npm - @loginid/websdk3 - Versions diffs - 1.2.0 → 1.3.0 - Mend

@loginid/websdk3 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var w=Object.defineProperty;var re=Object.getOwnPropertyDescriptor;var oe=Object.getOwnPropertyNames;var se=Object.prototype.hasOwnProperty;var ne=(t,e)=>{for(var r in e)w(t,r,{get:e[r],enumerable:!0})},ie=(t,e,r,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of oe(e))!se.call(t,o)&&o!==r&&w(t,o,{get:()=>e[o],enumerable:!(s=re(e,o))||s.enumerable});return t};var ae=t=>ie(w({},"__esModule",{value:!0}),t);var qe={};ne(qe,{ApiError:()=>d,LoginIDWebSDK:()=>_,PasskeyError:()=>l,createPasskeyCredential:()=>S,default:()=>Ae,doesDeviceSupportPasskeys:()=>z,getPasskeyCredential:()=>v,isConditionalUIAvailable:()=>$,isPlatformAuthenticatorAvailable:()=>J});module.exports=ae(qe);var R=class{constructor(e){this.config=e}};var d=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var I=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},h=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new I("Request aborted"))}}get isCancelled(){return this.#e}};var D=t=>t!=null,g=t=>typeof t=="string",k=t=>g(t)&&t!=="",N=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),W=t=>t instanceof FormData,pe=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},ue=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{D(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},le=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${ue(e.query)}`:o},ce=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{g(o)||N(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>D(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},x=async(t,e)=>typeof e=="function"?e(t):e,de=async(t,e)=>{let[r,s,o,n]=await Promise.all([x(e,t.TOKEN),x(e,t.USERNAME),x(e,t.PASSWORD),x(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,p])=>D(p)).reduce((a,[p,u])=>({...a,[p]:String(u)}),{});if(k(r)&&(i.Authorization=`Bearer ${r}`),k(s)&&k(o)){let a=pe(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:N(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":g(e.body)?i["Content-Type"]="text/plain":W(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},ye=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):g(t.body)||N(t.body)||W(t.body)?t.body:JSON.stringify(t.body)},me=async(t,e,r,s,o,n,i)=>{let a=new AbortController,p={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(p.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,p)},fe=(t,e)=>{if(e){let r=t.headers.get(e);if(g(r))return r}},Re=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},he=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new d(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new d(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},V=(t,e)=>new h(async(r,s,o)=>{try{let n=le(t,e),i=ce(e),a=ye(e),p=await de(t,e);if(!o.isCancelled){let u=await me(t,e,n,a,i,p,o),f=await Re(u),te=fe(u,e.responseHeader),F={url:n,ok:u.ok,status:u.status,statusText:u.statusText,body:te??f};he(e,F),r(F.body)}}catch(n){s(n)}});var O=class extends R{constructor(e){super(e)}request(e){return V(this.config,e)}};var b=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var C=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",headers:{Authorization:r},path:{id:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",headers:{Authorization:s},path:{id:e},body:r,mediaType:"application/json",errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var P=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}tokenTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var T=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var E=class{auth;passkeys;reg;token;tx;version;request;constructor(e,r=O){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new b(this.request),this.passkeys=new C(this.request),this.reg=new P(this.request),this.token=new A(this.request),this.tx=new q(this.request),this.version=new T(this.request)}};var U=class{config;service;constructor(e){this.config=e,this.service=new E({BASE:e.baseUrl})}},y=U;var M=require("ua-parser-js"),H=()=>({clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height}),ge=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function J(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function $(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function z(){let t=new M.UAParser(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&ge(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var be=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),Ce=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),p=t.charCodeAt(s++),u=i<<16|a<<8|p;r.push(e[u>>18&63]+e[u>>12&63]+e[u>>6&63]+e[u&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},Pe=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let p=r[a];if(p!