL,QAAQ,EAAE,QAAQ;CACnB,CACF;;;;;;;ACDD,MAAa,mCAAmC,MAAO,KAAK;;;;;;;;;;;;;AAc5D,MAAa,uBAAuB,OAAO,SAAS,kBAAkB,KAAK;CACzE,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,oBAAoB,MAAM,KAAK,QAAQ,QAC3C,0CACD;AAOD,KAL2B,QAAQ,OAAO,gBAAgB,IAKhC,EAJR,qBAAqB,oBAAoB,KAAK,KAAK,KAI7B,WAAW,OAAO,CACxD,QAAO,OAAO;CAGhB,MAAM,YAAY,gBAAgB,EAAE,EAAE,OAAO;AAE7C,MAAK,OAAO,MAAM,sDAAsD;CAExE,MAAM,UAAU,YACd,UAAU,uBACR;EACE,eAAe,KAAK;EACpB,YAAY,GAAG,gBAAgB,GAAG,KAAK;EACxC,EACD,EACE,aAAa,QACd,CACF;CAEH,MAAM,kBAAkB,MAAM,YAAY;EACxC,IAAI;EACJ,YAAY;EACb,CAAC;AAEF,MAAK,MAAM,IAAI,EAAE,iBAAiB,mBAAmB,MAAM,CAAC;AAE5D,OAAM,KAAK,QAAQ,QACjB,2CACA,KAAK,KAAK,GAAG,iCACd;AAED,QAAO;;;;;;AC9DT,MAAa,sBAAsB,OACjC,WACyB;CACzB,MAAM,OAAO,QAAQ,OAAO;AAE5B,OAAM,KAAK,SAAS,UAAU,UAAU;CAExC,MAAM,YAAY,MAAM,KAAK,SAAS,YAAY,UAAU;AAE5D,eAAc,WAAW,uBAAuB;AAEhD,MAAK,MAAM,IAAI,EACb,aAAa,WACd,CAAC;AAEF,QAAO,EAAE,WAAW;;;;;;ACdtB,MAAa,iDACX,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAMA,qCAAkD,IAAI,KAAK;AAIjE,CAFuB,kBAAkB,OAAO,CAEjC,SAAS,kBAAkB;AACxC,MAAI,mBAAmB,IAAI,cAAc,kBAAkB,CACzD;AAGF,MAAI;GACF,MAAM,iBAAiB,mCACrB,EACE,eACD,EACD,OACD;AAED,sBAAmB,IAAI,cAAc,mBAAmB,eAAe;WAChE,OAAO;AACd,QAAK,OAAO,MAAM,gDAAgD;IAChE;IACA,eAAe,cAAc;IAC9B,CAAC;;GAEJ;AAEF,QAAO,MAAM,KAAK,mBAAmB,QAAQ,CAAC;;;;;;;;;;;;;;ACxBhD,MAAa,yBAAyB,OACpC,EAAE,UACF,WACG;CACH,MAAM,OAAO,QAAQ,OAAO;CAE5B,MAAM,kBAAkB,8CAA8C,OAAO;AAE7E,OAAM,QAAQ,IACZ,gBAAgB,IAAI,OAAO,mBAAmB;AAC5C,MAAI,CAAC,eAAe,QAAS;AAC7B,MAAI;AACF,SAAM,eAAe,QAAQ,EAAE,QAAQ,CAAC;WACjC,KAAK;AACZ,QAAK,OAAO,MACV,oCAAoC,eAAe,OACnD,IACD;;GAEH,CACH;;;;;;;;;;;;;;;;;;;;;;;ACDH,MAAK,mBAAA,OACH,EAAA,qBAEA;;;AAKA,OAAE,uBAAkB,EAAA,QAAmB,EAAC,OAAO;AAE/C,KAAE,OAAI,SAAA,MAAA;EACJ,MAAE,YAAgB,gBAAc,EAAA,EAAA,OAAA;AAEhC,MAAI;AACF,SAAM,UAAQ,cAAA,EACd,eAAiB,KAAE,eACrB,CAAA;;AAEE,QAAA,OAAA,MAAA,4BAAA,MAAA;;;;;;AAOF,MAAG,gBAAA,OAAA,CACH,WACF,GAAA,yBAAA;;AAKA,OAAE,KAAA,SAAkB,UAAA,UAAA;AAEpB,MAAE,MAAA,IAAa;EACb,cAAc;EACd,sBAAsB,EAAA;EACtB,aAAa;EACb,UAAO;EACP,kBAAA;EACA,aAAU;EACV,OAAA;;EAEF,MAAA;;AAGA,WAAK;EAAA,MAAA,EAAA,QAAqB;EAAA,OAAO;EAAA,EAAA,OAAA;AAGjC,CAAK,qBAAoB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC/DlC,MAAE,mBAAsB,SAAU,kBAAU,KAAA;;;AAK1C,eAAY,UAAI,qBAAA;kBAGhB,UAAO,MACR,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACdD,MAAa,gBAAgB,OAAO,SAAS,kBAAkB,KAAK;CAClE,MAAM,OAAO,QAAQ,OAAO;AAQ5B,QALuB,MAFL,gBAAgB,EAAE,EAAE,OAAO,CAEN,kBAAkB;EACvD,eAAe,KAAK;EACpB,cAAc;EACf,CAAC;;;;;;;;;;;;;;;;ACDJ,MAAa,yBAAyB,OACpC,EAAE,aACF,SAAS,kBAAkB,KACxB;CACH,MAAM,kBAAkB,OAAO;AAQ/B,KAAI,CANwB,iBAAiB,UAAU,KAAK,SAAS,MAClE,WAAW,OAAO,WAAW,aAAa,OAAO,SACnD,CAKC,QAAO;AAMT,KAH4B,iBAAiB,UAAU,KAAK,SAI1D,QAAO;AAMT,SAHmB,MAAM,cAAc,OAAO,EAG5B"}
@@ -1,5 +1,5 @@
1
- import { Q as assertDefined, Z as isCookieEnabled, at as getDefaultClient, ct as BaseError, lt as getCore, o as isUserMissingMfaAuth, r as DEFAULT_WAAS_BASE_API_URL } from "./InvalidParamError-Dn_riAvL.esm.js";
2
- import { t as isDynamicWaasEnabled } from "./isDynamicWaasEnabled-CuSe2RO1.esm.js";
1
+ import { Q as assertDefined, Z as isCookieEnabled, at as getDefaultClient, ct as BaseError, lt as getCore, o as isUserMissingMfaAuth, r as DEFAULT_WAAS_BASE_API_URL } from "./InvalidParamError-PQ2Xen_o.esm.js";
2
+ import { t as isDynamicWaasEnabled } from "./isDynamicWaasEnabled-BmWqrgz1.esm.js";
3
3
  import { MfaBackupCodeAcknowledgement } from "@dynamic-labs/sdk-api-core";
4
4
  import { preconnectWaasIframe } from "@dynamic-labs-wallet/browser-wallet-client";
5
5
 
@@ -118,4 +118,4 @@ const isUserOnboardingComplete = (client = getDefaultClient()) => {
118
118
 
119
119
  //#endregion
120
120
  export { WaasOnboardingIncompleteError as a, preconnectWaasIframe$1 as i, isPendingRecoveryCodesAcknowledgment as n, isDeviceRegistrationRequired as r, isUserOnboardingComplete as t };
121
- //# sourceMappingURL=isUserOnboardingComplete-DFrrp61b.esm.js.map
121
+ //# sourceMappingURL=isUserOnboardingComplete-C4_b3pDb.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"isUserOnboardingComplete-DFrrp61b.esm.js","names":["preconnectWaasIframe"],"sources":["../src/errors/WaasOnboardingIncompleteError.ts","../src/modules/waas/preconnectWaasIframe/preconnectWaasIframe.ts","../src/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.ts","../src/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.ts","../src/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.ts"],"sourcesContent":["import { BaseError } from './base';\n\n/**\n * Thrown when the embedded (WaaS) wallet client is requested before the user\n * has completed onboarding — i.e. the JWT has not upgraded to `user:basic`\n * because MFA, KYC, recovery-codes acknowledgment, or device registration is\n * still pending.\n *\n * The WaaS iframe's init-time room-cache pre-warm fires `createRooms` using the\n * token captured at client construction (before any per-operation token\n * resync). Building the client during this window lets that pre-warm fire with\n * a pre-`user:basic` token, get a 401, and the iframe's unauthorized handler\n * force-logs-out the user. Throwing here surfaces a clear, recoverable reason\n * instead — wait for onboarding to complete and retry.\n */\nexport class WaasOnboardingIncompleteError extends BaseError {\n constructor() {\n super({\n cause: null,\n code: 'waas_onboarding_incomplete',\n docsUrl: null,\n name: 'WaasOnboardingIncompleteError',\n shortMessage:\n 'Cannot create or access the embedded wallet until onboarding is complete (pending MFA, KYC, recovery-codes acknowledgment, or device registration).',\n });\n }\n}\n","import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { preconnectWaasIframe as preconnectWaasIframeOrigin } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { DEFAULT_WAAS_BASE_API_URL } from '../constants';\nimport { isDynamicWaasEnabled } from '../isDynamicWaasEnabled';\n\n/**\n * Warms the browser's connection (DNS + TCP + TLS) to the embedded-wallet\n * iframe origin so the iframe mounted after authentication completes loads on\n * a hot connection. Called when an auth flow starts (OTP send/verify, social\n * callback). Safe to call repeatedly; no-op on React Native / SSR and when\n * Dynamic WaaS is not enabled.