@lumiapassport/core 1.3.2 → 1.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/auth/index.cjs +0 -27
  2. package/dist/auth/index.cjs.map +1 -1
  3. package/dist/auth/index.js +0 -27
  4. package/dist/auth/index.js.map +1 -1
  5. package/dist/index.cjs +0 -27
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.js +0 -27
  8. package/dist/index.js.map +1 -1
  9. package/dist/internal/error-tracking.cjs +1 -1
  10. package/dist/internal/error-tracking.js +1 -1
  11. package/package.json +1 -1
package/dist/auth/index.cjs CHANGED
@@ -84,20 +84,12 @@ var LocalStorageAdapter = class {
84
84
  }
85
85
  }
86
86
  getItem(key) {
87
- console.log("[Storage] getItem called for key:", key);
88
87
  if (this.fallback) {
89
- console.log("[Storage] Using fallback memory storage");
90
88
  return this.fallback.getItem(key);
91
89
  }
92
90
  try {
93
91
  const win = typeof globalThis !== "undefined" && globalThis.window;
94
92
  const value = win?.localStorage?.getItem(key) || null;
95
- console.log("[Storage] Read from localStorage:", {
96
- key,
97
- hasValue: !!value,
98
- valueLength: value?.length,
99
- allKeys: win?.localStorage ? Object.keys(win.localStorage) : []
100
- });
101
93
  return value;
102
94
  } catch (error) {
103
95
  console.error("[Storage] Error reading from localStorage:", error);
@@ -105,24 +97,13 @@ var LocalStorageAdapter = class {
105
97
  }
106
98
  }
107
99
  setItem(key, value) {
108
- console.log("[Storage] setItem called:", { key, valueLength: value.length });
109
100
  if (this.fallback) {
110
- console.log("[Storage] Using fallback memory storage for write");
111
101
  this.fallback.setItem(key, value);
112
102
  return;
113
103
  }
114
104
  try {
115
105
  const win = typeof globalThis !== "undefined" && globalThis.window;
116
106
  win?.localStorage?.setItem(key, value);
117
- console.log("[Storage] Successfully wrote to localStorage");
118
- const verification = win?.localStorage?.getItem(key);
119
- if (!verification) {
120
- console.error("[Storage] \u26A0\uFE0F VERIFICATION FAILED: Value not found after write!");
121
- } else if (verification !== value) {
122
- console.error("[Storage] \u26A0\uFE0F VERIFICATION FAILED: Value mismatch after write!");
123
- } else {
124
- console.log("[Storage] \u2705 Write verified successfully");
125
- }
126
107
  } catch (error) {
127
108
  console.error("[Storage] Error writing to localStorage:", error);
128
109
  if (!this.fallback) {
@@ -311,20 +292,12 @@ var JwtTokenManager = class {
311
292
  }
312
293
  isTokenExpired() {
313
294
  if (!this.tokens) {
314
- console.log("[JWT] No tokens available, considering expired");
315
295
  return true;
316
296
  }
317
297
  const buffer = 30 * 1e3;
318
298
  const now = Date.now();
319
299
  const expiresAt = this.tokens.expiresAt;
320
300
  const isExpired = now > expiresAt - buffer;
321
- console.log("[JWT] Token expiry check:", {
322
- currentTime: now,
323
- expiresAt,
324
- buffer,
325
- timeToExpiry: (expiresAt - now) / 1e3,
326
- isExpired
327
- });
328
301
  return isExpired;
329
302
  }
330
303
  isAuthenticated() {
package/dist/auth/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/auth/base64url.ts","../../src/auth/storage.ts","../../src/utils/project-id.ts","../../src/auth/jwt.ts"],"names":[],"mappings":";;;AAUO,SAAS,uBAAuB,MAAA,EAA6B;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAChF;AAOO,SAAS,sBAAsB,SAAA,EAA+B;AACnE,EAAA,MAAM,MAAA,GAAS,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC7D,EAAA,MAAM,MAAM,MAAA,CAAO,MAAA,GAAS,IAAI,CAAA,GAAK,MAAA,CAAO,SAAS,CAAA,GAAK,CAAA;AAC1D,EAAA,MAAM,MAAA,GAAS,MAAA,GAAS,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA;AACtC,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAChC;AACA,EAAA,OAAO,KAAA;AACT;AAOO,SAAS,oBAAoB,MAAA,EAA6B;AAC/D,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,KAAK,MAAM,CAAA;AACpB;;;ACbO,IAAM,gBAAN,MAA4C;AAAA,EACzC,OAAA,uBAAc,GAAA,EAAoB;AAAA,EAE1C,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAClC;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC7B;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAA,GAAiB;AACf,IAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,KAAK,OAAA,CAAQ,IAAA;AAAA,EACtB;AACF;AAMO,IAAM,sBAAN,MAAkD;AAAA,EAC/C,QAAA,GAAiC,IAAA;AAAA,EAEzC,WAAA,GAAc;AAEZ,IAAA,IAAI,CAAC,IAAA,CAAK,uBAAA,EAAwB,EAAG;AACnC,MAAA,OAAA,CAAQ,KAAK,sEAAsE,CAAA;AACnF,MAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAAA,IACpC;AAAA,EACF;AAAA,EAEQ,uBAAA,GAAmC;AACzC,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,OAAA,GAAU,GAAA,GAAM,GAAA,CAAI,YAAA,GAAe,KAAA,CAAA;AACzC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAO,KAAA;AAAA,MACT;AAEA,MAAA,MAAM,OAAA,GAAU,wBAAA;AAChB,MAAA,OAAA,CAAQ,OAAA,CAAQ,SAAS,MAAM,CAAA;AAC/B,MAAA,OAAA,CAAQ,WAAW,OAAO,CAAA;AAC1B,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAA,CAAQ,GAAA,CAAI,qCAAqC,GAAG,CAAA;AACpD,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,MAAA,OAAO,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AAAA,IAClC;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,KAAA,GAAQ,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA,IAAK,IAAA;AACjD,MAAA,OAAA,CAAQ,IAAI,mCAAA,EAAqC;AAAA,QAC/C,GAAA;AAAA,QACA,QAAA,EAAU,CAAC,CAAC,KAAA;AAAA,QACZ,aAAa,KAAA,EAAO,MAAA;AAAA,QACpB,OAAA,EAAS,KAAK,YAAA,GAAe,MAAA,CAAO,KAAK,GAAA,CAAI,YAAY,IAAI;AAAC,OAC/D,CAAA;AACD,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8CAA8C,KAAK,CAAA;AACjE,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,OAAA,CAAQ,IAAI,2BAAA,EAA6B,EAAE,KAAK,WAAA,EAAa,KAAA,CAAM,QAAQ,CAAA;AAC3E,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,MAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAChC,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACrC,MAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAG1D,MAAA,MAAM,YAAA,GAAe,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA;AACnD,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAA,CAAQ,MAAM,0EAAgE,CAAA;AAAA,MAChF,CAAA,MAAA,IAAW,iBAAiB,KAAA,EAAO;AACjC,QAAA,OAAA,CAAQ,MAAM,yEAA+D,CAAA;AAAA,MAC/E,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,8CAAyC,CAAA;AAAA,MACvD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAE/D,MAAA,IAAI,CAAC,KAAK,QAAA,EAAU;AAClB,QAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAClC,QAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,IAAA,CAAK,QAAA,CAAS,WAAW,GAAG,CAAA;AAC5B,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,WAAW,GAAG,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,+CAA+C,KAAK,CAAA;AAAA,IACpE;AAAA,EACF;AACF;AAWA,eAAsB,UAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAClC,EAAA,OAAO,MAAA,YAAkB,OAAA,GAAU,MAAM,MAAA,GAAS,MAAA;AACpD;AAKA,eAAsB,UAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACzC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;AAKA,eAAsB,aAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AACrC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;ACtMO,SAAS,YAAA,GAAmC;AAOjD,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,OAAS,WAAmB,MAAA,CAAe,oBAAA;AAAA,EAC7C;AAEA,EAAA,OAAO,MAAA;AACT;AAOO,SAAS,iBAAA,CAAkB,KAAa,SAAA,EAA4B;AACzE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,aAAa,YAAA,EAAa;AACtC,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,MAAM,SAAA,GAAY,GAAA,CAAI,QAAA,CAAS,GAAG,IAAI,GAAA,GAAM,GAAA;AAC5C,MAAA,OAAO,GAAG,GAAG,CAAA,EAAG,SAAS,CAAA,UAAA,EAAa,kBAAA,CAAmB,GAAG,CAAC,CAAA,CAAA;AAAA,IAC/D;AAAA,EACF,SAAS,KAAA,EAAO;AAAA,EAEhB;AACA,EAAA,OAAO,GAAA;AACT;;;ACtCA,IAAM,iBAAA,GAAoB,2BAAA;AAC1B,IAAM,WAAA,GAAc,gCAAA;AAQpB,IAAI,cAAA;AAMG,SAAS,mBAAmB,MAAA,EAGhC;AACD,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA;AAAA,EAChC;AAGF;AAGA,IAAM,aAAA,GAA6D,mCAAA;AAEnE,SAAS,SAAA,GAAoB;AAI3B,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,cAAA,EAAe;AAAA,EACxB;AAGA,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,MAAM,QAAA,GAAa,WAAmB,MAAA,CAAe,kBAAA;AACrD,IAAA,IAAI,UAAU,MAAA,EAAQ;AACpB,MAAA,OAAO,QAAA,CAAS,MAAA;AAAA,IAClB;AAAA,EACF;AAGA,EAAmB;AACjB,IAAA,OAAO,aAAA;AAAA,EACT;AAIF;AAmDO,IAAM,kBAAN,MAAsB;AAAA,EACnB,MAAA,GAA2B,IAAA;AAAA,EAC3B,OAAA;AAAA,EACA,cAAA,GAA0C,IAAA;AAAA;AAAA,EAElD,YAAY,OAAA,EAAwB;AAClC,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA,IAAW,IAAI,mBAAA,EAAoB;AAClD,IAAA,OAAA,CAAQ,IAAI,uCAAuC,CAAA;AACnD,IAAA,IAAA,CAAK,qBAAA,EAAsB;AAAA,EAC7B;AAAA,EAEA,MAAc,qBAAA,GAAuC;AACnD,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,OAAA,CAAQ,QAAQ,iBAAiB,CAAA;AAC3D,MAAA,OAAA,CAAQ,GAAA,CAAI,oCAAA,EAAsC,CAAC,CAAC,MAAM,CAAA;AAE1D,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,MAAM,CAAA;AAC/B,QAAA,OAAA,CAAQ,IAAI,sBAAA,EAAwB;AAAA,UAClC,cAAA,EAAgB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,WAAA;AAAA,UAC/B,eAAA,EAAiB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,YAAA;AAAA,UAChC,MAAA,EAAQ,KAAK,MAAA,EAAQ,MAAA;AAAA,UACrB,SAAA,EAAW,KAAK,MAAA,EAAQ,SAAA;AAAA,UACxB,WAAA,EAAa,KAAK,GAAA,EAAI;AAAA,UACtB,YAAA,EAAc,IAAA,CAAK,MAAA,EAAQ,SAAA,GAAA,CAAa,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,IAAK,GAAA,GAAO;AAAA,SACtF,CAAA;AAED,QAAA,IAAI,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,cAAA,EAAe,EAAG;AACxC,UAAA,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAG3C,UAAA,IAAI,IAAA,CAAK,OAAO,YAAA,EAAc;AAC5B,YAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAAA,UAE/E,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,YAAA,MAAM,KAAK,WAAA,EAAY;AAAA,UACzB;AAAA,QACF,CAAA,MAAO;AACL,UAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,QAC3D;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAAA,MAChD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAC/D,MAAA,MAAM,KAAK,WAAA,EAAY;AAAA,IACzB;AAAA,EACF;AAAA,EAEA,MAAc,mBAAA,GAAqC;AACjD,IAAA,IAAI;AACF,MAAA,IAAI,KAAK,MAAA,EAAQ;AACf,QAAA,MAAM,WAAA,GAAc,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,MAAM,CAAA;AAC9C,QAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,iBAAA,EAAmB,WAAW,CAAA;AACzD,QAAA,MAAM,KAAK,OAAA,CAAQ,OAAA,CAAQ,WAAA,EAAa,IAAA,CAAK,OAAO,MAAM,CAAA;AAAA,MAC5D;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAAA,IAChE;AAAA,EACF;AAAA,EAEA,MAAM,UAAU,QAAA,EAAwC;AACtD,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAS,SAAA,GAAY,GAAA;AACpD,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,cAAc,QAAA,CAAS,YAAA;AAAA,MACvB,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,SAAA;AAAA,MACA,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,WAAA,EAAa,SAAS,WAAA,IAAe,IAAA;AAAA,MACrC,SAAA,EAAW,QAAA,CAAS,SAAA,IAAa;AAAC,KACpC;AAEA,IAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,EACjC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA;AAEzB,IAAA,OAAO,KAAK,MAAA,CAAO,WAAA;AAAA,EACrB;AAAA,EAEA,eAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,YAAA,IAAgB,IAAA;AAAA,EACtC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,YAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,MAAA,EAAQ,SAAA,IAAa,EAAC;AAAA,EACpC;AAAA,EAEA,SAAA,GAA8B;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAAqC;AAC9D,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,WAAA,EAA2C;AACjE,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,cAAA,GAA0B;AACxB,IAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,MAAA,OAAA,CAAQ,IAAI,gDAAgD,CAAA;AAC5D,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,MAAM,SAAA,GAAY,KAAK,MAAA,CAAO,SAAA;AAC9B,IAAA,MAAM,SAAA,GAAY,MAAO,SAAA,GAAY,MAAA;AAErC,IAAA,OAAA,CAAQ,IAAI,2BAAA,EAA6B;AAAA,MACvC,WAAA,EAAa,GAAA;AAAA,MACb,SAAA;AAAA,MACA,MAAA;AAAA,MACA,YAAA,EAAA,CAAe,YAAY,GAAA,IAAO,GAAA;AAAA,MAClC;AAAA,KACD,CAAA;AAED,IAAA,OAAO,SAAA;AAAA,EACT;AAAA,EAEA,eAAA,GAA2B;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,KAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,cAAA,EAAe,EAAG;AAC1B,MAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,WAAA;AAAA,IACvB;AAGA,IAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,YAAA;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,IAAA,CAAK,MAAA,GAAS,IAAA;AACd,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,iBAAiB,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,kBAAA,GAAuC;AAE3C,IAAA,IAAI,KAAK,cAAA,EAAgB;AACvB,MAAA,OAAA,CAAQ,IAAI,sEAAsE,CAAA;AAClF,MAAA,OAAO,IAAA,CAAK,cAAA;AAAA,IACd;AAEA,IAAA,MAAM,YAAA,GAAe,KAAK,eAAA,EAAgB;AAC1C,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAA,CAAQ,KAAK,8CAA8C,CAAA;AAC3D,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAG3D,IAAA,IAAA,CAAK,kBAAkB,YAAY;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,mBAAmB,CAAA,EAAG;AAAA,UACjF,MAAA,EAAQ,MAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,UAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,cAAc;AAAA,SACtC,CAAA;AAED,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,UAAA,OAAA,CAAQ,GAAA,CAAI,yCAAA,EAA2C,QAAA,CAAS,MAAM,CAAA;AAEtE,UAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,YAAA,IAAI;AACF,cAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,cAAA,OAAA,CAAQ,GAAA,CAAI,oCAAoC,SAAS,CAAA;AAGzD,cAAA,QAAQ,UAAU,UAAA;AAAY,gBAC5B,KAAK,mBAAA;AACH,kBAAA,OAAA,CAAQ,IAAI,wDAAwD,CAAA;AACpE,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA,gBAET,KAAK,eAAA;AAAA,gBACL;AACE,kBAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAC1D,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA;AACX,YACF,SAAS,UAAA,EAAY;AACnB,cAAA,OAAA,CAAQ,IAAA,CAAK,qDAAqD,UAAU,CAAA;AAC5E,cAAA,MAAM,KAAK,WAAA,EAAY;AACvB,cAAA,OAAO,KAAA;AAAA,YACT;AAAA,UACF,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,6EAA6E,CAAA;AACzF,YAAA,OAAO,KAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,MAAM,eAAA,GAAkB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC5C,QAAA,OAAA,CAAQ,GAAA,CAAI,gDAAA,EAAkD,eAAA,CAAgB,SAAA,EAAW,SAAS,CAAA;AAElG,QAAA,IAAI,KAAK,MAAA,EAAQ;AAEf,UAAA,IAAA,CAAK,MAAA,CAAO,cAAc,eAAA,CAAgB,WAAA;AAC1C,UAAA,IAAA,CAAK,MAAA,CAAO,eAAe,eAAA,CAAgB,YAAA;AAC3C,UAAA,IAAA,CAAK,MAAA,CAAO,YAAY,eAAA,CAAgB,SAAA;AACxC,UAAA,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,gBAAgB,SAAA,GAAY,GAAA;AACjE,UAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,UAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,OAAA,CAAQ,MAAM,oCAAoC,CAAA;AAClD,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,sCAAsC,KAAK,CAAA;AAEzD,QAAA,OAAO,KAAA;AAAA,MACT,CAAA,SAAE;AAEA,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AACtB,QAAA,OAAA,CAAQ,IAAI,kDAAkD,CAAA;AAAA,MAChE;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,OAAO,IAAA,CAAK,cAAA;AAAA,EACd;AAAA,EAEA,aAAA,GAA+B;AAC7B,IAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,EAAe;AAClC,IAAA,OAAO,KAAA,GAAQ,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,GAAK,IAAA;AAAA,EACrC;AACF;AAGO,IAAM,eAAA,GAAkB,IAAI,eAAA;AAK5B,SAAS,sBAAsB,OAAA,EAAwC;AAC5E,EAAA,OAAO,IAAI,gBAAgB,OAAO,CAAA;AACpC;AAIA,eAAsB,MAAA,CAAO,UAA2B,eAAA,EAAgC;AACtF,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAM,iBAAA,CAAkB,CAAA,EAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,QAC/D,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,aAAA,EAAe,UAAA;AAAA,UACf,cAAA,EAAgB;AAAA;AAClB,OACD,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,uBAAuB,KAAK,CAAA;AAAA,EAC5C,CAAA,SAAE;AACA,IAAA,MAAM,QAAQ,WAAA,EAAY;AAAA,EAC5B;AACF;AAEA,eAAsB,WAAA,CAAY,UAA2B,eAAA,EAAiD;AAC5G,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAA,CAAQ,IAAI,iDAAiD,CAAA;AAC7D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,MAChF,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,EAAE,aAAA,EAAe,UAAA;AAAW,KACtC,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,OAAA,CAAQ,GAAA,CAAI,kCAAA,EAAoC,QAAA,CAAS,MAAM,CAAA;AAE/D,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,UAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,SAAS,CAAA;AAGjD,UAAA,QAAQ,UAAU,UAAA;AAAY,YAC5B,KAAK,eAAA;AACH,cAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,cAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,cAAA,IAAI,cAAA,EAAgB;AAClB,gBAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AACvE,gBAAA,OAAO,MAAM,YAAY,OAAO,CAAA;AAAA,cAClC,CAAA,MAAO;AACL,gBAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AACzD,gBAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,gBAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,cACxB;AAAA,YAEF,KAAK,mBAAA;AACH,cAAA,OAAA,CAAQ,IAAI,qDAAqD,CAAA;AACjE,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,YAExB,KAAK,eAAA;AAAA,YACL;AACE,cAAA,OAAA,CAAQ,IAAI,sCAAsC,CAAA;AAClD,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA;AAC1B,QACF,SAAS,UAAA,EAAY;AACnB,UAAA,OAAA,CAAQ,IAAA,CAAK,6CAA6C,UAAU,CAAA;AACpE,UAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,UAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,QACxB;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,yDAAyD,CAAA;AACrE,QAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,MACxB;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,IAAA,OAAA,CAAQ,GAAA,CAAI,wCAAwC,cAAc,CAAA;AAElE,IAAA,IAAI,eAAe,KAAA,EAAO;AACxB,MAAA,IAAI,OAAO,cAAA,CAAe,WAAA,KAAgB,SAAA,EAAW;AACnD,QAAA,MAAM,OAAA,CAAQ,oBAAA,CAAqB,cAAA,CAAe,WAAW,CAAA;AAAA,MAC/D;AAEA,MAAA,IAAI,OAAA,CAAQ,WAAU,EAAG;AACvB,QAAA,IAAI,cAAA,CAAe,gBAAgB,KAAA,CAAA,EAAW;AAC5C,UAAA,MAAM,OAAA,CAAQ,iBAAA,CAAkB,cAAA,CAAe,WAAW,CAAA;AAAA,QAC5D;AAAA,MAEF;AAAA,IACF;AAEA,IAAA,OAAO,cAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAC9D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AACF;AAEA,eAAsB,gBAAA,CAAiB,UAA2B,eAAA,EAAmC;AAEnG,EAAA,IAAI,QAAQ,eAAA,EAAgB,IAAK,CAAC,OAAA,CAAQ,gBAAe,EAAG;AAC1D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,8DAA8D,CAAA;AAG1E,EAAA,MAAM,YAAA,GAAe,QAAQ,eAAA,EAAgB;AAC7C,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,OAAA,CAAQ,IAAI,mEAAmE,CAAA;AAC/E,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,OAAA,CAAQ,GAAA,CAAI,iCAAiC,cAAc,CAAA;AAC3D,IAAA,OAAO,cAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAC7E,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,mBACpB,GAAA,EACA,OAAA,GAAuB,EAAC,EACxB,UAA2B,eAAA,EACR;AACnB,EAAA,MAAM,aAAA,GAAgB,MAAM,gBAAA,CAAiB,OAAO,CAAA;AACpD,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,EAC3D;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,EACvD;AAEA,EAAA,MAAM,gBAAA,GAAmB,kBAAkB,GAAG,CAAA;AAC9C,EAAA,MAAM,cAAA,GAA8B;AAAA,IAClC,GAAG,OAAA;AAAA,IACH,OAAA,EAAS;AAAA,MACP,GAAG,OAAA,CAAQ,OAAA;AAAA,MACX,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB;AAAA;AAClB,GACF;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,gBAAA,EAAkB,cAAc,CAAA;AAG7D,EAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,EAAc;AAC5C,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,cAAA,CAAe,OAAA,GAAU;AAAA,UACvB,GAAG,cAAA,CAAe,OAAA;AAAA,UAClB,aAAA,EAAe;AAAA,SACjB;AACA,QAAA,OAAO,KAAA,CAAM,kBAAkB,cAAc,CAAA;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,QAAA;AACT;AAIA,eAAsB,eAAA,CAAgB,QAAgB,OAAA,EAA+D;AACnH,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,iBAAiB,CAAA,EAAG;AAAA,IAC/E,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,QAAQ;AAAA,GAChC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,cAAc,CAAA;AAClE,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,cAAA,EAAiB,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EACjE;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,cAAA,CAAe,KAAA,EAAe,IAAA,EAAc,OAAA,EAA+D;AAC/H,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,6BAA6B,CAAA,EAAG;AAAA,IAC3F,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,MAAM,IAAA,CAAK,SAAA,CAAU,EAAE,KAAA,EAAO,MAAM;AAAA,GACrC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,2BAA2B,CAAA;AAC/E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC9E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,iBAAA,CAAkB,cAQrC,OAAA,EAA+D;AAChE,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,0BAA0B,CAAA,EAAG;AAAA,IACxF,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,YAAY;AAAA,GAClC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,uBAAuB,CAAA;AAC3E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uBAAA,EAA0B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,kBAAA,CAAmB,UAA2B,eAAA,EAAmC;AACrG,EAAA,IAAI;AACF,IAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,OAAO,CAAA;AAC9C,IAAA,IAAI,YAAA,EAAc,KAAA,IAAS,OAAO,YAAA,CAAa,gBAAgB,SAAA,EAAW;AACxE,MAAA,OAAO,YAAA,CAAa,WAAA;AAAA,IACtB;AACA,IAAA,OAAO,KAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF","file":"index.cjs","sourcesContent":["/**\n * Base64URL encoding/decoding utilities\n * Used for WebAuthn and JWT operations\n */\n\n/**\n * Convert ArrayBuffer to Base64URL string\n * @param buffer - ArrayBuffer to convert\n * @returns Base64URL encoded string\n */\nexport function arrayBufferToBase64url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/g, '');\n}\n\n/**\n * Convert Base64URL string to Uint8Array\n * @param base64url - Base64URL string to convert\n * @returns Uint8Array\n */\nexport function base64urlToUint8Array(base64url: string): Uint8Array {\n const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');\n const pad = base64.length % 4 ? 