npm - @fourt/sdk - Versions diffs - 1.2.2 → 1.2.3 - Mend

@fourt/sdk 1.2.2 → 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts","../src/session/index.ts","../src/modules/auth/email.ts","../src/modules/auth/passkeys.ts","../src/modules/auth/oauth/google.ts","../src/errors/SDKError.ts","../src/errors/BadRequestError.ts","../src/modules/auth/oauth/facebook.ts","../src/modules/auth/oauth/apple.ts","../src/modules/auth/oauth.ts","../src/modules/auth/index.ts","../src/modules/user/index.ts","../src/signer/web.ts","../src/lib/base64.ts","../src/lib/bytes.ts","../src/signer/index.ts","../src/errors/UnauthorizedError.ts","../src/errors/NotFoundError.ts","../src/errors/GenericError.ts","../src/errors/UnauthenticatedError.ts","../src/types/routes.ts","../src/third-party/viem.ts"],"sourcesContent":["import { AuthModule, UserModule } from './modules/index.js'\nimport { SignerClientConstructorParams } from './signer/index.js'\nimport {\n WebSignerClient,\n WebSignerClientConstructorParams,\n} from './signer/web.js'\nimport { ViemModule } from './third-party/viem.js'\n\ntype FourtWebSignerConstructorParams = {\n configuration: SignerClientConstructorParams['configuration']\n auth: Pick<WebSignerClientConstructorParams, 'webauthn' \| 'iframe' \| 'oauth'>\n}\n\n/*\n A client for interacting with the Fourt Web Signer.\n /\nclass FourtWebSigner {\n private readonly _webSignerClient: WebSignerClient\n private readonly _modules: {\n viem: ViemModule\n auth: AuthModule\n user: UserModule\n }\n\n /\n Initializes a new instance of the `FourtWebSigner` class.\n * Sets up the underlying modules.\n \n \n * @example\n * ```ts\n * const fourtWebSigner = new FourtWebSigner({\n * auth: {\n * webauthn: {\n * rpId: 'localhost',\n * },\n * },\n * configuration: {\n * apiKey: '927d603c-6775-4210-8e13-8904ca985e78',\n * },\n * })\n * ```\n \n @param {FourtWebSignerConstructorParams} params the required parameters to initialize the client\n /\n constructor({\n configuration,\n auth: { webauthn, iframe, oauth },\n }: FourtWebSignerConstructorParams) {\n this._webSignerClient = new WebSignerClient({\n configuration,\n webauthn,\n iframe,\n oauth,\n })\n\n this._modules = {\n viem: new ViemModule(this._webSignerClient),\n auth: new AuthModule(this._webSignerClient),\n user: new UserModule(this._webSignerClient),\n }\n }\n\n /\n A module for interacting with the Viem library.\n /\n get viem() {\n return this._modules.viem\n }\n\n /\n A module for interacting with the authentication methods.\n /\n get auth() {\n return this._modules.auth\n }\n\n /\n A module for interacting with the user methods.\n /\n get user() {\n return this._modules.user\n }\n}\n\nexport { FourtWebSigner }\n","import { createStore, type StoreApi } from 'zustand'\nimport { persist, createJSONStorage } from 'zustand/middleware'\nimport { User } from '../types/entities.js'\n\nenum SessionType {\n Email = 'email',\n Passkeys = 'passkeys',\n OAuth = 'oauth',\n}\n\n/\n The state of the session.\n /\ntype SessionState = {\n type?: SessionType\n user?: User\n bundle?: string\n token?: string\n csrfToken?: string\n}\n\n/\n A store for the session state.\n /\nclass SessionStore {\n private readonly _store: StoreApi<SessionState>\n\n constructor() {\n // Persist only `bundle` and `type` to localStorage.\n // `user` and `token` stay in memory (not persisted).\n this._store = createStore<SessionState>()(\n persist(this._getInitialState, {\n name: 'fourt-session',\n storage: createJSONStorage(() => localStorage),\n // keep only these keys in persisted storage\n partialize: (state) => ({ bundle: state.bundle, type: state.type }),\n }),\n )\n }\n\n /\n Gets the type from the session state.\n \n @returns {SessionType \| undefined} the type.\n /\n get type(): SessionType \| undefined {\n return this._store.getState().type\n }\n\n /\n Sets the type in the session state.\n \n @param {SessionType} type the type to set.\n /\n set type(type: SessionType) {\n this._store.setState({ type })\n }\n\n /\n Gets the token from the session state.\n \n @returns {string \| undefined} the token.\n /\n get token(): string \| undefined {\n return this._store.getState().token\n }\n\n /\n Sets the token in the session state.\n \n @param {string} token the token to set.\n /\n set token(token: string) {\n this._store.setState({ token })\n }\n\n /\n Gets the CSRF token from the session state.\n \n @returns {string \| undefined} the CSRF token.\n /\n get csrfToken(): string \| undefined {\n return this._store.getState().csrfToken\n }\n\n /\n Sets the CSRF token in the session state.\n \n @param {string} csrfToken the CSRF token to set.\n /\n set csrfToken(csrfToken: string) {\n this._store.setState({ csrfToken })\n }\n\n /\n Gets the bundle from the session state.\n \n @returns {string \| undefined} the bundle.\n /\n get bundle(): string \| undefined {\n return this._store.getState().bundle\n }\n\n /\n Sets the bundle in the session state.\n \n @param {string} bundle the bundle to set.\n /\n set bundle(bundle: string) {\n this._store.setState({ bundle })\n }\n\n /\n Gets the user from the session state.\n \n @returns {User \| undefined} the user.\n /\n get user(): User \| undefined {\n return this._store.getState().user\n }\n\n /\n Sets the user in the session state.\n \n @param {User} user the user to set.\n /\n set user(user: User) {\n this._store.setState({ ...this._store.getState(), user })\n }\n\n /\n Clears the user from the session state.\n /\n clearUser() {\n this._store.setState({ ...this._store.getState(), user: undefined })\n }\n\n /\n Clears the bundle from the session state.\n /\n clearBundle() {\n this._store.setState({ ...this._store.getState(), bundle: undefined })\n }\n\n /\n Clears the type from the session state.\n /\n clearType() {\n this._store.setState({ ...this._store.getState(), type: undefined })\n }\n\n /\n Clears the token from the session state.\n /\n clearToken() {\n this._store.setState({ ...this._store.getState(), token: undefined })\n }\n\n /\n Clears the token and user from the session state.\n /\n clearAll() {\n this.clearToken()\n this.clearUser()\n this.clearBundle()\n this.clearType()\n }\n\n private _getInitialState(): SessionState {\n return {\n type: undefined,\n user: undefined,\n bundle: undefined,\n token: undefined,\n }\n }\n}\n\nexport { SessionType, SessionStore }\nexport type { SessionState }\n","import { SessionType } from '../../session/index.js'\nimport type {\n WebSignerClient,\n EmailInitializeAuthParams,\n CompleteAuthWithBundleParams,\n} from '../../signer/web.js'\n\n/\n A module for interacting with the Email authentication methods.\n * Available through the `auth.email` property on a `FourtWebSigner` instance.\n /\nclass EmailModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Initialize user authentication process using email.\n \n @param params {EmailInitializeAuthParams} params to initialize the user authentication process.\n * @returns {Promise<void>} promise that resolves to the result of the authentication process.\n /\n async initialize(params: EmailInitializeAuthParams): Promise<void> {\n return this._webSignerClient.emailAuth(params)\n }\n\n /\n Completes authentication with bundle after user receives the bundle and subOrgId as URL params.\n \n @param params {CompleteAuthWithBundleParams} params received as URL params necessary to complete authentication process.\n * @returns {Promise<void>} promise that completes the authentication process.\n /\n async complete(\n params: Pick<CompleteAuthWithBundleParams, 'subOrgId' \| 'bundle'>,\n ): Promise<void> {\n return this._webSignerClient.completeAuthWithBundle({\n ...params,\n sessionType: SessionType.Email,\n })\n }\n}\n\nexport { EmailModule }\n","import type { WebSignerClient, WebauthnSignInParams } from '../../signer/web.js'\n\n/\n A module for interacting with the Passkeys authentication methods.\n * Available through the `auth.passkeys` property on a `FourtWebSigner` instance.\n /\nclass PasskeysModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Signs in a user using Passkeys.\n \n @param params {WebauthnSignInParams} params for the sign-in process.\n * @returns {Promise<void>} promise that resolves to the result of the sign-in process.\n /\n async signIn(params: WebauthnSignInParams) {\n return this._webSignerClient.webauthnSignIn(params)\n }\n}\n\nexport { PasskeysModule }\n","import as jose from 'jose'\nimport { sha256 } from 'sha.js'\nimport type { WebSignerClient } from '../../../signer/web.js'\n\nclass GoogleModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /*\n \n * @returns\n /\n async init(): Promise<string> {\n const initUrl = await this._webSignerClient.getOAuthInitUrl('google')\n\n const url = new URL(initUrl)\n\n const internalUrl = new URL(\n 'v1/oauth/google',\n this._webSignerClient.configuration.apiUrl,\n ).href\n url.searchParams.set('redirect_uri', internalUrl)\n\n const publicKey = await this._webSignerClient.getIframePublicKey()\n\n const nonce = new sha256().update(publicKey).digest('hex')\n url.searchParams.set('nonce', nonce)\n\n const state = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n url.searchParams.set('state', state)\n\n return url.toString()\n }\n}\n\nexport { GoogleModule }\n","type SDKErrorProps = {\n message: string\n}\n\nabstract class SDKError extends Error {\n private readonly _props: SDKErrorProps\n\n constructor(message: string, props: SDKErrorProps) {\n super(message)\n this._props = props\n }\n\n get message() {\n return this._props.message\n }\n}\n\nexport { SDKError }\nexport type { SDKErrorProps }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass BadRequestError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(BadRequestError.name, props)\n }\n}\n\nexport { BadRequestError }\n","import { BadRequestError } from '../../../errors/BadRequestError.js'\nimport { WebSignerClient } from '../../../signer/web.js'\nimport as jose from 'jose'\n\nclass FacebookModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n async init(): Promise<string> {\n const publicKey = await this._webSignerClient.getIframePublicKey()\n const internalUrl = new URL(\n 'v1/oauth/facebook',\n this._webSignerClient.configuration.apiUrl,\n ).href\n\n const jwt = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n\n const response = await fetch(internalUrl, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n state: jwt,\n }),\n })\n\n if (!response.ok) {\n throw new BadRequestError({\n message: `Failed to create OAuth state. Error: ${response.statusText}`,\n })\n }\n\n const { authUrl } = await response.json()\n if (!authUrl) {\n throw new BadRequestError({\n message: response.statusText,\n })\n }\n\n return authUrl\n }\n}\n\nexport { FacebookModule }\n","import * as jose from 'jose'\nimport { sha256 } from 'sha.js'\nimport type { WebSignerClient } from '../../../signer/web.js'\n\nclass AppleModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /*\n \n * @returns\n /\n async init(): Promise<string> {\n const initUrl = await this._webSignerClient.getOAuthInitUrl('apple')\n\n const url = new URL(initUrl)\n\n const internalUrl = new URL(\n 'v1/oauth/apple',\n this._webSignerClient.configuration.apiUrl,\n ).href\n url.searchParams.set('redirect_uri', internalUrl)\n\n const publicKey = await this._webSignerClient.getIframePublicKey()\n\n const nonce = new sha256().update(publicKey).digest('hex')\n url.searchParams.set('nonce', nonce)\n\n const state = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n url.searchParams.set('state', state)\n\n return url.toString()\n }\n}\n\nexport { AppleModule }\n","import { SessionType } from '../../session/index.js'\nimport type { WebSignerClient } from '../../signer/web.js'\nimport { GoogleModule } from './oauth/google.js'\nimport { FacebookModule } from './oauth/facebook.js'\nimport { AppleModule } from './oauth/apple.js'\n\ntype CompleteParams = {\n bundle: string\n subOrgId: string\n}\n\nclass OAuthModule {\n private readonly _googleModule: GoogleModule\n private readonly _facebookModule: FacebookModule\n private readonly _appleModule: AppleModule\n\n constructor(private readonly _webSignerClient: WebSignerClient) {\n this._googleModule = new GoogleModule(this._webSignerClient)\n this._facebookModule = new FacebookModule(this._webSignerClient)\n this._appleModule = new AppleModule(this._webSignerClient)\n }\n\n get google() {\n return this._googleModule\n }\n\n get facebook() {\n return this._facebookModule\n }\n\n get apple() {\n return this._appleModule\n }\n\n async complete({ bundle, subOrgId }: CompleteParams) {\n await this._webSignerClient.completeAuthWithBundle({\n bundle,\n subOrgId,\n sessionType: SessionType.OAuth,\n })\n }\n}\n\nexport { OAuthModule }\n","import type { WebSignerClient } from '../../signer/web.js'\nimport { EmailModule } from './email.js'\nimport { PasskeysModule } from './passkeys.js'\nimport { OAuthModule } from './oauth.js'\n\n/\n A module for interacting with the authentication methods.\n * Available through the `auth` property on a `FourtWebSigner` instance.\n /\nclass AuthModule {\n private readonly _passkeys: PasskeysModule\n private readonly _email: EmailModule\n private readonly _oauth: OAuthModule\n\n /\n Initializes a new instance of the `AuthModule` class.\n \n @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.\n /\n constructor(private readonly _webSignerClient: WebSignerClient) {\n this._passkeys = new PasskeysModule(this._webSignerClient)\n this._email = new EmailModule(this._webSignerClient)\n this._oauth = new OAuthModule(this._webSignerClient)\n }\n\n /\n A module for interacting with the Passkeys authentication methods.\n /\n get passkeys() {\n return this._passkeys\n }\n\n /\n A module for interacting with the Passkeys authentication methods.\n /\n get email() {\n return this._email\n }\n\n get oauth() {\n return this._oauth\n }\n}\n\nexport { AuthModule }\nexport { PasskeysModule } from './passkeys.js'\nexport { EmailModule } from './email.js'\n","import { WebSignerClient } from '../../signer/web.js'\nimport { User } from '../../types/entities.js'\n\n/\n A module for interacting with the user methods.\n * Available through the `user` property on a `FourtWebSigner` instance.\n /\nclass UserModule {\n /\n Initializes a new instance of the `UserModule` class.\n \n @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.\n /\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Retrieves information for the authenticated user.\n * Assumes a user is already logged in, otherwise it will throw an error.\n /\n async getInfo(): Promise<User> {\n return this._webSignerClient.getUser()\n }\n\n /\n Checks if a user is currently logged in to the fourt.io SDK.\n /\n async isLoggedIn(): Promise<boolean> {\n return this._webSignerClient.isLoggedIn()\n }\n\n /\n Generates an access token with a lifespan of 15 minutes.\n * Assumes a user is already logged in, otherwise it will throw an error.\n /\n async getToken(): Promise<string> {\n return this._webSignerClient.getToken()\n }\n\n /\n Logs out the user.\n /\n async logout(): Promise<void> {\n return this._webSignerClient.logout()\n }\n}\n\nexport { UserModule }\n","import { getWebAuthnAttestation } from '@turnkey/http'\nimport { IframeStamper } from '@turnkey/iframe-stamper'\nimport { WebauthnStamper } from '@turnkey/webauthn-stamper'\nimport { LibBase64 } from '../lib/base64.js'\nimport { LibBytes } from '../lib/bytes.js'\nimport { SessionType } from '../session/index.js'\nimport {\n type SignerClientInheritedConstructorParams,\n SignerClient,\n} from './index.js'\n\ntype WebauthnSignInParams = {\n email: string\n}\n\n// When user starts auth with email - can be either a signup or a signin\ntype EmailInitializeAuthParams = {\n email: string\n redirectUrl: string\n expirationSeconds?: number // Defaults to 15 minutes by Turnkey\n}\n\n// * When user completes auth with bundle\ntype CompleteAuthWithBundleParams = {\n bundle: string\n subOrgId: string\n sessionType: SessionType\n isNewUser?: boolean\n}\n\ntype GoogleOAuthSignInParams = {\n credential: string\n clientId: string\n}\n\nexport type OAuthConfiguration = {\n common: {\n redirectUrl: string\n }\n}\n\ntype WebSignerClientConstructorParams = SignerClientInheritedConstructorParams<{\n webauthn: {\n rpId: string\n }\n iframe?: {\n iframeElementId?: string\n iframeContainerId?: string\n }\n oauth?: OAuthConfiguration\n}>\n\ntype CreateAccountParams =\n \| ({\n method: 'webauthn'\n } & WebauthnSignInParams)\n \| ({\n method: 'email'\n } & EmailInitializeAuthParams)\n\n/*\n A signer client for web applications.\n /\nclass WebSignerClient extends SignerClient {\n private iframeStamper: IframeStamper\n private webauthnStamper: WebauthnStamper\n iframeConfig: {\n iframeElementId: string\n iframeContainerId: string\n }\n\n readonly oauthConfiguration: WebSignerClientConstructorParams['oauth']\n\n /\n Initializes a new instance of the `WebSignerClient` class.\n \n @param {WebSignerClientConstructorParams} params params for the constructor\n /\n constructor({\n configuration,\n webauthn,\n iframe,\n oauth,\n }: WebSignerClientConstructorParams) {\n const iframeConfig = {\n iframeElementId: iframe?.iframeElementId ?? 'turnkey-iframe',\n iframeContainerId: iframe?.iframeContainerId ?? 'signer-iframe-container',\n }\n\n const iframeContainer = document.createElement('div')\n iframeContainer.id = iframeConfig.iframeContainerId\n iframeContainer.style.display = 'none'\n document.body.appendChild(iframeContainer)\n\n const iframeStamper = new IframeStamper({\n iframeUrl: 'https://auth.turnkey.com',\n iframeElementId: iframeConfig.iframeElementId,\n iframeContainer: document.getElementById(iframeConfig.iframeContainerId),\n })\n\n super({\n stamper: iframeStamper, // Initialized to iframeStamper; can be either webauthnStamper or iframeStamper\n configuration: configuration,\n })\n\n this.iframeStamper = iframeStamper\n this.iframeConfig = iframeConfig\n this.webauthnStamper = new WebauthnStamper({ rpId: webauthn.rpId })\n\n this.oauthConfiguration = oauth\n }\n\n public override async logout() {\n super.logout()\n\n this.iframeStamper.clear()\n\n // In the latest TK iframe-stamper version, an IframeStamper\n // instance becomes unusable after being cleared, so a new\n // instance must be created.\n const stamper = new IframeStamper({\n iframeUrl: 'https://auth.turnkey.com',\n iframeElementId: this.iframeConfig.iframeElementId,\n iframeContainer: document.getElementById(\n this.iframeConfig.iframeContainerId,\n ),\n })\n this.iframeStamper = stamper\n await this._initIframeStamper()\n }\n\n public override async signRawMessage<Into extends string>(\n msg: string,\n ): Promise<Into> {\n await this._updateStamper()\n return super.signRawMessage(msg)\n }\n\n /\n Get the pre-filled URL for initiating oauth with a specific provider.\n \n @param {string} provider provider for which we are getting the URL, currently google or apple\n /\n public async getOAuthInitUrl(provider: string) {\n const { url } = await this.request('/v1/oauth/init', {\n provider,\n })\n\n return url\n }\n\n /\n Signs in a user with webauthn.\n \n @param {WebauthnSignInParams} params params for the sign in\n /\n public async webauthnSignIn({ email }: WebauthnSignInParams) {\n const existingUserSubOrgId = await this.lookUpUser(email)\n\n if (!existingUserSubOrgId) {\n await this._createAccount({ method: 'webauthn', email })\n } else {\n this.stamper = this.webauthnStamper\n await this.whoAmI(existingUserSubOrgId)\n\n this._sessionStore.type = SessionType.Passkeys\n\n // We should assure that the user and its credentialId are set\n if (!this._sessionStore.user \|\| !this._sessionStore.user.credentialId) {\n return\n }\n\n this.webauthnStamper.allowCredentials = [\n {\n id: LibBase64.toBuffer(this._sessionStore.user.credentialId),\n type: 'public-key',\n transports: ['internal', 'usb'],\n },\n ]\n }\n }\n\n /\n Handle auth user process with email.\n \n @param {EmailInitializeAuthParams} params Params needed for the initialization of the auth process\n /\n public async emailAuth(params: EmailInitializeAuthParams) {\n const existingUserSubOrgId = await this.lookUpUser(params.email)\n\n if (!existingUserSubOrgId) {\n await this._createAccount({ method: 'email', ...params })\n } else {\n await this._signInWithEmail(params)\n }\n }\n\n public async getIframePublicKey() {\n return await this._initIframeStamper()\n }\n\n /\n Completes the authentication process with a credential bundle.\n \n @param {CompleteAuthWithBundleParams} params params for the completion of the auth process\n /\n public async completeAuthWithBundle({\n bundle,\n subOrgId,\n sessionType,\n }: CompleteAuthWithBundleParams): Promise<void> {\n await this._initIframeStamper()\n\n const result = await this.iframeStamper.injectCredentialBundle(bundle)\n\n if (!result) {\n throw new Error('Failed to inject credential bundle')\n }\n\n await this.whoAmI(subOrgId)\n\n this._sessionStore.type = sessionType\n this._sessionStore.bundle = bundle\n }\n\n /\n Checks for an existing session and if exists, updates the stamper accordingly.\n /\n private async _updateStamper() {\n // User is not signed in\n if (\n this._sessionStore.type === undefined &&\n (this._sessionStore.bundle === undefined \|\|\n this._sessionStore.token === undefined)\n )\n return\n if (this._sessionStore.type === SessionType.Passkeys) {\n this.stamper = this.webauthnStamper\n } else {\n this.stamper = this.iframeStamper\n // We need to inject the credential bundle\n // Otherwise the user will not be able to sign\n await this.completeAuthWithBundle({\n bundle: this._sessionStore.bundle!,\n subOrgId: this._sessionStore.user?.subOrgId!,\n sessionType: this._sessionStore.type!,\n })\n }\n }\n\n /\n Signs in a user with email.\n \n @param {EmailInitializeAuthParams} params params for the sign in\n /\n private async _signInWithEmail({\n email,\n expirationSeconds,\n redirectUrl,\n }: EmailInitializeAuthParams) {\n return this.request('/v1/email-auth', {\n email,\n targetPublicKey: await this.getIframePublicKey(),\n expirationSeconds,\n redirectUrl: redirectUrl.toString(),\n })\n }\n\n /\n Creates a passkey account using the webauthn stamper.\n \n @param {Extract<CreateAccountParams, { method: 'webauthn' }>} params params for the creation of the account\n /\n private async _createWebauthnAccount(\n params: Extract<CreateAccountParams, { method: 'webauthn' }>,\n ) {\n const { challenge, attestation } = await this._webauthnGenerateAttestation(\n params.email,\n )\n\n const { user, token, csrfToken } = await this.request('/v1/signup', {\n passkey: {\n challenge: LibBase64.fromBuffer(challenge),\n attestation,\n },\n email: params.email,\n })\n\n this._sessionStore.user = {\n ...user,\n credentialId: attestation.credentialId,\n }\n this._sessionStore.type = SessionType.Passkeys\n // Tokens are always returned on passkey signup\n this._sessionStore.token = token!\n this._sessionStore.csrfToken = csrfToken!\n this._scheduleRefresh(token!)\n }\n\n /\n Creates an email account using the iframe stamper.\n \n @param {Extract<CreateAccountParams, { method: 'email' }>} params params for the creation of the account\n /\n private async _createEmailAccount(\n params: Extract<CreateAccountParams, { method: 'email' }>,\n ) {\n const { email, expirationSeconds, redirectUrl } =\n params as EmailInitializeAuthParams\n\n const response = await this.request('/v1/signup', {\n email,\n iframe: {\n targetPublicKey: await this.getIframePublicKey(),\n expirationSeconds,\n redirectUrl: redirectUrl.toString(),\n },\n })\n\n return response\n }\n\n /\n Handle the account creation process.\n \n @param {CreateAccountParams} params params to create an account\n /\n private async _createAccount(params: CreateAccountParams) {\n switch (params.method) {\n case 'webauthn': {\n await this._createWebauthnAccount(params)\n break\n }\n case 'email': {\n await this._createEmailAccount(params)\n break\n }\n }\n }\n\n private async _webauthnGenerateAttestation(email: string) {\n const challenge = LibBytes.generateRandomBuffer()\n const authenticatorUserId = LibBytes.generateRandomBuffer()\n\n const attestation = await getWebAuthnAttestation({\n publicKey: {\n authenticatorSelection: {\n residentKey: 'preferred',\n requireResidentKey: false,\n userVerification: 'preferred',\n },\n challenge,\n rp: {\n id: window.location.hostname,\n name: window.location.hostname,\n },\n pubKeyCredParams: [\n {\n type: 'public-key',\n alg: -7,\n },\n {\n type: 'public-key',\n alg: -257,\n },\n ],\n user: {\n id: authenticatorUserId,\n name: email,\n displayName: email,\n },\n },\n })\n\n return { challenge, attestation, authenticatorUserId }\n }\n\n private async _initIframeStamper() {\n if (!this.iframeStamper.publicKey()) {\n await this.iframeStamper.init()\n }\n\n this.stamper = this.iframeStamper\n\n return this.iframeStamper.publicKey()!\n }\n}\n\nexport { WebSignerClient }\nexport type {\n CompleteAuthWithBundleParams,\n CreateAccountParams,\n EmailInitializeAuthParams,\n GoogleOAuthSignInParams,\n WebauthnSignInParams,\n WebSignerClientConstructorParams,\n}\n","import { Buffer } from 'buffer'\n\nclass LibBase64 {\n static fromBuffer(buffer: ArrayBuffer): string {\n return Buffer.from(buffer)\n .toString('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '')\n }\n\n static toBuffer(base64: string): ArrayBuffer {\n return Buffer.from(base64, 'base64').buffer\n }\n}\n\nexport { LibBase64 }\n","type TakeBytesParams = Partial<{\n count: number\n offset: number\n}>\n\ntype ByteString = `0x${string}`\n\nclass LibBytes {\n static generateRandomBuffer = (): ArrayBuffer => {\n const arr = new Uint8Array(32)\n crypto.getRandomValues(arr)\n return arr.buffer\n }\n\n static takeBytes = (\n bytes: ByteString,\n params: TakeBytesParams = {},\n ): ByteString => {\n const { offset, count } = params\n const start = (offset ? offset 2 : 0) + 2 // add 2 to skip the 0x prefix\n const end = count ? start + count * 2 : undefined\n\n return `0x${bytes.slice(start, end)}`\n }\n}\n\nexport { LibBytes }\n","import { TurnkeyClient } from '@turnkey/http'\nimport {\n BadRequestError,\n GenericError,\n NotFoundError,\n UnauthorizedError,\n} from '../errors/index.js'\nimport { SDKError } from '../errors/SDKError.js'\nimport { SessionStore } from '../session/index.js'\nimport { APIResponse } from '../types/rest.js'\nimport {\n AuthenticationServiceBody,\n AuthenticationServiceResponse,\n AuthenticationServiceRoutes,\n ROUTE_METHOD_MAP,\n} from '../types/routes.js'\nimport { jwtDecode, JwtPayload } from 'jwt-decode'\nimport { differenceInMilliseconds, isBefore, subMinutes } from 'date-fns'\n\ntype SignerClientConfiguration = {\n apiKey: string\n apiUrl?: string\n paymasterRpcUrl?: string\n}\n\ntype SignerClientConstructorParams = {\n stamper: TurnkeyClient['stamper']\n configuration: SignerClientConfiguration\n}\n\ntype SignerClientInheritedConstructorParams<\n Extended extends Record<string, unknown>,\n> = Pick<SignerClientConstructorParams, 'configuration'> & Extended\n\nabstract class SignerClient {\n protected readonly _turnkeyClient: TurnkeyClient\n protected readonly _configuration: Required<\n SignerClientConstructorParams['configuration']\n >\n protected readonly _sessionStore: SessionStore\n\n private _refreshPromise?: Promise<void>\n private _refreshTimer?: ReturnType<typeof setTimeout>\n\n constructor({\n stamper,\n configuration: { apiUrl, paymasterRpcUrl, ...requiredConfiguration },\n }: SignerClientConstructorParams) {\n this._turnkeyClient = new TurnkeyClient(\n { baseUrl: 'https://api.turnkey.com' },\n stamper,\n )\n\n this._configuration = {\n ...requiredConfiguration,\n apiUrl: apiUrl ?? 'https://auth.api.fourt.io/',\n paymasterRpcUrl: paymasterRpcUrl ?? 'https://management.api.fourt.io/',\n }\n\n this._sessionStore = new SessionStore()\n }\n\n get configuration(): Required<SignerClientConfiguration> {\n return this._configuration\n }\n\n public async getUser() {\n if (this._sessionStore.user) return this._sessionStore.user\n\n try {\n const user = await this.request('/v1/me')\n this._sessionStore.user = user\n return user\n } catch (error) {\n // If unauthorized, try to refresh token and retry once\n if (error instanceof UnauthorizedError) {\n try {\n await this._refreshToken()\n const user = await this.request('/v1/me')\n this._sessionStore.user = user\n return user\n } catch (error) {\n throw error\n }\n }\n throw error\n }\n }\n\n public async isLoggedIn() {\n const token = this._sessionStore.token\n\n // If we have a token and it's still valid, we're logged in\n if (token && !this._isTokenExpired(token)) return true\n\n // Otherwise try to refresh (covers no token and expired token)\n try {\n await this._refreshToken()\n return !!this._sessionStore.token\n } catch {\n return false\n }\n }\n\n public async getToken(): Promise<string> {\n // Try to use existing token\n if (!this._sessionStore.token) {\n // No token: attempt refresh (may throw)\n try {\n await this._refreshToken()\n } catch {\n throw new UnauthorizedError({\n message: 'No token found, user might not be logged in',\n })\n }\n } else if (this._isTokenExpired(this._sessionStore.token)) {\n // Token expired: attempt refresh (may throw)\n try {\n await this._refreshToken()\n } catch {\n throw new UnauthorizedError({\n message: 'Token expired and refresh failed',\n })\n }\n }\n\n const token = this._sessionStore.token\n if (!token) {\n throw new UnauthorizedError({\n message: 'No token found, user might not be logged in',\n })\n }\n return token\n }\n\n private _isTokenExpired(token: string): boolean {\n try {\n const decoded = jwtDecode<JwtPayload>(token)\n if (decoded.exp) {\n return decoded.exp * 1000 <= Date.now()\n }\n return true // If no exp claim, consider it expired\n } catch {\n return true // If token is malformed, consider it expired\n }\n }\n\n public async logout() {\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n this._refreshTimer = undefined\n await this.request('/v1/logout')\n this._sessionStore.clearAll()\n }\n\n public async signRawMessage<Into extends string>(msg: string): Promise<Into> {\n if (!this._sessionStore.token \|\| !this._sessionStore.user) {\n throw new UnauthorizedError({\n message: 'SignerClient must be authenticated to sign a message',\n })\n }\n\n const stampedRequest = await this._turnkeyClient.stampSignRawPayload({\n organizationId: this._sessionStore.user.subOrgId,\n type: 'ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2',\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: 'PAYLOAD_ENCODING_HEXADECIMAL',\n hashFunction: 'HASH_FUNCTION_NO_OP',\n payload: msg,\n signWith: this._sessionStore.user.walletAddress,\n },\n })\n\n const { signature } = await this.request('/v1/sign', {\n stampedRequest,\n })\n\n return <Into>signature\n }\n\n protected set stamper(stamper: TurnkeyClient['stamper']) {\n this._turnkeyClient.stamper = stamper\n }\n\n protected get stamper(): TurnkeyClient['stamper'] {\n return this._turnkeyClient.stamper\n }\n\n protected async lookUpUser(email: string): Promise<string \| null> {\n try {\n const { subOrgId } = await this.request('/v1/lookup', { email })\n return subOrgId\n } catch (error) {\n if (!