\n *\n * @param client - The Dynamic client instance.\n * @notInstrumented\n */\nexport const preconnectWaasIframe = (client: DynamicClient): void => {\n const core = getCore(client);\n try {\n if (!isDynamicWaasEnabled(client)) return;\n\n preconnectWaasIframeOrigin({\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n });\n } catch (error) {\n // Best-effort: never break the auth flow (also swallows the assertion\n // from isDynamicWaasEnabled when project settings are not loaded yet).\n core.logger.warn('[preconnectWaasIframe] skipped', error);\n }\n};\n","import type { User } from '../../user/user.types';\n\n/**\n * Checks if device registration is required for the given user.\n *\n * This function determines if the user has the deviceRegistration\n * scope, indicating that device registration is required.\n *\n * @param user - The user to check.\n * @returns True if device registration is required, false otherwise.\n * @notInstrumented\n */\nexport const isDeviceRegistrationRequired = (user: User) =>\n Boolean(user.scope?.includes('device:register'));\n","import { MfaBackupCodeAcknowledgement } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if the user is still pending acknowledgment of their MFA recovery codes.\n *\n * This function determines whether the user has been presented with recovery\n * codes that they have not yet acknowledged as saved or backed up.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if recovery codes are pending acknowledgment, false otherwise.\n * @notInstrumented\n */\nexport const isPendingRecoveryCodesAcknowledgment = (\n client = getDefaultClient()\n) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n return (\n user.mfaBackupCodeAcknowledgement === MfaBackupCodeAcknowledgement.Pending\n );\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { isDeviceRegistrationRequired } from '../../deviceRegistration/isDeviceRegistrationRequired';\nimport { isPendingRecoveryCodesAcknowledgment } from '../../mfa/isPendingRecoveryCodesAcknowledgment';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\n\n/**\n * Checks if the user has completed all onboarding requirements.\n *\n * This function verifies whether a user has fulfilled all necessary requirements\n * including KYC fields (Know Your Customer information), MFA setup\n * (Multi-Factor Authentication including recovery codes acknowledgment), and\n * device registration.\n *\n * A `false` result means the user still has an outstanding onboarding step, so\n * any feature that requires a fully onboarded (`user:basic`) user should hold\n * off until it returns `true`. Creating or accessing an embedded (WaaS) wallet\n * is one such feature — its backend calls reject a pre-`user:basic` token — but\n * this predicate is general and not specific to embedded wallets.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if onboarding is complete (no pending requirements), false if there are pending requirements.\n * @notInstrumented\n */\nexport const isUserOnboardingComplete = (client = getDefaultClient()) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n const hasMissingKycFields = Boolean(user.missingFields?.length);\n const hasPendingMfaAuth = isUserMissingMfaAuth(client);\n const hasPendingRecoveryCodes = isPendingRecoveryCodesAcknowledgment(client);\n const hasPendingDeviceRegistration = isDeviceRegistrationRequired(user);\n\n const userOnboardingComplete =\n !hasMissingKycFields &&\n !hasPendingMfaAuth &&\n !hasPendingRecoveryCodes &&\n !hasPendingDeviceRegistration;\n\n return userOnboardingComplete;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAeA,IAAa,gCAAb,cAAmD,UAAU;CAC3D,cAAc;AACZ,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cACE;GACH,CAAC;;;;;;;;;;;;;;;;ACLN,MAAaA,0BAAwB,WAAgC;CACnE,MAAM,OAAO,QAAQ,OAAO;AAC5B,KAAI;AACF,MAAI,CAAC,qBAAqB,OAAO,CAAE;AAEnC,uBAA2B;GACzB,UAAW,gBAAgB,OAAO,GAAG,WAAW;GAChD,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;GACF,CAAC;UACK,OAAO;AAGd,OAAK,OAAO,KAAK,kCAAkC,MAAM;;;;;;;;;;;;;;;;ACtB7D,MAAa,gCAAgC,SAC3C,QAAQ,KAAK,OAAO,SAAS,kBAAkB,CAAC;;;;;;;;;;;;;;ACElD,MAAa,wCACX,SAAS,kBAAkB,KACxB;CACH,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;AAEzC,QACE,KAAK,iCAAiC,6BAA6B;;;;;;;;;;;;;;;;;;;;;;;ACCvE,MAAa,4BAA4B,SAAS,kBAAkB,KAAK;CACvE,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;CAEzC,MAAM,sBAAsB,QAAQ,KAAK,eAAe,OAAO;CAC/D,MAAM,oBAAoB,qBAAqB,OAAO;CACtD,MAAM,0BAA0B,qCAAqC,OAAO;CAC5E,MAAM,+BAA+B,6BAA6B,KAAK;AAQvE,QALE,CAAC,uBACD,CAAC,qBACD,CAAC,2BACD,CAAC"}
1
+ {"version":3,"file":"isUserOnboardingComplete-C4_b3pDb.esm.js","names":["preconnectWaasIframe"],"sources":["../src/errors/WaasOnboardingIncompleteError.ts","../src/modules/waas/preconnectWaasIframe/preconnectWaasIframe.ts","../src/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.ts","../src/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.ts","../src/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.ts"],"sourcesContent":["import { BaseError } from './base';\n\n/**\n * Thrown when the embedded (WaaS) wallet client is requested before the user\n * has completed onboarding — i.e. the JWT has not upgraded to `user:basic`\n * because MFA, KYC, recovery-codes acknowledgment, or device registration is\n * still pending.\n *\n * The WaaS iframe's init-time room-cache pre-warm fires `createRooms` using the\n * token captured at client construction (before any per-operation token\n * resync). Building the client during this window lets that pre-warm fire with\n * a pre-`user:basic` token, get a 401, and the iframe's unauthorized handler\n * force-logs-out the user. Throwing here surfaces a clear, recoverable reason\n * instead — wait for onboarding to complete and retry.