4 - (base64.length % 4) : 0;\n const padded = base64 + '='.repeat(pad);\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n}\n\n/**\n * Convert ArrayBuffer to standard Base64 string (not URL-safe)\n * @param buffer - ArrayBuffer to convert\n * @returns Base64 encoded string\n */\nexport function arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n","/**\n * Storage abstraction layer for tokens and keyshares\n * Allows the core package to work in both browser and Node.js environments\n */\n\n/**\n * Storage interface for storing key-value pairs\n * Can be implemented for different storage backends (localStorage, Redis, memory, etc.)\n */\nexport interface TokenStorage {\n /**\n * Get item from storage\n * @param key - Storage key\n * @returns Value or null if not found\n */\n getItem(key: string): Promise<string | null> | string | null;\n\n /**\n * Set item in storage\n * @param key - Storage key\n * @param value - Value to store\n */\n setItem(key: string, value: string): Promise<void> | void;\n\n /**\n * Remove item from storage\n * @param key - Storage key\n */\n removeItem(key: string): Promise<void> | void;\n}\n\n/**\n * In-memory storage adapter\n * Useful for server-side usage where persistence is not required\n */\nexport class MemoryStorage implements TokenStorage {\n private storage = new Map<string, string>();\n\n getItem(key: string): string | null {\n return this.storage.get(key) || null;\n }\n\n setItem(key: string, value: string): void {\n this.storage.set(key, value);\n }\n\n removeItem(key: string): void {\n this.storage.delete(key);\n }\n\n /**\n * Clear all items from memory storage\n */\n clear(): void {\n this.storage.clear();\n }\n\n /**\n * Get all keys in storage\n */\n keys(): string[] {\n return Array.from(this.storage.keys());\n }\n\n /**\n * Get number of items in storage\n */\n get size(): number {\n return this.storage.size;\n }\n}\n\n/**\n * LocalStorage adapter for browser environments\n * Falls back to memory storage if localStorage is not available\n */\nexport class LocalStorageAdapter implements TokenStorage {\n private fallback: MemoryStorage | null = null;\n\n constructor() {\n // Check if localStorage is available\n if (!this.isLocalStorageAvailable()) {\n console.warn('[Storage] localStorage not available, falling back to memory storage');\n this.fallback = new MemoryStorage();\n }\n }\n\n private isLocalStorageAvailable(): boolean {\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const storage = win ? win.localStorage : undefined;\n if (!storage) {\n return false;\n }\n // Test if we can actually use localStorage (some browsers block it in private mode)\n const testKey = '__lumia_storage_test__';\n storage.setItem(testKey, 'test');\n storage.removeItem(testKey);\n return true;\n } catch {\n return false;\n }\n }\n\n getItem(key: string): string | null {\n console.log('[Storage] getItem called for key:', key);\n if (this.fallback) {\n console.log('[Storage] Using fallback memory storage');\n return this.fallback.getItem(key);\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const value = win?.localStorage?.getItem(key) || null;\n console.log('[Storage] Read from localStorage:', {\n key,\n hasValue: !!value,\n valueLength: value?.length,\n allKeys: win?.localStorage ? Object.keys(win.localStorage) : []\n });\n return value;\n } catch (error) {\n console.error('[Storage] Error reading from localStorage:', error);\n return null;\n }\n }\n\n setItem(key: string, value: string): void {\n console.log('[Storage] setItem called:', { key, valueLength: value.length });\n if (this.fallback) {\n console.log('[Storage] Using fallback memory storage for write');\n this.fallback.setItem(key, value);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.setItem(key, value);\n console.log('[Storage] Successfully wrote to localStorage');\n\n // Verify write\n const verification = win?.localStorage?.getItem(key);\n if (!verification) {\n console.error('[Storage] ⚠️ VERIFICATION FAILED: Value not found after write!');\n } else if (verification !== value) {\n console.error('[Storage] ⚠️ VERIFICATION FAILED: Value mismatch after write!');\n } else {\n console.log('[Storage] ✅ Write verified successfully');\n }\n } catch (error) {\n console.error('[Storage] Error writing to localStorage:', error);\n // Initialize fallback if localStorage fails\n if (!this.fallback) {\n this.fallback = new MemoryStorage();\n this.fallback.setItem(key, value);\n }\n }\n }\n\n removeItem(key: string): void {\n if (this.fallback) {\n this.fallback.removeItem(key);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.removeItem(key);\n } catch (error) {\n console.error('[Storage] Error removing from localStorage:', error);\n }\n }\n}\n\n/**\n * Keyshare storage interface (same as TokenStorage but with a different name for clarity)\n */\nexport interface KeyshareStorage extends TokenStorage {}\n\n/**\n * Helper to normalize storage operations to always be async\n * This allows mixing sync and async storage implementations\n */\nexport async function storageGet(\n storage: TokenStorage,\n key: string\n): Promise<string | null> {\n const result = storage.getItem(key);\n return result instanceof Promise ? await result : result;\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageSet(\n storage: TokenStorage,\n key: string,\n value: string\n): Promise<void> {\n const result = storage.setItem(key, value);\n if (result instanceof Promise) {\n await result;\n }\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageRemove(\n storage: TokenStorage,\n key: string\n): Promise<void> {\n const result = storage.removeItem(key);\n if (result instanceof Promise) {\n await result;\n }\n}\n","/**\n * Project ID management for Lumia Passport Core\n * Adapted to work in both browser and Node.js environments\n */\n\nlet globalProjectId: string | undefined;\n\n/**\n * Set the global project ID\n * @param projectId - The project ID to set\n */\nexport function setProjectId(projectId: string): void {\n globalProjectId = projectId;\n}\n\n/**\n * Get the current project ID\n * Priority: 1. Explicitly set via setProjectId(), 2. window.__LUMIA_PROJECT_ID__ (browser only)\n */\nexport function getProjectId(): string | undefined {\n // First check explicitly set projectId\n if (globalProjectId) {\n return globalProjectId;\n }\n\n // Fallback to window global (browser only)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n return ((globalThis as any).window as any).__LUMIA_PROJECT_ID__;\n }\n\n return undefined;\n}\n\n/**\n * Add projectId to URL query parameters\n * @param url - The URL to add projectId to\n * @param projectId - Optional explicit projectId (uses getProjectId() if not provided)\n */\nexport function addProjectIdToUrl(url: string, projectId?: string): string {\n try {\n const pid = projectId || getProjectId();\n if (pid) {\n const separator = url.includes('?') ? '&' : '?';\n return `${url}${separator}projectId=${encodeURIComponent(pid)}`;\n }\n } catch (error) {\n // Silently fail and return original URL\n }\n return url;\n}\n\n/**\n * Clear the globally set project ID\n */\nexport function clearProjectId(): void {\n globalProjectId = undefined;\n}\n","/**\n * JWT Token Management\n * Adapted from lumia-passport-ui-kit/src/internal/auth/jwt.ts\n * Browser-specific features (passkey auth) remain in UI kit\n */\n\nimport type { TokenStorage } from './storage';\nimport { LocalStorageAdapter } from './storage';\nimport { addProjectIdToUrl } from '../utils/project-id';\n\n// Token storage keys\nconst TOKEN_STORAGE_KEY = 'lumia-passport-jwt-tokens';\nconst USER_ID_KEY = 'lumia-passport-current-user-id';\n\n// Build-time injected URLs (tsup.define)\ndeclare const __LUMIA_TSS_URL__: string;\ndeclare const __LUMIA_BUNDLER_URL__: string;\ndeclare const __LUMIA_SHARE_VAULT_URL__: string;\n\n// Service URL provider - will be set by config\nlet tssUrlProvider: (() => string) | undefined;\n\n/**\n * Configure JWT module with service URLs\n * Call this from createLumiaPassportCore (backend usage)\n */\nexport function configureJwtModule(config: {\n tssUrl?: string;\n projectId?: string;\n}) {\n if (config.tssUrl) {\n tssUrlProvider = () => config.tssUrl!;\n }\n // Note: projectId is now handled via addProjectIdToUrl from utils/project-id\n // which reads from window.__LUMIA_PROJECT_ID__ or can be set via setProjectId()\n}\n\n// Build-time default from .env (will be replaced by tsup define)\nconst BUILD_TSS_URL = (typeof __LUMIA_TSS_URL__ !== 'undefined' && __LUMIA_TSS_URL__) || '';\n\nfunction getTssUrl(): string {\n // Priority: runtime config > window.__LUMIA_SERVICES__ > build-time default > hardcoded fallback\n\n // 1. Runtime config (backend usage via configureJwtModule)\n if (tssUrlProvider) {\n return tssUrlProvider();\n }\n\n // 2. Browser runtime config from LumiaPassportProvider (window.__LUMIA_SERVICES__)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n const services = ((globalThis as any).window as any).__LUMIA_SERVICES__;\n if (services?.tssUrl) {\n return services.tssUrl;\n }\n }\n\n // 3. Build-time injected default (from .env during pnpm build)\n if (BUILD_TSS_URL) {\n return BUILD_TSS_URL;\n }\n\n // 4. Hardcoded fallback\n return 'http://localhost:9256';\n}\n\n// addProjectIdToUrl is imported from '../utils/project-id'\n// It automatically reads from window.__LUMIA_PROJECT_ID__ or global setProjectId()\n\n// Types\nexport interface JwtTokens {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n expiresAt: number;\n hasKeyshare?: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface LoginResponse {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n hasKeyshare: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface RefreshResponse {\n accessToken: string;\n refreshToken: string;\n expiresIn: number;\n}\n\nexport interface VerifyResponse {\n valid: boolean;\n userId?: string;\n sessionId?: string;\n exp?: number;\n hasKeyshare?: boolean;\n displayName?: string | null;\n avatar?: string | null;\n}\n\n/**\n * JWT Token Manager\n * Handles token storage, refresh, and validation\n */\nexport class JwtTokenManager {\n private tokens: JwtTokens | null = null;\n private storage: TokenStorage;\n private refreshPromise: Promise<boolean> | null = null; // Mutex for refresh operations\n\n constructor(storage?: TokenStorage) {\n this.storage = storage || new LocalStorageAdapter();\n console.log('[JWT] JwtTokenManager initializing...');\n this.loadTokensFromStorage();\n }\n\n private async loadTokensFromStorage(): Promise<void> {\n try {\n const stored = await this.storage.getItem(TOKEN_STORAGE_KEY);\n console.log('[JWT] Loading tokens from storage:', !!stored);\n\n if (stored) {\n this.tokens = JSON.parse(stored);\n console.log('[JWT] Parsed tokens:', {\n hasAccessToken: !!this.tokens?.accessToken,\n hasRefreshToken: !!this.tokens?.refreshToken,\n userId: this.tokens?.userId,\n expiresAt: this.tokens?.expiresAt,\n currentTime: Date.now(),\n timeToExpiry: this.tokens?.expiresAt ? (this.tokens.expiresAt - Date.now()) / 1000 : 'N/A'\n });\n\n if (this.tokens && this.isTokenExpired()) {\n console.log('[JWT] Access token is expired');\n\n // Check if we have a refresh token to attempt renewal\n if (this.tokens.refreshToken) {\n console.log('[JWT] Refresh token available, will attempt renewal when needed');\n // Keep tokens - they will be refreshed on the first API call via ensureValidToken()\n } else {\n console.log('[JWT] No refresh token available, clearing tokens');\n await this.clearTokens();\n }\n } else {\n console.log('[JWT] Access token is valid, keeping tokens');\n }\n } else {\n console.log('[JWT] No tokens found in storage');\n }\n } catch (error) {\n console.error('[JWT] Error loading tokens from storage:', error);\n await this.clearTokens();\n }\n }\n\n private async saveTokensToStorage(): Promise<void> {\n try {\n if (this.tokens) {\n const tokenString = JSON.stringify(this.tokens);\n await this.storage.setItem(TOKEN_STORAGE_KEY, tokenString);\n await this.storage.setItem(USER_ID_KEY, this.tokens.userId);\n }\n } catch (error) {\n console.error('[JWT] Failed to save tokens to storage:', error);\n }\n }\n\n async setTokens(response: LoginResponse): Promise<void> {\n const expiresAt = Date.now() + response.expiresIn * 1000;\n this.tokens = {\n accessToken: response.accessToken,\n refreshToken: response.refreshToken,\n userId: response.userId,\n expiresIn: response.expiresIn,\n expiresAt,\n hasKeyshare: response.hasKeyshare,\n isNewUser: response.isNewUser,\n avatar: response.avatar ?? null,\n displayName: response.displayName ?? null,\n providers: response.providers ?? []\n };\n\n await this.saveTokensToStorage();\n }\n\n getAccessToken(): string | null {\n if (!this.tokens) return null;\n // Return access token even if expired - ensureValidToken() will handle refresh\n return this.tokens.accessToken;\n }\n\n getRefreshToken(): string | null {\n return this.tokens?.refreshToken || null;\n }\n\n getUserId(): string | null {\n return this.tokens?.userId || null;\n }\n\n getHasKeyshare(): boolean | null {\n return this.tokens?.hasKeyshare ?? null;\n }\n\n getAvatar(): string | null {\n return this.tokens?.avatar || null;\n }\n\n getDisplayName(): string | null {\n return this.tokens?.displayName || null;\n }\n\n getProviders(): string[] {\n return this.tokens?.providers ?? [];\n }\n\n getTokens(): JwtTokens | null {\n return this.tokens;\n }\n\n async updateKeyshareStatus(hasKeyshare: boolean): Promise<void> {\n if (this.tokens) {\n this.tokens.hasKeyshare = hasKeyshare;\n await this.saveTokensToStorage();\n }\n }\n\n async updateDisplayName(displayName: string | null): Promise<void> {\n if (this.tokens) {\n this.tokens.displayName = displayName;\n await this.saveTokensToStorage();\n }\n }\n\n isTokenExpired(): boolean {\n if (!this.tokens) {\n console.log('[JWT] No tokens available, considering expired');\n return true;\n }\n\n const buffer = 30 * 1000; // 30 seconds buffer\n const now = Date.now();\n const expiresAt = this.tokens.expiresAt;\n const isExpired = now > (expiresAt - buffer);\n\n console.log('[JWT] Token expiry check:', {\n currentTime: now,\n expiresAt: expiresAt,\n buffer: buffer,\n timeToExpiry: (expiresAt - now) / 1000,\n isExpired: isExpired\n });\n\n return isExpired;\n }\n\n isAuthenticated(): boolean {\n // Consider authenticated if we have either valid access token OR refresh token\n if (!this.tokens) return false;\n\n if (!this.isTokenExpired()) {\n return !!this.tokens.accessToken;\n }\n\n // If access token is expired but we have refresh token, we're still authenticated\n return !!this.tokens.refreshToken;\n }\n\n async clearTokens(): Promise<void> {\n this.tokens = null;\n await this.storage.removeItem(TOKEN_STORAGE_KEY);\n await this.storage.removeItem(USER_ID_KEY);\n }\n\n async refreshAccessToken(): Promise<boolean> {\n // If refresh is already in progress, wait for it to complete\n if (this.refreshPromise) {\n console.log('[JWT] Refresh already in progress, waiting for existing operation...');\n return this.refreshPromise;\n }\n\n const refreshToken = this.getRefreshToken();\n if (!refreshToken) {\n console.warn('[JWT] No refresh token available for refresh');\n return false;\n }\n\n console.log('[JWT] Starting new token refresh operation...');\n\n // Create and store the refresh promise (mutex pattern)\n this.refreshPromise = (async () => {\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/refresh`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ refreshToken })\n });\n\n if (!response.ok) {\n console.log('[JWT] Token refresh failed with status:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] Refresh 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Refresh token session not found, clearing tokens');\n await this.clearTokens();\n return false;\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid refresh token, clearing tokens');\n await this.clearTokens();\n return false;\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse refresh 401 error response:', parseError);\n await this.clearTokens();\n return false;\n }\n } else {\n console.log('[JWT] Non-401 error during refresh, keeping tokens (might be network error)');\n return false;\n }\n }\n\n const refreshResponse = await response.json() as RefreshResponse;\n console.log('[JWT] Token refresh successful, new expiry in:', refreshResponse.expiresIn, 'seconds');\n\n if (this.tokens) {\n // Update both access and refresh tokens (token rotation)\n this.tokens.accessToken = refreshResponse.accessToken;\n this.tokens.refreshToken = refreshResponse.refreshToken;\n this.tokens.expiresIn = refreshResponse.expiresIn;\n this.tokens.expiresAt = Date.now() + refreshResponse.expiresIn * 1000;\n await this.saveTokensToStorage();\n console.log('[JWT] Refreshed tokens saved to storage');\n return true;\n }\n\n console.error('[JWT] No existing tokens to update');\n return false;\n } catch (error) {\n console.error('[JWT] Token refresh network error:', error);\n // Don't clear tokens on network errors - might be temporary\n return false;\n } finally {\n // Clear the mutex when operation completes (success or failure)\n this.refreshPromise = null;\n console.log('[JWT] Refresh operation completed, mutex cleared');\n }\n })();\n\n return this.refreshPromise;\n }\n\n getAuthHeader(): string | null {\n const token = this.getAccessToken();\n return token ? `Bearer ${token}` : null;\n }\n}\n\n// Default instance with LocalStorage\nexport const jwtTokenManager = new JwtTokenManager();\n\n/**\n * Create a custom JWT token manager with specific storage\n */\nexport function createJwtTokenManager(storage: TokenStorage): JwtTokenManager {\n return new JwtTokenManager(storage);\n}\n\n// Authentication functions\n\nexport async function logout(manager: JwtTokenManager = jwtTokenManager): Promise<void> {\n try {\n const authHeader = manager.getAuthHeader();\n if (authHeader) {\n await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/logout`), {\n method: 'POST',\n headers: {\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n });\n }\n } catch (error) {\n console.error('[JWT] Logout error:', error);\n } finally {\n await manager.clearTokens();\n }\n}\n\nexport async function verifyToken(manager: JwtTokenManager = jwtTokenManager): Promise<VerifyResponse | null> {\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n console.log('[JWT] No auth header available for verification');\n return { valid: false };\n }\n\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/verify`), {\n method: 'GET',\n headers: { Authorization: authHeader }\n });\n\n if (!response.ok) {\n console.log('[JWT] Token verification failed:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'TOKEN_EXPIRED':\n console.log('[JWT] Access token expired, attempting refresh...');\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n console.log('[JWT] Token refreshed successfully, retrying verification');\n return await verifyToken(manager);\n } else {\n console.log('[JWT] Token refresh failed, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Session not found or revoked, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid token, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse 401 error response:', parseError);\n await manager.clearTokens();\n return { valid: false };\n }\n } else {\n console.log('[JWT] Non-401 error during verification, keeping tokens');\n return { valid: false };\n }\n }\n\n const verifyResponse = await response.json() as VerifyResponse;\n console.log('[JWT] Token verification successful:', verifyResponse);\n\n if (verifyResponse.valid) {\n if (typeof verifyResponse.hasKeyshare === 'boolean') {\n await manager.updateKeyshareStatus(verifyResponse.hasKeyshare);\n }\n // Update displayName and avatar if present\n if (manager.getTokens()) {\n if (verifyResponse.displayName !== undefined) {\n await manager.updateDisplayName(verifyResponse.displayName);\n }\n // Avatar update would need similar method\n }\n }\n\n return verifyResponse;\n } catch (error) {\n console.error('[JWT] Token verification network error:', error);\n return { valid: false };\n }\n}\n\nexport async function ensureValidToken(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n // Check if current access token is valid (not expired)\n if (manager.isAuthenticated() && !manager.isTokenExpired()) {\n return true;\n }\n\n console.log('[JWT] Access token expired or missing, attempting refresh...');\n\n // Try to refresh using refresh token\n const refreshToken = manager.getRefreshToken();\n if (refreshToken) {\n console.log('[JWT] Refresh token available, attempting to refresh access token');\n const refreshSuccess = await manager.refreshAccessToken();\n console.log('[JWT] Refresh attempt result:', refreshSuccess);\n return refreshSuccess;\n }\n\n console.log('[JWT] No refresh token available, user needs to re-authenticate');\n return false;\n}\n\nexport async function authenticatedFetch(\n url: string,\n options: RequestInit = {},\n manager: JwtTokenManager = jwtTokenManager\n): Promise<Response> {\n const hasValidToken = await ensureValidToken(manager);\n if (!hasValidToken) {\n throw new Error('No valid authentication token available');\n }\n\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n throw new Error('Failed to get authentication header');\n }\n\n const urlWithProjectId = addProjectIdToUrl(url);\n const requestOptions: RequestInit = {\n ...options,\n headers: {\n ...options.headers,\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n };\n\n const response = await fetch(urlWithProjectId, requestOptions);\n\n // Handle 401 by attempting token refresh\n if (response.status === 401) {\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n const newAuthHeader = manager.getAuthHeader();\n if (newAuthHeader) {\n requestOptions.headers = {\n ...requestOptions.headers,\n Authorization: newAuthHeader\n };\n return fetch(urlWithProjectId, requestOptions);\n }\n }\n }\n\n return response;\n}\n\n// Login functions (non-passkey)\n\nexport async function loginWithUserId(userId: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ userId })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Login failed');\n throw new Error(`Login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithEmail(email: string, code: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/email/verify-code`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ email, code })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Email verification failed');\n throw new Error(`Email verification failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithTelegram(telegramData: {\n id: number;\n first_name: string;\n last_name?: string;\n username?: string;\n photo_url?: string;\n auth_date: number;\n hash: string;\n}, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/telegram/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(telegramData)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Telegram login failed');\n throw new Error(`Telegram login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function syncKeyshareStatus(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n try {\n const verification = await verifyToken(manager);\n if (verification?.valid && typeof verification.hasKeyshare === 'boolean') {\n return verification.hasKeyshare;\n }\n return false;\n } catch {\n return false;\n }\n}\n"]}
