@incodetech/core 2.0.1 → 2.1.0-rc.1

package/dist/{session-CrkWAs-q.esm.js → browserSimulation-B1dWiXp7.esm.js}

@@ -1,154 +1,6 @@
-import { n as getApi, r as getToken, s as setToken, t as api } from "./api-CESGtpbH.esm.js";
-import { g as getAnalyticsBatcher, h as addEvent } from "./events-D6-e4vok.esm.js";
-import { t as endpoints } from "./endpoints-CnN3SyDa.esm.js";
-import { n as resetIpifyCache, r as BrowserEnvironmentProvider, t as IpifyProvider } from "./IpifyProvider-D7jx52AL.esm.js";
-import { t as isBrowserSimulation } from "./browserSimulation-gxD8cSpM.esm.js";
+import { r as isIOS } from "./platform-SKvEfCBh.esm.js";
+import { t as getUserAgent } from "./getBrowser-C8DP7oTB.esm.js";
 
-//#region src/internal/session/sessionService.ts
-/**
-* HTTP status codes the QR validation endpoint emits, keyed by their semantic
-* name. Hosts switch on these to render distinct messaging — `invalidQRuuid`
-* for an unknown/expired link, `onboardingUrlAlreadyUsed` for a one-time link
-* that has already been consumed.
-*/
-const QR_VALIDATION_ERROR_CODES = {
-	expiredUUID: 4026,
-	invalidQRuuid: 4081,
-	onboardingUrlAlreadyUsed: 4083
-};
-var QrValidationError = class extends Error {
-	constructor(status, statusText) {
-		super(`POST ${endpoints.qrValidateUuid} failed: ${status} ${statusText}`);
-		this.name = "QrValidationError";
-		this.status = status;
-		this.statusText = statusText;
-	}
-};
-/**
-* Creates a new onboarding session.
-*
-* @param apiKey - The API key from the Incode dashboard
-* @param options - Session creation options
-* @param signal - Optional AbortSignal for request cancellation
-* @returns The created session with token
-*
-* @example
-* ```ts
-* const session = await createSession('your-api-key', {
-*   configurationId: 'your-flow-id',
-*   language: 'en-US',
-* });
-* console.log(session.token); // Use this token for subsequent API calls
-* ```
-*/
-async function createSession(apiKey, options, signal) {
-	const res = await getApi().post(endpoints.createSession, {
-		configurationId: options.configurationId,
-		externalId: options.externalId,
-		externalCustomerId: options.externalCustomerId,
-		language: options.language ?? "en-US",
-		customFields: options.customFields,
-		uuid: options.uuid ?? null,
-		urlUuid: options.urlUuid ?? null,
-		interviewId: options.interviewId ?? null,
-		...options.loginHint != null && options.loginHint !== "" ? { loginHint: options.loginHint } : {}
-	}, {
-		headers: {
-			"x-api-key": apiKey,
-			"api-version": "1.0"
-		},
-		signal
-	});
-	if (!res.ok) throw new Error(`POST ${endpoints.createSession} failed: ${res.status} ${res.statusText}`);
-	return res.data;
-}
-/**
-* Validates and rotates a QR anti-phishing URL UUID before creating a session.
-*
-* This call is unauthenticated; the `{ onboardingId, urlUuid }` pair itself
-* acts as the credential. The server burns the incoming `urlUuid` and returns
-* a freshly minted one that must be used in the subsequent `createSession`
-* call.
-*
-* @param options - `{ onboardingId, urlUuid }` from the incoming URL
-* @param signal - Optional AbortSignal for request cancellation
-* @returns The refreshed `urlUuid` to use for the session
-* @throws {QrValidationError} When the server rejects the validation request.
-*/
-async function validateQrUuid(options, signal) {
-	try {
-		return (await getApi().post(endpoints.qrValidateUuid, {
-			onboardingId: options.onboardingId,
-			urlUuid: options.urlUuid
-		}, {
-			headers: { "api-version": "1.0" },
-			signal
-		})).data;
-	} catch (error) {
-		const httpError = error;
-		throw new QrValidationError(httpError.data?.status ?? httpError.status, httpError.statusText);
-	}
-}
-/**
-* One-shot QR phishing-resistance helper.
-*
-* When `urlUuid` is a non-empty string, burns the stale value via
-* `validateQrUuid`, invokes `onRefreshed` with the fresh value, and returns
-* it so callers can forward it into `createSession`. When `urlUuid` is
-* absent, returns `undefined` without making any network call.
-*
-* Consolidates the rotation + callback logic shared by Flow self-loading and
-* Workflow token-mode bootstraps.
-*
-* @throws {QrValidationError} When the server rejects the validation request.
-*/
-async function refreshQrUrlUuid(options, signal) {
-	if (typeof options.urlUuid !== "string" || options.urlUuid.length === 0) return;
-	const result = await validateQrUuid({
-		onboardingId: options.onboardingId ?? null,
-		urlUuid: options.urlUuid
-	}, signal);
-	options.onRefreshed?.(result.urlUuid);
-	return result.urlUuid;
-}
-/**
-* Validates and rotates a QR anti-phishing `urlUuid` (when present), then
-* creates a session bound to the refreshed value. When `urlUuid` is absent,
-* behaves identically to {@link createSession}.
-*
-* Use this when the host owns session creation and wants the SDK to handle
-* phishing-resistance rotation in a single call. For raw control, compose
-* `refreshQrUrlUuid` and `createSession` directly.
-*
-* @throws {QrValidationError} When the server rejects the QR validation step.
-*
-* @example
-* ```ts
-* const session = await bootstrapSession(apiKey, {
-*   configurationId,
-*   urlUuid,
-*   onUrlUuidRefreshed: (refreshed) => {
-*     const url = new URL(window.location.href);
-*     url.searchParams.set('url_uuid', refreshed);
-*     window.history.replaceState({}, '', url);
-*   },
-* });
-* ```
-*/
-async function bootstrapSession(apiKey, options, signal) {
-	const { onUrlUuidRefreshed, ...createSessionOptions } = options;
-	const refreshedUrlUuid = await refreshQrUrlUuid({
-		urlUuid: options.urlUuid,
-		onboardingId: options.uuid ?? null,
-		onRefreshed: onUrlUuidRefreshed
-	}, signal);
-	return createSession(apiKey, {
-		...createSessionOptions,
-		urlUuid: refreshedUrlUuid
-	}, signal);
-}
-
-//#endregion
 //#region ../../node_modules/.pnpm/ua-parser-js@2.0.9/node_modules/ua-parser-js/src/main/ua-parser.mjs
 var LIBVERSION = "2.0.9", UA_MAX_LENGTH = 500, USER_AGENT = "user-agent", EMPTY = "", UNKNOWN = "?", TYPEOF = {
 	FUNCTION: "function",
@@ -1663,55 +1515,15 @@ UAParser.DEVICE = enumerize([
 UAParser.ENGINE = UAParser.OS = enumerize([NAME, VERSION]);
 