\n */\nexport class WaasOnboardingIncompleteError extends BaseError {\n constructor() {\n super({\n cause: null,\n code: 'waas_onboarding_incomplete',\n docsUrl: null,\n name: 'WaasOnboardingIncompleteError',\n shortMessage:\n 'Cannot create or access the embedded wallet until onboarding is complete (pending MFA, KYC, recovery-codes acknowledgment, or device registration).',\n });\n }\n}\n","import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { preconnectWaasIframe as preconnectWaasIframeOrigin } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { DEFAULT_WAAS_BASE_API_URL } from '../constants';\nimport { isDynamicWaasEnabled } from '../isDynamicWaasEnabled';\n\n/**\n * Warms the browser's connection (DNS + TCP + TLS) to the embedded-wallet\n * iframe origin so the iframe mounted after authentication completes loads on\n * a hot connection. Called when an auth flow starts (OTP send/verify, social\n * callback). Safe to call repeatedly; no-op on React Native / SSR and when\n * Dynamic WaaS is not enabled.\n *\n * @param client - The Dynamic client instance.\n * @notInstrumented\n */\nexport const preconnectWaasIframe = (client: DynamicClient): void => {\n const core = getCore(client);\n try {\n if (!isDynamicWaasEnabled(client)) return;\n\n preconnectWaasIframeOrigin({\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n });\n } catch (error) {\n // Best-effort: never break the auth flow (also swallows the assertion\n // from isDynamicWaasEnabled when project settings are not loaded yet).\n core.logger.warn('[preconnectWaasIframe] skipped', error);\n }\n};\n","import type { User } from '../../user/user.types';\n\n/**\n * Checks if device registration is required for the given user.\n *\n * This function determines if the user has the deviceRegistration\n * scope, indicating that device registration is required.\n *\n * @param user - The user to check.\n * @returns True if device registration is required, false otherwise.\n * @notInstrumented\n */\nexport const isDeviceRegistrationRequired = (user: User) =>\n Boolean(user.scope?.includes('device:register'));\n","import { MfaBackupCodeAcknowledgement } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if the user is still pending acknowledgment of their MFA recovery codes.\n *\n * This function determines whether the user has been presented with recovery\n * codes that they have not yet acknowledged as saved or backed up.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if recovery codes are pending acknowledgment, false otherwise.\n * @notInstrumented\n */\nexport const isPendingRecoveryCodesAcknowledgment = (\n client = getDefaultClient()\n) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n return (\n user.mfaBackupCodeAcknowledgement === MfaBackupCodeAcknowledgement.Pending\n );\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { isDeviceRegistrationRequired } from '../../deviceRegistration/isDeviceRegistrationRequired';\nimport { isPendingRecoveryCodesAcknowledgment } from '../../mfa/isPendingRecoveryCodesAcknowledgment';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\n\n/**\n * Checks if the user has completed all onboarding requirements.\n *\n * This function verifies whether a user has fulfilled all necessary requirements\n * including KYC fields (Know Your Customer information), MFA setup\n * (Multi-Factor Authentication including recovery codes acknowledgment), and\n * device registration.\n *\n * A `false` result means the user still has an outstanding onboarding step, so\n * any feature that requires a fully onboarded (`user:basic`) user should hold\n * off until it returns `true`. Creating or accessing an embedded (WaaS) wallet\n * is one such feature — its backend calls reject a pre-`user:basic` token — but\n * this predicate is general and not specific to embedded wallets.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if onboarding is complete (no pending requirements), false if there are pending requirements.\n * @notInstrumented\n */\nexport const isUserOnboardingComplete = (client = getDefaultClient()) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n const hasMissingKycFields = Boolean(user.missingFields?.length);\n const hasPendingMfaAuth = isUserMissingMfaAuth(client);\n const hasPendingRecoveryCodes = isPendingRecoveryCodesAcknowledgment(client);\n const hasPendingDeviceRegistration = isDeviceRegistrationRequired(user);\n\n const userOnboardingComplete =\n !hasMissingKycFields &&\n !hasPendingMfaAuth &&\n !hasPendingRecoveryCodes &&\n !hasPendingDeviceRegistration;\n\n return userOnboardingComplete;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAeA,IAAa,gCAAb,cAAmD,UAAU;CAC3D,cAAc;AACZ,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cACE;GACH,CAAC;;;;;;;;;;;;;;;;ACLN,MAAaA,0BAAwB,WAAgC;CACnE,MAAM,OAAO,QAAQ,OAAO;AAC5B,KAAI;AACF,MAAI,CAAC,qBAAqB,OAAO,CAAE;AAEnC,uBAA2B;GACzB,UAAW,gBAAgB,OAAO,GAAG,WAAW;GAChD,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;GACF,CAAC;UACK,OAAO;AAGd,OAAK,OAAO,KAAK,kCAAkC,MAAM;;;;;;;;;;;;;;;;ACtB7D,MAAa,gCAAgC,SAC3C,QAAQ,KAAK,OAAO,SAAS,kBAAkB,CAAC;;;;;;;;;;;;;;ACElD,MAAa,wCACX,SAAS,kBAAkB,KACxB;CACH,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;AAEzC,QACE,KAAK,iCAAiC,6BAA6B;;;;;;;;;;;;;;;;;;;;;;;ACCvE,MAAa,4BAA4B,SAAS,kBAAkB,KAAK;CACvE,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;CAEzC,MAAM,sBAAsB,QAAQ,KAAK,eAAe,OAAO;CAC/D,MAAM,oBAAoB,qBAAqB,OAAO;CACtD,MAAM,0BAA0B,qCAAqC,OAAO;CAC5E,MAAM,+BAA+B,6BAA6B,KAAK;AAQvE,QALE,CAAC,uBACD,CAAC,qBACD,CAAC,2BACD,CAAC"}
@@ -1,6 +1,6 @@
1
- const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-DECknr5q.cjs');
2
- const require_InvalidParamError = require('./InvalidParamError-DHriGGNI.cjs');
3
- const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-Bj3v8LZ_.cjs');
1
+ const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-3fWX5MEF.cjs');
2
+ const require_InvalidParamError = require('./InvalidParamError-DCpeZMBr.cjs');
3