(error instanceof SDKError)) throw error\n\n const sdkError: SDKError = error\n\n switch (sdkError.constructor.name) {\n case NotFoundError.name: {\n return null\n }\n default: {\n throw sdkError\n }\n }\n }\n }\n\n protected async whoAmI(subOrgId?: string) {\n const orgId = subOrgId \|\| this._sessionStore.user?.subOrgId\n\n if (!orgId) throw new BadRequestError({ message: 'No orgId provided' })\n\n const stampedRequest = await this._turnkeyClient.stampGetWhoami({\n organizationId: orgId,\n })\n\n const { user, token, csrfToken } = await this.request('/v1/signin', {\n stampedRequest,\n })\n\n const credentialId = (() => {\n try {\n return JSON.parse(stampedRequest?.stamp.stampHeaderValue)\n .credentialId as string\n } catch (e) {\n return undefined\n }\n })()\n\n this._sessionStore.user = {\n ...user,\n credentialId: credentialId,\n }\n this._sessionStore.token = token\n this._sessionStore.csrfToken = csrfToken\n this._scheduleRefresh(token)\n }\n\n protected async request<Route extends AuthenticationServiceRoutes>(\n route: Route,\n body?: AuthenticationServiceBody<Route>,\n ): Promise<AuthenticationServiceResponse<Route>> {\n const url = new URL(`${route}`, this._configuration.apiUrl)\n const token = this._sessionStore.token\n const csrfToken = this._sessionStore.csrfToken\n\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'X-FOURT-KEY': this._configuration.apiKey,\n }\n\n if (token) {\n headers['Authorization'] = `Bearer ${token}`\n }\n\n if (csrfToken) {\n headers['X-CSRF-Token'] = csrfToken\n }\n\n const response = await fetch(url, {\n method: ROUTE_METHOD_MAP[route],\n body: JSON.stringify(body),\n headers,\n credentials: 'include',\n })\n\n const { data, error } = (await response.json()) as APIResponse<\n AuthenticationServiceResponse<Route>\n >\n\n if (error) {\n switch (error.kind) {\n case 'UnauthorizedError': {\n throw new UnauthorizedError({ message: error.message })\n }\n case 'NotFoundError': {\n throw new NotFoundError({ message: error.message })\n }\n case 'BadRequestError': {\n throw new BadRequestError({ message: error.message })\n }\n default: {\n throw new GenericError({ message: error.message })\n }\n }\n }\n\n return { ...data } as AuthenticationServiceResponse<Route>\n }\n\n protected _scheduleRefresh(token: string) {\n try {\n const decoded = jwtDecode<JwtPayload>(token)\n if (!decoded.exp) return\n\n const expiryDate = new Date(decoded.exp * 1000)\n const refreshDate = subMinutes(expiryDate, 2) // refresh 2min early\n\n // If the refresh time is already past, run immediately\n const delay = isBefore(refreshDate, new Date())\n ? 0\n : differenceInMilliseconds(refreshDate, new Date())\n\n // Clear previous timer to avoid duplicates\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n\n // Schedule refresh\n this._refreshTimer = setTimeout(() => {\n this._refreshTimer = undefined\n this._refreshToken()\n }, delay)\n } catch {\n // ignore errors\n }\n }\n\n private async _refreshToken(): Promise<void> {\n if (this._refreshPromise) return this._refreshPromise\n\n // Keep a reference so callers can await the same promise\n this._refreshPromise = (async () => {\n const TIMEOUT_MS = 10_000\n const RETRY_DELAY_MS = 5_000\n\n try {\n // Check if csrfToken is in memory, if not get a new one\n if (!this._sessionStore.csrfToken) {\n const { csrfToken } = await this.request('/v1/csrf-token')\n this._sessionStore.csrfToken = csrfToken\n }\n\n // Avoid hanging indefinitely by racing the request with a timeout\n const refreshPromise = this.request('/v1/refresh')\n const data = await Promise.race([\n refreshPromise,\n new Promise<never>((_, reject) =>\n setTimeout(() => reject(new Error('Refresh timeout')), TIMEOUT_MS),\n ),\n ])\n\n if (!data \|\| !data.token \|\| !data.csrfToken) {\n // Treat missing tokens as auth failure\n throw new UnauthorizedError({\n message: 'Refresh did not return tokens',\n })\n }\n\n this._sessionStore.token = data.token\n this._sessionStore.csrfToken = data.csrfToken\n this._scheduleRefresh(data.token)\n } catch (error) {\n // On auth errors, clear session to avoid repeated failing retries\n if (error instanceof UnauthorizedError) {\n try {\n this._sessionStore.clearAll()\n } catch {\n // ignore errors\n }\n throw error\n }\n\n // Transient error: schedule a retry (non-blocking) and rethrow so callers know it failed\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n const MAX_RETRIES = 5\n let retryCount = 0\n\n // We schedule a background retry after RETRY_DELAY_MS using setTimeout\n this._refreshTimer = setTimeout(() => {\n this._refreshTimer = undefined\n void this._refreshToken().catch(() => {\n // Increments retryCount and, if still under MAX_RETRIES, schedules\n // another retry using exponential backoff (capped at 60s)\n retryCount++\n if (retryCount <= MAX_RETRIES) {\n const nextDelay = Math.min(\n RETRY_DELAY_MS * 2 ** (retryCount - 1),\n 60_000,\n )\n this._refreshTimer = setTimeout(() => {\n // When the timer fires we clear the stored id and call _refreshToken() in a\n // fire-and-forget manner (void ... .catch(...)) so the retry runs asynchronously\n // and doesn't block or change the control flow of the original caller.\n this._refreshTimer = undefined\n void this._refreshToken().catch(() => {})\n }, nextDelay)\n }\n })\n }, RETRY_DELAY_MS)\n\n throw error\n } finally {\n this._refreshPromise = undefined\n }\n })()\n\n return this._refreshPromise\n }\n}\n\nexport { SignerClient }\nexport type {\n SignerClientConstructorParams,\n SignerClientInheritedConstructorParams,\n}\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass UnauthorizedError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(UnauthorizedError.name, props)\n }\n}\n\nexport { UnauthorizedError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass NotFoundError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(NotFoundError.name, props)\n }\n}\n\nexport { NotFoundError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass GenericError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(GenericError.name, props)\n }\n}\n\nexport { GenericError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass UnauthenticatedError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(UnauthenticatedError.name, props)\n }\n}\n\nexport { UnauthenticatedError }\n","import { getWebAuthnAttestation, TSignedRequest } from '@turnkey/http'\nimport { User } from './entities.js'\nimport { AtLeastOne } from './string.js'\n\ntype AuthenticationServiceRoutes =\n AuthenticationServiceEndpoints[number]['Route']\n\ntype AuthenticationServiceBody<Route extends AuthenticationServiceRoutes> =\n Extract<AuthenticationServiceEndpoints[number], { Route: Route }>['Body']\n\ntype AuthenticationServiceResponse<Route extends AuthenticationServiceRoutes> =\n Extract<AuthenticationServiceEndpoints[number], { Route: Route }>['Response']\n\ntype AuthenticationServiceEndpoints = [\n {\n Route: '/v1/email-auth'\n Body: {\n email: string\n targetPublicKey: string\n redirectUrl: string\n expirationSeconds?: number\n }\n Response: {\n subOrgId: string\n }\n },\n {\n Route: '/v1/signup'\n Body: AtLeastOne<{\n passkey: {\n challenge: string\n attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>\n }\n iframe: {\n targetPublicKey: string\n redirectUrl: string\n expirationSeconds?: number\n }\n }> & { email: string }\n Response: {\n user: User\n token?: string\n csrfToken?: string\n }\n },\n {\n Route: '/v1/lookup'\n Body: {\n email: string\n }\n Response: {\n subOrgId: string\n }\n },\n {\n Route: '/v1/signin'\n Body: {\n stampedRequest: TSignedRequest\n }\n Response: {\n user: User\n token: string\n csrfToken: string\n }\n },\n {\n Route: '/v1/sign'\n Body: {\n stampedRequest: TSignedRequest\n }\n Response: {\n signature: string\n }\n },\n {\n Route: '/v1/oauth/init'\n Body: {\n provider: string\n }\n Response: {\n url: string\n }\n },\n {\n Route: '/v1/refresh'\n Body: {}\n Response: {\n token: string\n csrfToken: string\n }\n },\n {\n Route: '/v1/csrf-token'\n Body: {}\n Response: {\n csrfToken: string\n }\n },\n {\n Route: '/v1/logout'\n Body: {}\n Response: {}\n },\n {\n Route: '/v1/me'\n Body: {}\n Response: User\n },\n]\n\nconst ROUTE_METHOD_MAP = {\n '/v1/signup': 'POST',\n '/v1/email-auth': 'POST',\n '/v1/lookup': 'POST',\n '/v1/signin': 'POST',\n '/v1/sign': 'POST',\n '/v1/oauth/init': 'POST',\n '/v1/refresh': 'POST',\n '/v1/csrf-token': 'GET',\n '/v1/logout': 'POST',\n '/v1/me': 'GET',\n} satisfies Record<AuthenticationServiceRoutes, 'POST' \| 'GET'>\n\nexport type {\n AuthenticationServiceEndpoints,\n AuthenticationServiceResponse,\n AuthenticationServiceBody,\n AuthenticationServiceRoutes,\n}\n\nexport { ROUTE_METHOD_MAP }\n","import {\n type Chain,\n type Client,\n type GetTransactionType,\n type Hex,\n type IsNarrowable,\n type JsonRpcAccount,\n type LocalAccount,\n type TypedData,\n type TypedDataDefinition,\n type SignableMessage,\n type SerializeTransactionFn,\n type TransactionSerializable,\n type TransactionSerialized,\n type Transport,\n hashMessage,\n hashTypedData,\n serializeTransaction,\n keccak256,\n hexToBigInt,\n http,\n} from 'viem'\nimport { toAccount } from 'viem/accounts'\nimport { SignerClient } from '../signer/index.js'\nimport { LibBytes } from '../lib/bytes.js'\nimport { toLightSmartAccount } from 'permissionless/accounts'\nimport {\n createPaymasterClient,\n entryPoint07Address,\n} from 'viem/account-abstraction'\nimport { UnauthenticatedError } from '../errors/UnauthenticatedError.js'\n\ntype CurrentUserToLightSmartAccountParams = {\n owner: LocalAccount\n client: Client<\n Transport,\n Chain \| undefined,\n JsonRpcAccount \| LocalAccount \| undefined\n >\n}\n\nclass ViemModule {\n constructor(private readonly _signerClient: SignerClient) {}\n\n async toLocalAccount(): Promise<LocalAccount> {\n const user = await this._signerClient.getUser()\n\n if (!user) {\n throw new UnauthenticatedError({ message: 'Signer not authenticated' })\n }\n\n return toAccount({\n address: user.walletAddress,\n signMessage: ({ message }) => this.signMessage(message),\n signTypedData: <\n const typedData extends TypedData \| Record<string, unknown>,\n primaryType extends keyof typedData \| 'EIP712Domain' = keyof typedData,\n >(\n typedDataDefinition: TypedDataDefinition<typedData, primaryType>,\n ) => this.signTypedData<typedData, primaryType>(typedDataDefinition),\n signTransaction: this.signTransaction,\n })\n }\n\n async toSmartAccount({\n client,\n owner,\n }: CurrentUserToLightSmartAccountParams): ReturnType<\n typeof toLightSmartAccount<'0.7'>\n > {\n const user = await this._signerClient.getUser()\n\n if (!user) {\n throw new UnauthenticatedError({ message: 'Signer not authenticated' })\n }\n\n return toLightSmartAccount({\n client,\n owner,\n version: '2.0.0',\n entryPoint: {\n address: entryPoint07Address,\n version: '0.7',\n },\n address: user.smartAccountAddress,\n index: hexToBigInt(user.salt),\n })\n }\n\n async getPaymasterClient() {\n const url = new URL(\n `v1/rpc?apiKey=${this._signerClient.configuration.apiKey}`,\n this._signerClient.configuration.paymasterRpcUrl,\n )\n return createPaymasterClient({\n transport: http(url.toString()),\n })\n }\n\n async signMessage(msg: SignableMessage): Promise<Hex> {\n const messageHash = hashMessage(msg)\n const result = await this._signerClient.signRawMessage<Hex>(messageHash)\n return result\n }\n\n async signTypedData<\n TTypedData extends TypedData \| Record<string, unknown>,\n TPrimaryType extends keyof TTypedData \| 'EIP712Domain' = keyof TTypedData,\n >(params: TypedDataDefinition<TTypedData, TPrimaryType>): Promise<Hex> {\n const messageHash = hashTypedData(params)\n return this._signerClient.signRawMessage(messageHash)\n }\n\n async signTransaction<\n serializer extends SerializeTransactionFn<TransactionSerializable> = SerializeTransactionFn<TransactionSerializable>,\n transaction extends Parameters<serializer>[0] = Parameters<serializer>[0],\n >(\n transaction: transaction,\n options?:\n \| {\n serializer?: serializer \| undefined\n }\n \| undefined,\n ): Promise<\n IsNarrowable<\n TransactionSerialized<GetTransactionType<transaction>>,\n Hex\n > extends true\n ? TransactionSerialized<GetTransactionType<transaction>>\n : Hex\n > {\n const serializeFn = options?.serializer ?? serializeTransaction\n const serializedTx = await serializeFn(transaction)\n const signatureHex = await this._signerClient.signRawMessage<Hex>(\n keccak256(serializedTx),\n )\n\n const signature = {\n r: LibBytes.takeBytes(signatureHex, { count: 32 }),\n s: LibBytes.takeBytes(signatureHex, { count: 32, offset: 32 }),\n v: BigInt(LibBytes.takeBytes(signatureHex, { count: 1, offset: 64 })),\n }\n\n return serializeFn(transaction, signature)\n }\n}\n\nexport { ViemModule }\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,qBAA2C;AAC3C,wBAA2C;AAuB3C,IAAM,eAAN,MAAmB;AAAA,EACA;AAAA,EAEjB,cAAc;AAGZ,SAAK,aAAS,4BAA0B;AAAA,UACtC,2BAAQ,KAAK,kBAAkB;AAAA,QAC7B,MAAM;AAAA,QACN,aAAS,qCAAkB,MAAM,YAAY;AAAA;AAAA,QAE7C,YAAY,CAAC,WAAW,EAAE,QAAQ,MAAM,QAAQ,MAAM,MAAM,KAAK;AAAA,MACnE,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAgC;AAClC,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,KAAK,MAAmB;AAC1B,SAAK,OAAO,SAAS,EAAE,KAAK,CAAC;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,QAA4B;AAC9B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,MAAM,OAAe;AACvB,SAAK,OAAO,SAAS,EAAE,MAAM,CAAC;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,YAAgC;AAClC,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,UAAU,WAAmB;AAC/B,SAAK,OAAO,SAAS,EAAE,UAAU,CAAC;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,SAA6B;AAC/B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAO,QAAgB;AACzB,SAAK,OAAO,SAAS,EAAE,OAAO,CAAC;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAyB;AAC3B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,KAAK,MAAY;AACnB,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,KAAK,CAAC;AAAA,EAC1D;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY;AACV,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,MAAM,OAAU,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc;AACZ,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,QAAQ,OAAU,CAAC;AAAA,EACvE;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY;AACV,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,MAAM,OAAU,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa;AACX,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,OAAO,OAAU,CAAC;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA,EAKA,WAAW;AACT,SAAK,WAAW;AAChB,SAAK,UAAU;AACf,SAAK,YAAY;AACjB,SAAK,UAAU;AAAA,EACjB;AAAA,EAEQ,mBAAiC;AACvC,WAAO;AAAA,MACL,MAAM;AAAA,MACN,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,OAAO;AAAA,IACT;AAAA,EACF;AACF;;;ACrKA,IAAM,cAAN,MAAkB;AAAA,EAChB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjE,MAAM,WAAW,QAAkD;AACjE,WAAO,KAAK,iBAAiB,UAAU,MAAM;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SACJ,QACe;AACf,WAAO,KAAK,iBAAiB,uBAAuB;AAAA,MAClD,GAAG;AAAA,MACH;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AChCA,IAAM,iBAAN,MAAqB;AAAA,EACnB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjE,MAAM,OAAO,QAA8B;AACzC,WAAO,KAAK,iBAAiB,eAAe,MAAM;AAAA,EACpD;AACF;;;AClBA,WAAsB;AACtB,iBAAuB;AAGvB,IAAM,eAAN,MAAmB;AAAA,EACjB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,OAAwB;AAC5B,UAAM,UAAU,MAAM,KAAK,iBAAiB,gBAAgB,QAAQ;AAEpE,UAAM,MAAM,IAAI,IAAI,OAAO;AAE3B,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AACF,QAAI,aAAa,IAAI,gBAAgB,WAAW;AAEhD,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AAEjE,UAAM,QAAQ,IAAI,kBAAO,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AACzD,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,UAAM,QAAQ,IAAS,kBAAa;AAAA,MAClC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AACV,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;;;AClCA,IAAe,WAAf,cAAgC,MAAM;AAAA,EACnB;AAAA,EAEjB,YAAY,SAAiB,OAAsB;AACjD,UAAM,OAAO;AACb,SAAK,SAAS;AAAA,EAChB;AAAA,EAEA,IAAI,UAAU;AACZ,WAAO,KAAK,OAAO;AAAA,EACrB;AACF;;;ACbA,IAAM,kBAAN,MAAM,yBAAwB,SAAS;AAAA,EACrC,YAAY,OAAsB;AAChC,UAAM,iBAAgB,MAAM,KAAK;AAAA,EACnC;AACF;;;ACJA,IAAAA,QAAsB;AAEtB,IAAM,iBAAN,MAAqB;AAAA,EACnB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA,EAEjE,MAAM,OAAwB;AAC5B,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AACjE,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AAEF,UAAM,MAAM,IAAS,mBAAa;AAAA,MAChC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AAEV,UAAM,WAAW,MAAM,MAAM,aAAa;AAAA,MACxC,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU;AAAA,QACnB,OAAO;AAAA,MACT,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,gBAAgB;AAAA,QACxB,SAAS,wCAAwC,SAAS,UAAU;AAAA,MACtE,CAAC;AAAA,IACH;AAEA,UAAM,EAAE,QAAQ,IAAI,MAAM,SAAS,KAAK;AACxC,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,gBAAgB;AAAA,QACxB,SAAS,SAAS;AAAA,MACpB,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AACF;;;AC7CA,IAAAC,QAAsB;AACtB,IAAAC,cAAuB;AAGvB,IAAM,cAAN,MAAkB;AAAA,EAChB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,OAAwB;AAC5B,UAAM,UAAU,MAAM,KAAK,iBAAiB,gBAAgB,OAAO;AAEnE,UAAM,MAAM,IAAI,IAAI,OAAO;AAE3B,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AACF,QAAI,aAAa,IAAI,gBAAgB,WAAW;AAEhD,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AAEjE,UAAM,QAAQ,IAAI,mBAAO,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AACzD,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,UAAM,QAAQ,IAAS,mBAAa;AAAA,MAClC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AACV,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;;;AC3BA,IAAM,cAAN,MAAkB;AAAA,EAKhB,YAA6B,kBAAmC;AAAnC;AAC3B,SAAK,gBAAgB,IAAI,aAAa,KAAK,gBAAgB;AAC3D,SAAK,kBAAkB,IAAI,eAAe,KAAK,gBAAgB;AAC/D,SAAK,eAAe,IAAI,YAAY,KAAK,gBAAgB;AAAA,EAC3D;AAAA,EARiB;AAAA,EACA;AAAA,EACA;AAAA,EAQjB,IAAI,SAAS;AACX,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,WAAW;AACb,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,SAAS,EAAE,QAAQ,SAAS,GAAmB;AACnD,UAAM,KAAK,iBAAiB,uBAAuB;AAAA,MACjD;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AChCA,IAAM,aAAN,MAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUf,YAA6B,kBAAmC;AAAnC;AAC3B,SAAK,YAAY,IAAI,eAAe,KAAK,gBAAgB;AACzD,SAAK,SAAS,IAAI,YAAY,KAAK,gBAAgB;AACnD,SAAK,SAAS,IAAI,YAAY,KAAK,gBAAgB;AAAA,EACrD;AAAA,EAbiB;AAAA,EACA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA,EAgBjB,IAAI,WAAW;AACb,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AACF;;;ACnCA,IAAM,aAAN,MAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMf,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,UAAyB;AAC7B,WAAO,KAAK,iBAAiB,QAAQ;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAA+B;AACnC,WAAO,KAAK,iBAAiB,WAAW;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAA4B;AAChC,WAAO,KAAK,iBAAiB,SAAS;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAwB;AAC5B,WAAO,KAAK,iBAAiB,OAAO;AAAA,EACtC;AACF;;;AC5CA,IAAAC,eAAuC;AACvC,4BAA8B;AAC9B,8BAAgC;;;ACFhC,oBAAuB;AAEvB,IAAM,YAAN,MAAgB;AAAA,EACd,OAAO,WAAW,QAA6B;AAC7C,WAAO,qBAAO,KAAK,MAAM,EACtB,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AAAA,EACrB;AAAA,EAEA,OAAO,SAAS,QAA6B;AAC3C,WAAO,qBAAO,KAAK,QAAQ,QAAQ,EAAE;AAAA,EACvC;AACF;;;ACPA,IAAM,WAAN,MAAe;AAAA,EACb,OAAO,uBAAuB,MAAmB;AAC/C,UAAM,MAAM,IAAI,WAAW,EAAE;AAC7B,WAAO,gBAAgB,GAAG;AAC1B,WAAO,IAAI;AAAA,EACb;AAAA,EAEA,OAAO,YAAY,CACjB,OACA,SAA0B,CAAC,MACZ;AACf,UAAM,EAAE,QAAQ,MAAM,IAAI;AAC1B,UAAM,SAAS,SAAS,SAAS,IAAI,KAAK;AAC1C,UAAM,MAAM,QAAQ,QAAQ,QAAQ,IAAI;AAExC,WAAO,KAAK,MAAM,MAAM,OAAO,GAAG,CAAC;AAAA,EACrC;AACF;;;ACxBA,kBAA8B;;;ACE9B,IAAM,oBAAN,MAAM,2BAA0B,SAAS;AAAA,EACvC,YAAY,OAAsB;AAChC,UAAM,mBAAkB,MAAM,KAAK;AAAA,EACrC;AACF;;;ACJA,IAAM,gBAAN,MAAM,uBAAsB,SAAS;AAAA,EACnC,YAAY,OAAsB;AAChC,UAAM,eAAc,MAAM,KAAK;AAAA,EACjC;AACF;;;ACJA,IAAM,eAAN,MAAM,sBAAqB,SAAS;AAAA,EAClC,YAAY,OAAsB;AAChC,UAAM,cAAa,MAAM,KAAK;AAAA,EAChC;AACF;;;ACJA,IAAM,uBAAN,MAAM,8BAA6B,SAAS;AAAA,EAC1C,YAAY,OAAsB;AAChC,UAAM,sBAAqB,MAAM,KAAK;AAAA,EACxC;AACF;;;ACwGA,IAAM,mBAAmB;AAAA,EACvB,cAAc;AAAA,EACd,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,cAAc;AAAA,EACd,YAAY;AAAA,EACZ,kBAAkB;AAAA,EAClB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,UAAU;AACZ;;;ALzGA,wBAAsC;AACtC,sBAA+D;AAiB/D,IAAe,eAAf,MAA4B;AAAA,EACP;AAAA,EACA;AAAA,EAGA;AAAA,EAEX;AAAA,EACA;AAAA,EAER,YAAY;AAAA,IACV;AAAA,IACA,eAAe,EAAE,QAAQ,iBAAiB,GAAG,sBAAsB;AAAA,EACrE,GAAkC;AAChC,SAAK,iBAAiB,IAAI;AAAA,MACxB,EAAE,SAAS,0BAA0B;AAAA,MACrC;AAAA,IACF;AAEA,SAAK,iBAAiB;AAAA,MACpB,GAAG;AAAA,MACH,QAAQ,UAAU;AAAA,MAClB,iBAAiB,mBAAmB;AAAA,IACtC;AAEA,SAAK,gBAAgB,IAAI,aAAa;AAAA,EACxC;AAAA,EAEA,IAAI,gBAAqD;AACvD,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAa,UAAU;AACrB,QAAI,KAAK,cAAc,KAAM,QAAO,KAAK,cAAc;AAEvD,QAAI;AACF,YAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ;AACxC,WAAK,cAAc,OAAO;AAC1B,aAAO;AAAA,IACT,SAAS,OAAO;AAEd,UAAI,iBAAiB,mBAAmB;AACtC,YAAI;AACF,gBAAM,KAAK,cAAc;AACzB,gBAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ;AACxC,eAAK,cAAc,OAAO;AAC1B,iBAAO;AAAA,QACT,SAASC,QAAO;AACd,gBAAMA;AAAA,QACR;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAa,aAAa;AACxB,UAAM,QAAQ,KAAK,cAAc;AAGjC,QAAI,SAAS,CAAC,KAAK,gBAAgB,KAAK,EAAG,QAAO;AAGlD,QAAI;AACF,YAAM,KAAK,cAAc;AACzB,aAAO,CAAC,CAAC,KAAK,cAAc;AAAA,IAC9B,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,WAA4B;AAEvC,QAAI,CAAC,KAAK,cAAc,OAAO;AAE7B,UAAI;AACF,cAAM,KAAK,cAAc;AAAA,MAC3B,QAAQ;AACN,cAAM,IAAI,kBAAkB;AAAA,UAC1B,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF,WAAW,KAAK,gBAAgB,KAAK,cAAc,KAAK,GAAG;AAEzD,UAAI;AACF,cAAM,KAAK,cAAc;AAAA,MAC3B,QAAQ;AACN,cAAM,IAAI,kBAAkB;AAAA,UAC1B,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF;AAEA,UAAM,QAAQ,KAAK,cAAc;AACjC,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,kBAAkB;AAAA,QAC1B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,gBAAgB,OAAwB;AAC9C,QAAI;AACF,YAAM,cAAU,6BAAsB,KAAK;AAC3C,UAAI,QAAQ,KAAK;AACf,eAAO,QAAQ,MAAM,OAAQ,KAAK,IAAI;AAAA,MACxC;AACA,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,SAAS;AACpB,QAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AACvD,SAAK,gBAAgB;AACrB,UAAM,KAAK,QAAQ,YAAY;AAC/B,SAAK,cAAc,SAAS;AAAA,EAC9B;AAAA,EAEA,MAAa,eAAoC,KAA4B;AAC3E,QAAI,CAAC,KAAK,cAAc,SAAS,CAAC,KAAK,cAAc,MAAM;AACzD,YAAM,IAAI,kBAAkB;AAAA,QAC1B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AAEA,UAAM,iBAAiB,MAAM,KAAK,eAAe,oBAAoB;AAAA,MACnE,gBAAgB,KAAK,cAAc,KAAK;AAAA,MACxC,MAAM;AAAA,MACN,aAAa,KAAK,IAAI,EAAE,SAAS;AAAA,MACjC,YAAY;AAAA,QACV,UAAU;AAAA,QACV,cAAc;AAAA,QACd,SAAS;AAAA,QACT,UAAU,KAAK,cAAc,KAAK;AAAA,MACpC;AAAA,IACF,CAAC;AAED,UAAM,EAAE,UAAU,IAAI,MAAM,KAAK,QAAQ,YAAY;AAAA,MACnD;AAAA,IACF,CAAC;AAED,WAAa;AAAA,EACf;AAAA,EAEA,IAAc,QAAQ,SAAmC;AACvD,SAAK,eAAe,UAAU;AAAA,EAChC;AAAA,EAEA,IAAc,UAAoC;AAChD,WAAO,KAAK,eAAe;AAAA,EAC7B;AAAA,EAEA,MAAgB,WAAW,OAAuC;AAChE,QAAI;AACF,YAAM,EAAE,SAAS,IAAI,MAAM,KAAK,QAAQ,cAAc,EAAE,MAAM,CAAC;AAC/D,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,EAAE,iBAAiB,UAAW,OAAM;AAExC,YAAM,WAAqB;AAE3B,cAAQ,SAAS,YAAY,MAAM;AAAA,QACjC,KAAK,cAAc,MAAM;AACvB,iBAAO;AAAA,QACT;AAAA,QACA,SAAS;AACP,gBAAM;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAgB,OAAO,UAAmB;AACxC,UAAM,QAAQ,YAAY,KAAK,cAAc,MAAM;AAEnD,QAAI,CAAC,MAAO,OAAM,IAAI,gBAAgB,EAAE,SAAS,oBAAoB,CAAC;AAEtE,UAAM,iBAAiB,MAAM,KAAK,eAAe,eAAe;AAAA,MAC9D,gBAAgB;AAAA,IAClB,CAAC;AAED,UAAM,EAAE,MAAM,OAAO,UAAU,IAAI,MAAM,KAAK,QAAQ,cAAc;AAAA,MAClE;AAAA,IACF,CAAC;AAED,UAAM,gBAAgB,MAAM;AAC1B,UAAI;AACF,eAAO,KAAK,MAAM,gBAAgB,MAAM,gBAAgB,EACrD;AAAA,MACL,SAAS,GAAG;AACV,eAAO;AAAA,MACT;AAAA,IACF,GAAG;AAEH,SAAK,cAAc,OAAO;AAAA,MACxB,GAAG;AAAA,MACH;AAAA,IACF;AACA,SAAK,cAAc,QAAQ;AAC3B,SAAK,cAAc,YAAY;AAC/B,SAAK,iBAAiB,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAgB,QACd,OACA,MAC+C;AAC/C,UAAM,MAAM,IAAI,IAAI,GAAG,KAAK,IAAI,KAAK,eAAe,MAAM;AAC1D,UAAM,QAAQ,KAAK,cAAc;AACjC,UAAM,YAAY,KAAK,cAAc;AAErC,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,MAChB,eAAe,KAAK,eAAe;AAAA,IACrC;AAEA,QAAI,OAAO;AACT,cAAQ,eAAe,IAAI,UAAU,KAAK;AAAA,IAC5C;AAEA,QAAI,WAAW;AACb,cAAQ,cAAc,IAAI;AAAA,IAC5B;AAEA,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ,iBAAiB,KAAK;AAAA,MAC9B,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB;AAAA,MACA,aAAa;AAAA,IACf,CAAC;AAED,UAAM,EAAE,MAAM,MAAM,IAAK,MAAM,SAAS,KAAK;AAI7C,QAAI,OAAO;AACT,cAAQ,MAAM,MAAM;AAAA,QAClB,KAAK,qBAAqB;AACxB,gBAAM,IAAI,kBAAkB,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACxD;AAAA,QACA,KAAK,iBAAiB;AACpB,gBAAM,IAAI,cAAc,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACpD;AAAA,QACA,KAAK,mBAAmB;AACtB,gBAAM,IAAI,gBAAgB,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACtD;AAAA,QACA,SAAS;AACP,gBAAM,IAAI,aAAa,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACnD;AAAA,MACF;AAAA,IACF;AAEA,WAAO,EAAE,GAAG,KAAK;AAAA,EACnB;AAAA,EAEU,iBAAiB,OAAe;AACxC,QAAI;AACF,YAAM,cAAU,6BAAsB,KAAK;AAC3C,UAAI,CAAC,QAAQ,IAAK;AAElB,YAAM,aAAa,IAAI,KAAK,QAAQ,MAAM,GAAI;AAC9C,YAAM,kBAAc,4BAAW,YAAY,CAAC;AAG5C,YAAM,YAAQ,0BAAS,aAAa,oBAAI,KAAK,CAAC,IAC1C,QACA,0CAAyB,aAAa,oBAAI,KAAK,CAAC;AAGpD,UAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AAGvD,WAAK,gBAAgB,WAAW,MAAM;AACpC,aAAK,gBAAgB;AACrB,aAAK,cAAc;AAAA,MACrB,GAAG,KAAK;AAAA,IACV,QAAQ;AAAA,IAER;AAAA,EACF;AAAA,EAEA,MAAc,gBAA+B;AAC3C,QAAI,KAAK,gBAAiB,QAAO,KAAK;AAGtC,SAAK,mBAAmB,YAAY;AAClC,YAAM,aAAa;AACnB,YAAM,iBAAiB;AAEvB,UAAI;AAEF,YAAI,CAAC,KAAK,cAAc,WAAW;AACjC,gBAAM,EAAE,UAAU,IAAI,MAAM,KAAK,QAAQ,gBAAgB;AACzD,eAAK,cAAc,YAAY;AAAA,QACjC;AAGA,cAAM,iBAAiB,KAAK,QAAQ,aAAa;AACjD,cAAM,OAAO,MAAM,QAAQ,KAAK;AAAA,UAC9B;AAAA,UACA,IAAI;AAAA,YAAe,CAAC,GAAG,WACrB,WAAW,MAAM,OAAO,IAAI,MAAM,iBAAiB,CAAC,GAAG,UAAU;AAAA,UACnE;AAAA,QACF,CAAC;AAED,YAAI,CAAC,QAAQ,CAAC,KAAK,SAAS,CAAC,KAAK,WAAW;AAE3C,gBAAM,IAAI,kBAAkB;AAAA,YAC1B,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,aAAK,cAAc,QAAQ,KAAK;AAChC,aAAK,cAAc,YAAY,KAAK;AACpC,aAAK,iBAAiB,KAAK,KAAK;AAAA,MAClC,SAAS,OAAO;AAEd,YAAI,iBAAiB,mBAAmB;AACtC,cAAI;AACF,iBAAK,cAAc,SAAS;AAAA,UAC9B,QAAQ;AAAA,UAER;AACA,gBAAM;AAAA,QACR;AAGA,YAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AACvD,cAAM,cAAc;AACpB,YAAI,aAAa;AAGjB,aAAK,gBAAgB,WAAW,MAAM;AACpC,eAAK,gBAAgB;AACrB,eAAK,KAAK,cAAc,EAAE,MAAM,MAAM;AAGpC;AACA,gBAAI,cAAc,aAAa;AAC7B,oBAAM,YAAY,KAAK;AAAA,gBACrB,iBAAiB,MAAM,aAAa;AAAA,gBACpC;AAAA,cACF;AACA,mBAAK,gBAAgB,WAAW,MAAM;AAIpC,qBAAK,gBAAgB;AACrB,qBAAK,KAAK,cAAc,EAAE,MAAM,MAAM;AAAA,gBAAC,CAAC;AAAA,cAC1C,GAAG,SAAS;AAAA,YACd;AAAA,UACF,CAAC;AAAA,QACH,GAAG,cAAc;AAEjB,cAAM;AAAA,MACR,UAAE;AACA,aAAK,kBAAkB;AAAA,MACzB;AAAA,IACF,GAAG;AAEH,WAAO,KAAK;AAAA,EACd;AACF;;;AH/UA,IAAM,kBAAN,cAA8B,aAAa;AAAA,EACjC;AAAA,EACA;AAAA,EACR;AAAA,EAKS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOT,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAqC;AACnC,UAAM,eAAe;AAAA,MACnB,iBAAiB,QAAQ,mBAAmB;AAAA,MAC5C,mBAAmB,QAAQ,qBAAqB;AAAA,IAClD;AAEA,UAAM,kBAAkB,SAAS,cAAc,KAAK;AACpD,oBAAgB,KAAK,aAAa;AAClC,oBAAgB,MAAM,UAAU;AAChC,aAAS,KAAK,YAAY,eAAe;AAEzC,UAAM,gBAAgB,IAAI,oCAAc;AAAA,MACtC,WAAW;AAAA,MACX,iBAAiB,aAAa;AAAA,MAC9B,iBAAiB,SAAS,eAAe,aAAa,iBAAiB;AAAA,IACzE,CAAC;AAED,UAAM;AAAA,MACJ,SAAS;AAAA;AAAA,MACT;AAAA,IACF,CAAC;AAED,SAAK,gBAAgB;AACrB,SAAK,eAAe;AACpB,SAAK,kBAAkB,IAAI,wCAAgB,EAAE,MAAM,SAAS,KAAK,CAAC;AAElE,SAAK,qBAAqB;AAAA,EAC5B;AAAA,EAEA,MAAsB,SAAS;AAC7B,UAAM,OAAO;AAEb,SAAK,cAAc,MAAM;AAKzB,UAAM,UAAU,IAAI,oCAAc;AAAA,MAChC,WAAW;AAAA,MACX,iBAAiB,KAAK,aAAa;AAAA,MACnC,iBAAiB,SAAS;AAAA,QACxB,KAAK,aAAa;AAAA,MACpB;AAAA,IACF,CAAC;AACD,SAAK,gBAAgB;AACrB,UAAM,KAAK,mBAAmB;AAAA,EAChC;AAAA,EAEA,MAAsB,eACpB,KACe;AACf,UAAM,KAAK,eAAe;AAC1B,WAAO,MAAM,eAAe,GAAG;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,gBAAgB,UAAkB;AAC7C,UAAM,EAAE,IAAI,IAAI,MAAM,KAAK,QAAQ,kBAAkB;AAAA,MACnD;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,eAAe,EAAE,MAAM,GAAyB;AAC3D,UAAM,uBAAuB,MAAM,KAAK,WAAW,KAAK;AAExD,QAAI,CAAC,sBAAsB;AACzB,YAAM,KAAK,eAAe,EAAE,QAAQ,YAAY,MAAM,CAAC;AAAA,IACzD,OAAO;AACL,WAAK,UAAU,KAAK;AACpB,YAAM,KAAK,OAAO,oBAAoB;AAEtC,WAAK,cAAc;AAGnB,UAAI,CAAC,KAAK,cAAc,QAAQ,CAAC,KAAK,cAAc,KAAK,cAAc;AACrE;AAAA,MACF;AAEA,WAAK,gBAAgB,mBAAmB;AAAA,QACtC;AAAA,UACE,IAAI,UAAU,SAAS,KAAK,cAAc,KAAK,YAAY;AAAA,UAC3D,MAAM;AAAA,UACN,YAAY,CAAC,YAAY,KAAK;AAAA,QAChC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,UAAU,QAAmC;AACxD,UAAM,uBAAuB,MAAM,KAAK,WAAW,OAAO,KAAK;AAE/D,QAAI,CAAC,sBAAsB;AACzB,YAAM,KAAK,eAAe,EAAE,QAAQ,SAAS,GAAG,OAAO,CAAC;AAAA,IAC1D,OAAO;AACL,YAAM,KAAK,iBAAiB,MAAM;AAAA,IACpC;AAAA,EACF;AAAA,EAEA,MAAa,qBAAqB;AAChC,WAAO,MAAM,KAAK,mBAAmB;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,uBAAuB;AAAA,IAClC;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAgD;AAC9C,UAAM,KAAK,mBAAmB;AAE9B,UAAM,SAAS,MAAM,KAAK,cAAc,uBAAuB,MAAM;AAErE,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,MAAM,oCAAoC;AAAA,IACtD;AAEA,UAAM,KAAK,OAAO,QAAQ;AAE1B,SAAK,cAAc,OAAO;AAC1B,SAAK,cAAc,SAAS;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,iBAAiB;AAE7B,QACE,KAAK,cAAc,SAAS,WAC3B,KAAK,cAAc,WAAW,UAC7B,KAAK,cAAc,UAAU;AAE/B;AACF,QAAI,KAAK,cAAc,oCAA+B;AACpD,WAAK,UAAU,KAAK;AAAA,IACtB,OAAO;AACL,WAAK,UAAU,KAAK;AAGpB,YAAM,KAAK,uBAAuB;AAAA,QAChC,QAAQ,KAAK,cAAc;AAAA,QAC3B,UAAU,KAAK,cAAc,MAAM;AAAA,QACnC,aAAa,KAAK,cAAc;AAAA,MAClC,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,iBAAiB;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAA8B;AAC5B,WAAO,KAAK,QAAQ,kBAAkB;AAAA,MACpC;AAAA,MACA,iBAAiB,MAAM,KAAK,mBAAmB;AAAA,MAC/C;AAAA,MACA,aAAa,YAAY,SAAS;AAAA,IACpC,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,uBACZ,QACA;AACA,UAAM,EAAE,WAAW,YAAY,IAAI,MAAM,KAAK;AAAA,MAC5C,OAAO;AAAA,IACT;AAEA,UAAM,EAAE,MAAM,OAAO,UAAU,IAAI,MAAM,KAAK,QAAQ,cAAc;AAAA,MAClE,SAAS;AAAA,QACP,WAAW,UAAU,WAAW,SAAS;AAAA,QACzC;AAAA,MACF;AAAA,MACA,OAAO,OAAO;AAAA,IAChB,CAAC;AAED,SAAK,cAAc,OAAO;AAAA,MACxB,GAAG;AAAA,MACH,cAAc,YAAY;AAAA,IAC5B;AACA,SAAK,cAAc;AAEnB,SAAK,cAAc,QAAQ;AAC3B,SAAK,cAAc,YAAY;AAC/B,SAAK,iBAAiB,KAAM;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,oBACZ,QACA;AACA,UAAM,EAAE,OAAO,mBAAmB,YAAY,IAC5C;AAEF,UAAM,WAAW,MAAM,KAAK,QAAQ,cAAc;AAAA,MAChD;AAAA,MACA,QAAQ;AAAA,QACN,iBAAiB,MAAM,KAAK,mBAAmB;AAAA,QAC/C;AAAA,QACA,aAAa,YAAY,SAAS;AAAA,MACpC;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,eAAe,QAA6B;AACxD,YAAQ,OAAO,QAAQ;AAAA,MACrB,KAAK,YAAY;AACf,cAAM,KAAK,uBAAuB,MAAM;AACxC;AAAA,MACF;AAAA,MACA,KAAK,SAAS;AACZ,cAAM,KAAK,oBAAoB,MAAM;AACrC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,6BAA6B,OAAe;AACxD,UAAM,YAAY,SAAS,qBAAqB;AAChD,UAAM,sBAAsB,SAAS,qBAAqB;AAE1D,UAAM,cAAc,UAAM,qCAAuB;AAAA,MAC/C,WAAW;AAAA,QACT,wBAAwB;AAAA,UACtB,aAAa;AAAA,UACb,oBAAoB;AAAA,UACpB,kBAAkB;AAAA,QACpB;AAAA,QACA;AAAA,QACA,IAAI;AAAA,UACF,IAAI,OAAO,SAAS;AAAA,UACpB,MAAM,OAAO,SAAS;AAAA,QACxB;AAAA,QACA,kBAAkB;AAAA,UAChB;AAAA,YACE,MAAM;AAAA,YACN,KAAK;AAAA,UACP;AAAA,UACA;AAAA,YACE,MAAM;AAAA,YACN,KAAK;AAAA,UACP;AAAA,QACF;AAAA,QACA,MAAM;AAAA,UACJ,IAAI;AAAA,UACJ,MAAM;AAAA,UACN,aAAa;AAAA,QACf;AAAA,MACF;AAAA,IACF,CAAC;AAED,WAAO,EAAE,WAAW,aAAa,oBAAoB;AAAA,EACvD;AAAA,EAEA,MAAc,qBAAqB;AACjC,QAAI,CAAC,KAAK,cAAc,UAAU,GAAG;AACnC,YAAM,KAAK,cAAc,KAAK;AAAA,IAChC;AAEA,SAAK,UAAU,KAAK;AAEpB,WAAO,KAAK,cAAc,UAAU;AAAA,EACtC;AACF;;;ASlYA,kBAqBO;AACP,sBAA0B;AAG1B,IAAAC,mBAAoC;AACpC,iCAGO;AAYP,IAAM,aAAN,MAAiB;AAAA,EACf,YAA6B,eAA6B;AAA7B;AAAA,EAA8B;AAAA,EAE3D,MAAM,iBAAwC;AAC5C,UAAM,OAAO,MAAM,KAAK,cAAc,QAAQ;AAE9C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,qBAAqB,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACxE;AAEA,eAAO,2BAAU;AAAA,MACf,SAAS,KAAK;AAAA,MACd,aAAa,CAAC,EAAE,QAAQ,MAAM,KAAK,YAAY,OAAO;AAAA,MACtD,eAAe,CAIb,wBACG,KAAK,cAAsC,mBAAmB;AAAA,MACnE,iBAAiB,KAAK;AAAA,IACxB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,eAAe;AAAA,IACnB;AAAA,IACA;AAAA,EACF,GAEE;AACA,UAAM,OAAO,MAAM,KAAK,cAAc,QAAQ;AAE9C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,qBAAqB,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACxE;AAEA,eAAO,sCAAoB;AAAA,MACzB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT,YAAY;AAAA,QACV,SAAS;AAAA,QACT,SAAS;AAAA,MACX;AAAA,MACA,SAAS,KAAK;AAAA,MACd,WAAO,yBAAY,KAAK,IAAI;AAAA,IAC9B,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBAAqB;AACzB,UAAM,MAAM,IAAI;AAAA,MACd,iBAAiB,KAAK,cAAc,cAAc,MAAM;AAAA,MACxD,KAAK,cAAc,cAAc;AAAA,IACnC;AACA,eAAO,kDAAsB;AAAA,MAC3B,eAAW,kBAAK,IAAI,SAAS,CAAC;AAAA,IAChC,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,YAAY,KAAoC;AACpD,UAAM,kBAAc,yBAAY,GAAG;AACnC,UAAM,SAAS,MAAM,KAAK,cAAc,eAAoB,WAAW;AACvE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAGJ,QAAqE;AACrE,UAAM,kBAAc,2BAAc,MAAM;AACxC,WAAO,KAAK,cAAc,eAAe,WAAW;AAAA,EACtD;AAAA,EAEA,MAAM,gBAIJ,aACA,SAYA;AACA,UAAM,cAAc,SAAS,cAAc;AAC3C,UAAM,eAAe,MAAM,YAAY,WAAW;AAClD,UAAM,eAAe,MAAM,KAAK,cAAc;AAAA,UAC5C,uBAAU,YAAY;AAAA,IACxB;AAEA,UAAM,YAAY;AAAA,MAChB,GAAG,SAAS,UAAU,cAAc,EAAE,OAAO,GAAG,CAAC;AAAA,MACjD,GAAG,SAAS,UAAU,cAAc,EAAE,OAAO,IAAI,QAAQ,GAAG,CAAC;AAAA,MAC7D,GAAG,OAAO,SAAS,UAAU,cAAc,EAAE,OAAO,GAAG,QAAQ,GAAG,CAAC,CAAC;AAAA,IACtE;AAEA,WAAO,YAAY,aAAa,SAAS;AAAA,EAC3C;AACF;;;ArBjIA,IAAM,iBAAN,MAAqB;AAAA,EACF;AAAA,EACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EA2BjB,YAAY;AAAA,IACV;AAAA,IACA,MAAM,EAAE,UAAU,QAAQ,MAAM;AAAA,EAClC,GAAoC;AAClC,SAAK,mBAAmB,IAAI,gBAAgB;AAAA,MAC1C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAED,SAAK,WAAW;AAAA,MACd,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,MAC1C,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,MAC1C,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,IAC5C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AACF;","names":["jose","jose","import_sha","import_http","error","import_accounts"]}
