@gw2me/client 0.9.3 → 0.9.4

package/dist/base64-p0iUDSbg.js

@@ -0,0 +1 @@
+function e(e){let t=e instanceof ArrayBuffer?new Uint8Array(e):e;return Uint8Array.prototype.toBase64===void 0?btoa(String.fromCharCode(...t)).replace(/\+/g,`-`).replace(/\//g,`_`).replace(/=+$/,``):t.toBase64({alphabet:`base64url`,omitPadding:!0})}export{e as t};

package/dist/dpop.d.ts

@@ -0,0 +1,25 @@
+import { r as DPoPParams } from "./types-Bqy6G8sj.js";
+
+//#region src/dpop.d.ts
+/**
+* Generates a new key pair for use with DPoP.
+* @see https://gw2.me/dev/docs/access-tokens#dpop
+*/
+declare function generateDPoPKeyPair(): Promise<CryptoKeyPair>;
+/**
+* Creates a DPoP proof JWT with the given parameters and key pair.
+* @see https://gw2.me/dev/docs/access-tokens#dpop
+*/
+declare function createDPoPJwt({
+  htm,
+  htu,
+  nonce,
+  accessToken
+}: DPoPParams, keyPair: CryptoKeyPair): Promise<string>;
+/**
+* Calculates the JWK thumbprint for a given public key.
+* @see https://gw2.me/dev/docs/access-tokens#dpop
+*/
+declare function jwkThumbprint(key: CryptoKey): Promise<string>;
+//#endregion
+export { createDPoPJwt, generateDPoPKeyPair, jwkThumbprint };

package/dist/dpop.js

@@ -0,0 +1 @@
+import{t as e}from"./base64-p0iUDSbg.js";function t(){return crypto.subtle.generateKey({name:`ECDSA`,namedCurve:`P-256`},!1,[`sign`])}async function n({htm:t,htu:n,nonce:r,accessToken:o},s){let c=JSON.stringify({alg:`ES256`,typ:`dpop+jwt`,jwk:await a(s.publicKey)}),l=JSON.stringify({iat:Math.floor(Date.now()/1e3),jti:e(crypto.getRandomValues(new Uint8Array(32))),htm:t,htu:n,nonce:r,ath:o?e(await crypto.subtle.digest(`SHA-256`,i(o))):void 0}),u=`${e(i(c))}.${e(i(l))}`;return`${u}.${e(await crypto.subtle.sign({name:`ECDSA`,hash:`SHA-256`},s.privateKey,i(u)))}`}const r=new TextEncoder;function i(e){return r.encode(e)}async function a(e){let{kty:t,e:n,k:r,n:i,x:a,y:o,crv:s}=await crypto.subtle.exportKey(`jwk`,e);return{e:n,k:r,crv:s,kty:t,n:i,x:a,y:o}}async function o(t){let n=JSON.stringify(await a(t));return e(await crypto.subtle.digest(`SHA-256`,i(n)))}export{n as createDPoPJwt,t as generateDPoPKeyPair,o as jwkThumbprint};

package/dist/{index.d.mts → index.d.ts}

@@ -1,4 +1,4 @@
-import { a as Scope, i as Options, n as DPoPCallback, r as DPoPParams, t as ClientInfo } from "./types-cXKOlCJ4.mjs";
+import { a as Scope, i as Options, n as DPoPCallback, r as DPoPParams, t as ClientInfo } from "./types-Bqy6G8sj.js";
 