 //#endregion
-//#region ../infra/src/providers/browser/BrowserInfoProvider.ts
-var BrowserInfoProvider = class {
-	checkWebRtcSupport() {
-		if (typeof window === "undefined") return false;
-		const hasRTCPeerConnection = "RTCPeerConnection" in window || "webkitRTCPeerConnection" in window || "mozRTCPeerConnection" in window;
-		const hasGetUserMedia = typeof navigator !== "undefined" && navigator.mediaDevices?.getUserMedia !== void 0;
-		return hasRTCPeerConnection && hasGetUserMedia;
-	}
-	getBrowserInfo() {
-		const userAgent = typeof navigator !== "undefined" ? navigator.userAgent : "";
-		const result = new UAParser(userAgent).getResult();
-		return {
-			userAgent,
-			isWebRtcSupported: this.checkWebRtcSupport(),
-			browser: {
-				name: result.browser.name,
-				version: result.browser.version
-			},
-			os: {
-				name: result.os.name,
-				version: result.os.version
-			},
-			device: {
-				model: result.device.model,
-				type: result.device.type,
-				vendor: result.device.vendor
-			},
-			engine: {
-				name: result.engine.name,
-				version: result.engine.version
-			},
-			cpu: { architecture: result.cpu.architecture }
-		};
-	}
-};
-
-//#endregion
-//#region ../infra/src/device/getDeviceData.ts
-const HIGH_ENTROPY_HINTS = new Set([
-	"model",
-	"platformVersion",
-	"fullVersionList",
-	"brands",
-	"platform"
-]);
-function getFallbackDeviceInfo() {
-	const result = new UAParser().getResult();
+//#region ../infra/src/device/getParsedUserAgent.ts
+function getParsedUserAgent(userAgent) {
+	const result = (userAgent ? new UAParser(userAgent) : new UAParser()).getResult();
 	return {
-		device: { model: result.device.model },
+		device: {
+			model: result.device.model,
+			vendor: result.device.vendor,
+			type: result.device.type
+		},
 		os: {
 			name: result.os.name,
 			version: result.os.version
@@ -1722,80 +1534,6 @@ function getFallbackDeviceInfo() {
 		}
 	};
 }
-function sanitizeString(value) {
-	return value?.trim() || void 0;
-}
-function extractPrimaryBrandInfo(fullVersionList, brands) {
-	const primaryBrand = fullVersionList?.[0] || brands?.[0];
-	return {
-		name: sanitizeString(primaryBrand?.brand),
-		version: sanitizeString(primaryBrand?.version)
-	};
-}
-async function getHighEntropyDeviceInfo(userAgentData) {
-	const highEntropyValues = await userAgentData.getHighEntropyValues(Array.from(HIGH_ENTROPY_HINTS));
-	const { name: browserName, version: browserVersion } = extractPrimaryBrandInfo(highEntropyValues.fullVersionList, userAgentData.brands);
-	return {
-		device: { model: sanitizeString(highEntropyValues.model) },
-		os: {
-			name: sanitizeString(highEntropyValues.platform),
-			version: sanitizeString(highEntropyValues.platformVersion)
-		},
-		browser: {
-			name: browserName,
-			version: browserVersion
-		}
-	};
-}
-const checkForUnbrandedBrowser = (browser) => {
-	const userAgent = typeof navigator !== "undefined" ? navigator.userAgent : "";
-	const fallback = getFallbackDeviceInfo();
-	if (!userAgent) return browser;
-	try {
-		return {
-			...browser,
-			name: fallback.browser.name,
-			version: fallback.browser.version
-		};
-	} catch {
-		return {
-			...browser,
-			name: "Unknown",
-			version: "Unknown"
-		};
-	}
-};
-function mergeDeviceInfo(fallback, enhanced) {
-	return {
-		device: { model: enhanced.device?.model || fallback.device.model },
-		os: {
-			name: enhanced.os?.name || fallback.os.name,
-			version: enhanced.os?.version || fallback.os.version
-		},
-		browser: checkForUnbrandedBrowser({
-			name: enhanced.browser?.name || fallback.browser.name,
-			version: enhanced.browser?.version || fallback.browser.version
-		})
-	};
-}
-function isUserAgentClientHintsSupported(navigator$1) {
-	return Boolean(navigator$1.userAgentData?.getHighEntropyValues && typeof navigator$1.userAgentData.getHighEntropyValues === "function");
-}
-async function getDeviceFingerprintInfo() {
-	if (typeof navigator === "undefined") return {
-		device: {},
-		os: {},
-		browser: {}
-	};
-	const customNavigator = navigator;
-	const fallbackInfo = getFallbackDeviceInfo();
-	if (!isUserAgentClientHintsSupported(customNavigator)) return fallbackInfo;
-	try {
-		return mergeDeviceInfo(fallbackInfo, await getHighEntropyDeviceInfo(customNavigator.userAgentData));
-	} catch {
-		return fallbackInfo;
-	}
-}
 
 //#endregion
 //#region ../../node_modules/.pnpm/@thumbmarkjs+thumbmarkjs@1.6.4/node_modules/@thumbmarkjs/thumbmarkjs/dist/thumbmark.esm.js
@@ -2991,216 +2729,63 @@ async function getThumbmarkId() {
 }
 
 //#endregion
-//#region ../infra/src/providers/browser/FingerprintProvider.ts
-var FingerprintProvider = class {
-	constructor(ipLookup) {
-		this.ipLookup = ipLookup;
+//#region src/internal/device/hasLiedBrowser.ts
+function detectBrowserFromUserAgent(userAgent) {
+	if (userAgent.indexOf("edge/") >= 0 || userAgent.indexOf("iemobile/") >= 0) return "Other";
+	if (userAgent.indexOf("opera mini") >= 0) return "Other";
+	if (userAgent.indexOf("firefox/") >= 0) return "Firefox";
+	if (userAgent.indexOf("opera/") >= 0 || userAgent.indexOf(" opr/") >= 0) return "Opera";
+	if (userAgent.indexOf("chrome/") >= 0) return "Chrome";
+	if (userAgent.indexOf("safari/") >= 0) {
+		if (userAgent.indexOf("android 1.") >= 0 || userAgent.indexOf("android 2.") >= 0 || userAgent.indexOf("android 3.") >= 0 || userAgent.indexOf("android 4.") >= 0) return "AOSP";
+		return "Safari";
 	}
-	async getFingerprint(disableIpify = false) {
-		const visitorId = await getThumbmarkId();
-		const [deviceInfo, ip] = await Promise.all([getDeviceFingerprintInfo(), disableIpify ? Promise.resolve("") : this.ipLookup.getIp()]);
-		return {
-			visitorId,
-			ip,
-			deviceInfo
-		};
-	}
-};
-
-//#endregion
-//#region src/internal/featureConfig/featureConfigService.ts
-let cachedFeatures$1 = null;
-/**
-* Checks if a feature is enabled in the feature config.
-*/
-function isFeatureEnabled(feature, features) {
-	return features?.find((f$1) => f$1.feature === feature)?.enabled ?? false;
-}
-/**
-* Fetches feature configuration from the backend.
-* Results are cached for the session lifetime.
-*/
-async function fetchFeatureConfig(signal) {
-	if (cachedFeatures$1) return cachedFeatures$1;
-	const response = await api.get(endpoints.featureConfig, { signal });
-	if (!response.ok) throw new Error(`Failed to fetch feature config: ${response.status} ${response.statusText}`);
-	cachedFeatures$1 = response.data;
-	return cachedFeatures$1;
+	if (userAgent.indexOf("trident/") >= 0) return "Internet Explorer";
+	return "Other";
 }
-/**
-* Resets the cached feature config (useful for testing).
-*/
-function resetFeatureConfigCache() {
-	cachedFeatures$1 = null;
+function hasLiedBrowser(browserEnv) {
+	const userAgent = getUserAgent().toLowerCase();
+	if (userAgent.indexOf("edge/") >= 0 || userAgent.indexOf("iemobile/") >= 0) return false;
+	if (userAgent.indexOf("opera mini") >= 0) return false;
+	const browser = detectBrowserFromUserAgent(userAgent);
+	const productSub = browserEnv.getNavigatorProductSub();
+	if ((browser === "Chrome" || browser === "Safari" || browser === "Opera") && productSub !== "20030107") return true;
+	const evalLength = browserEnv.getEvalToStringLength();
+	if (evalLength === 37 && browser !== "Safari" && browser !== "Firefox" && browser !== "Other") return true;
+	if (evalLength === 39 && browser !== "Internet Explorer" && browser !== "Other") return true;
+	if (evalLength === 33 && browser !== "Chrome" && browser !== "AOSP" && browser !== "Opera" && browser !== "Other") return true;
+	return browserEnv.tryFirefoxToSource() && browser !== "Firefox" && browser !== "Other";
 }
 
 //#endregion
-//#region src/internal/version/sdkVersion.ts
-const SDK_VERSION = "2.0.1";
-
-//#endregion
-//#region src/internal/fingerprint/fingerprintService.ts
-function formatOsVersion(os) {
-	return `${os.name || "Unknown"} ${os.version || ""}`.trim();
-}
-function formatBrowser(browser) {
-	if (!browser.name || !browser.version) return "Unknown";
-	return `${browser.name} ${browser.version}`;
-}
-async function submitDeviceFingerprint(options = {}, dependencies) {
-	const { disableIpify = false, hostingApp, signal } = options;
-	const fingerprint = await dependencies.fingerprintProvider.getFingerprint(disableIpify);
-	const hasLiedBrowser = isBrowserSimulation(dependencies.browserEnv);
-	const payload = {
-		hash: fingerprint.visitorId || "",
-		ip: fingerprint.ip || "",
-		deviceType: "WEBAPP",
-		data: JSON.stringify(fingerprint),
-		osVersion: formatOsVersion(fingerprint.deviceInfo.os),
-		deviceModel: fingerprint.deviceInfo.device.model || "",
-		browser: formatBrowser(fingerprint.deviceInfo.browser),
-		hasLiedBrowser,
-		sdkVersion: SDK_VERSION,
-		hostingApp: hostingApp ?? "Web SDK"
-	};
-	const response = await api.post(endpoints.deviceFingerprint, payload, { signal });
-	if (!response.ok) throw new Error(`Failed to submit fingerprint: ${response.status} ${response.statusText}`);
-	return response.data;
-}
-
-//#endregion
-//#region src/internal/session/sessionInitializer.ts
-let sessionInitialized = false;
-let cachedFeatures = null;
-let cachedDisableIpify = false;
-let cachedFingerprintSuccess = false;
-let cachedFingerprintResult;
-let sessionInitPromise = null;
-/**
-* Activates a session by setting the auth token on the HTTP client and
-* preloading session-scoped state.
-*
-* Performs:
-* 1. Sets the token (and clears stale session-init cache if the token changed)
-* 2. Fetches feature configuration from backend
-* 3. Submits device fingerprint
-* 4. Starts the analytics batcher so buffered events are flushed
-*
-* Results are cached per token. Calling again with the same token returns the
-* cached result; calling with a different token re-initializes from scratch.
-*
-* @param options - Session activation options (`token` required)
-* @returns Session initialization result with feature config
-*
-* @example
-* ```ts
-* await setup({ apiURL: 'https://api.incode.com' });
-* const session = await createSession('api-key', options);
-* const { features } = await initializeSession({ token: session.token });
-*
-* // Check feature flags
-* if (isFeatureEnabled('DISABLE_IPIFY', features.features)) {
-*   // Handle disabled ipify
-* }
-* ```
-*/
-async function initializeSession(options = {}) {
-	const { token, hostingApp, signal } = options;
-	if (token !== void 0 && token !== getToken()) {
-		setToken(token);
-		resetSessionInit();
-	}
-	if (sessionInitialized && cachedFeatures) return {
-		features: cachedFeatures,
-		disableIpify: cachedDisableIpify,
-		fingerprintSuccess: cachedFingerprintSuccess,
-		fingerprintResult: cachedFingerprintResult
-	};
-	if (sessionInitPromise) return sessionInitPromise;
-	sessionInitPromise = (async () => {
-		let features;
-		let disableIpify = false;
-		try {
-			features = await fetchFeatureConfig(signal);
-			disableIpify = isFeatureEnabled("DISABLE_IPIFY", features.features);
-		} catch {
-			features = { sessionIdentifier: "" };
-		}
-		let fingerprintSuccess = false;
-		let fingerprintResult;
-		try {
-			const fingerprintProvider = new FingerprintProvider(new IpifyProvider());
-			const browserEnv = new BrowserEnvironmentProvider();
-			fingerprintResult = await submitDeviceFingerprint({
-				disableIpify,
-				hostingApp,
-				signal
-			}, {
-				fingerprintProvider,
-				browserEnv
-			});
-			fingerprintSuccess = true;
-		} catch (error) {
-			console.warn("Failed to submit device fingerprint:", error);
-		}
-		try {
-			const browserInfo = new BrowserInfoProvider().getBrowserInfo();
-			addEvent({
-				code: "browser",
-				payload: {
-					userAgent: browserInfo.userAgent,
-					isWebRtcSupported: browserInfo.isWebRtcSupported,
-					browser: browserInfo.browser,
-					os: browserInfo.os,
-					device: browserInfo.device,
-					engine: browserInfo.engine,
-					cpu: browserInfo.cpu
-				}
-			});
-		} catch (error) {
-			console.warn("Failed to send browser info event:", error);
-		}
-		sessionInitialized = true;
-		cachedFeatures = features;
-		cachedDisableIpify = disableIpify;
-		cachedFingerprintSuccess = fingerprintSuccess;
-		cachedFingerprintResult = fingerprintResult;
-		return {
-			features,
-			disableIpify,
-			fingerprintSuccess,
-			fingerprintResult
-		};
-	})().finally(() => {
-		sessionInitPromise = null;
-		getAnalyticsBatcher()?.start();
-	});
-	return sessionInitPromise;
-}
-/**
-* Gets the cached disableIpify flag.
-* Returns false if session hasn't been initialized.
-*/
-function getDisableIpify() {
-	return cachedDisableIpify;
-}
-function getSessionFingerprintResult() {
-	return cachedFingerprintResult;
+//#region src/internal/device/browserSimulation.ts
+const AUTOMATION_MARKERS = {
+	window: [
+		"callPhantom",
+		"_phantom",
+		"phantom",
+		"__nightmare",
+		"domAutomation",
+		"domAutomationController"
+	],
+	navigator: ["webdriver"]
+};
+function hasAutomationMarker(browserEnv) {
+	for (const prop of AUTOMATION_MARKERS.window) if (browserEnv.getWindowProperty(prop)) return true;
+	for (const prop of AUTOMATION_MARKERS.navigator) if (browserEnv.getNavigatorProperty(prop)) return true;
+	return false;
 }
-/**
-* Resets session initialization state.
-* Useful for testing or when starting a new session.
-*/
-function resetSessionInit() {
-	sessionInitialized = false;
-	cachedFeatures = null;
-	cachedDisableIpify = false;
-	cachedFingerprintSuccess = false;
-	cachedFingerprintResult = void 0;
-	sessionInitPromise = null;
-	resetFeatureConfigCache();
-	resetIpifyCache();
+function isBrowserSimulation(browserEnv) {
+	if (hasAutomationMarker(browserEnv)) return true;
+	if (!getParsedUserAgent().browser.name) return true;
+	const touchPoints = browserEnv.getMaxTouchPoints();
+	const isTouch = touchPoints > 0 || browserEnv.hasOnTouchStart();
+	if (isTouch && touchPoints !== 1) return false;
+	const ua = getUserAgent();
+	if (isTouch && (hasLiedBrowser(browserEnv) || ua.includes("Mobile"))) return true;
+	if (isIOS(ua) && !browserEnv.hasOnTouchStart()) return true;
+	return false;
 }
 
 //#endregion
-export { FingerprintProvider as a, QrValidationError as c, refreshQrUrlUuid as d, validateQrUuid as f, resetSessionInit as i, bootstrapSession as l, getSessionFingerprintResult as n, getDeviceFingerprintInfo as o, initializeSession as r, QR_VALIDATION_ERROR_CODES as s, getDisableIpify as t, createSession as u };
+export { UAParser as i, getThumbmarkId as n, getParsedUserAgent as r, isBrowserSimulation as t };

package/dist/camera.d.ts

@@ -1,4 +1,4 @@
-import { n as PermissionStatus, t as PermissionResult } from "./types-CAD4va6a.js";
+import { n as PermissionStatus, t as PermissionResult } from "./types-ya0LN_MX.js";
 
 //#region src/internal/permissions/permissionServices.d.ts
 type RequestPermissionOptions = {
@@ -7,8 +7,9 @@ type RequestPermissionOptions = {
 declare function checkPermission(): Promise<PermissionResult>;
 /**
  * Requests camera permission by attempting to access the camera, then immediately
- * stops the obtained stream. Also requests motion sensor permission (required on iOS
- * to be called during a user gesture). This function does not keep or return the stream.
+ * stops the obtained stream. When `requestMotion` is true (deepsight), requests
+ * motion OS permission, primes WASM sensors, then camera — all in one user gesture
+ * chain, matching SDK v1.
  */
 declare function requestPermission(options?: RequestPermissionOptions): Promise<PermissionResult>;
 //#endregion

package/dist/camera.esm.js

@@ -1,5 +1,6 @@
-import "./camera-PA2Ljri3.esm.js";
-import "./MotionSensorProvider-4v7xkqAp.esm.js";
-import { n as requestPermission, t as checkPermission } from "./permissionServices-D_i6nzEw.esm.js";
+import "./WasmUtilProvider-BKWm8rSA.esm.js";
+import "./MotionSensorProvider-Bx7Mpzt0.esm.js";
+import { i as requestPermission, t as checkPermission } from "./permissionServices-Doec4X5L.esm.js";
+import "./camera-DJWm3V4g.esm.js";
 
 export { checkPermission as checkCameraPermission, requestPermission as requestCameraPermission };