1
+ {"version":3,"sources":["../../src/auth/base64url.ts","../../src/auth/storage.ts","../../src/utils/project-id.ts","../../src/auth/jwt.ts"],"names":[],"mappings":";;;AAUO,SAAS,uBAAuB,MAAA,EAA6B;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAChF;AAOO,SAAS,sBAAsB,SAAA,EAA+B;AACnE,EAAA,MAAM,MAAA,GAAS,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC7D,EAAA,MAAM,MAAM,MAAA,CAAO,MAAA,GAAS,IAAI,CAAA,GAAK,MAAA,CAAO,SAAS,CAAA,GAAK,CAAA;AAC1D,EAAA,MAAM,MAAA,GAAS,MAAA,GAAS,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA;AACtC,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAChC;AACA,EAAA,OAAO,KAAA;AACT;AAOO,SAAS,oBAAoB,MAAA,EAA6B;AAC/D,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,KAAK,MAAM,CAAA;AACpB;;;ACbO,IAAM,gBAAN,MAA4C;AAAA,EACzC,OAAA,uBAAc,GAAA,EAAoB;AAAA,EAE1C,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAClC;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC7B;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAA,GAAiB;AACf,IAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,KAAK,OAAA,CAAQ,IAAA;AAAA,EACtB;AACF;AAMO,IAAM,sBAAN,MAAkD;AAAA,EAC/C,QAAA,GAAiC,IAAA;AAAA,EAEzC,WAAA,GAAc;AAEZ,IAAA,IAAI,CAAC,IAAA,CAAK,uBAAA,EAAwB,EAAG;AACnC,MAAA,OAAA,CAAQ,KAAK,sEAAsE,CAAA;AACnF,MAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAAA,IACpC;AAAA,EACF;AAAA,EAEQ,uBAAA,GAAmC;AACzC,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,OAAA,GAAU,GAAA,GAAM,GAAA,CAAI,YAAA,GAAe,KAAA,CAAA;AACzC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAO,KAAA;AAAA,MACT;AAEA,MAAA,MAAM,OAAA,GAAU,wBAAA;AAChB,MAAA,OAAA,CAAQ,OAAA,CAAQ,SAAS,MAAM,CAAA;AAC/B,MAAA,OAAA,CAAQ,WAAW,OAAO,CAAA;AAC1B,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,QAAQ,GAAA,EAA4B;AAClC,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AAAA,IAClC;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,KAAA,GAAQ,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA,IAAK,IAAA;AACjD,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8CAA8C,KAAK,CAAA;AACjE,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAChC,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,IACvC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAE/D,MAAA,IAAI,CAAC,KAAK,QAAA,EAAU;AAClB,QAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAClC,QAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,IAAA,CAAK,QAAA,CAAS,WAAW,GAAG,CAAA;AAC5B,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,WAAW,GAAG,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,+CAA+C,KAAK,CAAA;AAAA,IACpE;AAAA,EACF;AACF;AAWA,eAAsB,UAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAClC,EAAA,OAAO,MAAA,YAAkB,OAAA,GAAU,MAAM,MAAA,GAAS,MAAA;AACpD;AAKA,eAAsB,UAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACzC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;AAKA,eAAsB,aAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AACrC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;ACjLO,SAAS,YAAA,GAAmC;AAOjD,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,OAAS,WAAmB,MAAA,CAAe,oBAAA;AAAA,EAC7C;AAEA,EAAA,OAAO,MAAA;AACT;AAOO,SAAS,iBAAA,CAAkB,KAAa,SAAA,EAA4B;AACzE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,aAAa,YAAA,EAAa;AACtC,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,MAAM,SAAA,GAAY,GAAA,CAAI,QAAA,CAAS,GAAG,IAAI,GAAA,GAAM,GAAA;AAC5C,MAAA,OAAO,GAAG,GAAG,CAAA,EAAG,SAAS,CAAA,UAAA,EAAa,kBAAA,CAAmB,GAAG,CAAC,CAAA,CAAA;AAAA,IAC/D;AAAA,EACF,SAAS,KAAA,EAAO;AAAA,EAEhB;AACA,EAAA,OAAO,GAAA;AACT;;;ACtCA,IAAM,iBAAA,GAAoB,2BAAA;AAC1B,IAAM,WAAA,GAAc,gCAAA;AAQpB,IAAI,cAAA;AAMG,SAAS,mBAAmB,MAAA,EAGhC;AACD,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA;AAAA,EAChC;AAGF;AAGA,IAAM,aAAA,GAA6D,mCAAA;AAEnE,SAAS,SAAA,GAAoB;AAI3B,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,cAAA,EAAe;AAAA,EACxB;AAGA,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,MAAM,QAAA,GAAa,WAAmB,MAAA,CAAe,kBAAA;AACrD,IAAA,IAAI,UAAU,MAAA,EAAQ;AACpB,MAAA,OAAO,QAAA,CAAS,MAAA;AAAA,IAClB;AAAA,EACF;AAGA,EAAmB;AACjB,IAAA,OAAO,aAAA;AAAA,EACT;AAIF;AAmDO,IAAM,kBAAN,MAAsB;AAAA,EACnB,MAAA,GAA2B,IAAA;AAAA,EAC3B,OAAA;AAAA,EACA,cAAA,GAA0C,IAAA;AAAA;AAAA,EAElD,YAAY,OAAA,EAAwB;AAClC,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA,IAAW,IAAI,mBAAA,EAAoB;AAClD,IAAA,OAAA,CAAQ,IAAI,uCAAuC,CAAA;AACnD,IAAA,IAAA,CAAK,qBAAA,EAAsB;AAAA,EAC7B;AAAA,EAEA,MAAc,qBAAA,GAAuC;AACnD,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,OAAA,CAAQ,QAAQ,iBAAiB,CAAA;AAC3D,MAAA,OAAA,CAAQ,GAAA,CAAI,oCAAA,EAAsC,CAAC,CAAC,MAAM,CAAA;AAE1D,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,MAAM,CAAA;AAC/B,QAAA,OAAA,CAAQ,IAAI,sBAAA,EAAwB;AAAA,UAClC,cAAA,EAAgB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,WAAA;AAAA,UAC/B,eAAA,EAAiB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,YAAA;AAAA,UAChC,MAAA,EAAQ,KAAK,MAAA,EAAQ,MAAA;AAAA,UACrB,SAAA,EAAW,KAAK,MAAA,EAAQ,SAAA;AAAA,UACxB,WAAA,EAAa,KAAK,GAAA,EAAI;AAAA,UACtB,YAAA,EAAc,IAAA,CAAK,MAAA,EAAQ,SAAA,GAAA,CAAa,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,IAAK,GAAA,GAAO;AAAA,SACtF,CAAA;AAED,QAAA,IAAI,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,cAAA,EAAe,EAAG;AACxC,UAAA,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAG3C,UAAA,IAAI,IAAA,CAAK,OAAO,YAAA,EAAc;AAC5B,YAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAAA,UAE/E,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,YAAA,MAAM,KAAK,WAAA,EAAY;AAAA,UACzB;AAAA,QACF,CAAA,MAAO;AACL,UAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,QAC3D;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAAA,MAChD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAC/D,MAAA,MAAM,KAAK,WAAA,EAAY;AAAA,IACzB;AAAA,EACF;AAAA,EAEA,MAAc,mBAAA,GAAqC;AACjD,IAAA,IAAI;AACF,MAAA,IAAI,KAAK,MAAA,EAAQ;AACf,QAAA,MAAM,WAAA,GAAc,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,MAAM,CAAA;AAC9C,QAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,iBAAA,EAAmB,WAAW,CAAA;AACzD,QAAA,MAAM,KAAK,OAAA,CAAQ,OAAA,CAAQ,WAAA,EAAa,IAAA,CAAK,OAAO,MAAM,CAAA;AAAA,MAC5D;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAAA,IAChE;AAAA,EACF;AAAA,EAEA,MAAM,UAAU,QAAA,EAAwC;AACtD,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAS,SAAA,GAAY,GAAA;AACpD,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,cAAc,QAAA,CAAS,YAAA;AAAA,MACvB,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,SAAA;AAAA,MACA,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,WAAA,EAAa,SAAS,WAAA,IAAe,IAAA;AAAA,MACrC,SAAA,EAAW,QAAA,CAAS,SAAA,IAAa;AAAC,KACpC;AAEA,IAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,EACjC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA;AAEzB,IAAA,OAAO,KAAK,MAAA,CAAO,WAAA;AAAA,EACrB;AAAA,EAEA,eAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,YAAA,IAAgB,IAAA;AAAA,EACtC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,YAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,MAAA,EAAQ,SAAA,IAAa,EAAC;AAAA,EACpC;AAAA,EAEA,SAAA,GAA8B;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAAqC;AAC9D,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,WAAA,EAA2C;AACjE,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,cAAA,GAA0B;AACxB,IAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,MAAM,SAAA,GAAY,KAAK,MAAA,CAAO,SAAA;AAC9B,IAAA,MAAM,SAAA,GAAY,MAAO,SAAA,GAAY,MAAA;AAErC,IAAA,OAAO,SAAA;AAAA,EACT;AAAA,EAEA,eAAA,GAA2B;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,KAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,cAAA,EAAe,EAAG;AAC1B,MAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,WAAA;AAAA,IACvB;AAGA,IAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,YAAA;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,IAAA,CAAK,MAAA,GAAS,IAAA;AACd,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,iBAAiB,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,kBAAA,GAAuC;AAE3C,IAAA,IAAI,KAAK,cAAA,EAAgB;AACvB,MAAA,OAAA,CAAQ,IAAI,sEAAsE,CAAA;AAClF,MAAA,OAAO,IAAA,CAAK,cAAA;AAAA,IACd;AAEA,IAAA,MAAM,YAAA,GAAe,KAAK,eAAA,EAAgB;AAC1C,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAA,CAAQ,KAAK,8CAA8C,CAAA;AAC3D,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAG3D,IAAA,IAAA,CAAK,kBAAkB,YAAY;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,mBAAmB,CAAA,EAAG;AAAA,UACjF,MAAA,EAAQ,MAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,UAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,cAAc;AAAA,SACtC,CAAA;AAED,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,UAAA,OAAA,CAAQ,GAAA,CAAI,yCAAA,EAA2C,QAAA,CAAS,MAAM,CAAA;AAEtE,UAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,YAAA,IAAI;AACF,cAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,cAAA,OAAA,CAAQ,GAAA,CAAI,oCAAoC,SAAS,CAAA;AAGzD,cAAA,QAAQ,UAAU,UAAA;AAAY,gBAC5B,KAAK,mBAAA;AACH,kBAAA,OAAA,CAAQ,IAAI,wDAAwD,CAAA;AACpE,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA,gBAET,KAAK,eAAA;AAAA,gBACL;AACE,kBAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAC1D,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA;AACX,YACF,SAAS,UAAA,EAAY;AACnB,cAAA,OAAA,CAAQ,IAAA,CAAK,qDAAqD,UAAU,CAAA;AAC5E,cAAA,MAAM,KAAK,WAAA,EAAY;AACvB,cAAA,OAAO,KAAA;AAAA,YACT;AAAA,UACF,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,6EAA6E,CAAA;AACzF,YAAA,OAAO,KAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,MAAM,eAAA,GAAkB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC5C,QAAA,OAAA,CAAQ,GAAA,CAAI,gDAAA,EAAkD,eAAA,CAAgB,SAAA,EAAW,SAAS,CAAA;AAElG,QAAA,IAAI,KAAK,MAAA,EAAQ;AAEf,UAAA,IAAA,CAAK,MAAA,CAAO,cAAc,eAAA,CAAgB,WAAA;AAC1C,UAAA,IAAA,CAAK,MAAA,CAAO,eAAe,eAAA,CAAgB,YAAA;AAC3C,UAAA,IAAA,CAAK,MAAA,CAAO,YAAY,eAAA,CAAgB,SAAA;AACxC,UAAA,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,gBAAgB,SAAA,GAAY,GAAA;AACjE,UAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,UAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,OAAA,CAAQ,MAAM,oCAAoC,CAAA;AAClD,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,sCAAsC,KAAK,CAAA;AAEzD,QAAA,OAAO,KAAA;AAAA,MACT,CAAA,SAAE;AAEA,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AACtB,QAAA,OAAA,CAAQ,IAAI,kDAAkD,CAAA;AAAA,MAChE;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,OAAO,IAAA,CAAK,cAAA;AAAA,EACd;AAAA,EAEA,aAAA,GAA+B;AAC7B,IAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,EAAe;AAClC,IAAA,OAAO,KAAA,GAAQ,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,GAAK,IAAA;AAAA,EACrC;AACF;AAGO,IAAM,eAAA,GAAkB,IAAI,eAAA;AAK5B,SAAS,sBAAsB,OAAA,EAAwC;AAC5E,EAAA,OAAO,IAAI,gBAAgB,OAAO,CAAA;AACpC;AAIA,eAAsB,MAAA,CAAO,UAA2B,eAAA,EAAgC;AACtF,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAM,iBAAA,CAAkB,CAAA,EAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,QAC/D,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,aAAA,EAAe,UAAA;AAAA,UACf,cAAA,EAAgB;AAAA;AAClB,OACD,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,uBAAuB,KAAK,CAAA;AAAA,EAC5C,CAAA,SAAE;AACA,IAAA,MAAM,QAAQ,WAAA,EAAY;AAAA,EAC5B;AACF;AAEA,eAAsB,WAAA,CAAY,UAA2B,eAAA,EAAiD;AAC5G,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAA,CAAQ,IAAI,iDAAiD,CAAA;AAC7D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,MAChF,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,EAAE,aAAA,EAAe,UAAA;AAAW,KACtC,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,OAAA,CAAQ,GAAA,CAAI,kCAAA,EAAoC,QAAA,CAAS,MAAM,CAAA;AAE/D,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,UAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,SAAS,CAAA;AAGjD,UAAA,QAAQ,UAAU,UAAA;AAAY,YAC5B,KAAK,eAAA;AACH,cAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,cAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,cAAA,IAAI,cAAA,EAAgB;AAClB,gBAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AACvE,gBAAA,OAAO,MAAM,YAAY,OAAO,CAAA;AAAA,cAClC,CAAA,MAAO;AACL,gBAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AACzD,gBAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,gBAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,cACxB;AAAA,YAEF,KAAK,mBAAA;AACH,cAAA,OAAA,CAAQ,IAAI,qDAAqD,CAAA;AACjE,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,YAExB,KAAK,eAAA;AAAA,YACL;AACE,cAAA,OAAA,CAAQ,IAAI,sCAAsC,CAAA;AAClD,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA;AAC1B,QACF,SAAS,UAAA,EAAY;AACnB,UAAA,OAAA,CAAQ,IAAA,CAAK,6CAA6C,UAAU,CAAA;AACpE,UAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,UAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,QACxB;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,yDAAyD,CAAA;AACrE,QAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,MACxB;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,IAAA,OAAA,CAAQ,GAAA,CAAI,wCAAwC,cAAc,CAAA;AAElE,IAAA,IAAI,eAAe,KAAA,EAAO;AACxB,MAAA,IAAI,OAAO,cAAA,CAAe,WAAA,KAAgB,SAAA,EAAW;AACnD,QAAA,MAAM,OAAA,CAAQ,oBAAA,CAAqB,cAAA,CAAe,WAAW,CAAA;AAAA,MAC/D;AAEA,MAAA,IAAI,OAAA,CAAQ,WAAU,EAAG;AACvB,QAAA,IAAI,cAAA,CAAe,gBAAgB,KAAA,CAAA,EAAW;AAC5C,UAAA,MAAM,OAAA,CAAQ,iBAAA,CAAkB,cAAA,CAAe,WAAW,CAAA;AAAA,QAC5D;AAAA,MAEF;AAAA,IACF;AAEA,IAAA,OAAO,cAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAC9D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AACF;AAEA,eAAsB,gBAAA,CAAiB,UAA2B,eAAA,EAAmC;AAEnG,EAAA,IAAI,QAAQ,eAAA,EAAgB,IAAK,CAAC,OAAA,CAAQ,gBAAe,EAAG;AAC1D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,8DAA8D,CAAA;AAG1E,EAAA,MAAM,YAAA,GAAe,QAAQ,eAAA,EAAgB;AAC7C,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,OAAA,CAAQ,IAAI,mEAAmE,CAAA;AAC/E,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,OAAA,CAAQ,GAAA,CAAI,iCAAiC,cAAc,CAAA;AAC3D,IAAA,OAAO,cAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAC7E,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,mBACpB,GAAA,EACA,OAAA,GAAuB,EAAC,EACxB,UAA2B,eAAA,EACR;AACnB,EAAA,MAAM,aAAA,GAAgB,MAAM,gBAAA,CAAiB,OAAO,CAAA;AACpD,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,EAC3D;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,EACvD;AAEA,EAAA,MAAM,gBAAA,GAAmB,kBAAkB,GAAG,CAAA;AAC9C,EAAA,MAAM,cAAA,GAA8B;AAAA,IAClC,GAAG,OAAA;AAAA,IACH,OAAA,EAAS;AAAA,MACP,GAAG,OAAA,CAAQ,OAAA;AAAA,MACX,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB;AAAA;AAClB,GACF;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,gBAAA,EAAkB,cAAc,CAAA;AAG7D,EAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,EAAc;AAC5C,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,cAAA,CAAe,OAAA,GAAU;AAAA,UACvB,GAAG,cAAA,CAAe,OAAA;AAAA,UAClB,aAAA,EAAe;AAAA,SACjB;AACA,QAAA,OAAO,KAAA,CAAM,kBAAkB,cAAc,CAAA;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,QAAA;AACT;AAIA,eAAsB,eAAA,CAAgB,QAAgB,OAAA,EAA+D;AACnH,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,iBAAiB,CAAA,EAAG;AAAA,IAC/E,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,QAAQ;AAAA,GAChC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,cAAc,CAAA;AAClE,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,cAAA,EAAiB,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EACjE;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,cAAA,CAAe,KAAA,EAAe,IAAA,EAAc,OAAA,EAA+D;AAC/H,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,6BAA6B,CAAA,EAAG;AAAA,IAC3F,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,MAAM,IAAA,CAAK,SAAA,CAAU,EAAE,KAAA,EAAO,MAAM;AAAA,GACrC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,2BAA2B,CAAA;AAC/E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC9E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,iBAAA,CAAkB,cAQrC,OAAA,EAA+D;AAChE,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,0BAA0B,CAAA,EAAG;AAAA,IACxF,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,YAAY;AAAA,GAClC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,uBAAuB,CAAA;AAC3E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uBAAA,EAA0B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,kBAAA,CAAmB,UAA2B,eAAA,EAAmC;AACrG,EAAA,IAAI;AACF,IAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,OAAO,CAAA;AAC9C,IAAA,IAAI,YAAA,EAAc,KAAA,IAAS,OAAO,YAAA,CAAa,gBAAgB,SAAA,EAAW;AACxE,MAAA,OAAO,YAAA,CAAa,WAAA;AAAA,IACtB;AACA,IAAA,OAAO,KAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF","file":"index.cjs","sourcesContent":["/**\n * Base64URL encoding/decoding utilities\n * Used for WebAuthn and JWT operations\n */\n\n/**\n * Convert ArrayBuffer to Base64URL string\n * @param buffer - ArrayBuffer to convert\n * @returns Base64URL encoded string\n */\nexport function arrayBufferToBase64url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/g, '');\n}\n\n/**\n * Convert Base64URL string to Uint8Array\n * @param base64url - Base64URL string to convert\n * @returns Uint8Array\n */\nexport function base64urlToUint8Array(base64url: string): Uint8Array {\n const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');\n const pad = base64.length % 4 ? 4 - (base64.length % 4) : 0;\n const padded = base64 + '='.repeat(pad);\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n}\n\n/**\n * Convert ArrayBuffer to standard Base64 string (not URL-safe)\n * @param buffer - ArrayBuffer to convert\n * @returns Base64 encoded string\n */\nexport function arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n","/**\n * Storage abstraction layer for tokens and keyshares\n * Allows the core package to work in both browser and Node.js environments\n */\n\n/**\n * Storage interface for storing key-value pairs\n * Can be implemented for different storage backends (localStorage, Redis, memory, etc.)