@incodetech/core 0.0.0-dev-20260512-cffbe28 → 0.0.0-dev-20260512-20def2c

package/dist/{BaseWasmProvider-IiHnsP8E.esm.js → BaseWasmProvider-CVktpSfA.esm.js}

@@ -179,6 +179,7 @@ let WasmPipelineType = /* @__PURE__ */ function(WasmPipelineType$1) {
 	WasmPipelineType$1[WasmPipelineType$1["IdVideoSelfiePipeline"] = 2] = "IdVideoSelfiePipeline";
 	WasmPipelineType$1[WasmPipelineType$1["SelfieWithAggregationMetrics"] = 3] = "SelfieWithAggregationMetrics";
 	WasmPipelineType$1[WasmPipelineType$1["SelfieWithQualityMetrics"] = 4] = "SelfieWithQualityMetrics";
+	WasmPipelineType$1[WasmPipelineType$1["OnDeviceSelfieWorkflow"] = 5] = "OnDeviceSelfieWorkflow";
 	return WasmPipelineType$1;
 }({});
 
@@ -198,6 +199,181 @@ async function wasmCallWrapper(concurrency, wasmMethod, useSemaphore = true, ...
 	await innerCall();
 }
 
+//#endregion
+//#region ../infra/src/wasm/wasmWebClient.ts
+/**
+* JavaScript bridge for the C++ `WebClient` exposed by `webLib.wasm`.
+*
+* The pinned WASM bundle ships a `WebClient` class alongside the ML pipeline
+* APIs. This module instantiates it once (sharing the singleton `wasmModule`
+* with `mlWasmJSApi`) and exposes a small TypeScript-friendly surface that
+* `createWasmApi` can drive.
+*
+* Concurrency model mirrors the legacy implementation:
+* - 4-slot semaphore keyed by per-request `threadId` so multiple HTTP calls
+*   can run in parallel without trampling shared C++ state.
+* - Each WASM-side request method returns `false` while in flight; we
+*   busy-poll via {@link wasmCallWrapper}.
+* - Result extraction (`getRequestResult`) is per-thread.
+*
+* Encryption support: `setupConnection` accepts an `encryptionEnabled` flag
+* that triggers the in-binary RSA/AES handshake (always using SHA-256 OAEP).
+* {@link enableWasmEncryption} is a stateless helper that re-runs the
+* handshake with the caller-supplied connection params. State lives in the
+* C++ binary and (for SDK config) in `@incodetech/core`'s `setup.ts` — this
+* module caches nothing.
+*/
+const HTTP_CONCURRENCY = 4;
+var WasmWebClientError = class extends Error {
+	constructor(message, statusCode, data) {
+		super(message);
+		this.name = "WasmWebClientError";
+		this.status = statusCode;
+		this.statusCode = statusCode;
+		if (statusCode > 0 || data !== void 0) this.response = {
+			status: statusCode,
+			data
+		};
+	}
+};
+let webClientApi = null;
+let initPromise = null;
+let semaphore = new SemaphoreProvider(HTTP_CONCURRENCY);
+const isWebClientWasm = (mod) => {
+	return typeof mod.WebClient === "function";
+};
+const toStringRecord = (obj) => {
+	if (!obj) return void 0;
+	const result = {};
+	for (const key of Object.keys(obj)) {
+		const value = obj[key];
+		if (value === void 0 || value === null) continue;
+		result[key] = String(value);
+	}
+	return result;
+};
+/**
+* Loads the shared WASM module (if not already loaded) and instantiates the
+* C++ `WebClient`. Idempotent — repeated calls reuse the existing instance.
+*/
+async function initializeWasmWebClient(wasmPath, wasmSimdPath, glueCodePath, useSimd) {
+	if (webClientApi) return;
+	if (initPromise) return initPromise;
+	initPromise = (async () => {
+		try {
+			const { wasmModule } = await loadWasmModule({
+				wasmPath,
+				wasmSimdPath,
+				glueCodePath,
+				useSimd
+			});
+			if (!isWebClientWasm(wasmModule)) throw new Error("WASM module does not expose a WebClient class. Update webLib.wasm to a build that includes WebClient.");
+			webClientApi = new wasmModule.WebClient();
+		} catch (error) {
+			initPromise = null;