==void 0)for(o=(o<<6)+p,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},c=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=Ce(e);return be(s)},m=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=Pe(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},G=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),Y=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})};var K=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},l=K;var Q=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new l("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new l("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new l("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new l("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new l("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new l(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new l("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},X=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new l("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new l("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new l(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new l("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t};var S=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:m(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:m(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:m(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?Q(o,s):o}},v=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:m(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:m(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?X(o,s):o}};var j=class extends y{jwtAccess="";constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await S(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),p=n.getAuthenticatorData&&n.getAuthenticatorData(),u=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:c(n.attestationObject),clientDataJSON:c(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:c(i)},...a&&{publicKeyAlgorithm:a},...p&&{authenticatorData:c(p)},...u&&{transports:u}},session:s}}async registerWithPasskey(e,r={}){let s=H();r.usernameType||(r.usernameType="email");let o={app:{id:this.config.appId,...r.token&&{token:r.token}},deviceInfo:s,user:{username:e,usernameType:r.usernameType,...r.displayName&&{displayName:r.displayName}},...r.mfa&&{mfa:r.mfa},...r.session&&{session:r.session}},n=await this.service.reg.regRegInit({requestBody:o}),i=await this.createNavigatorCredential(n),a=await this.service.reg.regRegComplete({requestBody:i});return this.jwtAccess=a.jwtAccess,a}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await v(s,r),i=n.response;return{assertionResult:{authenticatorData:c(i.authenticatorData),clientDataJSON:c(i.clientDataJSON),credentialId:n.id,signature:c(i.signature),...i.userHandle&&{userHandle:c(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=H();r.usernameType||(r.usernameType="email");let o={app:{id:this.config.appId,...r.token&&{token:r.token}},deviceInfo:s,...!r.autoFill&&{user:{username:e,usernameType:r.usernameType,...r.displayName&&{displayName:r.displayName}}}},n=await this.service.auth.authAuthInit({requestBody:o}),i=await this.getNavigatorCredential(n,r),a=await this.service.auth.authAuthComplete({requestBody:i});return this.jwtAccess=a.jwtAccess,a}async confirmTransaction(e,r,s={}){let o={username:e,txPayload:r,nonce:s.nonce||G(),txType:s.txType||"raw"},{assertionOptions:n,session:i}=await this.service.tx.txTxInit({requestBody:o}),a={assertionOptions:n,session:i},{assertionResult:p}=await this.getNavigatorCredential(a),u={authenticatorData:p.authenticatorData,clientData:p.clientDataJSON,keyHandle:p.credentialId,session:i,signature:p.signature},f=await this.service.tx.txTxComplete({requestBody:u});return this.jwtAccess=f.jwtAccess,f}getJWTAccess(){return this.jwtAccess}},Z=j;var L=class extends y{constructor(e){super(e)}async listPasskeys(e){return await this.service.passkeys.passkeysPasskeysList({authorization:e})}async renamePasskey(e,r,s){let o={name:s};return await this.service.passkeys.passkeysPasskeyRename({authorization:e,id:r,requestBody:o}),null}async deletePasskey(e,r){return await this.service.passkeys.passkeysPasskeyDelete({authorization:e,id:r}),null}},ee=L;var B=class extends y{constructor(e){super(e)}};Y(B,[y,Z,ee]);var _=B;var Ae=_;0&&(module.exports={ApiError,LoginIDWebSDK,PasskeyError,createPasskeyCredential,doesDeviceSupportPasskeys,getPasskeyCredential,isConditionalUIAvailable,isPlatformAuthenticatorAvailable});
+"use strict";var D=Object.defineProperty;var ae=Object.getOwnPropertyDescriptor;var ue=Object.getOwnPropertyNames;var pe=Object.prototype.hasOwnProperty;var le=(t,e)=>{for(var r in e)D(t,r,{get:e[r],enumerable:!0})},de=(t,e,r,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of ue(e))!pe.call(t,o)&&o!==r&&D(t,o,{get:()=>e[o],enumerable:!(s=ae(e,o))||s.enumerable});return t};var ce=t=>de(D({},"__esModule",{value:!0}),t);var Se={};le(Se,{ApiError:()=>c,LoginIDWebSDK:()=>_,PasskeyError:()=>l,createPasskeyCredential:()=>O,default:()=>Ie,doesDeviceSupportPasskeys:()=>te,getPasskeyCredential:()=>k,isConditionalUIAvailable:()=>ee,isPlatformAuthenticatorAvailable:()=>Z});module.exports=ce(Se);var h=class{constructor(e){this.config=e}};var c=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var I=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},R=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new I("Request aborted"))}}get isCancelled(){return this.#e}};var U=t=>t!=null,g=t=>typeof t=="string",N=t=>g(t)&&t!