\n */\nexport interface TokenStorage {\n /**\n * Get item from storage\n * @param key - Storage key\n * @returns Value or null if not found\n */\n getItem(key: string): Promise<string | null> | string | null;\n\n /**\n * Set item in storage\n * @param key - Storage key\n * @param value - Value to store\n */\n setItem(key: string, value: string): Promise<void> | void;\n\n /**\n * Remove item from storage\n * @param key - Storage key\n */\n removeItem(key: string): Promise<void> | void;\n}\n\n/**\n * In-memory storage adapter\n * Useful for server-side usage where persistence is not required\n */\nexport class MemoryStorage implements TokenStorage {\n private storage = new Map<string, string>();\n\n getItem(key: string): string | null {\n return this.storage.get(key) || null;\n }\n\n setItem(key: string, value: string): void {\n this.storage.set(key, value);\n }\n\n removeItem(key: string): void {\n this.storage.delete(key);\n }\n\n /**\n * Clear all items from memory storage\n */\n clear(): void {\n this.storage.clear();\n }\n\n /**\n * Get all keys in storage\n */\n keys(): string[] {\n return Array.from(this.storage.keys());\n }\n\n /**\n * Get number of items in storage\n */\n get size(): number {\n return this.storage.size;\n }\n}\n\n/**\n * LocalStorage adapter for browser environments\n * Falls back to memory storage if localStorage is not available\n */\nexport class LocalStorageAdapter implements TokenStorage {\n private fallback: MemoryStorage | null = null;\n\n constructor() {\n // Check if localStorage is available\n if (!this.isLocalStorageAvailable()) {\n console.warn('[Storage] localStorage not available, falling back to memory storage');\n this.fallback = new MemoryStorage();\n }\n }\n\n private isLocalStorageAvailable(): boolean {\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const storage = win ? win.localStorage : undefined;\n if (!storage) {\n return false;\n }\n // Test if we can actually use localStorage (some browsers block it in private mode)\n const testKey = '__lumia_storage_test__';\n storage.setItem(testKey, 'test');\n storage.removeItem(testKey);\n return true;\n } catch {\n return false;\n }\n }\n\n getItem(key: string): string | null {\n if (this.fallback) {\n return this.fallback.getItem(key);\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const value = win?.localStorage?.getItem(key) || null;\n return value;\n } catch (error) {\n console.error('[Storage] Error reading from localStorage:', error);\n return null;\n }\n }\n\n setItem(key: string, value: string): void {\n if (this.fallback) {\n this.fallback.setItem(key, value);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.setItem(key, value);\n } catch (error) {\n console.error('[Storage] Error writing to localStorage:', error);\n // Initialize fallback if localStorage fails\n if (!this.fallback) {\n this.fallback = new MemoryStorage();\n this.fallback.setItem(key, value);\n }\n }\n }\n\n removeItem(key: string): void {\n if (this.fallback) {\n this.fallback.removeItem(key);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.removeItem(key);\n } catch (error) {\n console.error('[Storage] Error removing from localStorage:', error);\n }\n }\n}\n\n/**\n * Keyshare storage interface (same as TokenStorage but with a different name for clarity)\n */\nexport interface KeyshareStorage extends TokenStorage {}\n\n/**\n * Helper to normalize storage operations to always be async\n * This allows mixing sync and async storage implementations\n */\nexport async function storageGet(\n storage: TokenStorage,\n key: string\n): Promise<string | null> {\n const result = storage.getItem(key);\n return result instanceof Promise ? await result : result;\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageSet(\n storage: TokenStorage,\n key: string,\n value: string\n): Promise<void> {\n const result = storage.setItem(key, value);\n if (result instanceof Promise) {\n await result;\n }\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageRemove(\n storage: TokenStorage,\n key: string\n): Promise<void> {\n const result = storage.removeItem(key);\n if (result instanceof Promise) {\n await result;\n }\n}\n","/**\n * Project ID management for Lumia Passport Core\n * Adapted to work in both browser and Node.js environments\n */\n\nlet globalProjectId: string | undefined;\n\n/**\n * Set the global project ID\n * @param projectId - The project ID to set\n */\nexport function setProjectId(projectId: string): void {\n globalProjectId = projectId;\n}\n\n/**\n * Get the current project ID\n * Priority: 1. Explicitly set via setProjectId(), 2. window.__LUMIA_PROJECT_ID__ (browser only)\n */\nexport function getProjectId(): string | undefined {\n // First check explicitly set projectId\n if (globalProjectId) {\n return globalProjectId;\n }\n\n // Fallback to window global (browser only)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n return ((globalThis as any).window as any).__LUMIA_PROJECT_ID__;\n }\n\n return undefined;\n}\n\n/**\n * Add projectId to URL query parameters\n * @param url - The URL to add projectId to\n * @param projectId - Optional explicit projectId (uses getProjectId() if not provided)\n */\nexport function addProjectIdToUrl(url: string, projectId?: string): string {\n try {\n const pid = projectId || getProjectId();\n if (pid) {\n const separator = url.includes('?') ? '&' : '?';\n return `${url}${separator}projectId=${encodeURIComponent(pid)}`;\n }\n } catch (error) {\n // Silently fail and return original URL\n }\n return url;\n}\n\n/**\n * Clear the globally set project ID\n */\nexport function clearProjectId(): void {\n globalProjectId = undefined;\n}\n","/**\n * JWT Token Management\n * Adapted from lumia-passport-ui-kit/src/internal/auth/jwt.ts\n * Browser-specific features (passkey auth) remain in UI kit\n */\n\nimport type { TokenStorage } from './storage';\nimport { LocalStorageAdapter } from './storage';\nimport { addProjectIdToUrl } from '../utils/project-id';\n\n// Token storage keys\nconst TOKEN_STORAGE_KEY = 'lumia-passport-jwt-tokens';\nconst USER_ID_KEY = 'lumia-passport-current-user-id';\n\n// Build-time injected URLs (tsup.define)\ndeclare const __LUMIA_TSS_URL__: string;\ndeclare const __LUMIA_BUNDLER_URL__: string;\ndeclare const __LUMIA_SHARE_VAULT_URL__: string;\n\n// Service URL provider - will be set by config\nlet tssUrlProvider: (() => string) | undefined;\n\n/**\n * Configure JWT module with service URLs\n * Call this from createLumiaPassportCore (backend usage)\n */\nexport function configureJwtModule(config: {\n tssUrl?: string;\n projectId?: string;\n}) {\n if (config.tssUrl) {\n tssUrlProvider = () => config.tssUrl!;\n }\n // Note: projectId is now handled via addProjectIdToUrl from utils/project-id\n // which reads from window.__LUMIA_PROJECT_ID__ or can be set via setProjectId()\n}\n\n// Build-time default from .env (will be replaced by tsup define)\nconst BUILD_TSS_URL = (typeof __LUMIA_TSS_URL__ !== 'undefined' && __LUMIA_TSS_URL__) || '';\n\nfunction getTssUrl(): string {\n // Priority: runtime config > window.__LUMIA_SERVICES__ > build-time default > hardcoded fallback\n\n // 1. Runtime config (backend usage via configureJwtModule)\n if (tssUrlProvider) {\n return tssUrlProvider();\n }\n\n // 2. Browser runtime config from LumiaPassportProvider (window.__LUMIA_SERVICES__)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n const services = ((globalThis as any).window as any).__LUMIA_SERVICES__;\n if (services?.tssUrl) {\n return services.tssUrl;\n }\n }\n\n // 3. Build-time injected default (from .env during pnpm build)\n if (BUILD_TSS_URL) {\n return BUILD_TSS_URL;\n }\n\n // 4. Hardcoded fallback\n return 'http://localhost:9256';\n}\n\n// addProjectIdToUrl is imported from '../utils/project-id'\n// It automatically reads from window.__LUMIA_PROJECT_ID__ or global setProjectId()\n\n// Types\nexport interface JwtTokens {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n expiresAt: number;\n hasKeyshare?: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface LoginResponse {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n hasKeyshare: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface RefreshResponse {\n accessToken: string;\n refreshToken: string;\n expiresIn: number;\n}\n\nexport interface VerifyResponse {\n valid: boolean;\n userId?: string;\n sessionId?: string;\n exp?: number;\n hasKeyshare?: boolean;\n displayName?: string | null;\n avatar?: string | null;\n}\n\n/**\n * JWT Token Manager\n * Handles token storage, refresh, and validation\n */\nexport class JwtTokenManager {\n private tokens: JwtTokens | null = null;\n private storage: TokenStorage;\n private refreshPromise: Promise<boolean> | null = null; // Mutex for refresh operations\n\n constructor(storage?: TokenStorage) {\n this.storage = storage || new LocalStorageAdapter();\n console.log('[JWT] JwtTokenManager initializing...');\n this.loadTokensFromStorage();\n }\n\n private async loadTokensFromStorage(): Promise<void> {\n try {\n const stored = await this.storage.getItem(TOKEN_STORAGE_KEY);\n console.log('[JWT] Loading tokens from storage:', !!stored);\n\n if (stored) {\n this.tokens = JSON.parse(stored);\n console.log('[JWT] Parsed tokens:', {\n hasAccessToken: !!this.tokens?.accessToken,\n hasRefreshToken: !!this.tokens?.refreshToken,\n userId: this.tokens?.userId,\n expiresAt: this.tokens?.expiresAt,\n currentTime: Date.now(),\n timeToExpiry: this.tokens?.expiresAt ? (this.tokens.expiresAt - Date.now()) / 1000 : 'N/A'\n });\n\n if (this.tokens && this.isTokenExpired()) {\n console.log('[JWT] Access token is expired');\n\n // Check if we have a refresh token to attempt renewal\n if (this.tokens.refreshToken) {\n console.log('[JWT] Refresh token available, will attempt renewal when needed');\n // Keep tokens - they will be refreshed on the first API call via ensureValidToken()\n } else {\n console.log('[JWT] No refresh token available, clearing tokens');\n await this.clearTokens();\n }\n } else {\n console.log('[JWT] Access token is valid, keeping tokens');\n }\n } else {\n console.log('[JWT] No tokens found in storage');\n }\n } catch (error) {\n console.error('[JWT] Error loading tokens from storage:', error);\n await this.clearTokens();\n }\n }\n\n private async saveTokensToStorage(): Promise<void> {\n try {\n if (this.tokens) {\n const tokenString = JSON.stringify(this.tokens);\n await this.storage.setItem(TOKEN_STORAGE_KEY, tokenString);\n await this.storage.setItem(USER_ID_KEY, this.tokens.userId);\n }\n } catch (error) {\n console.error('[JWT] Failed to save tokens to storage:', error);\n }\n }\n\n async setTokens(response: LoginResponse): Promise<void> {\n const expiresAt = Date.now() + response.expiresIn * 1000;\n this.tokens = {\n accessToken: response.accessToken,\n refreshToken: response.refreshToken,\n userId: response.userId,\n expiresIn: response.expiresIn,\n expiresAt,\n hasKeyshare: response.hasKeyshare,\n isNewUser: response.isNewUser,\n avatar: response.avatar ?? null,\n displayName: response.displayName ?? null,\n providers: response.providers ?? []\n };\n\n await this.saveTokensToStorage();\n }\n\n getAccessToken(): string | null {\n if (!this.tokens) return null;\n // Return access token even if expired - ensureValidToken() will handle refresh\n return this.tokens.accessToken;\n }\n\n getRefreshToken(): string | null {\n return this.tokens?.refreshToken || null;\n }\n\n getUserId(): string | null {\n return this.tokens?.userId || null;\n }\n\n getHasKeyshare(): boolean | null {\n return this.tokens?.hasKeyshare ?? null;\n }\n\n getAvatar(): string | null {\n return this.tokens?.avatar || null;\n }\n\n getDisplayName(): string | null {\n return this.tokens?.displayName || null;\n }\n\n getProviders(): string[] {\n return this.tokens?.providers ?? [];\n }\n\n getTokens(): JwtTokens | null {\n return this.tokens;\n }\n\n async updateKeyshareStatus(hasKeyshare: boolean): Promise<void> {\n if (this.tokens) {\n this.tokens.hasKeyshare = hasKeyshare;\n await this.saveTokensToStorage();\n }\n }\n\n async updateDisplayName(displayName: string | null): Promise<void> {\n if (this.tokens) {\n this.tokens.displayName = displayName;\n await this.saveTokensToStorage();\n }\n }\n\n isTokenExpired(): boolean {\n if (!this.tokens) {\n return true;\n }\n\n const buffer = 30 * 1000; // 30 seconds buffer\n const now = Date.now();\n const expiresAt = this.tokens.expiresAt;\n const isExpired = now > (expiresAt - buffer);\n\n return isExpired;\n }\n\n isAuthenticated(): boolean {\n // Consider authenticated if we have either valid access token OR refresh token\n if (!this.tokens) return false;\n\n if (!this.isTokenExpired()) {\n return !!this.tokens.accessToken;\n }\n\n // If access token is expired but we have refresh token, we're still authenticated\n return !!this.tokens.refreshToken;\n }\n\n async clearTokens(): Promise<void> {\n this.tokens = null;\n await this.storage.removeItem(TOKEN_STORAGE_KEY);\n await this.storage.removeItem(USER_ID_KEY);\n }\n\n async refreshAccessToken(): Promise<boolean> {\n // If refresh is already in progress, wait for it to complete\n if (this.refreshPromise) {\n console.log('[JWT] Refresh already in progress, waiting for existing operation...');\n return this.refreshPromise;\n }\n\n const refreshToken = this.getRefreshToken();\n if (!refreshToken) {\n console.warn('[JWT] No refresh token available for refresh');\n return false;\n }\n\n console.log('[JWT] Starting new token refresh operation...');\n\n // Create and store the refresh promise (mutex pattern)\n this.refreshPromise = (async () => {\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/refresh`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ refreshToken })\n });\n\n if (!response.ok) {\n console.log('[JWT] Token refresh failed with status:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] Refresh 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Refresh token session not found, clearing tokens');\n await this.clearTokens();\n return false;\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid refresh token, clearing tokens');\n await this.clearTokens();\n return false;\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse refresh 401 error response:', parseError);\n await this.clearTokens();\n return false;\n }\n } else {\n console.log('[JWT] Non-401 error during refresh, keeping tokens (might be network error)');\n return false;\n }\n }\n\n const refreshResponse = await response.json() as RefreshResponse;\n console.log('[JWT] Token refresh successful, new expiry in:', refreshResponse.expiresIn, 'seconds');\n\n if (this.tokens) {\n // Update both access and refresh tokens (token rotation)\n this.tokens.accessToken = refreshResponse.accessToken;\n this.tokens.refreshToken = refreshResponse.refreshToken;\n this.tokens.expiresIn = refreshResponse.expiresIn;\n this.tokens.expiresAt = Date.now() + refreshResponse.expiresIn * 1000;\n await this.saveTokensToStorage();\n console.log('[JWT] Refreshed tokens saved to storage');\n return true;\n }\n\n console.error('[JWT] No existing tokens to update');\n return false;\n } catch (error) {\n console.error('[JWT] Token refresh network error:', error);\n // Don't clear tokens on network errors - might be temporary\n return false;\n } finally {\n // Clear the mutex when operation completes (success or failure)\n this.refreshPromise = null;\n console.log('[JWT] Refresh operation completed, mutex cleared');\n }\n })();\n\n return this.refreshPromise;\n }\n\n getAuthHeader(): string | null {\n const token = this.getAccessToken();\n return token ? `Bearer ${token}` : null;\n }\n}\n\n// Default instance with LocalStorage\nexport const jwtTokenManager = new JwtTokenManager();\n\n/**\n * Create a custom JWT token manager with specific storage\n */\nexport function createJwtTokenManager(storage: TokenStorage): JwtTokenManager {\n return new JwtTokenManager(storage);\n}\n\n// Authentication functions\n\nexport async function logout(manager: JwtTokenManager = jwtTokenManager): Promise<void> {\n try {\n const authHeader = manager.getAuthHeader();\n if (authHeader) {\n await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/logout`), {\n method: 'POST',\n headers: {\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n });\n }\n } catch (error) {\n console.error('[JWT] Logout error:', error);\n } finally {\n await manager.clearTokens();\n }\n}\n\nexport async function verifyToken(manager: JwtTokenManager = jwtTokenManager): Promise<VerifyResponse | null> {\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n console.log('[JWT] No auth header available for verification');\n return { valid: false };\n }\n\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/verify`), {\n method: 'GET',\n headers: { Authorization: authHeader }\n });\n\n if (!response.ok) {\n console.log('[JWT] Token verification failed:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'TOKEN_EXPIRED':\n console.log('[JWT] Access token expired, attempting refresh...');\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n console.log('[JWT] Token refreshed successfully, retrying verification');\n return await verifyToken(manager);\n } else {\n console.log('[JWT] Token refresh failed, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Session not found or revoked, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid token, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse 401 error response:', parseError);\n await manager.clearTokens();\n return { valid: false };\n }\n } else {\n console.log('[JWT] Non-401 error during verification, keeping tokens');\n return { valid: false };\n }\n }\n\n const verifyResponse = await response.json() as VerifyResponse;\n console.log('[JWT] Token verification successful:', verifyResponse);\n\n if (verifyResponse.valid) {\n if (typeof verifyResponse.hasKeyshare === 'boolean') {\n await manager.updateKeyshareStatus(verifyResponse.hasKeyshare);\n }\n // Update displayName and avatar if present\n if (manager.getTokens()) {\n if (verifyResponse.displayName !== undefined) {\n await manager.updateDisplayName(verifyResponse.displayName);\n }\n // Avatar update would need similar method\n }\n }\n\n return verifyResponse;\n } catch (error) {\n console.error('[JWT] Token verification network error:', error);\n return { valid: false };\n }\n}\n\nexport async function ensureValidToken(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n // Check if current access token is valid (not expired)\n if (manager.isAuthenticated() && !manager.isTokenExpired()) {\n return true;\n }\n\n console.log('[JWT] Access token expired or missing, attempting refresh...');\n\n // Try to refresh using refresh token\n const refreshToken = manager.getRefreshToken();\n if (refreshToken) {\n console.log('[JWT] Refresh token available, attempting to refresh access token');\n const refreshSuccess = await manager.refreshAccessToken();\n console.log('[JWT] Refresh attempt result:', refreshSuccess);\n return refreshSuccess;\n }\n\n console.log('[JWT] No refresh token available, user needs to re-authenticate');\n return false;\n}\n\nexport async function authenticatedFetch(\n url: string,\n options: RequestInit = {},\n manager: JwtTokenManager = jwtTokenManager\n): Promise<Response> {\n const hasValidToken = await ensureValidToken(manager);\n if (!hasValidToken) {\n throw new Error('No valid authentication token available');\n }\n\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n throw new Error('Failed to get authentication header');\n }\n\n const urlWithProjectId = addProjectIdToUrl(url);\n const requestOptions: RequestInit = {\n ...options,\n headers: {\n ...options.headers,\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n };\n\n const response = await fetch(urlWithProjectId, requestOptions);\n\n // Handle 401 by attempting token refresh\n if (response.status === 401) {\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n const newAuthHeader = manager.getAuthHeader();\n if (newAuthHeader) {\n requestOptions.headers = {\n ...requestOptions.headers,\n Authorization: newAuthHeader\n };\n return fetch(urlWithProjectId, requestOptions);\n }\n }\n }\n\n return response;\n}\n\n// Login functions (non-passkey)\n\nexport async function loginWithUserId(userId: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ userId })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Login failed');\n throw new Error(`Login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithEmail(email: string, code: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/email/verify-code`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ email, code })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Email verification failed');\n throw new Error(`Email verification failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithTelegram(telegramData: {\n id: number;\n first_name: string;\n last_name?: string;\n username?: string;\n photo_url?: string;\n auth_date: number;\n hash: string;\n}, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/telegram/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(telegramData)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Telegram login failed');\n throw new Error(`Telegram login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function syncKeyshareStatus(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n try {\n const verification = await verifyToken(manager);\n if (verification?.valid && typeof verification.hasKeyshare === 'boolean') {\n return verification.hasKeyshare;\n }\n return false;\n } catch {\n return false;\n }\n}\n"]}