 //#region src/api.d.ts
 interface UserResponse {
@@ -35,9 +35,25 @@ declare class Gw2MeApi {
   private access_token;
   private options?;
   constructor(access_token: string, options?: Partial<ApiOptions> | undefined);
+  /**
+  * Fetches information about the current user. Requires the `identify` scope.
+  * @see https://gw2.me/dev/docs/users
+  */
   user(): Promise<UserResponse>;
+  /**
+  * Stores user-specific settings.
+  * @see https://gw2.me/dev/docs/users#settings
+  */
   saveSettings(settings: unknown): Promise<void>;
+  /**
+  * Fetches the Guild Wars 2 accounts linked to the current user. Requires the `accounts` scope.
+  * @see https://gw2.me/dev/docs/gw2-api#accounts
+  */
   accounts(): Promise<AccountsResponse>;
+  /**
+  * Generates a subtoken that can be used to authenticate to the Guild Wars 2 API.
+  * @see https://gw2.me/dev/docs/gw2-api#subtoken
+  */
   subtoken(accountId: string, options?: SubtokenOptions): Promise<SubtokenResponse>;
 }
 //#endregion
@@ -45,17 +61,24 @@ declare class Gw2MeApi {
 interface FedCMRequestOptions {
   scopes: Scope[];
   mediation?: CredentialMediationRequirement;
-  mode?: 'passive' | 'active';
+  mode?: "passive" | "active";
   signal?: AbortSignal;
   code_challenge: string;
-  code_challenge_method: 'S256';
+  code_challenge_method: "S256";
   /** @default true */
   include_granted_scopes?: boolean;
 }
 declare class Gw2MeFedCM {
   #private;
   constructor(configUrl: URL, clientId: string);
+  /**
+  * Check if FedCM is supported in the current environment.
+  */
   isSupported(): boolean;
+  /**
+  * Start a FedCM sign-in flow with the given options. Resolves with the credential containing the access token on success, or null if the user cancels the flow.
+  * @see https://gw2.me/dev/docs/fed-cm
+  */
   request({
     scopes,
     mediation,
@@ -76,9 +99,9 @@ interface AuthorizationUrlParams {
   scopes: Scope[];
   state?: string;
   code_challenge?: string;
-  code_challenge_method?: 'S256';
+  code_challenge_method?: "S256";
   dpop_jkt?: string;
-  prompt?: 'none' | 'consent';
+  prompt?: "none" | "consent";
   include_granted_scopes?: boolean;
   verified_accounts_only?: boolean;
 }
@@ -88,7 +111,7 @@ interface PushedAuthorizationRequestParams extends AuthorizationUrlParams {
 interface AuthorizationUrlRequestUriParams {
   request_uri: string;
 }
-type TokenType = 'Bearer' | 'DPoP';
+type TokenType = "Bearer" | "DPoP";
 interface AuthTokenParams {
   code: string;
   token_type?: TokenType;
@@ -103,7 +126,7 @@ interface RefreshTokenParams {
 }
 interface TokenResponse {
   access_token: string;
-  issued_token_type: 'urn:ietf:params:oauth:token-type:access_token';
+  issued_token_type: "urn:ietf:params:oauth:token-type:access_token";
   token_type: TokenType;
   expires_in: number;
   refresh_token?: string;
@@ -127,10 +150,10 @@ declare namespace IntrospectTokenResponse {
       exp?: number;
     }
     interface Bearer extends Common {
-      token_type: 'Bearer';
+      token_type: "Bearer";
     }
     interface DPoP extends Common {
-      token_type: 'DPoP';
+      token_type: "DPoP";
       cnf: {
         jkt: string;
       };
@@ -147,8 +170,21 @@ declare class Gw2MeClient {
   #private;
   private options?;
   constructor(client: ClientInfo, options?: Partial<Options> | undefined);
+  /**
+  * Generate an authorization URL with the given parameters you can navigate the user to in order to start the authorization code flow.
+  * @see https://gw2.me/dev/docs/access-tokens#user-authorization
+  */
   getAuthorizationUrl(params: AuthorizationUrlParams | AuthorizationUrlRequestUriParams): string;
+  /**
+  * Create a pushed authorization request (PAR) with the given parameters.
+  * The returned `request_uri` can the be passed to {@link getAuthorizationUrl} to start the authorization code flow.
+  * @see https://gw2.me/dev/docs/access-tokens#par
+  */
   pushAuthorizationRequest(params: PushedAuthorizationRequestParams): Promise<PushedAuthorizationRequestResponse>;
+  /**
+  * Exchanges an authorization code for an access token.
+  * @see https://gw2.me/dev/docs/access-tokens#access-token
+  */
   getAccessToken({
     code,
     token_type,
@@ -156,28 +192,45 @@ declare class Gw2MeClient {
     code_verifier,
     dpop
   }: AuthTokenParams): Promise<TokenResponse>;
+  /**
+  * Use a refresh token to get a new access token.
+  * @see https://gw2.me/dev/docs/refresh-tokens
+  */
   refreshToken({
     refresh_token,
     refresh_token_type,
     dpop
   }: RefreshTokenParams): Promise<TokenResponse>;
+  /**
+  * Revokes an access or refresh token, making it invalid for further use.
+  */
   revokeToken({
     token
   }: RevokeTokenParams): Promise<void>;
+  /**
+  * Fetch metadata about an access or refresh token.
+  */
   introspectToken({
     token
   }: IntrospectTokenParams): Promise<IntrospectTokenResponse>;
   /**
-   * Parses the search params received from gw2.me on the redirect url (code and state).
-   * If gw2.me returned an error response, this will throw an error.
-   *
-   * @returns The code and optional state.
-   */
+  * Parses the search params received from gw2.me on the redirect url (code and state).
+  * If gw2.me returned an error response, this will throw an error.
+  *
+  * @returns The code and optional state.
+  */
   parseAuthorizationResponseSearchParams(searchParams: URLSearchParams): {
     code: string;
     state: string | undefined;
   };
+  /**
+  * Access the gw2.me API.
+  */
   api(access_token: string, options?: Partial<Omit<ApiOptions, keyof Options>>): Gw2MeApi;
+  /**
+  * Use Federated Credential Management (FedCM) to sign in users.
+  * @see https://gw2.me/dev/docs/fed-cm
+  */
   get fedCM(): Gw2MeFedCM;
 }
 //#endregion
@@ -190,5 +243,4 @@ declare class Gw2MeOAuthError extends Gw2MeError {
   constructor(error: string, error_description?: string | undefined, error_uri?: string | undefined);
 }
 //#endregion
-export { AccountsResponse, ApiOptions, AuthTokenParams, AuthorizationUrlParams, AuthorizationUrlRequestUriParams, ClientInfo, DPoPCallback, DPoPParams, FedCMRequestOptions, Gw2MeApi, Gw2MeClient, Gw2MeError, Gw2MeFedCM, Gw2MeOAuthError, IntrospectTokenParams, IntrospectTokenResponse, Options, PushedAuthorizationRequestParams, PushedAuthorizationRequestResponse, RefreshTokenParams, RevokeTokenParams, Scope, SubtokenOptions, SubtokenResponse, TokenResponse, TokenType, UserResponse };
-//# sourceMappingURL=index.d.mts.map
+export { AccountsResponse, ApiOptions, AuthTokenParams, AuthorizationUrlParams, AuthorizationUrlRequestUriParams, ClientInfo, DPoPCallback, DPoPParams, FedCMRequestOptions, Gw2MeApi, Gw2MeClient, Gw2MeError, Gw2MeFedCM, Gw2MeOAuthError, IntrospectTokenParams, IntrospectTokenResponse, Options, PushedAuthorizationRequestParams, PushedAuthorizationRequestResponse, RefreshTokenParams, RevokeTokenParams, Scope, SubtokenOptions, SubtokenResponse, TokenResponse, TokenType, UserResponse };