=="",F=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),z=t=>t instanceof FormData,ye=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},me=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{U(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},fe=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${me(e.query)}`:o},he=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{g(o)||F(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>U(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},S=async(t,e)=>typeof e=="function"?e(t):e,Re=async(t,e)=>{let[r,s,o,n]=await Promise.all([S(e,t.TOKEN),S(e,t.USERNAME),S(e,t.PASSWORD),S(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,u])=>U(u)).reduce((a,[u,p])=>({...a,[u]:String(p)}),{});if(N(r)&&(i.Authorization=`Bearer ${r}`),N(s)&&N(o)){let a=ye(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:F(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":g(e.body)?i["Content-Type"]="text/plain":z(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},ge=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):g(t.body)||F(t.body)||z(t.body)?t.body:JSON.stringify(t.body)},Pe=async(t,e,r,s,o,n,i)=>{let a=new AbortController,u={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(u.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,u)},Ce=(t,e)=>{if(e){let r=t.headers.get(e);if(g(r))return r}},be=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},qe=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new c(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new c(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},J=(t,e)=>new R(async(r,s,o)=>{try{let n=fe(t,e),i=he(e),a=ge(e),u=await Re(t,e);if(!o.isCancelled){let p=await Pe(t,e,n,a,i,u,o),f=await be(p),ie=Ce(p,e.responseHeader),W={url:n,ok:p.ok,status:p.status,statusText:p.statusText,body:ie??f};qe(e,W),r(W.body)}}catch(n){s(n)}});var x=class extends h{constructor(e){super(e)}request(e){return J(this.config,e)}};var P=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var C=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var b=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var T=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var E=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var B=class{auth;mgmt;passkeys;profile;reg;tx;version;request;constructor(e,r=x){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new P(this.request),this.mgmt=new C(this.request),this.passkeys=new b(this.request),this.profile=new q(this.request),this.reg=new A(this.request),this.tx=new T(this.request),this.version=new E(this.request)}};var Ae=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),Te=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),u=t.charCodeAt(s++),p=i<<16|a<<8|u;r.push(e[p>>18&63]+e[p>>12&63]+e[p>>6&63]+e[p&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},Ee=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let u=r[a];if(u!==void 0)for(o=(o<<6)+u,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},d=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=Te(e);return Ae(s)},m=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=Ee(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},M=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),$=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},v=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},G=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},Y=t=>{document.cookie=t},Q=t=>{document.cookie=`${t}=; expires=${new Date}`};var H=class{config;service;constructor(e){this.config=e,this.service=new B({BASE:e.baseUrl})}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getJwtCookieName(){return`LoginID_${this.config.appId}_token`}setJwtCookie(e){let r=v(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;Y(o)}getJwtCookie(){return G(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){Q(this.getJwtCookieName())}},y=H;var X=require("ua-parser-js"),K=()=>({clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height}),Be=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function Z(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function ee(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function te(){let t=new X.UAParser(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&Be(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var j=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},l=j;var re=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new l("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new l("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new l("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new l("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new l("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new l(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new l("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},oe=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new l("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new l("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new l(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new l("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t};var O=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:m(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:m(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:m(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?re(o,s):o}},k=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:m(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:m(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?oe(o,s):o}};var L=class extends y{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await O(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),p=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:d(n.attestationObject),clientDataJSON:d(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:d(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:d(u)},...p&&{transports:p}},session:s}}async registerWithPasskey(e,r={}){let s=K();r.usernameType||(r.usernameType="email"),r.token=this.getToken(r),r.token&&v(r.token).username!