package/dist/auth/index.js CHANGED
@@ -82,20 +82,12 @@ var LocalStorageAdapter = class {
82
82
  }
83
83
  }
84
84
  getItem(key) {
85
- console.log("[Storage] getItem called for key:", key);
86
85
  if (this.fallback) {
87
- console.log("[Storage] Using fallback memory storage");
88
86
  return this.fallback.getItem(key);
89
87
  }
90
88
  try {
91
89
  const win = typeof globalThis !== "undefined" && globalThis.window;
92
90
  const value = win?.localStorage?.getItem(key) || null;
93
- console.log("[Storage] Read from localStorage:", {
94
- key,
95
- hasValue: !!value,
96
- valueLength: value?.length,
97
- allKeys: win?.localStorage ? Object.keys(win.localStorage) : []
98
- });
99
91
  return value;
100
92
  } catch (error) {
101
93
  console.error("[Storage] Error reading from localStorage:", error);
@@ -103,24 +95,13 @@ var LocalStorageAdapter = class {
103
95
  }
104
96
  }
105
97
  setItem(key, value) {
106
- console.log("[Storage] setItem called:", { key, valueLength: value.length });
107
98
  if (this.fallback) {
108
- console.log("[Storage] Using fallback memory storage for write");
109
99
  this.fallback.setItem(key, value);
110
100
  return;
111
101
  }
112
102
  try {
113
103
  const win = typeof globalThis !== "undefined" && globalThis.window;
114
104
  win?.localStorage?.setItem(key, value);
115
- console.log("[Storage] Successfully wrote to localStorage");
116
- const verification = win?.localStorage?.getItem(key);
117
- if (!verification) {
118
- console.error("[Storage] \u26A0\uFE0F VERIFICATION FAILED: Value not found after write!");
119
- } else if (verification !== value) {
120
- console.error("[Storage] \u26A0\uFE0F VERIFICATION FAILED: Value mismatch after write!");
121
- } else {
122
- console.log("[Storage] \u2705 Write verified successfully");
123
- }
124
105
  } catch (error) {
125
106
  console.error("[Storage] Error writing to localStorage:", error);
126
107
  if (!this.fallback) {
@@ -309,20 +290,12 @@ var JwtTokenManager = class {
309
290
  }
310
291
  isTokenExpired() {
311
292
  if (!this.tokens) {
312
- console.log("[JWT] No tokens available, considering expired");
313
293
  return true;
314
294
  }
315
295
  const buffer = 30 * 1e3;
316
296
  const now = Date.now();
317
297
  const expiresAt = this.tokens.expiresAt;
318
298
  const isExpired = now > expiresAt - buffer;
319
- console.log("[JWT] Token expiry check:", {
320
- currentTime: now,
321
- expiresAt,
322
- buffer,
323
- timeToExpiry: (expiresAt - now) / 1e3,
324
- isExpired
325
- });
326
299
  return isExpired;
327
300
  }
328
301
  isAuthenticated() {
package/dist/auth/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/auth/base64url.ts","../../src/auth/storage.ts","../../src/utils/project-id.ts","../../src/auth/jwt.ts"],"names":[],"mappings":";AAUO,SAAS,uBAAuB,MAAA,EAA6B;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAChF;AAOO,SAAS,sBAAsB,SAAA,EAA+B;AACnE,EAAA,MAAM,MAAA,GAAS,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC7D,EAAA,MAAM,MAAM,MAAA,CAAO,MAAA,GAAS,IAAI,CAAA,GAAK,MAAA,CAAO,SAAS,CAAA,GAAK,CAAA;AAC1D,EAAA,MAAM,MAAA,GAAS,MAAA,GAAS,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA;AACtC,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAChC;AACA,EAAA,OAAO,KAAA;AACT;AAOO,SAAS,oBAAoB,MAAA,EAA6B;AAC/D,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,KAAK,MAAM,CAAA;AACpB;;;ACbO,IAAM,gBAAN,MAA4C;AAAA,EACzC,OAAA,uBAAc,GAAA,EAAoB;AAAA,EAE1C,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAClC;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC7B;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAA,GAAiB;AACf,IAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,KAAK,OAAA,CAAQ,IAAA;AAAA,EACtB;AACF;AAMO,IAAM,sBAAN,MAAkD;AAAA,EAC/C,QAAA,GAAiC,IAAA;AAAA,EAEzC,WAAA,GAAc;AAEZ,IAAA,IAAI,CAAC,IAAA,CAAK,uBAAA,EAAwB,EAAG;AACnC,MAAA,OAAA,CAAQ,KAAK,sEAAsE,CAAA;AACnF,MAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAAA,IACpC;AAAA,EACF;AAAA,EAEQ,uBAAA,GAAmC;AACzC,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,OAAA,GAAU,GAAA,GAAM,GAAA,CAAI,YAAA,GAAe,KAAA,CAAA;AACzC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAO,KAAA;AAAA,MACT;AAEA,MAAA,MAAM,OAAA,GAAU,wBAAA;AAChB,MAAA,OAAA,CAAQ,OAAA,CAAQ,SAAS,MAAM,CAAA;AAC/B,MAAA,OAAA,CAAQ,WAAW,OAAO,CAAA;AAC1B,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAA,CAAQ,GAAA,CAAI,qCAAqC,GAAG,CAAA;AACpD,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,MAAA,OAAO,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AAAA,IAClC;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,KAAA,GAAQ,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA,IAAK,IAAA;AACjD,MAAA,OAAA,CAAQ,IAAI,mCAAA,EAAqC;AAAA,QAC/C,GAAA;AAAA,QACA,QAAA,EAAU,CAAC,CAAC,KAAA;AAAA,QACZ,aAAa,KAAA,EAAO,MAAA;AAAA,QACpB,OAAA,EAAS,KAAK,YAAA,GAAe,MAAA,CAAO,KAAK,GAAA,CAAI,YAAY,IAAI;AAAC,OAC/D,CAAA;AACD,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8CAA8C,KAAK,CAAA;AACjE,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,OAAA,CAAQ,IAAI,2BAAA,EAA6B,EAAE,KAAK,WAAA,EAAa,KAAA,CAAM,QAAQ,CAAA;AAC3E,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,MAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAChC,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACrC,MAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAG1D,MAAA,MAAM,YAAA,GAAe,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA;AACnD,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAA,CAAQ,MAAM,0EAAgE,CAAA;AAAA,MAChF,CAAA,MAAA,IAAW,iBAAiB,KAAA,EAAO;AACjC,QAAA,OAAA,CAAQ,MAAM,yEAA+D,CAAA;AAAA,MAC/E,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,8CAAyC,CAAA;AAAA,MACvD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAE/D,MAAA,IAAI,CAAC,KAAK,QAAA,EAAU;AAClB,QAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAClC,QAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,IAAA,CAAK,QAAA,CAAS,WAAW,GAAG,CAAA;AAC5B,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,WAAW,GAAG,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,+CAA+C,KAAK,CAAA;AAAA,IACpE;AAAA,EACF;AACF;AAWA,eAAsB,UAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAClC,EAAA,OAAO,MAAA,YAAkB,OAAA,GAAU,MAAM,MAAA,GAAS,MAAA;AACpD;AAKA,eAAsB,UAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACzC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;AAKA,eAAsB,aAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AACrC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;ACtMO,SAAS,YAAA,GAAmC;AAOjD,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,OAAS,WAAmB,MAAA,CAAe,oBAAA;AAAA,EAC7C;AAEA,EAAA,OAAO,MAAA;AACT;AAOO,SAAS,iBAAA,CAAkB,KAAa,SAAA,EAA4B;AACzE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,aAAa,YAAA,EAAa;AACtC,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,MAAM,SAAA,GAAY,GAAA,CAAI,QAAA,CAAS,GAAG,IAAI,GAAA,GAAM,GAAA;AAC5C,MAAA,OAAO,GAAG,GAAG,CAAA,EAAG,SAAS,CAAA,UAAA,EAAa,kBAAA,CAAmB,GAAG,CAAC,CAAA,CAAA;AAAA,IAC/D;AAAA,EACF,SAAS,KAAA,EAAO;AAAA,EAEhB;AACA,EAAA,OAAO,GAAA;AACT;;;ACtCA,IAAM,iBAAA,GAAoB,2BAAA;AAC1B,IAAM,WAAA,GAAc,gCAAA;AAQpB,IAAI,cAAA;AAMG,SAAS,mBAAmB,MAAA,EAGhC;AACD,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA;AAAA,EAChC;AAGF;AAGA,IAAM,aAAA,GAA6D,mCAAA;AAEnE,SAAS,SAAA,GAAoB;AAI3B,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,cAAA,EAAe;AAAA,EACxB;AAGA,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,MAAM,QAAA,GAAa,WAAmB,MAAA,CAAe,kBAAA;AACrD,IAAA,IAAI,UAAU,MAAA,EAAQ;AACpB,MAAA,OAAO,QAAA,CAAS,MAAA;AAAA,IAClB;AAAA,EACF;AAGA,EAAmB;AACjB,IAAA,OAAO,aAAA;AAAA,EACT;AAIF;AAmDO,IAAM,kBAAN,MAAsB;AAAA,EACnB,MAAA,GAA2B,IAAA;AAAA,EAC3B,OAAA;AAAA,EACA,cAAA,GAA0C,IAAA;AAAA;AAAA,EAElD,YAAY,OAAA,EAAwB;AAClC,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA,IAAW,IAAI,mBAAA,EAAoB;AAClD,IAAA,OAAA,CAAQ,IAAI,uCAAuC,CAAA;AACnD,IAAA,IAAA,CAAK,qBAAA,EAAsB;AAAA,EAC7B;AAAA,EAEA,MAAc,qBAAA,GAAuC;AACnD,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,OAAA,CAAQ,QAAQ,iBAAiB,CAAA;AAC3D,MAAA,OAAA,CAAQ,GAAA,CAAI,oCAAA,EAAsC,CAAC,CAAC,MAAM,CAAA;AAE1D,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,MAAM,CAAA;AAC/B,QAAA,OAAA,CAAQ,IAAI,sBAAA,EAAwB;AAAA,UAClC,cAAA,EAAgB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,WAAA;AAAA,UAC/B,eAAA,EAAiB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,YAAA;AAAA,UAChC,MAAA,EAAQ,KAAK,MAAA,EAAQ,MAAA;AAAA,UACrB,SAAA,EAAW,KAAK,MAAA,EAAQ,SAAA;AAAA,UACxB,WAAA,EAAa,KAAK,GAAA,EAAI;AAAA,UACtB,YAAA,EAAc,IAAA,CAAK,MAAA,EAAQ,SAAA,GAAA,CAAa,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,IAAK,GAAA,GAAO;AAAA,SACtF,CAAA;AAED,QAAA,IAAI,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,cAAA,EAAe,EAAG;AACxC,UAAA,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAG3C,UAAA,IAAI,IAAA,CAAK,OAAO,YAAA,EAAc;AAC5B,YAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAAA,UAE/E,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,YAAA,MAAM,KAAK,WAAA,EAAY;AAAA,UACzB;AAAA,QACF,CAAA,MAAO;AACL,UAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,QAC3D;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAAA,MAChD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAC/D,MAAA,MAAM,KAAK,WAAA,EAAY;AAAA,IACzB;AAAA,EACF;AAAA,EAEA,MAAc,mBAAA,GAAqC;AACjD,IAAA,IAAI;AACF,MAAA,IAAI,KAAK,MAAA,EAAQ;AACf,QAAA,MAAM,WAAA,GAAc,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,MAAM,CAAA;AAC9C,QAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,iBAAA,EAAmB,WAAW,CAAA;AACzD,QAAA,MAAM,KAAK,OAAA,CAAQ,OAAA,CAAQ,WAAA,EAAa,IAAA,CAAK,OAAO,MAAM,CAAA;AAAA,MAC5D;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAAA,IAChE;AAAA,EACF;AAAA,EAEA,MAAM,UAAU,QAAA,EAAwC;AACtD,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAS,SAAA,GAAY,GAAA;AACpD,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,cAAc,QAAA,CAAS,YAAA;AAAA,MACvB,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,SAAA;AAAA,MACA,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,WAAA,EAAa,SAAS,WAAA,IAAe,IAAA;AAAA,MACrC,SAAA,EAAW,QAAA,CAAS,SAAA,IAAa;AAAC,KACpC;AAEA,IAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,EACjC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA;AAEzB,IAAA,OAAO,KAAK,MAAA,CAAO,WAAA;AAAA,EACrB;AAAA,EAEA,eAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,YAAA,IAAgB,IAAA;AAAA,EACtC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,YAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,MAAA,EAAQ,SAAA,IAAa,EAAC;AAAA,EACpC;AAAA,EAEA,SAAA,GAA8B;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAAqC;AAC9D,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,WAAA,EAA2C;AACjE,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,cAAA,GAA0B;AACxB,IAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,MAAA,OAAA,CAAQ,IAAI,gDAAgD,CAAA;AAC5D,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,MAAM,SAAA,GAAY,KAAK,MAAA,CAAO,SAAA;AAC9B,IAAA,MAAM,SAAA,GAAY,MAAO,SAAA,GAAY,MAAA;AAErC,IAAA,OAAA,CAAQ,IAAI,2BAAA,EAA6B;AAAA,MACvC,WAAA,EAAa,GAAA;AAAA,MACb,SAAA;AAAA,MACA,MAAA;AAAA,MACA,YAAA,EAAA,CAAe,YAAY,GAAA,IAAO,GAAA;AAAA,MAClC;AAAA,KACD,CAAA;AAED,IAAA,OAAO,SAAA;AAAA,EACT;AAAA,EAEA,eAAA,GAA2B;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,KAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,cAAA,EAAe,EAAG;AAC1B,MAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,WAAA;AAAA,IACvB;AAGA,IAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,YAAA;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,IAAA,CAAK,MAAA,GAAS,IAAA;AACd,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,iBAAiB,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,kBAAA,GAAuC;AAE3C,IAAA,IAAI,KAAK,cAAA,EAAgB;AACvB,MAAA,OAAA,CAAQ,IAAI,sEAAsE,CAAA;AAClF,MAAA,OAAO,IAAA,CAAK,cAAA;AAAA,IACd;AAEA,IAAA,MAAM,YAAA,GAAe,KAAK,eAAA,EAAgB;AAC1C,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAA,CAAQ,KAAK,8CAA8C,CAAA;AAC3D,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAG3D,IAAA,IAAA,CAAK,kBAAkB,YAAY;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,mBAAmB,CAAA,EAAG;AAAA,UACjF,MAAA,EAAQ,MAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,UAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,cAAc;AAAA,SACtC,CAAA;AAED,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,UAAA,OAAA,CAAQ,GAAA,CAAI,yCAAA,EAA2C,QAAA,CAAS,MAAM,CAAA;AAEtE,UAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,YAAA,IAAI;AACF,cAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,cAAA,OAAA,CAAQ,GAAA,CAAI,oCAAoC,SAAS,CAAA;AAGzD,cAAA,QAAQ,UAAU,UAAA;AAAY,gBAC5B,KAAK,mBAAA;AACH,kBAAA,OAAA,CAAQ,IAAI,wDAAwD,CAAA;AACpE,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA,gBAET,KAAK,eAAA;AAAA,gBACL;AACE,kBAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAC1D,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA;AACX,YACF,SAAS,UAAA,EAAY;AACnB,cAAA,OAAA,CAAQ,IAAA,CAAK,qDAAqD,UAAU,CAAA;AAC5E,cAAA,MAAM,KAAK,WAAA,EAAY;AACvB,cAAA,OAAO,KAAA;AAAA,YACT;AAAA,UACF,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,6EAA6E,CAAA;AACzF,YAAA,OAAO,KAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,MAAM,eAAA,GAAkB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC5C,QAAA,OAAA,CAAQ,GAAA,CAAI,gDAAA,EAAkD,eAAA,CAAgB,SAAA,EAAW,SAAS,CAAA;AAElG,QAAA,IAAI,KAAK,MAAA,EAAQ;AAEf,UAAA,IAAA,CAAK,MAAA,CAAO,cAAc,eAAA,CAAgB,WAAA;AAC1C,UAAA,IAAA,CAAK,MAAA,CAAO,eAAe,eAAA,CAAgB,YAAA;AAC3C,UAAA,IAAA,CAAK,MAAA,CAAO,YAAY,eAAA,CAAgB,SAAA;AACxC,UAAA,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,gBAAgB,SAAA,GAAY,GAAA;AACjE,UAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,UAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,OAAA,CAAQ,MAAM,oCAAoC,CAAA;AAClD,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,sCAAsC,KAAK,CAAA;AAEzD,QAAA,OAAO,KAAA;AAAA,MACT,CAAA,SAAE;AAEA,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AACtB,QAAA,OAAA,CAAQ,IAAI,kDAAkD,CAAA;AAAA,MAChE;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,OAAO,IAAA,CAAK,cAAA;AAAA,EACd;AAAA,EAEA,aAAA,GAA+B;AAC7B,IAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,EAAe;AAClC,IAAA,OAAO,KAAA,GAAQ,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,GAAK,IAAA;AAAA,EACrC;AACF;AAGO,IAAM,eAAA,GAAkB,IAAI,eAAA;AAK5B,SAAS,sBAAsB,OAAA,EAAwC;AAC5E,EAAA,OAAO,IAAI,gBAAgB,OAAO,CAAA;AACpC;AAIA,eAAsB,MAAA,CAAO,UAA2B,eAAA,EAAgC;AACtF,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAM,iBAAA,CAAkB,CAAA,EAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,QAC/D,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,aAAA,EAAe,UAAA;AAAA,UACf,cAAA,EAAgB;AAAA;AAClB,OACD,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,uBAAuB,KAAK,CAAA;AAAA,EAC5C,CAAA,SAAE;AACA,IAAA,MAAM,QAAQ,WAAA,EAAY;AAAA,EAC5B;AACF;AAEA,eAAsB,WAAA,CAAY,UAA2B,eAAA,EAAiD;AAC5G,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAA,CAAQ,IAAI,iDAAiD,CAAA;AAC7D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,MAChF,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,EAAE,aAAA,EAAe,UAAA;AAAW,KACtC,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,OAAA,CAAQ,GAAA,CAAI,kCAAA,EAAoC,QAAA,CAAS,MAAM,CAAA;AAE/D,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,UAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,SAAS,CAAA;AAGjD,UAAA,QAAQ,UAAU,UAAA;AAAY,YAC5B,KAAK,eAAA;AACH,cAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,cAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,cAAA,IAAI,cAAA,EAAgB;AAClB,gBAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AACvE,gBAAA,OAAO,MAAM,YAAY,OAAO,CAAA;AAAA,cAClC,CAAA,MAAO;AACL,gBAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AACzD,gBAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,gBAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,cACxB;AAAA,YAEF,KAAK,mBAAA;AACH,cAAA,OAAA,CAAQ,IAAI,qDAAqD,CAAA;AACjE,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,YAExB,KAAK,eAAA;AAAA,YACL;AACE,cAAA,OAAA,CAAQ,IAAI,sCAAsC,CAAA;AAClD,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA;AAC1B,QACF,SAAS,UAAA,EAAY;AACnB,UAAA,OAAA,CAAQ,IAAA,CAAK,6CAA6C,UAAU,CAAA;AACpE,UAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,UAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,QACxB;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,yDAAyD,CAAA;AACrE,QAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,MACxB;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,IAAA,OAAA,CAAQ,GAAA,CAAI,wCAAwC,cAAc,CAAA;AAElE,IAAA,IAAI,eAAe,KAAA,EAAO;AACxB,MAAA,IAAI,OAAO,cAAA,CAAe,WAAA,KAAgB,SAAA,EAAW;AACnD,QAAA,MAAM,OAAA,CAAQ,oBAAA,CAAqB,cAAA,CAAe,WAAW,CAAA;AAAA,MAC/D;AAEA,MAAA,IAAI,OAAA,CAAQ,WAAU,EAAG;AACvB,QAAA,IAAI,cAAA,CAAe,gBAAgB,KAAA,CAAA,EAAW;AAC5C,UAAA,MAAM,OAAA,CAAQ,iBAAA,CAAkB,cAAA,CAAe,WAAW,CAAA;AAAA,QAC5D;AAAA,MAEF;AAAA,IACF;AAEA,IAAA,OAAO,cAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAC9D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AACF;AAEA,eAAsB,gBAAA,CAAiB,UAA2B,eAAA,EAAmC;AAEnG,EAAA,IAAI,QAAQ,eAAA,EAAgB,IAAK,CAAC,OAAA,CAAQ,gBAAe,EAAG;AAC1D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,8DAA8D,CAAA;AAG1E,EAAA,MAAM,YAAA,GAAe,QAAQ,eAAA,EAAgB;AAC7C,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,OAAA,CAAQ,IAAI,mEAAmE,CAAA;AAC/E,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,OAAA,CAAQ,GAAA,CAAI,iCAAiC,cAAc,CAAA;AAC3D,IAAA,OAAO,cAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAC7E,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,mBACpB,GAAA,EACA,OAAA,GAAuB,EAAC,EACxB,UAA2B,eAAA,EACR;AACnB,EAAA,MAAM,aAAA,GAAgB,MAAM,gBAAA,CAAiB,OAAO,CAAA;AACpD,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,EAC3D;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,EACvD;AAEA,EAAA,MAAM,gBAAA,GAAmB,kBAAkB,GAAG,CAAA;AAC9C,EAAA,MAAM,cAAA,GAA8B;AAAA,IAClC,GAAG,OAAA;AAAA,IACH,OAAA,EAAS;AAAA,MACP,GAAG,OAAA,CAAQ,OAAA;AAAA,MACX,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB;AAAA;AAClB,GACF;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,gBAAA,EAAkB,cAAc,CAAA;AAG7D,EAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,EAAc;AAC5C,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,cAAA,CAAe,OAAA,GAAU;AAAA,UACvB,GAAG,cAAA,CAAe,OAAA;AAAA,UAClB,aAAA,EAAe;AAAA,SACjB;AACA,QAAA,OAAO,KAAA,CAAM,kBAAkB,cAAc,CAAA;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,QAAA;AACT;AAIA,eAAsB,eAAA,CAAgB,QAAgB,OAAA,EAA+D;AACnH,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,iBAAiB,CAAA,EAAG;AAAA,IAC/E,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,QAAQ;AAAA,GAChC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,cAAc,CAAA;AAClE,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,cAAA,EAAiB,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EACjE;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,cAAA,CAAe,KAAA,EAAe,IAAA,EAAc,OAAA,EAA+D;AAC/H,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,6BAA6B,CAAA,EAAG;AAAA,IAC3F,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,MAAM,IAAA,CAAK,SAAA,CAAU,EAAE,KAAA,EAAO,MAAM;AAAA,GACrC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,2BAA2B,CAAA;AAC/E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC9E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,iBAAA,CAAkB,cAQrC,OAAA,EAA+D;AAChE,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,0BAA0B,CAAA,EAAG;AAAA,IACxF,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,YAAY;AAAA,GAClC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,uBAAuB,CAAA;AAC3E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uBAAA,EAA0B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,kBAAA,CAAmB,UAA2B,eAAA,EAAmC;AACrG,EAAA,IAAI;AACF,IAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,OAAO,CAAA;AAC9C,IAAA,IAAI,YAAA,EAAc,KAAA,IAAS,OAAO,YAAA,CAAa,gBAAgB,SAAA,EAAW;AACxE,MAAA,OAAO,YAAA,CAAa,WAAA;AAAA,IACtB;AACA,IAAA,OAAO,KAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF","file":"index.js","sourcesContent":["/**\n * Base64URL encoding/decoding utilities\n * Used for WebAuthn and JWT operations\n */\n\n/**\n * Convert ArrayBuffer to Base64URL string\n * @param buffer - ArrayBuffer to convert\n * @returns Base64URL encoded string\n */\nexport function arrayBufferToBase64url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/g, '');\n}\n\n/**\n * Convert Base64URL string to Uint8Array\n * @param base64url - Base64URL string to convert\n * @returns Uint8Array\n */\nexport function base64urlToUint8Array(base64url: string): Uint8Array {\n const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');\n const pad = base64.length % 4 ? 