npm - @loginid/websdk3 - Versions diffs - 1.6.0 → 1.8.0 - Mend

@loginid/websdk3 1.6.0 → 1.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var H=Object.defineProperty;var de=Object.getOwnPropertyDescriptor;var ce=Object.getOwnPropertyNames;var ye=Object.prototype.hasOwnProperty;var me=(t,e)=>{for(var r in e)H(t,r,{get:e[r],enumerable:!0})},he=(t,e,r,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of ce(e))!ye.call(t,o)&&o!==r&&H(t,o,{get:()=>e[o],enumerable:!(s=de(e,o))||s.enumerable});return t};var fe=t=>he(H({},"__esModule",{value:!0}),t);var ke={};me(ke,{ApiError:()=>c,AuthService:()=>R,BaseHttpRequest:()=>h,CancelError:()=>S,CancelablePromise:()=>f,LoginIDService:()=>T,LoginIDWebSDK:()=>z,MgmtService:()=>g,OpenAPI:()=>le,PasskeyError:()=>d,PasskeysService:()=>C,ProfileService:()=>b,RegService:()=>P,TxService:()=>q,VersionService:()=>A,WebAuthnHelper:()=>U,createPasskeyCredential:()=>B,default:()=>ve,doesDeviceSupportPasskeys:()=>ie,getPasskeyCredential:()=>I,isConditionalUIAvailable:()=>ne,isPlatformAuthenticatorAvailable:()=>se});module.exports=fe(ke);var h=class{constructor(e){this.config=e}};var c=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var S=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},f=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new S("Request aborted"))}}get isCancelled(){return this.#e}};var K=t=>t!=null,O=t=>typeof t=="string",F=t=>O(t)&&t!=="",L=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),$=t=>t instanceof FormData,Re=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},ge=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{K(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},Ce=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${ge(e.query)}`:o},be=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{O(o)||L(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>K(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},v=async(t,e)=>typeof e=="function"?e(t):e,Pe=async(t,e)=>{let[r,s,o,n]=await Promise.all([v(e,t.TOKEN),v(e,t.USERNAME),v(e,t.PASSWORD),v(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,u])=>K(u)).reduce((a,[u,l])=>({...a,[u]:String(l)}),{});if(F(r)&&(i.Authorization=`Bearer ${r}`),F(s)&&F(o)){let a=Re(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:L(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":O(e.body)?i["Content-Type"]="text/plain":$(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},qe=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):O(t.body)||L(t.body)||$(t.body)?t.body:JSON.stringify(t.body)},Ae=async(t,e,r,s,o,n,i)=>{let a=new AbortController,u={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(u.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,u)},Te=(t,e)=>{if(e){let r=t.headers.get(e);if(O(r))return r}},Ee=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},Be=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new c(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new c(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},G=(t,e)=>new f(async(r,s,o)=>{try{let n=Ce(t,e),i=be(e),a=qe(e),u=await Pe(t,e);if(!o.isCancelled){let l=await Ae(t,e,n,a,i,u,o),m=await Ee(l),pe=Te(l,e.responseHeader),M={url:n,ok:l.ok,status:l.status,statusText:l.statusText,body:pe??m};Be(e,M),r(M.body)}}catch(n){s(n)}});var k=class extends h{constructor(e){super(e)}request(e){return G(this.config,e)}};var R=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var g=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var C=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var b=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var P=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var T=class{auth;mgmt;passkeys;profile;reg;tx;version;request;constructor(e,r=k){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new R(this.request),this.mgmt=new g(this.request),this.passkeys=new C(this.request),this.profile=new b(this.request),this.reg=new P(this.request),this.tx=new q(this.request),this.version=new A(this.request)}};var _=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},d=_;var Y=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new d("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new d("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new d("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new d("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new d("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},Q=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new d("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new d("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},w=t=>{let e=new Error("Cancelling current WebAuthn request");return e.name="AbortError",t.abort(e),new AbortController},D=new Error("User needs to be logged in to perform this operation.");var Ie=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),Se=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),u=t.charCodeAt(s++),l=i<<16|a<<8|u;r.push(e[l>>18&63]+e[l>>12&63]+e[l>>6&63]+e[l&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},Oe=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let u=r[a];if(u!==void 0)for(o=(o<<6)+u,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},p=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=Se(e);return Ie(s)},E=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=Oe(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},X=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),Z=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},x=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},ee=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},te=t=>{document.cookie=t},re=t=>{document.cookie=`${t}=; expires=${new Date}`};var j=class{config;service;abortController=new AbortController;constructor(e){this.config=e,this.service=new T({BASE:e.baseUrl})}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getUser(){if(!this.isLoggedIn())throw D;let e=x(this.getJwtCookie()||"{}");return{username:e.username,id:e.sub}}getJwtCookieName(){return`LoginID_${this.config.appId}_token`}setJwtCookie(e){let r=x(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;te(o)}getJwtCookie(){return ee(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){re(this.getJwtCookieName())}},y=j;var oe=require("ua-parser-js"),W=()=>({clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height}),xe=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function se(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function ne(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function ie(){let t=new oe.UAParser(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&xe(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var B=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:E(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:E(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:E(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?Y(o,s):o}},I=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:E(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:E(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?Q(o,s):o}};var V=class extends y{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e;this.abortController=w(this.abortController);let o=await B(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),l=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:p(u)},...l&&{transports:l}},session:s}}async registerWithPasskey(e,r={}){let s=W();r.usernameType||(r.usernameType="email"),r.token=this.getToken(r),r.token&&x(r.token).username!==e&&(r.token="");let o={app:{id:this.config.appId},deviceInfo:s,user:{username:e,usernameType:r.usernameType,...r.displayName&&{displayName:r.displayName}},...r.session&&{session:r.session}},n=await this.service.reg.regRegInit({requestBody:o,...r.token&&{authorization:r.token}}),i=await this.createNavigatorCredential(n),a=await this.service.reg.regRegComplete({requestBody:i});return this.setJwtCookie(a.jwtAccess),a}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e;r.abortSignal||(this.abortController=w(this.abortController),r.abortSignal=this.abortController.signal);let n=await I(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=W();r.usernameType||(r.usernameType="email");let o={app:{id:this.config.appId,...r.token&&{token:r.token}},deviceInfo:s,user:{username:e,usernameType:r.usernameType,...r.displayName&&{displayName:r.displayName}}},n=await this.service.auth.authAuthInit({requestBody:o}),i=await this.getNavigatorCredential(n,r),a=await this.service.auth.authAuthComplete({requestBody:i});return this.setJwtCookie(a.jwtAccess),a}async enablePasskeyAutofill(e={}){return e.autoFill=!0,await this.authenticateWithPasskey("",e)}async generateCodeWithPasskey(e,r={}){if(r.token=this.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async authenticateWithCode(e,r,s={}){s.usernameType||(s.usernameType="email");let o={authCode:r,user:{username:e,usernameType:s.usernameType}},n=await this.service.auth.authAuthCodeVerify({requestBody:o});return this.abortController=w(this.abortController),this.setJwtCookie(n.jwtAccess),n}async addPasskey(e,r={}){let s=this.getToken(r);if(!s)throw D;return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o={username:e,txPayload:r,nonce:s.nonce||X(),txType:s.txType||"raw"},{assertionOptions:n,session:i}=await this.service.tx.txTxInit({requestBody:o}),a={assertionOptions:n,session:i},{assertionResult:u}=await this.getNavigatorCredential(a),l={authenticatorData:u.authenticatorData,clientData:u.clientDataJSON,keyHandle:u.credentialId,session:i,signature:u.signature},m=await this.service.tx.txTxComplete({requestBody:l});return this.setJwtCookie(m.jwtAccess),m}},ae=V;var J=class extends y{constructor(e){super(e)}async listPasskeys(e={}){let r=this.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},ue=J;var N=class extends y{constructor(e){super(e)}};Z(N,[y,ae,ue]);var z=N;var U=class{static async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await I(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}static async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await B(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),l=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:p(u)},...l&&{transports:l}},session:s}}};var le={BASE:"https://api.loginid.io/fido2/v2",VERSION:"2.0",WITH_CREDENTIALS:!1,CREDENTIALS:"include",TOKEN:void 0,USERNAME:void 0,PASSWORD:void 0,HEADERS:void 0,ENCODE_PATH:void 0};var ve=z;0&&(module.exports={ApiError,AuthService,BaseHttpRequest,CancelError,CancelablePromise,LoginIDService,LoginIDWebSDK,MgmtService,OpenAPI,PasskeyError,PasskeysService,ProfileService,RegService,TxService,VersionService,WebAuthnHelper,createPasskeyCredential,doesDeviceSupportPasskeys,getPasskeyCredential,isConditionalUIAvailable,isPlatformAuthenticatorAvailable});
