@loginid/websdk3 1.9.0-next.1 → 1.9.0

package/README.md

@@ -19,13 +19,15 @@ npm install @loginid/websdk3
 
 ## How to Use
 
-- visit our [API Reference documentation](https://docs.loginid.io/Client-SDKs/Web/web) for package implementation.
+- visit our [API Reference documentation](https://docs.loginid.io/sdks/web/web) for package implementation.
 
-## Contact and Support
+## Contact and support
 
-- **Email**: [support@loginid.io](mailto:support@loginid.io)
-- **Community Chat**: [Join our Slack](https://loginidiocommunity.slack.com)
-- **Documentation**: [Read our full documentation](https://docs.loginid.io)
+- **email**: [support@loginid.io](mailto:support@loginid.io)
+- **documentation**: [read our full documentation](https://docs.loginid.io)
+- **forum**: https://forum.loginid.dev
+- **bug reporting**: https://loginid.dev
+- **dashboard**: https://dashboard.loginid.io
 
 ## License
 

package/dist/index.cjs

@@ -1,2 +1,2 @@
-"use strict";var M=Object.defineProperty;var we=Object.getOwnPropertyDescriptor;var De=Object.getOwnPropertyNames;var Ne=Object.prototype.hasOwnProperty;var de=(t,e)=>{for(var r in e)M(t,r,{get:e[r],enumerable:!0})},Ue=(t,e,r,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of De(e))!Ne.call(t,o)&&o!==r&&M(t,o,{get:()=>e[o],enumerable:!(s=we(e,o))||s.enumerable});return t};var Le=t=>Ue(M({},"__esModule",{value:!0}),t);var Ze={};de(Ze,{AbortError:()=>_,ApiError:()=>c,LoginIDAPI:()=>ne,LoginIDWebSDK:()=>le,PasskeyError:()=>d,WebAuthnHelper:()=>j,createPasskeyCredential:()=>x,default:()=>Xe,doesDeviceSupportPasskeys:()=>Te,getPasskeyCredential:()=>S,isConditionalUIAvailable:()=>ke,isPlatformAuthenticatorAvailable:()=>Ie});module.exports=Le(Ze);var J=class{config;constructor(e){this.config=e}getAppId(){if(this.config.appId)return this.config.appId;let e=/https:\/\/([0-9a-fA-F-]+)\.api.*\.loginid\.io/,r=this.config.baseUrl.match(e);if(r)return r[1];throw new Error("Invalid LoginID base URL. App ID not found.")}},L=J;var z=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},d=z;var $=class extends Error{constructor(e){super(e),this.name="LoginIDError"}},G=$;var ce=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new d("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new d("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new d("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new d("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new d("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},me=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new d("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new d("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},F=new G("User needs to be logged in to perform this operation."),Y=new G("No login options available.");var Fe=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),Ke=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),l=t.charCodeAt(s++),u=i<<16|a<<8|l;r.push(e[u>>18&63]+e[u>>12&63]+e[u>>6&63]+e[u&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},He=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let l=r[a];if(l!==void 0)for(o=(o<<6)+l,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},p=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=Ke(e);return Fe(s)},h=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=He(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},ye=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),fe=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},v=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},he=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},Re=t=>{document.cookie=t},ge=t=>{document.cookie=`${t}=; expires=${new Date}`};var Q=class{config;constructor(e){this.config=new L(e)}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getUser(){if(!this.isLoggedIn())throw F;let e=v(this.getJwtCookie()||"{}");return{username:e.username,id:e.sub}}getJwtCookieName(){return`LoginID_${this.config.getAppId()}_token`}setJwtCookie(e){let r=v(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;Re(o)}getJwtCookie(){return he(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){ge(this.getJwtCookieName())}},be=Q;var R=class{constructor(e){this.config=e}};var c=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var w=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},g=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new w("Request aborted"))}}get isCancelled(){return this.#e}};var Z=t=>t!=null,D=t=>typeof t=="string",X=t=>D(t)&&t!=="",ee=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),Ce=t=>t instanceof FormData,_e=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},Ve=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{Z(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},We=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${Ve(e.query)}`:o},je=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{D(o)||ee(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>Z(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},K=async(t,e)=>typeof e=="function"?e(t):e,Me=async(t,e)=>{let[r,s,o,n]=await Promise.all([K(e,t.TOKEN),K(e,t.USERNAME),K(e,t.PASSWORD),K(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,l])=>Z(l)).reduce((a,[l,u])=>({...a,[l]:String(u)}),{});if(X(r)&&(i.Authorization=`Bearer ${r}`),X(s)&&X(o)){let a=_e(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:ee(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":D(e.body)?i["Content-Type"]="text/plain":Ce(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},Je=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):D(t.body)||ee(t.body)||Ce(t.body)?t.body:JSON.stringify(t.body)},ze=async(t,e,r,s,o,n,i)=>{let a=new AbortController,l={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(l.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,l)},$e=(t,e)=>{if(e){let r=t.headers.get(e);if(D(r))return r}},Ge=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},Ye=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new c(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new c(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},Pe=(t,e)=>new g(async(r,s,o)=>{try{let n=We(t,e),i=je(e),a=Je(e),l=await Me(t,e);if(!o.isCancelled){let u=await ze(t,e,n,a,i,l,o),f=await Ge(u),U=$e(u,e.responseHeader),pe={url:n,ok:u.ok,status:u.status,statusText:u.statusText,body:U??f};Ye(e,pe),r(pe.body)}}catch(n){s(n)}});var H=class extends R{constructor(e){super(e)}request(e){return Pe(this.config,e)}};var b=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var C=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var P=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var I=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var k=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var T=class{constructor(e){this.httpRequest=e}wellKnownJwks(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/.well-known/jwks.json",errors:{500:"InternalServerError: Internal Server Error response."}})}};var E=class{auth;mgmt;passkeys;profile;reg;tx;version;wellKnown;request;constructor(e,r=H){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new b(this.request),this.mgmt=new C(this.request),this.passkeys=new P(this.request),this.profile=new q(this.request),this.reg=new A(this.request),this.tx=new I(this.request),this.version=new k(this.request),this.wellKnown=new T(this.request)}};var te=class{config;service;session;constructor(e){this.config=new L(e),this.service=new E({BASE:e.baseUrl}),this.session=new be(e)}},m=te;var re=class extends Error{constructor(e){super(e),this.name="AbortError"}},_=re;var oe=class t{static abortController=new AbortController;static renewWebAuthnAbortController=()=>{let e=new _("Cancelling current WebAuthn request");t.abortController.abort(e);let r=new AbortController;t.abortController=r}},O=oe;var y=(t,e)=>({...e,token:e.token||"",usernameType:e.usernameType||"email",displayName:e.displayName||t,callbacks:e.callbacks||{}}),qe=(t,e)=>({...y(t,e),txType:e.txType||"raw",nonce:e.nonce||ye()});var se=class extends m{constructor(e){super(e)}async authenticateWithCode(e,r,s={}){let o=y(e,s),n={authCode:r,user:{username:e,usernameType:o.usernameType}},i=await this.service.auth.authAuthCodeVerify({requestBody:n});return O.renewWebAuthnAbortController(),this.session.setJwtCookie(i.jwtAccess),i}async sendCode(e,r="email",s={}){let o=y(e,s),n={user:{username:e,usernameType:o.usernameType}};switch(r){case"email":await this.service.auth.authAuthCodeRequestEmail({requestBody:n});break;case"sms":await this.service.auth.authAuthCodeRequestSms({requestBody:n});break;default:throw new Error("Invalid message method")}return null}},V=se;var Ae=require("ua-parser-js"),N=t=>{let e={clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height,clientName:"",clientVersion:"",osName:"",osVersion:"",osArch:""};return t&&(e.deviceId=t),e},Qe=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function Ie(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function ke(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function Te(){let t=new Ae.UAParser(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&Qe(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var ne={};de(ne,{ApiError:()=>c,AuthService:()=>b,BaseHttpRequest:()=>R,CancelError:()=>w,CancelablePromise:()=>g,LoginIDService:()=>E,MgmtService:()=>C,OpenAPI:()=>Ee,PasskeysService:()=>P,ProfileService:()=>q,RegService:()=>A,TxService:()=>I,VersionService:()=>k,WellKnownService:()=>T});var