4 - (base64.length % 4) : 0;\n const padded = base64 + '='.repeat(pad);\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n}\n\n/**\n * Convert ArrayBuffer to standard Base64 string (not URL-safe)\n * @param buffer - ArrayBuffer to convert\n * @returns Base64 encoded string\n */\nexport function arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n","/**\n * Storage abstraction layer for tokens and keyshares\n * Allows the core package to work in both browser and Node.js environments\n */\n\n/**\n * Storage interface for storing key-value pairs\n * Can be implemented for different storage backends (localStorage, Redis, memory, etc.)\n */\nexport interface TokenStorage {\n /**\n * Get item from storage\n * @param key - Storage key\n * @returns Value or null if not found\n */\n getItem(key: string): Promise<string | null> | string | null;\n\n /**\n * Set item in storage\n * @param key - Storage key\n * @param value - Value to store\n */\n setItem(key: string, value: string): Promise<void> | void;\n\n /**\n * Remove item from storage\n * @param key - Storage key\n */\n removeItem(key: string): Promise<void> | void;\n}\n\n/**\n * In-memory storage adapter\n * Useful for server-side usage where persistence is not required\n */\nexport class MemoryStorage implements TokenStorage {\n private storage = new Map<string, string>();\n\n getItem(key: string): string | null {\n return this.storage.get(key) || null;\n }\n\n setItem(key: string, value: string): void {\n this.storage.set(key, value);\n }\n\n removeItem(key: string): void {\n this.storage.delete(key);\n }\n\n /**\n * Clear all items from memory storage\n */\n clear(): void {\n this.storage.clear();\n }\n\n /**\n * Get all keys in storage\n */\n keys(): string[] {\n return Array.from(this.storage.keys());\n }\n\n /**\n * Get number of items in storage\n */\n get size(): number {\n return this.storage.size;\n }\n}\n\n/**\n * LocalStorage adapter for browser environments\n * Falls back to memory storage if localStorage is not available\n */\nexport class LocalStorageAdapter implements TokenStorage {\n private fallback: MemoryStorage | null = null;\n\n constructor() {\n // Check if localStorage is available\n if (!this.isLocalStorageAvailable()) {\n console.warn('[Storage] localStorage not available, falling back to memory storage');\n this.fallback = new MemoryStorage();\n }\n }\n\n private isLocalStorageAvailable(): boolean {\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const storage = win ? win.localStorage : undefined;\n if (!storage) {\n return false;\n }\n // Test if we can actually use localStorage (some browsers block it in private mode)\n const testKey = '__lumia_storage_test__';\n storage.setItem(testKey, 'test');\n storage.removeItem(testKey);\n return true;\n } catch {\n return false;\n }\n }\n\n getItem(key: string): string | null {\n console.log('[Storage] getItem called for key:', key);\n if (this.fallback) {\n console.log('[Storage] Using fallback memory storage');\n return this.fallback.getItem(key);\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const value = win?.localStorage?.getItem(key) || null;\n console.log('[Storage] Read from localStorage:', {\n key,\n hasValue: !!value,\n valueLength: value?.length,\n allKeys: win?.localStorage ? Object.keys(win.localStorage) : []\n });\n return value;\n } catch (error) {\n console.error('[Storage] Error reading from localStorage:', error);\n return null;\n }\n }\n\n setItem(key: string, value: string): void {\n console.log('[Storage] setItem called:', { key, valueLength: value.length });\n if (this.fallback) {\n console.log('[Storage] Using fallback memory storage for write');\n this.fallback.setItem(key, value);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.setItem(key, value);\n console.log('[Storage] Successfully wrote to localStorage');\n\n // Verify write\n const verification = win?.localStorage?.getItem(key);\n if (!verification) {\n console.error('[Storage] ⚠️ VERIFICATION FAILED: Value not found after write!');\n } else if (verification !== value) {\n console.error('[Storage] ⚠️ VERIFICATION FAILED: Value mismatch after write!');\n } else {\n console.log('[Storage] ✅ Write verified successfully');\n }\n } catch (error) {\n console.error('[Storage] Error writing to localStorage:', error);\n // Initialize fallback if localStorage fails\n if (!this.fallback) {\n this.fallback = new MemoryStorage();\n this.fallback.setItem(key, value);\n }\n }\n }\n\n removeItem(key: string): void {\n if (this.fallback) {\n this.fallback.removeItem(key);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.removeItem(key);\n } catch (error) {\n console.error('[Storage] Error removing from localStorage:', error);\n }\n }\n}\n\n/**\n * Keyshare storage interface (same as TokenStorage but with a different name for clarity)\n */\nexport interface KeyshareStorage extends TokenStorage {}\n\n/**\n * Helper to normalize storage operations to always be async\n * This allows mixing sync and async storage implementations\n */\nexport async function storageGet(\n storage: TokenStorage,\n key: string\n): Promise<string | null> {\n const result = storage.getItem(key);\n return result instanceof Promise ? await result : result;\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageSet(\n storage: TokenStorage,\n key: string,\n value: string\n): Promise<void> {\n const result = storage.setItem(key, value);\n if (result instanceof Promise) {\n await result;\n }\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageRemove(\n storage: TokenStorage,\n key: string\n): Promise<void> {\n const result = storage.removeItem(key);\n if (result instanceof Promise) {\n await result;\n }\n}\n","/**\n * Project ID management for Lumia Passport Core\n * Adapted to work in both browser and Node.js environments\n */\n\nlet globalProjectId: string | undefined;\n\n/**\n * Set the global project ID\n * @param projectId - The project ID to set\n */\nexport function setProjectId(projectId: string): void {\n globalProjectId = projectId;\n}\n\n/**\n * Get the current project ID\n * Priority: 1. Explicitly set via setProjectId(), 2. window.__LUMIA_PROJECT_ID__ (browser only)\n */\nexport function getProjectId(): string | undefined {\n // First check explicitly set projectId\n if (globalProjectId) {\n return globalProjectId;\n }\n\n // Fallback to window global (browser only)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n return ((globalThis as any).window as any).__LUMIA_PROJECT_ID__;\n }\n\n return undefined;\n}\n\n/**\n * Add projectId to URL query parameters\n * @param url - The URL to add projectId to\n * @param projectId - Optional explicit projectId (uses getProjectId() if not provided)\n */\nexport function addProjectIdToUrl(url: string, projectId?: string): string {\n try {\n const pid = projectId || getProjectId();\n if (pid) {\n const separator = url.includes('?') ? '&' : '?';\n return `${url}${separator}projectId=${encodeURIComponent(pid)}`;\n }\n } catch (error) {\n // Silently fail and return original URL\n }\n return url;\n}\n\n/**\n * Clear the globally set project ID\n */\nexport function clearProjectId(): void {\n globalProjectId = undefined;\n}\n","/**\n * JWT Token Management\n * Adapted from lumia-passport-ui-kit/src/internal/auth/jwt.ts\n * Browser-specific features (passkey auth) remain in UI kit\n */\n\nimport type { TokenStorage } from './storage';\nimport { LocalStorageAdapter } from './storage';\nimport { addProjectIdToUrl } from '../utils/project-id';\n\n// Token storage keys\nconst TOKEN_STORAGE_KEY = 'lumia-passport-jwt-tokens';\nconst USER_ID_KEY = 'lumia-passport-current-user-id';\n\n// Build-time injected URLs (tsup.define)\ndeclare const __LUMIA_TSS_URL__: string;\ndeclare const __LUMIA_BUNDLER_URL__: string;\ndeclare const __LUMIA_SHARE_VAULT_URL__: string;\n\n// Service URL provider - will be set by config\nlet tssUrlProvider: (() => string) | undefined;\n\n/**\n * Configure JWT module with service URLs\n * Call this from createLumiaPassportCore (backend usage)\n */\nexport function configureJwtModule(config: {\n tssUrl?: string;\n projectId?: string;\n}) {\n if (config.tssUrl) {\n tssUrlProvider = () => config.tssUrl!;\n }\n // Note: projectId is now handled via addProjectIdToUrl from utils/project-id\n // which reads from window.__LUMIA_PROJECT_ID__ or can be set via setProjectId()\n}\n\n// Build-time default from .env (will be replaced by tsup define)\nconst BUILD_TSS_URL = (typeof __LUMIA_TSS_URL__ !== 'undefined' && __LUMIA_TSS_URL__) || '';\n\nfunction getTssUrl(): string {\n // Priority: runtime config > window.__LUMIA_SERVICES__ > build-time default > hardcoded fallback\n\n // 1. Runtime config (backend usage via configureJwtModule)\n if (tssUrlProvider) {\n return tssUrlProvider();\n }\n\n // 2. Browser runtime config from LumiaPassportProvider (window.__LUMIA_SERVICES__)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n const services = ((globalThis as any).window as any).__LUMIA_SERVICES__;\n if (services?.tssUrl) {\n return services.tssUrl;\n }\n }\n\n // 3. Build-time injected default (from .env during pnpm build)\n if (BUILD_TSS_URL) {\n return BUILD_TSS_URL;\n }\n\n // 4. Hardcoded fallback\n return 'http://localhost:9256';\n}\n\n// addProjectIdToUrl is imported from '../utils/project-id'\n// It automatically reads from window.__LUMIA_PROJECT_ID__ or global setProjectId()\n\n// Types\nexport interface JwtTokens {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n expiresAt: number;\n hasKeyshare?: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface LoginResponse {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n hasKeyshare: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface RefreshResponse {\n accessToken: string;\n refreshToken: string;\n expiresIn: number;\n}\n\nexport interface VerifyResponse {\n valid: boolean;\n userId?: string;\n sessionId?: string;\n exp?: number;\n hasKeyshare?: boolean;\n displayName?: string | null;\n avatar?: string | null;\n}\n\n/**\n * JWT Token Manager\n * Handles token storage, refresh, and validation\n */\nexport class JwtTokenManager {\n private tokens: JwtTokens | null = null;\n private storage: TokenStorage;\n private refreshPromise: Promise<boolean> | null = null; // Mutex for refresh operations\n\n constructor(storage?: TokenStorage) {\n this.storage = storage || new LocalStorageAdapter();\n console.log('[JWT] JwtTokenManager initializing...');\n this.loadTokensFromStorage();\n }\n\n private async loadTokensFromStorage(): Promise<void> {\n try {\n const stored = await this.storage.getItem(TOKEN_STORAGE_KEY);\n console.log('[JWT] Loading tokens from storage:', !!stored);\n\n if (stored) {\n this.tokens = JSON.parse(stored);\n console.log('[JWT] Parsed tokens:', {\n hasAccessToken: !!this.tokens?.accessToken,\n hasRefreshToken: !!this.tokens?.refreshToken,\n userId: this.tokens?.userId,\n expiresAt: this.tokens?.expiresAt,\n currentTime: Date.now(),\n timeToExpiry: this.tokens?.expiresAt ? (this.tokens.expiresAt - Date.now()) / 1000 : 'N/A'\n });\n\n if (this.tokens && this.isTokenExpired()) {\n console.log('[JWT] Access token is expired');\n\n // Check if we have a refresh token to attempt renewal\n if (this.tokens.refreshToken) {\n console.log('[JWT] Refresh token available, will attempt renewal when needed');\n // Keep tokens - they will be refreshed on the first API call via ensureValidToken()\n } else {\n console.log('[JWT] No refresh token available, clearing tokens');\n await this.clearTokens();\n }\n } else {\n console.log('[JWT] Access token is valid, keeping tokens');\n }\n } else {\n console.log('[JWT] No tokens found in storage');\n }\n } catch (error) {\n console.error('[JWT] Error loading tokens from storage:', error);\n await this.clearTokens();\n }\n }\n\n private async saveTokensToStorage(): Promise<void> {\n try {\n if (this.tokens) {\n const tokenString = JSON.stringify(this.tokens);\n await this.storage.setItem(TOKEN_STORAGE_KEY, tokenString);\n await this.storage.setItem(USER_ID_KEY, this.tokens.userId);\n }\n } catch (error) {\n console.error('[JWT] Failed to save tokens to storage:', error);\n }\n }\n\n async setTokens(response: LoginResponse): Promise<void> {\n const expiresAt = Date.now() + response.expiresIn * 1000;\n this.tokens = {\n accessToken: response.accessToken,\n refreshToken: response.refreshToken,\n userId: response.userId,\n expiresIn: response.expiresIn,\n expiresAt,\n hasKeyshare: response.hasKeyshare,\n isNewUser: response.isNewUser,\n avatar: response.avatar ?? null,\n displayName: response.displayName ?? null,\n providers: response.providers ?? []\n };\n\n await this.saveTokensToStorage();\n }\n\n getAccessToken(): string | null {\n if (!this.tokens) return null;\n // Return access token even if expired - ensureValidToken() will handle refresh\n return this.tokens.accessToken;\n }\n\n getRefreshToken(): string | null {\n return this.tokens?.refreshToken || null;\n }\n\n getUserId(): string | null {\n return this.tokens?.userId || null;\n }\n\n getHasKeyshare(): boolean | null {\n return this.tokens?.hasKeyshare ?? null;\n }\n\n getAvatar(): string | null {\n return this.tokens?.avatar || null;\n }\n\n getDisplayName(): string | null {\n return this.tokens?.displayName || null;\n }\n\n getProviders(): string[] {\n return this.tokens?.providers ?? [];\n }\n\n getTokens(): JwtTokens | null {\n return this.tokens;\n }\n\n async updateKeyshareStatus(hasKeyshare: boolean): Promise<void> {\n if (this.tokens) {\n this.tokens.hasKeyshare = hasKeyshare;\n await this.saveTokensToStorage();\n }\n }\n\n async updateDisplayName(displayName: string | null): Promise<void> {\n if (this.tokens) {\n this.tokens.displayName = displayName;\n await this.saveTokensToStorage();\n }\n }\n\n isTokenExpired(): boolean {\n if (!this.tokens) {\n console.log('[JWT] No tokens available, considering expired');\n return true;\n }\n\n const buffer = 30 * 1000; // 30 seconds buffer\n const now = Date.now();\n const expiresAt = this.tokens.expiresAt;\n const isExpired = now > (expiresAt - buffer);\n\n console.log('[JWT] Token expiry check:', {\n currentTime: now,\n expiresAt: expiresAt,\n buffer: buffer,\n timeToExpiry: (expiresAt - now) / 1000,\n isExpired: isExpired\n });\n\n return isExpired;\n }\n\n isAuthenticated(): boolean {\n // Consider authenticated if we have either valid access token OR refresh token\n if (!this.tokens) return false;\n\n if (!this.isTokenExpired()) {\n return !!this.tokens.accessToken;\n }\n\n // If access token is expired but we have refresh token, we're still authenticated\n return !!this.tokens.refreshToken;\n }\n\n async clearTokens(): Promise<void> {\n this.tokens = null;\n await this.storage.removeItem(TOKEN_STORAGE_KEY);\n await this.storage.removeItem(USER_ID_KEY);\n }\n\n async refreshAccessToken(): Promise<boolean> {\n // If refresh is already in progress, wait for it to complete\n if (this.refreshPromise) {\n console.log('[JWT] Refresh already in progress, waiting for existing operation...');\n return this.refreshPromise;\n }\n\n const refreshToken = this.getRefreshToken();\n if (!refreshToken) {\n console.warn('[JWT] No refresh token available for refresh');\n return false;\n }\n\n console.log('[JWT] Starting new token refresh operation...');\n\n // Create and store the refresh promise (mutex pattern)\n this.refreshPromise = (async () => {\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/refresh`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ refreshToken })\n });\n\n if (!response.ok) {\n console.log('[JWT] Token refresh failed with status:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] Refresh 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Refresh token session not found, clearing tokens');\n await this.clearTokens();\n return false;\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid refresh token, clearing tokens');\n await this.clearTokens();\n return false;\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse refresh 401 error response:', parseError);\n await this.clearTokens();\n return false;\n }\n } else {\n console.log('[JWT] Non-401 error during refresh, keeping tokens (might be network error)');\n return false;\n }\n }\n\n const refreshResponse = await response.json() as RefreshResponse;\n console.log('[JWT] Token refresh successful, new expiry in:', refreshResponse.expiresIn, 'seconds');\n\n if (this.tokens) {\n // Update both access and refresh tokens (token rotation)\n this.tokens.accessToken = refreshResponse.accessToken;\n this.tokens.refreshToken = refreshResponse.refreshToken;\n this.tokens.expiresIn = refreshResponse.expiresIn;\n this.tokens.expiresAt = Date.now() + refreshResponse.expiresIn * 1000;\n await this.saveTokensToStorage();\n console.log('[JWT] Refreshed tokens saved to storage');\n return true;\n }\n\n console.error('[JWT] No existing tokens to update');\n return false;\n } catch (error) {\n console.error('[JWT] Token refresh network error:', error);\n // Don't clear tokens on network errors - might be temporary\n return false;\n } finally {\n // Clear the mutex when operation completes (success or failure)\n this.refreshPromise = null;\n console.log('[JWT] Refresh operation completed, mutex cleared');\n }\n })();\n\n return this.refreshPromise;\n }\n\n getAuthHeader(): string | null {\n const token = this.getAccessToken();\n return token ? `Bearer ${token}` : null;\n }\n}\n\n// Default instance with LocalStorage\nexport const jwtTokenManager = new JwtTokenManager();\n\n/**\n * Create a custom JWT token manager with specific storage\n */\nexport function createJwtTokenManager(storage: TokenStorage): JwtTokenManager {\n return new JwtTokenManager(storage);\n}\n\n// Authentication functions\n\nexport async function logout(manager: JwtTokenManager = jwtTokenManager): Promise<void> {\n try {\n const authHeader = manager.getAuthHeader();\n if (authHeader) {\n await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/logout`), {\n method: 'POST',\n headers: {\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n });\n }\n } catch (error) {\n console.error('[JWT] Logout error:', error);\n } finally {\n await manager.clearTokens();\n }\n}\n\nexport async function verifyToken(manager: JwtTokenManager = jwtTokenManager): Promise<VerifyResponse | null> {\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n console.log('[JWT] No auth header available for verification');\n return { valid: false };\n }\n\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/verify`), {\n method: 'GET',\n headers: { Authorization: authHeader }\n });\n\n if (!response.ok) {\n console.log('[JWT] Token verification failed:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'TOKEN_EXPIRED':\n console.log('[JWT] Access token expired, attempting refresh...');\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n console.log('[JWT] Token refreshed successfully, retrying verification');\n return await verifyToken(manager);\n } else {\n console.log('[JWT] Token refresh failed, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Session not found or revoked, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid token, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse 401 error response:', parseError);\n await manager.clearTokens();\n return { valid: false };\n }\n } else {\n console.log('[JWT] Non-401 error during verification, keeping tokens');\n return { valid: false };\n }\n }\n\n const verifyResponse = await response.json() as VerifyResponse;\n console.log('[JWT] Token verification successful:', verifyResponse);\n\n if (verifyResponse.valid) {\n if (typeof verifyResponse.hasKeyshare === 'boolean') {\n await manager.updateKeyshareStatus(verifyResponse.hasKeyshare);\n }\n // Update displayName and avatar if present\n if (manager.getTokens()) {\n if (verifyResponse.displayName !== undefined) {\n await manager.updateDisplayName(verifyResponse.displayName);\n }\n // Avatar update would need similar method\n }\n }\n\n return verifyResponse;\n } catch (error) {\n console.error('[JWT] Token verification network error:', error);\n return { valid: false };\n }\n}\n\nexport async function ensureValidToken(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n // Check if current access token is valid (not expired)\n if (manager.isAuthenticated() && !manager.isTokenExpired()) {\n return true;\n }\n\n console.log('[JWT] Access token expired or missing, attempting refresh...');\n\n // Try to refresh using refresh token\n const refreshToken = manager.getRefreshToken();\n if (refreshToken) {\n console.log('[JWT] Refresh token available, attempting to refresh access token');\n const refreshSuccess = await manager.refreshAccessToken();\n console.log('[JWT] Refresh attempt result:', refreshSuccess);\n return refreshSuccess;\n }\n\n console.log('[JWT] No refresh token available, user needs to re-authenticate');\n return false;\n}\n\nexport async function authenticatedFetch(\n url: string,\n options: RequestInit = {},\n manager: JwtTokenManager = jwtTokenManager\n): Promise<Response> {\n const hasValidToken = await ensureValidToken(manager);\n if (!hasValidToken) {\n throw new Error('No valid authentication token available');\n }\n\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n throw new Error('Failed to get authentication header');\n }\n\n const urlWithProjectId = addProjectIdToUrl(url);\n const requestOptions: RequestInit = {\n ...options,\n headers: {\n ...options.headers,\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n };\n\n const response = await fetch(urlWithProjectId, requestOptions);\n\n // Handle 401 by attempting token refresh\n if (response.status === 401) {\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n const newAuthHeader = manager.getAuthHeader();\n if (newAuthHeader) {\n requestOptions.headers = {\n ...requestOptions.headers,\n Authorization: newAuthHeader\n };\n return fetch(urlWithProjectId, requestOptions);\n }\n }\n }\n\n return response;\n}\n\n// Login functions (non-passkey)\n\nexport async function loginWithUserId(userId: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ userId })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Login failed');\n throw new Error(`Login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithEmail(email: string, code: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/email/verify-code`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ email, code })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Email verification failed');\n throw new Error(`Email verification failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithTelegram(telegramData: {\n id: number;\n first_name: string;\n last_name?: string;\n username?: string;\n photo_url?: string;\n auth_date: number;\n hash: string;\n}, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/telegram/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(telegramData)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Telegram login failed');\n throw new Error(`Telegram login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function syncKeyshareStatus(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n try {\n const verification = await verifyToken(manager);\n if (verification?.valid && typeof verification.hasKeyshare === 'boolean') {\n return verification.hasKeyshare;\n }\n return false;\n } catch {\n return false;\n }\n}\n"]}