+			throw error;
+		}
+	})();
+	return initPromise;
+}
+/**
+* Configures the C++ WebClient connection. Safe to call multiple times — each
+* call resets the underlying session and re-applies default headers.
+*
+* `defaultHeaders` are applied **before** `createApi`, so the in-binary RSA
+* handshake (`GET /e2ee/key/v2` + `POST /e2ee/key`) sees the same headers as
+* data requests. Without this ordering, environments that require auth/version
+* headers on the handshake (e.g. `x-api-key`, `api-version`) would 401/4xx
+* before any encrypted traffic ever flowed.
+*
+* OAEP padding is hardcoded to SHA-256 (we always pass `useSha256 = true` into
+* the C++ binary).
+*/
+async function setupWasmConnection(apiURL, token, encryptionEnabled, defaultHeaders) {
+	const api = ensureReady();
+	api.resetSessionState?.();
+	api.setDefaultHeaders?.(defaultHeaders);
+	api.createApi(apiURL, token, true, encryptionEnabled);
+}
+/**
+* Re-runs the connection handshake with `encryptionEnabled = true`. Stateless:
+* callers (currently `@incodetech/core`'s `setup()`) own the connection params
+* and supply them on every call. Use this to upgrade an existing non-encrypted
+* WASM connection to encrypted at runtime.
+*/
+async function enableWasmEncryption(params) {
+	await setupWasmConnection(params.apiURL, params.token ?? "", true, params.defaultHeaders);
+}
+/**
+* Executes a single HTTP request through the WASM WebClient.
+*
+* Acquires a semaphore slot for `threadId`, registers progress callbacks, runs
+* the request via {@link wasmCallWrapper} (busy-polls until the WASM method
+* returns `true`), then extracts the per-thread result. Throws
+* {@link WasmWebClientError} on non-2xx or transport errors.
+*
+* The `ie` (inline-encryption) flag is forwarded to the C++ WebClient for
+* mutating methods. Default `false` — the SDK HTTP path leaves payloads
+* unencrypted at the WebClient layer. The C++ `WebApi.postFaceResults`
+* pre-encrypts its JSON via `SessionEncryptor` and calls back into this
+* function with `ie=true`; see {@link createWebApiHostAdapter}.
+*/
+async function executeWasmRequest(method, url, body, headers, params, timeout, onUploadProgress, ie = false) {
+	const api = ensureReady();
+	const stringParams = toStringRecord(params);
+	return semaphore.withLock(async (threadId) => {
+		if (onUploadProgress && api.setOnUploadProgress) api.setOnUploadProgress((event) => {
+			try {
+				onUploadProgress(event);
+			} catch (error) {
+				console.error("WasmWebClient: error in onUploadProgress callback", error);
+			}
+		});
+		try {
+			await wasmCallWrapper(semaphore, () => callWasmMethod(api, method, threadId, url, body, headers, stringParams, timeout, ie), false);
+			return readResult(api, threadId);
+		} finally {
+			api.clearOnUploadProgress?.(threadId);
+			api.clearOnDownloadProgress?.(threadId);
+		}
+	});
+}
+function callWasmMethod(api, method, threadId, url, body, headers, params, timeout, ie) {
+	switch (method) {
+		case "GET": return api.get(threadId, url, params, headers, timeout);
+		case "POST": return api.post(threadId, url, body ?? {}, headers, params, timeout, ie);
+		case "PUT": return api.put(threadId, url, body ?? {}, headers, params, timeout, ie);
+		case "PATCH": return api.patch(threadId, url, body ?? {}, headers, params, timeout, ie);
+		case "DELETE": return api.del(threadId, url, body ?? {}, headers, params, timeout, ie);
+		default: throw new Error(`Unsupported WASM HTTP method: ${method}`);
+	}
+}
+const DEFAULT_WEBAPI_TIMEOUT_MS = 3e4;
+let webApiHttpTransport = null;