+"use strict";var _=Object.defineProperty;var Ie=Object.getOwnPropertyDescriptor;var Te=Object.getOwnPropertyNames;var Be=Object.prototype.hasOwnProperty;var Ee=(t,e)=>{for(var r in e)_(t,r,{get:e[r],enumerable:!0})},Oe=(t,e,r,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of Te(e))!Be.call(t,o)&&o!==r&&_(t,o,{get:()=>e[o],enumerable:!(s=Ie(e,o))||s.enumerable});return t};var xe=t=>Oe(_({},"__esModule",{value:!0}),t);var Je={};Ee(Je,{AbortError:()=>H,ApiError:()=>c,AuthService:()=>g,BaseHttpRequest:()=>h,CancelError:()=>k,CancelablePromise:()=>R,LoginIDService:()=>T,LoginIDWebSDK:()=>oe,MgmtService:()=>C,OpenAPI:()=>he,PasskeyError:()=>d,PasskeysService:()=>b,ProfileService:()=>P,RegService:()=>q,TxService:()=>A,VersionService:()=>I,WebAuthnHelper:()=>V,createPasskeyCredential:()=>E,default:()=>We,doesDeviceSupportPasskeys:()=>Pe,getPasskeyCredential:()=>O,isConditionalUIAvailable:()=>be,isPlatformAuthenticatorAvailable:()=>Ce});module.exports=xe(Je);var j=class{config;constructor(e){this.config=e}getAppId(){if(this.config.appId)return this.config.appId;let e=/https:\/\/([0-9a-fA-F-]+)\.api.*\.loginid\.io/,r=this.config.baseUrl.match(e);if(r)return r[1];throw new Error("Invalid LoginID base URL. App ID not found.")}},D=j;var W=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},d=W;var ne=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new d("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new d("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new d("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new d("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new d("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},ie=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new d("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new d("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},N=new Error("User needs to be logged in to perform this operation.");var Se=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),ke=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),u=t.charCodeAt(s++),p=i<<16|a<<8|u;r.push(e[p>>18&63]+e[p>>12&63]+e[p>>6&63]+e[p&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},ve=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let u=r[a];if(u!==void 0)for(o=(o<<6)+u,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},l=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=ke(e);return Se(s)},f=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=ve(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},ae=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),ue=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},S=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},pe=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},le=t=>{document.cookie=t},de=t=>{document.cookie=`${t}=; expires=${new Date}`};var J=class{config;constructor(e){this.config=new D(e)}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getUser(){if(!this.isLoggedIn())throw N;let e=S(this.getJwtCookie()||"{}");return{username:e.username,id:e.sub}}getJwtCookieName(){return`LoginID_${this.config.getAppId()}_token`}setJwtCookie(e){let r=S(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;le(o)}getJwtCookie(){return pe(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){de(this.getJwtCookieName())}},ce=J;var h=class{constructor(e){this.config=e}};var c=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var k=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},R=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new k("Request aborted"))}}get isCancelled(){return this.#e}};var z=t=>t!=null,v=t=>typeof t=="string",M=t=>v(t)&&t!=="",$=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),ye=t=>t instanceof FormData,we=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},De=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{z(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},Ne=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${De(e.query)}`:o},Ue=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{v(o)||$(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>z(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},U=async(t,e)=>typeof e=="function"?e(t):e,Le=async(t,e)=>{let[r,s,o,n]=await Promise.all([U(e,t.TOKEN),U(e,t.USERNAME),U(e,t.PASSWORD),U(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,u])=>z(u)).reduce((a,[u,p])=>({...a,[u]:String(p)}),{});if(M(r)&&(i.Authorization=`Bearer ${r}`),M(s)&&M(o)){let a=we(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:$(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":v(e.body)?i["Content-Type"]="text/plain":ye(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},He=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):v(t.body)||$(t.body)||ye(t.body)?t.body:JSON.stringify(t.body)},Fe=async(t,e,r,s,o,n,i)=>{let a=new AbortController,u={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(u.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,u)},Ke=(t,e)=>{if(e){let r=t.headers.get(e);if(v(r))return r}},Ve=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},_e=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new c(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new c(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},me=(t,e)=>new R(async(r,s,o)=>{try{let n=Ne(t,e),i=Ue(e),a=He(e),u=await Le(t,e);if(!o.isCancelled){let p=await Fe(t,e,n,a,i,u,o),x=await Ve(p),w=Ke(p,e.responseHeader),se={url:n,ok:p.ok,status:p.status,statusText:p.statusText,body:w??x};_e(e,se),r(se.body)}}catch(n){s(n)}});var L=class extends h{constructor(e){super(e)}request(e){return me(this.config,e)}};var g=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var C=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var b=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var P=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var I=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var T=class{auth;mgmt;passkeys;profile;reg;tx;version;request;constructor(e,r=L){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new g(this.request),this.mgmt=new C(this.request),this.passkeys=new b(this.request),this.profile=new P(this.request),this.reg=new q(this.request),this.tx=new A(this.request),this.version=new I(this.request)}};var G=class{config;service;session;constructor(e){this.config=new D(e),this.service=new T({BASE:e.baseUrl}),this.session=new ce(e)}},y=G;var Y=class extends Error{constructor(e){super(e),this.name="AbortError"}},H=Y;var Q=class t{static abortController=new AbortController;static renewWebAuthnAbortController=()=>{let e=new H("Cancelling current WebAuthn request");t.abortController.abort(e);let r=new AbortController;t.abortController=r}},B=Q;var m=(t,e)=>({...e,token:e.token||"",usernameType:e.usernameType||"email",displayName:e.displayName||t}),fe=(t,e)=>({...m(t,e),txType:e.txType||"raw",nonce:e.nonce||ae()});var X=class extends y{constructor(e){super(e)}async authenticateWithCode(e,r,s={}){let o=m(e,s),n={authCode:r,user:{username:e,usernameType:o.usernameType}},i=await this.service.auth.authAuthCodeVerify({requestBody:n});return B.renewWebAuthnAbortController(),this.session.setJwtCookie(i.jwtAccess),i}async sendCode(e,r="email",s={}){let o=m(e,s),n={user:{username:e,usernameType:o.usernameType}};switch(r){case"email":await this.service.auth.authAuthCodeRequestEmail({requestBody:n});break;case"sms":await this.service.auth.authAuthCodeRequestSms({requestBody:n});break;default:throw new Error("Invalid message method")}return null}},F=X;var he={BASE:"https://api.loginid.io/fido2/v2",VERSION:"2.0",WITH_CREDENTIALS:!1,CREDENTIALS:"include",TOKEN:void 0,USERNAME:void 0,PASSWORD:void 0,HEADERS:void 0,ENCODE_PATH:void 0};var Z=class extends y{constructor(e){super(e)}async verifyConfigSettings(){let e={isValid:!0};try{this.config.getAppId()}catch{return e.isValid=!1,e.solution="Please verify that your base URL is correct.",e.code="invalid_app_id",e.message="Invalid app ID",e}try{let r=m("",{}),s={app:{id:this.config.getAppId()},deviceInfo:{},user:{username:"",usernameType:r.usernameType}};await this.service.auth.authAuthInit({requestBody:s})}catch(r){return e.isValid=!1,e.solution="Verify that your application exists and the base URL is correct.",e.code="unknown_error",e.message="Unknown error.",r instanceof c&&(e.code=r.body.msgCode||"unknown_error",e.message=r.body.msg||r.body.message||"Unknown error."),e}return e}getUser(){return this.session.getUser()}isLoggedIn(){return this.session.isLoggedIn()}signout(){this.session.signout()}},Re=Z;var ge=require("ua-parser-js"),ee=()=>({clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height}),je=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function Ce(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function be(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function Pe(){let t=new ge.UAParser(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&je(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var E=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:f(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:f(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:f(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?ne(o,s):o}},O=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:f(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:f(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?ie(o,s):o}};var te=class extends F{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e;B.renewWebAuthnAbortController();let o=await E(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),p=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:l(n.attestationObject),clientDataJSON:l(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:l(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:l(u)},...p&&{transports:p}},session:s}}async registerWithPasskey(e,r={}){let s=ee(),o=m(e,r);r.token=this.session.getToken(r),r.token&&S(r.token).username!