==e&&(r.token="");let o={app:{id:this.config.appId},deviceInfo:s,user:{username:e,usernameType:r.usernameType,...r.displayName&&{displayName:r.displayName}},...r.session&&{session:r.session}},n=await this.service.reg.regRegInit({requestBody:o,...r.token&&{authorization:r.token}}),i=await this.createNavigatorCredential(n),a=await this.service.reg.regRegComplete({requestBody:i});return this.setJwtCookie(a.jwtAccess),a}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await k(s,r),i=n.response;return{assertionResult:{authenticatorData:d(i.authenticatorData),clientDataJSON:d(i.clientDataJSON),credentialId:n.id,signature:d(i.signature),...i.userHandle&&{userHandle:d(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=K();r.usernameType||(r.usernameType="email");let o={app:{id:this.config.appId,...r.token&&{token:r.token}},deviceInfo:s,...!r.autoFill&&{user:{username:e,usernameType:r.usernameType,...r.displayName&&{displayName:r.displayName}}}},n=await this.service.auth.authAuthInit({requestBody:o}),i=await this.getNavigatorCredential(n,r),a=await this.service.auth.authAuthComplete({requestBody:i});return this.setJwtCookie(a.jwtAccess),a}async generateCodeWithPasskey(e,r={}){if(r.token=this.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async authenticateWithCode(e,r,s={}){s.usernameType||(s.usernameType="email");let o={authCode:r,user:{username:e,usernameType:s.usernameType}},n=await this.service.auth.authAuthCodeVerify({requestBody:o});return this.setJwtCookie(n.jwtAccess),n}async addPasskey(e,r={}){let s=this.getToken(r);if(!s)throw new Error("User needs to be logged in to perform this operation.");return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o={username:e,txPayload:r,nonce:s.nonce||M(),txType:s.txType||"raw"},{assertionOptions:n,session:i}=await this.service.tx.txTxInit({requestBody:o}),a={assertionOptions:n,session:i},{assertionResult:u}=await this.getNavigatorCredential(a),p={authenticatorData:u.authenticatorData,clientData:u.clientDataJSON,keyHandle:u.credentialId,session:i,signature:u.signature},f=await this.service.tx.txTxComplete({requestBody:p});return this.setJwtCookie(f.jwtAccess),f}},se=L;var V=class extends y{constructor(e){super(e)}async listPasskeys(e={}){let r=this.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},ne=V;var w=class extends y{constructor(e){super(e)}};$(w,[y,se,ne]);var _=w;var Ie=_;0&&(module.exports={ApiError,LoginIDWebSDK,PasskeyError,createPasskeyCredential,doesDeviceSupportPasskeys,getPasskeyCredential,isConditionalUIAvailable,isPlatformAuthenticatorAvailable});
 //# sourceMappingURL=index.cjs.map

package/dist/index.d.cts CHANGED Viewed

@@ -49,6 +49,40 @@ declare abstract class BaseHttpRequest {
     abstract request<T>(options: ApiRequestOptions): CancelablePromise<T>;
 }
+type AuthCode = {
+    /**
+     * Generated code
+     */
+    code: string;
+    /**
+     * Expiration time of the code
+     */
+    expiresAt: string;
+};
+type UserLogin = {
+    /**
+     * Username
+     */
+    username: string;
+    /**
+     * Username type
+     */
+    usernameType: 'email' | 'phone';
+};
+type AuthCodeRequestSMSRequestBody = {
+    user: UserLogin;
+};
+type AuthCodeVerifyRequestBody = {
+    /**
+     * Authentication code
+     */
+    authCode: string;
+    user: UserLogin;
+};
 type AuthenticatorAssertionResponse = {
     /**
      * This attribute contains the authenticator data returned by the authenticator.
@@ -137,6 +171,10 @@ type PublicKeyCredentialRequestOptions = {
 type AuthInit = {
     assertionOptions: PublicKeyCredentialRequestOptions;
+    /**
+     * List of fallback methods (in priority order) available to this client.
+     */
+    fallbackOptions?: Array<'otp:client' | 'otp:email' | 'otp:sms'>;
     /**
      * An opaque object containing session data.
      */
@@ -202,28 +240,25 @@ type DeviceInfo = {
     screenWidth?: number;
 };
-type User = {
-    /**
-     * Display Name
-     */
-    displayName?: string;
+type AuthInitRequestBody = {
+    app: Application;
+    deviceInfo: DeviceInfo;
+    user?: UserLogin;
+};
+type CodeResult = {
     /**
-     * Username
+     * Generated code
      */
-    username: string;
+    code: string;
     /**
-     * Username type
+     * Expiration time of the code
      */
-    usernameType: 'email' | 'phone';
-};
-type AuthInitRequestBody = {
-    app: Application;
-    deviceInfo: DeviceInfo;
-    user?: User;
+    expiresAt: string;
 };
 type JWT = {
+    code?: CodeResult;
     /**
      * JWT access token
      */
@@ -253,6 +288,95 @@ declare class AuthService {
          */
         userAgent?: string;
     }): CancelablePromise<AuthInit>;
+    /**
+     * Request OTP code by an authenticated user
+     * An authenticated user can request an authentication code directly using this
+     * method. The code can be used for authentication from another device.