package/dist/index.js

@@ -0,0 +1 @@
+let e=function(e){return e.Identify=`identify`,e.Email=`email`,e.Accounts=`accounts`,e.Accounts_Verified=`accounts.verified`,e.Accounts_DisplayName=`accounts.displayName`,e.GW2_Account=`gw2:account`,e.GW2_Inventories=`gw2:inventories`,e.GW2_Characters=`gw2:characters`,e.GW2_Tradingpost=`gw2:tradingpost`,e.GW2_Wallet=`gw2:wallet`,e.GW2_Unlocks=`gw2:unlocks`,e.GW2_Pvp=`gw2:pvp`,e.GW2_Wvw=`gw2:wvw`,e.GW2_Builds=`gw2:builds`,e.GW2_Progression=`gw2:progression`,e.GW2_Guilds=`gw2:guilds`,e}({});var t=class extends Error{},n=class extends t{constructor(e,t,n){super(`Received ${e}`+(t?`: ${t}`:``)+(n?` (${n})`:``)),this.error=e,this.error_description=t,this.error_uri=n}};async function r(e){if(await i(e),!a(e))throw new t(`gw2.me did not return a valid JSON response`);return e.json()}async function i(e){if(!e.ok){let n;throw a(e)&&(n=(await e.json()).error_description),new t(`gw2.me returned an error: ${n??`Unknown error`}`)}}function a(e){return e.headers.get(`Content-Type`)?.split(`;`)[0].trim().toLowerCase()===`application/json`}var o=class{constructor(e,t){this.access_token=e,this.options=t}user(){return this.#t(`api/user`).then(e=>fetch(e)).then(r)}saveSettings(e){return this.#t(`api/user/settings`,{method:`POST`,headers:{"Content-Type":`application/json`},body:JSON.stringify(e)}).then(e=>fetch(e)).then(i)}accounts(){return this.#t(`api/accounts`).then(e=>fetch(e)).then(r)}subtoken(e,t){let n=this.#e(`api/accounts/${e}/subtoken`);return t?.permissions&&n.searchParams.set(`permissions`,t.permissions.join(`,`)),this.#t(n).then(e=>fetch(e)).then(r)}#e(e){return new URL(e,this.options?.url||`https://gw2.me/`)}async#t(e,t){let n=e instanceof URL?e:this.#e(e),r=this.options?.dpop,i=new Headers(t?.headers);return i.set(`Authorization`,`${r?`DPoP`:`Bearer`} ${this.access_token}`),r&&i.set(`DPoP`,await r({htm:t?.method??`GET`,htu:n.toString(),accessToken:this.access_token})),new Request(n,{cache:`no-cache`,...t,headers:i})}},s=class{#e;#t;constructor(e,t){this.#e=e,this.#t=t}isSupported(){return typeof window<`u`&&`IdentityCredential`in window}request({scopes:n,mediation:r,signal:i,mode:a,code_challenge:o,code_challenge_method:s,include_granted_scopes:c}){if(!this.isSupported())throw new t(`FedCM is not supported`);return navigator.credentials.get({mediation:r,signal:i,identity:{providers:[{configURL:this.#e,clientId:this.#t,fields:[n.includes(e.Identify)&&`name`,n.includes(e.Email)&&`email`].filter(Boolean),nonce:`${s}:${o}`,params:{scope:n.join(` `),code_challenge:o,code_challenge_method:s,include_granted_scopes:c}}],mode:a}})}},c=class{#e;#t;constructor(e,t){this.options=t,this.#e=e,this.#t=new s(this.#n(`/fed-cm/config.json`),e.client_id)}#n(e){return new URL(e,this.options?.url||`https://gw2.me/`)}#r(){if(!this.#e.client_secret)throw new t(`client_secret is required`);return`Basic ${btoa(`${this.#e.client_id}:${this.#e.client_secret}`)}`}getAuthorizationUrl(e){let t=`request_uri`in e?new URLSearchParams({client_id:this.#e.client_id,response_type:`code`,request_uri:e.request_uri}):l(this.#e.client_id,e);return this.#n(`/oauth2/authorize?${t.toString()}`).toString()}async pushAuthorizationRequest(e){let t=this.#n(`/oauth2/par`),n={"Content-Type":`application/x-www-form-urlencoded`};e.dpop&&(n.DPoP=await e.dpop({htm:`POST`,htu:t.toString()}));let i=l(this.#e.client_id,e);return this.#e.client_secret&&(n.Authorization=this.#r()),await fetch(t,{method:`POST`,headers:n,body:i,cache:`no-store`}).then(r)}async getAccessToken({code:e,token_type:t,redirect_uri:n,code_verifier:i,dpop:a}){let o=new URLSearchParams({grant_type:`authorization_code`,code:e,client_id:this.#e.client_id,redirect_uri:n}),s={"Content-Type":`application/x-www-form-urlencoded`};this.#e.client_secret&&(s.Authorization=this.#r()),i&&o.set(`code_verifier`,i);let c=this.#n(`/api/token`);return a&&(s.DPoP=await a({htm:`POST`,htu:c.toString(),accessToken:t===`DPoP`?e:void 0})),await fetch(c,{method:`POST`,headers:s,body:o,cache:`no-store`}).then(r)}async refreshToken({refresh_token:e,refresh_token_type:t,dpop:n}){let i=new URLSearchParams({grant_type:`refresh_token`,refresh_token:e,client_id:this.#e.client_id}),a={"Content-Type":`application/x-www-form-urlencoded`};this.#e.client_secret&&(a.Authorization=this.#r());let o=this.#n(`/api/token`);return n&&(a.DPoP=await n({htm:`POST`,htu:o.toString(),accessToken:t===`DPoP`?e:void 0})),await fetch(o,{method:`POST`,headers:a,body:i,cache:`no-store`}).then(r)}async revokeToken({token:e}){let t=new URLSearchParams({token:e}),n={"Content-Type":`application/x-www-form-urlencoded`};this.#e.client_secret&&(n.Authorization=this.#r()),await fetch(this.#n(`/api/token/revoke`),{method:`POST`,cache:`no-store`,headers:n,body:t}).then(r)}async introspectToken({token:e}){let t=new URLSearchParams({token:e}),n={"Content-Type":`application/x-www-form-urlencoded`};return this.#e.client_secret&&(n.Authorization=this.#r()),await fetch(this.#n(`/api/token/introspect`),{method:`POST`,cache:`no-store`,headers:n,body:t}).then(r)}parseAuthorizationResponseSearchParams(e){let r=this.#n(`/`).origin,i=e.get(`iss`);if(!i)throw new t("Issuer Identifier verification failed: parameter `iss` is missing");if(i!==r)throw new t(`Issuer Identifier verification failed: expected "${r}", got "${i}"`);let a=e.get(`error`);if(a)throw new n(a,e.get(`error_description`)??void 0,e.get(`error_uri`)??void 0);let o=e.get(`code`);if(!o)throw new t("Parameter `code` is missing");return{code:o,state:e.get(`state`)||void 0}}api(e,t){return new o(e,{...this.options,...t})}get fedCM(){return this.#t}};function l(e,{redirect_uri:t,scopes:n,state:r,code_challenge:i,code_challenge_method:a,dpop_jkt:o,prompt:s,include_granted_scopes:c,verified_accounts_only:l}){let u=new URLSearchParams({client_id:e,response_type:`code`,redirect_uri:t,scope:n.join(` `)});return r&&u.append(`state`,r),i&&a&&(u.append(`code_challenge`,i),u.append(`code_challenge_method`,a)),o&&u.append(`dpop_jkt`,o),s&&u.append(`prompt`,s),c&&u.append(`include_granted_scopes`,`true`),l&&u.append(`verified_accounts_only`,`true`),u}export{o as Gw2MeApi,c as Gw2MeClient,t as Gw2MeError,n as Gw2MeOAuthError,e as Scope};

package/dist/pkce.d.ts

@@ -0,0 +1,16 @@
+//#region src/pkce.d.ts
+interface PKCEChallenge {
+  code_challenge: string;
+  code_challenge_method: "S256";
+}
+interface PKCEPair {
+  challenge: PKCEChallenge;
+  code_verifier: string;
+}
+/**
+* Generates a PKCE pair containing a random code verifier and a corresponding code challenge.
+* @see https://gw2.me/dev/docs/access-tokens#pkce
+*/
+declare function generatePKCEPair(): Promise<PKCEPair>;
+//#endregion
+export { PKCEChallenge, PKCEPair, generatePKCEPair };

package/dist/pkce.js

@@ -0,0 +1 @@
+import{t as e}from"./base64-p0iUDSbg.js";async function t(){let t=new Uint8Array(32);crypto.getRandomValues(t);let n=e(t),r=new TextEncoder,i=await crypto.subtle.digest(`SHA-256`,r.encode(n));return{code_verifier:n,challenge:{code_challenge_method:`S256`,code_challenge:e(new Uint8Array(i))}}}export{t as generatePKCEPair};