==e&&(r.token="");let n={app:{id:this.config.getAppId()},deviceInfo:s,user:{username:e,usernameType:o.usernameType,displayName:o.displayName},...r.session&&{session:r.session}},i=await this.service.reg.regRegInit({requestBody:n,...r.token&&{authorization:r.token}}),a=await this.createNavigatorCredential(i),u=await this.service.reg.regRegComplete({requestBody:a});return this.session.setJwtCookie(u.jwtAccess),u}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e;r.abortSignal||(B.renewWebAuthnAbortController(),r.abortSignal=B.abortController.signal);let n=await O(s,r),i=n.response;return{assertionResult:{authenticatorData:l(i.authenticatorData),clientDataJSON:l(i.clientDataJSON),credentialId:n.id,signature:l(i.signature),...i.userHandle&&{userHandle:l(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=ee(),o=m(e,r),n={app:{id:this.config.getAppId()},deviceInfo:s,user:{username:e,usernameType:o.usernameType}},i=await this.service.auth.authAuthInit({requestBody:n}),a=await this.getNavigatorCredential(i,r),u=await this.service.auth.authAuthComplete({requestBody:a});return this.session.setJwtCookie(u.jwtAccess),u}async enablePasskeyAutofill(e={}){return e.autoFill=!0,await this.authenticateWithPasskey("",e)}async generateCodeWithPasskey(e,r={}){if(r.token=this.session.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async addPasskey(e,r={}){let s=this.session.getToken(r);if(!s)throw N;return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o=fe(e,s),n={username:e,txPayload:r,nonce:o.nonce,txType:o.txType},{assertionOptions:i,session:a}=await this.service.tx.txTxInit({requestBody:n}),u={action:"proceed",affirmMethods:[],fallbackMethods:[],assertionOptions:i,session:a},{assertionResult:p}=await this.getNavigatorCredential(u),x={authenticatorData:p.authenticatorData,clientData:p.clientDataJSON,keyHandle:p.credentialId,session:a,signature:p.signature},w=await this.service.tx.txTxComplete({requestBody:x});return this.session.setJwtCookie(w.jwtAccess),w}},qe=te;var re=class extends y{constructor(e){super(e)}async listPasskeys(e={}){let r=this.session.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.session.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.session.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},Ae=re;var K=class extends y{constructor(e){super(e)}};ue(K,[y,qe,F,Ae,Re]);var oe=K;var V=class{static async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await O(s,r),i=n.response;return{assertionResult:{authenticatorData:l(i.authenticatorData),clientDataJSON:l(i.clientDataJSON),credentialId:n.id,signature:l(i.signature),...i.userHandle&&{userHandle:l(i.userHandle)}},session:o}}static async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await E(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),p=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:l(n.attestationObject),clientDataJSON:l(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:l(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:l(u)},...p&&{transports:p}},session:s}}};var We=oe;0&&(module.exports={AbortError,ApiError,AuthService,BaseHttpRequest,CancelError,CancelablePromise,LoginIDService,LoginIDWebSDK,MgmtService,OpenAPI,PasskeyError,PasskeysService,ProfileService,RegService,TxService,VersionService,WebAuthnHelper,createPasskeyCredential,doesDeviceSupportPasskeys,getPasskeyCredential,isConditionalUIAvailable,isPlatformAuthenticatorAvailable});
 //# sourceMappingURL=index.cjs.map

package/dist/index.d.cts CHANGED Viewed

@@ -175,15 +175,24 @@ type PublicKeyCredentialRequestOptions = {
 };
 type AuthInit = {
-    assertionOptions: PublicKeyCredentialRequestOptions;
     /**
-     * List of fallback methods (in priority order) available to this client.
+     * An action to be performed by the front-end to complete the authentication flow.
+     */
+    action: 'proceed' | 'affirm' | 'fallback';
+    /**
+     * List of cross authentication methods in the order of preference
      */
-    fallbackOptions?: Array<'otp:client' | 'otp:email' | 'otp:sms'>;
+    affirmMethods: Array<'otp' | 'otp:sms' | 'otp:email'>;
+    assertionOptions: PublicKeyCredentialRequestOptions;
     /**
-     * Match score of the device
+     * The list contains available fallback methods in the order of preference. The
+     * list is dynamic and shall not be cached. The default fallback mechanism is
+     * the one provided by CIAM but our system may provide additional ones as well.
+     * These methods may be enabled by customer via application configuration but
+     * they are disabled by default. The list may be empty which means no fallback
+     * is available and authentication flow shall terminate at this point.
      */
-    matchScore?: number;
+    fallbackMethods: Array<'ciam'>;
     /**
      * Type of passkey supported by the client.
      */
@@ -706,6 +715,10 @@ type PublicKeyCredentialCreationOptions = {
 };
 type RegInit = {
+    /**
+     * An action to be performed by the front-end to complete the registration flow.
+     */
+    action: 'proceed' | 'signIn' | 'fail';
     registrationRequestOptions: PublicKeyCredentialCreationOptions;
     /**
      * An opaque object containing session data.
@@ -934,9 +947,13 @@ type BadRequestError = {
     msgCode: string;
 };
+type Complete<T> = {
+    [P in keyof T]-?: T[P];
+};
 type UsernameType = User['usernameType'];
 type DeviceInfoRequestBody = DeviceInfo;
 type Transports = CreationResult['transports'];
+type Message = 'email' | 'sms';
 interface LoginIDConfig {
     baseUrl: string;
     appId: string;
@@ -966,6 +983,9 @@ interface ConfirmTransactionOptions extends PasskeyOptions {
     txType?: string;
     nonce?: string;
 }
+interface SendCodeOptions {
+    usernameType?: UsernameType;
+}
 interface PasskeyResult {
     jwtAccess: string;
     deviceID?: string;
@@ -974,6 +994,79 @@ interface LoginIDUser {
     username: string;
     id: string;
 }
+interface VerifyConfigResult {
+    isValid: boolean;
+    solution?: string;
+    message?: string;
+    code?: string;
+}
+declare class SessionManager {
+    /**
+     * Holds the configuration settings for the LoginID integration, including API base URL.
+     */
+    private config;
+    /**
+     * Initializes a new instance of SessionManager with the provided configuration.
+     * @param {LoginIDConfig} config Configuration object for LoginID.
+     */
+    constructor(config: LoginIDConfig);
+    /**
+     * Retrieves the authentication token from the provided options or from cookies if not available in options.
+     * @param {PasskeyOptions} options Options containing the token.
+     * @returns {string} The authentication token.
+     */
+    getToken(options: PasskeyOptions): string;
+    /**
+     * Retrieves the currently authenticated user's information.
+     * @returns {LoginIDUser} The currently authenticated user's information, including username and id.
+     * @throws {Error} If the user is not logged in, throws USER_NO_OP_ERROR.
+     */
+    getUser(): LoginIDUser;
+    /**
+     *
+     * @returns {string} The name of the cookie
+     */
+    getJwtCookieName(): string;
+    /**
+     * Set jwt token to local Cookie
+     * @param {string} jwt Configuration object for LoginID API, including the base URL.
+     */
+    setJwtCookie(jwt: string): void;
+    /**
+     * Retrieves the JWT access token.
+     * @returns {string | undefined} The JWT access token.
+     */
+    getJwtCookie(): string | undefined;
+    /**
+     * checks if the user is logged in.
+     * @returns {boolean}
+     */
+    isLoggedIn(): boolean;
+    /**
+     * deletes the jwt cookie.
+     * @returns {boolean}
+     */
+    signout(): void;
+}
+declare class LoginIDConfigValidator {
+    /**
+     * Holds the configuration settings for the LoginID integration, including API base URL and optional app ID.
+     */
+    private readonly config;
+    /**
+     * Constructs a new instance of the LoginIDConfigValidator class, initializing with the provided configuration.
+     * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL and optional app ID.
+     */
+    constructor(config: LoginIDConfig);
+    /**
+     * Retrieves the application ID from the configuration or extracts it from the base URL if not provided.
+     * @returns {string} The application ID.
+     * @throws {Error} If the app ID is not found in the configuration or the base URL, throws an error.
+     */
+    getAppId(): string;
+}
 /**
  * Provides a base class for integrating with the LoginID API services.
@@ -983,43 +1076,66 @@ declare class LoginIDBase {
     /**
      * Holds the configuration settings for the LoginID integration, including API base URL.
      */
-    protected readonly config: LoginIDConfig;
+    protected readonly config: LoginIDConfigValidator;
     /**
      * Instance of LoginIDService, providing access to the LoginID API methods.
      */
     protected readonly service: LoginIDService;
     /**
-     * AbortController to manage the lifecycle of asynchronous WebAuthn requests,
-     * allowing them to be cancelled when another request needs to be made.
+     * Instance of SessionManager, providing access to the session management methods.
      */
-    protected abortController: AbortController;
+    readonly session: SessionManager;
     /**
      * Constructs a new instance of the LoginIDBase class, initializing the service with the provided configuration.
      * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL.
      */
     constructor(config: LoginIDConfig);
-    protected getToken(options: PasskeyOptions): string;
+}
+/**
+ * Extends LoginIDBase to support OTP codes.
+ */
+declare class Code extends LoginIDBase {
     /**
-   * Retrieves the currently authenticated user's information.
-   * @returns {LoginIDUser} The currently authenticated user's information, including username and id.
-   * @throws {Error} If the user is not logged in, throws USER_NO_OP_ERROR.
-   */
-    getUser(): LoginIDUser;
+     * Initializes a new instance of Code with the provided configuration.
+     * @param {LoginIDConfig} config Configuration object for LoginID.
+     */
+    constructor(config: LoginIDConfig);
     /**
-     *
-     * @returns {string} The name of the cookie
+     * Authenticate with a code.
+     * @param {string} username Username to authenticate.
+     * @param {string} code code to authenticate.
+     * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
+     * @returns {Promise<PasskeyResult>} Result of the authentication operation.
      */
-    getJwtCookieName(): string;
+    authenticateWithCode(username: string, code: string, options?: AuthenticateWithPasskeysOptions): Promise<PasskeyResult>;
     /**
-     * Set jwt token to localstorage
-     * @param {string} jwt Configuration object for LoginID API, including the base URL.
+     * Send a code to the user via the specified method.
+     * @param {string} username Username to send the code to.
+     * @param {Message} method Method to send the code, either 'email' or 'sms'. Default is 'email'.
+     * @param {SendCodeOptions} options Additional options for sending the code.
+     * @returns {Promise<null>} A promise that resolves to null upon successful completion.
      */
-    setJwtCookie(jwt: string): void;
+    sendCode(username: string, method?: Message, options?: SendCodeOptions): Promise<null>;
+}
+declare class Utils extends LoginIDBase {
     /**
-     * Retrieves the JWT access token.
-     * @returns {string | undefined} The JWT access token.
+     * Initializes a new Utils instance with the provided configuration.
+     * @param {LoginIDConfig} config Configuration object for LoginID.
      */
-    getJwtCookie(): string | undefined;
+    constructor(config: LoginIDConfig);
+    /**
+     * Verifies the configuration settings of the application.
+     * @returns {Promise<VerifyConfigResult>} The result of the verification process.
+     */
+    verifyConfigSettings(): Promise<VerifyConfigResult>;
+    /**
+     * Retrieves the currently authenticated user's information.
+     * @returns {LoginIDUser} The currently authenticated user's information, including username and id.
+     * @throws {Error} If the user is not logged in, throws USER_NO_OP_ERROR.
+     */
+    getUser(): LoginIDUser;
     /**
      * checks if the user is logged in.
      * @returns {boolean}
@@ -1035,7 +1151,7 @@ declare class LoginIDBase {
 /**
  * Extends LoginIDBase to support creation, registration, and authentication of passkeys.
  */
-declare class Passkeys extends LoginIDBase {
+declare class Passkeys extends Code {
     /**
      * Initializes a new Passkeys instance with the provided configuration.
      * @param {LoginIDConfig} config Configuration object for LoginID.
@@ -1069,7 +1185,7 @@ declare class Passkeys extends LoginIDBase {
      */
     authenticateWithPasskey(username?: string, options?: AuthenticateWithPasskeysOptions): Promise<PasskeyResult>;
     /**
-     * Authenticates a user with condtional UI (passkey autofill).
+     * Authenticates a user with conditional UI (passkey autofill).
      * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
      * @returns {Promise<any>} Result of the authentication operation.
      */
@@ -1081,14 +1197,6 @@ declare class Passkeys extends LoginIDBase {
      * @returns {Promise<AuthCode>} Code and expiry.
      */
     generateCodeWithPasskey(username: string, options?: AuthenticateWithPasskeysOptions): Promise<AuthCode>;
-    /**
-     * Authenticate with a code.
-     * @param {string} username Username to authenticate.
-     * @param {string} code code to authenticate.
-     * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
-     * @returns {Promise<any>} Result of the authentication operation.
-     */
-    authenticateWithCode(username: string, code: string, options?: AuthenticateWithPasskeysOptions): Promise<JWT>;
     /**
      * Add passkey
      * @param username Username to authenticate.
@@ -1155,12 +1263,25 @@ declare class PasskeyManager extends LoginIDBase {
     deletePasskey(id: string, options?: DeletePasskeyOptions): Promise<null>;
 }
-interface LoginIDWebSDK extends Passkeys, PasskeyManager {
+interface LoginIDWebSDK extends Passkeys, Code, PasskeyManager, Utils {
 }
 declare class LoginIDWebSDK extends LoginIDBase {
     constructor(config: LoginIDConfig);
 }
+/**
+ * Error class for abort-related errors.
+ */
+declare class AbortError extends Error {
+    /**
+     * Initializes a new instance of AbortError with the provided message.
+     *
+     * @type {Error}
+     * @memberof AbortError
+     */
+    constructor(message: string);
+}
 type PasskeyErrorCode = 'ERROR_PASSKEY_ABORTED' | 'ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED' | 'ERROR_USER_VERIFICATION_UNSUPPORTED' | 'ERROR_PASSKEY_EXISTS' | 'ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD' | 'ERROR_ALGORITHMS_UNSUPPORTED' | 'ERROR_DOMAIN_MISMATCH' | 'ERROR_AUTHENTICATOR_UNKNOWN_ERROR';
 /**
@@ -1227,4 +1348,4 @@ interface DoesDeviceSupportPasskeysResponse {
  */
 declare function doesDeviceSupportPasskeys(): Promise<DoesDeviceSupportPasskeysResponse>;
-export { ApiError, type Application, type AuthCode, type AuthCodeRequestSMSRequestBody, type AuthCodeVerifyRequestBody, type AuthCompleteRequestBody, type AuthInit, type AuthInitRequestBody, AuthService, type AuthenticateWithPasskeysOptions, type AuthenticatorAssertionResponse, type AuthenticatorSelectionCriteria, type BadRequestError, BaseHttpRequest, CancelError, CancelablePromise, type ConfirmTransactionOptions, type CreationResult, type DeletePasskeyOptions, type DeviceInfo, type DeviceInfoRequestBody, type DoesDeviceSupportPasskeysResponse, type GrantCreateRequestBody, type GrantCreateResponseBody, type JWT, type ListPasskeysOptions, type LoginIDConfig, LoginIDService, type LoginIDUser, LoginIDWebSDK, MgmtService, OpenAPI, type OpenAPIConfig, type Passkey, type PasskeyCollection, PasskeyError, type PasskeyManagementOptions, type PasskeyOptions, type PasskeyRenameRequestBody, type PasskeyResult, PasskeysService, type ProfileEmailUpdateRequestBody, type ProfilePhoneUpdateRequestBody, type ProfilePhoneVerifyRequestBody, ProfileService, type PubKeyCredentialDescriptor, type PublicKeyCredentialCreationOptions, type PublicKeyCredentialParameters, type PublicKeyCredentialRequestOptions, type PublicKeyCredentialRpEntity, type PublicKeyCredentialUserEntity, type RegCompleteRequestBody, type RegInit, type RegInitRequestBody, RegService, type RegisterWithPasskeyOptions, type RenamePasskeyOptions, type TokenVerifyRequestBody, type Transports, type TxComplete, type TxCompleteRequestBody, type TxInit, type TxInitRequestBody, TxService, type User, type UserLogin, type UsernameType, type Version, VersionService, WebAuthnHelper, createPasskeyCredential, LoginIDWebSDK as default, doesDeviceSupportPasskeys, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };
+export { AbortError, ApiError, type Application, type AuthCode, type AuthCodeRequestSMSRequestBody, type AuthCodeVerifyRequestBody, type AuthCompleteRequestBody, type AuthInit, type AuthInitRequestBody, AuthService, type AuthenticateWithPasskeysOptions, type AuthenticatorAssertionResponse, type AuthenticatorSelectionCriteria, type BadRequestError, BaseHttpRequest, CancelError, CancelablePromise, type Complete, type ConfirmTransactionOptions, type CreationResult, type DeletePasskeyOptions, type DeviceInfo, type DeviceInfoRequestBody, type DoesDeviceSupportPasskeysResponse, type GrantCreateRequestBody, type GrantCreateResponseBody, type JWT, type ListPasskeysOptions, type LoginIDConfig, LoginIDService, type LoginIDUser, LoginIDWebSDK, type Message, MgmtService, OpenAPI, type OpenAPIConfig, type Passkey, type PasskeyCollection, PasskeyError, type PasskeyManagementOptions, type PasskeyOptions, type PasskeyRenameRequestBody, type PasskeyResult, PasskeysService, type ProfileEmailUpdateRequestBody, type ProfilePhoneUpdateRequestBody, type ProfilePhoneVerifyRequestBody, ProfileService, type PubKeyCredentialDescriptor, type PublicKeyCredentialCreationOptions, type PublicKeyCredentialParameters, type PublicKeyCredentialRequestOptions, type PublicKeyCredentialRpEntity, type PublicKeyCredentialUserEntity, type RegCompleteRequestBody, type RegInit, type RegInitRequestBody, RegService, type RegisterWithPasskeyOptions, type RenamePasskeyOptions, type SendCodeOptions, type TokenVerifyRequestBody, type Transports, type TxComplete, type TxCompleteRequestBody, type TxInit, type TxInitRequestBody, TxService, type User, type UserLogin, type UsernameType, type VerifyConfigResult, type Version, VersionService, WebAuthnHelper, createPasskeyCredential, LoginIDWebSDK as default, doesDeviceSupportPasskeys, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };

package/dist/index.d.ts CHANGED Viewed

@@ -175,15 +175,24 @@ type PublicKeyCredentialRequestOptions = {
 };
 type AuthInit = {
-    assertionOptions: PublicKeyCredentialRequestOptions;
     /**
-     * List of fallback methods (in priority order) available to this client.