+function setWebApiHttpTransport(transport) {
+	webApiHttpTransport = transport;
+}
+function createWebApiHostAdapter() {
+	return { post(url, body, config) {
+		const effectiveConfig = config ?? {};
+		const transport = webApiHttpTransport;
+		if (transport) return transport(url, body, effectiveConfig);
+		return executeWasmRequest("POST", url, body, effectiveConfig.headers ?? {}, effectiveConfig.params, effectiveConfig.timeout ?? DEFAULT_WEBAPI_TIMEOUT_MS, void 0, effectiveConfig.ie === true);
+	} };
+}
+function readResult(api, threadId) {
+	const response = api.getRequestResult(threadId);
+	if (response.hasError) throw new WasmWebClientError(response.errorMessage || "WasmWebClient request failed", response.statusCode, response.result);
+	return {
+		data: response.result,
+		status: response.statusCode
+	};
+}
+function ensureReady() {
+	if (!webClientApi) throw new Error("WasmWebClient not initialized. Call initializeWasmWebClient() first.");
+	return webClientApi;
+}
+
 //#endregion
 //#region ../infra/src/wasm/mlWasmJSApi.ts
 var MlWasmJSApi = class MlWasmJSApi {
@@ -210,6 +386,7 @@ var MlWasmJSApi = class MlWasmJSApi {
 		this.utilityApi = null;
 		this.idCaptureWasmApi = null;
 		this.faceProcessingWasmApi = null;
+		this.webApi = null;
 		this.imageWidth_ = null;
 		this.imageHeight_ = null;
 		this.pipelines_ = null;
@@ -322,6 +499,8 @@ var MlWasmJSApi = class MlWasmJSApi {
 			this.faceProcessingWasmApi.delete();
 			this.faceProcessingWasmApi = null;
 		}
+		if (this.webApi && typeof this.webApi.delete === "function") this.webApi.delete();
+		this.webApi = null;
 		this.wasmModule = null;
 		this.isInitialized_ = false;
 	}
@@ -368,7 +547,8 @@ var MlWasmJSApi = class MlWasmJSApi {
 			case WasmPipelineType.IdBarcodeAndTextQualityPipeline: return this.idCaptureWasmApi.runIdCaptureWorkflow(this.pipelineTypeToWasmEnum(type));
 			case WasmPipelineType.IdVideoSelfiePipeline: return this.idCaptureWasmApi.runIdVideoSelfieWorkflow();
 			case WasmPipelineType.SelfieWithAggregationMetrics:
-			case WasmPipelineType.SelfieWithQualityMetrics: return this.faceProcessingWasmApi.runSelfieWorkflow(this.pipelineTypeToWasmEnum(type));
+			case WasmPipelineType.SelfieWithQualityMetrics:
+			case WasmPipelineType.OnDeviceSelfieWorkflow: return this.faceProcessingWasmApi.runSelfieWorkflow(this.pipelineTypeToWasmEnum(type));
 			default: throw new Error("Unknown pipeline type");
 		}
 	}
@@ -388,9 +568,9 @@ var MlWasmJSApi = class MlWasmJSApi {
 		this.checkWasmInitialization("Unable to set face position constraints, cpp API hasn't been initialized");
 		this.faceProcessingWasmApi.setFacePositionConstraints(this.pipelineTypeToWasmEnum(type), minX, minY, maxX, maxY);
 	}
-	async setFaceDetectionThresholds(type, brightnessThreshold, blurrinessThreshold, tiltRotationAngleThreshold, minMagicCropSize, autocaptureInterval, minFaceQualityScore, faceOcclusionThreshold) {
+	async setFaceDetectionThresholds(type, brightnessThreshold, blurrinessThreshold, tiltRotationAngleThreshold, minMagicCropSize, autocaptureInterval, minFaceQualityScore, faceOcclusionThreshold, getReadyDelay, framesAggregationInterval, minFramesWithFace) {
 		this.checkWasmInitialization("Unable to set face detection thresholds, cpp API hasn't been initialized");
-		this.faceProcessingWasmApi.setFaceProcessingThresholds(this.pipelineTypeToWasmEnum(type), brightnessThreshold, blurrinessThreshold, tiltRotationAngleThreshold, minMagicCropSize, autocaptureInterval, minFaceQualityScore, faceOcclusionThreshold);