package/dist/{types-cXKOlCJ4.d.mts → types-Bqy6G8sj.d.ts}

@@ -1,4 +1,8 @@
 //#region src/types.d.ts
+/**
+* Scopes supported by gw2.me.
+* @see https://gw2.me/dev/docs/scopes
+*/
 declare enum Scope {
   Identify = "identify",
   Email = "email",
@@ -15,7 +19,7 @@ declare enum Scope {
   GW2_Wvw = "gw2:wvw",
   GW2_Builds = "gw2:builds",
   GW2_Progression = "gw2:progression",
-  GW2_Guilds = "gw2:guilds",
+  GW2_Guilds = "gw2:guilds"
 }
 interface ClientInfo {
   client_id: string;
@@ -25,12 +29,11 @@ interface Options {
   url: string;
 }
 interface DPoPParams {
-  htm: 'POST' | 'GET' | (string & {});
+  htm: "POST" | "GET" | (string & {});
   htu: string;
   nonce?: string;
   accessToken?: string;
 }
 type DPoPCallback = (params: DPoPParams) => string | Promise<string>;
 //#endregion
-export { Scope as a, Options as i, DPoPCallback as n, DPoPParams as r, ClientInfo as t };
-//# sourceMappingURL=types-cXKOlCJ4.d.mts.map
+export { Scope as a, Options as i, DPoPCallback as n, DPoPParams as r, ClientInfo as t };

package/package.json

@@ -1,21 +1,21 @@
 {
   "name": "@gw2me/client",
-  "version": "0.9.3",
+  "version": "0.9.4",
   "description": "gw2.me client library",
   "type": "module",
   "exports": {
     "./package.json": "./package.json",
     ".": {
-      "types": "./dist/index.d.mts",
-      "default": "./dist/index.mjs"
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
     },
     "./dpop": {
-      "types": "./dist/dpop.d.mts",
-      "default": "./dist/dpop.mjs"
+      "types": "./dist/dpop.d.ts",
+      "default": "./dist/dpop.js"
     },
     "./pkce": {
-      "types": "./dist/pkce.d.mts",
-      "default": "./dist/pkce.mjs"
+      "types": "./dist/pkce.d.ts",
+      "default": "./dist/pkce.js"
     }
   },
   "repository": {
@@ -30,9 +30,10 @@
     "oauth2"
   ],
   "files": [
-    "dist/*.mjs",
-    "dist/*.d.mts"
+    "dist/*.js",
+    "dist/*.d.ts"
   ],
+  "sideEffects": false,
   "author": "darthmaim",
   "license": "MIT",
   "bugs": {
@@ -40,14 +41,17 @@
   },
   "homepage": "https://github.com/gw2treasures/gw2.me#readme",
   "devDependencies": {
-    "@gw2treasures/eslint-config": "0.2.0",
+    "@arethetypeswrong/core": "0.18.2",
+    "@gw2treasures/eslint-config": "0.2.1",
     "@gw2treasures/publish-package": "0.1.0",
     "@gw2treasures/tsconfig": "0.0.1",
-    "eslint": "9.39.2",
-    "tsdown": "0.19.0",
+    "@types/node": "24.12.0",
+    "eslint": "9.39.4",
+    "publint": "0.3.18",
+    "tsdown": "0.21.4",
     "typescript": "5.9.3",
-    "typescript-eslint": "8.53.0",
-    "undici-types": "7.18.2"
+    "typescript-eslint": "8.57.1",
+    "undici-types": "7.24.4"
   },
   "publishConfig": {
     "access": "public",

package/dist/base64-B0vm543A.mjs

@@ -1,9 +0,0 @@
-//#region src/base64.ts
-function base64urlEncode(input) {
-	const data = input instanceof ArrayBuffer ? new Uint8Array(input) : input;
-	return btoa(String.fromCharCode(...data)).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}
-
-//#endregion
-export { base64urlEncode as t };
-//# sourceMappingURL=base64-B0vm543A.mjs.map

package/dist/dpop.d.mts

@@ -1,14 +0,0 @@
-import { r as DPoPParams } from "./types-cXKOlCJ4.mjs";
-
-//#region src/dpop.d.ts
-declare function generateDPoPKeyPair(): Promise<CryptoKeyPair>;
-declare function createDPoPJwt({
-  htm,
-  htu,
-  nonce,
-  accessToken
-}: DPoPParams, keyPair: CryptoKeyPair): Promise<string>;
-declare function jwkThumbprint(key: CryptoKey): Promise<string>;
-//#endregion
-export { createDPoPJwt, generateDPoPKeyPair, jwkThumbprint };
-//# sourceMappingURL=dpop.d.mts.map