+     * An action to be performed by the front-end to complete the authentication flow.
+     */
+    action: 'proceed' | 'affirm' | 'fallback';
+    /**
+     * List of cross authentication methods in the order of preference
      */
-    fallbackOptions?: Array<'otp:client' | 'otp:email' | 'otp:sms'>;
+    affirmMethods: Array<'otp' | 'otp:sms' | 'otp:email'>;
+    assertionOptions: PublicKeyCredentialRequestOptions;
     /**
-     * Match score of the device
+     * The list contains available fallback methods in the order of preference. The
+     * list is dynamic and shall not be cached. The default fallback mechanism is
+     * the one provided by CIAM but our system may provide additional ones as well.
+     * These methods may be enabled by customer via application configuration but
+     * they are disabled by default. The list may be empty which means no fallback
+     * is available and authentication flow shall terminate at this point.
      */
-    matchScore?: number;
+    fallbackMethods: Array<'ciam'>;
     /**
      * Type of passkey supported by the client.
      */
@@ -706,6 +715,10 @@ type PublicKeyCredentialCreationOptions = {
 };
 type RegInit = {
+    /**
+     * An action to be performed by the front-end to complete the registration flow.
+     */
+    action: 'proceed' | 'signIn' | 'fail';
     registrationRequestOptions: PublicKeyCredentialCreationOptions;
     /**
      * An opaque object containing session data.
@@ -934,9 +947,13 @@ type BadRequestError = {
     msgCode: string;
 };
+type Complete<T> = {
+    [P in keyof T]-?: T[P];
+};
 type UsernameType = User['usernameType'];
 type DeviceInfoRequestBody = DeviceInfo;
 type Transports = CreationResult['transports'];
+type Message = 'email' | 'sms';
 interface LoginIDConfig {
     baseUrl: string;
     appId: string;
@@ -966,6 +983,9 @@ interface ConfirmTransactionOptions extends PasskeyOptions {
     txType?: string;
     nonce?: string;
 }
+interface SendCodeOptions {
+    usernameType?: UsernameType;
+}
 interface PasskeyResult {
     jwtAccess: string;
     deviceID?: string;
@@ -974,6 +994,79 @@ interface LoginIDUser {
     username: string;
     id: string;
 }
+interface VerifyConfigResult {
+    isValid: boolean;
+    solution?: string;
+    message?: string;
+    code?: string;
+}
+declare class SessionManager {
+    /**
+     * Holds the configuration settings for the LoginID integration, including API base URL.
+     */
+    private config;
+    /**
+     * Initializes a new instance of SessionManager with the provided configuration.
+     * @param {LoginIDConfig} config Configuration object for LoginID.
+     */
+    constructor(config: LoginIDConfig);
+    /**
+     * Retrieves the authentication token from the provided options or from cookies if not available in options.
+     * @param {PasskeyOptions} options Options containing the token.
+     * @returns {string} The authentication token.
+     */
+    getToken(options: PasskeyOptions): string;
+    /**
+     * Retrieves the currently authenticated user's information.
+     * @returns {LoginIDUser} The currently authenticated user's information, including username and id.
+     * @throws {Error} If the user is not logged in, throws USER_NO_OP_ERROR.
+     */
+    getUser(): LoginIDUser;
+    /**
+     *
+     * @returns {string} The name of the cookie
+     */
+    getJwtCookieName(): string;
+    /**
+     * Set jwt token to local Cookie
+     * @param {string} jwt Configuration object for LoginID API, including the base URL.
+     */
+    setJwtCookie(jwt: string): void;
+    /**
+     * Retrieves the JWT access token.
+     * @returns {string | undefined} The JWT access token.
+     */
+    getJwtCookie(): string | undefined;
+    /**
+     * checks if the user is logged in.
+     * @returns {boolean}
+     */
+    isLoggedIn(): boolean;
+    /**
+     * deletes the jwt cookie.
+     * @returns {boolean}
+     */
+    signout(): void;
+}
+declare class LoginIDConfigValidator {
+    /**
+     * Holds the configuration settings for the LoginID integration, including API base URL and optional app ID.
+     */
+    private readonly config;
+    /**
+     * Constructs a new instance of the LoginIDConfigValidator class, initializing with the provided configuration.
+     * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL and optional app ID.
+     */
+    constructor(config: LoginIDConfig);
+    /**
+     * Retrieves the application ID from the configuration or extracts it from the base URL if not provided.
+     * @returns {string} The application ID.
+     * @throws {Error} If the app ID is not found in the configuration or the base URL, throws an error.
+     */
+    getAppId(): string;
+}
 /**
  * Provides a base class for integrating with the LoginID API services.
@@ -983,43 +1076,66 @@ declare class LoginIDBase {
     /**
      * Holds the configuration settings for the LoginID integration, including API base URL.
      */
-    protected readonly config: LoginIDConfig;
+    protected readonly config: LoginIDConfigValidator;
     /**
      * Instance of LoginIDService, providing access to the LoginID API methods.
      */
     protected readonly service: LoginIDService;
     /**
-     * AbortController to manage the lifecycle of asynchronous WebAuthn requests,
-     * allowing them to be cancelled when another request needs to be made.
+     * Instance of SessionManager, providing access to the session management methods.
      */
-    protected abortController: AbortController;
+    readonly session: SessionManager;
     /**
      * Constructs a new instance of the LoginIDBase class, initializing the service with the provided configuration.
      * @param {LoginIDConfig} config Configuration object for LoginID API, including the base URL.
      */
     constructor(config: LoginIDConfig);
-    protected getToken(options: PasskeyOptions): string;
+}
+/**
+ * Extends LoginIDBase to support OTP codes.
+ */
+declare class Code extends LoginIDBase {
     /**
-   * Retrieves the currently authenticated user's information.
-   * @returns {LoginIDUser} The currently authenticated user's information, including username and id.
-   * @throws {Error} If the user is not logged in, throws USER_NO_OP_ERROR.
-   */
-    getUser(): LoginIDUser;
+     * Initializes a new instance of Code with the provided configuration.
+     * @param {LoginIDConfig} config Configuration object for LoginID.
+     */
+    constructor(config: LoginIDConfig);
     /**
-     *
-     * @returns {string} The name of the cookie
+     * Authenticate with a code.
+     * @param {string} username Username to authenticate.
+     * @param {string} code code to authenticate.
+     * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
+     * @returns {Promise<PasskeyResult>} Result of the authentication operation.
      */
-    getJwtCookieName(): string;
+    authenticateWithCode(username: string, code: string, options?: AuthenticateWithPasskeysOptions): Promise<PasskeyResult>;
     /**
-     * Set jwt token to localstorage
-     * @param {string} jwt Configuration object for LoginID API, including the base URL.
+     * Send a code to the user via the specified method.
+     * @param {string} username Username to send the code to.
+     * @param {Message} method Method to send the code, either 'email' or 'sms'. Default is 'email'.
+     * @param {SendCodeOptions} options Additional options for sending the code.
+     * @returns {Promise<null>} A promise that resolves to null upon successful completion.
      */
-    setJwtCookie(jwt: string): void;
+    sendCode(username: string, method?: Message, options?: SendCodeOptions): Promise<null>;
+}
+declare class Utils extends LoginIDBase {
     /**
-     * Retrieves the JWT access token.