+		this.faceProcessingWasmApi.setFaceProcessingThresholds(this.pipelineTypeToWasmEnum(type), brightnessThreshold, blurrinessThreshold, tiltRotationAngleThreshold, minMagicCropSize, autocaptureInterval, minFaceQualityScore, faceOcclusionThreshold, getReadyDelay, framesAggregationInterval, minFramesWithFace);
 	}
 	async setFaceAttributesThresholds(type, headwearThreshold, lensesThreshold, closedEyesThreshold, maskThreshold) {
 		this.checkWasmInitialization("Unable to set face attributes thresholds, cpp API hasn't been initialized");
@@ -544,6 +724,35 @@ var MlWasmJSApi = class MlWasmJSApi {
 		this.checkWasmInitialization("Unable to ckvcks, cpp API hasn't been initialized");
 		this.utilityApi.ckvcks(data);
 	}
+	/**
+	* Synchronous manual-capture entry point for the OnDevice selfie workflow.
+	* Runs face detection + the full on-device quality / liveness / age pipeline
+	* on a single canvas image and stages the results inside the WASM `WebApi`
+	* for the next {@link postFaceResults} call. No polling, no semaphore wrap.
+	*
+	* Mirrors `ml-wasm-kit/WasmApi.processPhoto`.
+	*/
+	processPhoto(canvas) {
+		this.checkWasmInitialization("Unable to process photo, cpp API hasn't been initialized");
+		this.faceProcessingWasmApi.processPhoto(canvas);
+	}
+	/**
+	* POSTs the staged on-device face-results JSON to `/omni/add/face-results`
+	* via the C++ `WebApi`. The C++ side encrypts the body with
+	* `SessionEncryptor` and routes through the WASM `WebClient` with inline
+	* encryption (`ie=true`) — this does NOT depend on the WebClient E2EE
+	* session setup, so it works whether `setupWasmConnection` was called with
+	* `encryptionEnabled` true or false.
+	*
+	* Lazily instantiates `wasmModule.WebApi(adapter)` on first call. Throws if
+	* the WASM WebClient hasn't been initialized yet (callers expecting
+	* on-device upload must configure `setup({ apiURL, wasm })`).
+	*/
+	postFaceResults(config) {
+		this.checkWasmInitialization("Unable to post face results, cpp API hasn't been initialized");
+		if (!this.webApi) this.webApi = new this.wasmModule.WebApi(createWebApiHostAdapter());
+		return this.webApi.postFaceResults(config ?? {});
+	}
 	pipelineTypeToWasmEnum(type) {
 		switch (type) {
 			case WasmPipelineType.IdBlurGlarePipeline: return this.wasmModule.WorkflowType.IdBlurGlareWorkflow;
@@ -551,6 +760,7 @@ var MlWasmJSApi = class MlWasmJSApi {
 			case WasmPipelineType.IdVideoSelfiePipeline: return this.wasmModule.WorkflowType.IdVideoSelfieWorkflow;
 			case WasmPipelineType.SelfieWithAggregationMetrics: return this.wasmModule.WorkflowType.SelfieWithAggregationMetrics;
 			case WasmPipelineType.SelfieWithQualityMetrics: return this.wasmModule.WorkflowType.SelfieWithQualityMetrics;
+			case WasmPipelineType.OnDeviceSelfieWorkflow: return this.wasmModule.WorkflowType.OnDeviceSelfieWorkflow;
 			default: throw new Error("Unknown pipeline type");
 		}
 	}
@@ -561,6 +771,7 @@ var MlWasmJSApi = class MlWasmJSApi {
 			case this.wasmModule.WorkflowType.IdVideoSelfieWorkflow: return WasmPipelineType.IdVideoSelfiePipeline;
 			case this.wasmModule.WorkflowType.SelfieWithAggregationMetrics: return WasmPipelineType.SelfieWithAggregationMetrics;
 			case this.wasmModule.WorkflowType.SelfieWithQualityMetrics: return WasmPipelineType.SelfieWithQualityMetrics;
+			case this.wasmModule.WorkflowType.OnDeviceSelfieWorkflow: return WasmPipelineType.OnDeviceSelfieWorkflow;
 			default: throw new Error("Unknown pipeline type");
 		}
 	}
@@ -588,7 +799,12 @@ var mlWasmJSApi_default = MlWasmJSApi.getInstance();
 