+ const require_isDynamicWaasEnabled = require('./isDynamicWaasEnabled-A8Humh0r.cjs');
4
4
  let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
5
5
  let _dynamic_labs_wallet_browser_wallet_client = require("@dynamic-labs-wallet/browser-wallet-client");
6
6
 
@@ -148,4 +148,4 @@ Object.defineProperty(exports, 'preconnectWaasIframe', {
148
148
  return preconnectWaasIframe;
149
149
  }
150
150
  });
151
- //# sourceMappingURL=isUserOnboardingComplete-DvCQh8Dj.cjs.map
151
+ //# sourceMappingURL=isUserOnboardingComplete-D0JrQGvR.cjs.map
@@ -1 +1 @@
1
- {"version":3,"file":"isUserOnboardingComplete-DvCQh8Dj.cjs","names":["BaseError","getCore","isDynamicWaasEnabled","isCookieEnabled","DEFAULT_WAAS_BASE_API_URL","getDefaultClient","MfaBackupCodeAcknowledgement","getDefaultClient","isUserMissingMfaAuth"],"sources":["../src/errors/WaasOnboardingIncompleteError.ts","../src/modules/waas/preconnectWaasIframe/preconnectWaasIframe.ts","../src/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.ts","../src/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.ts","../src/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.ts"],"sourcesContent":["import { BaseError } from './base';\n\n/**\n * Thrown when the embedded (WaaS) wallet client is requested before the user\n * has completed onboarding — i.e. the JWT has not upgraded to `user:basic`\n * because MFA, KYC, recovery-codes acknowledgment, or device registration is\n * still pending.\n *\n * The WaaS iframe's init-time room-cache pre-warm fires `createRooms` using the\n * token captured at client construction (before any per-operation token\n * resync). Building the client during this window lets that pre-warm fire with\n * a pre-`user:basic` token, get a 401, and the iframe's unauthorized handler\n * force-logs-out the user. Throwing here surfaces a clear, recoverable reason\n * instead — wait for onboarding to complete and retry.\n */\nexport class WaasOnboardingIncompleteError extends BaseError {\n constructor() {\n super({\n cause: null,\n code: 'waas_onboarding_incomplete',\n docsUrl: null,\n name: 'WaasOnboardingIncompleteError',\n shortMessage:\n 'Cannot create or access the embedded wallet until onboarding is complete (pending MFA, KYC, recovery-codes acknowledgment, or device registration).',\n });\n }\n}\n","import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { preconnectWaasIframe as preconnectWaasIframeOrigin } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { DEFAULT_WAAS_BASE_API_URL } from '../constants';\nimport { isDynamicWaasEnabled } from '../isDynamicWaasEnabled';\n\n/**\n * Warms the browser's connection (DNS + TCP + TLS) to the embedded-wallet\n * iframe origin so the iframe mounted after authentication completes loads on\n * a hot connection. Called when an auth flow starts (OTP send/verify, social\n * callback). Safe to call repeatedly; no-op on React Native / SSR and when\n * Dynamic WaaS is not enabled.\n *\n * @param client - The Dynamic client instance.\n * @notInstrumented\n */\nexport const preconnectWaasIframe = (client: DynamicClient): void => {\n const core = getCore(client);\n try {\n if (!isDynamicWaasEnabled(client)) return;\n\n preconnectWaasIframeOrigin({\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n });\n } catch (error) {\n // Best-effort: never break the auth flow (also swallows the assertion\n // from isDynamicWaasEnabled when project settings are not loaded yet).\n core.logger.warn('[preconnectWaasIframe] skipped', error);\n }\n};\n","import type { User } from '../../user/user.types';\n\n/**\n * Checks if device registration is required for the given user.\n *\n * This function determines if the user has the deviceRegistration\n * scope, indicating that device registration is required.\n *\n * @param user - The user to check.\n * @returns True if device registration is required, false otherwise.\n * @notInstrumented\n */\nexport const isDeviceRegistrationRequired = (user: User) =>\n Boolean(user.scope?.includes('device:register'));\n","import { MfaBackupCodeAcknowledgement } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if the user is still pending acknowledgment of their MFA recovery codes.\n *\n * This function determines whether the user has been presented with recovery\n * codes that they have not yet acknowledged as saved or backed up.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if recovery codes are pending acknowledgment, false otherwise.\n * @notInstrumented\n */\nexport const isPendingRecoveryCodesAcknowledgment = (\n client = getDefaultClient()\n) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n return (\n user.mfaBackupCodeAcknowledgement === MfaBackupCodeAcknowledgement.Pending\n );\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { isDeviceRegistrationRequired } from '../../deviceRegistration/isDeviceRegistrationRequired';\nimport { isPendingRecoveryCodesAcknowledgment } from '../../mfa/isPendingRecoveryCodesAcknowledgment';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\n\n/**\n * Checks if the user has completed all onboarding requirements.\n *\n * This function verifies whether a user has fulfilled all necessary requirements\n * including KYC fields (Know Your Customer information), MFA setup\n * (Multi-Factor Authentication including recovery codes acknowledgment), and\n * device registration.\n *\n * A `false` result means the user still has an outstanding onboarding step, so\n * any feature that requires a fully onboarded (`user:basic`) user should hold\n * off until it returns `true`. Creating or accessing an embedded (WaaS) wallet\n * is one such feature — its backend calls reject a pre-`user:basic` token — but\n * this predicate is general and not specific to embedded wallets.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if onboarding is complete (no pending requirements), false if there are pending requirements.