-     * @returns {string | undefined} The JWT access token.
+     * Initializes a new Utils instance with the provided configuration.
+     * @param {LoginIDConfig} config Configuration object for LoginID.
      */
-    getJwtCookie(): string | undefined;
+    constructor(config: LoginIDConfig);
+    /**
+     * Verifies the configuration settings of the application.
+     * @returns {Promise<VerifyConfigResult>} The result of the verification process.
+     */
+    verifyConfigSettings(): Promise<VerifyConfigResult>;
+    /**
+     * Retrieves the currently authenticated user's information.
+     * @returns {LoginIDUser} The currently authenticated user's information, including username and id.
+     * @throws {Error} If the user is not logged in, throws USER_NO_OP_ERROR.
+     */
+    getUser(): LoginIDUser;
     /**
      * checks if the user is logged in.
      * @returns {boolean}
@@ -1035,7 +1151,7 @@ declare class LoginIDBase {
 /**
  * Extends LoginIDBase to support creation, registration, and authentication of passkeys.
  */
-declare class Passkeys extends LoginIDBase {
+declare class Passkeys extends Code {
     /**
      * Initializes a new Passkeys instance with the provided configuration.
      * @param {LoginIDConfig} config Configuration object for LoginID.
@@ -1069,7 +1185,7 @@ declare class Passkeys extends LoginIDBase {
      */
     authenticateWithPasskey(username?: string, options?: AuthenticateWithPasskeysOptions): Promise<PasskeyResult>;
     /**
-     * Authenticates a user with condtional UI (passkey autofill).
+     * Authenticates a user with conditional UI (passkey autofill).
      * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
      * @returns {Promise<any>} Result of the authentication operation.
      */
@@ -1081,14 +1197,6 @@ declare class Passkeys extends LoginIDBase {
      * @returns {Promise<AuthCode>} Code and expiry.
      */
     generateCodeWithPasskey(username: string, options?: AuthenticateWithPasskeysOptions): Promise<AuthCode>;
-    /**
-     * Authenticate with a code.
-     * @param {string} username Username to authenticate.
-     * @param {string} code code to authenticate.
-     * @param {AuthenticateWithPasskeysOptions} options Additional authentication options.
-     * @returns {Promise<any>} Result of the authentication operation.
-     */
-    authenticateWithCode(username: string, code: string, options?: AuthenticateWithPasskeysOptions): Promise<JWT>;
     /**
      * Add passkey
      * @param username Username to authenticate.
@@ -1155,12 +1263,25 @@ declare class PasskeyManager extends LoginIDBase {
     deletePasskey(id: string, options?: DeletePasskeyOptions): Promise<null>;
 }
-interface LoginIDWebSDK extends Passkeys, PasskeyManager {
+interface LoginIDWebSDK extends Passkeys, Code, PasskeyManager, Utils {
 }
 declare class LoginIDWebSDK extends LoginIDBase {
     constructor(config: LoginIDConfig);
 }
+/**
+ * Error class for abort-related errors.
+ */
+declare class AbortError extends Error {
+    /**
+     * Initializes a new instance of AbortError with the provided message.
+     *
+     * @type {Error}
+     * @memberof AbortError
+     */
+    constructor(message: string);
+}
 type PasskeyErrorCode = 'ERROR_PASSKEY_ABORTED' | 'ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED' | 'ERROR_USER_VERIFICATION_UNSUPPORTED' | 'ERROR_PASSKEY_EXISTS' | 'ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD' | 'ERROR_ALGORITHMS_UNSUPPORTED' | 'ERROR_DOMAIN_MISMATCH' | 'ERROR_AUTHENTICATOR_UNKNOWN_ERROR';
 /**
@@ -1227,4 +1348,4 @@ interface DoesDeviceSupportPasskeysResponse {
  */
 declare function doesDeviceSupportPasskeys(): Promise<DoesDeviceSupportPasskeysResponse>;
-export { ApiError, type Application, type AuthCode, type AuthCodeRequestSMSRequestBody, type AuthCodeVerifyRequestBody, type AuthCompleteRequestBody, type AuthInit, type AuthInitRequestBody, AuthService, type AuthenticateWithPasskeysOptions, type AuthenticatorAssertionResponse, type AuthenticatorSelectionCriteria, type BadRequestError, BaseHttpRequest, CancelError, CancelablePromise, type ConfirmTransactionOptions, type CreationResult, type DeletePasskeyOptions, type DeviceInfo, type DeviceInfoRequestBody, type DoesDeviceSupportPasskeysResponse, type GrantCreateRequestBody, type GrantCreateResponseBody, type JWT, type ListPasskeysOptions, type LoginIDConfig, LoginIDService, type LoginIDUser, LoginIDWebSDK, MgmtService, OpenAPI, type OpenAPIConfig, type Passkey, type PasskeyCollection, PasskeyError, type PasskeyManagementOptions, type PasskeyOptions, type PasskeyRenameRequestBody, type PasskeyResult, PasskeysService, type ProfileEmailUpdateRequestBody, type ProfilePhoneUpdateRequestBody, type ProfilePhoneVerifyRequestBody, ProfileService, type PubKeyCredentialDescriptor, type PublicKeyCredentialCreationOptions, type PublicKeyCredentialParameters, type PublicKeyCredentialRequestOptions, type PublicKeyCredentialRpEntity, type PublicKeyCredentialUserEntity, type RegCompleteRequestBody, type RegInit, type RegInitRequestBody, RegService, type RegisterWithPasskeyOptions, type RenamePasskeyOptions, type TokenVerifyRequestBody, type Transports, type TxComplete, type TxCompleteRequestBody, type TxInit, type TxInitRequestBody, TxService, type User, type UserLogin, type UsernameType, type Version, VersionService, WebAuthnHelper, createPasskeyCredential, LoginIDWebSDK as default, doesDeviceSupportPasskeys, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };
+export { AbortError, ApiError, type Application, type AuthCode, type AuthCodeRequestSMSRequestBody, type AuthCodeVerifyRequestBody, type AuthCompleteRequestBody, type AuthInit, type AuthInitRequestBody, AuthService, type AuthenticateWithPasskeysOptions, type AuthenticatorAssertionResponse, type AuthenticatorSelectionCriteria, type BadRequestError, BaseHttpRequest, CancelError, CancelablePromise, type Complete, type ConfirmTransactionOptions, type CreationResult, type DeletePasskeyOptions, type DeviceInfo, type DeviceInfoRequestBody, type DoesDeviceSupportPasskeysResponse, type GrantCreateRequestBody, type GrantCreateResponseBody, type JWT, type ListPasskeysOptions, type LoginIDConfig, LoginIDService, type LoginIDUser, LoginIDWebSDK, type Message, MgmtService, OpenAPI, type OpenAPIConfig, type Passkey, type PasskeyCollection, PasskeyError, type PasskeyManagementOptions, type PasskeyOptions, type PasskeyRenameRequestBody, type PasskeyResult, PasskeysService, type ProfileEmailUpdateRequestBody, type ProfilePhoneUpdateRequestBody, type ProfilePhoneVerifyRequestBody, ProfileService, type PubKeyCredentialDescriptor, type PublicKeyCredentialCreationOptions, type PublicKeyCredentialParameters, type PublicKeyCredentialRequestOptions, type PublicKeyCredentialRpEntity, type PublicKeyCredentialUserEntity, type RegCompleteRequestBody, type RegInit, type RegInitRequestBody, RegService, type RegisterWithPasskeyOptions, type RenamePasskeyOptions, type SendCodeOptions, type TokenVerifyRequestBody, type Transports, type TxComplete, type TxCompleteRequestBody, type TxInit, type TxInitRequestBody, TxService, type User, type UserLogin, type UsernameType, type VerifyConfigResult, type Version, VersionService, WebAuthnHelper, createPasskeyCredential, LoginIDWebSDK as default, doesDeviceSupportPasskeys, getPasskeyCredential, isConditionalUIAvailable, isPlatformAuthenticatorAvailable };

package/dist/index.js CHANGED Viewed

@@ -1,2 +1,2 @@
-var f=class{constructor(e){this.config=e}};var c=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var x=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},R=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new x("Request aborted"))}}get isCancelled(){return this.#e}};var H=t=>t!=null,g=t=>typeof t=="string",U=t=>g(t)&&t!=="",F=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),z=t=>t instanceof FormData,ne=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},ie=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{H(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},ae=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${ie(e.query)}`:o},ue=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{g(o)||F(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>H(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},v=async(t,e)=>typeof e=="function"?e(t):e,le=async(t,e)=>{let[r,s,o,n]=await Promise.all([v(e,t.TOKEN),v(e,t.USERNAME),v(e,t.PASSWORD),v(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,u])=>H(u)).reduce((a,[u,l])=>({...a,[u]:String(l)}),{});if(U(r)&&(i.Authorization=`Bearer ${r}`),U(s)&&U(o)){let a=ne(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:F(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":g(e.body)?i["Content-Type"]="text/plain":z(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},pe=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):g(t.body)||F(t.body)||z(t.body)?t.body:JSON.stringify(t.body)},de=async(t,e,r,s,o,n,i)=>{let a=new AbortController,u={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(u.