 //#endregion
 //#region ../infra/src/wasm/warmup.ts
-/** Array of all available pipelines */
+/**
+* Pipelines preloaded when no explicit `pipelines` array is passed to
+* {@link warmupWasm}. The on-device selfie bundle is opt-in (loaded only when
+* a SELFIE/AUTH module has `onDeviceFaceResultsSubmissionEnabled: true`), so
+* it is intentionally excluded here to keep the default warmup small.
+*/
 const WASM_PIPELINES = ["selfie", "idCapture"];
 /**
 * Default model files for each pipeline.
@@ -601,6 +817,14 @@ const DEFAULT_PIPELINE_MODELS = {
 		"mls_regressor_4773007c657b4f05a460321456740d0f_fp16.ortmodelv2",
 		"face_occlusion_v0_2_fp16.ortmodelv2"
 	],
+	onDeviceSelfie: [
+		"selfie_bf_angles_192x192_opset9_fp16.ortmodelv2",
+		"face_attributes_v1_3_fp16.ortmodelv2",
+		"mls_regressor_4773007c657b4f05a460321456740d0f_fp16.ortmodelv2",
+		"face_occlusion_v0_2_fp16.ortmodelv2",
+		"ondevice_physical_liveness_v2_1_fp16.ortmodelv2",
+		"age_estimation_v2_2_2_fp16.ortmodelv2"
+	],
 	idCapture: ["id_capture_2_01_fp16.ortmodelv2", "id_fiqa_19a81a0b9bf6492eb03b4667f6db4c85_fp16.ortmodelv2"]
 };
 let state = "idle";
@@ -611,6 +835,7 @@ let lastConfig = null;
 function mapPipelineToWasmType(pipeline) {
 	switch (pipeline) {
 		case "selfie": return WasmPipelineType.SelfieWithQualityMetrics;
+		case "onDeviceSelfie": return WasmPipelineType.OnDeviceSelfieWorkflow;
 		case "idCapture": return WasmPipelineType.IdBlurGlarePipeline;
 		default: throw new Error(`Unknown pipeline: ${pipeline}`);
 	}
@@ -850,4 +1075,4 @@ var BaseWasmProvider = class {
 };
 