Ee={BASE:"https://api.loginid.io/fido2/v2",VERSION:"2.0",WITH_CREDENTIALS:!1,CREDENTIALS:"include",TOKEN:void 0,USERNAME:void 0,PASSWORD:void 0,HEADERS:void 0,ENCODE_PATH:void 0};var ie=class extends m{constructor(e){super(e)}async verifyConfigSettings(){let e={isValid:!0};try{this.config.getAppId()}catch{return e.isValid=!1,e.solution="Please verify that your base URL is correct.",e.code="invalid_app_id",e.message="Invalid app ID",e}try{let r=y("",{}),s={app:{id:this.config.getAppId()},deviceInfo:N(),user:{username:"",usernameType:r.usernameType}};await this.service.auth.authAuthInit({requestBody:s})}catch(r){return e.isValid=!1,e.solution="Verify that your application exists and the base URL is correct.",e.code="unknown_error",e.message="Unknown error.",r instanceof c&&(e.code=r.body.msgCode||"unknown_error",e.message=r.body.msg||r.body.message||"Unknown error."),e}return e}getUser(){return this.session.getUser()}isLoggedIn(){return this.session.isLoggedIn()}signout(){this.session.signout()}},Oe=ie;var Be=t=>`LoginID_${t}_device-id`,B=class{static persistDeviceId(e,r){r&&localStorage.setItem(Be(e),r)}static getDeviceId(e){return localStorage.getItem(Be(e))||""}};var xe=t=>{let e={ciam:!1,otp:!1,"otp:email":!1,"otp:sms":!1};return[...t.crossAuthMethods,...t.fallbackMethods].reduce((o,n)=>(o[n]=!0,o),e)};var x=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:h(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:h(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?ce(o,s):o}},S=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:h(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?me(o,s):o}};var ae=class extends V{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e;O.renewWebAuthnAbortController();let o=await x(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),l=n.getAuthenticatorData&&n.getAuthenticatorData(),u=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...l&&{authenticatorData:p(l)},...u&&{transports:u}},session:s}}async registerWithPasskey(e,r={}){let s=this.config.getAppId(),o=N(B.getDeviceId(s)),n=y(e,r);r.token=this.session.getToken(r),r.token&&v(r.token).username!==e&&(r.token="");let i={app:{id:s},deviceInfo:o,user:{username:e,usernameType:n.usernameType,displayName:n.displayName},...r.session&&{session:r.session}},a=await this.service.reg.regRegInit({requestBody:i,...r.token&&{authorization:r.token}}),l=await this.createNavigatorCredential(a),u=await this.service.reg.regRegComplete({requestBody:l});return this.session.setJwtCookie(u.jwtAccess),B.persistDeviceId(s,u.deviceID),u}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e;r.abortSignal||(O.renewWebAuthnAbortController(),r.abortSignal=O.abortController.signal);let n=await S(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=this.config.getAppId(),o=N(B.getDeviceId(s)),n=y(e,r),i={app:{id:s},deviceInfo:o,user:{username:e,usernameType:n.usernameType}},a=await this.service.auth.authAuthInit({requestBody:i});switch(a.action){case"proceed":{let l=await this.getNavigatorCredential(a,r),u=await this.service.auth.authAuthComplete({requestBody:l});return this.session.setJwtCookie(u.jwtAccess),n?.callbacks?.onSuccess&&await n.callbacks.onSuccess(u),u}case"crossAuth":case"fallback":{if(n?.callbacks?.onFallback)return await n.callbacks.onFallback(e,{fallbackOptions:xe(a)}),{jwtAccess:""};throw Y}default:throw Y}}async enablePasskeyAutofill(e={}){return e.autoFill=!0,await this.authenticateWithPasskey("",e)}async generateCodeWithPasskey(e,r={}){if(r.token=this.session.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async addPasskey(e,r={}){let s=this.session.getToken(r);if(!s)throw F;return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o=qe(e,s),n={username:e,txPayload:r,nonce:o.nonce,txType:o.txType},{assertionOptions:i,session:a}=await this.service.tx.txTxInit({requestBody:n}),l={action:"proceed",crossAuthMethods:[],fallbackMethods:[],assertionOptions:i,session:a},{assertionResult:u}=await this.getNavigatorCredential(l),f={authenticatorData:u.authenticatorData,clientData:u.clientDataJSON,keyHandle:u.credentialId,session:a,signature:u.signature},U=await this.service.tx.txTxComplete({requestBody:f});return this.session.setJwtCookie(U.jwtAccess),U}},Se=ae;var ue=class extends m{constructor(e){super(e)}async listPasskeys(e={}){let r=this.session.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.session.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.session.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},ve=ue;var W=class extends m{constructor(e){super(e)}};fe(W,[m,Se,V,ve,Oe]);var le=W;var j=class{static async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await S(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}static async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await x(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),l=n.getAuthenticatorData&&n.getAuthenticatorData(),u=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...l&&{authenticatorData:p(l)},...u&&{transports:u}},session:s}}};var Xe=le;0&&(module.exports={AbortError,ApiError,LoginIDAPI,LoginIDWebSDK,PasskeyError,WebAuthnHelper,createPasskeyCredential,doesDeviceSupportPasskeys,getPasskeyCredential,isConditionalUIAvailable,isPlatformAuthenticatorAvailable});
+"use strict";var M=Object.defineProperty;var we=Object.getOwnPropertyDescriptor;var De=Object.getOwnPropertyNames;var Ne=Object.prototype.hasOwnProperty;var de=(t,e)=>{for(var r in e)M(t,r,{get:e[r],enumerable:!0})},Ue=(t,e,r,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of De(e))!Ne.call(t,o)&&o!==r&&M(t,o,{get:()=>e[o],enumerable:!(s=we(e,o))||s.enumerable});return t};var Le=t=>Ue(M({},"__esModule",{value:!0}),t);var Ze={};de(Ze,{AbortError:()=>_,ApiError:()=>m,LoginIDAPI:()=>ne,LoginIDWebSDK:()=>le,PasskeyError:()=>d,WebAuthnHelper:()=>j,createPasskeyCredential:()=>x,default:()=>Xe,doesDeviceSupportPasskeys:()=>Te,getPasskeyCredential:()=>S,isConditionalUIAvailable:()=>ke,isPlatformAuthenticatorAvailable:()=>Ie});module.exports=Le(Ze);var J=class{config;constructor(e){this.config=e}getAppId(){if(this.config.appId)return this.config.appId;let e=/https:\/\/([0-9a-fA-F-]+)\.api.*\.loginid\.io/,r=this.config.baseUrl.match(e);if(r)return r[1];throw new Error("Invalid LoginID base URL. App ID not found.")}},L=J;var z=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},d=z;var $=class extends Error{constructor(e){super(e),this.name="LoginIDError"}},G=$;var ce=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new d("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new d("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new d("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new d("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new d("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},me=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new d("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new d("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},F=new G("User needs to be logged in to perform this operation."),Y=new G("No login options available.");var Fe=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),Ke=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),u=t.charCodeAt(s++),l=i<<16|a<<8|u;r.push(e[l>>18&63]+e[l>>12&63]+e[l>>6&63]+e[l&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},He=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let u=r[a];if(u!==void 0)for(o=(o<<6)+u,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},p=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=Ke(e);return Fe(s)},h=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=He(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},ye=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),fe=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},w=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},he=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},Re=t=>{document.cookie=t},ge=t=>{document.cookie=`${t}=; expires=${new Date}`};var Q=class{config;constructor(e){this.config=new L(e)}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getUser(){if(!this.isLoggedIn())throw F;let e=w(this.getJwtCookie()||"{}");return{username:e.username,id:e.sub}}getJwtCookieName(){return`LoginID_${this.config.getAppId()}_token`}setJwtCookie(e){let r=w(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;Re(o)}getJwtCookie(){return he(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){ge(this.getJwtCookieName())}},be=Q;var R=class{constructor(e){this.config=e}};var m=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var D=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},g=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new D("Request aborted"))}}get isCancelled(){return this.#e}};var Z=t=>t!=null,N=t=>typeof t=="string",X=t=>N(t)&&t!=="",ee=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),Ce=t=>t instanceof FormData,_e=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},Ve=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{Z(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},We=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${Ve(e.query)}`:o},je=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{N(o)||ee(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>Z(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},K=async(t,e)=>typeof e=="function"?e(t):e,Me=async(t,e)=>{let[r,s,o,n]=await Promise.all([K(e,t.TOKEN),K(e,t.USERNAME),K(e,t.PASSWORD),K(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,u])=>Z(u)).reduce((a,[u,l])=>({...a,[u]:String(l)}),{});if(X(r)&&(i.Authorization=`Bearer ${r}`),X(s)&&X(o)){let a=_e(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:ee(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":N(e.body)?i["Content-Type"]="text/plain":Ce(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},Je=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):N(t.body)||ee(t.body)||Ce(t.body)?t.body:JSON.stringify(t.body)},ze=async(t,e,r,s,o,n,i)=>{let a=new AbortController,u={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(u.