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,u)},ce=(t,e)=>{if(e){let r=t.headers.get(e);if(g(r))return r}},ye=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},me=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new c(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new c(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},M=(t,e)=>new R(async(r,s,o)=>{try{let n=ae(t,e),i=ue(e),a=pe(e),u=await le(t,e);if(!o.isCancelled){let l=await de(t,e,n,a,i,u,o),m=await ye(l),se=ce(l,e.responseHeader),J={url:n,ok:l.ok,status:l.status,statusText:l.statusText,body:se??m};me(e,J),r(J.body)}}catch(n){s(n)}});var k=class extends f{constructor(e){super(e)}request(e){return M(this.config,e)}};var C=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var b=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var P=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var T=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var E=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var B=class{auth;mgmt;passkeys;profile;reg;tx;version;request;constructor(e,r=k){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new C(this.request),this.mgmt=new b(this.request),this.passkeys=new P(this.request),this.profile=new q(this.request),this.reg=new A(this.request),this.tx=new T(this.request),this.version=new E(this.request)}};var K=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},d=K;var $=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new d("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new d("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new d("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new d("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new d("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},G=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new d("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new d("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},w=t=>{let e=new Error("Cancelling current WebAuthn request");return e.name="AbortError",t.abort(e),new AbortController},D=new Error("User needs to be logged in to perform this operation.");var he=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),fe=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),u=t.charCodeAt(s++),l=i<<16|a<<8|u;r.push(e[l>>18&63]+e[l>>12&63]+e[l>>6&63]+e[l&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},Re=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let u=r[a];if(u!==void 0)for(o=(o<<6)+u,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},p=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=fe(e);return he(s)},h=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=Re(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},Y=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),Q=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},I=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},X=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},Z=t=>{document.cookie=t},ee=t=>{document.cookie=`${t}=; expires=${new Date}`};var L=class{config;service;abortController=new AbortController;constructor(e){this.config=e,this.service=new B({BASE:e.baseUrl})}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getUser(){if(!this.isLoggedIn())throw D;let e=I(this.getJwtCookie()||"{}");return{username:e.username,id:e.sub}}getJwtCookieName(){return`LoginID_${this.config.appId}_token`}setJwtCookie(e){let r=I(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;Z(o)}getJwtCookie(){return X(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){ee(this.getJwtCookieName())}},y=L;import{UAParser as ge}from"ua-parser-js";var _=()=>({clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height}),Ce=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function be(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function Pe(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function qe(){let t=new ge(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&Ce(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var S=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:h(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:h(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?$(o,s):o}},O=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:h(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?G(o,s):o}};var j=class extends y{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e;this.abortController=w(this.abortController);let o=await S(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),l=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:p(u)},...l&&{transports:l}},session:s}}async registerWithPasskey(e,r={}){let s=_();r.usernameType||(r.usernameType="email"),r.token=this.getToken(r),r.token&&I(r.token).username!==e&&(r.token="");let o={app:{id:this.config.appId},deviceInfo:s,user:{username:e,usernameType:r.usernameType,...r.displayName&&{displayName:r.displayName}},...r.session&&{session:r.session}},n=await this.service.reg.regRegInit({requestBody:o,...r.token&&{authorization:r.token}}),i=await this.createNavigatorCredential(n),a=await this.service.reg.regRegComplete({requestBody:i});return this.setJwtCookie(a.jwtAccess),a}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e;r.abortSignal||(this.abortController=w(this.abortController),r.abortSignal=this.abortController.signal);let n=await O(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=_();r.usernameType||(r.usernameType="email");let o={app:{id:this.config.appId,...r.token&&{token:r.token}},deviceInfo:s,user:{username:e,usernameType:r.usernameType,...r.displayName&&{displayName:r.displayName}}},n=await this.service.auth.authAuthInit({requestBody:o}),i=await this.getNavigatorCredential(n,r),a=await this.service.auth.authAuthComplete({requestBody:i});return this.setJwtCookie(a.jwtAccess),a}async enablePasskeyAutofill(e={}){return e.autoFill=!0,await this.authenticateWithPasskey("",e)}async generateCodeWithPasskey(e,r={}){if(r.token=this.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async authenticateWithCode(e,r,s={}){s.usernameType||(s.usernameType="email");let o={authCode:r,user:{username:e,usernameType:s.usernameType}},n=await this.service.auth.authAuthCodeVerify({requestBody:o});return this.abortController=w(this.abortController),this.setJwtCookie(n.jwtAccess),n}async addPasskey(e,r={}){let s=this.getToken(r);if(!s)throw D;return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o={username:e,txPayload:r,nonce:s.nonce||Y(),txType:s.txType||"raw"},{assertionOptions:n,session:i}=await this.service.tx.txTxInit({requestBody:o}),a={assertionOptions:n,session:i},{assertionResult:u}=await this.getNavigatorCredential(a),l={authenticatorData:u.authenticatorData,clientData:u.clientDataJSON,keyHandle:u.credentialId,session:i,signature:u.signature},m=await this.service.tx.txTxComplete({requestBody:l});return this.setJwtCookie(m.jwtAccess),m}},te=j;var W=class extends y{constructor(e){super(e)}async listPasskeys(e={}){let r=this.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},re=W;var N=class extends y{constructor(e){super(e)}};Q(N,[y,te,re]);var oe=N;var V=class{static async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await O(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}static async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await S(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),l=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:p(u)},...l&&{transports:l}},session:s}}};var Ae={BASE:"https://api.loginid.io/fido2/v2",VERSION:"2.0",WITH_CREDENTIALS:!1,CREDENTIALS:"include",TOKEN:void 0,USERNAME:void 0,PASSWORD:void 0,HEADERS:void 0,ENCODE_PATH:void 0};var $t=oe;export{c as ApiError,C as AuthService,f as BaseHttpRequest,x as CancelError,R as CancelablePromise,B as LoginIDService,oe as LoginIDWebSDK,b as MgmtService,Ae as OpenAPI,d as PasskeyError,P as PasskeysService,q as ProfileService,A as RegService,T as TxService,E as VersionService,V as WebAuthnHelper,S as createPasskeyCredential,$t as default,qe as doesDeviceSupportPasskeys,O as getPasskeyCredential,Pe as isConditionalUIAvailable,be as isPlatformAuthenticatorAvailable};
+var K=class{config;constructor(e){this.config=e}getAppId(){if(this.config.appId)return this.config.appId;let e=/https:\/\/([0-9a-fA-F-]+)\.api.*\.loginid\.io/,r=this.config.baseUrl.match(e);if(r)return r[1];throw new Error("Invalid LoginID base URL. App ID not found.")}},w=K;var V=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},d=V;var oe=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new d("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new d("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new d("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new d("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new d("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},se=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new d("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new d("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},D=new Error("User needs to be logged in to perform this operation.");var ge=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),Ce=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),u=t.charCodeAt(s++),p=i<<16|a<<8|u;r.push(e[p>>18&63]+e[p>>12&63]+e[p>>6&63]+e[p&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},be=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let u=r[a];if(u!==void 0)for(o=(o<<6)+u,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},l=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=Ce(e);return ge(s)},f=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=be(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},ne=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),ie=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},g=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},ae=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},ue=t=>{document.cookie=t},pe=t=>{document.cookie=`${t}=; expires=${new Date}`};var _=class{config;constructor(e){this.config=new w(e)}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getUser(){if(!this.isLoggedIn())throw D;let e=g(this.getJwtCookie()||"{}");return{username:e.username,id:e.sub}}getJwtCookieName(){return`LoginID_${this.config.getAppId()}_token`}setJwtCookie(e){let r=g(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;ue(o)}getJwtCookie(){return ae(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){pe(this.getJwtCookieName())}},le=_;var C=class{constructor(e){this.config=e}};var c=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var N=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},b=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new N("Request aborted"))}}get isCancelled(){return this.#e}};var W=t=>t!=null,P=t=>typeof t=="string",j=t=>P(t)&&t!