 //#endregion
-export { WasmPipelineType as a, SemaphoreProvider as c, wasmCallWrapper as i, warmupWasm as n, IdCaptureModelType as o, mlWasmJSApi_default as r, loadWasmModule as s, BaseWasmProvider as t };
+export { enableWasmEncryption as a, setWebApiHttpTransport as c, IdCaptureModelType as d, WasmWebClientError as i, setupWasmConnection as l, warmupWasm as n, executeWasmRequest as o, mlWasmJSApi_default as r, initializeWasmWebClient as s, BaseWasmProvider as t, WasmPipelineType as u };

package/dist/{WasmUtilProvider-BrEYcdhY.esm.js → WasmUtilProvider-BEQWy5_K.esm.js}

@@ -1,4 +1,4 @@
-import { r as mlWasmJSApi_default, t as BaseWasmProvider } from "./BaseWasmProvider-IiHnsP8E.esm.js";
+import { r as mlWasmJSApi_default, t as BaseWasmProvider } from "./BaseWasmProvider-CVktpSfA.esm.js";
 
 //#region ../infra/src/providers/wasm/WasmUtilProvider.ts
 var WasmUtilProvider = class WasmUtilProvider extends BaseWasmProvider {

package/dist/ae-signature.d.ts

@@ -1,6 +1,6 @@
 import { t as Manager } from "./Manager-D9pehGyp.js";
 import "./Actor-YjWTo26u.js";
-import { a as AE_CONSENT_KEYS, c as ConsentKey, g as getDefaultConsentChecks, i as electronicSignatureMachine, l as ElectronicSignatureConfig, m as areAllConsented, n as ElectronicSignatureState, s as ConsentChecks, u as ElectronicSignatureDocument } from "./index-BRdxM5zm.js";
+import { a as AE_CONSENT_KEYS, c as ConsentKey, g as getDefaultConsentChecks, i as electronicSignatureMachine, l as ElectronicSignatureConfig, m as areAllConsented, n as ElectronicSignatureState, s as ConsentChecks, u as ElectronicSignatureDocument } from "./index-DXB9aRs0.js";
 
 //#region src/modules/ae-signature/index.d.ts
 

package/dist/authentication.d.ts

@@ -1,12 +1,12 @@
-import "./warmup-DHGg8wQZ.js";
+import "./warmup-C6O7yhfX.js";
 import "./Manager-D9pehGyp.js";
 import "./Actor-YjWTo26u.js";
 import "./StateMachine-CJG7thvx.js";
-import { _ as AuthenticationConfig, b as authenticationMachine, g as createAuthenticationActor, h as CreateAuthenticationActorOptions, m as AuthenticationActor } from "./faceCaptureManagerFactory-FX5Lw2Q5.js";
+import { _ as AuthenticationConfig, b as authenticationMachine, g as createAuthenticationActor, h as CreateAuthenticationActorOptions, m as AuthenticationActor } from "./faceCaptureManagerFactory-DmHbKbyC.js";
 import "./camera-B6UAKpM1.js";
 import "./types-DJSt3Ovt.js";
-import "./types-BA181GDD.js";
-import "./deepsightService-CGSDjjBz.js";
+import "./types-DkXZpS0R.js";
+import "./deepsightService-Kuw9roIJ.js";
 import "./types-CarMMtoz.js";
-import { n as AuthenticationState, r as createAuthenticationManager, t as AuthenticationManager } from "./authenticationManager-BuChl5GH.js";
+import { n as AuthenticationState, r as createAuthenticationManager, t as AuthenticationManager } from "./authenticationManager-BnltMEfq.js";
 export { type AuthenticationActor, type AuthenticationConfig, type AuthenticationManager, type AuthenticationState, type CreateAuthenticationActorOptions, authenticationMachine, createAuthenticationActor, createAuthenticationManager };

package/dist/authentication.esm.js

@@ -1,25 +1,25 @@
-import "./BaseWasmProvider-IiHnsP8E.esm.js";
-import "./WasmUtilProvider-BrEYcdhY.esm.js";
+import "./BaseWasmProvider-CVktpSfA.esm.js";
+import "./WasmUtilProvider-BEQWy5_K.esm.js";
 import "./api-eqRXuVG-.esm.js";
 import "./events-Bt1azl2B.esm.js";
 import "./endpoints-B3V1U9Dg.esm.js";
 import "./browserSimulation-CAH-V_iE.esm.js";
 import "./xstate.esm-7GmmAwg6.esm.js";
-import "./faceCaptureManagerFactory-ByAGjOLF.esm.js";
+import "./faceCaptureManagerFactory-fu-9hWf5.esm.js";
 import "./BrowserStorageProvider-CoUfuy0u.esm.js";
-import "./recordingService-DMaVUhWY.esm.js";
-import "./deepsightService-IxmrmdKl.esm.js";
+import "./faceCaptureSetup-D607PhdL.esm.js";
+import "./ITimerCapability-3xSd36bT.esm.js";
 import "./camera-Bm3wb89Z.esm.js";
-import "./getBrowser-Y88tNVud.esm.js";
-import "./stats-Bqq9IKre.esm.js";
-import "./MotionSensorProvider-DJMsPght.esm.js";
-import "./permissionServices-ACBX6sNZ.esm.js";
-import "./platform-Dpzd9p3X.esm.js";
-import "./ITimerCapability-2pw-S97e.esm.js";
-import "./backCameraStream-DWZ1cNVA.esm.js";
-import "./getDeviceClass-DmoqR7G2.esm.js";
-import "./faceCaptureSetup-CUzqUwkP.esm.js";
-import { t as authenticationMachine } from "./authenticationStateMachine-BNs4VCxh.esm.js";
-import { r as createAuthenticationActor, t as createAuthenticationManager } from "./authenticationManager-CKDxnLtG.esm.js";
+import "./deepsightService-Dv6kvzph.esm.js";
+import "./recordingService-Dp-3nA-h.esm.js";
+import "./platform-CDh4uv5Y.esm.js";
+import "./backCameraStream-BKC7QXRJ.esm.js";
+import "./getBrowser-Bl0PlyDu.esm.js";
+import "./stats-qUsejORa.esm.js";
+import "./getDeviceClass-C1ZS2XJL.esm.js";
+import "./MotionSensorProvider-Dt_lF3Z8.esm.js";
+import "./permissionServices-Cdxqlwqz.esm.js";
+import { t as authenticationMachine } from "./authenticationStateMachine-B4FQ52zK.esm.js";
+import { r as createAuthenticationActor, t as createAuthenticationManager } from "./authenticationManager-DsauZR1g.esm.js";
 