\n * @notInstrumented\n */\nexport const isUserOnboardingComplete = (client = getDefaultClient()) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n const hasMissingKycFields = Boolean(user.missingFields?.length);\n const hasPendingMfaAuth = isUserMissingMfaAuth(client);\n const hasPendingRecoveryCodes = isPendingRecoveryCodesAcknowledgment(client);\n const hasPendingDeviceRegistration = isDeviceRegistrationRequired(user);\n\n const userOnboardingComplete =\n !hasMissingKycFields &&\n !hasPendingMfaAuth &&\n !hasPendingRecoveryCodes &&\n !hasPendingDeviceRegistration;\n\n return userOnboardingComplete;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAeA,IAAa,gCAAb,cAAmDA,oCAAU;CAC3D,cAAc;AACZ,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cACE;GACH,CAAC;;;;;;;;;;;;;;;;ACLN,MAAa,wBAAwB,WAAgC;CACnE,MAAM,OAAOC,kCAAQ,OAAO;AAC5B,KAAI;AACF,MAAI,CAACC,kDAAqB,OAAO,CAAE;AAEnC,uEAA2B;GACzB,UAAWC,0CAAgB,OAAO,GAAG,WAAW;GAChD,aAAa,KAAK,cAAcC,qDAA2B,QACzD,WACA,GACD;GACF,CAAC;UACK,OAAO;AAGd,OAAK,OAAO,KAAK,kCAAkC,MAAM;;;;;;;;;;;;;;;;ACtB7D,MAAa,gCAAgC,SAC3C,QAAQ,KAAK,OAAO,SAAS,kBAAkB,CAAC;;;;;;;;;;;;;;ACElD,MAAa,wCACX,SAASC,4CAAkB,KACxB;CACH,MAAM,OAAO,OAAO;AAEpB,yCAAc,MAAM,qBAAqB;AAEzC,QACE,KAAK,iCAAiCC,wDAA6B;;;;;;;;;;;;;;;;;;;;;;;ACCvE,MAAa,4BAA4B,SAASC,4CAAkB,KAAK;CACvE,MAAM,OAAO,OAAO;AAEpB,yCAAc,MAAM,qBAAqB;CAEzC,MAAM,sBAAsB,QAAQ,KAAK,eAAe,OAAO;CAC/D,MAAM,oBAAoBC,+CAAqB,OAAO;CACtD,MAAM,0BAA0B,qCAAqC,OAAO;CAC5E,MAAM,+BAA+B,6BAA6B,KAAK;AAQvE,QALE,CAAC,uBACD,CAAC,qBACD,CAAC,2BACD,CAAC"}
1
+ {"version":3,"file":"isUserOnboardingComplete-D0JrQGvR.cjs","names":["BaseError","getCore","isDynamicWaasEnabled","isCookieEnabled","DEFAULT_WAAS_BASE_API_URL","getDefaultClient","MfaBackupCodeAcknowledgement","getDefaultClient","isUserMissingMfaAuth"],"sources":["../src/errors/WaasOnboardingIncompleteError.ts","../src/modules/waas/preconnectWaasIframe/preconnectWaasIframe.ts","../src/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.ts","../src/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.ts","../src/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.ts"],"sourcesContent":["import { BaseError } from './base';\n\n/**\n * Thrown when the embedded (WaaS) wallet client is requested before the user\n * has completed onboarding — i.e. the JWT has not upgraded to `user:basic`\n * because MFA, KYC, recovery-codes acknowledgment, or device registration is\n * still pending.\n *\n * The WaaS iframe's init-time room-cache pre-warm fires `createRooms` using the\n * token captured at client construction (before any per-operation token\n * resync). Building the client during this window lets that pre-warm fire with\n * a pre-`user:basic` token, get a 401, and the iframe's unauthorized handler\n * force-logs-out the user. Throwing here surfaces a clear, recoverable reason\n * instead — wait for onboarding to complete and retry.\n */\nexport class WaasOnboardingIncompleteError extends BaseError {\n constructor() {\n super({\n cause: null,\n code: 'waas_onboarding_incomplete',\n docsUrl: null,\n name: 'WaasOnboardingIncompleteError',\n shortMessage:\n 'Cannot create or access the embedded wallet until onboarding is complete (pending MFA, KYC, recovery-codes acknowledgment, or device registration).',\n });\n }\n}\n","import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { preconnectWaasIframe as preconnectWaasIframeOrigin } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { DEFAULT_WAAS_BASE_API_URL } from '../constants';\nimport { isDynamicWaasEnabled } from '../isDynamicWaasEnabled';\n\n/**\n * Warms the browser's connection (DNS + TCP + TLS) to the embedded-wallet\n * iframe origin so the iframe mounted after authentication completes loads on\n * a hot connection. Called when an auth flow starts (OTP send/verify, social\n * callback). Safe to call repeatedly; no-op on React Native / SSR and when\n * Dynamic WaaS is not enabled.\n *\n * @param client - The Dynamic client instance.\n * @notInstrumented\n */\nexport const preconnectWaasIframe = (client: DynamicClient): void => {\n const core = getCore(client);\n try {\n if (!isDynamicWaasEnabled(client)) return;\n\n preconnectWaasIframeOrigin({\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n });\n } catch (error) {\n // Best-effort: never break the auth flow (also swallows the assertion\n // from isDynamicWaasEnabled when project settings are not loaded yet).\n core.logger.warn('[preconnectWaasIframe] skipped', error);\n }\n};\n","import type { User } from '../../user/user.types';\n\n/**\n * Checks if device registration is required for the given user.\n *\n * This function determines if the user has the deviceRegistration\n * scope, indicating that device registration is required.\n *\n * @param user - The user to check.\n * @returns True if device registration is required, false otherwise.\n * @notInstrumented\n */\nexport const isDeviceRegistrationRequired = (user: User) =>\n Boolean(user.scope?.includes('device:register'));\n","import { MfaBackupCodeAcknowledgement } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if the user is still pending acknowledgment of their MFA recovery codes.\n *\n * This function determines whether the user has been presented with recovery\n * codes that they have not yet acknowledged as saved or backed up.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if recovery codes are pending acknowledgment, false otherwise.\n * @notInstrumented\n */\nexport const isPendingRecoveryCodesAcknowledgment = (\n client = getDefaultClient()\n) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n return (\n user.mfaBackupCodeAcknowledgement === MfaBackupCodeAcknowledgement.Pending\n );\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { isDeviceRegistrationRequired } from '../../deviceRegistration/isDeviceRegistrationRequired';\nimport { isPendingRecoveryCodesAcknowledgment } from '../../mfa/isPendingRecoveryCodesAcknowledgment';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\n\n/**\n * Checks if the user has completed all onboarding requirements.