package/dist/dpop.mjs

@@ -1,53 +0,0 @@
-import { t as base64urlEncode } from "./base64-B0vm543A.mjs";
-
-//#region src/dpop.ts
-function generateDPoPKeyPair() {
-	return crypto.subtle.generateKey({
-		name: "ECDSA",
-		namedCurve: "P-256"
-	}, false, ["sign"]);
-}
-async function createDPoPJwt({ htm, htu, nonce, accessToken }, keyPair) {
-	const header = JSON.stringify({
-		alg: "ES256",
-		typ: "dpop+jwt",
-		jwk: await jwk(keyPair.publicKey)
-	});
-	const body = JSON.stringify({
-		iat: Math.floor(Date.now() / 1e3),
-		jti: base64urlEncode(crypto.getRandomValues(new Uint8Array(32))),
-		htm,
-		htu,
-		nonce,
-		ath: accessToken ? base64urlEncode(await crypto.subtle.digest("SHA-256", stringToBuffer(accessToken))) : void 0
-	});
-	const input = `${base64urlEncode(stringToBuffer(header))}.${base64urlEncode(stringToBuffer(body))}`;
-	return `${input}.${base64urlEncode(await crypto.subtle.sign({
-		name: "ECDSA",
-		hash: "SHA-256"
-	}, keyPair.privateKey, stringToBuffer(input)))}`;
-}
-const encoder = new TextEncoder();
-function stringToBuffer(value) {
-	return encoder.encode(value);
-}
-async function jwk(key) {
-	const { kty, e, k, n, x, y, crv } = await crypto.subtle.exportKey("jwk", key);
-	return {
-		e,
-		k,
-		crv,
-		kty,
-		n,
-		x,
-		y
-	};
-}
-async function jwkThumbprint(key) {
-	const jwkJson = JSON.stringify(await jwk(key));
-	return base64urlEncode(await crypto.subtle.digest("SHA-256", stringToBuffer(jwkJson)));
-}
-
-//#endregion
-export { createDPoPJwt, generateDPoPKeyPair, jwkThumbprint };
-//# sourceMappingURL=dpop.mjs.map