1
+ {"version":3,"sources":["../../src/auth/base64url.ts","../../src/auth/storage.ts","../../src/utils/project-id.ts","../../src/auth/jwt.ts"],"names":[],"mappings":";AAUO,SAAS,uBAAuB,MAAA,EAA6B;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAChF;AAOO,SAAS,sBAAsB,SAAA,EAA+B;AACnE,EAAA,MAAM,MAAA,GAAS,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC7D,EAAA,MAAM,MAAM,MAAA,CAAO,MAAA,GAAS,IAAI,CAAA,GAAK,MAAA,CAAO,SAAS,CAAA,GAAK,CAAA;AAC1D,EAAA,MAAM,MAAA,GAAS,MAAA,GAAS,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA;AACtC,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAChC;AACA,EAAA,OAAO,KAAA;AACT;AAOO,SAAS,oBAAoB,MAAA,EAA6B;AAC/D,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,KAAK,MAAM,CAAA;AACpB;;;ACbO,IAAM,gBAAN,MAA4C;AAAA,EACzC,OAAA,uBAAc,GAAA,EAAoB;AAAA,EAE1C,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAClC;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC7B;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAA,GAAiB;AACf,IAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,KAAK,OAAA,CAAQ,IAAA;AAAA,EACtB;AACF;AAMO,IAAM,sBAAN,MAAkD;AAAA,EAC/C,QAAA,GAAiC,IAAA;AAAA,EAEzC,WAAA,GAAc;AAEZ,IAAA,IAAI,CAAC,IAAA,CAAK,uBAAA,EAAwB,EAAG;AACnC,MAAA,OAAA,CAAQ,KAAK,sEAAsE,CAAA;AACnF,MAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAAA,IACpC;AAAA,EACF;AAAA,EAEQ,uBAAA,GAAmC;AACzC,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,OAAA,GAAU,GAAA,GAAM,GAAA,CAAI,YAAA,GAAe,KAAA,CAAA;AACzC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAO,KAAA;AAAA,MACT;AAEA,MAAA,MAAM,OAAA,GAAU,wBAAA;AAChB,MAAA,OAAA,CAAQ,OAAA,CAAQ,SAAS,MAAM,CAAA;AAC/B,MAAA,OAAA,CAAQ,WAAW,OAAO,CAAA;AAC1B,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,QAAQ,GAAA,EAA4B;AAClC,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAO,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AAAA,IAClC;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,KAAA,GAAQ,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA,IAAK,IAAA;AACjD,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8CAA8C,KAAK,CAAA;AACjE,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAChC,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,IACvC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAE/D,MAAA,IAAI,CAAC,KAAK,QAAA,EAAU;AAClB,QAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAClC,QAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,IAAA,CAAK,QAAA,CAAS,WAAW,GAAG,CAAA;AAC5B,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,WAAW,GAAG,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,+CAA+C,KAAK,CAAA;AAAA,IACpE;AAAA,EACF;AACF;AAWA,eAAsB,UAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAClC,EAAA,OAAO,MAAA,YAAkB,OAAA,GAAU,MAAM,MAAA,GAAS,MAAA;AACpD;AAKA,eAAsB,UAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACzC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;AAKA,eAAsB,aAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AACrC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;ACjLO,SAAS,YAAA,GAAmC;AAOjD,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,OAAS,WAAmB,MAAA,CAAe,oBAAA;AAAA,EAC7C;AAEA,EAAA,OAAO,MAAA;AACT;AAOO,SAAS,iBAAA,CAAkB,KAAa,SAAA,EAA4B;AACzE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,aAAa,YAAA,EAAa;AACtC,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,MAAM,SAAA,GAAY,GAAA,CAAI,QAAA,CAAS,GAAG,IAAI,GAAA,GAAM,GAAA;AAC5C,MAAA,OAAO,GAAG,GAAG,CAAA,EAAG,SAAS,CAAA,UAAA,EAAa,kBAAA,CAAmB,GAAG,CAAC,CAAA,CAAA;AAAA,IAC/D;AAAA,EACF,SAAS,KAAA,EAAO;AAAA,EAEhB;AACA,EAAA,OAAO,GAAA;AACT;;;ACtCA,IAAM,iBAAA,GAAoB,2BAAA;AAC1B,IAAM,WAAA,GAAc,gCAAA;AAQpB,IAAI,cAAA;AAMG,SAAS,mBAAmB,MAAA,EAGhC;AACD,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA;AAAA,EAChC;AAGF;AAGA,IAAM,aAAA,GAA6D,mCAAA;AAEnE,SAAS,SAAA,GAAoB;AAI3B,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,cAAA,EAAe;AAAA,EACxB;AAGA,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,MAAM,QAAA,GAAa,WAAmB,MAAA,CAAe,kBAAA;AACrD,IAAA,IAAI,UAAU,MAAA,EAAQ;AACpB,MAAA,OAAO,QAAA,CAAS,MAAA;AAAA,IAClB;AAAA,EACF;AAGA,EAAmB;AACjB,IAAA,OAAO,aAAA;AAAA,EACT;AAIF;AAmDO,IAAM,kBAAN,MAAsB;AAAA,EACnB,MAAA,GAA2B,IAAA;AAAA,EAC3B,OAAA;AAAA,EACA,cAAA,GAA0C,IAAA;AAAA;AAAA,EAElD,YAAY,OAAA,EAAwB;AAClC,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA,IAAW,IAAI,mBAAA,EAAoB;AAClD,IAAA,OAAA,CAAQ,IAAI,uCAAuC,CAAA;AACnD,IAAA,IAAA,CAAK,qBAAA,EAAsB;AAAA,EAC7B;AAAA,EAEA,MAAc,qBAAA,GAAuC;AACnD,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,OAAA,CAAQ,QAAQ,iBAAiB,CAAA;AAC3D,MAAA,OAAA,CAAQ,GAAA,CAAI,oCAAA,EAAsC,CAAC,CAAC,MAAM,CAAA;AAE1D,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,MAAM,CAAA;AAC/B,QAAA,OAAA,CAAQ,IAAI,sBAAA,EAAwB;AAAA,UAClC,cAAA,EAAgB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,WAAA;AAAA,UAC/B,eAAA,EAAiB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,YAAA;AAAA,UAChC,MAAA,EAAQ,KAAK,MAAA,EAAQ,MAAA;AAAA,UACrB,SAAA,EAAW,KAAK,MAAA,EAAQ,SAAA;AAAA,UACxB,WAAA,EAAa,KAAK,GAAA,EAAI;AAAA,UACtB,YAAA,EAAc,IAAA,CAAK,MAAA,EAAQ,SAAA,GAAA,CAAa,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,IAAK,GAAA,GAAO;AAAA,SACtF,CAAA;AAED,QAAA,IAAI,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,cAAA,EAAe,EAAG;AACxC,UAAA,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAG3C,UAAA,IAAI,IAAA,CAAK,OAAO,YAAA,EAAc;AAC5B,YAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAAA,UAE/E,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,YAAA,MAAM,KAAK,WAAA,EAAY;AAAA,UACzB;AAAA,QACF,CAAA,MAAO;AACL,UAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,QAC3D;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAAA,MAChD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAC/D,MAAA,MAAM,KAAK,WAAA,EAAY;AAAA,IACzB;AAAA,EACF;AAAA,EAEA,MAAc,mBAAA,GAAqC;AACjD,IAAA,IAAI;AACF,MAAA,IAAI,KAAK,MAAA,EAAQ;AACf,QAAA,MAAM,WAAA,GAAc,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,MAAM,CAAA;AAC9C,QAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,iBAAA,EAAmB,WAAW,CAAA;AACzD,QAAA,MAAM,KAAK,OAAA,CAAQ,OAAA,CAAQ,WAAA,EAAa,IAAA,CAAK,OAAO,MAAM,CAAA;AAAA,MAC5D;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAAA,IAChE;AAAA,EACF;AAAA,EAEA,MAAM,UAAU,QAAA,EAAwC;AACtD,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAS,SAAA,GAAY,GAAA;AACpD,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,cAAc,QAAA,CAAS,YAAA;AAAA,MACvB,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,SAAA;AAAA,MACA,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,WAAA,EAAa,SAAS,WAAA,IAAe,IAAA;AAAA,MACrC,SAAA,EAAW,QAAA,CAAS,SAAA,IAAa;AAAC,KACpC;AAEA,IAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,EACjC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA;AAEzB,IAAA,OAAO,KAAK,MAAA,CAAO,WAAA;AAAA,EACrB;AAAA,EAEA,eAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,YAAA,IAAgB,IAAA;AAAA,EACtC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,YAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,MAAA,EAAQ,SAAA,IAAa,EAAC;AAAA,EACpC;AAAA,EAEA,SAAA,GAA8B;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAAqC;AAC9D,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,WAAA,EAA2C;AACjE,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,cAAA,GAA0B;AACxB,IAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,MAAM,SAAA,GAAY,KAAK,MAAA,CAAO,SAAA;AAC9B,IAAA,MAAM,SAAA,GAAY,MAAO,SAAA,GAAY,MAAA;AAErC,IAAA,OAAO,SAAA;AAAA,EACT;AAAA,EAEA,eAAA,GAA2B;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,KAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,cAAA,EAAe,EAAG;AAC1B,MAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,WAAA;AAAA,IACvB;AAGA,IAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,YAAA;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,IAAA,CAAK,MAAA,GAAS,IAAA;AACd,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,iBAAiB,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,kBAAA,GAAuC;AAE3C,IAAA,IAAI,KAAK,cAAA,EAAgB;AACvB,MAAA,OAAA,CAAQ,IAAI,sEAAsE,CAAA;AAClF,MAAA,OAAO,IAAA,CAAK,cAAA;AAAA,IACd;AAEA,IAAA,MAAM,YAAA,GAAe,KAAK,eAAA,EAAgB;AAC1C,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAA,CAAQ,KAAK,8CAA8C,CAAA;AAC3D,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAG3D,IAAA,IAAA,CAAK,kBAAkB,YAAY;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,mBAAmB,CAAA,EAAG;AAAA,UACjF,MAAA,EAAQ,MAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,UAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,cAAc;AAAA,SACtC,CAAA;AAED,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,UAAA,OAAA,CAAQ,GAAA,CAAI,yCAAA,EAA2C,QAAA,CAAS,MAAM,CAAA;AAEtE,UAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,YAAA,IAAI;AACF,cAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,cAAA,OAAA,CAAQ,GAAA,CAAI,oCAAoC,SAAS,CAAA;AAGzD,cAAA,QAAQ,UAAU,UAAA;AAAY,gBAC5B,KAAK,mBAAA;AACH,kBAAA,OAAA,CAAQ,IAAI,wDAAwD,CAAA;AACpE,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA,gBAET,KAAK,eAAA;AAAA,gBACL;AACE,kBAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAC1D,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA;AACX,YACF,SAAS,UAAA,EAAY;AACnB,cAAA,OAAA,CAAQ,IAAA,CAAK,qDAAqD,UAAU,CAAA;AAC5E,cAAA,MAAM,KAAK,WAAA,EAAY;AACvB,cAAA,OAAO,KAAA;AAAA,YACT;AAAA,UACF,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,6EAA6E,CAAA;AACzF,YAAA,OAAO,KAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,MAAM,eAAA,GAAkB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC5C,QAAA,OAAA,CAAQ,GAAA,CAAI,gDAAA,EAAkD,eAAA,CAAgB,SAAA,EAAW,SAAS,CAAA;AAElG,QAAA,IAAI,KAAK,MAAA,EAAQ;AAEf,UAAA,IAAA,CAAK,MAAA,CAAO,cAAc,eAAA,CAAgB,WAAA;AAC1C,UAAA,IAAA,CAAK,MAAA,CAAO,eAAe,eAAA,CAAgB,YAAA;AAC3C,UAAA,IAAA,CAAK,MAAA,CAAO,YAAY,eAAA,CAAgB,SAAA;AACxC,UAAA,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,gBAAgB,SAAA,GAAY,GAAA;AACjE,UAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,UAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,OAAA,CAAQ,MAAM,oCAAoC,CAAA;AAClD,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,sCAAsC,KAAK,CAAA;AAEzD,QAAA,OAAO,KAAA;AAAA,MACT,CAAA,SAAE;AAEA,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AACtB,QAAA,OAAA,CAAQ,IAAI,kDAAkD,CAAA;AAAA,MAChE;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,OAAO,IAAA,CAAK,cAAA;AAAA,EACd;AAAA,EAEA,aAAA,GAA+B;AAC7B,IAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,EAAe;AAClC,IAAA,OAAO,KAAA,GAAQ,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,GAAK,IAAA;AAAA,EACrC;AACF;AAGO,IAAM,eAAA,GAAkB,IAAI,eAAA;AAK5B,SAAS,sBAAsB,OAAA,EAAwC;AAC5E,EAAA,OAAO,IAAI,gBAAgB,OAAO,CAAA;AACpC;AAIA,eAAsB,MAAA,CAAO,UAA2B,eAAA,EAAgC;AACtF,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAM,iBAAA,CAAkB,CAAA,EAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,QAC/D,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,aAAA,EAAe,UAAA;AAAA,UACf,cAAA,EAAgB;AAAA;AAClB,OACD,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,uBAAuB,KAAK,CAAA;AAAA,EAC5C,CAAA,SAAE;AACA,IAAA,MAAM,QAAQ,WAAA,EAAY;AAAA,EAC5B;AACF;AAEA,eAAsB,WAAA,CAAY,UAA2B,eAAA,EAAiD;AAC5G,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAA,CAAQ,IAAI,iDAAiD,CAAA;AAC7D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,MAChF,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,EAAE,aAAA,EAAe,UAAA;AAAW,KACtC,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,OAAA,CAAQ,GAAA,CAAI,kCAAA,EAAoC,QAAA,CAAS,MAAM,CAAA;AAE/D,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,UAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,SAAS,CAAA;AAGjD,UAAA,QAAQ,UAAU,UAAA;AAAY,YAC5B,KAAK,eAAA;AACH,cAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,cAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,cAAA,IAAI,cAAA,EAAgB;AAClB,gBAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AACvE,gBAAA,OAAO,MAAM,YAAY,OAAO,CAAA;AAAA,cAClC,CAAA,MAAO;AACL,gBAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AACzD,gBAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,gBAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,cACxB;AAAA,YAEF,KAAK,mBAAA;AACH,cAAA,OAAA,CAAQ,IAAI,qDAAqD,CAAA;AACjE,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,YAExB,KAAK,eAAA;AAAA,YACL;AACE,cAAA,OAAA,CAAQ,IAAI,sCAAsC,CAAA;AAClD,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA;AAC1B,QACF,SAAS,UAAA,EAAY;AACnB,UAAA,OAAA,CAAQ,IAAA,CAAK,6CAA6C,UAAU,CAAA;AACpE,UAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,UAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,QACxB;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,yDAAyD,CAAA;AACrE,QAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,MACxB;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,IAAA,OAAA,CAAQ,GAAA,CAAI,wCAAwC,cAAc,CAAA;AAElE,IAAA,IAAI,eAAe,KAAA,EAAO;AACxB,MAAA,IAAI,OAAO,cAAA,CAAe,WAAA,KAAgB,SAAA,EAAW;AACnD,QAAA,MAAM,OAAA,CAAQ,oBAAA,CAAqB,cAAA,CAAe,WAAW,CAAA;AAAA,MAC/D;AAEA,MAAA,IAAI,OAAA,CAAQ,WAAU,EAAG;AACvB,QAAA,IAAI,cAAA,CAAe,gBAAgB,KAAA,CAAA,EAAW;AAC5C,UAAA,MAAM,OAAA,CAAQ,iBAAA,CAAkB,cAAA,CAAe,WAAW,CAAA;AAAA,QAC5D;AAAA,MAEF;AAAA,IACF;AAEA,IAAA,OAAO,cAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAC9D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AACF;AAEA,eAAsB,gBAAA,CAAiB,UAA2B,eAAA,EAAmC;AAEnG,EAAA,IAAI,QAAQ,eAAA,EAAgB,IAAK,CAAC,OAAA,CAAQ,gBAAe,EAAG;AAC1D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,8DAA8D,CAAA;AAG1E,EAAA,MAAM,YAAA,GAAe,QAAQ,eAAA,EAAgB;AAC7C,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,OAAA,CAAQ,IAAI,mEAAmE,CAAA;AAC/E,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,OAAA,CAAQ,GAAA,CAAI,iCAAiC,cAAc,CAAA;AAC3D,IAAA,OAAO,cAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAC7E,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,mBACpB,GAAA,EACA,OAAA,GAAuB,EAAC,EACxB,UAA2B,eAAA,EACR;AACnB,EAAA,MAAM,aAAA,GAAgB,MAAM,gBAAA,CAAiB,OAAO,CAAA;AACpD,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,EAC3D;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,EACvD;AAEA,EAAA,MAAM,gBAAA,GAAmB,kBAAkB,GAAG,CAAA;AAC9C,EAAA,MAAM,cAAA,GAA8B;AAAA,IAClC,GAAG,OAAA;AAAA,IACH,OAAA,EAAS;AAAA,MACP,GAAG,OAAA,CAAQ,OAAA;AAAA,MACX,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB;AAAA;AAClB,GACF;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,gBAAA,EAAkB,cAAc,CAAA;AAG7D,EAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,EAAc;AAC5C,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,cAAA,CAAe,OAAA,GAAU;AAAA,UACvB,GAAG,cAAA,CAAe,OAAA;AAAA,UAClB,aAAA,EAAe;AAAA,SACjB;AACA,QAAA,OAAO,KAAA,CAAM,kBAAkB,cAAc,CAAA;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,QAAA;AACT;AAIA,eAAsB,eAAA,CAAgB,QAAgB,OAAA,EAA+D;AACnH,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,iBAAiB,CAAA,EAAG;AAAA,IAC/E,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,QAAQ;AAAA,GAChC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,cAAc,CAAA;AAClE,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,cAAA,EAAiB,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EACjE;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,cAAA,CAAe,KAAA,EAAe,IAAA,EAAc,OAAA,EAA+D;AAC/H,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,6BAA6B,CAAA,EAAG;AAAA,IAC3F,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,MAAM,IAAA,CAAK,SAAA,CAAU,EAAE,KAAA,EAAO,MAAM;AAAA,GACrC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,2BAA2B,CAAA;AAC/E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC9E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,iBAAA,CAAkB,cAQrC,OAAA,EAA+D;AAChE,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,0BAA0B,CAAA,EAAG;AAAA,IACxF,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,YAAY;AAAA,GAClC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,uBAAuB,CAAA;AAC3E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uBAAA,EAA0B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,kBAAA,CAAmB,UAA2B,eAAA,EAAmC;AACrG,EAAA,IAAI;AACF,IAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,OAAO,CAAA;AAC9C,IAAA,IAAI,YAAA,EAAc,KAAA,IAAS,OAAO,YAAA,CAAa,gBAAgB,SAAA,EAAW;AACxE,MAAA,OAAO,YAAA,CAAa,WAAA;AAAA,IACtB;AACA,IAAA,OAAO,KAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF","file":"index.js","sourcesContent":["/**\n * Base64URL encoding/decoding utilities\n * Used for WebAuthn and JWT operations\n */\n\n/**\n * Convert ArrayBuffer to Base64URL string\n * @param buffer - ArrayBuffer to convert\n * @returns Base64URL encoded string\n */\nexport function arrayBufferToBase64url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/g, '');\n}\n\n/**\n * Convert Base64URL string to Uint8Array\n * @param base64url - Base64URL string to convert\n * @returns Uint8Array\n */\nexport function base64urlToUint8Array(base64url: string): Uint8Array {\n const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');\n const pad = base64.length % 4 ? 4 - (base64.length % 4) : 0;\n const padded = base64 + '='.repeat(pad);\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n}\n\n/**\n * Convert ArrayBuffer to standard Base64 string (not URL-safe)\n * @param buffer - ArrayBuffer to convert\n * @returns Base64 encoded string\n */\nexport function arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n","/**\n * Storage abstraction layer for tokens and keyshares\n * Allows the core package to work in both browser and Node.js environments\n */\n\n/**\n * Storage interface for storing key-value pairs\n * Can be implemented for different storage backends (localStorage, Redis, memory, etc.)