=="",J=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),de=t=>t instanceof FormData,Pe=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},qe=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{W(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},Ae=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${qe(e.query)}`:o},Ie=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{P(o)||J(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>W(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},U=async(t,e)=>typeof e=="function"?e(t):e,Te=async(t,e)=>{let[r,s,o,n]=await Promise.all([U(e,t.TOKEN),U(e,t.USERNAME),U(e,t.PASSWORD),U(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,u])=>W(u)).reduce((a,[u,p])=>({...a,[u]:String(p)}),{});if(j(r)&&(i.Authorization=`Bearer ${r}`),j(s)&&j(o)){let a=Pe(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:J(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":P(e.body)?i["Content-Type"]="text/plain":de(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},Be=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):P(t.body)||J(t.body)||de(t.body)?t.body:JSON.stringify(t.body)},Ee=async(t,e,r,s,o,n,i)=>{let a=new AbortController,u={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(u.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,u)},Oe=(t,e)=>{if(e){let r=t.headers.get(e);if(P(r))return r}},xe=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},Se=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new c(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new c(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},ce=(t,e)=>new b(async(r,s,o)=>{try{let n=Ae(t,e),i=Ie(e),a=Be(e),u=await Te(t,e);if(!o.isCancelled){let p=await Ee(t,e,n,a,i,u,o),R=await xe(p),v=Oe(p,e.responseHeader),re={url:n,ok:p.ok,status:p.status,statusText:p.statusText,body:v??R};Se(e,re),r(re.body)}}catch(n){s(n)}});var L=class extends C{constructor(e){super(e)}request(e){return ce(this.config,e)}};var q=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var I=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var T=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var B=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var E=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var O=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var x=class{auth;mgmt;passkeys;profile;reg;tx;version;request;constructor(e,r=L){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new q(this.request),this.mgmt=new A(this.request),this.passkeys=new I(this.request),this.profile=new T(this.request),this.reg=new B(this.request),this.tx=new E(this.request),this.version=new O(this.request)}};var M=class{config;service;session;constructor(e){this.config=new w(e),this.service=new x({BASE:e.baseUrl}),this.session=new le(e)}},y=M;var z=class extends Error{constructor(e){super(e),this.name="AbortError"}},$=z;var G=class t{static abortController=new AbortController;static renewWebAuthnAbortController=()=>{let e=new $("Cancelling current WebAuthn request");t.abortController.abort(e);let r=new AbortController;t.abortController=r}},h=G;var m=(t,e)=>({...e,token:e.token||"",usernameType:e.usernameType||"email",displayName:e.displayName||t}),ye=(t,e)=>({...m(t,e),txType:e.txType||"raw",nonce:e.nonce||ne()});var Y=class extends y{constructor(e){super(e)}async authenticateWithCode(e,r,s={}){let o=m(e,s),n={authCode:r,user:{username:e,usernameType:o.usernameType}},i=await this.service.auth.authAuthCodeVerify({requestBody:n});return h.renewWebAuthnAbortController(),this.session.setJwtCookie(i.jwtAccess),i}async sendCode(e,r="email",s={}){let o=m(e,s),n={user:{username:e,usernameType:o.usernameType}};switch(r){case"email":await this.service.auth.authAuthCodeRequestEmail({requestBody:n});break;case"sms":await this.service.auth.authAuthCodeRequestSms({requestBody:n});break;default:throw new Error("Invalid message method")}return null}},H=Y;var ke={BASE:"https://api.loginid.io/fido2/v2",VERSION:"2.0",WITH_CREDENTIALS:!1,CREDENTIALS:"include",TOKEN:void 0,USERNAME:void 0,PASSWORD:void 0,HEADERS:void 0,ENCODE_PATH:void 0};var Q=class extends y{constructor(e){super(e)}async verifyConfigSettings(){let e={isValid:!0};try{this.config.getAppId()}catch{return e.isValid=!1,e.solution="Please verify that your base URL is correct.",e.code="invalid_app_id",e.message="Invalid app ID",e}try{let r=m("",{}),s={app:{id:this.config.getAppId()},deviceInfo:{},user:{username:"",usernameType:r.usernameType}};await this.service.auth.authAuthInit({requestBody:s})}catch(r){return e.isValid=!1,e.solution="Verify that your application exists and the base URL is correct.",e.code="unknown_error",e.message="Unknown error.",r instanceof c&&(e.code=r.body.msgCode||"unknown_error",e.message=r.body.msg||r.body.message||"Unknown error."),e}return e}getUser(){return this.session.getUser()}isLoggedIn(){return this.session.isLoggedIn()}signout(){this.session.signout()}},me=Q;import{UAParser as ve}from"ua-parser-js";var X=()=>({clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height}),we=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function De(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function Ne(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function Ue(){let t=new ve(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&we(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var S=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:f(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:f(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:f(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?oe(o,s):o}},k=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:f(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:f(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?se(o,s):o}};var Z=class extends H{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e;h.renewWebAuthnAbortController();let o=await S(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),p=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:l(n.attestationObject),clientDataJSON:l(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:l(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:l(u)},...p&&{transports:p}},session:s}}async registerWithPasskey(e,r={}){let s=X(),o=m(e,r);r.token=this.session.getToken(r),r.token&&g(r.token).username!==e&&(r.token="");let n={app:{id:this.config.getAppId()},deviceInfo:s,user:{username:e,usernameType:o.usernameType,displayName:o.displayName},...r.session&&{session:r.session}},i=await this.service.reg.regRegInit({requestBody:n,...r.token&&{authorization:r.token}}),a=await this.createNavigatorCredential(i),u=await this.service.reg.regRegComplete({requestBody:a});return this.session.setJwtCookie(u.jwtAccess),u}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e;r.abortSignal||(h.renewWebAuthnAbortController(),r.abortSignal=h.abortController.signal);let n=await k(s,r),i=n.response;return{assertionResult:{authenticatorData:l(i.authenticatorData),clientDataJSON:l(i.clientDataJSON),credentialId:n.id,signature:l(i.signature),...i.userHandle&&{userHandle:l(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=X(),o=m(e,r),n={app:{id:this.config.getAppId()},deviceInfo:s,user:{username:e,usernameType:o.usernameType}},i=await this.service.auth.authAuthInit({requestBody:n}),a=await this.getNavigatorCredential(i,r),u=await this.service.auth.authAuthComplete({requestBody:a});return this.session.setJwtCookie(u.jwtAccess),u}async enablePasskeyAutofill(e={}){return e.autoFill=!0,await this.authenticateWithPasskey("",e)}async generateCodeWithPasskey(e,r={}){if(r.token=this.session.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async addPasskey(e,r={}){let s=this.session.getToken(r);if(!s)throw D;return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o=ye(e,s),n={username:e,txPayload:r,nonce:o.nonce,txType:o.txType},{assertionOptions:i,session:a}=await this.service.tx.txTxInit({requestBody:n}),u={action:"proceed",affirmMethods:[],fallbackMethods:[],assertionOptions:i,session:a},{assertionResult:p}=await this.getNavigatorCredential(u),R={authenticatorData:p.authenticatorData,clientData:p.clientDataJSON,keyHandle:p.credentialId,session:a,signature:p.signature},v=await this.service.tx.txTxComplete({requestBody:R});return this.session.setJwtCookie(v.jwtAccess),v}},fe=Z;var ee=class extends y{constructor(e){super(e)}async listPasskeys(e={}){let r=this.session.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.session.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.session.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},he=ee;var F=class extends y{constructor(e){super(e)}};ie(F,[y,fe,H,he,me]);var Re=F;var te=class{static async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await k(s,r),i=n.response;return{assertionResult:{authenticatorData:l(i.authenticatorData),clientDataJSON:l(i.clientDataJSON),credentialId:n.id,signature:l(i.signature),...i.userHandle&&{userHandle:l(i.userHandle)}},session:o}}static async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await S(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),p=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:l(n.attestationObject),clientDataJSON:l(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:l(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:l(u)},...p&&{transports:p}},session:s}}};var kr=Re;export{$ as AbortError,c as ApiError,q as AuthService,C as BaseHttpRequest,N as CancelError,b as CancelablePromise,x as LoginIDService,Re as LoginIDWebSDK,A as MgmtService,ke as OpenAPI,d as PasskeyError,I as PasskeysService,T as ProfileService,B as RegService,E as TxService,O as VersionService,te as WebAuthnHelper,S as createPasskeyCredential,kr as default,Ue as doesDeviceSupportPasskeys,k as getPasskeyCredential,Ne as isConditionalUIAvailable,De as isPlatformAuthenticatorAvailable};
 //# sourceMappingURL=index.js.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@loginid/websdk3",
-  "version": "1.6.0",
+  "version": "1.8.0",
   "description": "",
   "main": "./dist/index.cjs",
   "module": "./dist/index.js",