package/dist/index.mjs

@@ -1,289 +0,0 @@
-//#region src/types.ts
-let Scope = /* @__PURE__ */ function(Scope$1) {
-	Scope$1["Identify"] = "identify";
-	Scope$1["Email"] = "email";
-	Scope$1["Accounts"] = "accounts";
-	Scope$1["Accounts_Verified"] = "accounts.verified";
-	Scope$1["Accounts_DisplayName"] = "accounts.displayName";
-	Scope$1["GW2_Account"] = "gw2:account";
-	Scope$1["GW2_Inventories"] = "gw2:inventories";
-	Scope$1["GW2_Characters"] = "gw2:characters";
-	Scope$1["GW2_Tradingpost"] = "gw2:tradingpost";
-	Scope$1["GW2_Wallet"] = "gw2:wallet";
-	Scope$1["GW2_Unlocks"] = "gw2:unlocks";
-	Scope$1["GW2_Pvp"] = "gw2:pvp";
-	Scope$1["GW2_Wvw"] = "gw2:wvw";
-	Scope$1["GW2_Builds"] = "gw2:builds";
-	Scope$1["GW2_Progression"] = "gw2:progression";
-	Scope$1["GW2_Guilds"] = "gw2:guilds";
-	return Scope$1;
-}({});
-
-//#endregion
-//#region src/error.ts
-var Gw2MeError = class extends Error {};
-var Gw2MeOAuthError = class extends Gw2MeError {
-	constructor(error, error_description, error_uri) {
-		super(`Received ${error}` + (error_description ? `: ${error_description}` : "") + (error_uri ? ` (${error_uri})` : ""));
-		this.error = error;
-		this.error_description = error_description;
-		this.error_uri = error_uri;
-	}
-};
-
-//#endregion
-//#region src/util.ts
-async function jsonOrError(response) {
-	await okOrError(response);
-	if (!(response.headers.get("Content-Type") === "application/json")) throw new Gw2MeError("gw2.me did not return a valid JSON response");
-	return response.json();
-}
-async function okOrError(response) {
-	if (!response.ok) {
-		let errorMessage;
-		if (response.headers.get("Content-Type") === "application/json") errorMessage = (await response.json()).error_description;
-		throw new Gw2MeError(`gw2.me returned an error: ${errorMessage ?? "Unknown error"}`);
-	}
-}
-
-//#endregion
-//#region src/api.ts
-var Gw2MeApi = class {
-	constructor(access_token, options) {
-		this.access_token = access_token;
-		this.options = options;
-	}
-	user() {
-		return this.#requestWithDpop("api/user").then((request) => fetch(request)).then(jsonOrError);
-	}
-	saveSettings(settings) {
-		return this.#requestWithDpop("api/user/settings", {
-			method: "POST",
-			headers: { "Content-Type": "application/json" },
-			body: JSON.stringify(settings)
-		}).then((request) => fetch(request)).then(okOrError);
-	}
-	accounts() {
-		return this.#requestWithDpop("api/accounts").then((request) => fetch(request)).then(jsonOrError);
-	}
-	subtoken(accountId, options) {
-		const url = this.#getUrl(`api/accounts/${accountId}/subtoken`);
-		if (options?.permissions) url.searchParams.set("permissions", options.permissions.join(","));
-		return this.#requestWithDpop(url).then((request) => fetch(request)).then(jsonOrError);
-	}
-	#getUrl(url) {
-		return new URL(url, this.options?.url || "https://gw2.me/");
-	}
-	async #requestWithDpop(endpoint, init) {
-		const url = endpoint instanceof URL ? endpoint : this.#getUrl(endpoint);
-		const dpop = this.options?.dpop;
-		const headers = new Headers(init?.headers);
-		headers.set("Authorization", `${dpop ? "DPoP" : "Bearer"} ${this.access_token}`);
-		if (dpop) headers.set("DPoP", await dpop({
-			htm: init?.method ?? "GET",
-			htu: url.toString(),
-			accessToken: this.access_token
-		}));
-		return new Request(url, {
-			cache: "no-cache",
-			...init,
-			headers
-		});
-	}
-};
-
-//#endregion
-//#region src/fed-cm.ts
-var Gw2MeFedCM = class {
-	#configUrl;
-	#clientId;
-	constructor(configUrl, clientId) {
-		this.#configUrl = configUrl;
-		this.#clientId = clientId;
-	}
-	isSupported() {
-		return typeof window !== "undefined" && "IdentityCredential" in window;
-	}
-	request({ scopes, mediation, signal, mode, code_challenge, code_challenge_method, include_granted_scopes }) {
-		if (!this.isSupported()) throw new Gw2MeError("FedCM is not supported");
-		return navigator.credentials.get({
-			mediation,
-			signal,
-			identity: {
-				providers: [{
-					configURL: this.#configUrl,
-					clientId: this.#clientId,
-					fields: [scopes.includes(Scope.Identify) && "name", scopes.includes(Scope.Email) && "email"].filter(Boolean),
-					nonce: `${code_challenge_method}:${code_challenge}`,
-					params: {
-						scope: scopes.join(" "),
-						code_challenge,
-						code_challenge_method,
-						include_granted_scopes
-					}
-				}],
-				mode
-			}
-		});
-	}
-};
-
-//#endregion
-//#region src/client.ts
-var Gw2MeClient = class {
-	#client;
-	#fedCM;
-	constructor(client, options) {
-		this.options = options;
-		this.#client = client;
-		this.#fedCM = new Gw2MeFedCM(this.#getUrl("/fed-cm/config.json"), client.client_id);
-	}
-	#getUrl(url) {
-		return new URL(url, this.options?.url || "https://gw2.me/");
-	}
-	#getAuthorizationHeader() {
-		if (!this.#client.client_secret) throw new Gw2MeError("client_secret is required");
-		return `Basic ${btoa(`${this.#client.client_id}:${this.#client.client_secret}`)}`;
-	}
-	getAuthorizationUrl(params) {
-		const urlParams = "request_uri" in params ? new URLSearchParams({
-			client_id: this.#client.client_id,
-			response_type: "code",
-			request_uri: params.request_uri