1	+ {"version":3,"sources":["../src/index.ts","../src/session/index.ts","../src/modules/auth/email.ts","../src/modules/auth/passkeys.ts","../src/modules/auth/oauth/google.ts","../src/errors/SDKError.ts","../src/errors/BadRequestError.ts","../src/modules/auth/oauth/facebook.ts","../src/modules/auth/oauth/apple.ts","../src/modules/auth/oauth.ts","../src/modules/auth/index.ts","../src/modules/user/index.ts","../src/signer/web.ts","../src/lib/base64.ts","../src/lib/bytes.ts","../src/signer/index.ts","../src/errors/UnauthorizedError.ts","../src/errors/NotFoundError.ts","../src/errors/GenericError.ts","../src/errors/UnauthenticatedError.ts","../src/types/routes.ts","../src/third-party/viem.ts"],"sourcesContent":["import { AuthModule, UserModule } from './modules/index.js'\nimport { SignerClientConstructorParams } from './signer/index.js'\nimport {\n WebSignerClient,\n WebSignerClientConstructorParams,\n} from './signer/web.js'\nimport { ViemModule } from './third-party/viem.js'\n\ntype FourtWebSignerConstructorParams = {\n configuration: SignerClientConstructorParams['configuration']\n auth: Pick<WebSignerClientConstructorParams, 'webauthn' \| 'iframe' \| 'oauth'>\n}\n\n/*\n A client for interacting with the Fourt Web Signer.\n /\nclass FourtWebSigner {\n private readonly _webSignerClient: WebSignerClient\n private readonly _modules: {\n viem: ViemModule\n auth: AuthModule\n user: UserModule\n }\n\n /\n Initializes a new instance of the `FourtWebSigner` class.\n * Sets up the underlying modules.\n \n \n * @example\n * ```ts\n * const fourtWebSigner = new FourtWebSigner({\n * auth: {\n * webauthn: {\n * rpId: 'localhost',\n * },\n * },\n * configuration: {\n * apiKey: '927d603c-6775-4210-8e13-8904ca985e78',\n * },\n * })\n * ```\n \n @param {FourtWebSignerConstructorParams} params the required parameters to initialize the client\n /\n constructor({\n configuration,\n auth: { webauthn, iframe, oauth },\n }: FourtWebSignerConstructorParams) {\n this._webSignerClient = new WebSignerClient({\n configuration,\n webauthn,\n iframe,\n oauth,\n })\n\n this._modules = {\n viem: new ViemModule(this._webSignerClient),\n auth: new AuthModule(this._webSignerClient),\n user: new UserModule(this._webSignerClient),\n }\n }\n\n /\n A module for interacting with the Viem library.\n /\n get viem() {\n return this._modules.viem\n }\n\n /\n A module for interacting with the authentication methods.\n /\n get auth() {\n return this._modules.auth\n }\n\n /\n A module for interacting with the user methods.\n /\n get user() {\n return this._modules.user\n }\n}\n\nexport { FourtWebSigner }\n","import { createStore, type StoreApi } from 'zustand'\nimport { persist, createJSONStorage } from 'zustand/middleware'\nimport { User } from '../types/entities.js'\n\nenum SessionType {\n Email = 'email',\n Passkeys = 'passkeys',\n OAuth = 'oauth',\n}\n\n/\n The state of the session.\n /\ntype SessionState = {\n type?: SessionType\n user?: User\n bundle?: string\n token?: string\n csrfToken?: string\n}\n\n/\n A store for the session state.\n /\nclass SessionStore {\n private readonly _store: StoreApi<SessionState>\n\n constructor() {\n // Persist only `bundle` and `type` to localStorage.\n // `user` and `token` stay in memory (not persisted).\n this._store = createStore<SessionState>()(\n persist(this._getInitialState, {\n name: 'fourt-session',\n storage: createJSONStorage(() => localStorage),\n // keep only these keys in persisted storage\n partialize: (state) => ({ bundle: state.bundle, type: state.type }),\n }),\n )\n }\n\n /\n Gets the type from the session state.\n \n @returns {SessionType \| undefined} the type.\n /\n get type(): SessionType \| undefined {\n return this._store.getState().type\n }\n\n /\n Sets the type in the session state.\n \n @param {SessionType} type the type to set.\n /\n set type(type: SessionType) {\n this._store.setState({ type })\n }\n\n /\n Gets the token from the session state.\n \n @returns {string \| undefined} the token.\n /\n get token(): string \| undefined {\n return this._store.getState().token\n }\n\n /\n Sets the token in the session state.\n \n @param {string} token the token to set.\n /\n set token(token: string) {\n this._store.setState({ token })\n }\n\n /\n Gets the CSRF token from the session state.\n \n @returns {string \| undefined} the CSRF token.\n /\n get csrfToken(): string \| undefined {\n return this._store.getState().csrfToken\n }\n\n /\n Sets the CSRF token in the session state.\n \n @param {string} csrfToken the CSRF token to set.\n /\n set csrfToken(csrfToken: string) {\n this._store.setState({ csrfToken })\n }\n\n /\n Gets the bundle from the session state.\n \n @returns {string \| undefined} the bundle.\n /\n get bundle(): string \| undefined {\n return this._store.getState().bundle\n }\n\n /\n Sets the bundle in the session state.\n \n @param {string} bundle the bundle to set.\n /\n set bundle(bundle: string) {\n this._store.setState({ bundle })\n }\n\n /\n Gets the user from the session state.\n \n @returns {User \| undefined} the user.\n /\n get user(): User \| undefined {\n return this._store.getState().user\n }\n\n /\n Sets the user in the session state.\n \n @param {User} user the user to set.\n /\n set user(user: User) {\n this._store.setState({ ...this._store.getState(), user })\n }\n\n /\n Clears the user from the session state.\n /\n clearUser() {\n this._store.setState({ ...this._store.getState(), user: undefined })\n }\n\n /\n Clears the bundle from the session state.\n /\n clearBundle() {\n this._store.setState({ ...this._store.getState(), bundle: undefined })\n }\n\n /\n Clears the type from the session state.\n /\n clearType() {\n this._store.setState({ ...this._store.getState(), type: undefined })\n }\n\n /\n Clears the token from the session state.\n /\n clearToken() {\n this._store.setState({ ...this._store.getState(), token: undefined })\n }\n\n /\n Clears the token and user from the session state.\n /\n clearAll() {\n this.clearToken()\n this.clearUser()\n this.clearBundle()\n this.clearType()\n }\n\n private _getInitialState(): SessionState {\n return {\n type: undefined,\n user: undefined,\n bundle: undefined,\n token: undefined,\n }\n }\n}\n\nexport { SessionType, SessionStore }\nexport type { SessionState }\n","import { SessionType } from '../../session/index.js'\nimport type {\n WebSignerClient,\n EmailInitializeAuthParams,\n CompleteAuthWithBundleParams,\n} from '../../signer/web.js'\n\n/\n A module for interacting with the Email authentication methods.\n * Available through the `auth.email` property on a `FourtWebSigner` instance.\n /\nclass EmailModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Initialize user authentication process using email.\n \n @param params {EmailInitializeAuthParams} params to initialize the user authentication process.\n * @returns {Promise<void>} promise that resolves to the result of the authentication process.\n /\n async initialize(params: EmailInitializeAuthParams): Promise<void> {\n return this._webSignerClient.emailAuth(params)\n }\n\n /\n Completes authentication with bundle after user receives the bundle and subOrgId as URL params.\n \n @param params {CompleteAuthWithBundleParams} params received as URL params necessary to complete authentication process.\n * @returns {Promise<void>} promise that completes the authentication process.\n /\n async complete(\n params: Pick<CompleteAuthWithBundleParams, 'subOrgId' \| 'bundle'>,\n ): Promise<void> {\n return this._webSignerClient.completeAuthWithBundle({\n ...params,\n sessionType: SessionType.Email,\n })\n }\n}\n\nexport { EmailModule }\n","import type { WebSignerClient, WebauthnSignInParams } from '../../signer/web.js'\n\n/\n A module for interacting with the Passkeys authentication methods.\n * Available through the `auth.passkeys` property on a `FourtWebSigner` instance.\n /\nclass PasskeysModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Signs in a user using Passkeys.\n \n @param params {WebauthnSignInParams} params for the sign-in process.\n * @returns {Promise<void>} promise that resolves to the result of the sign-in process.\n /\n async signIn(params: WebauthnSignInParams) {\n return this._webSignerClient.webauthnSignIn(params)\n }\n}\n\nexport { PasskeysModule }\n","import as jose from 'jose'\nimport { sha256 } from 'sha.js'\nimport type { WebSignerClient } from '../../../signer/web.js'\n\nclass GoogleModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /*\n \n * @returns\n /\n async init(): Promise<string> {\n const initUrl = await this._webSignerClient.getOAuthInitUrl('google')\n\n const url = new URL(initUrl)\n\n const internalUrl = new URL(\n 'v1/oauth/google',\n this._webSignerClient.configuration.apiUrl,\n ).href\n url.searchParams.set('redirect_uri', internalUrl)\n\n const publicKey = await this._webSignerClient.getIframePublicKey()\n\n const nonce = new sha256().update(publicKey).digest('hex')\n url.searchParams.set('nonce', nonce)\n\n const state = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n url.searchParams.set('state', state)\n\n return url.toString()\n }\n}\n\nexport { GoogleModule }\n","type SDKErrorProps = {\n message: string\n}\n\nabstract class SDKError extends Error {\n private readonly _props: SDKErrorProps\n\n constructor(message: string, props: SDKErrorProps) {\n super(message)\n this._props = props\n }\n\n get message() {\n return this._props.message\n }\n}\n\nexport { SDKError }\nexport type { SDKErrorProps }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass BadRequestError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(BadRequestError.name, props)\n }\n}\n\nexport { BadRequestError }\n","import { BadRequestError } from '../../../errors/BadRequestError.js'\nimport { WebSignerClient } from '../../../signer/web.js'\nimport as jose from 'jose'\n\nclass FacebookModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n async init(): Promise<string> {\n const publicKey = await this._webSignerClient.getIframePublicKey()\n const internalUrl = new URL(\n 'v1/oauth/facebook',\n this._webSignerClient.configuration.apiUrl,\n ).href\n\n const jwt = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n\n const response = await fetch(internalUrl, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n state: jwt,\n }),\n })\n\n if (!response.ok) {\n throw new BadRequestError({\n message: `Failed to create OAuth state. Error: ${response.statusText}`,\n })\n }\n\n const { authUrl } = await response.json()\n if (!authUrl) {\n throw new BadRequestError({\n message: response.statusText,\n })\n }\n\n return authUrl\n }\n}\n\nexport { FacebookModule }\n","import * as jose from 'jose'\nimport { sha256 } from 'sha.js'\nimport type { WebSignerClient } from '../../../signer/web.js'\n\nclass AppleModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /*\n \n * @returns\n /\n async init(): Promise<string> {\n const initUrl = await this._webSignerClient.getOAuthInitUrl('apple')\n\n const url = new URL(initUrl)\n\n const internalUrl = new URL(\n 'v1/oauth/apple',\n this._webSignerClient.configuration.apiUrl,\n ).href\n url.searchParams.set('redirect_uri', internalUrl)\n\n const publicKey = await this._webSignerClient.getIframePublicKey()\n\n const nonce = new sha256().update(publicKey).digest('hex')\n url.searchParams.set('nonce', nonce)\n\n const state = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n url.searchParams.set('state', state)\n\n return url.toString()\n }\n}\n\nexport { AppleModule }\n","import { SessionType } from '../../session/index.js'\nimport type { WebSignerClient } from '../../signer/web.js'\nimport { GoogleModule } from './oauth/google.js'\nimport { FacebookModule } from './oauth/facebook.js'\nimport { AppleModule } from './oauth/apple.js'\n\ntype CompleteParams = {\n bundle: string\n subOrgId: string\n}\n\nclass OAuthModule {\n private readonly _googleModule: GoogleModule\n private readonly _facebookModule: FacebookModule\n private readonly _appleModule: AppleModule\n\n constructor(private readonly _webSignerClient: WebSignerClient) {\n this._googleModule = new GoogleModule(this._webSignerClient)\n this._facebookModule = new FacebookModule(this._webSignerClient)\n this._appleModule = new AppleModule(this._webSignerClient)\n }\n\n get google() {\n return this._googleModule\n }\n\n get facebook() {\n return this._facebookModule\n }\n\n get apple() {\n return this._appleModule\n }\n\n async complete({ bundle, subOrgId }: CompleteParams) {\n await this._webSignerClient.completeAuthWithBundle({\n bundle,\n subOrgId,\n sessionType: SessionType.OAuth,\n })\n }\n}\n\nexport { OAuthModule }\n","import type { WebSignerClient } from '../../signer/web.js'\nimport { EmailModule } from './email.js'\nimport { PasskeysModule } from './passkeys.js'\nimport { OAuthModule } from './oauth.js'\n\n/\n A module for interacting with the authentication methods.\n * Available through the `auth` property on a `FourtWebSigner` instance.\n /\nclass AuthModule {\n private readonly _passkeys: PasskeysModule\n private readonly _email: EmailModule\n private readonly _oauth: OAuthModule\n\n /\n Initializes a new instance of the `AuthModule` class.\n \n @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.\n /\n constructor(private readonly _webSignerClient: WebSignerClient) {\n this._passkeys = new PasskeysModule(this._webSignerClient)\n this._email = new EmailModule(this._webSignerClient)\n this._oauth = new OAuthModule(this._webSignerClient)\n }\n\n /\n A module for interacting with the Passkeys authentication methods.\n /\n get passkeys() {\n return this._passkeys\n }\n\n /\n A module for interacting with the Passkeys authentication methods.\n /\n get email() {\n return this._email\n }\n\n get oauth() {\n return this._oauth\n }\n}\n\nexport { AuthModule }\nexport { PasskeysModule } from './passkeys.js'\nexport { EmailModule } from './email.js'\n","import { WebSignerClient } from '../../signer/web.js'\nimport { User } from '../../types/entities.js'\n\n/\n A module for interacting with the user methods.\n * Available through the `user` property on a `FourtWebSigner` instance.\n /\nclass UserModule {\n /\n Initializes a new instance of the `UserModule` class.\n \n @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.\n /\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Retrieves information for the authenticated user.\n * Assumes a user is already logged in, otherwise it will throw an error.\n /\n async getInfo(): Promise<User> {\n return this._webSignerClient.getUser()\n }\n\n /\n Checks if a user is currently logged in to the fourt.io SDK.\n /\n async isLoggedIn(): Promise<boolean> {\n return this._webSignerClient.isLoggedIn()\n }\n\n /\n Generates an access token with a lifespan of 15 minutes.\n * Assumes a user is already logged in, otherwise it will throw an error.\n /\n async getToken(): Promise<string> {\n return this._webSignerClient.getToken()\n }\n\n /\n Logs out the user.\n /\n async logout(): Promise<void> {\n return this._webSignerClient.logout()\n }\n}\n\nexport { UserModule }\n","import { getWebAuthnAttestation } from '@turnkey/http'\nimport { IframeStamper } from '@turnkey/iframe-stamper'\nimport { WebauthnStamper } from '@turnkey/webauthn-stamper'\nimport { LibBase64 } from '../lib/base64.js'\nimport { LibBytes } from '../lib/bytes.js'\nimport { SessionType } from '../session/index.js'\nimport {\n type SignerClientInheritedConstructorParams,\n SignerClient,\n} from './index.js'\n\ntype WebauthnSignInParams = {\n email: string\n}\n\n// When user starts auth with email - can be either a signup or a signin\ntype EmailInitializeAuthParams = {\n email: string\n redirectUrl: string\n expirationSeconds?: number // Defaults to 15 minutes by Turnkey\n}\n\n// * When user completes auth with bundle\ntype CompleteAuthWithBundleParams = {\n bundle: string\n subOrgId: string\n sessionType: SessionType\n isNewUser?: boolean\n}\n\ntype GoogleOAuthSignInParams = {\n credential: string\n clientId: string\n}\n\nexport type OAuthConfiguration = {\n common: {\n redirectUrl: string\n }\n}\n\ntype WebSignerClientConstructorParams = SignerClientInheritedConstructorParams<{\n webauthn: {\n rpId: string\n }\n iframe?: {\n iframeElementId?: string\n iframeContainerId?: string\n }\n oauth?: OAuthConfiguration\n}>\n\ntype CreateAccountParams =\n \| ({\n method: 'webauthn'\n } & WebauthnSignInParams)\n \| ({\n method: 'email'\n } & EmailInitializeAuthParams)\n\n/*\n A signer client for web applications.\n /\nclass WebSignerClient extends SignerClient {\n private iframeStamper: IframeStamper\n private webauthnStamper: WebauthnStamper\n iframeConfig: {\n iframeElementId: string\n iframeContainerId: string\n }\n\n readonly oauthConfiguration: WebSignerClientConstructorParams['oauth']\n\n /\n Initializes a new instance of the `WebSignerClient` class.\n \n @param {WebSignerClientConstructorParams} params params for the constructor\n /\n constructor({\n configuration,\n webauthn,\n iframe,\n oauth,\n }: WebSignerClientConstructorParams) {\n const iframeConfig = {\n iframeElementId: iframe?.iframeElementId ?? 'turnkey-iframe',\n iframeContainerId: iframe?.iframeContainerId ?? 'signer-iframe-container',\n }\n\n const iframeContainer = document.createElement('div')\n iframeContainer.id = iframeConfig.iframeContainerId\n iframeContainer.style.display = 'none'\n document.body.appendChild(iframeContainer)\n\n const iframeStamper = new IframeStamper({\n iframeUrl: 'https://auth.turnkey.com',\n iframeElementId: iframeConfig.iframeElementId,\n iframeContainer: document.getElementById(iframeConfig.iframeContainerId),\n })\n\n super({\n stamper: iframeStamper, // Initialized to iframeStamper; can be either webauthnStamper or iframeStamper\n configuration: configuration,\n })\n\n this.iframeStamper = iframeStamper\n this.iframeConfig = iframeConfig\n this.webauthnStamper = new WebauthnStamper({ rpId: webauthn.rpId })\n\n this.oauthConfiguration = oauth\n }\n\n public override async logout() {\n super.logout()\n\n this.iframeStamper.clear()\n\n // In the latest TK iframe-stamper version, an IframeStamper\n // instance becomes unusable after being cleared, so a new\n // instance must be created.\n const stamper = new IframeStamper({\n iframeUrl: 'https://auth.turnkey.com',\n iframeElementId: this.iframeConfig.iframeElementId,\n iframeContainer: document.getElementById(\n this.iframeConfig.iframeContainerId,\n ),\n })\n this.iframeStamper = stamper\n await this._initIframeStamper()\n }\n\n public override async signRawMessage<Into extends string>(\n msg: string,\n ): Promise<Into> {\n await this._updateStamper()\n return super.signRawMessage(msg)\n }\n\n /\n Get the pre-filled URL for initiating oauth with a specific provider.\n \n @param {string} provider provider for which we are getting the URL, currently google or apple\n /\n public async getOAuthInitUrl(provider: string) {\n const { url } = await this.request('/v1/oauth/init', {\n provider,\n })\n\n return url\n }\n\n /\n Signs in a user with webauthn.\n \n @param {WebauthnSignInParams} params params for the sign in\n /\n public async webauthnSignIn({ email }: WebauthnSignInParams) {\n const existingUserSubOrgId = await this.lookUpUser(email)\n\n if (!existingUserSubOrgId) {\n await this._createAccount({ method: 'webauthn', email })\n } else {\n this.stamper = this.webauthnStamper\n await this.whoAmI(existingUserSubOrgId)\n\n this._sessionStore.type = SessionType.Passkeys\n\n // We should assure that the user and its credentialId are set\n if (!this._sessionStore.user \|\| !this._sessionStore.user.credentialId) {\n return\n }\n\n this.webauthnStamper.allowCredentials = [\n {\n id: LibBase64.toBuffer(this._sessionStore.user.credentialId),\n type: 'public-key',\n transports: ['internal', 'usb'],\n },\n ]\n }\n }\n\n /\n Handle auth user process with email.\n \n @param {EmailInitializeAuthParams} params Params needed for the initialization of the auth process\n /\n public async emailAuth(params: EmailInitializeAuthParams) {\n const existingUserSubOrgId = await this.lookUpUser(params.email)\n\n if (!existingUserSubOrgId) {\n await this._createAccount({ method: 'email', ...params })\n } else {\n await this._signInWithEmail(params)\n }\n }\n\n public async getIframePublicKey() {\n return await this._initIframeStamper()\n }\n\n /\n Completes the authentication process with a credential bundle.\n \n @param {CompleteAuthWithBundleParams} params params for the completion of the auth process\n /\n public async completeAuthWithBundle({\n bundle,\n subOrgId,\n sessionType,\n }: CompleteAuthWithBundleParams): Promise<void> {\n await this._initIframeStamper()\n\n const result = await this.iframeStamper.injectCredentialBundle(bundle)\n\n if (!result) {\n throw new Error('Failed to inject credential bundle')\n }\n\n await this.whoAmI(subOrgId)\n\n this._sessionStore.type = sessionType\n this._sessionStore.bundle = bundle\n }\n\n /\n Checks for an existing session and if exists, updates the stamper accordingly.\n /\n private async _updateStamper() {\n // User is not signed in\n if (\n this._sessionStore.type === undefined &&\n (this._sessionStore.bundle === undefined \|\|\n this._sessionStore.token === undefined)\n )\n return\n if (this._sessionStore.type === SessionType.Passkeys) {\n this.stamper = this.webauthnStamper\n } else {\n this.stamper = this.iframeStamper\n // We need to inject the credential bundle\n // Otherwise the user will not be able to sign\n await this.completeAuthWithBundle({\n bundle: this._sessionStore.bundle!,\n subOrgId: this._sessionStore.user?.subOrgId!,\n sessionType: this._sessionStore.type!,\n })\n }\n }\n\n /\n Signs in a user with email.\n \n @param {EmailInitializeAuthParams} params params for the sign in\n /\n private async _signInWithEmail({\n email,\n expirationSeconds,\n redirectUrl,\n }: EmailInitializeAuthParams) {\n return this.request('/v1/email-auth', {\n email,\n targetPublicKey: await this.getIframePublicKey(),\n expirationSeconds,\n redirectUrl: redirectUrl.toString(),\n })\n }\n\n /\n Creates a passkey account using the webauthn stamper.\n \n @param {Extract<CreateAccountParams, { method: 'webauthn' }>} params params for the creation of the account\n /\n private async _createWebauthnAccount(\n params: Extract<CreateAccountParams, { method: 'webauthn' }>,\n ) {\n const { challenge, attestation } = await this._webauthnGenerateAttestation(\n params.email,\n )\n\n const { user, token, csrfToken } = await this.request('/v1/signup', {\n passkey: {\n challenge: LibBase64.fromBuffer(challenge),\n attestation,\n },\n email: params.email,\n })\n\n this._sessionStore.user = {\n ...user,\n credentialId: attestation.credentialId,\n }\n this._sessionStore.type = SessionType.Passkeys\n // Tokens are always returned on passkey signup\n this._sessionStore.token = token!\n this._sessionStore.csrfToken = csrfToken!\n this._scheduleRefresh(token!)\n }\n\n /\n Creates an email account using the iframe stamper.\n \n @param {Extract<CreateAccountParams, { method: 'email' }>} params params for the creation of the account\n /\n private async _createEmailAccount(\n params: Extract<CreateAccountParams, { method: 'email' }>,\n ) {\n const { email, expirationSeconds, redirectUrl } =\n params as EmailInitializeAuthParams\n\n const response = await this.request('/v1/signup', {\n email,\n iframe: {\n targetPublicKey: await this.getIframePublicKey(),\n expirationSeconds,\n redirectUrl: redirectUrl.toString(),\n },\n })\n\n return response\n }\n\n /\n Handle the account creation process.\n \n @param {CreateAccountParams} params params to create an account\n /\n private async _createAccount(params: CreateAccountParams) {\n switch (params.method) {\n case 'webauthn': {\n await this._createWebauthnAccount(params)\n break\n }\n case 'email': {\n await this._createEmailAccount(params)\n break\n }\n }\n }\n\n private async _webauthnGenerateAttestation(email: string) {\n const challenge = LibBytes.generateRandomBuffer()\n const authenticatorUserId = LibBytes.generateRandomBuffer()\n\n const attestation = await getWebAuthnAttestation({\n publicKey: {\n authenticatorSelection: {\n residentKey: 'preferred',\n requireResidentKey: false,\n userVerification: 'preferred',\n },\n challenge,\n rp: {\n id: window.location.hostname,\n name: window.location.hostname,\n },\n pubKeyCredParams: [\n {\n type: 'public-key',\n alg: -7,\n },\n {\n type: 'public-key',\n alg: -257,\n },\n ],\n user: {\n id: authenticatorUserId,\n name: email,\n displayName: email,\n },\n },\n })\n\n return { challenge, attestation, authenticatorUserId }\n }\n\n private async _initIframeStamper() {\n if (!this.iframeStamper.publicKey()) {\n await this.iframeStamper.init()\n }\n\n this.stamper = this.iframeStamper\n\n return this.iframeStamper.publicKey()!\n }\n}\n\nexport { WebSignerClient }\nexport type {\n CompleteAuthWithBundleParams,\n CreateAccountParams,\n EmailInitializeAuthParams,\n GoogleOAuthSignInParams,\n WebauthnSignInParams,\n WebSignerClientConstructorParams,\n}\n","import { Buffer } from 'buffer'\n\nclass LibBase64 {\n static fromBuffer(buffer: ArrayBuffer): string {\n return Buffer.from(buffer)\n .toString('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '')\n }\n\n static toBuffer(base64: string): ArrayBuffer {\n return Buffer.from(base64, 'base64').buffer\n }\n}\n\nexport { LibBase64 }\n","type TakeBytesParams = Partial<{\n count: number\n offset: number\n}>\n\ntype ByteString = `0x${string}`\n\nclass LibBytes {\n static generateRandomBuffer = (): ArrayBuffer => {\n const arr = new Uint8Array(32)\n crypto.getRandomValues(arr)\n return arr.buffer\n }\n\n static takeBytes = (\n bytes: ByteString,\n params: TakeBytesParams = {},\n ): ByteString => {\n const { offset, count } = params\n const start = (offset ? offset 2 : 0) + 2 // add 2 to skip the 0x prefix\n const end = count ? start + count * 2 : undefined\n\n return `0x${bytes.slice(start, end)}`\n }\n}\n\nexport { LibBytes }\n","import { TurnkeyClient } from '@turnkey/http'\nimport {\n BadRequestError,\n GenericError,\n NotFoundError,\n UnauthorizedError,\n} from '../errors/index.js'\nimport { SDKError } from '../errors/SDKError.js'\nimport { SessionStore } from '../session/index.js'\nimport { APIResponse } from '../types/rest.js'\nimport {\n AuthenticationServiceBody,\n AuthenticationServiceResponse,\n AuthenticationServiceRoutes,\n ROUTE_METHOD_MAP,\n} from '../types/routes.js'\nimport { jwtDecode, JwtPayload } from 'jwt-decode'\nimport { differenceInMilliseconds, isBefore, subMinutes } from 'date-fns'\n\ntype SignerClientConfiguration = {\n apiKey: string\n apiUrl?: string\n paymasterRpcUrl?: string\n}\n\ntype SignerClientConstructorParams = {\n stamper: TurnkeyClient['stamper']\n configuration: SignerClientConfiguration\n}\n\ntype SignerClientInheritedConstructorParams<\n Extended extends Record<string, unknown>,\n> = Pick<SignerClientConstructorParams, 'configuration'> & Extended\n\nabstract class SignerClient {\n protected readonly _turnkeyClient: TurnkeyClient\n protected readonly _configuration: Required<\n SignerClientConstructorParams['configuration']\n >\n protected readonly _sessionStore: SessionStore\n\n private _refreshPromise?: Promise<void>\n private _refreshTimer?: ReturnType<typeof setTimeout>\n\n constructor({\n stamper,\n configuration: { apiUrl, paymasterRpcUrl, ...requiredConfiguration },\n }: SignerClientConstructorParams) {\n this._turnkeyClient = new TurnkeyClient(\n { baseUrl: 'https://api.turnkey.com' },\n stamper,\n )\n\n this._configuration = {\n ...requiredConfiguration,\n apiUrl: apiUrl ?? 'https://auth.api.fourt.io/',\n paymasterRpcUrl: paymasterRpcUrl ?? 'https://management.api.fourt.io/',\n }\n\n this._sessionStore = new SessionStore()\n }\n\n get configuration(): Required<SignerClientConfiguration> {\n return this._configuration\n }\n\n public async getUser() {\n if (this._sessionStore.user) return this._sessionStore.user\n\n try {\n const user = await this.request('/v1/me')\n this._sessionStore.user = user\n return user\n } catch (error) {\n // If unauthorized, try to refresh token and retry once\n if (error instanceof UnauthorizedError) {\n try {\n await this._refreshToken()\n const user = await this.request('/v1/me')\n this._sessionStore.user = user\n return user\n } catch (error) {\n throw error\n }\n }\n throw error\n }\n }\n\n public async isLoggedIn() {\n const token = this._sessionStore.token\n\n // If we have a token and it's still valid, we're logged in\n if (token && !this._isTokenExpired(token)) return true\n\n // Otherwise try to refresh (covers no token and expired token)\n try {\n await this._refreshToken()\n return !!this._sessionStore.token\n } catch {\n return false\n }\n }\n\n public async getToken(): Promise<string> {\n // Try to use existing token\n if (!this._sessionStore.token) {\n // No token: attempt refresh (may throw)\n try {\n await this._refreshToken()\n } catch {\n throw new UnauthorizedError({\n message: 'No token found, user might not be logged in',\n })\n }\n } else if (this._isTokenExpired(this._sessionStore.token)) {\n // Token expired: attempt refresh (may throw)\n try {\n await this._refreshToken()\n } catch {\n throw new UnauthorizedError({\n message: 'Token expired and refresh failed',\n })\n }\n }\n\n const token = this._sessionStore.token\n if (!token) {\n throw new UnauthorizedError({\n message: 'No token found, user might not be logged in',\n })\n }\n return token\n }\n\n private _isTokenExpired(token: string): boolean {\n try {\n const decoded = jwtDecode<JwtPayload>(token)\n if (decoded.exp) {\n return decoded.exp * 1000 <= Date.now()\n }\n return true // If no exp claim, consider it expired\n } catch {\n return true // If token is malformed, consider it expired\n }\n }\n\n public async logout() {\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n this._refreshTimer = undefined\n await this.request('/v1/logout')\n this._sessionStore.clearAll()\n }\n\n public async signRawMessage<Into extends string>(msg: string): Promise<Into> {\n if (!this._sessionStore.token \|\| !this._sessionStore.user) {\n throw new UnauthorizedError({\n message: 'SignerClient must be authenticated to sign a message',\n })\n }\n\n const stampedRequest = await this._turnkeyClient.stampSignRawPayload({\n organizationId: this._sessionStore.user.subOrgId,\n type: 'ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2',\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: 'PAYLOAD_ENCODING_HEXADECIMAL',\n hashFunction: 'HASH_FUNCTION_NO_OP',\n payload: msg,\n signWith: this._sessionStore.user.walletAddress,\n },\n })\n\n const { signature } = await this.request('/v1/sign', {\n stampedRequest,\n })\n\n return <Into>signature\n }\n\n protected set stamper(stamper: TurnkeyClient['stamper']) {\n this._turnkeyClient.stamper = stamper\n }\n\n protected get stamper(): TurnkeyClient['stamper'] {\n return this._turnkeyClient.stamper\n }\n\n protected async lookUpUser(email: string): Promise<string \| null> {\n try {\n const { subOrgId } = await this.request('/v1/lookup', { email })\n return subOrgId\n } catch (error) {\n if (!(error instanceof SDKError)) throw error\n\n const sdkError: SDKError = error\n\n switch (sdkError.constructor.name) {\n case NotFoundError.name: {\n return null\n }\n default: {\n throw sdkError\n }\n }\n }\n }\n\n protected async whoAmI(subOrgId?: string) {\n const orgId = subOrgId \|\| this._sessionStore.user?.subOrgId\n\n if (!orgId) throw new BadRequestError({ message: 'No orgId provided' })\n\n const stampedRequest = await this._turnkeyClient.stampGetWhoami({\n organizationId: orgId,\n })\n\n const { user, token, csrfToken } = await this.request('/v1/signin', {\n stampedRequest,\n })\n\n const credentialId = (() => {\n try {\n return JSON.parse(stampedRequest?.stamp.stampHeaderValue)\n .credentialId as string\n } catch (e) {\n return undefined\n }\n })()\n\n this._sessionStore.user = {\n ...user,\n credentialId: credentialId,\n }\n this._sessionStore.token = token\n this._sessionStore.csrfToken = csrfToken\n this._scheduleRefresh(token)\n }\n\n protected async request<Route extends AuthenticationServiceRoutes>(\n route: Route,\n body?: AuthenticationServiceBody<Route>,\n ): Promise<AuthenticationServiceResponse<Route>> {\n const url = new URL(`${route}`, this._configuration.apiUrl)\n const token = this._sessionStore.token\n const csrfToken = this._sessionStore.csrfToken\n\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'X-FOURT-KEY': this._configuration.apiKey,\n }\n\n if (token) {\n headers['Authorization'] = `Bearer ${token}`\n }\n\n if (csrfToken) {\n headers['X-CSRF-Token'] = csrfToken\n }\n\n const response = await fetch(url, {\n method: ROUTE_METHOD_MAP[route],\n body: JSON.stringify(body),\n headers,\n credentials: 'include',\n })\n\n const { data, error } = (await response.json()) as APIResponse<\n AuthenticationServiceResponse<Route>\n >\n\n if (error) {\n switch (error.kind) {\n case 'UnauthorizedError': {\n throw new UnauthorizedError({ message: error.message })\n }\n case 'NotFoundError': {\n throw new NotFoundError({ message: error.message })\n }\n case 'BadRequestError': {\n throw new BadRequestError({ message: error.message })\n }\n default: {\n throw new GenericError({ message: error.message })\n }\n }\n }\n\n return { ...data } as AuthenticationServiceResponse<Route>\n }\n\n protected _scheduleRefresh(token: string) {\n try {\n const decoded = jwtDecode<JwtPayload>(token)\n if (!decoded.exp) return\n\n const expiryDate = new Date(decoded.exp * 1000)\n const refreshDate = subMinutes(expiryDate, 2) // refresh 2min early\n\n // If the refresh time is already past, run immediately\n const delay = isBefore(refreshDate, new Date())\n ? 