\n */\nexport interface TokenStorage {\n /**\n * Get item from storage\n * @param key - Storage key\n * @returns Value or null if not found\n */\n getItem(key: string): Promise<string | null> | string | null;\n\n /**\n * Set item in storage\n * @param key - Storage key\n * @param value - Value to store\n */\n setItem(key: string, value: string): Promise<void> | void;\n\n /**\n * Remove item from storage\n * @param key - Storage key\n */\n removeItem(key: string): Promise<void> | void;\n}\n\n/**\n * In-memory storage adapter\n * Useful for server-side usage where persistence is not required\n */\nexport class MemoryStorage implements TokenStorage {\n private storage = new Map<string, string>();\n\n getItem(key: string): string | null {\n return this.storage.get(key) || null;\n }\n\n setItem(key: string, value: string): void {\n this.storage.set(key, value);\n }\n\n removeItem(key: string): void {\n this.storage.delete(key);\n }\n\n /**\n * Clear all items from memory storage\n */\n clear(): void {\n this.storage.clear();\n }\n\n /**\n * Get all keys in storage\n */\n keys(): string[] {\n return Array.from(this.storage.keys());\n }\n\n /**\n * Get number of items in storage\n */\n get size(): number {\n return this.storage.size;\n }\n}\n\n/**\n * LocalStorage adapter for browser environments\n * Falls back to memory storage if localStorage is not available\n */\nexport class LocalStorageAdapter implements TokenStorage {\n private fallback: MemoryStorage | null = null;\n\n constructor() {\n // Check if localStorage is available\n if (!this.isLocalStorageAvailable()) {\n console.warn('[Storage] localStorage not available, falling back to memory storage');\n this.fallback = new MemoryStorage();\n }\n }\n\n private isLocalStorageAvailable(): boolean {\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const storage = win ? win.localStorage : undefined;\n if (!storage) {\n return false;\n }\n // Test if we can actually use localStorage (some browsers block it in private mode)\n const testKey = '__lumia_storage_test__';\n storage.setItem(testKey, 'test');\n storage.removeItem(testKey);\n return true;\n } catch {\n return false;\n }\n }\n\n getItem(key: string): string | null {\n if (this.fallback) {\n return this.fallback.getItem(key);\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const value = win?.localStorage?.getItem(key) || null;\n return value;\n } catch (error) {\n console.error('[Storage] Error reading from localStorage:', error);\n return null;\n }\n }\n\n setItem(key: string, value: string): void {\n if (this.fallback) {\n this.fallback.setItem(key, value);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.setItem(key, value);\n } catch (error) {\n console.error('[Storage] Error writing to localStorage:', error);\n // Initialize fallback if localStorage fails\n if (!this.fallback) {\n this.fallback = new MemoryStorage();\n this.fallback.setItem(key, value);\n }\n }\n }\n\n removeItem(key: string): void {\n if (this.fallback) {\n this.fallback.removeItem(key);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.removeItem(key);\n } catch (error) {\n console.error('[Storage] Error removing from localStorage:', error);\n }\n }\n}\n\n/**\n * Keyshare storage interface (same as TokenStorage but with a different name for clarity)\n */\nexport interface KeyshareStorage extends TokenStorage {}\n\n/**\n * Helper to normalize storage operations to always be async\n * This allows mixing sync and async storage implementations\n */\nexport async function storageGet(\n storage: TokenStorage,\n key: string\n): Promise<string | null> {\n const result = storage.getItem(key);\n return result instanceof Promise ? await result : result;\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageSet(\n storage: TokenStorage,\n key: string,\n value: string\n): Promise<void> {\n const result = storage.setItem(key, value);\n if (result instanceof Promise) {\n await result;\n }\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageRemove(\n storage: TokenStorage,\n key: string\n): Promise<void> {\n const result = storage.removeItem(key);\n if (result instanceof Promise) {\n await result;\n }\n}\n","/**\n * Project ID management for Lumia Passport Core\n * Adapted to work in both browser and Node.js environments\n */\n\nlet globalProjectId: string | undefined;\n\n/**\n * Set the global project ID\n * @param projectId - The project ID to set\n */\nexport function setProjectId(projectId: string): void {\n globalProjectId = projectId;\n}\n\n/**\n * Get the current project ID\n * Priority: 1. Explicitly set via setProjectId(), 2. window.__LUMIA_PROJECT_ID__ (browser only)\n */\nexport function getProjectId(): string | undefined {\n // First check explicitly set projectId\n if (globalProjectId) {\n return globalProjectId;\n }\n\n // Fallback to window global (browser only)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n return ((globalThis as any).window as any).__LUMIA_PROJECT_ID__;\n }\n\n return undefined;\n}\n\n/**\n * Add projectId to URL query parameters\n * @param url - The URL to add projectId to\n * @param projectId - Optional explicit projectId (uses getProjectId() if not provided)\n */\nexport function addProjectIdToUrl(url: string, projectId?: string): string {\n try {\n const pid = projectId || getProjectId();\n if (pid) {\n const separator = url.includes('?') ? '&' : '?';\n return `${url}${separator}projectId=${encodeURIComponent(pid)}`;\n }\n } catch (error) {\n // Silently fail and return original URL\n }\n return url;\n}\n\n/**\n * Clear the globally set project ID\n */\nexport function clearProjectId(): void {\n globalProjectId = undefined;\n}\n","/**\n * JWT Token Management\n * Adapted from lumia-passport-ui-kit/src/internal/auth/jwt.ts\n * Browser-specific features (passkey auth) remain in UI kit\n */\n\nimport type { TokenStorage } from './storage';\nimport { LocalStorageAdapter } from './storage';\nimport { addProjectIdToUrl } from '../utils/project-id';\n\n// Token storage keys\nconst TOKEN_STORAGE_KEY = 'lumia-passport-jwt-tokens';\nconst USER_ID_KEY = 'lumia-passport-current-user-id';\n\n// Build-time injected URLs (tsup.define)\ndeclare const __LUMIA_TSS_URL__: string;\ndeclare const __LUMIA_BUNDLER_URL__: string;\ndeclare const __LUMIA_SHARE_VAULT_URL__: string;\n\n// Service URL provider - will be set by config\nlet tssUrlProvider: (() => string) | undefined;\n\n/**\n * Configure JWT module with service URLs\n * Call this from createLumiaPassportCore (backend usage)\n */\nexport function configureJwtModule(config: {\n tssUrl?: string;\n projectId?: string;\n}) {\n if (config.tssUrl) {\n tssUrlProvider = () => config.tssUrl!;\n }\n // Note: projectId is now handled via addProjectIdToUrl from utils/project-id\n // which reads from window.__LUMIA_PROJECT_ID__ or can be set via setProjectId()\n}\n\n// Build-time default from .env (will be replaced by tsup define)\nconst BUILD_TSS_URL = (typeof __LUMIA_TSS_URL__ !== 'undefined' && __LUMIA_TSS_URL__) || '';\n\nfunction getTssUrl(): string {\n // Priority: runtime config > window.__LUMIA_SERVICES__ > build-time default > hardcoded fallback\n\n // 1. Runtime config (backend usage via configureJwtModule)\n if (tssUrlProvider) {\n return tssUrlProvider();\n }\n\n // 2. Browser runtime config from LumiaPassportProvider (window.__LUMIA_SERVICES__)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n const services = ((globalThis as any).window as any).__LUMIA_SERVICES__;\n if (services?.tssUrl) {\n return services.tssUrl;\n }\n }\n\n // 3. Build-time injected default (from .env during pnpm build)\n if (BUILD_TSS_URL) {\n return BUILD_TSS_URL;\n }\n\n // 4. Hardcoded fallback\n return 'http://localhost:9256';\n}\n\n// addProjectIdToUrl is imported from '../utils/project-id'\n// It automatically reads from window.__LUMIA_PROJECT_ID__ or global setProjectId()\n\n// Types\nexport interface JwtTokens {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n expiresAt: number;\n hasKeyshare?: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface LoginResponse {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n hasKeyshare: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface RefreshResponse {\n accessToken: string;\n refreshToken: string;\n expiresIn: number;\n}\n\nexport interface VerifyResponse {\n valid: boolean;\n userId?: string;\n sessionId?: string;\n exp?: number;\n hasKeyshare?: boolean;\n displayName?: string | null;\n avatar?: string | null;\n}\n\n/**\n * JWT Token Manager\n * Handles token storage, refresh, and validation\n */\nexport class JwtTokenManager {\n private tokens: JwtTokens | null = null;\n private storage: TokenStorage;\n private refreshPromise: Promise<boolean> | null = null; // Mutex for refresh operations\n\n constructor(storage?: TokenStorage) {\n this.storage = storage || new LocalStorageAdapter();\n console.log('[JWT] JwtTokenManager initializing...');\n this.loadTokensFromStorage();\n }\n\n private async loadTokensFromStorage(): Promise<void> {\n try {\n const stored = await this.storage.getItem(TOKEN_STORAGE_KEY);\n console.log('[JWT] Loading tokens from storage:', !!stored);\n\n if (stored) {\n this.tokens = JSON.parse(stored);\n console.log('[JWT] Parsed tokens:', {\n hasAccessToken: !!this.tokens?.accessToken,\n hasRefreshToken: !!this.tokens?.refreshToken,\n userId: this.tokens?.userId,\n expiresAt: this.tokens?.expiresAt,\n currentTime: Date.now(),\n timeToExpiry: this.tokens?.expiresAt ? (this.tokens.expiresAt - Date.now()) / 1000 : 'N/A'\n });\n\n if (this.tokens && this.isTokenExpired()) {\n console.log('[JWT] Access token is expired');\n\n // Check if we have a refresh token to attempt renewal\n if (this.tokens.refreshToken) {\n console.log('[JWT] Refresh token available, will attempt renewal when needed');\n // Keep tokens - they will be refreshed on the first API call via ensureValidToken()\n } else {\n console.log('[JWT] No refresh token available, clearing tokens');\n await this.clearTokens();\n }\n } else {\n console.log('[JWT] Access token is valid, keeping tokens');\n }\n } else {\n console.log('[JWT] No tokens found in storage');\n }\n } catch (error) {\n console.error('[JWT] Error loading tokens from storage:', error);\n await this.clearTokens();\n }\n }\n\n private async saveTokensToStorage(): Promise<void> {\n try {\n if (this.tokens) {\n const tokenString = JSON.stringify(this.tokens);\n await this.storage.setItem(TOKEN_STORAGE_KEY, tokenString);\n await this.storage.setItem(USER_ID_KEY, this.tokens.userId);\n }\n } catch (error) {\n console.error('[JWT] Failed to save tokens to storage:', error);\n }\n }\n\n async setTokens(response: LoginResponse): Promise<void> {\n const expiresAt = Date.now() + response.expiresIn * 1000;\n this.tokens = {\n accessToken: response.accessToken,\n refreshToken: response.refreshToken,\n userId: response.userId,\n expiresIn: response.expiresIn,\n expiresAt,\n hasKeyshare: response.hasKeyshare,\n isNewUser: response.isNewUser,\n avatar: response.avatar ?? null,\n displayName: response.displayName ?? null,\n providers: response.providers ?? []\n };\n\n await this.saveTokensToStorage();\n }\n\n getAccessToken(): string | null {\n if (!this.tokens) return null;\n // Return access token even if expired - ensureValidToken() will handle refresh\n return this.tokens.accessToken;\n }\n\n getRefreshToken(): string | null {\n return this.tokens?.refreshToken || null;\n }\n\n getUserId(): string | null {\n return this.tokens?.userId || null;\n }\n\n getHasKeyshare(): boolean | null {\n return this.tokens?.hasKeyshare ?? null;\n }\n\n getAvatar(): string | null {\n return this.tokens?.avatar || null;\n }\n\n getDisplayName(): string | null {\n return this.tokens?.displayName || null;\n }\n\n getProviders(): string[] {\n return this.tokens?.providers ?? [];\n }\n\n getTokens(): JwtTokens | null {\n return this.tokens;\n }\n\n async updateKeyshareStatus(hasKeyshare: boolean): Promise<void> {\n if (this.tokens) {\n this.tokens.hasKeyshare = hasKeyshare;\n await this.saveTokensToStorage();\n }\n }\n\n async updateDisplayName(displayName: string | null): Promise<void> {\n if (this.tokens) {\n this.tokens.displayName = displayName;\n await this.saveTokensToStorage();\n }\n }\n\n isTokenExpired(): boolean {\n if (!this.tokens) {\n return true;\n }\n\n const buffer = 30 * 1000; // 30 seconds buffer\n const now = Date.now();\n const expiresAt = this.tokens.expiresAt;\n const isExpired = now > (expiresAt - buffer);\n\n return isExpired;\n }\n\n isAuthenticated(): boolean {\n // Consider authenticated if we have either valid access token OR refresh token\n if (!this.tokens) return false;\n\n if (!this.isTokenExpired()) {\n return !!this.tokens.accessToken;\n }\n\n // If access token is expired but we have refresh token, we're still authenticated\n return !!this.tokens.refreshToken;\n }\n\n async clearTokens(): Promise<void> {\n this.tokens = null;\n await this.storage.removeItem(TOKEN_STORAGE_KEY);\n await this.storage.removeItem(USER_ID_KEY);\n }\n\n async refreshAccessToken(): Promise<boolean> {\n // If refresh is already in progress, wait for it to complete\n if (this.refreshPromise) {\n console.log('[JWT] Refresh already in progress, waiting for existing operation...');\n return this.refreshPromise;\n }\n\n const refreshToken = this.getRefreshToken();\n if (!refreshToken) {\n console.warn('[JWT] No refresh token available for refresh');\n return false;\n }\n\n console.log('[JWT] Starting new token refresh operation...');\n\n // Create and store the refresh promise (mutex pattern)\n this.refreshPromise = (async () => {\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/refresh`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ refreshToken })\n });\n\n if (!response.ok) {\n console.log('[JWT] Token refresh failed with status:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] Refresh 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Refresh token session not found, clearing tokens');\n await this.clearTokens();\n return false;\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid refresh token, clearing tokens');\n await this.clearTokens();\n return false;\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse refresh 401 error response:', parseError);\n await this.clearTokens();\n return false;\n }\n } else {\n console.log('[JWT] Non-401 error during refresh, keeping tokens (might be network error)');\n return false;\n }\n }\n\n const refreshResponse = await response.json() as RefreshResponse;\n console.log('[JWT] Token refresh successful, new expiry in:', refreshResponse.expiresIn, 'seconds');\n\n if (this.tokens) {\n // Update both access and refresh tokens (token rotation)\n this.tokens.accessToken = refreshResponse.accessToken;\n this.tokens.refreshToken = refreshResponse.refreshToken;\n this.tokens.expiresIn = refreshResponse.expiresIn;\n this.tokens.expiresAt = Date.now() + refreshResponse.expiresIn * 1000;\n await this.saveTokensToStorage();\n console.log('[JWT] Refreshed tokens saved to storage');\n return true;\n }\n\n console.error('[JWT] No existing tokens to update');\n return false;\n } catch (error) {\n console.error('[JWT] Token refresh network error:', error);\n // Don't clear tokens on network errors - might be temporary\n return false;\n } finally {\n // Clear the mutex when operation completes (success or failure)\n this.refreshPromise = null;\n console.log('[JWT] Refresh operation completed, mutex cleared');\n }\n })();\n\n return this.refreshPromise;\n }\n\n getAuthHeader(): string | null {\n const token = this.getAccessToken();\n return token ? `Bearer ${token}` : null;\n }\n}\n\n// Default instance with LocalStorage\nexport const jwtTokenManager = new JwtTokenManager();\n\n/**\n * Create a custom JWT token manager with specific storage\n */\nexport function createJwtTokenManager(storage: TokenStorage): JwtTokenManager {\n return new JwtTokenManager(storage);\n}\n\n// Authentication functions\n\nexport async function logout(manager: JwtTokenManager = jwtTokenManager): Promise<void> {\n try {\n const authHeader = manager.getAuthHeader();\n if (authHeader) {\n await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/logout`), {\n method: 'POST',\n headers: {\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n });\n }\n } catch (error) {\n console.error('[JWT] Logout error:', error);\n } finally {\n await manager.clearTokens();\n }\n}\n\nexport async function verifyToken(manager: JwtTokenManager = jwtTokenManager): Promise<VerifyResponse | null> {\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n console.log('[JWT] No auth header available for verification');\n return { valid: false };\n }\n\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/verify`), {\n method: 'GET',\n headers: { Authorization: authHeader }\n });\n\n if (!response.ok) {\n console.log('[JWT] Token verification failed:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'TOKEN_EXPIRED':\n console.log('[JWT] Access token expired, attempting refresh...');\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n console.log('[JWT] Token refreshed successfully, retrying verification');\n return await verifyToken(manager);\n } else {\n console.log('[JWT] Token refresh failed, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Session not found or revoked, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid token, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse 401 error response:', parseError);\n await manager.clearTokens();\n return { valid: false };\n }\n } else {\n console.log('[JWT] Non-401 error during verification, keeping tokens');\n return { valid: false };\n }\n }\n\n const verifyResponse = await response.json() as VerifyResponse;\n console.log('[JWT] Token verification successful:', verifyResponse);\n\n if (verifyResponse.valid) {\n if (typeof verifyResponse.hasKeyshare === 'boolean') {\n await manager.updateKeyshareStatus(verifyResponse.hasKeyshare);\n }\n // Update displayName and avatar if present\n if (manager.getTokens()) {\n if (verifyResponse.displayName !== undefined) {\n await manager.updateDisplayName(verifyResponse.displayName);\n }\n // Avatar update would need similar method\n }\n }\n\n return verifyResponse;\n } catch (error) {\n console.error('[JWT] Token verification network error:', error);\n return { valid: false };\n }\n}\n\nexport async function ensureValidToken(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n // Check if current access token is valid (not expired)\n if (manager.isAuthenticated() && !manager.isTokenExpired()) {\n return true;\n }\n\n console.log('[JWT] Access token expired or missing, attempting refresh...');\n\n // Try to refresh using refresh token\n const refreshToken = manager.getRefreshToken();\n if (refreshToken) {\n console.log('[JWT] Refresh token available, attempting to refresh access token');\n const refreshSuccess = await manager.refreshAccessToken();\n console.log('[JWT] Refresh attempt result:', refreshSuccess);\n return refreshSuccess;\n }\n\n console.log('[JWT] No refresh token available, user needs to re-authenticate');\n return false;\n}\n\nexport async function authenticatedFetch(\n url: string,\n options: RequestInit = {},\n manager: JwtTokenManager = jwtTokenManager\n): Promise<Response> {\n const hasValidToken = await ensureValidToken(manager);\n if (!hasValidToken) {\n throw new Error('No valid authentication token available');\n }\n\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n throw new Error('Failed to get authentication header');\n }\n\n const urlWithProjectId = addProjectIdToUrl(url);\n const requestOptions: RequestInit = {\n ...options,\n headers: {\n ...options.headers,\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n };\n\n const response = await fetch(urlWithProjectId, requestOptions);\n\n // Handle 401 by attempting token refresh\n if (response.status === 401) {\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n const newAuthHeader = manager.getAuthHeader();\n if (newAuthHeader) {\n requestOptions.headers = {\n ...requestOptions.headers,\n Authorization: newAuthHeader\n };\n return fetch(urlWithProjectId, requestOptions);\n }\n }\n }\n\n return response;\n}\n\n// Login functions (non-passkey)\n\nexport async function loginWithUserId(userId: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ userId })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Login failed');\n throw new Error(`Login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithEmail(email: string, code: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/email/verify-code`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ email, code })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Email verification failed');\n throw new Error(`Email verification failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithTelegram(telegramData: {\n id: number;\n first_name: string;\n last_name?: string;\n username?: string;\n photo_url?: string;\n auth_date: number;\n hash: string;\n}, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/telegram/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(telegramData)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Telegram login failed');\n throw new Error(`Telegram login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function syncKeyshareStatus(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n try {\n const verification = await verifyToken(manager);\n if (verification?.valid && typeof verification.hasKeyshare === 'boolean') {\n return verification.hasKeyshare;\n }\n return false;\n } catch {\n return false;\n }\n}\n"]}