-		}) : constructAuthorizationParams(this.#client.client_id, params);
-		return this.#getUrl(`/oauth2/authorize?${urlParams.toString()}`).toString();
-	}
-	async pushAuthorizationRequest(params) {
-		const url = this.#getUrl("/oauth2/par");
-		const headers = { "Content-Type": "application/x-www-form-urlencoded" };
-		if (params.dpop) headers.DPoP = await params.dpop({
-			htm: "POST",
-			htu: url.toString()
-		});
-		const urlParams = constructAuthorizationParams(this.#client.client_id, params);
-		if (this.#client.client_secret) headers.Authorization = this.#getAuthorizationHeader();
-		return await fetch(url, {
-			method: "POST",
-			headers,
-			body: urlParams,
-			cache: "no-store"
-		}).then(jsonOrError);
-	}
-	async getAccessToken({ code, token_type, redirect_uri, code_verifier, dpop }) {
-		const data = new URLSearchParams({
-			grant_type: "authorization_code",
-			code,
-			client_id: this.#client.client_id,
-			redirect_uri
-		});
-		const headers = { "Content-Type": "application/x-www-form-urlencoded" };
-		if (this.#client.client_secret) headers.Authorization = this.#getAuthorizationHeader();
-		if (code_verifier) data.set("code_verifier", code_verifier);
-		const url = this.#getUrl("/api/token");
-		if (dpop) headers.DPoP = await dpop({
-			htm: "POST",
-			htu: url.toString(),
-			accessToken: token_type === "DPoP" ? code : void 0
-		});
-		return await fetch(url, {
-			method: "POST",
-			headers,
-			body: data,
-			cache: "no-store"
-		}).then(jsonOrError);
-	}
-	async refreshToken({ refresh_token, refresh_token_type, dpop }) {
-		const data = new URLSearchParams({
-			grant_type: "refresh_token",
-			refresh_token,
-			client_id: this.#client.client_id
-		});
-		const headers = { "Content-Type": "application/x-www-form-urlencoded" };
-		if (this.#client.client_secret) headers["Authorization"] = this.#getAuthorizationHeader();
-		const url = this.#getUrl("/api/token");
-		if (dpop) headers.DPoP = await dpop({
-			htm: "POST",
-			htu: url.toString(),
-			accessToken: refresh_token_type === "DPoP" ? refresh_token : void 0
-		});
-		return await fetch(url, {
-			method: "POST",
-			headers,
-			body: data,
-			cache: "no-store"
-		}).then(jsonOrError);
-	}
-	async revokeToken({ token }) {
-		const body = new URLSearchParams({ token });
-		const headers = { "Content-Type": "application/x-www-form-urlencoded" };
-		if (this.#client.client_secret) headers.Authorization = this.#getAuthorizationHeader();
-		await fetch(this.#getUrl("/api/token/revoke"), {
-			method: "POST",
-			cache: "no-store",
-			headers,
-			body
-		}).then(jsonOrError);
-	}
-	async introspectToken({ token }) {
-		const body = new URLSearchParams({ token });
-		const headers = { "Content-Type": "application/x-www-form-urlencoded" };
-		if (this.#client.client_secret) headers.Authorization = this.#getAuthorizationHeader();
-		return await fetch(this.#getUrl("/api/token/introspect"), {
-			method: "POST",
-			cache: "no-store",
-			headers,
-			body
-		}).then(jsonOrError);
-	}
-	/**
-	* Parses the search params received from gw2.me on the redirect url (code and state).
-	* If gw2.me returned an error response, this will throw an error.
-	*
-	* @returns The code and optional state.
-	*/
-	parseAuthorizationResponseSearchParams(searchParams) {
-		const expectedIssuer = this.#getUrl("/").origin;
-		const receivedIssuer = searchParams.get("iss");
-		if (!receivedIssuer) throw new Gw2MeError("Issuer Identifier verification failed: parameter `iss` is missing");
-		if (receivedIssuer !== expectedIssuer) throw new Gw2MeError(`Issuer Identifier verification failed: expected "${expectedIssuer}", got "${receivedIssuer}"`);
-		const error = searchParams.get("error");
-		if (error) throw new Gw2MeOAuthError(error, searchParams.get("error_description") ?? void 0, searchParams.get("error_uri") ?? void 0);
-		const code = searchParams.get("code");
-		if (!code) throw new Gw2MeError("Parameter `code` is missing");
-		return {
-			code,
-			state: searchParams.get("state") || void 0
-		};
-	}
-	api(access_token, options) {
-		return new Gw2MeApi(access_token, {
-			...this.options,
-			...options
-		});
-	}
-	get fedCM() {
-		return this.#fedCM;
-	}
-};
-function constructAuthorizationParams(client_id, { redirect_uri, scopes, state, code_challenge, code_challenge_method, dpop_jkt, prompt, include_granted_scopes, verified_accounts_only }) {
-	const params = new URLSearchParams({
-		client_id,
-		response_type: "code",
-		redirect_uri,
-		scope: scopes.join(" ")
-	});
-	if (state) params.append("state", state);
-	if (code_challenge && code_challenge_method) {
-		params.append("code_challenge", code_challenge);
-		params.append("code_challenge_method", code_challenge_method);
-	}
-	if (dpop_jkt) params.append("dpop_jkt", dpop_jkt);
-	if (prompt) params.append("prompt", prompt);
-	if (include_granted_scopes) params.append("include_granted_scopes", "true");
-	if (verified_accounts_only) params.append("verified_accounts_only", "true");
-	return params;
-}
-
-//#endregion
-export { Gw2MeApi, Gw2MeClient, Gw2MeError, Gw2MeOAuthError, Scope };
-//# sourceMappingURL=index.mjs.map