0\n : differenceInMilliseconds(refreshDate, new Date())\n\n // Clear previous timer to avoid duplicates\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n\n // Schedule refresh\n this._refreshTimer = setTimeout(() => {\n this._refreshTimer = undefined\n this._refreshToken()\n }, delay)\n } catch {\n // ignore errors\n }\n }\n\n private async _refreshToken(): Promise<void> {\n if (this._refreshPromise) return this._refreshPromise\n\n // Keep a reference so callers can await the same promise\n this._refreshPromise = (async () => {\n const TIMEOUT_MS = 10_000\n const RETRY_DELAY_MS = 5_000\n\n try {\n // Check if csrfToken is in memory, if not get a new one\n if (!this._sessionStore.csrfToken) {\n const { csrfToken } = await this.request('/v1/csrf-token')\n this._sessionStore.csrfToken = csrfToken\n }\n\n // Avoid hanging indefinitely by racing the request with a timeout\n const refreshPromise = this.request('/v1/refresh')\n const data = await Promise.race([\n refreshPromise,\n new Promise<never>((_, reject) =>\n setTimeout(() => reject(new Error('Refresh timeout')), TIMEOUT_MS),\n ),\n ])\n\n if (!data \|\| !data.token \|\| !data.csrfToken) {\n // Treat missing tokens as auth failure\n throw new UnauthorizedError({\n message: 'Refresh did not return tokens',\n })\n }\n\n this._sessionStore.token = data.token\n this._sessionStore.csrfToken = data.csrfToken\n this._scheduleRefresh(data.token)\n } catch (error) {\n // On auth errors, clear session to avoid repeated failing retries\n if (error instanceof UnauthorizedError) {\n try {\n this._sessionStore.clearAll()\n } catch {\n // ignore errors\n }\n throw error\n }\n\n // Transient error: schedule a retry (non-blocking) and rethrow so callers know it failed\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n const MAX_RETRIES = 5\n let retryCount = 0\n\n // We schedule a background retry after RETRY_DELAY_MS using setTimeout\n this._refreshTimer = setTimeout(() => {\n this._refreshTimer = undefined\n void this._refreshToken().catch(() => {\n // Increments retryCount and, if still under MAX_RETRIES, schedules\n // another retry using exponential backoff (capped at 60s)\n retryCount++\n if (retryCount <= MAX_RETRIES) {\n const nextDelay = Math.min(\n RETRY_DELAY_MS * 2 ** (retryCount - 1),\n 60_000,\n )\n this._refreshTimer = setTimeout(() => {\n // When the timer fires we clear the stored id and call _refreshToken() in a\n // fire-and-forget manner (void ... .catch(...)) so the retry runs asynchronously\n // and doesn't block or change the control flow of the original caller.\n this._refreshTimer = undefined\n void this._refreshToken().catch(() => {})\n }, nextDelay)\n }\n })\n }, RETRY_DELAY_MS)\n\n throw error\n } finally {\n this._refreshPromise = undefined\n }\n })()\n\n return this._refreshPromise\n }\n}\n\nexport { SignerClient }\nexport type {\n SignerClientConstructorParams,\n SignerClientInheritedConstructorParams,\n}\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass UnauthorizedError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(UnauthorizedError.name, props)\n }\n}\n\nexport { UnauthorizedError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass NotFoundError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(NotFoundError.name, props)\n }\n}\n\nexport { NotFoundError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass GenericError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(GenericError.name, props)\n }\n}\n\nexport { GenericError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass UnauthenticatedError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(UnauthenticatedError.name, props)\n }\n}\n\nexport { UnauthenticatedError }\n","import { getWebAuthnAttestation, TSignedRequest } from '@turnkey/http'\nimport { User } from './entities.js'\nimport { AtLeastOne } from './string.js'\n\ntype AuthenticationServiceRoutes =\n AuthenticationServiceEndpoints[number]['Route']\n\ntype AuthenticationServiceBody<Route extends AuthenticationServiceRoutes> =\n Extract<AuthenticationServiceEndpoints[number], { Route: Route }>['Body']\n\ntype AuthenticationServiceResponse<Route extends AuthenticationServiceRoutes> =\n Extract<AuthenticationServiceEndpoints[number], { Route: Route }>['Response']\n\ntype AuthenticationServiceEndpoints = [\n {\n Route: '/v1/email-auth'\n Body: {\n email: string\n targetPublicKey: string\n redirectUrl: string\n expirationSeconds?: number\n }\n Response: {\n subOrgId: string\n }\n },\n {\n Route: '/v1/signup'\n Body: AtLeastOne<{\n passkey: {\n challenge: string\n attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>\n }\n iframe: {\n targetPublicKey: string\n redirectUrl: string\n expirationSeconds?: number\n }\n }> & { email: string }\n Response: {\n user: User\n token?: string\n csrfToken?: string\n }\n },\n {\n Route: '/v1/lookup'\n Body: {\n email: string\n }\n Response: {\n subOrgId: string\n }\n },\n {\n Route: '/v1/signin'\n Body: {\n stampedRequest: TSignedRequest\n }\n Response: {\n user: User\n token: string\n csrfToken: string\n }\n },\n {\n Route: '/v1/sign'\n Body: {\n stampedRequest: TSignedRequest\n }\n Response: {\n signature: string\n }\n },\n {\n Route: '/v1/oauth/init'\n Body: {\n provider: string\n }\n Response: {\n url: string\n }\n },\n {\n Route: '/v1/refresh'\n Body: {}\n Response: {\n token: string\n csrfToken: string\n }\n },\n {\n Route: '/v1/csrf-token'\n Body: {}\n Response: {\n csrfToken: string\n }\n },\n {\n Route: '/v1/logout'\n Body: {}\n Response: {}\n },\n {\n Route: '/v1/me'\n Body: {}\n Response: User\n },\n]\n\nconst ROUTE_METHOD_MAP = {\n '/v1/signup': 'POST',\n '/v1/email-auth': 'POST',\n '/v1/lookup': 'POST',\n '/v1/signin': 'POST',\n '/v1/sign': 'POST',\n '/v1/oauth/init': 'POST',\n '/v1/refresh': 'POST',\n '/v1/csrf-token': 'GET',\n '/v1/logout': 'POST',\n '/v1/me': 'GET',\n} satisfies Record<AuthenticationServiceRoutes, 'POST' \| 'GET'>\n\nexport type {\n AuthenticationServiceEndpoints,\n AuthenticationServiceResponse,\n AuthenticationServiceBody,\n AuthenticationServiceRoutes,\n}\n\nexport { ROUTE_METHOD_MAP }\n","import {\n type Chain,\n type Client,\n type GetTransactionType,\n type Hex,\n type IsNarrowable,\n type JsonRpcAccount,\n type LocalAccount,\n type TypedData,\n type TypedDataDefinition,\n type SignableMessage,\n type SerializeTransactionFn,\n type TransactionSerializable,\n type TransactionSerialized,\n type Transport,\n hashMessage,\n hashTypedData,\n serializeTransaction,\n keccak256,\n hexToBigInt,\n http,\n} from 'viem'\nimport { toAccount } from 'viem/accounts'\nimport { SignerClient } from '../signer/index.js'\nimport { LibBytes } from '../lib/bytes.js'\nimport { toLightSmartAccount } from 'permissionless/accounts'\nimport {\n createPaymasterClient,\n entryPoint07Address,\n} from 'viem/account-abstraction'\nimport { UnauthenticatedError } from '../errors/UnauthenticatedError.js'\n\ntype CurrentUserToLightSmartAccountParams = {\n owner: LocalAccount\n client: Client<\n Transport,\n Chain \| undefined,\n JsonRpcAccount \| LocalAccount \| undefined\n >\n}\n\nclass ViemModule {\n constructor(private readonly _signerClient: SignerClient) {}\n\n async toLocalAccount(): Promise<LocalAccount> {\n const user = await this._signerClient.getUser()\n\n if (!user) {\n throw new UnauthenticatedError({ message: 'Signer not authenticated' })\n }\n\n return toAccount({\n address: user.walletAddress,\n signMessage: ({ message }: { message: SignableMessage }) =>\n this.signMessage(message),\n signTypedData: <\n const typedData extends TypedData \| Record<string, unknown>,\n primaryType extends keyof typedData \| 'EIP712Domain' = keyof typedData,\n >(\n typedDataDefinition: TypedDataDefinition<typedData, primaryType>,\n ) => this.signTypedData<typedData, primaryType>(typedDataDefinition),\n signTransaction: this.signTransaction,\n })\n }\n\n async toSmartAccount({\n client,\n owner,\n }: CurrentUserToLightSmartAccountParams): ReturnType<\n typeof toLightSmartAccount<'0.7'>\n > {\n const user = await this._signerClient.getUser()\n\n if (!user) {\n throw new UnauthenticatedError({ message: 'Signer not authenticated' })\n }\n\n return toLightSmartAccount({\n client,\n owner,\n version: '2.0.0',\n entryPoint: {\n address: entryPoint07Address,\n version: '0.7',\n },\n address: user.smartAccountAddress,\n index: hexToBigInt(user.salt),\n })\n }\n\n async getPaymasterClient() {\n const url = new URL(\n `v1/rpc?apiKey=${this._signerClient.configuration.apiKey}`,\n this._signerClient.configuration.paymasterRpcUrl,\n )\n return createPaymasterClient({\n transport: http(url.toString()),\n })\n }\n\n async signMessage(msg: SignableMessage): Promise<Hex> {\n const messageHash = hashMessage(msg)\n const result = await this._signerClient.signRawMessage<Hex>(messageHash)\n return result\n }\n\n async signTypedData<\n TTypedData extends TypedData \| Record<string, unknown>,\n TPrimaryType extends keyof TTypedData \| 'EIP712Domain' = keyof TTypedData,\n >(params: TypedDataDefinition<TTypedData, TPrimaryType>): Promise<Hex> {\n const messageHash = hashTypedData(params)\n return this._signerClient.signRawMessage(messageHash)\n }\n\n async signTransaction<\n serializer extends SerializeTransactionFn<TransactionSerializable> = SerializeTransactionFn<TransactionSerializable>,\n transaction extends Parameters<serializer>[0] = Parameters<serializer>[0],\n >(\n transaction: transaction,\n options?:\n \| {\n serializer?: serializer \| undefined\n }\n \| undefined,\n ): Promise<\n IsNarrowable<\n TransactionSerialized<GetTransactionType<transaction>>,\n Hex\n > extends true\n ? TransactionSerialized<GetTransactionType<transaction>>\n : Hex\n > {\n const serializeFn = options?.serializer ?? serializeTransaction\n const serializedTx = await serializeFn(transaction)\n const signatureHex = await this._signerClient.signRawMessage<Hex>(\n keccak256(serializedTx),\n )\n\n const signature = {\n r: LibBytes.takeBytes(signatureHex, { count: 32 }),\n s: LibBytes.takeBytes(signatureHex, { count: 32, offset: 32 }),\n v: BigInt(LibBytes.takeBytes(signatureHex, { count: 1, offset: 64 })),\n }\n\n return serializeFn(transaction, signature)\n }\n}\n\nexport { ViemModule }\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,qBAA2C;AAC3C,wBAA2C;AAuB3C,IAAM,eAAN,MAAmB;AAAA,EACA;AAAA,EAEjB,cAAc;AAGZ,SAAK,aAAS,4BAA0B;AAAA,UACtC,2BAAQ,KAAK,kBAAkB;AAAA,QAC7B,MAAM;AAAA,QACN,aAAS,qCAAkB,MAAM,YAAY;AAAA;AAAA,QAE7C,YAAY,CAAC,WAAW,EAAE,QAAQ,MAAM,QAAQ,MAAM,MAAM,KAAK;AAAA,MACnE,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAgC;AAClC,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,KAAK,MAAmB;AAC1B,SAAK,OAAO,SAAS,EAAE,KAAK,CAAC;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,QAA4B;AAC9B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,MAAM,OAAe;AACvB,SAAK,OAAO,SAAS,EAAE,MAAM,CAAC;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,YAAgC;AAClC,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,UAAU,WAAmB;AAC/B,SAAK,OAAO,SAAS,EAAE,UAAU,CAAC;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,SAA6B;AAC/B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAO,QAAgB;AACzB,SAAK,OAAO,SAAS,EAAE,OAAO,CAAC;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAyB;AAC3B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,KAAK,MAAY;AACnB,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,KAAK,CAAC;AAAA,EAC1D;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY;AACV,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,MAAM,OAAU,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc;AACZ,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,QAAQ,OAAU,CAAC;AAAA,EACvE;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY;AACV,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,MAAM,OAAU,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa;AACX,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,OAAO,OAAU,CAAC;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA,EAKA,WAAW;AACT,SAAK,WAAW;AAChB,SAAK,UAAU;AACf,SAAK,YAAY;AACjB,SAAK,UAAU;AAAA,EACjB;AAAA,EAEQ,mBAAiC;AACvC,WAAO;AAAA,MACL,MAAM;AAAA,MACN,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,OAAO;AAAA,IACT;AAAA,EACF;AACF;;;ACrKA,IAAM,cAAN,MAAkB;AAAA,EAChB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjE,MAAM,WAAW,QAAkD;AACjE,WAAO,KAAK,iBAAiB,UAAU,MAAM;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SACJ,QACe;AACf,WAAO,KAAK,iBAAiB,uBAAuB;AAAA,MAClD,GAAG;AAAA,MACH;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AChCA,IAAM,iBAAN,MAAqB;AAAA,EACnB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjE,MAAM,OAAO,QAA8B;AACzC,WAAO,KAAK,iBAAiB,eAAe,MAAM;AAAA,EACpD;AACF;;;AClBA,WAAsB;AACtB,iBAAuB;AAGvB,IAAM,eAAN,MAAmB;AAAA,EACjB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,OAAwB;AAC5B,UAAM,UAAU,MAAM,KAAK,iBAAiB,gBAAgB,QAAQ;AAEpE,UAAM,MAAM,IAAI,IAAI,OAAO;AAE3B,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AACF,QAAI,aAAa,IAAI,gBAAgB,WAAW;AAEhD,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AAEjE,UAAM,QAAQ,IAAI,kBAAO,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AACzD,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,UAAM,QAAQ,IAAS,kBAAa;AAAA,MAClC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AACV,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;;;AClCA,IAAe,WAAf,cAAgC,MAAM;AAAA,EACnB;AAAA,EAEjB,YAAY,SAAiB,OAAsB;AACjD,UAAM,OAAO;AACb,SAAK,SAAS;AAAA,EAChB;AAAA,EAEA,IAAI,UAAU;AACZ,WAAO,KAAK,OAAO;AAAA,EACrB;AACF;;;ACbA,IAAM,kBAAN,MAAM,yBAAwB,SAAS;AAAA,EACrC,YAAY,OAAsB;AAChC,UAAM,iBAAgB,MAAM,KAAK;AAAA,EACnC;AACF;;;ACJA,IAAAA,QAAsB;AAEtB,IAAM,iBAAN,MAAqB;AAAA,EACnB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA,EAEjE,MAAM,OAAwB;AAC5B,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AACjE,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AAEF,UAAM,MAAM,IAAS,mBAAa;AAAA,MAChC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AAEV,UAAM,WAAW,MAAM,MAAM,aAAa;AAAA,MACxC,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU;AAAA,QACnB,OAAO;AAAA,MACT,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,gBAAgB;AAAA,QACxB,SAAS,wCAAwC,SAAS,UAAU;AAAA,MACtE,CAAC;AAAA,IACH;AAEA,UAAM,EAAE,QAAQ,IAAI,MAAM,SAAS,KAAK;AACxC,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,gBAAgB;AAAA,QACxB,SAAS,SAAS;AAAA,MACpB,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AACF;;;AC7CA,IAAAC,QAAsB;AACtB,IAAAC,cAAuB;AAGvB,IAAM,cAAN,MAAkB;AAAA,EAChB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,OAAwB;AAC5B,UAAM,UAAU,MAAM,KAAK,iBAAiB,gBAAgB,OAAO;AAEnE,UAAM,MAAM,IAAI,IAAI,OAAO;AAE3B,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AACF,QAAI,aAAa,IAAI,gBAAgB,WAAW;AAEhD,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AAEjE,UAAM,QAAQ,IAAI,mBAAO,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AACzD,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,UAAM,QAAQ,IAAS,mBAAa;AAAA,MAClC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AACV,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;;;AC3BA,IAAM,cAAN,MAAkB;AAAA,EAKhB,YAA6B,kBAAmC;AAAnC;AAC3B,SAAK,gBAAgB,IAAI,aAAa,KAAK,gBAAgB;AAC3D,SAAK,kBAAkB,IAAI,eAAe,KAAK,gBAAgB;AAC/D,SAAK,eAAe,IAAI,YAAY,KAAK,gBAAgB;AAAA,EAC3D;AAAA,EARiB;AAAA,EACA;AAAA,EACA;AAAA,EAQjB,IAAI,SAAS;AACX,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,WAAW;AACb,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,SAAS,EAAE,QAAQ,SAAS,GAAmB;AACnD,UAAM,KAAK,iBAAiB,uBAAuB;AAAA,MACjD;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AChCA,IAAM,aAAN,MAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUf,YAA6B,kBAAmC;AAAnC;AAC3B,SAAK,YAAY,IAAI,eAAe,KAAK,gBAAgB;AACzD,SAAK,SAAS,IAAI,YAAY,KAAK,gBAAgB;AACnD,SAAK,SAAS,IAAI,YAAY,KAAK,gBAAgB;AAAA,EACrD;AAAA,EAbiB;AAAA,EACA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA,EAgBjB,IAAI,WAAW;AACb,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AACF;;;ACnCA,IAAM,aAAN,MAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMf,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,UAAyB;AAC7B,WAAO,KAAK,iBAAiB,QAAQ;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAA+B;AACnC,WAAO,KAAK,iBAAiB,WAAW;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAA4B;AAChC,WAAO,KAAK,iBAAiB,SAAS;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAwB;AAC5B,WAAO,KAAK,iBAAiB,OAAO;AAAA,EACtC;AACF;;;AC5CA,IAAAC,eAAuC;AACvC,4BAA8B;AAC9B,8BAAgC;;;ACFhC,oBAAuB;AAEvB,IAAM,YAAN,MAAgB;AAAA,EACd,OAAO,WAAW,QAA6B;AAC7C,WAAO,qBAAO,KAAK,MAAM,EACtB,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AAAA,EACrB;AAAA,EAEA,OAAO,SAAS,QAA6B;AAC3C,WAAO,qBAAO,KAAK,QAAQ,QAAQ,EAAE;AAAA,EACvC;AACF;;;ACPA,IAAM,WAAN,MAAe;AAAA,EACb,OAAO,uBAAuB,MAAmB;AAC/C,UAAM,MAAM,IAAI,WAAW,EAAE;AAC7B,WAAO,gBAAgB,GAAG;AAC1B,WAAO,IAAI;AAAA,EACb;AAAA,EAEA,OAAO,YAAY,CACjB,OACA,SAA0B,CAAC,MACZ;AACf,UAAM,EAAE,QAAQ,MAAM,IAAI;AAC1B,UAAM,SAAS,SAAS,SAAS,IAAI,KAAK;AAC1C,UAAM,MAAM,QAAQ,QAAQ,QAAQ,IAAI;AAExC,WAAO,KAAK,MAAM,MAAM,OAAO,GAAG,CAAC;AAAA,EACrC;AACF;;;ACxBA,kBAA8B;;;ACE9B,IAAM,oBAAN,MAAM,2BAA0B,SAAS;AAAA,EACvC,YAAY,OAAsB;AAChC,UAAM,mBAAkB,MAAM,KAAK;AAAA,EACrC;AACF;;;ACJA,IAAM,gBAAN,MAAM,uBAAsB,SAAS;AAAA,EACnC,YAAY,OAAsB;AAChC,UAAM,eAAc,MAAM,KAAK;AAAA,EACjC;AACF;;;ACJA,IAAM,eAAN,MAAM,sBAAqB,SAAS;AAAA,EAClC,YAAY,OAAsB;AAChC,UAAM,cAAa,MAAM,KAAK;AAAA,EAChC;AACF;;;ACJA,IAAM,uBAAN,MAAM,8BAA6B,SAAS;AAAA,EAC1C,YAAY,OAAsB;AAChC,UAAM,sBAAqB,MAAM,KAAK;AAAA,EACxC;AACF;;;ACwGA,IAAM,mBAAmB;AAAA,EACvB,cAAc;AAAA,EACd,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,cAAc;AAAA,EACd,YAAY;AAAA,EACZ,kBAAkB;AAAA,EAClB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,UAAU;AACZ;;;ALzGA,wBAAsC;AACtC,sBAA+D;AAiB/D,IAAe,eAAf,MAA4B;AAAA,EACP;AAAA,EACA;AAAA,EAGA;AAAA,EAEX;AAAA,EACA;AAAA,EAER,YAAY;AAAA,IACV;AAAA,IACA,eAAe,EAAE,QAAQ,iBAAiB,GAAG,sBAAsB;AAAA,EACrE,GAAkC;AAChC,SAAK,iBAAiB,IAAI;AAAA,MACxB,EAAE,SAAS,0BAA0B;AAAA,MACrC;AAAA,IACF;AAEA,SAAK,iBAAiB;AAAA,MACpB,GAAG;AAAA,MACH,QAAQ,UAAU;AAAA,MAClB,iBAAiB,mBAAmB;AAAA,IACtC;AAEA,SAAK,gBAAgB,IAAI,aAAa;AAAA,EACxC;AAAA,EAEA,IAAI,gBAAqD;AACvD,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAa,UAAU;AACrB,QAAI,KAAK,cAAc,KAAM,QAAO,KAAK,cAAc;AAEvD,QAAI;AACF,YAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ;AACxC,WAAK,cAAc,OAAO;AAC1B,aAAO;AAAA,IACT,SAAS,OAAO;AAEd,UAAI,iBAAiB,mBAAmB;AACtC,YAAI;AACF,gBAAM,KAAK,cAAc;AACzB,gBAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ;AACxC,eAAK,cAAc,OAAO;AAC1B,iBAAO;AAAA,QACT,SAASC,QAAO;AACd,gBAAMA;AAAA,QACR;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAa,aAAa;AACxB,UAAM,QAAQ,KAAK,cAAc;AAGjC,QAAI,SAAS,CAAC,KAAK,gBAAgB,KAAK,EAAG,QAAO;AAGlD,QAAI;AACF,YAAM,KAAK,cAAc;AACzB,aAAO,CAAC,CAAC,KAAK,cAAc;AAAA,IAC9B,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,WAA4B;AAEvC,QAAI,CAAC,KAAK,cAAc,OAAO;AAE7B,UAAI;AACF,cAAM,KAAK,cAAc;AAAA,MAC3B,QAAQ;AACN,cAAM,IAAI,kBAAkB;AAAA,UAC1B,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF,WAAW,KAAK,gBAAgB,KAAK,cAAc,KAAK,GAAG;AAEzD,UAAI;AACF,cAAM,KAAK,cAAc;AAAA,MAC3B,QAAQ;AACN,cAAM,IAAI,kBAAkB;AAAA,UAC1B,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF;AAEA,UAAM,QAAQ,KAAK,cAAc;AACjC,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,kBAAkB;AAAA,QAC1B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,gBAAgB,OAAwB;AAC9C,QAAI;AACF,YAAM,cAAU,6BAAsB,KAAK;AAC3C,UAAI,QAAQ,KAAK;AACf,eAAO,QAAQ,MAAM,OAAQ,KAAK,IAAI;AAAA,MACxC;AACA,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,SAAS;AACpB,QAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AACvD,SAAK,gBAAgB;AACrB,UAAM,KAAK,QAAQ,YAAY;AAC/B,SAAK,cAAc,SAAS;AAAA,EAC9B;AAAA,EAEA,MAAa,eAAoC,KAA4B;AAC3E,QAAI,CAAC,KAAK,cAAc,SAAS,CAAC,KAAK,cAAc,MAAM;AACzD,YAAM,IAAI,kBAAkB;AAAA,QAC1B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AAEA,UAAM,iBAAiB,MAAM,KAAK,eAAe,oBAAoB;AAAA,MACnE,gBAAgB,KAAK,cAAc,KAAK;AAAA,MACxC,MAAM;AAAA,MACN,aAAa,KAAK,IAAI,EAAE,SAAS;AAAA,MACjC,YAAY;AAAA,QACV,UAAU;AAAA,QACV,cAAc;AAAA,QACd,SAAS;AAAA,QACT,UAAU,KAAK,cAAc,KAAK;AAAA,MACpC;AAAA,IACF,CAAC;AAED,UAAM,EAAE,UAAU,IAAI,MAAM,KAAK,QAAQ,YAAY;AAAA,MACnD;AAAA,IACF,CAAC;AAED,WAAa;AAAA,EACf;AAAA,EAEA,IAAc,QAAQ,SAAmC;AACvD,SAAK,eAAe,UAAU;AAAA,EAChC;AAAA,EAEA,IAAc,UAAoC;AAChD,WAAO,KAAK,eAAe;AAAA,EAC7B;AAAA,EAEA,MAAgB,WAAW,OAAuC;AAChE,QAAI;AACF,YAAM,EAAE,SAAS,IAAI,MAAM,KAAK,QAAQ,cAAc,EAAE,MAAM,CAAC;AAC/D,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,EAAE,iBAAiB,UAAW,OAAM;AAExC,YAAM,WAAqB;AAE3B,cAAQ,SAAS,YAAY,MAAM;AAAA,QACjC,KAAK,cAAc,MAAM;AACvB,iBAAO;AAAA,QACT;AAAA,QACA,SAAS;AACP,gBAAM;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAgB,OAAO,UAAmB;AACxC,UAAM,QAAQ,YAAY,KAAK,cAAc,MAAM;AAEnD,QAAI,CAAC,MAAO,OAAM,IAAI,gBAAgB,EAAE,SAAS,oBAAoB,CAAC;AAEtE,UAAM,iBAAiB,MAAM,KAAK,eAAe,eAAe;AAAA,MAC9D,gBAAgB;AAAA,IAClB,CAAC;AAED,UAAM,EAAE,MAAM,OAAO,UAAU,IAAI,MAAM,KAAK,QAAQ,cAAc;AAAA,MAClE;AAAA,IACF,CAAC;AAED,UAAM,gBAAgB,MAAM;AAC1B,UAAI;AACF,eAAO,KAAK,MAAM,gBAAgB,MAAM,gBAAgB,EACrD;AAAA,MACL,SAAS,GAAG;AACV,eAAO;AAAA,MACT;AAAA,IACF,GAAG;AAEH,SAAK,cAAc,OAAO;AAAA,MACxB,GAAG;AAAA,MACH;AAAA,IACF;AACA,SAAK,cAAc,QAAQ;AAC3B,SAAK,cAAc,YAAY;AAC/B,SAAK,iBAAiB,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAgB,QACd,OACA,MAC+C;AAC/C,UAAM,MAAM,IAAI,IAAI,GAAG,KAAK,IAAI,KAAK,eAAe,MAAM;AAC1D,UAAM,QAAQ,KAAK,cAAc;AACjC,UAAM,YAAY,KAAK,cAAc;AAErC,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,MAChB,eAAe,KAAK,eAAe;AAAA,IACrC;AAEA,QAAI,OAAO;AACT,cAAQ,eAAe,IAAI,UAAU,KAAK;AAAA,IAC5C;AAEA,QAAI,WAAW;AACb,cAAQ,cAAc,IAAI;AAAA,IAC5B;AAEA,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ,iBAAiB,KAAK;AAAA,MAC9B,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB;AAAA,MACA,aAAa;AAAA,IACf,CAAC;AAED,UAAM,EAAE,MAAM,MAAM,IAAK,MAAM,SAAS,KAAK;AAI7C,QAAI,OAAO;AACT,cAAQ,MAAM,MAAM;AAAA,QAClB,KAAK,qBAAqB;AACxB,gBAAM,IAAI,kBAAkB,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACxD;AAAA,QACA,KAAK,iBAAiB;AACpB,gBAAM,IAAI,cAAc,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACpD;AAAA,QACA,KAAK,mBAAmB;AACtB,gBAAM,IAAI,gBAAgB,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACtD;AAAA,QACA,SAAS;AACP,gBAAM,IAAI,aAAa,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACnD;AAAA,MACF;AAAA,IACF;AAEA,WAAO,EAAE,GAAG,KAAK;AAAA,EACnB;AAAA,EAEU,iBAAiB,OAAe;AACxC,QAAI;AACF,YAAM,cAAU,6BAAsB,KAAK;AAC3C,UAAI,CAAC,QAAQ,IAAK;AAElB,YAAM,aAAa,IAAI,KAAK,QAAQ,MAAM,GAAI;AAC9C,YAAM,kBAAc,4BAAW,YAAY,CAAC;AAG5C,YAAM,YAAQ,0BAAS,aAAa,oBAAI,KAAK,CAAC,IAC1C,QACA,0CAAyB,aAAa,oBAAI,KAAK,CAAC;AAGpD,UAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AAGvD,WAAK,gBAAgB,WAAW,MAAM;AACpC,aAAK,gBAAgB;AACrB,aAAK,cAAc;AAAA,MACrB,GAAG,KAAK;AAAA,IACV,QAAQ;AAAA,IAER;AAAA,EACF;AAAA,EAEA,MAAc,gBAA+B;AAC3C,QAAI,KAAK,gBAAiB,QAAO,KAAK;AAGtC,SAAK,mBAAmB,YAAY;AAClC,YAAM,aAAa;AACnB,YAAM,iBAAiB;AAEvB,UAAI;AAEF,YAAI,CAAC,KAAK,cAAc,WAAW;AACjC,gBAAM,EAAE,UAAU,IAAI,MAAM,KAAK,QAAQ,gBAAgB;AACzD,eAAK,cAAc,YAAY;AAAA,QACjC;AAGA,cAAM,iBAAiB,KAAK,QAAQ,aAAa;AACjD,cAAM,OAAO,MAAM,QAAQ,KAAK;AAAA,UAC9B;AAAA,UACA,IAAI;AAAA,YAAe,CAAC,GAAG,WACrB,WAAW,MAAM,OAAO,IAAI,MAAM,iBAAiB,CAAC,GAAG,UAAU;AAAA,UACnE;AAAA,QACF,CAAC;AAED,YAAI,CAAC,QAAQ,CAAC,KAAK,SAAS,CAAC,KAAK,WAAW;AAE3C,gBAAM,IAAI,kBAAkB;AAAA,YAC1B,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,aAAK,cAAc,QAAQ,KAAK;AAChC,aAAK,cAAc,YAAY,KAAK;AACpC,aAAK,iBAAiB,KAAK,KAAK;AAAA,MAClC,SAAS,OAAO;AAEd,YAAI,iBAAiB,mBAAmB;AACtC,cAAI;AACF,iBAAK,cAAc,SAAS;AAAA,UAC9B,QAAQ;AAAA,UAER;AACA,gBAAM;AAAA,QACR;AAGA,YAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AACvD,cAAM,cAAc;AACpB,YAAI,aAAa;AAGjB,aAAK,gBAAgB,WAAW,MAAM;AACpC,eAAK,gBAAgB;AACrB,eAAK,KAAK,cAAc,EAAE,MAAM,MAAM;AAGpC;AACA,gBAAI,cAAc,aAAa;AAC7B,oBAAM,YAAY,KAAK;AAAA,gBACrB,iBAAiB,MAAM,aAAa;AAAA,gBACpC;AAAA,cACF;AACA,mBAAK,gBAAgB,WAAW,MAAM;AAIpC,qBAAK,gBAAgB;AACrB,qBAAK,KAAK,cAAc,EAAE,MAAM,MAAM;AAAA,gBAAC,CAAC;AAAA,cAC1C,GAAG,SAAS;AAAA,YACd;AAAA,UACF,CAAC;AAAA,QACH,GAAG,cAAc;AAEjB,cAAM;AAAA,MACR,UAAE;AACA,aAAK,kBAAkB;AAAA,MACzB;AAAA,IACF,GAAG;AAEH,WAAO,KAAK;AAAA,EACd;AACF;;;AH/UA,IAAM,kBAAN,cAA8B,aAAa;AAAA,EACjC;AAAA,EACA;AAAA,EACR;AAAA,EAKS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOT,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAqC;AACnC,UAAM,eAAe;AAAA,MACnB,iBAAiB,QAAQ,mBAAmB;AAAA,MAC5C,mBAAmB,QAAQ,qBAAqB;AAAA,IAClD;AAEA,UAAM,kBAAkB,SAAS,cAAc,KAAK;AACpD,oBAAgB,KAAK,aAAa;AAClC,oBAAgB,MAAM,UAAU;AAChC,aAAS,KAAK,YAAY,eAAe;AAEzC,UAAM,gBAAgB,IAAI,oCAAc;AAAA,MACtC,WAAW;AAAA,MACX,iBAAiB,aAAa;AAAA,MAC9B,iBAAiB,SAAS,eAAe,aAAa,iBAAiB;AAAA,IACzE,CAAC;AAED,UAAM;AAAA,MACJ,SAAS;AAAA;AAAA,MACT;AAAA,IACF,CAAC;AAED,SAAK,gBAAgB;AACrB,SAAK,eAAe;AACpB,SAAK,kBAAkB,IAAI,wCAAgB,EAAE,MAAM,SAAS,KAAK,CAAC;AAElE,SAAK,qBAAqB;AAAA,EAC5B;AAAA,EAEA,MAAsB,SAAS;AAC7B,UAAM,OAAO;AAEb,SAAK,cAAc,MAAM;AAKzB,UAAM,UAAU,IAAI,oCAAc;AAAA,MAChC,WAAW;AAAA,MACX,iBAAiB,KAAK,aAAa;AAAA,MACnC,iBAAiB,SAAS;AAAA,QACxB,KAAK,aAAa;AAAA,MACpB;AAAA,IACF,CAAC;AACD,SAAK,gBAAgB;AACrB,UAAM,KAAK,mBAAmB;AAAA,EAChC;AAAA,EAEA,MAAsB,eACpB,KACe;AACf,UAAM,KAAK,eAAe;AAC1B,WAAO,MAAM,eAAe,GAAG;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,gBAAgB,UAAkB;AAC7C,UAAM,EAAE,IAAI,IAAI,MAAM,KAAK,QAAQ,kBAAkB;AAAA,MACnD;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,eAAe,EAAE,MAAM,GAAyB;AAC3D,UAAM,uBAAuB,MAAM,KAAK,WAAW,KAAK;AAExD,QAAI,CAAC,sBAAsB;AACzB,YAAM,KAAK,eAAe,EAAE,QAAQ,YAAY,MAAM,CAAC;AAAA,IACzD,OAAO;AACL,WAAK,UAAU,KAAK;AACpB,YAAM,KAAK,OAAO,oBAAoB;AAEtC,WAAK,cAAc;AAGnB,UAAI,CAAC,KAAK,cAAc,QAAQ,CAAC,KAAK,cAAc,KAAK,cAAc;AACrE;AAAA,MACF;AAEA,WAAK,gBAAgB,mBAAmB;AAAA,QACtC;AAAA,UACE,IAAI,UAAU,SAAS,KAAK,cAAc,KAAK,YAAY;AAAA,UAC3D,MAAM;AAAA,UACN,YAAY,CAAC,YAAY,KAAK;AAAA,QAChC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,UAAU,QAAmC;AACxD,UAAM,uBAAuB,MAAM,KAAK,WAAW,OAAO,KAAK;AAE/D,QAAI,CAAC,sBAAsB;AACzB,YAAM,KAAK,eAAe,EAAE,QAAQ,SAAS,GAAG,OAAO,CAAC;AAAA,IAC1D,OAAO;AACL,YAAM,KAAK,iBAAiB,MAAM;AAAA,IACpC;AAAA,EACF;AAAA,EAEA,MAAa,qBAAqB;AAChC,WAAO,MAAM,KAAK,mBAAmB;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,uBAAuB;AAAA,IAClC;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAgD;AAC9C,UAAM,KAAK,mBAAmB;AAE9B,UAAM,SAAS,MAAM,KAAK,cAAc,uBAAuB,MAAM;AAErE,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,MAAM,oCAAoC;AAAA,IACtD;AAEA,UAAM,KAAK,OAAO,QAAQ;AAE1B,SAAK,cAAc,OAAO;AAC1B,SAAK,cAAc,SAAS;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,iBAAiB;AAE7B,QACE,KAAK,cAAc,SAAS,WAC3B,KAAK,cAAc,WAAW,UAC7B,KAAK,cAAc,UAAU;AAE/B;AACF,QAAI,KAAK,cAAc,oCAA+B;AACpD,WAAK,UAAU,KAAK;AAAA,IACtB,OAAO;AACL,WAAK,UAAU,KAAK;AAGpB,YAAM,KAAK,uBAAuB;AAAA,QAChC,QAAQ,KAAK,cAAc;AAAA,QAC3B,UAAU,KAAK,cAAc,MAAM;AAAA,QACnC,aAAa,KAAK,cAAc;AAAA,MAClC,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,iBAAiB;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAA8B;AAC5B,WAAO,KAAK,QAAQ,kBAAkB;AAAA,MACpC;AAAA,MACA,iBAAiB,MAAM,KAAK,mBAAmB;AAAA,MAC/C;AAAA,MACA,aAAa,YAAY,SAAS;AAAA,IACpC,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,uBACZ,QACA;AACA,UAAM,EAAE,WAAW,YAAY,IAAI,MAAM,KAAK;AAAA,MAC5C,OAAO;AAAA,IACT;AAEA,UAAM,EAAE,MAAM,OAAO,UAAU,IAAI,MAAM,KAAK,QAAQ,cAAc;AAAA,MAClE,SAAS;AAAA,QACP,WAAW,UAAU,WAAW,SAAS;AAAA,QACzC;AAAA,MACF;AAAA,MACA,OAAO,OAAO;AAAA,IAChB,CAAC;AAED,SAAK,cAAc,OAAO;AAAA,MACxB,GAAG;AAAA,MACH,cAAc,YAAY;AAAA,IAC5B;AACA,SAAK,cAAc;AAEnB,SAAK,cAAc,QAAQ;AAC3B,SAAK,cAAc,YAAY;AAC/B,SAAK,iBAAiB,KAAM;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,oBACZ,QACA;AACA,UAAM,EAAE,OAAO,mBAAmB,YAAY,IAC5C;AAEF,UAAM,WAAW,MAAM,KAAK,QAAQ,cAAc;AAAA,MAChD;AAAA,MACA,QAAQ;AAAA,QACN,iBAAiB,MAAM,KAAK,mBAAmB;AAAA,QAC/C;AAAA,QACA,aAAa,YAAY,SAAS;AAAA,MACpC;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,eAAe,QAA6B;AACxD,YAAQ,OAAO,QAAQ;AAAA,MACrB,KAAK,YAAY;AACf,cAAM,KAAK,uBAAuB,MAAM;AACxC;AAAA,MACF;AAAA,MACA,KAAK,SAAS;AACZ,cAAM,KAAK,oBAAoB,MAAM;AACrC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,6BAA6B,OAAe;AACxD,UAAM,YAAY,SAAS,qBAAqB;AAChD,UAAM,sBAAsB,SAAS,qBAAqB;AAE1D,UAAM,cAAc,UAAM,qCAAuB;AAAA,MAC/C,WAAW;AAAA,QACT,wBAAwB;AAAA,UACtB,aAAa;AAAA,UACb,oBAAoB;AAAA,UACpB,kBAAkB;AAAA,QACpB;AAAA,QACA;AAAA,QACA,IAAI;AAAA,UACF,IAAI,OAAO,SAAS;AAAA,UACpB,MAAM,OAAO,SAAS;AAAA,QACxB;AAAA,QACA,kBAAkB;AAAA,UAChB;AAAA,YACE,MAAM;AAAA,YACN,KAAK;AAAA,UACP;AAAA,UACA;AAAA,YACE,MAAM;AAAA,YACN,KAAK;AAAA,UACP;AAAA,QACF;AAAA,QACA,MAAM;AAAA,UACJ,IAAI;AAAA,UACJ,MAAM;AAAA,UACN,aAAa;AAAA,QACf;AAAA,MACF;AAAA,IACF,CAAC;AAED,WAAO,EAAE,WAAW,aAAa,oBAAoB;AAAA,EACvD;AAAA,EAEA,MAAc,qBAAqB;AACjC,QAAI,CAAC,KAAK,cAAc,UAAU,GAAG;AACnC,YAAM,KAAK,cAAc,KAAK;AAAA,IAChC;AAEA,SAAK,UAAU,KAAK;AAEpB,WAAO,KAAK,cAAc,UAAU;AAAA,EACtC;AACF;;;ASlYA,kBAqBO;AACP,sBAA0B;AAG1B,IAAAC,mBAAoC;AACpC,iCAGO;AAYP,IAAM,aAAN,MAAiB;AAAA,EACf,YAA6B,eAA6B;AAA7B;AAAA,EAA8B;AAAA,EAE3D,MAAM,iBAAwC;AAC5C,UAAM,OAAO,MAAM,KAAK,cAAc,QAAQ;AAE9C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,qBAAqB,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACxE;AAEA,eAAO,2BAAU;AAAA,MACf,SAAS,KAAK;AAAA,MACd,aAAa,CAAC,EAAE,QAAQ,MACtB,KAAK,YAAY,OAAO;AAAA,MAC1B,eAAe,CAIb,wBACG,KAAK,cAAsC,mBAAmB;AAAA,MACnE,iBAAiB,KAAK;AAAA,IACxB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,eAAe;AAAA,IACnB;AAAA,IACA;AAAA,EACF,GAEE;AACA,UAAM,OAAO,MAAM,KAAK,cAAc,QAAQ;AAE9C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,qBAAqB,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACxE;AAEA,eAAO,sCAAoB;AAAA,MACzB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT,YAAY;AAAA,QACV,SAAS;AAAA,QACT,SAAS;AAAA,MACX;AAAA,MACA,SAAS,KAAK;AAAA,MACd,WAAO,yBAAY,KAAK,IAAI;AAAA,IAC9B,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBAAqB;AACzB,UAAM,MAAM,IAAI;AAAA,MACd,iBAAiB,KAAK,cAAc,cAAc,MAAM;AAAA,MACxD,KAAK,cAAc,cAAc;AAAA,IACnC;AACA,eAAO,kDAAsB;AAAA,MAC3B,eAAW,kBAAK,IAAI,SAAS,CAAC;AAAA,IAChC,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,YAAY,KAAoC;AACpD,UAAM,kBAAc,yBAAY,GAAG;AACnC,UAAM,SAAS,MAAM,KAAK,cAAc,eAAoB,WAAW;AACvE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAGJ,QAAqE;AACrE,UAAM,kBAAc,2BAAc,MAAM;AACxC,WAAO,KAAK,cAAc,eAAe,WAAW;AAAA,EACtD;AAAA,EAEA,MAAM,gBAIJ,aACA,SAYA;AACA,UAAM,cAAc,SAAS,cAAc;AAC3C,UAAM,eAAe,MAAM,YAAY,WAAW;AAClD,UAAM,eAAe,MAAM,KAAK,cAAc;AAAA,UAC5C,uBAAU,YAAY;AAAA,IACxB;AAEA,UAAM,YAAY;AAAA,MAChB,GAAG,SAAS,UAAU,cAAc,EAAE,OAAO,GAAG,CAAC;AAAA,MACjD,GAAG,SAAS,UAAU,cAAc,EAAE,OAAO,IAAI,QAAQ,GAAG,CAAC;AAAA,MAC7D,GAAG,OAAO,SAAS,UAAU,cAAc,EAAE,OAAO,GAAG,QAAQ,GAAG,CAAC,CAAC;AAAA,IACtE;AAEA,WAAO,YAAY,aAAa,SAAS;AAAA,EAC3C;AACF;;;ArBlIA,IAAM,iBAAN,MAAqB;AAAA,EACF;AAAA,EACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EA2BjB,YAAY;AAAA,IACV;AAAA,IACA,MAAM,EAAE,UAAU,QAAQ,MAAM;AAAA,EAClC,GAAoC;AAClC,SAAK,mBAAmB,IAAI,gBAAgB;AAAA,MAC1C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAED,SAAK,WAAW;AAAA,MACd,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,MAC1C,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,MAC1C,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,IAC5C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AACF;","names":["jose","jose","import_sha","import_http","error","import_accounts"]}