\n *\n * This function verifies whether a user has fulfilled all necessary requirements\n * including KYC fields (Know Your Customer information), MFA setup\n * (Multi-Factor Authentication including recovery codes acknowledgment), and\n * device registration.\n *\n * A `false` result means the user still has an outstanding onboarding step, so\n * any feature that requires a fully onboarded (`user:basic`) user should hold\n * off until it returns `true`. Creating or accessing an embedded (WaaS) wallet\n * is one such feature — its backend calls reject a pre-`user:basic` token — but\n * this predicate is general and not specific to embedded wallets.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if onboarding is complete (no pending requirements), false if there are pending requirements.\n * @notInstrumented\n */\nexport const isUserOnboardingComplete = (client = getDefaultClient()) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n const hasMissingKycFields = Boolean(user.missingFields?.length);\n const hasPendingMfaAuth = isUserMissingMfaAuth(client);\n const hasPendingRecoveryCodes = isPendingRecoveryCodesAcknowledgment(client);\n const hasPendingDeviceRegistration = isDeviceRegistrationRequired(user);\n\n const userOnboardingComplete =\n !hasMissingKycFields &&\n !hasPendingMfaAuth &&\n !hasPendingRecoveryCodes &&\n !hasPendingDeviceRegistration;\n\n return userOnboardingComplete;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAeA,IAAa,gCAAb,cAAmDA,oCAAU;CAC3D,cAAc;AACZ,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cACE;GACH,CAAC;;;;;;;;;;;;;;;;ACLN,MAAa,wBAAwB,WAAgC;CACnE,MAAM,OAAOC,kCAAQ,OAAO;AAC5B,KAAI;AACF,MAAI,CAACC,kDAAqB,OAAO,CAAE;AAEnC,uEAA2B;GACzB,UAAWC,0CAAgB,OAAO,GAAG,WAAW;GAChD,aAAa,KAAK,cAAcC,qDAA2B,QACzD,WACA,GACD;GACF,CAAC;UACK,OAAO;AAGd,OAAK,OAAO,KAAK,kCAAkC,MAAM;;;;;;;;;;;;;;;;ACtB7D,MAAa,gCAAgC,SAC3C,QAAQ,KAAK,OAAO,SAAS,kBAAkB,CAAC;;;;;;;;;;;;;;ACElD,MAAa,wCACX,SAASC,4CAAkB,KACxB;CACH,MAAM,OAAO,OAAO;AAEpB,yCAAc,MAAM,qBAAqB;AAEzC,QACE,KAAK,iCAAiCC,wDAA6B;;;;;;;;;;;;;;;;;;;;;;;ACCvE,MAAa,4BAA4B,SAASC,4CAAkB,KAAK;CACvE,MAAM,OAAO,OAAO;AAEpB,yCAAc,MAAM,qBAAqB;CAEzC,MAAM,sBAAsB,QAAQ,KAAK,eAAe,OAAO;CAC/D,MAAM,oBAAoBC,+CAAqB,OAAO;CACtD,MAAM,0BAA0B,qCAAqC,OAAO;CAC5E,MAAM,+BAA+B,6BAA6B,KAAK;AAQvE,QALE,CAAC,uBACD,CAAC,qBACD,CAAC,2BACD,CAAC"}
@@ -1,5 +1,5 @@
1
- import { $ as getCore, H as assertDefined, Q as BaseError, V as isCookieEnabled, Y as getDefaultClient, o as isUserMissingMfaAuth, r as DEFAULT_WAAS_BASE_API_URL } from "./InvalidParamError-DYezznCD.native.esm.js";
2
- import { t as isDynamicWaasEnabled } from "./isDynamicWaasEnabled-CvD8_c7H.native.esm.js";
1
+ import { $ as getCore, H as assertDefined, Q as BaseError, V as isCookieEnabled, Y as getDefaultClient, o as isUserMissingMfaAuth, r as DEFAULT_WAAS_BASE_API_URL } from "./InvalidParamError-5AXtm6Zp.native.esm.js";
2
+ import { t as isDynamicWaasEnabled } from "./isDynamicWaasEnabled-Djp4QuBw.native.esm.js";
3
3
  import { MfaBackupCodeAcknowledgement } from "@dynamic-labs/sdk-api-core";
4
4
  import { preconnectWaasIframe } from "@dynamic-labs-wallet/browser-wallet-client";
5
5
 
@@ -118,4 +118,4 @@ const isUserOnboardingComplete = (client = getDefaultClient()) => {
118
118
 
119
119
  //#endregion
120
120
  export { WaasOnboardingIncompleteError as a, preconnectWaasIframe$1 as i, isPendingRecoveryCodesAcknowledgment as n, isDeviceRegistrationRequired as r, isUserOnboardingComplete as t };
121
- //# sourceMappingURL=isUserOnboardingComplete-Dtr1_Mi4.native.esm.js.map
121
+ //# sourceMappingURL=isUserOnboardingComplete-m6E6GbB0.native.esm.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"isUserOnboardingComplete-Dtr1_Mi4.native.esm.js","names":["preconnectWaasIframe"],"sources":["../src/errors/WaasOnboardingIncompleteError.ts","../src/modules/waas/preconnectWaasIframe/preconnectWaasIframe.ts","../src/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.ts","../src/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.ts","../src/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.ts"],"sourcesContent":["import { BaseError } from './base';\n\n/**\n * Thrown when the embedded (WaaS) wallet client is requested before the user\n * has completed onboarding — i.e. the JWT has not upgraded to `user:basic`\n * because MFA, KYC, recovery-codes acknowledgment, or device registration is\n * still pending.\n *\n * The WaaS iframe's init-time room-cache pre-warm fires `createRooms` using the\n * token captured at client construction (before any per-operation token\n * resync). Building the client during this window lets that pre-warm fire with\n * a pre-`user:basic` token, get a 401, and the iframe's unauthorized handler\n * force-logs-out the user. Throwing here surfaces a clear, recoverable reason\n * instead — wait for onboarding to complete and retry.\n */\nexport class WaasOnboardingIncompleteError extends BaseError {\n constructor() {\n super({\n cause: null,\n code: 'waas_onboarding_incomplete',\n docsUrl: null,\n name: 'WaasOnboardingIncompleteError',\n shortMessage:\n 'Cannot create or access the embedded wallet until onboarding is complete (pending MFA, KYC, recovery-codes acknowledgment, or device registration).',\n });\n }\n}\n","import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { preconnectWaasIframe as preconnectWaasIframeOrigin } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { DEFAULT_WAAS_BASE_API_URL } from '../constants';\nimport { isDynamicWaasEnabled } from '../isDynamicWaasEnabled';\n\n/**\n * Warms the browser's connection (DNS + TCP + TLS) to the embedded-wallet\n * iframe origin so the iframe mounted after authentication completes loads on\n * a hot connection. Called when an auth flow starts (OTP send/verify, social\n * callback). Safe to call repeatedly; no-op on React Native / SSR and when\n * Dynamic WaaS is not enabled.