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,u)},$e=(t,e)=>{if(e){let r=t.headers.get(e);if(N(r))return r}},Ge=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},Ye=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new m(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new m(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},Pe=(t,e)=>new g(async(r,s,o)=>{try{let n=We(t,e),i=je(e),a=Je(e),u=await Me(t,e);if(!o.isCancelled){let l=await ze(t,e,n,a,i,u,o),c=await Ge(l),v=$e(l,e.responseHeader),pe={url:n,ok:l.ok,status:l.status,statusText:l.statusText,body:v??c};Ye(e,pe),r(pe.body)}}catch(n){s(n)}});var H=class extends R{constructor(e){super(e)}request(e){return Pe(this.config,e)}};var b=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var C=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var P=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var I=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var k=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var T=class{constructor(e){this.httpRequest=e}wellKnownJwks(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/.well-known/jwks.json",errors:{500:"InternalServerError: Internal Server Error response."}})}};var O=class{auth;mgmt;passkeys;profile;reg;tx;version;wellKnown;request;constructor(e,r=H){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new b(this.request),this.mgmt=new C(this.request),this.passkeys=new P(this.request),this.profile=new q(this.request),this.reg=new A(this.request),this.tx=new I(this.request),this.version=new k(this.request),this.wellKnown=new T(this.request)}};var te=class{config;service;session;constructor(e){this.config=new L(e),this.service=new O({BASE:e.baseUrl}),this.session=new be(e)}},y=te;var re=class extends Error{constructor(e){super(e),this.name="AbortError"}},_=re;var oe=class t{static abortController=new AbortController;static renewWebAuthnAbortController=()=>{let e=new _("Cancelling current WebAuthn request");t.abortController.abort(e);let r=new AbortController;t.abortController=r}},E=oe;var f=(t,e)=>({...e,token:e.token||"",usernameType:e.usernameType||"email",displayName:e.displayName||t,callbacks:e.callbacks||{}}),qe=(t,e)=>({...f(t,e),txType:e.txType||"raw",nonce:e.nonce||ye()});var se=class extends y{constructor(e){super(e)}async authenticateWithCode(e,r,s={}){let o=f(e,s),n={authCode:r,user:{username:e,usernameType:o.usernameType}},a={...await this.service.auth.authAuthCodeVerify({requestBody:n}),isAuthenticated:!0};return E.renewWebAuthnAbortController(),this.session.setJwtCookie(a.jwtAccess),a}async sendCode(e,r="email",s={}){let o=f(e,s),n={user:{username:e,usernameType:o.usernameType}};switch(r){case"email":await this.service.auth.authAuthCodeRequestEmail({requestBody:n});break;case"sms":await this.service.auth.authAuthCodeRequestSms({requestBody:n});break;default:throw new Error("Invalid message method")}return null}},V=se;var Ae=require("ua-parser-js"),U=t=>{let e={clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height,clientName:"",clientVersion:"",osName:"",osVersion:"",osArch:""};return t&&(e.deviceId=t),e},Qe=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function Ie(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function ke(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function Te(){let t=new Ae.UAParser(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&Qe(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var ne={};de(ne,{ApiError:()=>m,AuthService:()=>b,BaseHttpRequest:()=>R,CancelError:()=>D,CancelablePromise:()=>g,LoginIDService:()=>O,MgmtService:()=>C,OpenAPI:()=>Oe,PasskeysService:()=>P,ProfileService:()=>q,RegService:()=>A,TxService:()=>I,VersionService:()=>k,WellKnownService:()=>T});var Oe={BASE:"https://api.loginid.io/fido2/v2",VERSION:"2.0",WITH_CREDENTIALS:!1,CREDENTIALS:"include",TOKEN:void 0,USERNAME:void 0,PASSWORD:void 0,HEADERS:void 0,ENCODE_PATH:void 0};var ie=class extends y{constructor(e){super(e)}async verifyConfigSettings(){let e={isValid:!0};try{this.config.getAppId()}catch{return e.isValid=!1,e.solution="Please verify that your base URL is correct.",e.code="invalid_app_id",e.message="Invalid app ID",e}try{let r=f("",{}),s={app:{id:this.config.getAppId()},deviceInfo:U(),user:{username:"",usernameType:r.usernameType}};await this.service.auth.authAuthInit({requestBody:s})}catch(r){return e.isValid=!1,e.solution="Verify that your application exists and the base URL is correct.",e.code="unknown_error",e.message="Unknown error.",r instanceof m&&(e.code=r.body.msgCode||"unknown_error",e.message=r.body.msg||r.body.message||"Unknown error."),e}return e}getUser(){return this.session.getUser()}isLoggedIn(){return this.session.isLoggedIn()}signout(){this.session.signout()}},Ee=ie;var Be=t=>`LoginID_${t}_device-id`,B=class{static persistDeviceId(e,r){r&&localStorage.setItem(Be(e),r)}static getDeviceId(e){return localStorage.getItem(Be(e))||""}};var xe=t=>{let e={ciam:!1,otp:!1,"otp:email":!1,"otp:sms":!1};return[...t.crossAuthMethods,...t.fallbackMethods].reduce((o,n)=>(o[n]=!0,o),e)};var x=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:h(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:h(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?ce(o,s):o}},S=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:h(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?me(o,s):o}};var ae=class extends V{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e;E.renewWebAuthnAbortController();let o=await x(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),l=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:p(u)},...l&&{transports:l}},session:s}}async registerWithPasskey(e,r={}){let s=this.config.getAppId(),o=U(B.getDeviceId(s)),n=f(e,r);r.token=this.session.getToken(r),r.token&&w(r.token).username!==e&&(r.token="");let i={app:{id:s},deviceInfo:o,user:{username:e,usernameType:n.usernameType,displayName:n.displayName},...r.session&&{session:r.session}},a=await this.service.reg.regRegInit({requestBody:i,...r.token&&{authorization:r.token}}),u=await this.createNavigatorCredential(a),c={...await this.service.reg.regRegComplete({requestBody:u}),isAuthenticated:!0};return this.session.setJwtCookie(c.jwtAccess),B.persistDeviceId(s,c.deviceID),c}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e;r.abortSignal||(E.renewWebAuthnAbortController(),r.abortSignal=E.abortController.signal);let n=await S(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=this.config.getAppId(),o=U(B.getDeviceId(s)),n=f(e,r),i={app:{id:s},deviceInfo:o,user:{username:e,usernameType:n.usernameType}},a=await this.service.auth.authAuthInit({requestBody:i});switch(a.action){case"proceed":{let u=await this.getNavigatorCredential(a,r),c={...await this.service.auth.authAuthComplete({requestBody:u}),isAuthenticated:!0};return this.session.setJwtCookie(c.jwtAccess),n?.callbacks?.onSuccess&&await n.callbacks.onSuccess(c),c}case"crossAuth":case"fallback":{if(n?.callbacks?.onFallback){let u=xe(a);return await n.callbacks.onFallback(e,{fallbackOptions:u}),{jwtAccess:"",isAuthenticated:!1,fallbackOptions:u}}throw Y}default:throw Y}}async enablePasskeyAutofill(e={}){return e.autoFill=!0,await this.authenticateWithPasskey("",e)}async generateCodeWithPasskey(e,r={}){if(r.token=this.session.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async addPasskey(e,r={}){let s=this.session.getToken(r);if(!s)throw F;return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o=qe(e,s),n={username:e,txPayload:r,nonce:o.nonce,txType:o.txType},{assertionOptions:i,session:a}=await this.service.tx.txTxInit({requestBody:n}),u={action:"proceed",crossAuthMethods:[],fallbackMethods:[],assertionOptions:i,session:a},{assertionResult:l}=await this.getNavigatorCredential(u),c={authenticatorData:l.authenticatorData,clientData:l.clientDataJSON,keyHandle:l.credentialId,session:a,signature:l.signature},v=await this.service.tx.txTxComplete({requestBody:c});return this.session.setJwtCookie(v.jwtAccess),v}},Se=ae;var ue=class extends y{constructor(e){super(e)}async listPasskeys(e={}){let r=this.session.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.session.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.session.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},ve=ue;var W=class extends y{constructor(e){super(e)}};fe(W,[y,Se,V,ve,Ee]);var le=W;var j=class{static async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await S(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}static async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await x(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),l=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:p(u)},...l&&{transports:l}},session:s}}};var Xe=le;0&&(module.exports={AbortError,ApiError,LoginIDAPI,LoginIDWebSDK,PasskeyError,WebAuthnHelper,createPasskeyCredential,doesDeviceSupportPasskeys,getPasskeyCredential,isConditionalUIAvailable,isPlatformAuthenticatorAvailable});
 //# sourceMappingURL=index.cjs.map