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/session/index.ts","../src/modules/auth/email.ts","../src/modules/auth/passkeys.ts","../src/modules/auth/oauth/google.ts","../src/errors/SDKError.ts","../src/errors/BadRequestError.ts","../src/modules/auth/oauth/facebook.ts","../src/modules/auth/oauth/apple.ts","../src/modules/auth/oauth.ts","../src/modules/auth/index.ts","../src/modules/user/index.ts","../src/signer/web.ts","../src/lib/base64.ts","../src/lib/bytes.ts","../src/signer/index.ts","../src/errors/UnauthorizedError.ts","../src/errors/NotFoundError.ts","../src/errors/GenericError.ts","../src/errors/UnauthenticatedError.ts","../src/types/routes.ts","../src/third-party/viem.ts","../src/index.ts"],"sourcesContent":["import { createStore, type StoreApi } from 'zustand'\nimport { persist, createJSONStorage } from 'zustand/middleware'\nimport { User } from '../types/entities.js'\n\nenum SessionType {\n Email = 'email',\n Passkeys = 'passkeys',\n OAuth = 'oauth',\n}\n\n/*\n The state of the session.\n /\ntype SessionState = {\n type?: SessionType\n user?: User\n bundle?: string\n token?: string\n csrfToken?: string\n}\n\n/\n A store for the session state.\n /\nclass SessionStore {\n private readonly _store: StoreApi<SessionState>\n\n constructor() {\n // Persist only `bundle` and `type` to localStorage.\n // `user` and `token` stay in memory (not persisted).\n this._store = createStore<SessionState>()(\n persist(this._getInitialState, {\n name: 'fourt-session',\n storage: createJSONStorage(() => localStorage),\n // keep only these keys in persisted storage\n partialize: (state) => ({ bundle: state.bundle, type: state.type }),\n }),\n )\n }\n\n /\n Gets the type from the session state.\n \n @returns {SessionType \| undefined} the type.\n /\n get type(): SessionType \| undefined {\n return this._store.getState().type\n }\n\n /\n Sets the type in the session state.\n \n @param {SessionType} type the type to set.\n /\n set type(type: SessionType) {\n this._store.setState({ type })\n }\n\n /\n Gets the token from the session state.\n \n @returns {string \| undefined} the token.\n /\n get token(): string \| undefined {\n return this._store.getState().token\n }\n\n /\n Sets the token in the session state.\n \n @param {string} token the token to set.\n /\n set token(token: string) {\n this._store.setState({ token })\n }\n\n /\n Gets the CSRF token from the session state.\n \n @returns {string \| undefined} the CSRF token.\n /\n get csrfToken(): string \| undefined {\n return this._store.getState().csrfToken\n }\n\n /\n Sets the CSRF token in the session state.\n \n @param {string} csrfToken the CSRF token to set.\n /\n set csrfToken(csrfToken: string) {\n this._store.setState({ csrfToken })\n }\n\n /\n Gets the bundle from the session state.\n \n @returns {string \| undefined} the bundle.\n /\n get bundle(): string \| undefined {\n return this._store.getState().bundle\n }\n\n /\n Sets the bundle in the session state.\n \n @param {string} bundle the bundle to set.\n /\n set bundle(bundle: string) {\n this._store.setState({ bundle })\n }\n\n /\n Gets the user from the session state.\n \n @returns {User \| undefined} the user.\n /\n get user(): User \| undefined {\n return this._store.getState().user\n }\n\n /\n Sets the user in the session state.\n \n @param {User} user the user to set.\n /\n set user(user: User) {\n this._store.setState({ ...this._store.getState(), user })\n }\n\n /\n Clears the user from the session state.\n /\n clearUser() {\n this._store.setState({ ...this._store.getState(), user: undefined })\n }\n\n /\n Clears the bundle from the session state.\n /\n clearBundle() {\n this._store.setState({ ...this._store.getState(), bundle: undefined })\n }\n\n /\n Clears the type from the session state.\n /\n clearType() {\n this._store.setState({ ...this._store.getState(), type: undefined })\n }\n\n /\n Clears the token from the session state.\n /\n clearToken() {\n this._store.setState({ ...this._store.getState(), token: undefined })\n }\n\n /\n Clears the token and user from the session state.\n /\n clearAll() {\n this.clearToken()\n this.clearUser()\n this.clearBundle()\n this.clearType()\n }\n\n private _getInitialState(): SessionState {\n return {\n type: undefined,\n user: undefined,\n bundle: undefined,\n token: undefined,\n }\n }\n}\n\nexport { SessionType, SessionStore }\nexport type { SessionState }\n","import { SessionType } from '../../session/index.js'\nimport type {\n WebSignerClient,\n EmailInitializeAuthParams,\n CompleteAuthWithBundleParams,\n} from '../../signer/web.js'\n\n/\n A module for interacting with the Email authentication methods.\n * Available through the `auth.email` property on a `FourtWebSigner` instance.\n /\nclass EmailModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Initialize user authentication process using email.\n \n @param params {EmailInitializeAuthParams} params to initialize the user authentication process.\n * @returns {Promise<void>} promise that resolves to the result of the authentication process.\n /\n async initialize(params: EmailInitializeAuthParams): Promise<void> {\n return this._webSignerClient.emailAuth(params)\n }\n\n /\n Completes authentication with bundle after user receives the bundle and subOrgId as URL params.\n \n @param params {CompleteAuthWithBundleParams} params received as URL params necessary to complete authentication process.\n * @returns {Promise<void>} promise that completes the authentication process.\n /\n async complete(\n params: Pick<CompleteAuthWithBundleParams, 'subOrgId' \| 'bundle'>,\n ): Promise<void> {\n return this._webSignerClient.completeAuthWithBundle({\n ...params,\n sessionType: SessionType.Email,\n })\n }\n}\n\nexport { EmailModule }\n","import type { WebSignerClient, WebauthnSignInParams } from '../../signer/web.js'\n\n/\n A module for interacting with the Passkeys authentication methods.\n * Available through the `auth.passkeys` property on a `FourtWebSigner` instance.\n /\nclass PasskeysModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Signs in a user using Passkeys.\n \n @param params {WebauthnSignInParams} params for the sign-in process.\n * @returns {Promise<void>} promise that resolves to the result of the sign-in process.\n /\n async signIn(params: WebauthnSignInParams) {\n return this._webSignerClient.webauthnSignIn(params)\n }\n}\n\nexport { PasskeysModule }\n","import as jose from 'jose'\nimport { sha256 } from 'sha.js'\nimport type { WebSignerClient } from '../../../signer/web.js'\n\nclass GoogleModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /*\n \n * @returns\n /\n async init(): Promise<string> {\n const initUrl = await this._webSignerClient.getOAuthInitUrl('google')\n\n const url = new URL(initUrl)\n\n const internalUrl = new URL(\n 'v1/oauth/google',\n this._webSignerClient.configuration.apiUrl,\n ).href\n url.searchParams.set('redirect_uri', internalUrl)\n\n const publicKey = await this._webSignerClient.getIframePublicKey()\n\n const nonce = new sha256().update(publicKey).digest('hex')\n url.searchParams.set('nonce', nonce)\n\n const state = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n url.searchParams.set('state', state)\n\n return url.toString()\n }\n}\n\nexport { GoogleModule }\n","type SDKErrorProps = {\n message: string\n}\n\nabstract class SDKError extends Error {\n private readonly _props: SDKErrorProps\n\n constructor(message: string, props: SDKErrorProps) {\n super(message)\n this._props = props\n }\n\n get message() {\n return this._props.message\n }\n}\n\nexport { SDKError }\nexport type { SDKErrorProps }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass BadRequestError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(BadRequestError.name, props)\n }\n}\n\nexport { BadRequestError }\n","import { BadRequestError } from '../../../errors/BadRequestError.js'\nimport { WebSignerClient } from '../../../signer/web.js'\nimport as jose from 'jose'\n\nclass FacebookModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n async init(): Promise<string> {\n const publicKey = await this._webSignerClient.getIframePublicKey()\n const internalUrl = new URL(\n 'v1/oauth/facebook',\n this._webSignerClient.configuration.apiUrl,\n ).href\n\n const jwt = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n\n const response = await fetch(internalUrl, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n state: jwt,\n }),\n })\n\n if (!response.ok) {\n throw new BadRequestError({\n message: `Failed to create OAuth state. Error: ${response.statusText}`,\n })\n }\n\n const { authUrl } = await response.json()\n if (!authUrl) {\n throw new BadRequestError({\n message: response.statusText,\n })\n }\n\n return authUrl\n }\n}\n\nexport { FacebookModule }\n","import * as jose from 'jose'\nimport { sha256 } from 'sha.js'\nimport type { WebSignerClient } from '../../../signer/web.js'\n\nclass AppleModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /*\n \n * @returns\n /\n async init(): Promise<string> {\n const initUrl = await this._webSignerClient.getOAuthInitUrl('apple')\n\n const url = new URL(initUrl)\n\n const internalUrl = new URL(\n 'v1/oauth/apple',\n this._webSignerClient.configuration.apiUrl,\n ).href\n url.searchParams.set('redirect_uri', internalUrl)\n\n const publicKey = await this._webSignerClient.getIframePublicKey()\n\n const nonce = new sha256().update(publicKey).digest('hex')\n url.searchParams.set('nonce', nonce)\n\n const state = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n url.searchParams.set('state', state)\n\n return url.toString()\n }\n}\n\nexport { AppleModule }\n","import { SessionType } from '../../session/index.js'\nimport type { WebSignerClient } from '../../signer/web.js'\nimport { GoogleModule } from './oauth/google.js'\nimport { FacebookModule } from './oauth/facebook.js'\nimport { AppleModule } from './oauth/apple.js'\n\ntype CompleteParams = {\n bundle: string\n subOrgId: string\n}\n\nclass OAuthModule {\n private readonly _googleModule: GoogleModule\n private readonly _facebookModule: FacebookModule\n private readonly _appleModule: AppleModule\n\n constructor(private readonly _webSignerClient: WebSignerClient) {\n this._googleModule = new GoogleModule(this._webSignerClient)\n this._facebookModule = new FacebookModule(this._webSignerClient)\n this._appleModule = new AppleModule(this._webSignerClient)\n }\n\n get google() {\n return this._googleModule\n }\n\n get facebook() {\n return this._facebookModule\n }\n\n get apple() {\n return this._appleModule\n }\n\n async complete({ bundle, subOrgId }: CompleteParams) {\n await this._webSignerClient.completeAuthWithBundle({\n bundle,\n subOrgId,\n sessionType: SessionType.OAuth,\n })\n }\n}\n\nexport { OAuthModule }\n","import type { WebSignerClient } from '../../signer/web.js'\nimport { EmailModule } from './email.js'\nimport { PasskeysModule } from './passkeys.js'\nimport { OAuthModule } from './oauth.js'\n\n/\n A module for interacting with the authentication methods.\n * Available through the `auth` property on a `FourtWebSigner` instance.\n /\nclass AuthModule {\n private readonly _passkeys: PasskeysModule\n private readonly _email: EmailModule\n private readonly _oauth: OAuthModule\n\n /\n Initializes a new instance of the `AuthModule` class.\n \n @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.\n /\n constructor(private readonly _webSignerClient: WebSignerClient) {\n this._passkeys = new PasskeysModule(this._webSignerClient)\n this._email = new EmailModule(this._webSignerClient)\n this._oauth = new OAuthModule(this._webSignerClient)\n }\n\n /\n A module for interacting with the Passkeys authentication methods.\n /\n get passkeys() {\n return this._passkeys\n }\n\n /\n A module for interacting with the Passkeys authentication methods.\n /\n get email() {\n return this._email\n }\n\n get oauth() {\n return this._oauth\n }\n}\n\nexport { AuthModule }\nexport { PasskeysModule } from './passkeys.js'\nexport { EmailModule } from './email.js'\n","import { WebSignerClient } from '../../signer/web.js'\nimport { User } from '../../types/entities.js'\n\n/\n A module for interacting with the user methods.\n * Available through the `user` property on a `FourtWebSigner` instance.\n /\nclass UserModule {\n /\n Initializes a new instance of the `UserModule` class.\n \n @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.\n /\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Retrieves information for the authenticated user.\n * Assumes a user is already logged in, otherwise it will throw an error.\n /\n async getInfo(): Promise<User> {\n return this._webSignerClient.getUser()\n }\n\n /\n Checks if a user is currently logged in to the fourt.io SDK.\n /\n async isLoggedIn(): Promise<boolean> {\n return this._webSignerClient.isLoggedIn()\n }\n\n /\n Generates an access token with a lifespan of 15 minutes.\n * Assumes a user is already logged in, otherwise it will throw an error.\n /\n async getToken(): Promise<string> {\n return this._webSignerClient.getToken()\n }\n\n /\n Logs out the user.\n /\n async logout(): Promise<void> {\n return this._webSignerClient.logout()\n }\n}\n\nexport { UserModule }\n","import { getWebAuthnAttestation } from '@turnkey/http'\nimport { IframeStamper } from '@turnkey/iframe-stamper'\nimport { WebauthnStamper } from '@turnkey/webauthn-stamper'\nimport { LibBase64 } from '../lib/base64.js'\nimport { LibBytes } from '../lib/bytes.js'\nimport { SessionType } from '../session/index.js'\nimport {\n type SignerClientInheritedConstructorParams,\n SignerClient,\n} from './index.js'\n\ntype WebauthnSignInParams = {\n email: string\n}\n\n// When user starts auth with email - can be either a signup or a signin\ntype EmailInitializeAuthParams = {\n email: string\n redirectUrl: string\n expirationSeconds?: number // Defaults to 15 minutes by Turnkey\n}\n\n// * When user completes auth with bundle\ntype CompleteAuthWithBundleParams = {\n bundle: string\n subOrgId: string\n sessionType: SessionType\n isNewUser?: boolean\n}\n\ntype GoogleOAuthSignInParams = {\n credential: string\n clientId: string\n}\n\nexport type OAuthConfiguration = {\n common: {\n redirectUrl: string\n }\n}\n\ntype WebSignerClientConstructorParams = SignerClientInheritedConstructorParams<{\n webauthn: {\n rpId: string\n }\n iframe?: {\n iframeElementId?: string\n iframeContainerId?: string\n }\n oauth?: OAuthConfiguration\n}>\n\ntype CreateAccountParams =\n \| ({\n method: 'webauthn'\n } & WebauthnSignInParams)\n \| ({\n method: 'email'\n } & EmailInitializeAuthParams)\n\n/*\n A signer client for web applications.\n /\nclass WebSignerClient extends SignerClient {\n private iframeStamper: IframeStamper\n private webauthnStamper: WebauthnStamper\n iframeConfig: {\n iframeElementId: string\n iframeContainerId: string\n }\n\n readonly oauthConfiguration: WebSignerClientConstructorParams['oauth']\n\n /\n Initializes a new instance of the `WebSignerClient` class.\n \n @param {WebSignerClientConstructorParams} params params for the constructor\n /\n constructor({\n configuration,\n webauthn,\n iframe,\n oauth,\n }: WebSignerClientConstructorParams) {\n const iframeConfig = {\n iframeElementId: iframe?.iframeElementId ?? 'turnkey-iframe',\n iframeContainerId: iframe?.iframeContainerId ?? 'signer-iframe-container',\n }\n\n const iframeContainer = document.createElement('div')\n iframeContainer.id = iframeConfig.iframeContainerId\n iframeContainer.style.display = 'none'\n document.body.appendChild(iframeContainer)\n\n const iframeStamper = new IframeStamper({\n iframeUrl: 'https://auth.turnkey.com',\n iframeElementId: iframeConfig.iframeElementId,\n iframeContainer: document.getElementById(iframeConfig.iframeContainerId),\n })\n\n super({\n stamper: iframeStamper, // Initialized to iframeStamper; can be either webauthnStamper or iframeStamper\n configuration: configuration,\n })\n\n this.iframeStamper = iframeStamper\n this.iframeConfig = iframeConfig\n this.webauthnStamper = new WebauthnStamper({ rpId: webauthn.rpId })\n\n this.oauthConfiguration = oauth\n }\n\n public override async logout() {\n super.logout()\n\n this.iframeStamper.clear()\n\n // In the latest TK iframe-stamper version, an IframeStamper\n // instance becomes unusable after being cleared, so a new\n // instance must be created.\n const stamper = new IframeStamper({\n iframeUrl: 'https://auth.turnkey.com',\n iframeElementId: this.iframeConfig.iframeElementId,\n iframeContainer: document.getElementById(\n this.iframeConfig.iframeContainerId,\n ),\n })\n this.iframeStamper = stamper\n await this._initIframeStamper()\n }\n\n public override async signRawMessage<Into extends string>(\n msg: string,\n ): Promise<Into> {\n await this._updateStamper()\n return super.signRawMessage(msg)\n }\n\n /\n Get the pre-filled URL for initiating oauth with a specific provider.\n \n @param {string} provider provider for which we are getting the URL, currently google or apple\n /\n public async getOAuthInitUrl(provider: string) {\n const { url } = await this.request('/v1/oauth/init', {\n provider,\n })\n\n return url\n }\n\n /\n Signs in a user with webauthn.\n \n @param {WebauthnSignInParams} params params for the sign in\n /\n public async webauthnSignIn({ email }: WebauthnSignInParams) {\n const existingUserSubOrgId = await this.lookUpUser(email)\n\n if (!existingUserSubOrgId) {\n await this._createAccount({ method: 'webauthn', email })\n } else {\n this.stamper = this.webauthnStamper\n await this.whoAmI(existingUserSubOrgId)\n\n this._sessionStore.type = SessionType.Passkeys\n\n // We should assure that the user and its credentialId are set\n if (!this._sessionStore.user \|\| !this._sessionStore.user.credentialId) {\n return\n }\n\n this.webauthnStamper.allowCredentials = [\n {\n id: LibBase64.toBuffer(this._sessionStore.user.credentialId),\n type: 'public-key',\n transports: ['internal', 'usb'],\n },\n ]\n }\n }\n\n /\n Handle auth user process with email.\n \n @param {EmailInitializeAuthParams} params Params needed for the initialization of the auth process\n /\n public async emailAuth(params: EmailInitializeAuthParams) {\n const existingUserSubOrgId = await this.lookUpUser(params.email)\n\n if (!existingUserSubOrgId) {\n await this._createAccount({ method: 'email', ...params })\n } else {\n await this._signInWithEmail(params)\n }\n }\n\n public async getIframePublicKey() {\n return await this._initIframeStamper()\n }\n\n /\n Completes the authentication process with a credential bundle.\n \n @param {CompleteAuthWithBundleParams} params params for the completion of the auth process\n /\n public async completeAuthWithBundle({\n bundle,\n subOrgId,\n sessionType,\n }: CompleteAuthWithBundleParams): Promise<void> {\n await this._initIframeStamper()\n\n const result = await this.iframeStamper.injectCredentialBundle(bundle)\n\n if (!result) {\n throw new Error('Failed to inject credential bundle')\n }\n\n await this.whoAmI(subOrgId)\n\n this._sessionStore.type = sessionType\n this._sessionStore.bundle = bundle\n }\n\n /\n Checks for an existing session and if exists, updates the stamper accordingly.\n /\n private async _updateStamper() {\n // User is not signed in\n if (\n this._sessionStore.type === undefined &&\n (this._sessionStore.bundle === undefined \|\|\n this._sessionStore.token === undefined)\n )\n return\n if (this._sessionStore.type === SessionType.Passkeys) {\n this.stamper = this.webauthnStamper\n } else {\n this.stamper = this.iframeStamper\n // We need to inject the credential bundle\n // Otherwise the user will not be able to sign\n await this.completeAuthWithBundle({\n bundle: this._sessionStore.bundle!,\n subOrgId: this._sessionStore.user?.subOrgId!,\n sessionType: this._sessionStore.type!,\n })\n }\n }\n\n /\n Signs in a user with email.\n \n @param {EmailInitializeAuthParams} params params for the sign in\n /\n private async _signInWithEmail({\n email,\n expirationSeconds,\n redirectUrl,\n }: EmailInitializeAuthParams) {\n return this.request('/v1/email-auth', {\n email,\n targetPublicKey: await this.getIframePublicKey(),\n expirationSeconds,\n redirectUrl: redirectUrl.toString(),\n })\n }\n\n /\n Creates a passkey account using the webauthn stamper.\n \n @param {Extract<CreateAccountParams, { method: 'webauthn' }>} params params for the creation of the account\n /\n private async _createWebauthnAccount(\n params: Extract<CreateAccountParams, { method: 'webauthn' }>,\n ) {\n const { challenge, attestation } = await this._webauthnGenerateAttestation(\n params.email,\n )\n\n const { user, token, csrfToken } = await this.request('/v1/signup', {\n passkey: {\n challenge: LibBase64.fromBuffer(challenge),\n attestation,\n },\n email: params.email,\n })\n\n this._sessionStore.user = {\n ...user,\n credentialId: attestation.credentialId,\n }\n this._sessionStore.type = SessionType.Passkeys\n // Tokens are always returned on passkey signup\n this._sessionStore.token = token!\n this._sessionStore.csrfToken = csrfToken!\n this._scheduleRefresh(token!)\n }\n\n /\n Creates an email account using the iframe stamper.\n \n @param {Extract<CreateAccountParams, { method: 'email' }>} params params for the creation of the account\n /\n private async _createEmailAccount(\n params: Extract<CreateAccountParams, { method: 'email' }>,\n ) {\n const { email, expirationSeconds, redirectUrl } =\n params as EmailInitializeAuthParams\n\n const response = await this.request('/v1/signup', {\n email,\n iframe: {\n targetPublicKey: await this.getIframePublicKey(),\n expirationSeconds,\n redirectUrl: redirectUrl.toString(),\n },\n })\n\n return response\n }\n\n /\n Handle the account creation process.\n \n @param {CreateAccountParams} params params to create an account\n /\n private async _createAccount(params: CreateAccountParams) {\n switch (params.method) {\n case 'webauthn': {\n await this._createWebauthnAccount(params)\n break\n }\n case 'email': {\n await this._createEmailAccount(params)\n break\n }\n }\n }\n\n private async _webauthnGenerateAttestation(email: string) {\n const challenge = LibBytes.generateRandomBuffer()\n const authenticatorUserId = LibBytes.generateRandomBuffer()\n\n const attestation = await getWebAuthnAttestation({\n publicKey: {\n authenticatorSelection: {\n residentKey: 'preferred',\n requireResidentKey: false,\n userVerification: 'preferred',\n },\n challenge,\n rp: {\n id: window.location.hostname,\n name: window.location.hostname,\n },\n pubKeyCredParams: [\n {\n type: 'public-key',\n alg: -7,\n },\n {\n type: 'public-key',\n alg: -257,\n },\n ],\n user: {\n id: authenticatorUserId,\n name: email,\n displayName: email,\n },\n },\n })\n\n return { challenge, attestation, authenticatorUserId }\n }\n\n private async _initIframeStamper() {\n if (!this.iframeStamper.publicKey()) {\n await this.iframeStamper.init()\n }\n\n this.stamper = this.iframeStamper\n\n return this.iframeStamper.publicKey()!\n }\n}\n\nexport { WebSignerClient }\nexport type {\n CompleteAuthWithBundleParams,\n CreateAccountParams,\n EmailInitializeAuthParams,\n GoogleOAuthSignInParams,\n WebauthnSignInParams,\n WebSignerClientConstructorParams,\n}\n","import { Buffer } from 'buffer'\n\nclass LibBase64 {\n static fromBuffer(buffer: ArrayBuffer): string {\n return Buffer.from(buffer)\n .toString('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '')\n }\n\n static toBuffer(base64: string): ArrayBuffer {\n return Buffer.from(base64, 'base64').buffer\n }\n}\n\nexport { LibBase64 }\n","type TakeBytesParams = Partial<{\n count: number\n offset: number\n}>\n\ntype ByteString = `0x${string}`\n\nclass LibBytes {\n static generateRandomBuffer = (): ArrayBuffer => {\n const arr = new Uint8Array(32)\n crypto.getRandomValues(arr)\n return arr.buffer\n }\n\n static takeBytes = (\n bytes: ByteString,\n params: TakeBytesParams = {},\n ): ByteString => {\n const { offset, count } = params\n const start = (offset ? offset 2 : 0) + 2 // add 2 to skip the 0x prefix\n const end = count ? start + count * 2 : undefined\n\n return `0x${bytes.slice(start, end)}`\n }\n}\n\nexport { LibBytes }\n","import { TurnkeyClient } from '@turnkey/http'\nimport {\n BadRequestError,\n GenericError,\n NotFoundError,\n UnauthorizedError,\n} from '../errors/index.js'\nimport { SDKError } from '../errors/SDKError.js'\nimport { SessionStore } from '../session/index.js'\nimport { APIResponse } from '../types/rest.js'\nimport {\n AuthenticationServiceBody,\n AuthenticationServiceResponse,\n AuthenticationServiceRoutes,\n ROUTE_METHOD_MAP,\n} from '../types/routes.js'\nimport { jwtDecode, JwtPayload } from 'jwt-decode'\nimport { differenceInMilliseconds, isBefore, subMinutes } from 'date-fns'\n\ntype SignerClientConfiguration = {\n apiKey: string\n apiUrl?: string\n paymasterRpcUrl?: string\n}\n\ntype SignerClientConstructorParams = {\n stamper: TurnkeyClient['stamper']\n configuration: SignerClientConfiguration\n}\n\ntype SignerClientInheritedConstructorParams<\n Extended extends Record<string, unknown>,\n> = Pick<SignerClientConstructorParams, 'configuration'> & Extended\n\nabstract class SignerClient {\n protected readonly _turnkeyClient: TurnkeyClient\n protected readonly _configuration: Required<\n SignerClientConstructorParams['configuration']\n >\n protected readonly _sessionStore: SessionStore\n\n private _refreshPromise?: Promise<void>\n private _refreshTimer?: ReturnType<typeof setTimeout>\n\n constructor({\n stamper,\n configuration: { apiUrl, paymasterRpcUrl, ...requiredConfiguration },\n }: SignerClientConstructorParams) {\n this._turnkeyClient = new TurnkeyClient(\n { baseUrl: 'https://api.turnkey.com' },\n stamper,\n )\n\n this._configuration = {\n ...requiredConfiguration,\n apiUrl: apiUrl ?? 'https://auth.api.fourt.io/',\n paymasterRpcUrl: paymasterRpcUrl ?? 'https://management.api.fourt.io/',\n }\n\n this._sessionStore = new SessionStore()\n }\n\n get configuration(): Required<SignerClientConfiguration> {\n return this._configuration\n }\n\n public async getUser() {\n if (this._sessionStore.user) return this._sessionStore.user\n\n try {\n const user = await this.request('/v1/me')\n this._sessionStore.user = user\n return user\n } catch (error) {\n // If unauthorized, try to refresh token and retry once\n if (error instanceof UnauthorizedError) {\n try {\n await this._refreshToken()\n const user = await this.request('/v1/me')\n this._sessionStore.user = user\n return user\n } catch (error) {\n throw error\n }\n }\n throw error\n }\n }\n\n public async isLoggedIn() {\n const token = this._sessionStore.token\n\n // If we have a token and it's still valid, we're logged in\n if (token && !this._isTokenExpired(token)) return true\n\n // Otherwise try to refresh (covers no token and expired token)\n try {\n await this._refreshToken()\n return !!this._sessionStore.token\n } catch {\n return false\n }\n }\n\n public async getToken(): Promise<string> {\n // Try to use existing token\n if (!this._sessionStore.token) {\n // No token: attempt refresh (may throw)\n try {\n await this._refreshToken()\n } catch {\n throw new UnauthorizedError({\n message: 'No token found, user might not be logged in',\n })\n }\n } else if (this._isTokenExpired(this._sessionStore.token)) {\n // Token expired: attempt refresh (may throw)\n try {\n await this._refreshToken()\n } catch {\n throw new UnauthorizedError({\n message: 'Token expired and refresh failed',\n })\n }\n }\n\n const token = this._sessionStore.token\n if (!token) {\n throw new UnauthorizedError({\n message: 'No token found, user might not be logged in',\n })\n }\n return token\n }\n\n private _isTokenExpired(token: string): boolean {\n try {\n const decoded = jwtDecode<JwtPayload>(token)\n if (decoded.exp) {\n return decoded.exp * 1000 <= Date.now()\n }\n return true // If no exp claim, consider it expired\n } catch {\n return true // If token is malformed, consider it expired\n }\n }\n\n public async logout() {\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n this._refreshTimer = undefined\n await this.request('/v1/logout')\n this._sessionStore.clearAll()\n }\n\n public async signRawMessage<Into extends string>(msg: string): Promise<Into> {\n if (!this._sessionStore.token \|\| !this._sessionStore.user) {\n throw new UnauthorizedError({\n message: 'SignerClient must be authenticated to sign a message',\n })\n }\n\n const stampedRequest = await this._turnkeyClient.stampSignRawPayload({\n organizationId: this._sessionStore.user.subOrgId,\n type: 'ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2',\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: 'PAYLOAD_ENCODING_HEXADECIMAL',\n hashFunction: 'HASH_FUNCTION_NO_OP',\n payload: msg,\n signWith: this._sessionStore.user.walletAddress,\n },\n })\n\n const { signature } = await this.request('/v1/sign', {\n stampedRequest,\n })\n\n return <Into>signature\n }\n\n protected set stamper(stamper: TurnkeyClient['stamper']) {\n this._turnkeyClient.stamper = stamper\n }\n\n protected get stamper(): TurnkeyClient['stamper'] {\n return this._turnkeyClient.stamper\n }\n\n protected async lookUpUser(email: string): Promise<string \| null> {\n try {\n const { subOrgId } = await this.request('/v1/lookup', { email })\n return subOrgId\n } catch (error) {\n if (!(error instanceof SDKError)) throw error\n\n const sdkError: SDKError = error\n\n switch (sdkError.constructor.name) {\n case NotFoundError.name: {\n return null\n }\n default: {\n throw sdkError\n }\n }\n }\n }\n\n protected async whoAmI(subOrgId?: string) {\n const orgId = subOrgId \|\| this._sessionStore.user?.subOrgId\n\n if (!orgId) throw new BadRequestError({ message: 'No orgId provided' })\n\n const stampedRequest = await this._turnkeyClient.stampGetWhoami({\n organizationId: orgId,\n })\n\n const { user, token, csrfToken } = await this.request('/v1/signin', {\n stampedRequest,\n })\n\n const credentialId = (() => {\n try {\n return JSON.parse(stampedRequest?.stamp.stampHeaderValue)\n .credentialId as string\n } catch (e) {\n return undefined\n }\n })()\n\n this._sessionStore.user = {\n ...user,\n credentialId: credentialId,\n }\n this._sessionStore.token = token\n this._sessionStore.csrfToken = csrfToken\n this._scheduleRefresh(token)\n }\n\n protected async request<Route extends AuthenticationServiceRoutes>(\n route: Route,\n body?: AuthenticationServiceBody<Route>,\n ): Promise<AuthenticationServiceResponse<Route>> {\n const url = new URL(`${route}`, this._configuration.apiUrl)\n const token = this._sessionStore.token\n const csrfToken = this._sessionStore.csrfToken\n\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'X-FOURT-KEY': this._configuration.apiKey,\n }\n\n if (token) {\n headers['Authorization'] = `Bearer ${token}`\n }\n\n if (csrfToken) {\n headers['X-CSRF-Token'] = csrfToken\n }\n\n const response = await fetch(url, {\n method: ROUTE_METHOD_MAP[route],\n body: JSON.stringify(body),\n headers,\n credentials: 'include',\n })\n\n const { data, error } = (await response.json()) as APIResponse<\n AuthenticationServiceResponse<Route>\n >\n\n if (error) {\n switch (error.kind) {\n case 'UnauthorizedError': {\n throw new UnauthorizedError({ message: error.message })\n }\n case 'NotFoundError': {\n throw new NotFoundError({ message: error.message })\n }\n case 'BadRequestError': {\n throw new BadRequestError({ message: error.message })\n }\n default: {\n throw new GenericError({ message: error.message })\n }\n }\n }\n\n return { ...data } as AuthenticationServiceResponse<Route>\n }\n\n protected _scheduleRefresh(token: string) {\n try {\n const decoded = jwtDecode<JwtPayload>(token)\n if (!decoded.exp) return\n\n const expiryDate = new Date(decoded.exp * 1000)\n const refreshDate = subMinutes(expiryDate, 2) // refresh 2min early\n\n // If the refresh time is already past, run immediately\n const delay = isBefore(refreshDate, new Date())\n ? 