+     * @returns AuthCode OK response.
+     * @throws ApiError
+     */
+    authAuthCodeRequest({ authorization, }: {
+        /**
+         * JWT Authorization header
+         */
+        authorization?: string;
+    }): CancelablePromise<AuthCode>;
+    /**
+     * Request OTP code to be sent via email.
+     * Send authentication code to the provided email. The SMS will only be sent
+     * if the email address is known to the application, however, this method will
+     * return success regardless.
+     * @returns void
+     * @throws ApiError
+     */
+    authAuthCodeRequestEmail({ requestBody, }: {
+        requestBody: AuthCodeRequestSMSRequestBody;
+    }): CancelablePromise<void>;
+    /**
+     * Request OTP code to be sent via SMS.
+     * Send authentication code to the provided phone number. The SMS will only be
+     * sent if the phone is registered with the application, however, it will return
+     * success regardless.
+     * @returns void
+     * @throws ApiError
+     */
+    authAuthCodeRequestSms({ requestBody, }: {
+        requestBody: AuthCodeRequestSMSRequestBody;
+    }): CancelablePromise<void>;
+    /**
+     * Verify authentication code and return JWT access token with appropriate scopes
+     * @returns JWT OK response.
+     * @throws ApiError
+     */
+    authAuthCodeVerify({ requestBody, }: {
+        requestBody: AuthCodeVerifyRequestBody;
+    }): CancelablePromise<JWT>;
+}
+type GrantCreateRequestBody = {
+    /**
+     * List of requested grants
+     */
+    grants: Array<'passkey:read' | 'passkey:write' | 'profile:read' | 'profile:write' | 'self:write'>;
+    /**
+     * User identifier
+     */
+    username?: string;
+};
+type GrantCreateResponseBody = {
+    /**
+     * Base64 encoded authorization token
+     */
+    token: string;
+};
+type TokenVerifyRequestBody = {
+    /**
+     * JWT access token
+     */
+    jwtAccess: string;
+};
+declare class MgmtService {
+    readonly httpRequest: BaseHttpRequest;
+    constructor(httpRequest: BaseHttpRequest);
+    /**
+     * Create an authorization token with requested scopes
+     * @returns GrantCreateResponseBody OK response.
+     * @throws ApiError
+     */
+    mgmtGrantCreate({ requestBody, }: {
+        requestBody: GrantCreateRequestBody;
+    }): CancelablePromise<GrantCreateResponseBody>;
+    /**
+     * Validate JWT Access Token
+     * @returns void
+     * @throws ApiError
+     */
+    mgmtTokenVerify({ requestBody, }: {
+        requestBody: TokenVerifyRequestBody;
+    }): CancelablePromise<void>;
 }
 type Passkey = {
@@ -291,8 +415,11 @@ declare class PasskeysService {
      * @returns PasskeyCollection OK response.
      * @throws ApiError
      */
-    passkeysPasskeysList({ authorization }: {
-        authorization: string;
+    passkeysPasskeysList({ authorization, }: {
+        /**
+         * JWT Authorization header
+         */
+        authorization?: string;
     }): CancelablePromise<PasskeyCollection>;
     /**
      * Delete passkey
@@ -304,20 +431,134 @@ declare class PasskeysService {
          * Internal passkey identifier
          */
         id: string;
-        authorization: string;
+        /**
+         * JWT Authorization header
+         */
+        authorization?: string;
     }): CancelablePromise<void>;
     /**
      * Rename passkey
      * @returns void
      * @throws ApiError
      */
-    passkeysPasskeyRename({ id, requestBody, authorization }: {
+    passkeysPasskeyRename({ id, requestBody, authorization, }: {
         /**
          * Internal passkey identifier
          */
         id: string;
         requestBody: PasskeyRenameRequestBody;
-        authorization: string;
+        /**
+         * JWT Authorization header
+         */
+        authorization?: string;
+    }): CancelablePromise<void>;
+}
+type ProfileEmailUpdateRequestBody = {
+    /**
+     * Email address
+     */
+    email: string;
+    /**
+     * Whether to update the email address immediately or send an authorization code
+     * to verify.