package/dist/index.d.cts

@@ -1100,8 +1100,10 @@ interface SendCodeOptions {
     usernameType?: UsernameType;
 }
 interface PasskeyResult {
+    isAuthenticated: boolean;
     jwtAccess: string;
     deviceID?: string;
+    fallbackOptions?: CrossAuthMethodsResult;
 }
 interface LoginIDUser {
     username: string;

package/dist/index.d.ts

@@ -1100,8 +1100,10 @@ interface SendCodeOptions {
     usernameType?: UsernameType;
 }
 interface PasskeyResult {
+    isAuthenticated: boolean;
     jwtAccess: string;
     deviceID?: string;
+    fallbackOptions?: CrossAuthMethodsResult;
 }
 interface LoginIDUser {
     username: string;

package/dist/index.js

@@ -1,2 +1,2 @@
-var Ee=Object.defineProperty;var Oe=(t,e)=>{for(var r in e)Ee(t,r,{get:e[r],enumerable:!0})};var W=class{config;constructor(e){this.config=e}getAppId(){if(this.config.appId)return this.config.appId;let e=/https:\/\/([0-9a-fA-F-]+)\.api.*\.loginid\.io/,r=this.config.baseUrl.match(e);if(r)return r[1];throw new Error("Invalid LoginID base URL. App ID not found.")}},L=W;var j=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},d=j;var M=class extends Error{constructor(e){super(e),this.name="LoginIDError"}},J=M;var ue=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new d("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new d("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new d("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new d("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new d("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},le=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new d("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new d("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new d(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new d("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},F=new J("User needs to be logged in to perform this operation."),z=new J("No login options available.");var Be=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),xe=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),l=t.charCodeAt(s++),u=i<<16|a<<8|l;r.push(e[u>>18&63]+e[u>>12&63]+e[u>>6&63]+e[u&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},Se=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let l=r[a];if(l!==void 0)for(o=(o<<6)+l,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},p=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=xe(e);return Be(s)},h=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=Se(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},pe=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),de=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},x=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},ce=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},me=t=>{document.cookie=t},ye=t=>{document.cookie=`${t}=; expires=${new Date}`};var $=class{config;constructor(e){this.config=new L(e)}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getUser(){if(!this.isLoggedIn())throw F;let e=x(this.getJwtCookie()||"{}");return{username:e.username,id:e.sub}}getJwtCookieName(){return`LoginID_${this.config.getAppId()}_token`}setJwtCookie(e){let r=x(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;me(o)}getJwtCookie(){return ce(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){ye(this.getJwtCookieName())}},fe=$;var R=class{constructor(e){this.config=e}};var c=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var S=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},g=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new S("Request aborted"))}}get isCancelled(){return this.#e}};var Y=t=>t!=null,v=t=>typeof t=="string",G=t=>v(t)&&t!=="",Q=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),he=t=>t instanceof FormData,ve=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},we=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{Y(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},De=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${we(e.query)}`:o},Ne=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{v(o)||Q(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>Y(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},K=async(t,e)=>typeof e=="function"?e(t):e,Ue=async(t,e)=>{let[r,s,o,n]=await Promise.all([K(e,t.TOKEN),K(e,t.USERNAME),K(e,t.PASSWORD),K(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,l])=>Y(l)).reduce((a,[l,u])=>({...a,[l]:String(u)}),{});if(G(r)&&(i.Authorization=`Bearer ${r}`),G(s)&&G(o)){let a=ve(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:Q(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":v(e.body)?i["Content-Type"]="text/plain":he(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},Le=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):v(t.body)||Q(t.body)||he(t.body)?t.body:JSON.stringify(t.body)},Fe=async(t,e,r,s,o,n,i)=>{let a=new AbortController,l={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(l.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,l)},Ke=(t,e)=>{if(e){let r=t.headers.get(e);if(v(r))return r}},He=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},_e=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new c(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new c(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},Re=(t,e)=>new g(async(r,s,o)=>{try{let n=De(t,e),i=Ne(e),a=Le(e),l=await Ue(t,e);if(!o.isCancelled){let u=await Fe(t,e,n,a,i,l,o),f=await He(u),U=Ke(u,e.responseHeader),ae={url:n,ok:u.ok,status:u.status,statusText:u.statusText,body:U??f};_e(e,ae),r(ae.body)}}catch(n){s(n)}});var H=class extends R{constructor(e){super(e)}request(e){return Re(this.config,e)}};var b=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var C=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var P=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var I=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var k=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var T=class{constructor(e){this.httpRequest=e}wellKnownJwks(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/.well-known/jwks.json",errors:{500:"InternalServerError: Internal Server Error response."}})}};var E=class{auth;mgmt;passkeys;profile;reg;tx;version;wellKnown;request;constructor(e,r=H){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new b(this.request),this.mgmt=new C(this.request),this.passkeys=new P(this.request),this.profile=new q(this.request),this.reg=new A(this.request),this.tx=new I(this.request),this.version=new k(this.request),this.wellKnown=new T(this.request)}};var X=class{config;service;session;constructor(e){this.config=new L(e),this.service=new E({BASE:e.baseUrl}),this.session=new fe(e)}},m=X;var Z=class extends Error{constructor(e){super(e),this.name="AbortError"}},ee=Z;var te=class t{static abortController=new AbortController;static renewWebAuthnAbortController=()=>{let e=new ee("Cancelling current WebAuthn request");t.abortController.abort(e);let r=new AbortController;t.abortController=r}},O=te;var y=(t,e)=>({...e,token:e.token||"",usernameType:e.usernameType||"email",displayName:e.displayName||t,callbacks:e.callbacks||{}}),ge=(t,e)=>({...y(t,e),txType:e.txType||"raw",nonce:e.nonce||pe()});var re=class extends m{constructor(e){super(e)}async authenticateWithCode(e,r,s={}){let o=y(e,s),n={authCode:r,user:{username:e,usernameType:o.usernameType}},i=await this.service.auth.authAuthCodeVerify({requestBody:n});return O.renewWebAuthnAbortController(),this.session.setJwtCookie(i.jwtAccess),i}async sendCode(e,r="email",s={}){let o=y(e,s),n={user:{username:e,usernameType:o.usernameType}};switch(r){case"email":await this.service.auth.authAuthCodeRequestEmail({requestBody:n});break;case"sms":await this.service.auth.authAuthCodeRequestSms({requestBody:n});break;default:throw new Error("Invalid message method")}return null}},_=re;import{UAParser as Ve}from"ua-parser-js";var w=t=>{let e={clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height,clientName:"",clientVersion:"",osName:"",osVersion:"",osArch:""};return t&&(e.deviceId=t),e},We=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function je(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function Me(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function Je(){let t=new Ve(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&We(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var Ce={};Oe(Ce,{ApiError:()=>c,AuthService:()=>b,BaseHttpRequest:()=>R,CancelError:()=>S,CancelablePromise:()=>g,LoginIDService:()=>E,MgmtService:()=>C,OpenAPI:()=>be,PasskeysService:()=>P,ProfileService:()=>q,RegService:()=>A,TxService:()=>I,VersionService:()=>k,WellKnownService:()=>T});var be={BASE:"https://api.loginid.io/fido2/v2",VERSION:"2.0",WITH_CREDENTIALS:!1,CREDENTIALS:"include",TOKEN:void 0,USERNAME:void 0,PASSWORD:void 0,HEADERS:void 0,ENCODE_PATH:void 0};var oe=class extends m{constructor(e){super(e)}async verifyConfigSettings(){let e={isValid:!0};try{this.config.getAppId()}catch{return e.isValid=!1,e.solution="Please verify that your base URL is correct.",e.code="invalid_app_id",e.message="Invalid app ID",e}try{let r=y("",{}),s={app:{id:this.config.getAppId()},deviceInfo:w(),user:{username:"",usernameType:r.usernameType}};await this.service.auth.authAuthInit({requestBody:s})}catch(r){return e.isValid=!1,e.solution="Verify that your application exists and the base URL is correct.",e.code="unknown_error",e.message="Unknown error.",r instanceof c&&(e.code=r.body.msgCode||"unknown_error",e.message=r.body.msg||r.body.message||"Unknown error."),e}return e}getUser(){return this.session.getUser()}isLoggedIn(){return this.session.isLoggedIn()}signout(){this.session.signout()}},Pe=oe;var qe=t=>`LoginID_${t}_device-id`,B=class{static persistDeviceId(e,r){r&&localStorage.setItem(qe(e),r)}static getDeviceId(e){return localStorage.getItem(qe(e))||""}};var Ae=t=>{let e={ciam:!1,otp:!1,"otp:email":!1,"otp:sms":!1};return[...t.crossAuthMethods,...t.fallbackMethods].reduce((o,n)=>(o[n]=!0,o),e)};var D=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:h(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:h(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?ue(o,s):o}},N=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:h(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?le(o,s):o}};var se=class extends _{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e;O.renewWebAuthnAbortController();let o=await D(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),l=n.getAuthenticatorData&&n.getAuthenticatorData(),u=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...l&&{authenticatorData:p(l)},...u&&{transports:u}},session:s}}async registerWithPasskey(e,r={}){let s=this.config.getAppId(),o=w(B.getDeviceId(s)),n=y(e,r);r.token=this.session.getToken(r),r.token&&x(r.token).username!==e&&(r.token="");let i={app:{id:s},deviceInfo:o,user:{username:e,usernameType:n.usernameType,displayName:n.displayName},...r.session&&{session:r.session}},a=await this.service.reg.regRegInit({requestBody:i,...r.token&&{authorization:r.token}}),l=await this.createNavigatorCredential(a),u=await this.service.reg.regRegComplete({requestBody:l});return this.session.setJwtCookie(u.jwtAccess),B.persistDeviceId(s,u.deviceID),u}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e;r.abortSignal||(O.renewWebAuthnAbortController(),r.abortSignal=O.abortController.signal);let n=await N(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=this.config.getAppId(),o=w(B.getDeviceId(s)),n=y(e,r),i={app:{id:s},deviceInfo:o,user:{username:e,usernameType:n.usernameType}},a=await this.service.auth.authAuthInit({requestBody:i});switch(a.action){case"proceed":{let l=await this.getNavigatorCredential(a,r),u=await this.service.auth.authAuthComplete({requestBody:l});return this.session.setJwtCookie(u.jwtAccess),n?.callbacks?.onSuccess&&await n.callbacks.onSuccess(u),u}case"crossAuth":case"fallback":{if(n?.callbacks?.onFallback)return await n.callbacks.onFallback(e,{fallbackOptions:Ae(a)}),{jwtAccess:""};throw z}default:throw z}}async enablePasskeyAutofill(e={}){return e.autoFill=!0,await this.authenticateWithPasskey("",e)}async generateCodeWithPasskey(e,r={}){if(r.token=this.session.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async addPasskey(e,r={}){let s=this.session.getToken(r);if(!s)throw F;return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o=ge(e,s),n={username:e,txPayload:r,nonce:o.nonce,txType:o.txType},{assertionOptions:i,session:a}=await this.service.tx.txTxInit({requestBody:n}),l={action:"proceed",crossAuthMethods:[],fallbackMethods:[],assertionOptions:i,session:a},{assertionResult:u}=await this.getNavigatorCredential(l),f={authenticatorData:u.authenticatorData,clientData:u.clientDataJSON,keyHandle:u.credentialId,session:a,signature:u.signature},U=await this.service.tx.txTxComplete({requestBody:f});return this.session.setJwtCookie(U.jwtAccess),U}},Ie=se;var ne=class extends m{constructor(e){super(e)}async listPasskeys(e={}){let r=this.session.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.session.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.session.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},ke=ne;var V=class extends m{constructor(e){super(e)}};de(V,[m,Ie,_,ke,Pe]);var Te=V;var ie=class{static async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await N(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}static async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await D(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),l=n.getAuthenticatorData&&n.getAuthenticatorData(),u=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...l&&{authenticatorData:p(l)},...u&&{transports:u}},session:s}}};var Xr=Te;export{ee as AbortError,c as ApiError,Ce as LoginIDAPI,Te as LoginIDWebSDK,d as PasskeyError,ie as WebAuthnHelper,D as createPasskeyCredential,Xr as default,Je as doesDeviceSupportPasskeys,N as getPasskeyCredential,Me as isConditionalUIAvailable,je as isPlatformAuthenticatorAvailable};
+var Oe=Object.defineProperty;var Ee=(t,e)=>{for(var r in e)Oe(t,r,{get:e[r],enumerable:!0})};var W=class{config;constructor(e){this.config=e}getAppId(){if(this.config.appId)return this.config.appId;let e=/https:\/\/([0-9a-fA-F-]+)\.api.*\.loginid\.io/,r=this.config.baseUrl.match(e);if(r)return r[1];throw new Error("Invalid LoginID base URL. App ID not found.")}},L=W;var j=class extends Error{code;constructor(e,r,s){super(e),this.code=r,this.cause=s}},c=j;var M=class extends Error{constructor(e){super(e),this.name="LoginIDError"}},J=M;var ue=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="ConstraintError"){if(s?.authenticatorSelection?.requireResidentKey===!0)return new c("Your device does not support discoverable credentials","ERROR_DISCOVERABLE_CREDENTIALS_UNSUPPORTED",t);if(s?.authenticatorSelection?.userVerification==="required")return new c("Your device does not support user verification","ERROR_USER_VERIFICATION_UNSUPPORTED",t)}if(r==="InvalidStateError")return new c("A passkey already exists on your device","ERROR_PASSKEY_EXISTS",t);if(r==="NotAllowedError")return new c("Passkey creation has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="NotSupportedError")return new c("Your device does not support the algorithms required for passkey creation","ERROR_ALGORITHMS_UNSUPPORTED",t);if(r==="SecurityError"){let o=s?.rp?.id;if(o!==window.location.hostname)return new c(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new c("Your device could not process the requested options or could not create a new passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},le=(t,e)=>{let r=t.name,{publicKey:s}=e;if(r==="AbortError"&&e.signal instanceof AbortSignal)return new c("Passkey authentication has been aborted","ERROR_PASSKEY_ABORTED",t);if(r==="NotAllowedError")return new c("Passkey authentication has failed","ERROR_GENERAL_ERROR_SEE_CAUSE_FIELD",t);if(r==="SecurityError"){let o=s?.rpId;if(o!==window.location.hostname)return new c(`The domain of the relying party (${o}) is invalid for this domain`,"ERROR_DOMAIN_MISMATCH",t)}return r==="UnknownError"?new c("Your device could not process the requested options or could not authenticate with a passkey","ERROR_AUTHENTICATOR_UNKNOWN_ERROR",t):t},F=new J("User needs to be logged in to perform this operation."),z=new J("No login options available.");var Be=t=>t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""),xe=t=>{if(!t)return t;let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r=[],s=0;for(;s<t.length;){let i=t.charCodeAt(s++),a=t.charCodeAt(s++),u=t.charCodeAt(s++),l=i<<16|a<<8|u;r.push(e[l>>18&63]+e[l>>12&63]+e[l>>6&63]+e[l&63])}let o=r.join(""),n=t.length%3;return n?o.slice(0,n-3)+"===".slice(n||3):o},Se=t=>{let e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r={},s=String.fromCharCode;for(let a=0;a<64;a++)r[e.charAt(a)]=a;let o=0,n=0,i="";for(let a of t){let u=r[a];if(u!==void 0)for(o=(o<<6)+u,n+=6;n>=8;)i+=s(o>>(n-=8)&255)}return i},p=t=>{let e="",r=new Uint8Array(t);for(let o=0;o<r.byteLength;o++)e+=String.fromCharCode(r[o]);let s=xe(e);return Be(s)},h=t=>{t=t.replace(/-/g,"+").replace(/_/g,"/");let e=Se(t),r=new Uint8Array(e.length);for(let s=0;s<e.length;s++)r[s]=e.charCodeAt(s);return r.buffer},pe=()=>crypto.randomUUID?crypto.randomUUID():window.crypto.getRandomValues(new Uint32Array(4)).join("-"),de=(t,e)=>{e.forEach(r=>{Object.getOwnPropertyNames(r.prototype).forEach(s=>{Object.defineProperty(t.prototype,s,Object.getOwnPropertyDescriptor(r.prototype,s)||Object.create(null))})})},S=t=>{try{let r=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/"),s=decodeURIComponent(window.atob(r).split("").map(o=>"%"+("00"+o.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(s)}catch(e){console.error(e)}},ce=t=>{let r=`; ${document.cookie}`.split(`; ${t}=`);if(r&&r.length===2)return r.pop().split(";").shift()},me=t=>{document.cookie=t},ye=t=>{document.cookie=`${t}=; expires=${new Date}`};var $=class{config;constructor(e){this.config=new L(e)}getToken(e){if(e.token)return e.token;{let r=this.getJwtCookie();return r||""}}getUser(){if(!this.isLoggedIn())throw F;let e=S(this.getJwtCookie()||"{}");return{username:e.username,id:e.sub}}getJwtCookieName(){return`LoginID_${this.config.getAppId()}_token`}setJwtCookie(e){let r=S(e),s=new Date(r.exp*1e3).toUTCString(),o=`${this.getJwtCookieName()}=${e}; expires=${s}`;me(o)}getJwtCookie(){return ce(this.getJwtCookieName())}isLoggedIn(){return!!this.getJwtCookie()}signout(){ye(this.getJwtCookieName())}},fe=$;var R=class{constructor(e){this.config=e}};var m=class extends Error{url;status;statusText;body;request;constructor(e,r,s){super(s),this.name="ApiError",this.url=r.url,this.status=r.status,this.statusText=r.statusText,this.body=r.body,this.request=e}};var v=class extends Error{constructor(e){super(e),this.name="CancelError"}get isCancelled(){return!0}},g=class{#t;#r;#e;#o;#n;#i;#s;constructor(e){this.#t=!1,this.#r=!1,this.#e=!1,this.#o=[],this.#n=new Promise((r,s)=>{this.#i=r,this.#s=s;let o=a=>{this.#t||this.#r||this.#e||(this.#t=!0,this.#i&&this.#i(a))},n=a=>{this.#t||this.#r||this.#e||(this.#r=!0,this.#s&&this.#s(a))},i=a=>{this.#t||this.#r||this.#e||this.#o.push(a)};return Object.defineProperty(i,"isResolved",{get:()=>this.#t}),Object.defineProperty(i,"isRejected",{get:()=>this.#r}),Object.defineProperty(i,"isCancelled",{get:()=>this.#e}),e(o,n,i)})}get[Symbol.toStringTag](){return"Cancellable Promise"}then(e,r){return this.#n.then(e,r)}catch(e){return this.#n.catch(e)}finally(e){return this.#n.finally(e)}cancel(){if(!(this.#t||this.#r||this.#e)){if(this.#e=!0,this.#o.length)try{for(let e of this.#o)e()}catch(e){console.warn("Cancellation threw an error",e);return}this.#o.length=0,this.#s&&this.#s(new v("Request aborted"))}}get isCancelled(){return this.#e}};var Y=t=>t!=null,w=t=>typeof t=="string",G=t=>w(t)&&t!=="",Q=t=>typeof t=="object"&&typeof t.type=="string"&&typeof t.stream=="function"&&typeof t.arrayBuffer=="function"&&typeof t.constructor=="function"&&typeof t.constructor.name=="string"&&/^(Blob|File)$/.test(t.constructor.name)&&/^(Blob|File)$/.test(t[Symbol.toStringTag]),he=t=>t instanceof FormData,ve=t=>{try{return btoa(t)}catch{return Buffer.from(t).toString("base64")}},we=t=>{let e=[],r=(o,n)=>{e.push(`${encodeURIComponent(o)}=${encodeURIComponent(String(n))}`)},s=(o,n)=>{Y(n)&&(Array.isArray(n)?n.forEach(i=>{s(o,i)}):typeof n=="object"?Object.entries(n).forEach(([i,a])=>{s(`${o}[${i}]`,a)}):r(o,n))};return Object.entries(t).forEach(([o,n])=>{s(o,n)}),e.length>0?`?${e.join("&")}`:""},De=(t,e)=>{let r=t.ENCODE_PATH||encodeURI,s=e.url.replace("{api-version}",t.VERSION).replace(/{(.*?)}/g,(n,i)=>e.path?.hasOwnProperty(i)?r(String(e.path[i])):n),o=`${t.BASE}${s}`;return e.query?`${o}${we(e.query)}`:o},Ne=t=>{if(t.formData){let e=new FormData,r=(s,o)=>{w(o)||Q(o)?e.append(s,o):e.append(s,JSON.stringify(o))};return Object.entries(t.formData).filter(([s,o])=>Y(o)).forEach(([s,o])=>{Array.isArray(o)?o.forEach(n=>r(s,n)):r(s,o)}),e}},K=async(t,e)=>typeof e=="function"?e(t):e,Ue=async(t,e)=>{let[r,s,o,n]=await Promise.all([K(e,t.TOKEN),K(e,t.USERNAME),K(e,t.PASSWORD),K(e,t.HEADERS)]),i=Object.entries({Accept:"application/json",...n,...e.headers}).filter(([a,u])=>Y(u)).reduce((a,[u,l])=>({...a,[u]:String(l)}),{});if(G(r)&&(i.Authorization=`Bearer ${r}`),G(s)&&G(o)){let a=ve(`${s}:${o}`);i.Authorization=`Basic ${a}`}return e.body&&(e.mediaType?i["Content-Type"]=e.mediaType:Q(e.body)?i["Content-Type"]=e.body.type||"application/octet-stream":w(e.body)?i["Content-Type"]="text/plain":he(e.body)||(i["Content-Type"]="application/json")),new Headers(i)},Le=t=>{if(t.body!==void 0)return t.mediaType?.includes("/json")?JSON.stringify(t.body):w(t.body)||Q(t.body)||he(t.body)?t.body:JSON.stringify(t.body)},Fe=async(t,e,r,s,o,n,i)=>{let a=new AbortController,u={headers:n,body:s??o,method:e.method,signal:a.signal};return t.WITH_CREDENTIALS&&(u.credentials=t.CREDENTIALS),i(()=>a.abort()),await fetch(r,u)},Ke=(t,e)=>{if(e){let r=t.headers.get(e);if(w(r))return r}},He=async t=>{if(t.status!==204)try{let e=t.headers.get("Content-Type");if(e)return["application/json","application/problem+json"].some(o=>e.toLowerCase().startsWith(o))?await t.json():await t.text()}catch(e){console.error(e)}},_e=(t,e)=>{let s={400:"Bad Request",401:"Unauthorized",403:"Forbidden",404:"Not Found",500:"Internal Server Error",502:"Bad Gateway",503:"Service Unavailable",...t.errors}[e.status];if(s)throw new m(t,e,s);if(!e.ok){let o=e.status??"unknown",n=e.statusText??"unknown",i=(()=>{try{return JSON.stringify(e.body,null,2)}catch{return}})();throw new m(t,e,`Generic Error: status: ${o}; status text: ${n}; body: ${i}`)}},Re=(t,e)=>new g(async(r,s,o)=>{try{let n=De(t,e),i=Ne(e),a=Le(e),u=await Ue(t,e);if(!o.isCancelled){let l=await Fe(t,e,n,a,i,u,o),d=await He(l),x=Ke(l,e.responseHeader),ae={url:n,ok:l.ok,status:l.status,statusText:l.statusText,body:x??d};_e(e,ae),r(ae.body)}}catch(n){s(n)}});var H=class extends R{constructor(e){super(e)}request(e){return Re(this.config,e)}};var b=class{constructor(e){this.httpRequest=e}authAuthComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthInit({requestBody:e,userAgent:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/init",headers:{"User-Agent":r},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequest({authorization:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestEmail({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/email",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeRequestSms({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/sms",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}authAuthCodeVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/auth/otp/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var C=class{constructor(e){this.httpRequest=e}mgmtGrantCreate({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/grant",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}mgmtTokenVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/mgmt/token/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",500:"InternalServerError: Internal Server Error response."}})}};var P=class{constructor(e){this.httpRequest=e}passkeysPasskeysList({authorization:e}){return this.httpRequest.request({method:"GET",url:"/fido2/v2/passkeys",headers:{Authorization:e},errors:{401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyDelete({id:e,authorization:r}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:r},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}passkeysPasskeyRename({id:e,requestBody:r,authorization:s}){return this.httpRequest.request({method:"PUT",url:"/fido2/v2/passkeys/{id}",path:{id:e},headers:{Authorization:s},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var q=class{constructor(e){this.httpRequest=e}profileProfileDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}",path:{id:e},errors:{404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/email",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneDelete({id:e}){return this.httpRequest.request({method:"DELETE",url:"/fido2/v2/profile/{id}/phone",path:{id:e},errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneUpdate({id:e,requestBody:r}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/{id}/phone",path:{id:e},body:r,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfileEmailVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/email/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}profileProfilePhoneVerify({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/profile/phone/verify",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",404:"NotFound: Not Found response.",500:"InternalServerError: Internal Server Error response."}})}};var A=class{constructor(e){this.httpRequest=e}regRegComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}regRegInit({requestBody:e,userAgent:r,authorization:s}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/reg/init",headers:{"User-Agent":r,Authorization:s},body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",401:"Unauthorized: Unauthorized response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}};var I=class{constructor(e){this.httpRequest=e}txTxComplete({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/complete",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",403:"Forbidden: Forbidden response.",500:"InternalServerError: Internal Server Error response."}})}txTxInit({requestBody:e}){return this.httpRequest.request({method:"POST",url:"/fido2/v2/tx/init",body:e,mediaType:"application/json",errors:{400:"BadRequest: Bad Request response.",500:"InternalServerError: Internal Server Error response."}})}};var k=class{constructor(e){this.httpRequest=e}versionVersionShow(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/version"})}};var T=class{constructor(e){this.httpRequest=e}wellKnownJwks(){return this.httpRequest.request({method:"GET",url:"/fido2/v2/.well-known/jwks.json",errors:{500:"InternalServerError: Internal Server Error response."}})}};var O=class{auth;mgmt;passkeys;profile;reg;tx;version;wellKnown;request;constructor(e,r=H){this.request=new r({BASE:e?.BASE??"https://api.loginid.io/fido2/v2",VERSION:e?.VERSION??"2.0",WITH_CREDENTIALS:e?.WITH_CREDENTIALS??!1,CREDENTIALS:e?.CREDENTIALS??"include",TOKEN:e?.TOKEN,USERNAME:e?.USERNAME,PASSWORD:e?.PASSWORD,HEADERS:e?.HEADERS,ENCODE_PATH:e?.ENCODE_PATH}),this.auth=new b(this.request),this.mgmt=new C(this.request),this.passkeys=new P(this.request),this.profile=new q(this.request),this.reg=new A(this.request),this.tx=new I(this.request),this.version=new k(this.request),this.wellKnown=new T(this.request)}};var X=class{config;service;session;constructor(e){this.config=new L(e),this.service=new O({BASE:e.baseUrl}),this.session=new fe(e)}},y=X;var Z=class extends Error{constructor(e){super(e),this.name="AbortError"}},ee=Z;var te=class t{static abortController=new AbortController;static renewWebAuthnAbortController=()=>{let e=new ee("Cancelling current WebAuthn request");t.abortController.abort(e);let r=new AbortController;t.abortController=r}},E=te;var f=(t,e)=>({...e,token:e.token||"",usernameType:e.usernameType||"email",displayName:e.displayName||t,callbacks:e.callbacks||{}}),ge=(t,e)=>({...f(t,e),txType:e.txType||"raw",nonce:e.nonce||pe()});var re=class extends y{constructor(e){super(e)}async authenticateWithCode(e,r,s={}){let o=f(e,s),n={authCode:r,user:{username:e,usernameType:o.usernameType}},a={...await this.service.auth.authAuthCodeVerify({requestBody:n}),isAuthenticated:!0};return E.renewWebAuthnAbortController(),this.session.setJwtCookie(a.jwtAccess),a}async sendCode(e,r="email",s={}){let o=f(e,s),n={user:{username:e,usernameType:o.usernameType}};switch(r){case"email":await this.service.auth.authAuthCodeRequestEmail({requestBody:n});break;case"sms":await this.service.auth.authAuthCodeRequestSms({requestBody:n});break;default:throw new Error("Invalid message method")}return null}},_=re;import{UAParser as Ve}from"ua-parser-js";var D=t=>{let e={clientType:"browser",screenWidth:window.screen.width,screenHeight:window.screen.height,clientName:"",clientVersion:"",osName:"",osVersion:"",osArch:""};return t&&(e.deviceId=t),e},We=(t,e)=>{let r=t.split(".").map(Number),s=e.split(".").map(Number),o=Math.max(r.length,s.length);for(let n=0;n<o;n++){let i=n<r.length?r[n]:0,a=n<s.length?s[n]:0;if(i<a)return-1;if(i>a)return 1}return 0};async function je(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?!1:await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function Me(){try{return!window.PublicKeyCredential||!window.PublicKeyCredential.isConditionalMediationAvailable?!1:await window.PublicKeyCredential.isConditionalMediationAvailable()}catch{return!1}}async function Je(){let t=new Ve(window.navigator.userAgent).getResult(),e={solution:"",deviceSupported:!1};if(!window.PublicKeyCredential)return e.solution="Your browser seems to be outdated. Please upgrade to the latest version.",e;if(!await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable())switch(t.os.name){case"Mac OS":{let s=t.browser.version||"";return t.browser.name==="Firefox"&&We(s,"122.0")<0?(e.solution="Please update your Firefox browser to the latest version.",e):(e.solution="Enable Touch ID on your device.",e)}case"iOS":return e.solution="Enable Face ID or Touch ID on your device.",e;case"Windows":return e.solution="Enable Windows Hello on your device. See here: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0.",e;case"Android":return t.browser.name==="Firefox"?(e.solution="Passkeys may not be supported on your Firefox browser. Please switch to a Chromium browser.",e):(e.solution="Enable device unlock via fingerprint, PIN, or facial recognition on your device.",e);default:return e.solution="Enable device unlock features such as fingerprint, PIN, or facial recognition.",e}return e.deviceSupported=!0,e}var Ce={};Ee(Ce,{ApiError:()=>m,AuthService:()=>b,BaseHttpRequest:()=>R,CancelError:()=>v,CancelablePromise:()=>g,LoginIDService:()=>O,MgmtService:()=>C,OpenAPI:()=>be,PasskeysService:()=>P,ProfileService:()=>q,RegService:()=>A,TxService:()=>I,VersionService:()=>k,WellKnownService:()=>T});var be={BASE:"https://api.loginid.io/fido2/v2",VERSION:"2.0",WITH_CREDENTIALS:!1,CREDENTIALS:"include",TOKEN:void 0,USERNAME:void 0,PASSWORD:void 0,HEADERS:void 0,ENCODE_PATH:void 0};var oe=class extends y{constructor(e){super(e)}async verifyConfigSettings(){let e={isValid:!0};try{this.config.getAppId()}catch{return e.isValid=!1,e.solution="Please verify that your base URL is correct.",e.code="invalid_app_id",e.message="Invalid app ID",e}try{let r=f("",{}),s={app:{id:this.config.getAppId()},deviceInfo:D(),user:{username:"",usernameType:r.usernameType}};await this.service.auth.authAuthInit({requestBody:s})}catch(r){return e.isValid=!1,e.solution="Verify that your application exists and the base URL is correct.",e.code="unknown_error",e.message="Unknown error.",r instanceof m&&(e.code=r.body.msgCode||"unknown_error",e.message=r.body.msg||r.body.message||"Unknown error."),e}return e}getUser(){return this.session.getUser()}isLoggedIn(){return this.session.isLoggedIn()}signout(){this.session.signout()}},Pe=oe;var qe=t=>`LoginID_${t}_device-id`,B=class{static persistDeviceId(e,r){r&&localStorage.setItem(qe(e),r)}static getDeviceId(e){return localStorage.getItem(qe(e))||""}};var Ae=t=>{let e={ciam:!1,otp:!1,"otp:email":!1,"otp:sms":!1};return[...t.crossAuthMethods,...t.fallbackMethods].reduce((o,n)=>(o[n]=!0,o),e)};var N=async t=>{let e;if(t.excludeCredentials!==void 0){e=[];for(let o of t.excludeCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};e.push(n)}}let r=t.pubKeyCredParams,s={publicKey:{attestation:t.attestation,authenticatorSelection:{...t.authenticatorSelection},challenge:h(t.challenge),excludeCredentials:e,extensions:t.extensions,pubKeyCredParams:r,rp:t.rp,timeout:t.timeout,user:{...t.user,id:h(t.user.id)}}};try{let o=await navigator.credentials.create(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?ue(o,s):o}},U=async(t,e={})=>{let r;if(t.allowCredentials!==void 0){r=[];for(let o of t.allowCredentials){let n={id:h(o.id),transports:o.transports,type:o.type};r.push(n)}}let s={...e.autoFill&&{mediation:"conditional"},...e.abortSignal&&{signal:e.abortSignal},publicKey:{allowCredentials:r,challenge:h(t.challenge),extensions:t.extensions,rpId:t.rpId,timeout:t.timeout,userVerification:t.userVerification}};try{let o=await navigator.credentials.get(s);if(o===null)throw new Error("Failed to create the passkey credential.");return o}catch(o){throw o instanceof Error?le(o,s):o}};var se=class extends _{constructor(e){super(e)}async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e;E.renewWebAuthnAbortController();let o=await N(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),l=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:p(u)},...l&&{transports:l}},session:s}}async registerWithPasskey(e,r={}){let s=this.config.getAppId(),o=D(B.getDeviceId(s)),n=f(e,r);r.token=this.session.getToken(r),r.token&&S(r.token).username!==e&&(r.token="");let i={app:{id:s},deviceInfo:o,user:{username:e,usernameType:n.usernameType,displayName:n.displayName},...r.session&&{session:r.session}},a=await this.service.reg.regRegInit({requestBody:i,...r.token&&{authorization:r.token}}),u=await this.createNavigatorCredential(a),d={...await this.service.reg.regRegComplete({requestBody:u}),isAuthenticated:!0};return this.session.setJwtCookie(d.jwtAccess),B.persistDeviceId(s,d.deviceID),d}async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e;r.abortSignal||(E.renewWebAuthnAbortController(),r.abortSignal=E.abortController.signal);let n=await U(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}async authenticateWithPasskey(e="",r={}){let s=this.config.getAppId(),o=D(B.getDeviceId(s)),n=f(e,r),i={app:{id:s},deviceInfo:o,user:{username:e,usernameType:n.usernameType}},a=await this.service.auth.authAuthInit({requestBody:i});switch(a.action){case"proceed":{let u=await this.getNavigatorCredential(a,r),d={...await this.service.auth.authAuthComplete({requestBody:u}),isAuthenticated:!0};return this.session.setJwtCookie(d.jwtAccess),n?.callbacks?.onSuccess&&await n.callbacks.onSuccess(d),d}case"crossAuth":case"fallback":{if(n?.callbacks?.onFallback){let u=Ae(a);return await n.callbacks.onFallback(e,{fallbackOptions:u}),{jwtAccess:"",isAuthenticated:!1,fallbackOptions:u}}throw z}default:throw z}}async enablePasskeyAutofill(e={}){return e.autoFill=!0,await this.authenticateWithPasskey("",e)}async generateCodeWithPasskey(e,r={}){if(r.token=this.session.getToken(r),!r.token){let o=await this.authenticateWithPasskey(e,r);r.token=o.jwtAccess}return await this.service.auth.authAuthCodeRequest({authorization:r.token})}async addPasskey(e,r={}){let s=this.session.getToken(r);if(!s)throw F;return r.token=s,await this.registerWithPasskey(e,r)}async addPasskeyWithCode(e,r,s={}){return await this.authenticateWithCode(e,r,s),await this.registerWithPasskey(e,s)}async confirmTransaction(e,r,s={}){let o=ge(e,s),n={username:e,txPayload:r,nonce:o.nonce,txType:o.txType},{assertionOptions:i,session:a}=await this.service.tx.txTxInit({requestBody:n}),u={action:"proceed",crossAuthMethods:[],fallbackMethods:[],assertionOptions:i,session:a},{assertionResult:l}=await this.getNavigatorCredential(u),d={authenticatorData:l.authenticatorData,clientData:l.clientDataJSON,keyHandle:l.credentialId,session:a,signature:l.signature},x=await this.service.tx.txTxComplete({requestBody:d});return this.session.setJwtCookie(x.jwtAccess),x}},Ie=se;var ne=class extends y{constructor(e){super(e)}async listPasskeys(e={}){let r=this.session.getToken(e);return await this.service.passkeys.passkeysPasskeysList({authorization:r})}async renamePasskey(e,r,s={}){let o=this.session.getToken(s),n={name:r};return await this.service.passkeys.passkeysPasskeyRename({authorization:o,id:e,requestBody:n}),null}async deletePasskey(e,r={}){let s=this.session.getToken(r);return await this.service.passkeys.passkeysPasskeyDelete({authorization:s,id:e}),null}},ke=ne;var V=class extends y{constructor(e){super(e)}};de(V,[y,Ie,_,ke,Pe]);var Te=V;var ie=class{static async getNavigatorCredential(e,r={}){let{assertionOptions:s,session:o}=e,n=await U(s,r),i=n.response;return{assertionResult:{authenticatorData:p(i.authenticatorData),clientDataJSON:p(i.clientDataJSON),credentialId:n.id,signature:p(i.signature),...i.userHandle&&{userHandle:p(i.userHandle)}},session:o}}static async createNavigatorCredential(e){let{registrationRequestOptions:r,session:s}=e,o=await N(r),n=o.response,i=n.getPublicKey&&n.getPublicKey(),a=n.getPublicKeyAlgorithm&&n.getPublicKeyAlgorithm(),u=n.getAuthenticatorData&&n.getAuthenticatorData(),l=n.getTransports&&n.getTransports();return{creationResult:{attestationObject:p(n.attestationObject),clientDataJSON:p(n.clientDataJSON),credentialId:o.id,...i&&{publicKey:p(i)},...a&&{publicKeyAlgorithm:a},...u&&{authenticatorData:p(u)},...l&&{transports:l}},session:s}}};var Xr=Te;export{ee as AbortError,m as ApiError,Ce as LoginIDAPI,Te as LoginIDWebSDK,c as PasskeyError,ie as WebAuthnHelper,N as createPasskeyCredential,Xr as default,Je as doesDeviceSupportPasskeys,U as getPasskeyCredential,Me as isConditionalUIAvailable,je as isPlatformAuthenticatorAvailable};
 //# sourceMappingURL=index.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@loginid/websdk3",
-  "version": "1.9.0-next.1",
+  "version": "1.9.0",
   "description": "",
   "main": "./dist/index.cjs",
   "module": "./dist/index.js",