0\n : differenceInMilliseconds(refreshDate, new Date())\n\n // Clear previous timer to avoid duplicates\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n\n // Schedule refresh\n this._refreshTimer = setTimeout(() => {\n this._refreshTimer = undefined\n this._refreshToken()\n }, delay)\n } catch {\n // ignore errors\n }\n }\n\n private async _refreshToken(): Promise<void> {\n if (this._refreshPromise) return this._refreshPromise\n\n // Keep a reference so callers can await the same promise\n this._refreshPromise = (async () => {\n const TIMEOUT_MS = 10_000\n const RETRY_DELAY_MS = 5_000\n\n try {\n // Check if csrfToken is in memory, if not get a new one\n if (!this._sessionStore.csrfToken) {\n const { csrfToken } = await this.request('/v1/csrf-token')\n this._sessionStore.csrfToken = csrfToken\n }\n\n // Avoid hanging indefinitely by racing the request with a timeout\n const refreshPromise = this.request('/v1/refresh')\n const data = await Promise.race([\n refreshPromise,\n new Promise<never>((_, reject) =>\n setTimeout(() => reject(new Error('Refresh timeout')), TIMEOUT_MS),\n ),\n ])\n\n if (!data \|\| !data.token \|\| !data.csrfToken) {\n // Treat missing tokens as auth failure\n throw new UnauthorizedError({\n message: 'Refresh did not return tokens',\n })\n }\n\n this._sessionStore.token = data.token\n this._sessionStore.csrfToken = data.csrfToken\n this._scheduleRefresh(data.token)\n } catch (error) {\n // On auth errors, clear session to avoid repeated failing retries\n if (error instanceof UnauthorizedError) {\n try {\n this._sessionStore.clearAll()\n } catch {\n // ignore errors\n }\n throw error\n }\n\n // Transient error: schedule a retry (non-blocking) and rethrow so callers know it failed\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n const MAX_RETRIES = 5\n let retryCount = 0\n\n // We schedule a background retry after RETRY_DELAY_MS using setTimeout\n this._refreshTimer = setTimeout(() => {\n this._refreshTimer = undefined\n void this._refreshToken().catch(() => {\n // Increments retryCount and, if still under MAX_RETRIES, schedules\n // another retry using exponential backoff (capped at 60s)\n retryCount++\n if (retryCount <= MAX_RETRIES) {\n const nextDelay = Math.min(\n RETRY_DELAY_MS * 2 (retryCount - 1),\n 60_000,\n )\n this._refreshTimer = setTimeout(() => {\n // When the timer fires we clear the stored id and call _refreshToken() in a\n // fire-and-forget manner (void ... .catch(...)) so the retry runs asynchronously\n // and doesn't block or change the control flow of the original caller.\n this._refreshTimer = undefined\n void this._refreshToken().catch(() => {})\n }, nextDelay)\n }\n })\n }, RETRY_DELAY_MS)\n\n throw error\n } finally {\n this._refreshPromise = undefined\n }\n })()\n\n return this._refreshPromise\n }\n}\n\nexport { SignerClient }\nexport type {\n SignerClientConstructorParams,\n SignerClientInheritedConstructorParams,\n}\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass UnauthorizedError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(UnauthorizedError.name, props)\n }\n}\n\nexport { UnauthorizedError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass NotFoundError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(NotFoundError.name, props)\n }\n}\n\nexport { NotFoundError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass GenericError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(GenericError.name, props)\n }\n}\n\nexport { GenericError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass UnauthenticatedError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(UnauthenticatedError.name, props)\n }\n}\n\nexport { UnauthenticatedError }\n","import { getWebAuthnAttestation, TSignedRequest } from '@turnkey/http'\nimport { User } from './entities.js'\nimport { AtLeastOne } from './string.js'\n\ntype AuthenticationServiceRoutes =\n AuthenticationServiceEndpoints[number]['Route']\n\ntype AuthenticationServiceBody<Route extends AuthenticationServiceRoutes> =\n Extract<AuthenticationServiceEndpoints[number], { Route: Route }>['Body']\n\ntype AuthenticationServiceResponse<Route extends AuthenticationServiceRoutes> =\n Extract<AuthenticationServiceEndpoints[number], { Route: Route }>['Response']\n\ntype AuthenticationServiceEndpoints = [\n {\n Route: '/v1/email-auth'\n Body: {\n email: string\n targetPublicKey: string\n redirectUrl: string\n expirationSeconds?: number\n }\n Response: {\n subOrgId: string\n }\n },\n {\n Route: '/v1/signup'\n Body: AtLeastOne<{\n passkey: {\n challenge: string\n attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>\n }\n iframe: {\n targetPublicKey: string\n redirectUrl: string\n expirationSeconds?: number\n }\n }> & { email: string }\n Response: {\n user: User\n token?: string\n csrfToken?: string\n }\n },\n {\n Route: '/v1/lookup'\n Body: {\n email: string\n }\n Response: {\n subOrgId: string\n }\n },\n {\n Route: '/v1/signin'\n Body: {\n stampedRequest: TSignedRequest\n }\n Response: {\n user: User\n token: string\n csrfToken: string\n }\n },\n {\n Route: '/v1/sign'\n Body: {\n stampedRequest: TSignedRequest\n }\n Response: {\n signature: string\n }\n },\n {\n Route: '/v1/oauth/init'\n Body: {\n provider: string\n }\n Response: {\n url: string\n }\n },\n {\n Route: '/v1/refresh'\n Body: {}\n Response: {\n token: string\n csrfToken: string\n }\n },\n {\n Route: '/v1/csrf-token'\n Body: {}\n Response: {\n csrfToken: string\n }\n },\n {\n Route: '/v1/logout'\n Body: {}\n Response: {}\n },\n {\n Route: '/v1/me'\n Body: {}\n Response: User\n },\n]\n\nconst ROUTE_METHOD_MAP = {\n '/v1/signup': 'POST',\n '/v1/email-auth': 'POST',\n '/v1/lookup': 'POST',\n '/v1/signin': 'POST',\n '/v1/sign': 'POST',\n '/v1/oauth/init': 'POST',\n '/v1/refresh': 'POST',\n '/v1/csrf-token': 'GET',\n '/v1/logout': 'POST',\n '/v1/me': 'GET',\n} satisfies Record<AuthenticationServiceRoutes, 'POST' \| 'GET'>\n\nexport type {\n AuthenticationServiceEndpoints,\n AuthenticationServiceResponse,\n AuthenticationServiceBody,\n AuthenticationServiceRoutes,\n}\n\nexport { ROUTE_METHOD_MAP }\n","import {\n type Chain,\n type Client,\n type GetTransactionType,\n type Hex,\n type IsNarrowable,\n type JsonRpcAccount,\n type LocalAccount,\n type TypedData,\n type TypedDataDefinition,\n type SignableMessage,\n type SerializeTransactionFn,\n type TransactionSerializable,\n type TransactionSerialized,\n type Transport,\n hashMessage,\n hashTypedData,\n serializeTransaction,\n keccak256,\n hexToBigInt,\n http,\n} from 'viem'\nimport { toAccount } from 'viem/accounts'\nimport { SignerClient } from '../signer/index.js'\nimport { LibBytes } from '../lib/bytes.js'\nimport { toLightSmartAccount } from 'permissionless/accounts'\nimport {\n createPaymasterClient,\n entryPoint07Address,\n} from 'viem/account-abstraction'\nimport { UnauthenticatedError } from '../errors/UnauthenticatedError.js'\n\ntype CurrentUserToLightSmartAccountParams = {\n owner: LocalAccount\n client: Client<\n Transport,\n Chain \| undefined,\n JsonRpcAccount \| LocalAccount \| undefined\n >\n}\n\nclass ViemModule {\n constructor(private readonly _signerClient: SignerClient) {}\n\n async toLocalAccount(): Promise<LocalAccount> {\n const user = await this._signerClient.getUser()\n\n if (!user) {\n throw new UnauthenticatedError({ message: 'Signer not authenticated' })\n }\n\n return toAccount({\n address: user.walletAddress,\n signMessage: ({ message }) => this.signMessage(message),\n signTypedData: <\n const typedData extends TypedData \| Record<string, unknown>,\n primaryType extends keyof typedData \| 'EIP712Domain' = keyof typedData,\n >(\n typedDataDefinition: TypedDataDefinition<typedData, primaryType>,\n ) => this.signTypedData<typedData, primaryType>(typedDataDefinition),\n signTransaction: this.signTransaction,\n })\n }\n\n async toSmartAccount({\n client,\n owner,\n }: CurrentUserToLightSmartAccountParams): ReturnType<\n typeof toLightSmartAccount<'0.7'>\n > {\n const user = await this._signerClient.getUser()\n\n if (!user) {\n throw new UnauthenticatedError({ message: 'Signer not authenticated' })\n }\n\n return toLightSmartAccount({\n client,\n owner,\n version: '2.0.0',\n entryPoint: {\n address: entryPoint07Address,\n version: '0.7',\n },\n address: user.smartAccountAddress,\n index: hexToBigInt(user.salt),\n })\n }\n\n async getPaymasterClient() {\n const url = new URL(\n `v1/rpc?apiKey=${this._signerClient.configuration.apiKey}`,\n this._signerClient.configuration.paymasterRpcUrl,\n )\n return createPaymasterClient({\n transport: http(url.toString()),\n })\n }\n\n async signMessage(msg: SignableMessage): Promise<Hex> {\n const messageHash = hashMessage(msg)\n const result = await this._signerClient.signRawMessage<Hex>(messageHash)\n return result\n }\n\n async signTypedData<\n TTypedData extends TypedData \| Record<string, unknown>,\n TPrimaryType extends keyof TTypedData \| 'EIP712Domain' = keyof TTypedData,\n >(params: TypedDataDefinition<TTypedData, TPrimaryType>): Promise<Hex> {\n const messageHash = hashTypedData(params)\n return this._signerClient.signRawMessage(messageHash)\n }\n\n async signTransaction<\n serializer extends SerializeTransactionFn<TransactionSerializable> = SerializeTransactionFn<TransactionSerializable>,\n transaction extends Parameters<serializer>[0] = Parameters<serializer>[0],\n >(\n transaction: transaction,\n options?:\n \| {\n serializer?: serializer \| undefined\n }\n \| undefined,\n ): Promise<\n IsNarrowable<\n TransactionSerialized<GetTransactionType<transaction>>,\n Hex\n > extends true\n ? TransactionSerialized<GetTransactionType<transaction>>\n : Hex\n > {\n const serializeFn = options?.serializer ?? serializeTransaction\n const serializedTx = await serializeFn(transaction)\n const signatureHex = await this._signerClient.signRawMessage<Hex>(\n keccak256(serializedTx),\n )\n\n const signature = {\n r: LibBytes.takeBytes(signatureHex, { count: 32 }),\n s: LibBytes.takeBytes(signatureHex, { count: 32, offset: 32 }),\n v: BigInt(LibBytes.takeBytes(signatureHex, { count: 1, offset: 64 })),\n }\n\n return serializeFn(transaction, signature)\n }\n}\n\nexport { ViemModule }\n","import { AuthModule, UserModule } from './modules/index.js'\nimport { SignerClientConstructorParams } from './signer/index.js'\nimport {\n WebSignerClient,\n WebSignerClientConstructorParams,\n} from './signer/web.js'\nimport { ViemModule } from './third-party/viem.js'\n\ntype FourtWebSignerConstructorParams = {\n configuration: SignerClientConstructorParams['configuration']\n auth: Pick<WebSignerClientConstructorParams, 'webauthn' \| 'iframe' \| 'oauth'>\n}\n\n/\n * A client for interacting with the Fourt Web Signer.\n /\nclass FourtWebSigner {\n private readonly _webSignerClient: WebSignerClient\n private readonly _modules: {\n viem: ViemModule\n auth: AuthModule\n user: UserModule\n }\n\n /\n Initializes a new instance of the `FourtWebSigner` class.\n * Sets up the underlying modules.\n \n \n * @example\n * ```ts\n * const fourtWebSigner = new FourtWebSigner({\n * auth: {\n * webauthn: {\n * rpId: 'localhost',\n * },\n * },\n * configuration: {\n * apiKey: '927d603c-6775-4210-8e13-8904ca985e78',\n * },\n * })\n * ```\n \n @param {FourtWebSignerConstructorParams} params the required parameters to initialize the client\n /\n constructor({\n configuration,\n auth: { webauthn, iframe, oauth },\n }: FourtWebSignerConstructorParams) {\n this._webSignerClient = new WebSignerClient({\n configuration,\n webauthn,\n iframe,\n oauth,\n })\n\n this._modules = {\n viem: new ViemModule(this._webSignerClient),\n auth: new AuthModule(this._webSignerClient),\n user: new UserModule(this._webSignerClient),\n }\n }\n\n /\n A module for interacting with the Viem library.\n /\n get viem() {\n return this._modules.viem\n }\n\n /\n A module for interacting with the authentication methods.\n /\n get auth() {\n return this._modules.auth\n }\n\n /\n A module for interacting with the user methods.\n */\n get user() {\n return this._modules.user\n }\n}\n\nexport { FourtWebSigner }\n"],"mappings":";AAAA,SAAS,mBAAkC;AAC3C,SAAS,SAAS,yBAAyB;AAuB3C,IAAM,eAAN,MAAmB;AAAA,EACA;AAAA,EAEjB,cAAc;AAGZ,SAAK,SAAS,YAA0B;AAAA,MACtC,QAAQ,KAAK,kBAAkB;AAAA,QAC7B,MAAM;AAAA,QACN,SAAS,kBAAkB,MAAM,YAAY;AAAA;AAAA,QAE7C,YAAY,CAAC,WAAW,EAAE,QAAQ,MAAM,QAAQ,MAAM,MAAM,KAAK;AAAA,MACnE,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAgC;AAClC,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,KAAK,MAAmB;AAC1B,SAAK,OAAO,SAAS,EAAE,KAAK,CAAC;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,QAA4B;AAC9B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,MAAM,OAAe;AACvB,SAAK,OAAO,SAAS,EAAE,MAAM,CAAC;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,YAAgC;AAClC,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,UAAU,WAAmB;AAC/B,SAAK,OAAO,SAAS,EAAE,UAAU,CAAC;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,SAA6B;AAC/B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAO,QAAgB;AACzB,SAAK,OAAO,SAAS,EAAE,OAAO,CAAC;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAyB;AAC3B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,KAAK,MAAY;AACnB,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,KAAK,CAAC;AAAA,EAC1D;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY;AACV,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,MAAM,OAAU,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc;AACZ,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,QAAQ,OAAU,CAAC;AAAA,EACvE;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY;AACV,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,MAAM,OAAU,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa;AACX,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,OAAO,OAAU,CAAC;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA,EAKA,WAAW;AACT,SAAK,WAAW;AAChB,SAAK,UAAU;AACf,SAAK,YAAY;AACjB,SAAK,UAAU;AAAA,EACjB;AAAA,EAEQ,mBAAiC;AACvC,WAAO;AAAA,MACL,MAAM;AAAA,MACN,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,OAAO;AAAA,IACT;AAAA,EACF;AACF;;;ACrKA,IAAM,cAAN,MAAkB;AAAA,EAChB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjE,MAAM,WAAW,QAAkD;AACjE,WAAO,KAAK,iBAAiB,UAAU,MAAM;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SACJ,QACe;AACf,WAAO,KAAK,iBAAiB,uBAAuB;AAAA,MAClD,GAAG;AAAA,MACH;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AChCA,IAAM,iBAAN,MAAqB;AAAA,EACnB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjE,MAAM,OAAO,QAA8B;AACzC,WAAO,KAAK,iBAAiB,eAAe,MAAM;AAAA,EACpD;AACF;;;AClBA,YAAY,UAAU;AACtB,SAAS,cAAc;AAGvB,IAAM,eAAN,MAAmB;AAAA,EACjB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,OAAwB;AAC5B,UAAM,UAAU,MAAM,KAAK,iBAAiB,gBAAgB,QAAQ;AAEpE,UAAM,MAAM,IAAI,IAAI,OAAO;AAE3B,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AACF,QAAI,aAAa,IAAI,gBAAgB,WAAW;AAEhD,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AAEjE,UAAM,QAAQ,IAAI,OAAO,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AACzD,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,UAAM,QAAQ,IAAS,kBAAa;AAAA,MAClC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AACV,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;;;AClCA,IAAe,WAAf,cAAgC,MAAM;AAAA,EACnB;AAAA,EAEjB,YAAY,SAAiB,OAAsB;AACjD,UAAM,OAAO;AACb,SAAK,SAAS;AAAA,EAChB;AAAA,EAEA,IAAI,UAAU;AACZ,WAAO,KAAK,OAAO;AAAA,EACrB;AACF;;;ACbA,IAAM,kBAAN,MAAM,yBAAwB,SAAS;AAAA,EACrC,YAAY,OAAsB;AAChC,UAAM,iBAAgB,MAAM,KAAK;AAAA,EACnC;AACF;;;ACJA,YAAYA,WAAU;AAEtB,IAAM,iBAAN,MAAqB;AAAA,EACnB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA,EAEjE,MAAM,OAAwB;AAC5B,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AACjE,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AAEF,UAAM,MAAM,IAAS,mBAAa;AAAA,MAChC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AAEV,UAAM,WAAW,MAAM,MAAM,aAAa;AAAA,MACxC,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU;AAAA,QACnB,OAAO;AAAA,MACT,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,gBAAgB;AAAA,QACxB,SAAS,wCAAwC,SAAS,UAAU;AAAA,MACtE,CAAC;AAAA,IACH;AAEA,UAAM,EAAE,QAAQ,IAAI,MAAM,SAAS,KAAK;AACxC,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,gBAAgB;AAAA,QACxB,SAAS,SAAS;AAAA,MACpB,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AACF;;;AC7CA,YAAYC,WAAU;AACtB,SAAS,UAAAC,eAAc;AAGvB,IAAM,cAAN,MAAkB;AAAA,EAChB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,OAAwB;AAC5B,UAAM,UAAU,MAAM,KAAK,iBAAiB,gBAAgB,OAAO;AAEnE,UAAM,MAAM,IAAI,IAAI,OAAO;AAE3B,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AACF,QAAI,aAAa,IAAI,gBAAgB,WAAW;AAEhD,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AAEjE,UAAM,QAAQ,IAAIA,QAAO,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AACzD,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,UAAM,QAAQ,IAAS,mBAAa;AAAA,MAClC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AACV,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;;;AC3BA,IAAM,cAAN,MAAkB;AAAA,EAKhB,YAA6B,kBAAmC;AAAnC;AAC3B,SAAK,gBAAgB,IAAI,aAAa,KAAK,gBAAgB;AAC3D,SAAK,kBAAkB,IAAI,eAAe,KAAK,gBAAgB;AAC/D,SAAK,eAAe,IAAI,YAAY,KAAK,gBAAgB;AAAA,EAC3D;AAAA,EARiB;AAAA,EACA;AAAA,EACA;AAAA,EAQjB,IAAI,SAAS;AACX,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,WAAW;AACb,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,SAAS,EAAE,QAAQ,SAAS,GAAmB;AACnD,UAAM,KAAK,iBAAiB,uBAAuB;AAAA,MACjD;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AChCA,IAAM,aAAN,MAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUf,YAA6B,kBAAmC;AAAnC;AAC3B,SAAK,YAAY,IAAI,eAAe,KAAK,gBAAgB;AACzD,SAAK,SAAS,IAAI,YAAY,KAAK,gBAAgB;AACnD,SAAK,SAAS,IAAI,YAAY,KAAK,gBAAgB;AAAA,EACrD;AAAA,EAbiB;AAAA,EACA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA,EAgBjB,IAAI,WAAW;AACb,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AACF;;;ACnCA,IAAM,aAAN,MAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMf,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,UAAyB;AAC7B,WAAO,KAAK,iBAAiB,QAAQ;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAA+B;AACnC,WAAO,KAAK,iBAAiB,WAAW;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAA4B;AAChC,WAAO,KAAK,iBAAiB,SAAS;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAwB;AAC5B,WAAO,KAAK,iBAAiB,OAAO;AAAA,EACtC;AACF;;;AC5CA,SAAS,8BAA8B;AACvC,SAAS,qBAAqB;AAC9B,SAAS,uBAAuB;;;ACFhC,SAAS,cAAc;AAEvB,IAAM,YAAN,MAAgB;AAAA,EACd,OAAO,WAAW,QAA6B;AAC7C,WAAO,OAAO,KAAK,MAAM,EACtB,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AAAA,EACrB;AAAA,EAEA,OAAO,SAAS,QAA6B;AAC3C,WAAO,OAAO,KAAK,QAAQ,QAAQ,EAAE;AAAA,EACvC;AACF;;;ACPA,IAAM,WAAN,MAAe;AAAA,EACb,OAAO,uBAAuB,MAAmB;AAC/C,UAAM,MAAM,IAAI,WAAW,EAAE;AAC7B,WAAO,gBAAgB,GAAG;AAC1B,WAAO,IAAI;AAAA,EACb;AAAA,EAEA,OAAO,YAAY,CACjB,OACA,SAA0B,CAAC,MACZ;AACf,UAAM,EAAE,QAAQ,MAAM,IAAI;AAC1B,UAAM,SAAS,SAAS,SAAS,IAAI,KAAK;AAC1C,UAAM,MAAM,QAAQ,QAAQ,QAAQ,IAAI;AAExC,WAAO,KAAK,MAAM,MAAM,OAAO,GAAG,CAAC;AAAA,EACrC;AACF;;;ACxBA,SAAS,qBAAqB;;;ACE9B,IAAM,oBAAN,MAAM,2BAA0B,SAAS;AAAA,EACvC,YAAY,OAAsB;AAChC,UAAM,mBAAkB,MAAM,KAAK;AAAA,EACrC;AACF;;;ACJA,IAAM,gBAAN,MAAM,uBAAsB,SAAS;AAAA,EACnC,YAAY,OAAsB;AAChC,UAAM,eAAc,MAAM,KAAK;AAAA,EACjC;AACF;;;ACJA,IAAM,eAAN,MAAM,sBAAqB,SAAS;AAAA,EAClC,YAAY,OAAsB;AAChC,UAAM,cAAa,MAAM,KAAK;AAAA,EAChC;AACF;;;ACJA,IAAM,uBAAN,MAAM,8BAA6B,SAAS;AAAA,EAC1C,YAAY,OAAsB;AAChC,UAAM,sBAAqB,MAAM,KAAK;AAAA,EACxC;AACF;;;ACwGA,IAAM,mBAAmB;AAAA,EACvB,cAAc;AAAA,EACd,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,cAAc;AAAA,EACd,YAAY;AAAA,EACZ,kBAAkB;AAAA,EAClB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,UAAU;AACZ;;;ALzGA,SAAS,iBAA6B;AACtC,SAAS,0BAA0B,UAAU,kBAAkB;AAiB/D,IAAe,eAAf,MAA4B;AAAA,EACP;AAAA,EACA;AAAA,EAGA;AAAA,EAEX;AAAA,EACA;AAAA,EAER,YAAY;AAAA,IACV;AAAA,IACA,eAAe,EAAE,QAAQ,iBAAiB,GAAG,sBAAsB;AAAA,EACrE,GAAkC;AAChC,SAAK,iBAAiB,IAAI;AAAA,MACxB,EAAE,SAAS,0BAA0B;AAAA,MACrC;AAAA,IACF;AAEA,SAAK,iBAAiB;AAAA,MACpB,GAAG;AAAA,MACH,QAAQ,UAAU;AAAA,MAClB,iBAAiB,mBAAmB;AAAA,IACtC;AAEA,SAAK,gBAAgB,IAAI,aAAa;AAAA,EACxC;AAAA,EAEA,IAAI,gBAAqD;AACvD,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAa,UAAU;AACrB,QAAI,KAAK,cAAc,KAAM,QAAO,KAAK,cAAc;AAEvD,QAAI;AACF,YAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ;AACxC,WAAK,cAAc,OAAO;AAC1B,aAAO;AAAA,IACT,SAAS,OAAO;AAEd,UAAI,iBAAiB,mBAAmB;AACtC,YAAI;AACF,gBAAM,KAAK,cAAc;AACzB,gBAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ;AACxC,eAAK,cAAc,OAAO;AAC1B,iBAAO;AAAA,QACT,SAASC,QAAO;AACd,gBAAMA;AAAA,QACR;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAa,aAAa;AACxB,UAAM,QAAQ,KAAK,cAAc;AAGjC,QAAI,SAAS,CAAC,KAAK,gBAAgB,KAAK,EAAG,QAAO;AAGlD,QAAI;AACF,YAAM,KAAK,cAAc;AACzB,aAAO,CAAC,CAAC,KAAK,cAAc;AAAA,IAC9B,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,WAA4B;AAEvC,QAAI,CAAC,KAAK,cAAc,OAAO;AAE7B,UAAI;AACF,cAAM,KAAK,cAAc;AAAA,MAC3B,QAAQ;AACN,cAAM,IAAI,kBAAkB;AAAA,UAC1B,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF,WAAW,KAAK,gBAAgB,KAAK,cAAc,KAAK,GAAG;AAEzD,UAAI;AACF,cAAM,KAAK,cAAc;AAAA,MAC3B,QAAQ;AACN,cAAM,IAAI,kBAAkB;AAAA,UAC1B,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF;AAEA,UAAM,QAAQ,KAAK,cAAc;AACjC,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,kBAAkB;AAAA,QAC1B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,gBAAgB,OAAwB;AAC9C,QAAI;AACF,YAAM,UAAU,UAAsB,KAAK;AAC3C,UAAI,QAAQ,KAAK;AACf,eAAO,QAAQ,MAAM,OAAQ,KAAK,IAAI;AAAA,MACxC;AACA,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,SAAS;AACpB,QAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AACvD,SAAK,gBAAgB;AACrB,UAAM,KAAK,QAAQ,YAAY;AAC/B,SAAK,cAAc,SAAS;AAAA,EAC9B;AAAA,EAEA,MAAa,eAAoC,KAA4B;AAC3E,QAAI,CAAC,KAAK,cAAc,SAAS,CAAC,KAAK,cAAc,MAAM;AACzD,YAAM,IAAI,kBAAkB;AAAA,QAC1B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AAEA,UAAM,iBAAiB,MAAM,KAAK,eAAe,oBAAoB;AAAA,MACnE,gBAAgB,KAAK,cAAc,KAAK;AAAA,MACxC,MAAM;AAAA,MACN,aAAa,KAAK,IAAI,EAAE,SAAS;AAAA,MACjC,YAAY;AAAA,QACV,UAAU;AAAA,QACV,cAAc;AAAA,QACd,SAAS;AAAA,QACT,UAAU,KAAK,cAAc,KAAK;AAAA,MACpC;AAAA,IACF,CAAC;AAED,UAAM,EAAE,UAAU,IAAI,MAAM,KAAK,QAAQ,YAAY;AAAA,MACnD;AAAA,IACF,CAAC;AAED,WAAa;AAAA,EACf;AAAA,EAEA,IAAc,QAAQ,SAAmC;AACvD,SAAK,eAAe,UAAU;AAAA,EAChC;AAAA,EAEA,IAAc,UAAoC;AAChD,WAAO,KAAK,eAAe;AAAA,EAC7B;AAAA,EAEA,MAAgB,WAAW,OAAuC;AAChE,QAAI;AACF,YAAM,EAAE,SAAS,IAAI,MAAM,KAAK,QAAQ,cAAc,EAAE,MAAM,CAAC;AAC/D,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,EAAE,iBAAiB,UAAW,OAAM;AAExC,YAAM,WAAqB;AAE3B,cAAQ,SAAS,YAAY,MAAM;AAAA,QACjC,KAAK,cAAc,MAAM;AACvB,iBAAO;AAAA,QACT;AAAA,QACA,SAAS;AACP,gBAAM;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAgB,OAAO,UAAmB;AACxC,UAAM,QAAQ,YAAY,KAAK,cAAc,MAAM;AAEnD,QAAI,CAAC,MAAO,OAAM,IAAI,gBAAgB,EAAE,SAAS,oBAAoB,CAAC;AAEtE,UAAM,iBAAiB,MAAM,KAAK,eAAe,eAAe;AAAA,MAC9D,gBAAgB;AAAA,IAClB,CAAC;AAED,UAAM,EAAE,MAAM,OAAO,UAAU,IAAI,MAAM,KAAK,QAAQ,cAAc;AAAA,MAClE;AAAA,IACF,CAAC;AAED,UAAM,gBAAgB,MAAM;AAC1B,UAAI;AACF,eAAO,KAAK,MAAM,gBAAgB,MAAM,gBAAgB,EACrD;AAAA,MACL,SAAS,GAAG;AACV,eAAO;AAAA,MACT;AAAA,IACF,GAAG;AAEH,SAAK,cAAc,OAAO;AAAA,MACxB,GAAG;AAAA,MACH;AAAA,IACF;AACA,SAAK,cAAc,QAAQ;AAC3B,SAAK,cAAc,YAAY;AAC/B,SAAK,iBAAiB,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAgB,QACd,OACA,MAC+C;AAC/C,UAAM,MAAM,IAAI,IAAI,GAAG,KAAK,IAAI,KAAK,eAAe,MAAM;AAC1D,UAAM,QAAQ,KAAK,cAAc;AACjC,UAAM,YAAY,KAAK,cAAc;AAErC,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,MAChB,eAAe,KAAK,eAAe;AAAA,IACrC;AAEA,QAAI,OAAO;AACT,cAAQ,eAAe,IAAI,UAAU,KAAK;AAAA,IAC5C;AAEA,QAAI,WAAW;AACb,cAAQ,cAAc,IAAI;AAAA,IAC5B;AAEA,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ,iBAAiB,KAAK;AAAA,MAC9B,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB;AAAA,MACA,aAAa;AAAA,IACf,CAAC;AAED,UAAM,EAAE,MAAM,MAAM,IAAK,MAAM,SAAS,KAAK;AAI7C,QAAI,OAAO;AACT,cAAQ,MAAM,MAAM;AAAA,QAClB,KAAK,qBAAqB;AACxB,gBAAM,IAAI,kBAAkB,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACxD;AAAA,QACA,KAAK,iBAAiB;AACpB,gBAAM,IAAI,cAAc,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACpD;AAAA,QACA,KAAK,mBAAmB;AACtB,gBAAM,IAAI,gBAAgB,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACtD;AAAA,QACA,SAAS;AACP,gBAAM,IAAI,aAAa,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACnD;AAAA,MACF;AAAA,IACF;AAEA,WAAO,EAAE,GAAG,KAAK;AAAA,EACnB;AAAA,EAEU,iBAAiB,OAAe;AACxC,QAAI;AACF,YAAM,UAAU,UAAsB,KAAK;AAC3C,UAAI,CAAC,QAAQ,IAAK;AAElB,YAAM,aAAa,IAAI,KAAK,QAAQ,MAAM,GAAI;AAC9C,YAAM,cAAc,WAAW,YAAY,CAAC;AAG5C,YAAM,QAAQ,SAAS,aAAa,oBAAI,KAAK,CAAC,IAC1C,IACA,yBAAyB,aAAa,oBAAI,KAAK,CAAC;AAGpD,UAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AAGvD,WAAK,gBAAgB,WAAW,MAAM;AACpC,aAAK,gBAAgB;AACrB,aAAK,cAAc;AAAA,MACrB,GAAG,KAAK;AAAA,IACV,QAAQ;AAAA,IAER;AAAA,EACF;AAAA,EAEA,MAAc,gBAA+B;AAC3C,QAAI,KAAK,gBAAiB,QAAO,KAAK;AAGtC,SAAK,mBAAmB,YAAY;AAClC,YAAM,aAAa;AACnB,YAAM,iBAAiB;AAEvB,UAAI;AAEF,YAAI,CAAC,KAAK,cAAc,WAAW;AACjC,gBAAM,EAAE,UAAU,IAAI,MAAM,KAAK,QAAQ,gBAAgB;AACzD,eAAK,cAAc,YAAY;AAAA,QACjC;AAGA,cAAM,iBAAiB,KAAK,QAAQ,aAAa;AACjD,cAAM,OAAO,MAAM,QAAQ,KAAK;AAAA,UAC9B;AAAA,UACA,IAAI;AAAA,YAAe,CAAC,GAAG,WACrB,WAAW,MAAM,OAAO,IAAI,MAAM,iBAAiB,CAAC,GAAG,UAAU;AAAA,UACnE;AAAA,QACF,CAAC;AAED,YAAI,CAAC,QAAQ,CAAC,KAAK,SAAS,CAAC,KAAK,WAAW;AAE3C,gBAAM,IAAI,kBAAkB;AAAA,YAC1B,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,aAAK,cAAc,QAAQ,KAAK;AAChC,aAAK,cAAc,YAAY,KAAK;AACpC,aAAK,iBAAiB,KAAK,KAAK;AAAA,MAClC,SAAS,OAAO;AAEd,YAAI,iBAAiB,mBAAmB;AACtC,cAAI;AACF,iBAAK,cAAc,SAAS;AAAA,UAC9B,QAAQ;AAAA,UAER;AACA,gBAAM;AAAA,QACR;AAGA,YAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AACvD,cAAM,cAAc;AACpB,YAAI,aAAa;AAGjB,aAAK,gBAAgB,WAAW,MAAM;AACpC,eAAK,gBAAgB;AACrB,eAAK,KAAK,cAAc,EAAE,MAAM,MAAM;AAGpC;AACA,gBAAI,cAAc,aAAa;AAC7B,oBAAM,YAAY,KAAK;AAAA,gBACrB,iBAAiB,MAAM,aAAa;AAAA,gBACpC;AAAA,cACF;AACA,mBAAK,gBAAgB,WAAW,MAAM;AAIpC,qBAAK,gBAAgB;AACrB,qBAAK,KAAK,cAAc,EAAE,MAAM,MAAM;AAAA,gBAAC,CAAC;AAAA,cAC1C,GAAG,SAAS;AAAA,YACd;AAAA,UACF,CAAC;AAAA,QACH,GAAG,cAAc;AAEjB,cAAM;AAAA,MACR,UAAE;AACA,aAAK,kBAAkB;AAAA,MACzB;AAAA,IACF,GAAG;AAEH,WAAO,KAAK;AAAA,EACd;AACF;;;AH/UA,IAAM,kBAAN,cAA8B,aAAa;AAAA,EACjC;AAAA,EACA;AAAA,EACR;AAAA,EAKS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOT,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAqC;AACnC,UAAM,eAAe;AAAA,MACnB,iBAAiB,QAAQ,mBAAmB;AAAA,MAC5C,mBAAmB,QAAQ,qBAAqB;AAAA,IAClD;AAEA,UAAM,kBAAkB,SAAS,cAAc,KAAK;AACpD,oBAAgB,KAAK,aAAa;AAClC,oBAAgB,MAAM,UAAU;AAChC,aAAS,KAAK,YAAY,eAAe;AAEzC,UAAM,gBAAgB,IAAI,cAAc;AAAA,MACtC,WAAW;AAAA,MACX,iBAAiB,aAAa;AAAA,MAC9B,iBAAiB,SAAS,eAAe,aAAa,iBAAiB;AAAA,IACzE,CAAC;AAED,UAAM;AAAA,MACJ,SAAS;AAAA;AAAA,MACT;AAAA,IACF,CAAC;AAED,SAAK,gBAAgB;AACrB,SAAK,eAAe;AACpB,SAAK,kBAAkB,IAAI,gBAAgB,EAAE,MAAM,SAAS,KAAK,CAAC;AAElE,SAAK,qBAAqB;AAAA,EAC5B;AAAA,EAEA,MAAsB,SAAS;AAC7B,UAAM,OAAO;AAEb,SAAK,cAAc,MAAM;AAKzB,UAAM,UAAU,IAAI,cAAc;AAAA,MAChC,WAAW;AAAA,MACX,iBAAiB,KAAK,aAAa;AAAA,MACnC,iBAAiB,SAAS;AAAA,QACxB,KAAK,aAAa;AAAA,MACpB;AAAA,IACF,CAAC;AACD,SAAK,gBAAgB;AACrB,UAAM,KAAK,mBAAmB;AAAA,EAChC;AAAA,EAEA,MAAsB,eACpB,KACe;AACf,UAAM,KAAK,eAAe;AAC1B,WAAO,MAAM,eAAe,GAAG;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,gBAAgB,UAAkB;AAC7C,UAAM,EAAE,IAAI,IAAI,MAAM,KAAK,QAAQ,kBAAkB;AAAA,MACnD;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,eAAe,EAAE,MAAM,GAAyB;AAC3D,UAAM,uBAAuB,MAAM,KAAK,WAAW,KAAK;AAExD,QAAI,CAAC,sBAAsB;AACzB,YAAM,KAAK,eAAe,EAAE,QAAQ,YAAY,MAAM,CAAC;AAAA,IACzD,OAAO;AACL,WAAK,UAAU,KAAK;AACpB,YAAM,KAAK,OAAO,oBAAoB;AAEtC,WAAK,cAAc;AAGnB,UAAI,CAAC,KAAK,cAAc,QAAQ,CAAC,KAAK,cAAc,KAAK,cAAc;AACrE;AAAA,MACF;AAEA,WAAK,gBAAgB,mBAAmB;AAAA,QACtC;AAAA,UACE,IAAI,UAAU,SAAS,KAAK,cAAc,KAAK,YAAY;AAAA,UAC3D,MAAM;AAAA,UACN,YAAY,CAAC,YAAY,KAAK;AAAA,QAChC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,UAAU,QAAmC;AACxD,UAAM,uBAAuB,MAAM,KAAK,WAAW,OAAO,KAAK;AAE/D,QAAI,CAAC,sBAAsB;AACzB,YAAM,KAAK,eAAe,EAAE,QAAQ,SAAS,GAAG,OAAO,CAAC;AAAA,IAC1D,OAAO;AACL,YAAM,KAAK,iBAAiB,MAAM;AAAA,IACpC;AAAA,EACF;AAAA,EAEA,MAAa,qBAAqB;AAChC,WAAO,MAAM,KAAK,mBAAmB;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,uBAAuB;AAAA,IAClC;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAgD;AAC9C,UAAM,KAAK,mBAAmB;AAE9B,UAAM,SAAS,MAAM,KAAK,cAAc,uBAAuB,MAAM;AAErE,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,MAAM,oCAAoC;AAAA,IACtD;AAEA,UAAM,KAAK,OAAO,QAAQ;AAE1B,SAAK,cAAc,OAAO;AAC1B,SAAK,cAAc,SAAS;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,iBAAiB;AAE7B,QACE,KAAK,cAAc,SAAS,WAC3B,KAAK,cAAc,WAAW,UAC7B,KAAK,cAAc,UAAU;AAE/B;AACF,QAAI,KAAK,cAAc,oCAA+B;AACpD,WAAK,UAAU,KAAK;AAAA,IACtB,OAAO;AACL,WAAK,UAAU,KAAK;AAGpB,YAAM,KAAK,uBAAuB;AAAA,QAChC,QAAQ,KAAK,cAAc;AAAA,QAC3B,UAAU,KAAK,cAAc,MAAM;AAAA,QACnC,aAAa,KAAK,cAAc;AAAA,MAClC,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,iBAAiB;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAA8B;AAC5B,WAAO,KAAK,QAAQ,kBAAkB;AAAA,MACpC;AAAA,MACA,iBAAiB,MAAM,KAAK,mBAAmB;AAAA,MAC/C;AAAA,MACA,aAAa,YAAY,SAAS;AAAA,IACpC,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,uBACZ,QACA;AACA,UAAM,EAAE,WAAW,YAAY,IAAI,MAAM,KAAK;AAAA,MAC5C,OAAO;AAAA,IACT;AAEA,UAAM,EAAE,MAAM,OAAO,UAAU,IAAI,MAAM,KAAK,QAAQ,cAAc;AAAA,MAClE,SAAS;AAAA,QACP,WAAW,UAAU,WAAW,SAAS;AAAA,QACzC;AAAA,MACF;AAAA,MACA,OAAO,OAAO;AAAA,IAChB,CAAC;AAED,SAAK,cAAc,OAAO;AAAA,MACxB,GAAG;AAAA,MACH,cAAc,YAAY;AAAA,IAC5B;AACA,SAAK,cAAc;AAEnB,SAAK,cAAc,QAAQ;AAC3B,SAAK,cAAc,YAAY;AAC/B,SAAK,iBAAiB,KAAM;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,oBACZ,QACA;AACA,UAAM,EAAE,OAAO,mBAAmB,YAAY,IAC5C;AAEF,UAAM,WAAW,MAAM,KAAK,QAAQ,cAAc;AAAA,MAChD;AAAA,MACA,QAAQ;AAAA,QACN,iBAAiB,MAAM,KAAK,mBAAmB;AAAA,QAC/C;AAAA,QACA,aAAa,YAAY,SAAS;AAAA,MACpC;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,eAAe,QAA6B;AACxD,YAAQ,OAAO,QAAQ;AAAA,MACrB,KAAK,YAAY;AACf,cAAM,KAAK,uBAAuB,MAAM;AACxC;AAAA,MACF;AAAA,MACA,KAAK,SAAS;AACZ,cAAM,KAAK,oBAAoB,MAAM;AACrC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,6BAA6B,OAAe;AACxD,UAAM,YAAY,SAAS,qBAAqB;AAChD,UAAM,sBAAsB,SAAS,qBAAqB;AAE1D,UAAM,cAAc,MAAM,uBAAuB;AAAA,MAC/C,WAAW;AAAA,QACT,wBAAwB;AAAA,UACtB,aAAa;AAAA,UACb,oBAAoB;AAAA,UACpB,kBAAkB;AAAA,QACpB;AAAA,QACA;AAAA,QACA,IAAI;AAAA,UACF,IAAI,OAAO,SAAS;AAAA,UACpB,MAAM,OAAO,SAAS;AAAA,QACxB;AAAA,QACA,kBAAkB;AAAA,UAChB;AAAA,YACE,MAAM;AAAA,YACN,KAAK;AAAA,UACP;AAAA,UACA;AAAA,YACE,MAAM;AAAA,YACN,KAAK;AAAA,UACP;AAAA,QACF;AAAA,QACA,MAAM;AAAA,UACJ,IAAI;AAAA,UACJ,MAAM;AAAA,UACN,aAAa;AAAA,QACf;AAAA,MACF;AAAA,IACF,CAAC;AAED,WAAO,EAAE,WAAW,aAAa,oBAAoB;AAAA,EACvD;AAAA,EAEA,MAAc,qBAAqB;AACjC,QAAI,CAAC,KAAK,cAAc,UAAU,GAAG;AACnC,YAAM,KAAK,cAAc,KAAK;AAAA,IAChC;AAEA,SAAK,UAAU,KAAK;AAEpB,WAAO,KAAK,cAAc,UAAU;AAAA,EACtC;AACF;;;ASlYA;AAAA,EAeE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,iBAAiB;AAG1B,SAAS,2BAA2B;AACpC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAYP,IAAM,aAAN,MAAiB;AAAA,EACf,YAA6B,eAA6B;AAA7B;AAAA,EAA8B;AAAA,EAE3D,MAAM,iBAAwC;AAC5C,UAAM,OAAO,MAAM,KAAK,cAAc,QAAQ;AAE9C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,qBAAqB,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACxE;AAEA,WAAO,UAAU;AAAA,MACf,SAAS,KAAK;AAAA,MACd,aAAa,CAAC,EAAE,QAAQ,MAAM,KAAK,YAAY,OAAO;AAAA,MACtD,eAAe,CAIb,wBACG,KAAK,cAAsC,mBAAmB;AAAA,MACnE,iBAAiB,KAAK;AAAA,IACxB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,eAAe;AAAA,IACnB;AAAA,IACA;AAAA,EACF,GAEE;AACA,UAAM,OAAO,MAAM,KAAK,cAAc,QAAQ;AAE9C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,qBAAqB,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACxE;AAEA,WAAO,oBAAoB;AAAA,MACzB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT,YAAY;AAAA,QACV,SAAS;AAAA,QACT,SAAS;AAAA,MACX;AAAA,MACA,SAAS,KAAK;AAAA,MACd,OAAO,YAAY,KAAK,IAAI;AAAA,IAC9B,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBAAqB;AACzB,UAAM,MAAM,IAAI;AAAA,MACd,iBAAiB,KAAK,cAAc,cAAc,MAAM;AAAA,MACxD,KAAK,cAAc,cAAc;AAAA,IACnC;AACA,WAAO,sBAAsB;AAAA,MAC3B,WAAW,KAAK,IAAI,SAAS,CAAC;AAAA,IAChC,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,YAAY,KAAoC;AACpD,UAAM,cAAc,YAAY,GAAG;AACnC,UAAM,SAAS,MAAM,KAAK,cAAc,eAAoB,WAAW;AACvE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAGJ,QAAqE;AACrE,UAAM,cAAc,cAAc,MAAM;AACxC,WAAO,KAAK,cAAc,eAAe,WAAW;AAAA,EACtD;AAAA,EAEA,MAAM,gBAIJ,aACA,SAYA;AACA,UAAM,cAAc,SAAS,cAAc;AAC3C,UAAM,eAAe,MAAM,YAAY,WAAW;AAClD,UAAM,eAAe,MAAM,KAAK,cAAc;AAAA,MAC5C,UAAU,YAAY;AAAA,IACxB;AAEA,UAAM,YAAY;AAAA,MAChB,GAAG,SAAS,UAAU,cAAc,EAAE,OAAO,GAAG,CAAC;AAAA,MACjD,GAAG,SAAS,UAAU,cAAc,EAAE,OAAO,IAAI,QAAQ,GAAG,CAAC;AAAA,MAC7D,GAAG,OAAO,SAAS,UAAU,cAAc,EAAE,OAAO,GAAG,QAAQ,GAAG,CAAC,CAAC;AAAA,IACtE;AAEA,WAAO,YAAY,aAAa,SAAS;AAAA,EAC3C;AACF;;;ACjIA,IAAM,iBAAN,MAAqB;AAAA,EACF;AAAA,EACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EA2BjB,YAAY;AAAA,IACV;AAAA,IACA,MAAM,EAAE,UAAU,QAAQ,MAAM;AAAA,EAClC,GAAoC;AAClC,SAAK,mBAAmB,IAAI,gBAAgB;AAAA,MAC1C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAED,SAAK,WAAW;AAAA,MACd,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,MAC1C,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,MAC1C,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,IAC5C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AACF;","names":["jose","jose","sha256","error"]}