+     */
+    requestVerification?: boolean;
+};
+type ProfilePhoneUpdateRequestBody = {
+    /**
+     * Whether the user consents to receiving SMS messages on this number. The phone
+     * will not be used for sending messages if no consent is provided.
+     */
+    messagingConsent?: boolean;
+    /**
+     * Phone number
+     */
+    phoneNumber: string;
+    /**
+     * Whether to update the phone number immediately or send an authorization code
+     * to verify. This method will fail if verification is requested but no consent
+     * is provided.
+     */
+    requestVerification?: boolean;
+};
+type ProfilePhoneVerifyRequestBody = {
+    /**
+     * Verification code
+     */
+    authCode: string;
+    /**
+     * Username associated with the code
+     */
+    username: string;
+};
+declare class ProfileService {
+    readonly httpRequest: BaseHttpRequest;
+    constructor(httpRequest: BaseHttpRequest);
+    /**
+     * Delete a user profile and all associated passkey
+     * @returns void
+     * @throws ApiError
+     */
+    profileProfileDelete({ id, }: {
+        /**
+         * Internal user identifier
+         */
+        id: string;
+    }): CancelablePromise<void>;
+    /**
+     * Update profile email address
+     * @returns void
+     * @throws ApiError
+     */
+    profileProfileEmailUpdate({ id, requestBody, }: {
+        /**
+         * Internal user identifier
+         */
+        id: string;
+        requestBody: ProfileEmailUpdateRequestBody;
+    }): CancelablePromise<void>;
+    /**
+     * Delete phone from the profile
+     * @returns void
+     * @throws ApiError
+     */
+    profileProfilePhoneDelete({ id, }: {
+        /**
+         * Internal user identifier
+         */
+        id: string;
+    }): CancelablePromise<void>;
+    /**
+     * Update the profile phone number
+     * @returns void
+     * @throws ApiError
+     */
+    profileProfilePhoneUpdate({ id, requestBody, }: {
+        /**
+         * Internal user identifier
+         */
+        id: string;
+        requestBody: ProfilePhoneUpdateRequestBody;
+    }): CancelablePromise<void>;
+    /**
+     * Verify phone number with received authorization code
+     * @returns void
+     * @throws ApiError
+     */
+    profileProfileEmailVerify({ requestBody, }: {
+        requestBody: ProfilePhoneVerifyRequestBody;
+    }): CancelablePromise<void>;
+    /**
+     * Verify phone number with received authorization code
+     * @returns void
+     * @throws ApiError
+     */
+    profileProfilePhoneVerify({ requestBody, }: {
+        requestBody: ProfilePhoneVerifyRequestBody;
     }): CancelablePromise<void>;
 }
@@ -467,17 +708,24 @@ type RegInit = {
     session: string;
 };
+type User = {
+    /**
+     * Display Name
+     */
+    displayName?: string;
+    /**
+     * Username
+     */
+    username: string;
+    /**
+     * Username type
+     */
+    usernameType: 'email' | 'phone';
+};
 type RegInitRequestBody = {
     app: Application;
     deviceInfo: DeviceInfo;
-    /**
-     * Set of authentication factors:
-     * - Single factor: Username (i.e. email or phone) + FIDO2 credential;
-     * - Two factor: Username + password + FIDO2 credential;
-     * - Passwordless: FIDO2 discoverable credentials;
-     * - Passwordless + MFA: FIDO2 discoverable credentials + PIN;
-     */
-    mfa?: Array<'fido2' | 'email' | 'phone' | 'password' | 'pin'>;
     /**
      * An opaque object containing user data. It is used in place of "user" attribute
      * for creating passkeys for pre-authorized users ("user" attribute is ignored if
@@ -505,35 +753,19 @@ declare class RegService {
      * @returns RegInit OK response.