\n *\n * @param client - The Dynamic client instance.\n * @notInstrumented\n */\nexport const preconnectWaasIframe = (client: DynamicClient): void => {\n const core = getCore(client);\n try {\n if (!isDynamicWaasEnabled(client)) return;\n\n preconnectWaasIframeOrigin({\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n });\n } catch (error) {\n // Best-effort: never break the auth flow (also swallows the assertion\n // from isDynamicWaasEnabled when project settings are not loaded yet).\n core.logger.warn('[preconnectWaasIframe] skipped', error);\n }\n};\n","import type { User } from '../../user/user.types';\n\n/**\n * Checks if device registration is required for the given user.\n *\n * This function determines if the user has the deviceRegistration\n * scope, indicating that device registration is required.\n *\n * @param user - The user to check.\n * @returns True if device registration is required, false otherwise.\n * @notInstrumented\n */\nexport const isDeviceRegistrationRequired = (user: User) =>\n Boolean(user.scope?.includes('device:register'));\n","import { MfaBackupCodeAcknowledgement } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if the user is still pending acknowledgment of their MFA recovery codes.\n *\n * This function determines whether the user has been presented with recovery\n * codes that they have not yet acknowledged as saved or backed up.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if recovery codes are pending acknowledgment, false otherwise.\n * @notInstrumented\n */\nexport const isPendingRecoveryCodesAcknowledgment = (\n client = getDefaultClient()\n) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n return (\n user.mfaBackupCodeAcknowledgement === MfaBackupCodeAcknowledgement.Pending\n );\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { isDeviceRegistrationRequired } from '../../deviceRegistration/isDeviceRegistrationRequired';\nimport { isPendingRecoveryCodesAcknowledgment } from '../../mfa/isPendingRecoveryCodesAcknowledgment';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\n\n/**\n * Checks if the user has completed all onboarding requirements.\n *\n * This function verifies whether a user has fulfilled all necessary requirements\n * including KYC fields (Know Your Customer information), MFA setup\n * (Multi-Factor Authentication including recovery codes acknowledgment), and\n * device registration.\n *\n * A `false` result means the user still has an outstanding onboarding step, so\n * any feature that requires a fully onboarded (`user:basic`) user should hold\n * off until it returns `true`. Creating or accessing an embedded (WaaS) wallet\n * is one such feature — its backend calls reject a pre-`user:basic` token — but\n * this predicate is general and not specific to embedded wallets.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if onboarding is complete (no pending requirements), false if there are pending requirements.\n * @notInstrumented\n */\nexport const isUserOnboardingComplete = (client = getDefaultClient()) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n const hasMissingKycFields = Boolean(user.missingFields?.length);\n const hasPendingMfaAuth = isUserMissingMfaAuth(client);\n const hasPendingRecoveryCodes = isPendingRecoveryCodesAcknowledgment(client);\n const hasPendingDeviceRegistration = isDeviceRegistrationRequired(user);\n\n const userOnboardingComplete =\n !hasMissingKycFields &&\n !hasPendingMfaAuth &&\n !hasPendingRecoveryCodes &&\n !hasPendingDeviceRegistration;\n\n return userOnboardingComplete;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAeA,IAAa,gCAAb,cAAmD,UAAU;CAC3D,cAAc;AACZ,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cACE;GACH,CAAC;;;;;;;;;;;;;;;;ACLN,MAAaA,0BAAwB,WAAgC;CACnE,MAAM,OAAO,QAAQ,OAAO;AAC5B,KAAI;AACF,MAAI,CAAC,qBAAqB,OAAO,CAAE;AAEnC,uBAA2B;GACzB,UAAW,gBAAgB,OAAO,GAAG,WAAW;GAChD,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;GACF,CAAC;UACK,OAAO;AAGd,OAAK,OAAO,KAAK,kCAAkC,MAAM;;;;;;;;;;;;;;;;ACtB7D,MAAa,gCAAgC,SAC3C,QAAQ,KAAK,OAAO,SAAS,kBAAkB,CAAC;;;;;;;;;;;;;;ACElD,MAAa,wCACX,SAAS,kBAAkB,KACxB;CACH,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;AAEzC,QACE,KAAK,iCAAiC,6BAA6B;;;;;;;;;;;;;;;;;;;;;;;ACCvE,MAAa,4BAA4B,SAAS,kBAAkB,KAAK;CACvE,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;CAEzC,MAAM,sBAAsB,QAAQ,KAAK,eAAe,OAAO;CAC/D,MAAM,oBAAoB,qBAAqB,OAAO;CACtD,MAAM,0BAA0B,qCAAqC,OAAO;CAC5E,MAAM,+BAA+B,6BAA6B,KAAK;AAQvE,QALE,CAAC,uBACD,CAAC,qBACD,CAAC,2BACD,CAAC"}
1
+ {"version":3,"file":"isUserOnboardingComplete-m6E6GbB0.native.esm.js","names":["preconnectWaasIframe"],"sources":["../src/errors/WaasOnboardingIncompleteError.ts","../src/modules/waas/preconnectWaasIframe/preconnectWaasIframe.ts","../src/modules/deviceRegistration/isDeviceRegistrationRequired/isDeviceRegistrationRequired.ts","../src/modules/mfa/isPendingRecoveryCodesAcknowledgment/isPendingRecoveryCodesAcknowledgment.ts","../src/modules/user/isUserOnboardingComplete/isUserOnboardingComplete.ts"],"sourcesContent":["import { BaseError } from './base';\n\n/**\n * Thrown when the embedded (WaaS) wallet client is requested before the user\n * has completed onboarding — i.e. the JWT has not upgraded to `user:basic`\n * because MFA, KYC, recovery-codes acknowledgment, or device registration is\n * still pending.\n *\n * The WaaS iframe's init-time room-cache pre-warm fires `createRooms` using the\n * token captured at client construction (before any per-operation token\n * resync). Building the client during this window lets that pre-warm fire with\n * a pre-`user:basic` token, get a 401, and the iframe's unauthorized handler\n * force-logs-out the user. Throwing here surfaces a clear, recoverable reason\n * instead — wait for onboarding to complete and retry.