1	+ {"version":3,"sources":["../src/session/index.ts","../src/modules/auth/email.ts","../src/modules/auth/passkeys.ts","../src/modules/auth/oauth/google.ts","../src/errors/SDKError.ts","../src/errors/BadRequestError.ts","../src/modules/auth/oauth/facebook.ts","../src/modules/auth/oauth/apple.ts","../src/modules/auth/oauth.ts","../src/modules/auth/index.ts","../src/modules/user/index.ts","../src/signer/web.ts","../src/lib/base64.ts","../src/lib/bytes.ts","../src/signer/index.ts","../src/errors/UnauthorizedError.ts","../src/errors/NotFoundError.ts","../src/errors/GenericError.ts","../src/errors/UnauthenticatedError.ts","../src/types/routes.ts","../src/third-party/viem.ts","../src/index.ts"],"sourcesContent":["import { createStore, type StoreApi } from 'zustand'\nimport { persist, createJSONStorage } from 'zustand/middleware'\nimport { User } from '../types/entities.js'\n\nenum SessionType {\n Email = 'email',\n Passkeys = 'passkeys',\n OAuth = 'oauth',\n}\n\n/*\n The state of the session.\n /\ntype SessionState = {\n type?: SessionType\n user?: User\n bundle?: string\n token?: string\n csrfToken?: string\n}\n\n/\n A store for the session state.\n /\nclass SessionStore {\n private readonly _store: StoreApi<SessionState>\n\n constructor() {\n // Persist only `bundle` and `type` to localStorage.\n // `user` and `token` stay in memory (not persisted).\n this._store = createStore<SessionState>()(\n persist(this._getInitialState, {\n name: 'fourt-session',\n storage: createJSONStorage(() => localStorage),\n // keep only these keys in persisted storage\n partialize: (state) => ({ bundle: state.bundle, type: state.type }),\n }),\n )\n }\n\n /\n Gets the type from the session state.\n \n @returns {SessionType \| undefined} the type.\n /\n get type(): SessionType \| undefined {\n return this._store.getState().type\n }\n\n /\n Sets the type in the session state.\n \n @param {SessionType} type the type to set.\n /\n set type(type: SessionType) {\n this._store.setState({ type })\n }\n\n /\n Gets the token from the session state.\n \n @returns {string \| undefined} the token.\n /\n get token(): string \| undefined {\n return this._store.getState().token\n }\n\n /\n Sets the token in the session state.\n \n @param {string} token the token to set.\n /\n set token(token: string) {\n this._store.setState({ token })\n }\n\n /\n Gets the CSRF token from the session state.\n \n @returns {string \| undefined} the CSRF token.\n /\n get csrfToken(): string \| undefined {\n return this._store.getState().csrfToken\n }\n\n /\n Sets the CSRF token in the session state.\n \n @param {string} csrfToken the CSRF token to set.\n /\n set csrfToken(csrfToken: string) {\n this._store.setState({ csrfToken })\n }\n\n /\n Gets the bundle from the session state.\n \n @returns {string \| undefined} the bundle.\n /\n get bundle(): string \| undefined {\n return this._store.getState().bundle\n }\n\n /\n Sets the bundle in the session state.\n \n @param {string} bundle the bundle to set.\n /\n set bundle(bundle: string) {\n this._store.setState({ bundle })\n }\n\n /\n Gets the user from the session state.\n \n @returns {User \| undefined} the user.\n /\n get user(): User \| undefined {\n return this._store.getState().user\n }\n\n /\n Sets the user in the session state.\n \n @param {User} user the user to set.\n /\n set user(user: User) {\n this._store.setState({ ...this._store.getState(), user })\n }\n\n /\n Clears the user from the session state.\n /\n clearUser() {\n this._store.setState({ ...this._store.getState(), user: undefined })\n }\n\n /\n Clears the bundle from the session state.\n /\n clearBundle() {\n this._store.setState({ ...this._store.getState(), bundle: undefined })\n }\n\n /\n Clears the type from the session state.\n /\n clearType() {\n this._store.setState({ ...this._store.getState(), type: undefined })\n }\n\n /\n Clears the token from the session state.\n /\n clearToken() {\n this._store.setState({ ...this._store.getState(), token: undefined })\n }\n\n /\n Clears the token and user from the session state.\n /\n clearAll() {\n this.clearToken()\n this.clearUser()\n this.clearBundle()\n this.clearType()\n }\n\n private _getInitialState(): SessionState {\n return {\n type: undefined,\n user: undefined,\n bundle: undefined,\n token: undefined,\n }\n }\n}\n\nexport { SessionType, SessionStore }\nexport type { SessionState }\n","import { SessionType } from '../../session/index.js'\nimport type {\n WebSignerClient,\n EmailInitializeAuthParams,\n CompleteAuthWithBundleParams,\n} from '../../signer/web.js'\n\n/\n A module for interacting with the Email authentication methods.\n * Available through the `auth.email` property on a `FourtWebSigner` instance.\n /\nclass EmailModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Initialize user authentication process using email.\n \n @param params {EmailInitializeAuthParams} params to initialize the user authentication process.\n * @returns {Promise<void>} promise that resolves to the result of the authentication process.\n /\n async initialize(params: EmailInitializeAuthParams): Promise<void> {\n return this._webSignerClient.emailAuth(params)\n }\n\n /\n Completes authentication with bundle after user receives the bundle and subOrgId as URL params.\n \n @param params {CompleteAuthWithBundleParams} params received as URL params necessary to complete authentication process.\n * @returns {Promise<void>} promise that completes the authentication process.\n /\n async complete(\n params: Pick<CompleteAuthWithBundleParams, 'subOrgId' \| 'bundle'>,\n ): Promise<void> {\n return this._webSignerClient.completeAuthWithBundle({\n ...params,\n sessionType: SessionType.Email,\n })\n }\n}\n\nexport { EmailModule }\n","import type { WebSignerClient, WebauthnSignInParams } from '../../signer/web.js'\n\n/\n A module for interacting with the Passkeys authentication methods.\n * Available through the `auth.passkeys` property on a `FourtWebSigner` instance.\n /\nclass PasskeysModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Signs in a user using Passkeys.\n \n @param params {WebauthnSignInParams} params for the sign-in process.\n * @returns {Promise<void>} promise that resolves to the result of the sign-in process.\n /\n async signIn(params: WebauthnSignInParams) {\n return this._webSignerClient.webauthnSignIn(params)\n }\n}\n\nexport { PasskeysModule }\n","import as jose from 'jose'\nimport { sha256 } from 'sha.js'\nimport type { WebSignerClient } from '../../../signer/web.js'\n\nclass GoogleModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /*\n \n * @returns\n /\n async init(): Promise<string> {\n const initUrl = await this._webSignerClient.getOAuthInitUrl('google')\n\n const url = new URL(initUrl)\n\n const internalUrl = new URL(\n 'v1/oauth/google',\n this._webSignerClient.configuration.apiUrl,\n ).href\n url.searchParams.set('redirect_uri', internalUrl)\n\n const publicKey = await this._webSignerClient.getIframePublicKey()\n\n const nonce = new sha256().update(publicKey).digest('hex')\n url.searchParams.set('nonce', nonce)\n\n const state = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n url.searchParams.set('state', state)\n\n return url.toString()\n }\n}\n\nexport { GoogleModule }\n","type SDKErrorProps = {\n message: string\n}\n\nabstract class SDKError extends Error {\n private readonly _props: SDKErrorProps\n\n constructor(message: string, props: SDKErrorProps) {\n super(message)\n this._props = props\n }\n\n get message() {\n return this._props.message\n }\n}\n\nexport { SDKError }\nexport type { SDKErrorProps }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass BadRequestError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(BadRequestError.name, props)\n }\n}\n\nexport { BadRequestError }\n","import { BadRequestError } from '../../../errors/BadRequestError.js'\nimport { WebSignerClient } from '../../../signer/web.js'\nimport as jose from 'jose'\n\nclass FacebookModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n async init(): Promise<string> {\n const publicKey = await this._webSignerClient.getIframePublicKey()\n const internalUrl = new URL(\n 'v1/oauth/facebook',\n this._webSignerClient.configuration.apiUrl,\n ).href\n\n const jwt = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n\n const response = await fetch(internalUrl, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n state: jwt,\n }),\n })\n\n if (!response.ok) {\n throw new BadRequestError({\n message: `Failed to create OAuth state. Error: ${response.statusText}`,\n })\n }\n\n const { authUrl } = await response.json()\n if (!authUrl) {\n throw new BadRequestError({\n message: response.statusText,\n })\n }\n\n return authUrl\n }\n}\n\nexport { FacebookModule }\n","import * as jose from 'jose'\nimport { sha256 } from 'sha.js'\nimport type { WebSignerClient } from '../../../signer/web.js'\n\nclass AppleModule {\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /*\n \n * @returns\n /\n async init(): Promise<string> {\n const initUrl = await this._webSignerClient.getOAuthInitUrl('apple')\n\n const url = new URL(initUrl)\n\n const internalUrl = new URL(\n 'v1/oauth/apple',\n this._webSignerClient.configuration.apiUrl,\n ).href\n url.searchParams.set('redirect_uri', internalUrl)\n\n const publicKey = await this._webSignerClient.getIframePublicKey()\n\n const nonce = new sha256().update(publicKey).digest('hex')\n url.searchParams.set('nonce', nonce)\n\n const state = new jose.UnsecuredJWT({\n apiKey: this._webSignerClient.configuration.apiKey,\n redirectUrl: this._webSignerClient.oauthConfiguration!.common.redirectUrl,\n targetPublicKey: publicKey,\n internalUrl: internalUrl,\n origin: window.location.origin,\n }).encode()\n url.searchParams.set('state', state)\n\n return url.toString()\n }\n}\n\nexport { AppleModule }\n","import { SessionType } from '../../session/index.js'\nimport type { WebSignerClient } from '../../signer/web.js'\nimport { GoogleModule } from './oauth/google.js'\nimport { FacebookModule } from './oauth/facebook.js'\nimport { AppleModule } from './oauth/apple.js'\n\ntype CompleteParams = {\n bundle: string\n subOrgId: string\n}\n\nclass OAuthModule {\n private readonly _googleModule: GoogleModule\n private readonly _facebookModule: FacebookModule\n private readonly _appleModule: AppleModule\n\n constructor(private readonly _webSignerClient: WebSignerClient) {\n this._googleModule = new GoogleModule(this._webSignerClient)\n this._facebookModule = new FacebookModule(this._webSignerClient)\n this._appleModule = new AppleModule(this._webSignerClient)\n }\n\n get google() {\n return this._googleModule\n }\n\n get facebook() {\n return this._facebookModule\n }\n\n get apple() {\n return this._appleModule\n }\n\n async complete({ bundle, subOrgId }: CompleteParams) {\n await this._webSignerClient.completeAuthWithBundle({\n bundle,\n subOrgId,\n sessionType: SessionType.OAuth,\n })\n }\n}\n\nexport { OAuthModule }\n","import type { WebSignerClient } from '../../signer/web.js'\nimport { EmailModule } from './email.js'\nimport { PasskeysModule } from './passkeys.js'\nimport { OAuthModule } from './oauth.js'\n\n/\n A module for interacting with the authentication methods.\n * Available through the `auth` property on a `FourtWebSigner` instance.\n /\nclass AuthModule {\n private readonly _passkeys: PasskeysModule\n private readonly _email: EmailModule\n private readonly _oauth: OAuthModule\n\n /\n Initializes a new instance of the `AuthModule` class.\n \n @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.\n /\n constructor(private readonly _webSignerClient: WebSignerClient) {\n this._passkeys = new PasskeysModule(this._webSignerClient)\n this._email = new EmailModule(this._webSignerClient)\n this._oauth = new OAuthModule(this._webSignerClient)\n }\n\n /\n A module for interacting with the Passkeys authentication methods.\n /\n get passkeys() {\n return this._passkeys\n }\n\n /\n A module for interacting with the Passkeys authentication methods.\n /\n get email() {\n return this._email\n }\n\n get oauth() {\n return this._oauth\n }\n}\n\nexport { AuthModule }\nexport { PasskeysModule } from './passkeys.js'\nexport { EmailModule } from './email.js'\n","import { WebSignerClient } from '../../signer/web.js'\nimport { User } from '../../types/entities.js'\n\n/\n A module for interacting with the user methods.\n * Available through the `user` property on a `FourtWebSigner` instance.\n /\nclass UserModule {\n /\n Initializes a new instance of the `UserModule` class.\n \n @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.\n /\n constructor(private readonly _webSignerClient: WebSignerClient) {}\n\n /\n Retrieves information for the authenticated user.\n * Assumes a user is already logged in, otherwise it will throw an error.\n /\n async getInfo(): Promise<User> {\n return this._webSignerClient.getUser()\n }\n\n /\n Checks if a user is currently logged in to the fourt.io SDK.\n /\n async isLoggedIn(): Promise<boolean> {\n return this._webSignerClient.isLoggedIn()\n }\n\n /\n Generates an access token with a lifespan of 15 minutes.\n * Assumes a user is already logged in, otherwise it will throw an error.\n /\n async getToken(): Promise<string> {\n return this._webSignerClient.getToken()\n }\n\n /\n Logs out the user.\n /\n async logout(): Promise<void> {\n return this._webSignerClient.logout()\n }\n}\n\nexport { UserModule }\n","import { getWebAuthnAttestation } from '@turnkey/http'\nimport { IframeStamper } from '@turnkey/iframe-stamper'\nimport { WebauthnStamper } from '@turnkey/webauthn-stamper'\nimport { LibBase64 } from '../lib/base64.js'\nimport { LibBytes } from '../lib/bytes.js'\nimport { SessionType } from '../session/index.js'\nimport {\n type SignerClientInheritedConstructorParams,\n SignerClient,\n} from './index.js'\n\ntype WebauthnSignInParams = {\n email: string\n}\n\n// When user starts auth with email - can be either a signup or a signin\ntype EmailInitializeAuthParams = {\n email: string\n redirectUrl: string\n expirationSeconds?: number // Defaults to 15 minutes by Turnkey\n}\n\n// * When user completes auth with bundle\ntype CompleteAuthWithBundleParams = {\n bundle: string\n subOrgId: string\n sessionType: SessionType\n isNewUser?: boolean\n}\n\ntype GoogleOAuthSignInParams = {\n credential: string\n clientId: string\n}\n\nexport type OAuthConfiguration = {\n common: {\n redirectUrl: string\n }\n}\n\ntype WebSignerClientConstructorParams = SignerClientInheritedConstructorParams<{\n webauthn: {\n rpId: string\n }\n iframe?: {\n iframeElementId?: string\n iframeContainerId?: string\n }\n oauth?: OAuthConfiguration\n}>\n\ntype CreateAccountParams =\n \| ({\n method: 'webauthn'\n } & WebauthnSignInParams)\n \| ({\n method: 'email'\n } & EmailInitializeAuthParams)\n\n/*\n A signer client for web applications.\n /\nclass WebSignerClient extends SignerClient {\n private iframeStamper: IframeStamper\n private webauthnStamper: WebauthnStamper\n iframeConfig: {\n iframeElementId: string\n iframeContainerId: string\n }\n\n readonly oauthConfiguration: WebSignerClientConstructorParams['oauth']\n\n /\n Initializes a new instance of the `WebSignerClient` class.\n \n @param {WebSignerClientConstructorParams} params params for the constructor\n /\n constructor({\n configuration,\n webauthn,\n iframe,\n oauth,\n }: WebSignerClientConstructorParams) {\n const iframeConfig = {\n iframeElementId: iframe?.iframeElementId ?? 'turnkey-iframe',\n iframeContainerId: iframe?.iframeContainerId ?? 'signer-iframe-container',\n }\n\n const iframeContainer = document.createElement('div')\n iframeContainer.id = iframeConfig.iframeContainerId\n iframeContainer.style.display = 'none'\n document.body.appendChild(iframeContainer)\n\n const iframeStamper = new IframeStamper({\n iframeUrl: 'https://auth.turnkey.com',\n iframeElementId: iframeConfig.iframeElementId,\n iframeContainer: document.getElementById(iframeConfig.iframeContainerId),\n })\n\n super({\n stamper: iframeStamper, // Initialized to iframeStamper; can be either webauthnStamper or iframeStamper\n configuration: configuration,\n })\n\n this.iframeStamper = iframeStamper\n this.iframeConfig = iframeConfig\n this.webauthnStamper = new WebauthnStamper({ rpId: webauthn.rpId })\n\n this.oauthConfiguration = oauth\n }\n\n public override async logout() {\n super.logout()\n\n this.iframeStamper.clear()\n\n // In the latest TK iframe-stamper version, an IframeStamper\n // instance becomes unusable after being cleared, so a new\n // instance must be created.\n const stamper = new IframeStamper({\n iframeUrl: 'https://auth.turnkey.com',\n iframeElementId: this.iframeConfig.iframeElementId,\n iframeContainer: document.getElementById(\n this.iframeConfig.iframeContainerId,\n ),\n })\n this.iframeStamper = stamper\n await this._initIframeStamper()\n }\n\n public override async signRawMessage<Into extends string>(\n msg: string,\n ): Promise<Into> {\n await this._updateStamper()\n return super.signRawMessage(msg)\n }\n\n /\n Get the pre-filled URL for initiating oauth with a specific provider.\n \n @param {string} provider provider for which we are getting the URL, currently google or apple\n /\n public async getOAuthInitUrl(provider: string) {\n const { url } = await this.request('/v1/oauth/init', {\n provider,\n })\n\n return url\n }\n\n /\n Signs in a user with webauthn.\n \n @param {WebauthnSignInParams} params params for the sign in\n /\n public async webauthnSignIn({ email }: WebauthnSignInParams) {\n const existingUserSubOrgId = await this.lookUpUser(email)\n\n if (!existingUserSubOrgId) {\n await this._createAccount({ method: 'webauthn', email })\n } else {\n this.stamper = this.webauthnStamper\n await this.whoAmI(existingUserSubOrgId)\n\n this._sessionStore.type = SessionType.Passkeys\n\n // We should assure that the user and its credentialId are set\n if (!this._sessionStore.user \|\| !this._sessionStore.user.credentialId) {\n return\n }\n\n this.webauthnStamper.allowCredentials = [\n {\n id: LibBase64.toBuffer(this._sessionStore.user.credentialId),\n type: 'public-key',\n transports: ['internal', 'usb'],\n },\n ]\n }\n }\n\n /\n Handle auth user process with email.\n \n @param {EmailInitializeAuthParams} params Params needed for the initialization of the auth process\n /\n public async emailAuth(params: EmailInitializeAuthParams) {\n const existingUserSubOrgId = await this.lookUpUser(params.email)\n\n if (!existingUserSubOrgId) {\n await this._createAccount({ method: 'email', ...params })\n } else {\n await this._signInWithEmail(params)\n }\n }\n\n public async getIframePublicKey() {\n return await this._initIframeStamper()\n }\n\n /\n Completes the authentication process with a credential bundle.\n \n @param {CompleteAuthWithBundleParams} params params for the completion of the auth process\n /\n public async completeAuthWithBundle({\n bundle,\n subOrgId,\n sessionType,\n }: CompleteAuthWithBundleParams): Promise<void> {\n await this._initIframeStamper()\n\n const result = await this.iframeStamper.injectCredentialBundle(bundle)\n\n if (!result) {\n throw new Error('Failed to inject credential bundle')\n }\n\n await this.whoAmI(subOrgId)\n\n this._sessionStore.type = sessionType\n this._sessionStore.bundle = bundle\n }\n\n /\n Checks for an existing session and if exists, updates the stamper accordingly.\n /\n private async _updateStamper() {\n // User is not signed in\n if (\n this._sessionStore.type === undefined &&\n (this._sessionStore.bundle === undefined \|\|\n this._sessionStore.token === undefined)\n )\n return\n if (this._sessionStore.type === SessionType.Passkeys) {\n this.stamper = this.webauthnStamper\n } else {\n this.stamper = this.iframeStamper\n // We need to inject the credential bundle\n // Otherwise the user will not be able to sign\n await this.completeAuthWithBundle({\n bundle: this._sessionStore.bundle!,\n subOrgId: this._sessionStore.user?.subOrgId!,\n sessionType: this._sessionStore.type!,\n })\n }\n }\n\n /\n Signs in a user with email.\n \n @param {EmailInitializeAuthParams} params params for the sign in\n /\n private async _signInWithEmail({\n email,\n expirationSeconds,\n redirectUrl,\n }: EmailInitializeAuthParams) {\n return this.request('/v1/email-auth', {\n email,\n targetPublicKey: await this.getIframePublicKey(),\n expirationSeconds,\n redirectUrl: redirectUrl.toString(),\n })\n }\n\n /\n Creates a passkey account using the webauthn stamper.\n \n @param {Extract<CreateAccountParams, { method: 'webauthn' }>} params params for the creation of the account\n /\n private async _createWebauthnAccount(\n params: Extract<CreateAccountParams, { method: 'webauthn' }>,\n ) {\n const { challenge, attestation } = await this._webauthnGenerateAttestation(\n params.email,\n )\n\n const { user, token, csrfToken } = await this.request('/v1/signup', {\n passkey: {\n challenge: LibBase64.fromBuffer(challenge),\n attestation,\n },\n email: params.email,\n })\n\n this._sessionStore.user = {\n ...user,\n credentialId: attestation.credentialId,\n }\n this._sessionStore.type = SessionType.Passkeys\n // Tokens are always returned on passkey signup\n this._sessionStore.token = token!\n this._sessionStore.csrfToken = csrfToken!\n this._scheduleRefresh(token!)\n }\n\n /\n Creates an email account using the iframe stamper.\n \n @param {Extract<CreateAccountParams, { method: 'email' }>} params params for the creation of the account\n /\n private async _createEmailAccount(\n params: Extract<CreateAccountParams, { method: 'email' }>,\n ) {\n const { email, expirationSeconds, redirectUrl } =\n params as EmailInitializeAuthParams\n\n const response = await this.request('/v1/signup', {\n email,\n iframe: {\n targetPublicKey: await this.getIframePublicKey(),\n expirationSeconds,\n redirectUrl: redirectUrl.toString(),\n },\n })\n\n return response\n }\n\n /\n Handle the account creation process.\n \n @param {CreateAccountParams} params params to create an account\n /\n private async _createAccount(params: CreateAccountParams) {\n switch (params.method) {\n case 'webauthn': {\n await this._createWebauthnAccount(params)\n break\n }\n case 'email': {\n await this._createEmailAccount(params)\n break\n }\n }\n }\n\n private async _webauthnGenerateAttestation(email: string) {\n const challenge = LibBytes.generateRandomBuffer()\n const authenticatorUserId = LibBytes.generateRandomBuffer()\n\n const attestation = await getWebAuthnAttestation({\n publicKey: {\n authenticatorSelection: {\n residentKey: 'preferred',\n requireResidentKey: false,\n userVerification: 'preferred',\n },\n challenge,\n rp: {\n id: window.location.hostname,\n name: window.location.hostname,\n },\n pubKeyCredParams: [\n {\n type: 'public-key',\n alg: -7,\n },\n {\n type: 'public-key',\n alg: -257,\n },\n ],\n user: {\n id: authenticatorUserId,\n name: email,\n displayName: email,\n },\n },\n })\n\n return { challenge, attestation, authenticatorUserId }\n }\n\n private async _initIframeStamper() {\n if (!this.iframeStamper.publicKey()) {\n await this.iframeStamper.init()\n }\n\n this.stamper = this.iframeStamper\n\n return this.iframeStamper.publicKey()!\n }\n}\n\nexport { WebSignerClient }\nexport type {\n CompleteAuthWithBundleParams,\n CreateAccountParams,\n EmailInitializeAuthParams,\n GoogleOAuthSignInParams,\n WebauthnSignInParams,\n WebSignerClientConstructorParams,\n}\n","import { Buffer } from 'buffer'\n\nclass LibBase64 {\n static fromBuffer(buffer: ArrayBuffer): string {\n return Buffer.from(buffer)\n .toString('base64')\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=/g, '')\n }\n\n static toBuffer(base64: string): ArrayBuffer {\n return Buffer.from(base64, 'base64').buffer\n }\n}\n\nexport { LibBase64 }\n","type TakeBytesParams = Partial<{\n count: number\n offset: number\n}>\n\ntype ByteString = `0x${string}`\n\nclass LibBytes {\n static generateRandomBuffer = (): ArrayBuffer => {\n const arr = new Uint8Array(32)\n crypto.getRandomValues(arr)\n return arr.buffer\n }\n\n static takeBytes = (\n bytes: ByteString,\n params: TakeBytesParams = {},\n ): ByteString => {\n const { offset, count } = params\n const start = (offset ? offset 2 : 0) + 2 // add 2 to skip the 0x prefix\n const end = count ? start + count * 2 : undefined\n\n return `0x${bytes.slice(start, end)}`\n }\n}\n\nexport { LibBytes }\n","import { TurnkeyClient } from '@turnkey/http'\nimport {\n BadRequestError,\n GenericError,\n NotFoundError,\n UnauthorizedError,\n} from '../errors/index.js'\nimport { SDKError } from '../errors/SDKError.js'\nimport { SessionStore } from '../session/index.js'\nimport { APIResponse } from '../types/rest.js'\nimport {\n AuthenticationServiceBody,\n AuthenticationServiceResponse,\n AuthenticationServiceRoutes,\n ROUTE_METHOD_MAP,\n} from '../types/routes.js'\nimport { jwtDecode, JwtPayload } from 'jwt-decode'\nimport { differenceInMilliseconds, isBefore, subMinutes } from 'date-fns'\n\ntype SignerClientConfiguration = {\n apiKey: string\n apiUrl?: string\n paymasterRpcUrl?: string\n}\n\ntype SignerClientConstructorParams = {\n stamper: TurnkeyClient['stamper']\n configuration: SignerClientConfiguration\n}\n\ntype SignerClientInheritedConstructorParams<\n Extended extends Record<string, unknown>,\n> = Pick<SignerClientConstructorParams, 'configuration'> & Extended\n\nabstract class SignerClient {\n protected readonly _turnkeyClient: TurnkeyClient\n protected readonly _configuration: Required<\n SignerClientConstructorParams['configuration']\n >\n protected readonly _sessionStore: SessionStore\n\n private _refreshPromise?: Promise<void>\n private _refreshTimer?: ReturnType<typeof setTimeout>\n\n constructor({\n stamper,\n configuration: { apiUrl, paymasterRpcUrl, ...requiredConfiguration },\n }: SignerClientConstructorParams) {\n this._turnkeyClient = new TurnkeyClient(\n { baseUrl: 'https://api.turnkey.com' },\n stamper,\n )\n\n this._configuration = {\n ...requiredConfiguration,\n apiUrl: apiUrl ?? 'https://auth.api.fourt.io/',\n paymasterRpcUrl: paymasterRpcUrl ?? 'https://management.api.fourt.io/',\n }\n\n this._sessionStore = new SessionStore()\n }\n\n get configuration(): Required<SignerClientConfiguration> {\n return this._configuration\n }\n\n public async getUser() {\n if (this._sessionStore.user) return this._sessionStore.user\n\n try {\n const user = await this.request('/v1/me')\n this._sessionStore.user = user\n return user\n } catch (error) {\n // If unauthorized, try to refresh token and retry once\n if (error instanceof UnauthorizedError) {\n try {\n await this._refreshToken()\n const user = await this.request('/v1/me')\n this._sessionStore.user = user\n return user\n } catch (error) {\n throw error\n }\n }\n throw error\n }\n }\n\n public async isLoggedIn() {\n const token = this._sessionStore.token\n\n // If we have a token and it's still valid, we're logged in\n if (token && !this._isTokenExpired(token)) return true\n\n // Otherwise try to refresh (covers no token and expired token)\n try {\n await this._refreshToken()\n return !!this._sessionStore.token\n } catch {\n return false\n }\n }\n\n public async getToken(): Promise<string> {\n // Try to use existing token\n if (!this._sessionStore.token) {\n // No token: attempt refresh (may throw)\n try {\n await this._refreshToken()\n } catch {\n throw new UnauthorizedError({\n message: 'No token found, user might not be logged in',\n })\n }\n } else if (this._isTokenExpired(this._sessionStore.token)) {\n // Token expired: attempt refresh (may throw)\n try {\n await this._refreshToken()\n } catch {\n throw new UnauthorizedError({\n message: 'Token expired and refresh failed',\n })\n }\n }\n\n const token = this._sessionStore.token\n if (!token) {\n throw new UnauthorizedError({\n message: 'No token found, user might not be logged in',\n })\n }\n return token\n }\n\n private _isTokenExpired(token: string): boolean {\n try {\n const decoded = jwtDecode<JwtPayload>(token)\n if (decoded.exp) {\n return decoded.exp * 1000 <= Date.now()\n }\n return true // If no exp claim, consider it expired\n } catch {\n return true // If token is malformed, consider it expired\n }\n }\n\n public async logout() {\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n this._refreshTimer = undefined\n await this.request('/v1/logout')\n this._sessionStore.clearAll()\n }\n\n public async signRawMessage<Into extends string>(msg: string): Promise<Into> {\n if (!this._sessionStore.token \|\| !this._sessionStore.user) {\n throw new UnauthorizedError({\n message: 'SignerClient must be authenticated to sign a message',\n })\n }\n\n const stampedRequest = await this._turnkeyClient.stampSignRawPayload({\n organizationId: this._sessionStore.user.subOrgId,\n type: 'ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2',\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: 'PAYLOAD_ENCODING_HEXADECIMAL',\n hashFunction: 'HASH_FUNCTION_NO_OP',\n payload: msg,\n signWith: this._sessionStore.user.walletAddress,\n },\n })\n\n const { signature } = await this.request('/v1/sign', {\n stampedRequest,\n })\n\n return <Into>signature\n }\n\n protected set stamper(stamper: TurnkeyClient['stamper']) {\n this._turnkeyClient.stamper = stamper\n }\n\n protected get stamper(): TurnkeyClient['stamper'] {\n return this._turnkeyClient.stamper\n }\n\n protected async lookUpUser(email: string): Promise<string \| null> {\n try {\n const { subOrgId } = await this.request('/v1/lookup', { email })\n return subOrgId\n } catch (error) {\n if (!(error instanceof SDKError)) throw error\n\n const sdkError: SDKError = error\n\n switch (sdkError.constructor.name) {\n case NotFoundError.name: {\n return null\n }\n default: {\n throw sdkError\n }\n }\n }\n }\n\n protected async whoAmI(subOrgId?: string) {\n const orgId = subOrgId \|\| this._sessionStore.user?.subOrgId\n\n if (!orgId) throw new BadRequestError({ message: 'No orgId provided' })\n\n const stampedRequest = await this._turnkeyClient.stampGetWhoami({\n organizationId: orgId,\n })\n\n const { user, token, csrfToken } = await this.request('/v1/signin', {\n stampedRequest,\n })\n\n const credentialId = (() => {\n try {\n return JSON.parse(stampedRequest?.stamp.stampHeaderValue)\n .credentialId as string\n } catch (e) {\n return undefined\n }\n })()\n\n this._sessionStore.user = {\n ...user,\n credentialId: credentialId,\n }\n this._sessionStore.token = token\n this._sessionStore.csrfToken = csrfToken\n this._scheduleRefresh(token)\n }\n\n protected async request<Route extends AuthenticationServiceRoutes>(\n route: Route,\n body?: AuthenticationServiceBody<Route>,\n ): Promise<AuthenticationServiceResponse<Route>> {\n const url = new URL(`${route}`, this._configuration.apiUrl)\n const token = this._sessionStore.token\n const csrfToken = this._sessionStore.csrfToken\n\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'X-FOURT-KEY': this._configuration.apiKey,\n }\n\n if (token) {\n headers['Authorization'] = `Bearer ${token}`\n }\n\n if (csrfToken) {\n headers['X-CSRF-Token'] = csrfToken\n }\n\n const response = await fetch(url, {\n method: ROUTE_METHOD_MAP[route],\n body: JSON.stringify(body),\n headers,\n credentials: 'include',\n })\n\n const { data, error } = (await response.json()) as APIResponse<\n AuthenticationServiceResponse<Route>\n >\n\n if (error) {\n switch (error.kind) {\n case 'UnauthorizedError': {\n throw new UnauthorizedError({ message: error.message })\n }\n case 'NotFoundError': {\n throw new NotFoundError({ message: error.message })\n }\n case 'BadRequestError': {\n throw new BadRequestError({ message: error.message })\n }\n default: {\n throw new GenericError({ message: error.message })\n }\n }\n }\n\n return { ...data } as AuthenticationServiceResponse<Route>\n }\n\n protected _scheduleRefresh(token: string) {\n try {\n const decoded = jwtDecode<JwtPayload>(token)\n if (!decoded.exp) return\n\n const expiryDate = new Date(decoded.exp * 1000)\n const refreshDate = subMinutes(expiryDate, 2) // refresh 2min early\n\n // If the refresh time is already past, run immediately\n const delay = isBefore(refreshDate, new Date())\n ? 