package/dist/pkce.d.mts

@@ -1,13 +0,0 @@
-//#region src/pkce.d.ts
-interface PKCEChallenge {
-  code_challenge: string;
-  code_challenge_method: 'S256';
-}
-interface PKCEPair {
-  challenge: PKCEChallenge;
-  code_verifier: string;
-}
-declare function generatePKCEPair(): Promise<PKCEPair>;
-//#endregion
-export { PKCEChallenge, PKCEPair, generatePKCEPair };
-//# sourceMappingURL=pkce.d.mts.map

package/dist/pkce.mjs

@@ -1,21 +0,0 @@
-import { t as base64urlEncode } from "./base64-B0vm543A.mjs";
-
-//#region src/pkce.ts
-async function generatePKCEPair() {
-	const verifierBuffer = new Uint8Array(32);
-	crypto.getRandomValues(verifierBuffer);
-	const code_verifier = base64urlEncode(verifierBuffer);
-	const encoder = new TextEncoder();
-	const challenge = await crypto.subtle.digest("SHA-256", encoder.encode(code_verifier));
-	return {
-		code_verifier,
-		challenge: {
-			code_challenge_method: "S256",
-			code_challenge: base64urlEncode(new Uint8Array(challenge))
-		}
-	};
-}
-
-//#endregion
-export { generatePKCEPair };
-//# sourceMappingURL=pkce.mjs.map