\n */\nexport class WaasOnboardingIncompleteError extends BaseError {\n constructor() {\n super({\n cause: null,\n code: 'waas_onboarding_incomplete',\n docsUrl: null,\n name: 'WaasOnboardingIncompleteError',\n shortMessage:\n 'Cannot create or access the embedded wallet until onboarding is complete (pending MFA, KYC, recovery-codes acknowledgment, or device registration).',\n });\n }\n}\n","import type { AuthMode } from '@dynamic-labs-wallet/browser-wallet-client';\nimport { preconnectWaasIframe as preconnectWaasIframeOrigin } from '@dynamic-labs-wallet/browser-wallet-client';\n\nimport { getCore } from '../../../client/core/getCore';\nimport type { DynamicClient } from '../../../client/types';\nimport { isCookieEnabled } from '../../projectSettings/isCookieEnabled';\nimport { DEFAULT_WAAS_BASE_API_URL } from '../constants';\nimport { isDynamicWaasEnabled } from '../isDynamicWaasEnabled';\n\n/**\n * Warms the browser's connection (DNS + TCP + TLS) to the embedded-wallet\n * iframe origin so the iframe mounted after authentication completes loads on\n * a hot connection. Called when an auth flow starts (OTP send/verify, social\n * callback). Safe to call repeatedly; no-op on React Native / SSR and when\n * Dynamic WaaS is not enabled.\n *\n * @param client - The Dynamic client instance.\n * @notInstrumented\n */\nexport const preconnectWaasIframe = (client: DynamicClient): void => {\n const core = getCore(client);\n try {\n if (!isDynamicWaasEnabled(client)) return;\n\n preconnectWaasIframeOrigin({\n authMode: (isCookieEnabled(client) ? 'cookie' : 'header') as AuthMode,\n baseApiUrl: (core.apiBaseUrl || DEFAULT_WAAS_BASE_API_URL).replace(\n '/api/v0',\n ''\n ),\n });\n } catch (error) {\n // Best-effort: never break the auth flow (also swallows the assertion\n // from isDynamicWaasEnabled when project settings are not loaded yet).\n core.logger.warn('[preconnectWaasIframe] skipped', error);\n }\n};\n","import type { User } from '../../user/user.types';\n\n/**\n * Checks if device registration is required for the given user.\n *\n * This function determines if the user has the deviceRegistration\n * scope, indicating that device registration is required.\n *\n * @param user - The user to check.\n * @returns True if device registration is required, false otherwise.\n * @notInstrumented\n */\nexport const isDeviceRegistrationRequired = (user: User) =>\n Boolean(user.scope?.includes('device:register'));\n","import { MfaBackupCodeAcknowledgement } from '@dynamic-labs/sdk-api-core';\n\nimport { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\n\n/**\n * Checks if the user is still pending acknowledgment of their MFA recovery codes.\n *\n * This function determines whether the user has been presented with recovery\n * codes that they have not yet acknowledged as saved or backed up.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if recovery codes are pending acknowledgment, false otherwise.\n * @notInstrumented\n */\nexport const isPendingRecoveryCodesAcknowledgment = (\n client = getDefaultClient()\n) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n return (\n user.mfaBackupCodeAcknowledgement === MfaBackupCodeAcknowledgement.Pending\n );\n};\n","import { getDefaultClient } from '../../../client/defaultClient';\nimport { assertDefined } from '../../../utils/assertDefined';\nimport { isDeviceRegistrationRequired } from '../../deviceRegistration/isDeviceRegistrationRequired';\nimport { isPendingRecoveryCodesAcknowledgment } from '../../mfa/isPendingRecoveryCodesAcknowledgment';\nimport { isUserMissingMfaAuth } from '../../mfa/isUserMissingMfaAuth';\n\n/**\n * Checks if the user has completed all onboarding requirements.\n *\n * This function verifies whether a user has fulfilled all necessary requirements\n * including KYC fields (Know Your Customer information), MFA setup\n * (Multi-Factor Authentication including recovery codes acknowledgment), and\n * device registration.\n *\n * A `false` result means the user still has an outstanding onboarding step, so\n * any feature that requires a fully onboarded (`user:basic`) user should hold\n * off until it returns `true`. Creating or accessing an embedded (WaaS) wallet\n * is one such feature — its backend calls reject a pre-`user:basic` token — but\n * this predicate is general and not specific to embedded wallets.\n *\n * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.\n * @returns True if onboarding is complete (no pending requirements), false if there are pending requirements.\n * @notInstrumented\n */\nexport const isUserOnboardingComplete = (client = getDefaultClient()) => {\n const user = client.user;\n\n assertDefined(user, 'User not logged in');\n\n const hasMissingKycFields = Boolean(user.missingFields?.length);\n const hasPendingMfaAuth = isUserMissingMfaAuth(client);\n const hasPendingRecoveryCodes = isPendingRecoveryCodesAcknowledgment(client);\n const hasPendingDeviceRegistration = isDeviceRegistrationRequired(user);\n\n const userOnboardingComplete =\n !hasMissingKycFields &&\n !hasPendingMfaAuth &&\n !hasPendingRecoveryCodes &&\n !hasPendingDeviceRegistration;\n\n return userOnboardingComplete;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAeA,IAAa,gCAAb,cAAmD,UAAU;CAC3D,cAAc;AACZ,QAAM;GACJ,OAAO;GACP,MAAM;GACN,SAAS;GACT,MAAM;GACN,cACE;GACH,CAAC;;;;;;;;;;;;;;;;ACLN,MAAaA,0BAAwB,WAAgC;CACnE,MAAM,OAAO,QAAQ,OAAO;AAC5B,KAAI;AACF,MAAI,CAAC,qBAAqB,OAAO,CAAE;AAEnC,uBAA2B;GACzB,UAAW,gBAAgB,OAAO,GAAG,WAAW;GAChD,aAAa,KAAK,cAAc,2BAA2B,QACzD,WACA,GACD;GACF,CAAC;UACK,OAAO;AAGd,OAAK,OAAO,KAAK,kCAAkC,MAAM;;;;;;;;;;;;;;;;ACtB7D,MAAa,gCAAgC,SAC3C,QAAQ,KAAK,OAAO,SAAS,kBAAkB,CAAC;;;;;;;;;;;;;;ACElD,MAAa,wCACX,SAAS,kBAAkB,KACxB;CACH,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;AAEzC,QACE,KAAK,iCAAiC,6BAA6B;;;;;;;;;;;;;;;;;;;;;;;ACCvE,MAAa,4BAA4B,SAAS,kBAAkB,KAAK;CACvE,MAAM,OAAO,OAAO;AAEpB,eAAc,MAAM,qBAAqB;CAEzC,MAAM,sBAAsB,QAAQ,KAAK,eAAe,OAAO;CAC/D,MAAM,oBAAoB,qBAAqB,OAAO;CACtD,MAAM,0BAA0B,qCAAqC,OAAO;CAC5E,MAAM,+BAA+B,6BAA6B,KAAK;AAQvE,QALE,CAAC,uBACD,CAAC,qBACD,CAAC,2BACD,CAAC"}