 export { authenticationMachine, createAuthenticationActor, createAuthenticationManager };

package/dist/{authenticationManager-BuChl5GH.d.ts → authenticationManager-BnltMEfq.d.ts}

@@ -1,5 +1,5 @@
 import { t as Manager } from "./Manager-D9pehGyp.js";
-import { h as CreateAuthenticationActorOptions, m as AuthenticationActor, n as FaceCaptureManagerState, t as FaceCaptureManager } from "./faceCaptureManagerFactory-FX5Lw2Q5.js";
+import { h as CreateAuthenticationActorOptions, m as AuthenticationActor, n as FaceCaptureManagerState, t as FaceCaptureManager } from "./faceCaptureManagerFactory-DmHbKbyC.js";
 
 //#region src/modules/authentication/authenticationManager.d.ts
 type AuthenticationState = FaceCaptureManagerState;

package/dist/{authenticationManager-CKDxnLtG.esm.js → authenticationManager-DsauZR1g.esm.js}

@@ -1,9 +1,9 @@
-import { t as WasmUtilProvider } from "./WasmUtilProvider-BrEYcdhY.esm.js";
+import { t as WasmUtilProvider } from "./WasmUtilProvider-BEQWy5_K.esm.js";
 import { n as eventModuleNames } from "./events-Bt1azl2B.esm.js";
 import { o as createActor } from "./xstate.esm-7GmmAwg6.esm.js";
-import { t as createFaceCaptureManagerFromActor } from "./faceCaptureManagerFactory-ByAGjOLF.esm.js";
+import { t as createFaceCaptureManagerFromActor } from "./faceCaptureManagerFactory-fu-9hWf5.esm.js";
 import { t as BrowserStorageProvider } from "./BrowserStorageProvider-CoUfuy0u.esm.js";
-import { t as authenticationMachine } from "./authenticationStateMachine-BNs4VCxh.esm.js";
+import { t as authenticationMachine } from "./authenticationStateMachine-B4FQ52zK.esm.js";
 
 //#region src/modules/authentication/authenticationActor.ts
 function createAuthenticationActor(options) {

package/dist/{authenticationStateMachine-BNs4VCxh.esm.js → authenticationStateMachine-B4FQ52zK.esm.js}