0\n : differenceInMilliseconds(refreshDate, new Date())\n\n // Clear previous timer to avoid duplicates\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n\n // Schedule refresh\n this._refreshTimer = setTimeout(() => {\n this._refreshTimer = undefined\n this._refreshToken()\n }, delay)\n } catch {\n // ignore errors\n }\n }\n\n private async _refreshToken(): Promise<void> {\n if (this._refreshPromise) return this._refreshPromise\n\n // Keep a reference so callers can await the same promise\n this._refreshPromise = (async () => {\n const TIMEOUT_MS = 10_000\n const RETRY_DELAY_MS = 5_000\n\n try {\n // Check if csrfToken is in memory, if not get a new one\n if (!this._sessionStore.csrfToken) {\n const { csrfToken } = await this.request('/v1/csrf-token')\n this._sessionStore.csrfToken = csrfToken\n }\n\n // Avoid hanging indefinitely by racing the request with a timeout\n const refreshPromise = this.request('/v1/refresh')\n const data = await Promise.race([\n refreshPromise,\n new Promise<never>((_, reject) =>\n setTimeout(() => reject(new Error('Refresh timeout')), TIMEOUT_MS),\n ),\n ])\n\n if (!data \|\| !data.token \|\| !data.csrfToken) {\n // Treat missing tokens as auth failure\n throw new UnauthorizedError({\n message: 'Refresh did not return tokens',\n })\n }\n\n this._sessionStore.token = data.token\n this._sessionStore.csrfToken = data.csrfToken\n this._scheduleRefresh(data.token)\n } catch (error) {\n // On auth errors, clear session to avoid repeated failing retries\n if (error instanceof UnauthorizedError) {\n try {\n this._sessionStore.clearAll()\n } catch {\n // ignore errors\n }\n throw error\n }\n\n // Transient error: schedule a retry (non-blocking) and rethrow so callers know it failed\n if (this._refreshTimer) clearTimeout(this._refreshTimer)\n const MAX_RETRIES = 5\n let retryCount = 0\n\n // We schedule a background retry after RETRY_DELAY_MS using setTimeout\n this._refreshTimer = setTimeout(() => {\n this._refreshTimer = undefined\n void this._refreshToken().catch(() => {\n // Increments retryCount and, if still under MAX_RETRIES, schedules\n // another retry using exponential backoff (capped at 60s)\n retryCount++\n if (retryCount <= MAX_RETRIES) {\n const nextDelay = Math.min(\n RETRY_DELAY_MS * 2 (retryCount - 1),\n 60_000,\n )\n this._refreshTimer = setTimeout(() => {\n // When the timer fires we clear the stored id and call _refreshToken() in a\n // fire-and-forget manner (void ... .catch(...)) so the retry runs asynchronously\n // and doesn't block or change the control flow of the original caller.\n this._refreshTimer = undefined\n void this._refreshToken().catch(() => {})\n }, nextDelay)\n }\n })\n }, RETRY_DELAY_MS)\n\n throw error\n } finally {\n this._refreshPromise = undefined\n }\n })()\n\n return this._refreshPromise\n }\n}\n\nexport { SignerClient }\nexport type {\n SignerClientConstructorParams,\n SignerClientInheritedConstructorParams,\n}\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass UnauthorizedError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(UnauthorizedError.name, props)\n }\n}\n\nexport { UnauthorizedError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass NotFoundError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(NotFoundError.name, props)\n }\n}\n\nexport { NotFoundError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass GenericError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(GenericError.name, props)\n }\n}\n\nexport { GenericError }\n","import { SDKErrorProps, SDKError } from './SDKError.js'\n\nclass UnauthenticatedError extends SDKError {\n constructor(props: SDKErrorProps) {\n super(UnauthenticatedError.name, props)\n }\n}\n\nexport { UnauthenticatedError }\n","import { getWebAuthnAttestation, TSignedRequest } from '@turnkey/http'\nimport { User } from './entities.js'\nimport { AtLeastOne } from './string.js'\n\ntype AuthenticationServiceRoutes =\n AuthenticationServiceEndpoints[number]['Route']\n\ntype AuthenticationServiceBody<Route extends AuthenticationServiceRoutes> =\n Extract<AuthenticationServiceEndpoints[number], { Route: Route }>['Body']\n\ntype AuthenticationServiceResponse<Route extends AuthenticationServiceRoutes> =\n Extract<AuthenticationServiceEndpoints[number], { Route: Route }>['Response']\n\ntype AuthenticationServiceEndpoints = [\n {\n Route: '/v1/email-auth'\n Body: {\n email: string\n targetPublicKey: string\n redirectUrl: string\n expirationSeconds?: number\n }\n Response: {\n subOrgId: string\n }\n },\n {\n Route: '/v1/signup'\n Body: AtLeastOne<{\n passkey: {\n challenge: string\n attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>\n }\n iframe: {\n targetPublicKey: string\n redirectUrl: string\n expirationSeconds?: number\n }\n }> & { email: string }\n Response: {\n user: User\n token?: string\n csrfToken?: string\n }\n },\n {\n Route: '/v1/lookup'\n Body: {\n email: string\n }\n Response: {\n subOrgId: string\n }\n },\n {\n Route: '/v1/signin'\n Body: {\n stampedRequest: TSignedRequest\n }\n Response: {\n user: User\n token: string\n csrfToken: string\n }\n },\n {\n Route: '/v1/sign'\n Body: {\n stampedRequest: TSignedRequest\n }\n Response: {\n signature: string\n }\n },\n {\n Route: '/v1/oauth/init'\n Body: {\n provider: string\n }\n Response: {\n url: string\n }\n },\n {\n Route: '/v1/refresh'\n Body: {}\n Response: {\n token: string\n csrfToken: string\n }\n },\n {\n Route: '/v1/csrf-token'\n Body: {}\n Response: {\n csrfToken: string\n }\n },\n {\n Route: '/v1/logout'\n Body: {}\n Response: {}\n },\n {\n Route: '/v1/me'\n Body: {}\n Response: User\n },\n]\n\nconst ROUTE_METHOD_MAP = {\n '/v1/signup': 'POST',\n '/v1/email-auth': 'POST',\n '/v1/lookup': 'POST',\n '/v1/signin': 'POST',\n '/v1/sign': 'POST',\n '/v1/oauth/init': 'POST',\n '/v1/refresh': 'POST',\n '/v1/csrf-token': 'GET',\n '/v1/logout': 'POST',\n '/v1/me': 'GET',\n} satisfies Record<AuthenticationServiceRoutes, 'POST' \| 'GET'>\n\nexport type {\n AuthenticationServiceEndpoints,\n AuthenticationServiceResponse,\n AuthenticationServiceBody,\n AuthenticationServiceRoutes,\n}\n\nexport { ROUTE_METHOD_MAP }\n","import {\n type Chain,\n type Client,\n type GetTransactionType,\n type Hex,\n type IsNarrowable,\n type JsonRpcAccount,\n type LocalAccount,\n type TypedData,\n type TypedDataDefinition,\n type SignableMessage,\n type SerializeTransactionFn,\n type TransactionSerializable,\n type TransactionSerialized,\n type Transport,\n hashMessage,\n hashTypedData,\n serializeTransaction,\n keccak256,\n hexToBigInt,\n http,\n} from 'viem'\nimport { toAccount } from 'viem/accounts'\nimport { SignerClient } from '../signer/index.js'\nimport { LibBytes } from '../lib/bytes.js'\nimport { toLightSmartAccount } from 'permissionless/accounts'\nimport {\n createPaymasterClient,\n entryPoint07Address,\n} from 'viem/account-abstraction'\nimport { UnauthenticatedError } from '../errors/UnauthenticatedError.js'\n\ntype CurrentUserToLightSmartAccountParams = {\n owner: LocalAccount\n client: Client<\n Transport,\n Chain \| undefined,\n JsonRpcAccount \| LocalAccount \| undefined\n >\n}\n\nclass ViemModule {\n constructor(private readonly _signerClient: SignerClient) {}\n\n async toLocalAccount(): Promise<LocalAccount> {\n const user = await this._signerClient.getUser()\n\n if (!user) {\n throw new UnauthenticatedError({ message: 'Signer not authenticated' })\n }\n\n return toAccount({\n address: user.walletAddress,\n signMessage: ({ message }: { message: SignableMessage }) =>\n this.signMessage(message),\n signTypedData: <\n const typedData extends TypedData \| Record<string, unknown>,\n primaryType extends keyof typedData \| 'EIP712Domain' = keyof typedData,\n >(\n typedDataDefinition: TypedDataDefinition<typedData, primaryType>,\n ) => this.signTypedData<typedData, primaryType>(typedDataDefinition),\n signTransaction: this.signTransaction,\n })\n }\n\n async toSmartAccount({\n client,\n owner,\n }: CurrentUserToLightSmartAccountParams): ReturnType<\n typeof toLightSmartAccount<'0.7'>\n > {\n const user = await this._signerClient.getUser()\n\n if (!user) {\n throw new UnauthenticatedError({ message: 'Signer not authenticated' })\n }\n\n return toLightSmartAccount({\n client,\n owner,\n version: '2.0.0',\n entryPoint: {\n address: entryPoint07Address,\n version: '0.7',\n },\n address: user.smartAccountAddress,\n index: hexToBigInt(user.salt),\n })\n }\n\n async getPaymasterClient() {\n const url = new URL(\n `v1/rpc?apiKey=${this._signerClient.configuration.apiKey}`,\n this._signerClient.configuration.paymasterRpcUrl,\n )\n return createPaymasterClient({\n transport: http(url.toString()),\n })\n }\n\n async signMessage(msg: SignableMessage): Promise<Hex> {\n const messageHash = hashMessage(msg)\n const result = await this._signerClient.signRawMessage<Hex>(messageHash)\n return result\n }\n\n async signTypedData<\n TTypedData extends TypedData \| Record<string, unknown>,\n TPrimaryType extends keyof TTypedData \| 'EIP712Domain' = keyof TTypedData,\n >(params: TypedDataDefinition<TTypedData, TPrimaryType>): Promise<Hex> {\n const messageHash = hashTypedData(params)\n return this._signerClient.signRawMessage(messageHash)\n }\n\n async signTransaction<\n serializer extends SerializeTransactionFn<TransactionSerializable> = SerializeTransactionFn<TransactionSerializable>,\n transaction extends Parameters<serializer>[0] = Parameters<serializer>[0],\n >(\n transaction: transaction,\n options?:\n \| {\n serializer?: serializer \| undefined\n }\n \| undefined,\n ): Promise<\n IsNarrowable<\n TransactionSerialized<GetTransactionType<transaction>>,\n Hex\n > extends true\n ? TransactionSerialized<GetTransactionType<transaction>>\n : Hex\n > {\n const serializeFn = options?.serializer ?? serializeTransaction\n const serializedTx = await serializeFn(transaction)\n const signatureHex = await this._signerClient.signRawMessage<Hex>(\n keccak256(serializedTx),\n )\n\n const signature = {\n r: LibBytes.takeBytes(signatureHex, { count: 32 }),\n s: LibBytes.takeBytes(signatureHex, { count: 32, offset: 32 }),\n v: BigInt(LibBytes.takeBytes(signatureHex, { count: 1, offset: 64 })),\n }\n\n return serializeFn(transaction, signature)\n }\n}\n\nexport { ViemModule }\n","import { AuthModule, UserModule } from './modules/index.js'\nimport { SignerClientConstructorParams } from './signer/index.js'\nimport {\n WebSignerClient,\n WebSignerClientConstructorParams,\n} from './signer/web.js'\nimport { ViemModule } from './third-party/viem.js'\n\ntype FourtWebSignerConstructorParams = {\n configuration: SignerClientConstructorParams['configuration']\n auth: Pick<WebSignerClientConstructorParams, 'webauthn' \| 'iframe' \| 'oauth'>\n}\n\n/\n * A client for interacting with the Fourt Web Signer.\n /\nclass FourtWebSigner {\n private readonly _webSignerClient: WebSignerClient\n private readonly _modules: {\n viem: ViemModule\n auth: AuthModule\n user: UserModule\n }\n\n /\n Initializes a new instance of the `FourtWebSigner` class.\n * Sets up the underlying modules.\n \n \n * @example\n * ```ts\n * const fourtWebSigner = new FourtWebSigner({\n * auth: {\n * webauthn: {\n * rpId: 'localhost',\n * },\n * },\n * configuration: {\n * apiKey: '927d603c-6775-4210-8e13-8904ca985e78',\n * },\n * })\n * ```\n \n @param {FourtWebSignerConstructorParams} params the required parameters to initialize the client\n /\n constructor({\n configuration,\n auth: { webauthn, iframe, oauth },\n }: FourtWebSignerConstructorParams) {\n this._webSignerClient = new WebSignerClient({\n configuration,\n webauthn,\n iframe,\n oauth,\n })\n\n this._modules = {\n viem: new ViemModule(this._webSignerClient),\n auth: new AuthModule(this._webSignerClient),\n user: new UserModule(this._webSignerClient),\n }\n }\n\n /\n A module for interacting with the Viem library.\n /\n get viem() {\n return this._modules.viem\n }\n\n /\n A module for interacting with the authentication methods.\n /\n get auth() {\n return this._modules.auth\n }\n\n /\n A module for interacting with the user methods.\n */\n get user() {\n return this._modules.user\n }\n}\n\nexport { FourtWebSigner }\n"],"mappings":";AAAA,SAAS,mBAAkC;AAC3C,SAAS,SAAS,yBAAyB;AAuB3C,IAAM,eAAN,MAAmB;AAAA,EACA;AAAA,EAEjB,cAAc;AAGZ,SAAK,SAAS,YAA0B;AAAA,MACtC,QAAQ,KAAK,kBAAkB;AAAA,QAC7B,MAAM;AAAA,QACN,SAAS,kBAAkB,MAAM,YAAY;AAAA;AAAA,QAE7C,YAAY,CAAC,WAAW,EAAE,QAAQ,MAAM,QAAQ,MAAM,MAAM,KAAK;AAAA,MACnE,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAgC;AAClC,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,KAAK,MAAmB;AAC1B,SAAK,OAAO,SAAS,EAAE,KAAK,CAAC;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,QAA4B;AAC9B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,MAAM,OAAe;AACvB,SAAK,OAAO,SAAS,EAAE,MAAM,CAAC;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,YAAgC;AAClC,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,UAAU,WAAmB;AAC/B,SAAK,OAAO,SAAS,EAAE,UAAU,CAAC;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,SAA6B;AAC/B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAO,QAAgB;AACzB,SAAK,OAAO,SAAS,EAAE,OAAO,CAAC;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,OAAyB;AAC3B,WAAO,KAAK,OAAO,SAAS,EAAE;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,KAAK,MAAY;AACnB,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,KAAK,CAAC;AAAA,EAC1D;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY;AACV,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,MAAM,OAAU,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc;AACZ,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,QAAQ,OAAU,CAAC;AAAA,EACvE;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY;AACV,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,MAAM,OAAU,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa;AACX,SAAK,OAAO,SAAS,EAAE,GAAG,KAAK,OAAO,SAAS,GAAG,OAAO,OAAU,CAAC;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA,EAKA,WAAW;AACT,SAAK,WAAW;AAChB,SAAK,UAAU;AACf,SAAK,YAAY;AACjB,SAAK,UAAU;AAAA,EACjB;AAAA,EAEQ,mBAAiC;AACvC,WAAO;AAAA,MACL,MAAM;AAAA,MACN,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,OAAO;AAAA,IACT;AAAA,EACF;AACF;;;ACrKA,IAAM,cAAN,MAAkB;AAAA,EAChB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjE,MAAM,WAAW,QAAkD;AACjE,WAAO,KAAK,iBAAiB,UAAU,MAAM;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SACJ,QACe;AACf,WAAO,KAAK,iBAAiB,uBAAuB;AAAA,MAClD,GAAG;AAAA,MACH;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AChCA,IAAM,iBAAN,MAAqB;AAAA,EACnB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjE,MAAM,OAAO,QAA8B;AACzC,WAAO,KAAK,iBAAiB,eAAe,MAAM;AAAA,EACpD;AACF;;;AClBA,YAAY,UAAU;AACtB,SAAS,cAAc;AAGvB,IAAM,eAAN,MAAmB;AAAA,EACjB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,OAAwB;AAC5B,UAAM,UAAU,MAAM,KAAK,iBAAiB,gBAAgB,QAAQ;AAEpE,UAAM,MAAM,IAAI,IAAI,OAAO;AAE3B,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AACF,QAAI,aAAa,IAAI,gBAAgB,WAAW;AAEhD,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AAEjE,UAAM,QAAQ,IAAI,OAAO,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AACzD,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,UAAM,QAAQ,IAAS,kBAAa;AAAA,MAClC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AACV,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;;;AClCA,IAAe,WAAf,cAAgC,MAAM;AAAA,EACnB;AAAA,EAEjB,YAAY,SAAiB,OAAsB;AACjD,UAAM,OAAO;AACb,SAAK,SAAS;AAAA,EAChB;AAAA,EAEA,IAAI,UAAU;AACZ,WAAO,KAAK,OAAO;AAAA,EACrB;AACF;;;ACbA,IAAM,kBAAN,MAAM,yBAAwB,SAAS;AAAA,EACrC,YAAY,OAAsB;AAChC,UAAM,iBAAgB,MAAM,KAAK;AAAA,EACnC;AACF;;;ACJA,YAAYA,WAAU;AAEtB,IAAM,iBAAN,MAAqB;AAAA,EACnB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA,EAEjE,MAAM,OAAwB;AAC5B,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AACjE,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AAEF,UAAM,MAAM,IAAS,mBAAa;AAAA,MAChC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AAEV,UAAM,WAAW,MAAM,MAAM,aAAa;AAAA,MACxC,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU;AAAA,QACnB,OAAO;AAAA,MACT,CAAC;AAAA,IACH,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,gBAAgB;AAAA,QACxB,SAAS,wCAAwC,SAAS,UAAU;AAAA,MACtE,CAAC;AAAA,IACH;AAEA,UAAM,EAAE,QAAQ,IAAI,MAAM,SAAS,KAAK;AACxC,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,gBAAgB;AAAA,QACxB,SAAS,SAAS;AAAA,MACpB,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AACF;;;AC7CA,YAAYC,WAAU;AACtB,SAAS,UAAAC,eAAc;AAGvB,IAAM,cAAN,MAAkB;AAAA,EAChB,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,OAAwB;AAC5B,UAAM,UAAU,MAAM,KAAK,iBAAiB,gBAAgB,OAAO;AAEnE,UAAM,MAAM,IAAI,IAAI,OAAO;AAE3B,UAAM,cAAc,IAAI;AAAA,MACtB;AAAA,MACA,KAAK,iBAAiB,cAAc;AAAA,IACtC,EAAE;AACF,QAAI,aAAa,IAAI,gBAAgB,WAAW;AAEhD,UAAM,YAAY,MAAM,KAAK,iBAAiB,mBAAmB;AAEjE,UAAM,QAAQ,IAAIA,QAAO,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AACzD,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,UAAM,QAAQ,IAAS,mBAAa;AAAA,MAClC,QAAQ,KAAK,iBAAiB,cAAc;AAAA,MAC5C,aAAa,KAAK,iBAAiB,mBAAoB,OAAO;AAAA,MAC9D,iBAAiB;AAAA,MACjB;AAAA,MACA,QAAQ,OAAO,SAAS;AAAA,IAC1B,CAAC,EAAE,OAAO;AACV,QAAI,aAAa,IAAI,SAAS,KAAK;AAEnC,WAAO,IAAI,SAAS;AAAA,EACtB;AACF;;;AC3BA,IAAM,cAAN,MAAkB;AAAA,EAKhB,YAA6B,kBAAmC;AAAnC;AAC3B,SAAK,gBAAgB,IAAI,aAAa,KAAK,gBAAgB;AAC3D,SAAK,kBAAkB,IAAI,eAAe,KAAK,gBAAgB;AAC/D,SAAK,eAAe,IAAI,YAAY,KAAK,gBAAgB;AAAA,EAC3D;AAAA,EARiB;AAAA,EACA;AAAA,EACA;AAAA,EAQjB,IAAI,SAAS;AACX,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,WAAW;AACb,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,SAAS,EAAE,QAAQ,SAAS,GAAmB;AACnD,UAAM,KAAK,iBAAiB,uBAAuB;AAAA,MACjD;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AChCA,IAAM,aAAN,MAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUf,YAA6B,kBAAmC;AAAnC;AAC3B,SAAK,YAAY,IAAI,eAAe,KAAK,gBAAgB;AACzD,SAAK,SAAS,IAAI,YAAY,KAAK,gBAAgB;AACnD,SAAK,SAAS,IAAI,YAAY,KAAK,gBAAgB;AAAA,EACrD;AAAA,EAbiB;AAAA,EACA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA,EAgBjB,IAAI,WAAW;AACb,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,IAAI,QAAQ;AACV,WAAO,KAAK;AAAA,EACd;AACF;;;ACnCA,IAAM,aAAN,MAAiB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMf,YAA6B,kBAAmC;AAAnC;AAAA,EAAoC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMjE,MAAM,UAAyB;AAC7B,WAAO,KAAK,iBAAiB,QAAQ;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAA+B;AACnC,WAAO,KAAK,iBAAiB,WAAW;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAA4B;AAChC,WAAO,KAAK,iBAAiB,SAAS;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAwB;AAC5B,WAAO,KAAK,iBAAiB,OAAO;AAAA,EACtC;AACF;;;AC5CA,SAAS,8BAA8B;AACvC,SAAS,qBAAqB;AAC9B,SAAS,uBAAuB;;;ACFhC,SAAS,cAAc;AAEvB,IAAM,YAAN,MAAgB;AAAA,EACd,OAAO,WAAW,QAA6B;AAC7C,WAAO,OAAO,KAAK,MAAM,EACtB,SAAS,QAAQ,EACjB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,MAAM,EAAE;AAAA,EACrB;AAAA,EAEA,OAAO,SAAS,QAA6B;AAC3C,WAAO,OAAO,KAAK,QAAQ,QAAQ,EAAE;AAAA,EACvC;AACF;;;ACPA,IAAM,WAAN,MAAe;AAAA,EACb,OAAO,uBAAuB,MAAmB;AAC/C,UAAM,MAAM,IAAI,WAAW,EAAE;AAC7B,WAAO,gBAAgB,GAAG;AAC1B,WAAO,IAAI;AAAA,EACb;AAAA,EAEA,OAAO,YAAY,CACjB,OACA,SAA0B,CAAC,MACZ;AACf,UAAM,EAAE,QAAQ,MAAM,IAAI;AAC1B,UAAM,SAAS,SAAS,SAAS,IAAI,KAAK;AAC1C,UAAM,MAAM,QAAQ,QAAQ,QAAQ,IAAI;AAExC,WAAO,KAAK,MAAM,MAAM,OAAO,GAAG,CAAC;AAAA,EACrC;AACF;;;ACxBA,SAAS,qBAAqB;;;ACE9B,IAAM,oBAAN,MAAM,2BAA0B,SAAS;AAAA,EACvC,YAAY,OAAsB;AAChC,UAAM,mBAAkB,MAAM,KAAK;AAAA,EACrC;AACF;;;ACJA,IAAM,gBAAN,MAAM,uBAAsB,SAAS;AAAA,EACnC,YAAY,OAAsB;AAChC,UAAM,eAAc,MAAM,KAAK;AAAA,EACjC;AACF;;;ACJA,IAAM,eAAN,MAAM,sBAAqB,SAAS;AAAA,EAClC,YAAY,OAAsB;AAChC,UAAM,cAAa,MAAM,KAAK;AAAA,EAChC;AACF;;;ACJA,IAAM,uBAAN,MAAM,8BAA6B,SAAS;AAAA,EAC1C,YAAY,OAAsB;AAChC,UAAM,sBAAqB,MAAM,KAAK;AAAA,EACxC;AACF;;;ACwGA,IAAM,mBAAmB;AAAA,EACvB,cAAc;AAAA,EACd,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,cAAc;AAAA,EACd,YAAY;AAAA,EACZ,kBAAkB;AAAA,EAClB,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,UAAU;AACZ;;;ALzGA,SAAS,iBAA6B;AACtC,SAAS,0BAA0B,UAAU,kBAAkB;AAiB/D,IAAe,eAAf,MAA4B;AAAA,EACP;AAAA,EACA;AAAA,EAGA;AAAA,EAEX;AAAA,EACA;AAAA,EAER,YAAY;AAAA,IACV;AAAA,IACA,eAAe,EAAE,QAAQ,iBAAiB,GAAG,sBAAsB;AAAA,EACrE,GAAkC;AAChC,SAAK,iBAAiB,IAAI;AAAA,MACxB,EAAE,SAAS,0BAA0B;AAAA,MACrC;AAAA,IACF;AAEA,SAAK,iBAAiB;AAAA,MACpB,GAAG;AAAA,MACH,QAAQ,UAAU;AAAA,MAClB,iBAAiB,mBAAmB;AAAA,IACtC;AAEA,SAAK,gBAAgB,IAAI,aAAa;AAAA,EACxC;AAAA,EAEA,IAAI,gBAAqD;AACvD,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAa,UAAU;AACrB,QAAI,KAAK,cAAc,KAAM,QAAO,KAAK,cAAc;AAEvD,QAAI;AACF,YAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ;AACxC,WAAK,cAAc,OAAO;AAC1B,aAAO;AAAA,IACT,SAAS,OAAO;AAEd,UAAI,iBAAiB,mBAAmB;AACtC,YAAI;AACF,gBAAM,KAAK,cAAc;AACzB,gBAAM,OAAO,MAAM,KAAK,QAAQ,QAAQ;AACxC,eAAK,cAAc,OAAO;AAC1B,iBAAO;AAAA,QACT,SAASC,QAAO;AACd,gBAAMA;AAAA,QACR;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAa,aAAa;AACxB,UAAM,QAAQ,KAAK,cAAc;AAGjC,QAAI,SAAS,CAAC,KAAK,gBAAgB,KAAK,EAAG,QAAO;AAGlD,QAAI;AACF,YAAM,KAAK,cAAc;AACzB,aAAO,CAAC,CAAC,KAAK,cAAc;AAAA,IAC9B,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,WAA4B;AAEvC,QAAI,CAAC,KAAK,cAAc,OAAO;AAE7B,UAAI;AACF,cAAM,KAAK,cAAc;AAAA,MAC3B,QAAQ;AACN,cAAM,IAAI,kBAAkB;AAAA,UAC1B,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF,WAAW,KAAK,gBAAgB,KAAK,cAAc,KAAK,GAAG;AAEzD,UAAI;AACF,cAAM,KAAK,cAAc;AAAA,MAC3B,QAAQ;AACN,cAAM,IAAI,kBAAkB;AAAA,UAC1B,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAAA,IACF;AAEA,UAAM,QAAQ,KAAK,cAAc;AACjC,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,kBAAkB;AAAA,QAC1B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT;AAAA,EAEQ,gBAAgB,OAAwB;AAC9C,QAAI;AACF,YAAM,UAAU,UAAsB,KAAK;AAC3C,UAAI,QAAQ,KAAK;AACf,eAAO,QAAQ,MAAM,OAAQ,KAAK,IAAI;AAAA,MACxC;AACA,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,SAAS;AACpB,QAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AACvD,SAAK,gBAAgB;AACrB,UAAM,KAAK,QAAQ,YAAY;AAC/B,SAAK,cAAc,SAAS;AAAA,EAC9B;AAAA,EAEA,MAAa,eAAoC,KAA4B;AAC3E,QAAI,CAAC,KAAK,cAAc,SAAS,CAAC,KAAK,cAAc,MAAM;AACzD,YAAM,IAAI,kBAAkB;AAAA,QAC1B,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AAEA,UAAM,iBAAiB,MAAM,KAAK,eAAe,oBAAoB;AAAA,MACnE,gBAAgB,KAAK,cAAc,KAAK;AAAA,MACxC,MAAM;AAAA,MACN,aAAa,KAAK,IAAI,EAAE,SAAS;AAAA,MACjC,YAAY;AAAA,QACV,UAAU;AAAA,QACV,cAAc;AAAA,QACd,SAAS;AAAA,QACT,UAAU,KAAK,cAAc,KAAK;AAAA,MACpC;AAAA,IACF,CAAC;AAED,UAAM,EAAE,UAAU,IAAI,MAAM,KAAK,QAAQ,YAAY;AAAA,MACnD;AAAA,IACF,CAAC;AAED,WAAa;AAAA,EACf;AAAA,EAEA,IAAc,QAAQ,SAAmC;AACvD,SAAK,eAAe,UAAU;AAAA,EAChC;AAAA,EAEA,IAAc,UAAoC;AAChD,WAAO,KAAK,eAAe;AAAA,EAC7B;AAAA,EAEA,MAAgB,WAAW,OAAuC;AAChE,QAAI;AACF,YAAM,EAAE,SAAS,IAAI,MAAM,KAAK,QAAQ,cAAc,EAAE,MAAM,CAAC;AAC/D,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,EAAE,iBAAiB,UAAW,OAAM;AAExC,YAAM,WAAqB;AAE3B,cAAQ,SAAS,YAAY,MAAM;AAAA,QACjC,KAAK,cAAc,MAAM;AACvB,iBAAO;AAAA,QACT;AAAA,QACA,SAAS;AACP,gBAAM;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAgB,OAAO,UAAmB;AACxC,UAAM,QAAQ,YAAY,KAAK,cAAc,MAAM;AAEnD,QAAI,CAAC,MAAO,OAAM,IAAI,gBAAgB,EAAE,SAAS,oBAAoB,CAAC;AAEtE,UAAM,iBAAiB,MAAM,KAAK,eAAe,eAAe;AAAA,MAC9D,gBAAgB;AAAA,IAClB,CAAC;AAED,UAAM,EAAE,MAAM,OAAO,UAAU,IAAI,MAAM,KAAK,QAAQ,cAAc;AAAA,MAClE;AAAA,IACF,CAAC;AAED,UAAM,gBAAgB,MAAM;AAC1B,UAAI;AACF,eAAO,KAAK,MAAM,gBAAgB,MAAM,gBAAgB,EACrD;AAAA,MACL,SAAS,GAAG;AACV,eAAO;AAAA,MACT;AAAA,IACF,GAAG;AAEH,SAAK,cAAc,OAAO;AAAA,MACxB,GAAG;AAAA,MACH;AAAA,IACF;AACA,SAAK,cAAc,QAAQ;AAC3B,SAAK,cAAc,YAAY;AAC/B,SAAK,iBAAiB,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAgB,QACd,OACA,MAC+C;AAC/C,UAAM,MAAM,IAAI,IAAI,GAAG,KAAK,IAAI,KAAK,eAAe,MAAM;AAC1D,UAAM,QAAQ,KAAK,cAAc;AACjC,UAAM,YAAY,KAAK,cAAc;AAErC,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,MAChB,eAAe,KAAK,eAAe;AAAA,IACrC;AAEA,QAAI,OAAO;AACT,cAAQ,eAAe,IAAI,UAAU,KAAK;AAAA,IAC5C;AAEA,QAAI,WAAW;AACb,cAAQ,cAAc,IAAI;AAAA,IAC5B;AAEA,UAAM,WAAW,MAAM,MAAM,KAAK;AAAA,MAChC,QAAQ,iBAAiB,KAAK;AAAA,MAC9B,MAAM,KAAK,UAAU,IAAI;AAAA,MACzB;AAAA,MACA,aAAa;AAAA,IACf,CAAC;AAED,UAAM,EAAE,MAAM,MAAM,IAAK,MAAM,SAAS,KAAK;AAI7C,QAAI,OAAO;AACT,cAAQ,MAAM,MAAM;AAAA,QAClB,KAAK,qBAAqB;AACxB,gBAAM,IAAI,kBAAkB,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACxD;AAAA,QACA,KAAK,iBAAiB;AACpB,gBAAM,IAAI,cAAc,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACpD;AAAA,QACA,KAAK,mBAAmB;AACtB,gBAAM,IAAI,gBAAgB,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACtD;AAAA,QACA,SAAS;AACP,gBAAM,IAAI,aAAa,EAAE,SAAS,MAAM,QAAQ,CAAC;AAAA,QACnD;AAAA,MACF;AAAA,IACF;AAEA,WAAO,EAAE,GAAG,KAAK;AAAA,EACnB;AAAA,EAEU,iBAAiB,OAAe;AACxC,QAAI;AACF,YAAM,UAAU,UAAsB,KAAK;AAC3C,UAAI,CAAC,QAAQ,IAAK;AAElB,YAAM,aAAa,IAAI,KAAK,QAAQ,MAAM,GAAI;AAC9C,YAAM,cAAc,WAAW,YAAY,CAAC;AAG5C,YAAM,QAAQ,SAAS,aAAa,oBAAI,KAAK,CAAC,IAC1C,IACA,yBAAyB,aAAa,oBAAI,KAAK,CAAC;AAGpD,UAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AAGvD,WAAK,gBAAgB,WAAW,MAAM;AACpC,aAAK,gBAAgB;AACrB,aAAK,cAAc;AAAA,MACrB,GAAG,KAAK;AAAA,IACV,QAAQ;AAAA,IAER;AAAA,EACF;AAAA,EAEA,MAAc,gBAA+B;AAC3C,QAAI,KAAK,gBAAiB,QAAO,KAAK;AAGtC,SAAK,mBAAmB,YAAY;AAClC,YAAM,aAAa;AACnB,YAAM,iBAAiB;AAEvB,UAAI;AAEF,YAAI,CAAC,KAAK,cAAc,WAAW;AACjC,gBAAM,EAAE,UAAU,IAAI,MAAM,KAAK,QAAQ,gBAAgB;AACzD,eAAK,cAAc,YAAY;AAAA,QACjC;AAGA,cAAM,iBAAiB,KAAK,QAAQ,aAAa;AACjD,cAAM,OAAO,MAAM,QAAQ,KAAK;AAAA,UAC9B;AAAA,UACA,IAAI;AAAA,YAAe,CAAC,GAAG,WACrB,WAAW,MAAM,OAAO,IAAI,MAAM,iBAAiB,CAAC,GAAG,UAAU;AAAA,UACnE;AAAA,QACF,CAAC;AAED,YAAI,CAAC,QAAQ,CAAC,KAAK,SAAS,CAAC,KAAK,WAAW;AAE3C,gBAAM,IAAI,kBAAkB;AAAA,YAC1B,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,aAAK,cAAc,QAAQ,KAAK;AAChC,aAAK,cAAc,YAAY,KAAK;AACpC,aAAK,iBAAiB,KAAK,KAAK;AAAA,MAClC,SAAS,OAAO;AAEd,YAAI,iBAAiB,mBAAmB;AACtC,cAAI;AACF,iBAAK,cAAc,SAAS;AAAA,UAC9B,QAAQ;AAAA,UAER;AACA,gBAAM;AAAA,QACR;AAGA,YAAI,KAAK,cAAe,cAAa,KAAK,aAAa;AACvD,cAAM,cAAc;AACpB,YAAI,aAAa;AAGjB,aAAK,gBAAgB,WAAW,MAAM;AACpC,eAAK,gBAAgB;AACrB,eAAK,KAAK,cAAc,EAAE,MAAM,MAAM;AAGpC;AACA,gBAAI,cAAc,aAAa;AAC7B,oBAAM,YAAY,KAAK;AAAA,gBACrB,iBAAiB,MAAM,aAAa;AAAA,gBACpC;AAAA,cACF;AACA,mBAAK,gBAAgB,WAAW,MAAM;AAIpC,qBAAK,gBAAgB;AACrB,qBAAK,KAAK,cAAc,EAAE,MAAM,MAAM;AAAA,gBAAC,CAAC;AAAA,cAC1C,GAAG,SAAS;AAAA,YACd;AAAA,UACF,CAAC;AAAA,QACH,GAAG,cAAc;AAEjB,cAAM;AAAA,MACR,UAAE;AACA,aAAK,kBAAkB;AAAA,MACzB;AAAA,IACF,GAAG;AAEH,WAAO,KAAK;AAAA,EACd;AACF;;;AH/UA,IAAM,kBAAN,cAA8B,aAAa;AAAA,EACjC;AAAA,EACA;AAAA,EACR;AAAA,EAKS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOT,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAqC;AACnC,UAAM,eAAe;AAAA,MACnB,iBAAiB,QAAQ,mBAAmB;AAAA,MAC5C,mBAAmB,QAAQ,qBAAqB;AAAA,IAClD;AAEA,UAAM,kBAAkB,SAAS,cAAc,KAAK;AACpD,oBAAgB,KAAK,aAAa;AAClC,oBAAgB,MAAM,UAAU;AAChC,aAAS,KAAK,YAAY,eAAe;AAEzC,UAAM,gBAAgB,IAAI,cAAc;AAAA,MACtC,WAAW;AAAA,MACX,iBAAiB,aAAa;AAAA,MAC9B,iBAAiB,SAAS,eAAe,aAAa,iBAAiB;AAAA,IACzE,CAAC;AAED,UAAM;AAAA,MACJ,SAAS;AAAA;AAAA,MACT;AAAA,IACF,CAAC;AAED,SAAK,gBAAgB;AACrB,SAAK,eAAe;AACpB,SAAK,kBAAkB,IAAI,gBAAgB,EAAE,MAAM,SAAS,KAAK,CAAC;AAElE,SAAK,qBAAqB;AAAA,EAC5B;AAAA,EAEA,MAAsB,SAAS;AAC7B,UAAM,OAAO;AAEb,SAAK,cAAc,MAAM;AAKzB,UAAM,UAAU,IAAI,cAAc;AAAA,MAChC,WAAW;AAAA,MACX,iBAAiB,KAAK,aAAa;AAAA,MACnC,iBAAiB,SAAS;AAAA,QACxB,KAAK,aAAa;AAAA,MACpB;AAAA,IACF,CAAC;AACD,SAAK,gBAAgB;AACrB,UAAM,KAAK,mBAAmB;AAAA,EAChC;AAAA,EAEA,MAAsB,eACpB,KACe;AACf,UAAM,KAAK,eAAe;AAC1B,WAAO,MAAM,eAAe,GAAG;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,gBAAgB,UAAkB;AAC7C,UAAM,EAAE,IAAI,IAAI,MAAM,KAAK,QAAQ,kBAAkB;AAAA,MACnD;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,eAAe,EAAE,MAAM,GAAyB;AAC3D,UAAM,uBAAuB,MAAM,KAAK,WAAW,KAAK;AAExD,QAAI,CAAC,sBAAsB;AACzB,YAAM,KAAK,eAAe,EAAE,QAAQ,YAAY,MAAM,CAAC;AAAA,IACzD,OAAO;AACL,WAAK,UAAU,KAAK;AACpB,YAAM,KAAK,OAAO,oBAAoB;AAEtC,WAAK,cAAc;AAGnB,UAAI,CAAC,KAAK,cAAc,QAAQ,CAAC,KAAK,cAAc,KAAK,cAAc;AACrE;AAAA,MACF;AAEA,WAAK,gBAAgB,mBAAmB;AAAA,QACtC;AAAA,UACE,IAAI,UAAU,SAAS,KAAK,cAAc,KAAK,YAAY;AAAA,UAC3D,MAAM;AAAA,UACN,YAAY,CAAC,YAAY,KAAK;AAAA,QAChC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,UAAU,QAAmC;AACxD,UAAM,uBAAuB,MAAM,KAAK,WAAW,OAAO,KAAK;AAE/D,QAAI,CAAC,sBAAsB;AACzB,YAAM,KAAK,eAAe,EAAE,QAAQ,SAAS,GAAG,OAAO,CAAC;AAAA,IAC1D,OAAO;AACL,YAAM,KAAK,iBAAiB,MAAM;AAAA,IACpC;AAAA,EACF;AAAA,EAEA,MAAa,qBAAqB;AAChC,WAAO,MAAM,KAAK,mBAAmB;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAa,uBAAuB;AAAA,IAClC;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAgD;AAC9C,UAAM,KAAK,mBAAmB;AAE9B,UAAM,SAAS,MAAM,KAAK,cAAc,uBAAuB,MAAM;AAErE,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,MAAM,oCAAoC;AAAA,IACtD;AAEA,UAAM,KAAK,OAAO,QAAQ;AAE1B,SAAK,cAAc,OAAO;AAC1B,SAAK,cAAc,SAAS;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,iBAAiB;AAE7B,QACE,KAAK,cAAc,SAAS,WAC3B,KAAK,cAAc,WAAW,UAC7B,KAAK,cAAc,UAAU;AAE/B;AACF,QAAI,KAAK,cAAc,oCAA+B;AACpD,WAAK,UAAU,KAAK;AAAA,IACtB,OAAO;AACL,WAAK,UAAU,KAAK;AAGpB,YAAM,KAAK,uBAAuB;AAAA,QAChC,QAAQ,KAAK,cAAc;AAAA,QAC3B,UAAU,KAAK,cAAc,MAAM;AAAA,QACnC,aAAa,KAAK,cAAc;AAAA,MAClC,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,iBAAiB;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAA8B;AAC5B,WAAO,KAAK,QAAQ,kBAAkB;AAAA,MACpC;AAAA,MACA,iBAAiB,MAAM,KAAK,mBAAmB;AAAA,MAC/C;AAAA,MACA,aAAa,YAAY,SAAS;AAAA,IACpC,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,uBACZ,QACA;AACA,UAAM,EAAE,WAAW,YAAY,IAAI,MAAM,KAAK;AAAA,MAC5C,OAAO;AAAA,IACT;AAEA,UAAM,EAAE,MAAM,OAAO,UAAU,IAAI,MAAM,KAAK,QAAQ,cAAc;AAAA,MAClE,SAAS;AAAA,QACP,WAAW,UAAU,WAAW,SAAS;AAAA,QACzC;AAAA,MACF;AAAA,MACA,OAAO,OAAO;AAAA,IAChB,CAAC;AAED,SAAK,cAAc,OAAO;AAAA,MACxB,GAAG;AAAA,MACH,cAAc,YAAY;AAAA,IAC5B;AACA,SAAK,cAAc;AAEnB,SAAK,cAAc,QAAQ;AAC3B,SAAK,cAAc,YAAY;AAC/B,SAAK,iBAAiB,KAAM;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,oBACZ,QACA;AACA,UAAM,EAAE,OAAO,mBAAmB,YAAY,IAC5C;AAEF,UAAM,WAAW,MAAM,KAAK,QAAQ,cAAc;AAAA,MAChD;AAAA,MACA,QAAQ;AAAA,QACN,iBAAiB,MAAM,KAAK,mBAAmB;AAAA,QAC/C;AAAA,QACA,aAAa,YAAY,SAAS;AAAA,MACpC;AAAA,IACF,CAAC;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,eAAe,QAA6B;AACxD,YAAQ,OAAO,QAAQ;AAAA,MACrB,KAAK,YAAY;AACf,cAAM,KAAK,uBAAuB,MAAM;AACxC;AAAA,MACF;AAAA,MACA,KAAK,SAAS;AACZ,cAAM,KAAK,oBAAoB,MAAM;AACrC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,6BAA6B,OAAe;AACxD,UAAM,YAAY,SAAS,qBAAqB;AAChD,UAAM,sBAAsB,SAAS,qBAAqB;AAE1D,UAAM,cAAc,MAAM,uBAAuB;AAAA,MAC/C,WAAW;AAAA,QACT,wBAAwB;AAAA,UACtB,aAAa;AAAA,UACb,oBAAoB;AAAA,UACpB,kBAAkB;AAAA,QACpB;AAAA,QACA;AAAA,QACA,IAAI;AAAA,UACF,IAAI,OAAO,SAAS;AAAA,UACpB,MAAM,OAAO,SAAS;AAAA,QACxB;AAAA,QACA,kBAAkB;AAAA,UAChB;AAAA,YACE,MAAM;AAAA,YACN,KAAK;AAAA,UACP;AAAA,UACA;AAAA,YACE,MAAM;AAAA,YACN,KAAK;AAAA,UACP;AAAA,QACF;AAAA,QACA,MAAM;AAAA,UACJ,IAAI;AAAA,UACJ,MAAM;AAAA,UACN,aAAa;AAAA,QACf;AAAA,MACF;AAAA,IACF,CAAC;AAED,WAAO,EAAE,WAAW,aAAa,oBAAoB;AAAA,EACvD;AAAA,EAEA,MAAc,qBAAqB;AACjC,QAAI,CAAC,KAAK,cAAc,UAAU,GAAG;AACnC,YAAM,KAAK,cAAc,KAAK;AAAA,IAChC;AAEA,SAAK,UAAU,KAAK;AAEpB,WAAO,KAAK,cAAc,UAAU;AAAA,EACtC;AACF;;;ASlYA;AAAA,EAeE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,iBAAiB;AAG1B,SAAS,2BAA2B;AACpC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAYP,IAAM,aAAN,MAAiB;AAAA,EACf,YAA6B,eAA6B;AAA7B;AAAA,EAA8B;AAAA,EAE3D,MAAM,iBAAwC;AAC5C,UAAM,OAAO,MAAM,KAAK,cAAc,QAAQ;AAE9C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,qBAAqB,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACxE;AAEA,WAAO,UAAU;AAAA,MACf,SAAS,KAAK;AAAA,MACd,aAAa,CAAC,EAAE,QAAQ,MACtB,KAAK,YAAY,OAAO;AAAA,MAC1B,eAAe,CAIb,wBACG,KAAK,cAAsC,mBAAmB;AAAA,MACnE,iBAAiB,KAAK;AAAA,IACxB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,eAAe;AAAA,IACnB;AAAA,IACA;AAAA,EACF,GAEE;AACA,UAAM,OAAO,MAAM,KAAK,cAAc,QAAQ;AAE9C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,qBAAqB,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACxE;AAEA,WAAO,oBAAoB;AAAA,MACzB;AAAA,MACA;AAAA,MACA,SAAS;AAAA,MACT,YAAY;AAAA,QACV,SAAS;AAAA,QACT,SAAS;AAAA,MACX;AAAA,MACA,SAAS,KAAK;AAAA,MACd,OAAO,YAAY,KAAK,IAAI;AAAA,IAC9B,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBAAqB;AACzB,UAAM,MAAM,IAAI;AAAA,MACd,iBAAiB,KAAK,cAAc,cAAc,MAAM;AAAA,MACxD,KAAK,cAAc,cAAc;AAAA,IACnC;AACA,WAAO,sBAAsB;AAAA,MAC3B,WAAW,KAAK,IAAI,SAAS,CAAC;AAAA,IAChC,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,YAAY,KAAoC;AACpD,UAAM,cAAc,YAAY,GAAG;AACnC,UAAM,SAAS,MAAM,KAAK,cAAc,eAAoB,WAAW;AACvE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAGJ,QAAqE;AACrE,UAAM,cAAc,cAAc,MAAM;AACxC,WAAO,KAAK,cAAc,eAAe,WAAW;AAAA,EACtD;AAAA,EAEA,MAAM,gBAIJ,aACA,SAYA;AACA,UAAM,cAAc,SAAS,cAAc;AAC3C,UAAM,eAAe,MAAM,YAAY,WAAW;AAClD,UAAM,eAAe,MAAM,KAAK,cAAc;AAAA,MAC5C,UAAU,YAAY;AAAA,IACxB;AAEA,UAAM,YAAY;AAAA,MAChB,GAAG,SAAS,UAAU,cAAc,EAAE,OAAO,GAAG,CAAC;AAAA,MACjD,GAAG,SAAS,UAAU,cAAc,EAAE,OAAO,IAAI,QAAQ,GAAG,CAAC;AAAA,MAC7D,GAAG,OAAO,SAAS,UAAU,cAAc,EAAE,OAAO,GAAG,QAAQ,GAAG,CAAC,CAAC;AAAA,IACtE;AAEA,WAAO,YAAY,aAAa,SAAS;AAAA,EAC3C;AACF;;;AClIA,IAAM,iBAAN,MAAqB;AAAA,EACF;AAAA,EACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EA2BjB,YAAY;AAAA,IACV;AAAA,IACA,MAAM,EAAE,UAAU,QAAQ,MAAM;AAAA,EAClC,GAAoC;AAClC,SAAK,mBAAmB,IAAI,gBAAgB;AAAA,MAC1C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAED,SAAK,WAAW;AAAA,MACd,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,MAC1C,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,MAC1C,MAAM,IAAI,WAAW,KAAK,gBAAgB;AAAA,IAC5C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,OAAO;AACT,WAAO,KAAK,SAAS;AAAA,EACvB;AACF;","names":["jose","jose","sha256","error"]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@fourt/sdk",
-  "version": "1.2.2",
+  "version": "1.2.3",
   "description": "TypeScript SDK for interacting with fourt.io",
   "main": "dist/index.js",
   "type": "module",
@@ -44,7 +44,7 @@
     "jwt-decode": "^4.0.0",
     "permissionless": "^0.2.57",
     "sha.js": "^2.4.12",
-    "viem": "2.38.3",
+    "viem": "2.38.5",
     "zustand": "^5.0.8"
   },
   "devDependencies": {