      * @throws ApiError
      */
-    regRegInit({ requestBody, userAgent, }: {
+    regRegInit({ requestBody, userAgent, authorization, }: {
         requestBody: RegInitRequestBody;
         /**
          * Raw user-agent header as set by a browser
          */
         userAgent?: string;
+        /**
+         * JWT Authorization header
+         */
+        authorization?: string;
     }): CancelablePromise<RegInit>;
 }
-type TokenVerifyRequestBody = {
-    /**
-     * JWT access token
-     */
-    jwtAccess: string;
-};
-declare class TokenService {
-    readonly httpRequest: BaseHttpRequest;
-    constructor(httpRequest: BaseHttpRequest);
-    /**
-     * Validate JWT Access Token
-     * @returns void
-     * @throws ApiError
-     */
-    tokenTokenVerify({ requestBody, }: {
-        requestBody: TokenVerifyRequestBody;
-    }): CancelablePromise<void>;
-}
 type TxComplete = {
     authCred?: Passkey;
     /**
@@ -665,9 +897,10 @@ declare class VersionService {
 type HttpRequestConstructor = new (config: OpenAPIConfig) => BaseHttpRequest;
 declare class LoginIDService {
     readonly auth: AuthService;
+    readonly mgmt: MgmtService;
     readonly passkeys: PasskeysService;
+    readonly profile: ProfileService;
     readonly reg: RegService;
-    readonly token: TokenService;
     readonly tx: TxService;
     readonly version: VersionService;
     readonly request: BaseHttpRequest;
@@ -693,7 +926,6 @@ declare class ApiError extends Error {
 type UsernameType = User['usernameType'];
 type DeviceInfoRequestBody = DeviceInfo;
-type MFA = RegInitRequestBody['mfa'];
 type Transports = CreationResult['transports'];
 interface LoginIDConfig {
     baseUrl: string;
@@ -704,12 +936,20 @@ interface PasskeyOptions {
     displayName?: string;
     usernameType?: UsernameType;
 }
+interface PasskeyManagementOptions {
+    token?: string;
+}
+interface ListPasskeysOptions extends PasskeyManagementOptions {
+}
+interface RenamePasskeyOptions extends PasskeyManagementOptions {
+}
+interface DeletePasskeyOptions extends PasskeyManagementOptions {
+}
 interface AuthenticateWithPasskeysOptions extends PasskeyOptions {
     autoFill?: boolean;
     abortSignal?: AbortSignal;
 }
 interface RegisterWithPasskeyOptions extends PasskeyOptions {
-    mfa?: MFA;
     session?: string;
 }
 interface ConfirmTransactionOptions extends PasskeyOptions {
@@ -738,13 +978,38 @@ declare class LoginIDBase {
      * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL.
      */
     constructor(config: LoginIDConfig);
+    getToken(options: PasskeyOptions): string;
+    /**
+     *
+     * @returns {string} The name of the cookie
+     */
+    getJwtCookieName(): string;
+    /**
+     * Set jwt token to localstorage
+     * @param {string} jwt Configuration object for LoginID API, including the base URL.
+     */
+    setJwtCookie(jwt: string): void;
+    /**
+     * Retrieves the JWT access token.
+     * @returns {string | undefined} The JWT access token.
+     */
+    getJwtCookie(): string | undefined;
+    /**
+       * checks if the user is logged in.
+       * @returns {boolean}
+       */
+    isLoggedIn(): boolean;
+    /**
+       * deletes the jwt cookie.
+       * @returns {boolean}
+       */
+    signout(): void;
 }
 /**
  * Extends LoginIDBase to support creation, registration, and authentication of passkeys.
  */
 declare class Passkeys extends LoginIDBase {
-    private jwtAccess;
     /**
      * Initializes a new Passkeys instance with the provided configuration.
      * @param {LoginIDConfig} config Configuration object for LoginID.
@@ -777,6 +1042,36 @@ declare class Passkeys extends LoginIDBase {
      * @returns {Promise<any>} Result of the authentication operation.
      */
     authenticateWithPasskey(username?: string, options?: AuthenticateWithPasskeysOptions): Promise<PasskeyResult>;
+    /**
+     * Generates a code with passkey.
+     * @param {string} username Username to authenticate.
+     * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
+     * @returns {Promise<AuthCode>} Code and expiry.
+     */
+    generateCodeWithPasskey(username: string, options?: AuthenticateWithPasskeysOptions): Promise<AuthCode>;
+    /**
+     * Authenticate with a code.