@@ -1,9 +1,9 @@
 import { t as api } from "./api-eqRXuVG-.esm.js";
 import { t as endpoints } from "./endpoints-B3V1U9Dg.esm.js";
 import { a as fromPromise, r as assign } from "./xstate.esm-7GmmAwg6.esm.js";
-import { v as FACE_ERROR_CODES } from "./recordingService-DMaVUhWY.esm.js";
-import { t as getDeviceClass } from "./getDeviceClass-DmoqR7G2.esm.js";
-import { t as faceCaptureMachine } from "./faceCaptureSetup-CUzqUwkP.esm.js";
+import { a as prepareOnDeviceFaceUpload, i as postOnDeviceFaceResults, n as defaultPrepareFaceUpload, r as isOnDeviceMode, t as faceCaptureMachine } from "./faceCaptureSetup-D607PhdL.esm.js";
+import { m as FACE_ERROR_CODES } from "./recordingService-Dp-3nA-h.esm.js";
+import { t as getDeviceClass } from "./getDeviceClass-C1ZS2XJL.esm.js";
 
 //#region src/modules/authentication/authenticationErrorUtils.ts
 const AUTH_ERROR_MAP = {
@@ -79,8 +79,13 @@ const getAuthErrorCodeFromHttpError = (error) => {
 //#region src/modules/authentication/authenticationStateMachine.ts
 const _authenticationMachine = faceCaptureMachine.provide({
 	actors: {
+		prepareFaceUpload: fromPromise(async ({ input }) => {
+			const ctx = input;
+			return isOnDeviceMode(ctx.config) ? prepareOnDeviceFaceUpload(ctx) : defaultPrepareFaceUpload(ctx);
+		}),
 		uploadFace: fromPromise(async ({ input, signal }) => {
 			const ctx = input;
+			if (isOnDeviceMode(ctx.config)) return postOnDeviceFaceResults(ctx, signal);
 			return uploadAuthFace({
 				encryptedBase64Image: ctx.encryptedBase64Image,
 				faceCoordinates: ctx.faceCoordinates,
@@ -94,6 +99,7 @@ const _authenticationMachine = faceCaptureMachine.provide({
 	},
 	actions: {
 		setUploadErrorFromUploadValidation: assign({ uploadError: ({ context }) => {
+			if (isOnDeviceMode(context.config)) return;
 			const resp = context.uploadResponse;
 			return validateAuthUploadResponse(resp) ?? FACE_ERROR_CODES.SERVER;
 		} }),
@@ -115,10 +121,12 @@ const _authenticationMachine = faceCaptureMachine.provide({
 	},
 	guards: {
 		hasUploadValidationError: ({ context }) => {
+			if (isOnDeviceMode(context.config)) return false;
 			const resp = context.uploadResponse;
 			return validateAuthUploadResponse(resp) !== void 0;
 		},
 		isTerminalUploadError: ({ context }) => {
+			if (isOnDeviceMode(context.config)) return false;
 			const resp = context.uploadResponse;
 			return isTerminalAuthError(resp, context.attemptsRemaining);
 		},

package/dist/{backCameraStream-DWZ1cNVA.esm.js → backCameraStream-BKC7QXRJ.esm.js}

@@ -1,6 +1,6 @@
+import { t as sleep } from "./ITimerCapability-3xSd36bT.esm.js";
 import { i as stopCameraStream, n as enumerateVideoDevices, r as requestCameraAccess, t as applyTrackConstraints } from "./camera-Bm3wb89Z.esm.js";
-import { a as isIPhone14OrHigher, o as isSafari, r as isIOS, t as isAndroid } from "./platform-Dpzd9p3X.esm.js";
-import { t as sleep } from "./ITimerCapability-2pw-S97e.esm.js";
+import { a as isIPhone14OrHigher, o as isSafari, r as isIOS, t as isAndroid } from "./platform-CDh4uv5Y.esm.js";
 
 //#region src/internal/camera/backCameraStream.ts
 const BACK_CAMERA_KEYWORDS = [

package/dist/camera.esm.js

@@ -1,5 +1,5 @@
 import "./camera-Bm3wb89Z.esm.js";
-import "./MotionSensorProvider-DJMsPght.esm.js";
-import { n as requestPermission, t as checkPermission } from "./permissionServices-ACBX6sNZ.esm.js";
+import "./MotionSensorProvider-Dt_lF3Z8.esm.js";
+import { n as requestPermission, t as checkPermission } from "./permissionServices-Cdxqlwqz.esm.js";
 
 export { checkPermission as checkCameraPermission, requestPermission as requestCameraPermission };