+     * @param {string} username Username to authenticate.
+     * @param {string} code code to authenticate.
+     * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
+     * @returns {Promise<any>} Result of the authentication operation.
+     */
+    authenticateWithCode(username: string, code: string, options?: AuthenticateWithPasskeysOptions): Promise<JWT>;
+    /**
+     * Add passkey
+     * @param username Username to authenticate.
+     * @param options Additional authentication options.
+     * @returns {Promise<PasskeyResult>} Result of the add passkey operation.
+     */
+    addPasskey(username: string, options?: PasskeyOptions): Promise<PasskeyResult>;
+    /**
+     * Add passkey with code
+     * @param username Username to authenticate.
+     * @param code Code to authenticate.
+     * @param options Additional authentication options.
+     * @returns @returns {Promise<PasskeyResult>} Result of the add passkey with code operation.
+     */
+    addPasskeyWithCode(username: string, code: string, options?: PasskeyOptions): Promise<PasskeyResult>;
     /**
      * Confirms a transaction using a passkey.
      *
@@ -794,11 +1089,6 @@ declare class Passkeys extends LoginIDBase {
      * The result includes details about the transaction's details and includes a new JWT access token.
      */
     confirmTransaction(username: string, txPayload: string, options?: ConfirmTransactionOptions): Promise<TxComplete>;
-    /**
-     * Retrieves the JWT access token.
-     * @returns {string} The JWT access token.
-     */
-    getJWTAccess(): string;
 }
 /**
@@ -815,7 +1105,7 @@ declare class PasskeyManager extends LoginIDBase {
      * @param {string} authToken Authorization token to authenticate the request.
      * @returns {Promise<PasskeysPasskeyResponseCollection>} A collection of passkeys.
      */
-    listPasskeys(authToken: string): Promise<PasskeyCollection>;
+    listPasskeys(options?: ListPasskeysOptions): Promise<PasskeyCollection>;
     /**
      * Renames a specified passkey.
      * @param {string} authToken Authorization token to authenticate the request.
@@ -823,14 +1113,14 @@ declare class PasskeyManager extends LoginIDBase {
      * @param {string} name The new name for the passkey.
      * @returns {Promise<null>} A promise that resolves to null upon successful completion.
      */
-    renamePasskey(authToken: string, id: string, name: string): Promise<null>;
+    renamePasskey(id: string, name: string, options?: RenamePasskeyOptions): Promise<null>;
     /**
      * Deletes a specified passkey.
      * @param {string} authToken Authorization token to authenticate the request.
      * @param {string} id The ID of the passkey to delete.
      * @returns {Promise<null>} A promise that resolves to null upon successful deletion.
      */
-    deletePasskey(authToken: string, id: string): Promise<null>;
+    deletePasskey(id: string, options?: DeletePasskeyOptions): Promise<null>;
 }
 interface LoginIDWebSDK extends Passkeys, PasskeyManager {
@@ -889,4 +1179,4 @@ interface DoesDeviceSupportPasskeysResponse {
  */
 declare function doesDeviceSupportPasskeys(): Promise<DoesDeviceSupportPasskeysResponse>;
-export { ApiError, type AuthenticateWithPasskeysOptions, type ConfirmTransactionOptions, type DeviceInfoRequestBody, type DoesDeviceSupportPasskeysResponse, type LoginIDConfig, LoginIDWebSDK, type MFA, PasskeyError, type PasskeyOptions, type PasskeyResult, type RegisterWithPasskeyOptions, type Transports, type UsernameType, createPasskeyCredential, LoginIDWebSDK as default, doesDeviceSupportPasskeys, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };
+export { ApiError, type AuthenticateWithPasskeysOptions, type ConfirmTransactionOptions, type DeletePasskeyOptions, type DeviceInfoRequestBody, type DoesDeviceSupportPasskeysResponse, type ListPasskeysOptions, type LoginIDConfig, LoginIDWebSDK, PasskeyError, type PasskeyManagementOptions, type PasskeyOptions, type PasskeyResult, type RegisterWithPasskeyOptions, type RenamePasskeyOptions, type Transports, type UsernameType, createPasskeyCredential, LoginIDWebSDK as default, doesDeviceSupportPasskeys, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };