@monetize.software/sdk-extension 3.0.0-alpha.3 → 3.0.0-alpha.5

package/dist/chunks/{chrome-port-DPFUj1MP.js → chrome-port-rPi6zrjD.js}

@@ -3,7 +3,7 @@ class o extends Error {
     super(e), this.name = "PaywallError", this.code = t, this.status = s.status, this.cause = s.cause;
   }
 }
-class N extends o {
+class F extends o {
   constructor(t) {
     super("not_enough_queries", t.message ?? "Not enough queries", {
       status: 402
@@ -40,10 +40,10 @@ class P {
     return f;
   }
 }
-function D() {
+function x() {
   return typeof chrome < "u" && !!chrome?.storage?.local && !!chrome?.runtime?.id;
 }
-const x = {
+const H = {
   getItem(i) {
     return new Promise((t) => {
       chrome.storage.local.get([i], (e) => {
@@ -101,19 +101,19 @@ const x = {
     };
     return window.addEventListener("storage", e), () => window.removeEventListener("storage", e);
   }
-}, b = /* @__PURE__ */ new Map(), H = {
+}, S = /* @__PURE__ */ new Map(), V = {
   async getItem(i) {
-    return b.get(i) ?? null;
+    return S.get(i) ?? null;
   },
   async setItem(i, t) {
-    b.set(i, t);
+    S.set(i, t);
   },
   async removeItem(i) {
-    b.delete(i);
+    S.delete(i);
   }
 };
 function R(i) {
-  return i || (D() ? x : typeof window < "u" && "localStorage" in window ? J : H);
+  return i || (x() ? H : typeof window < "u" && "localStorage" in window ? J : V);
 }
 const y = {
   visitorId: "pw-visitor-id",
@@ -145,7 +145,7 @@ const y = {
   // (оптимистично через `decrementBalanceLocal`).
   balances: (i, t) => `pw-${i}-${t}-balances-v1`
 };
-function M() {
+function D() {
   const i = typeof globalThis < "u" ? globalThis.crypto : void 0;
   if (i && typeof i.randomUUID == "function") return i.randomUUID();
   const t = new Uint8Array(16);
@@ -157,13 +157,13 @@ function M() {
   const e = Array.from(t, (s) => s.toString(16).padStart(2, "0")).join("");
   return `${e.slice(0, 8)}-${e.slice(8, 12)}-${e.slice(12, 16)}-${e.slice(16, 20)}-${e.slice(20)}`;
 }
-async function B(i) {
+async function _(i) {
   try {
     const e = await i.getItem(y.visitorId);
     if (e && typeof e == "string" && e.length >= 16) return e;
   } catch {
   }
-  const t = M();
+  const t = D();
   try {
     await i.setItem(y.visitorId, t);
   } catch {
@@ -183,10 +183,10 @@ function I(i) {
   for (let e = 0; e < i.length; e++) t += String.fromCharCode(i[e]);
   return btoa(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
-function V() {
+function j() {
   return I(q(64));
 }
-async function j(i) {
+async function G(i) {
   const t = new TextEncoder().encode(i), e = globalThis.crypto;
   if (!e?.subtle?.digest)
     throw new Error("crypto.subtle is required for PKCE");
@@ -196,12 +196,17 @@ async function j(i) {
 function X() {
   return I(q(16));
 }
-const z = "https://appbox.space", G = 6e4, Q = 600 * 1e3;
-class mt {
+const z = 6e4, Q = 600 * 1e3;
+class wt {
   constructor(t) {
     if (this.session = null, this.inflightRefresh = null, this.inflightAnonSignin = null, this.listeners = /* @__PURE__ */ new Set(), this.storageUnwatch = null, this.destroyed = !1, this.oauthFlows = /* @__PURE__ */ new Map(), !t.paywallId)
       throw new o("invalid_config", "paywallId is required");
-    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? z, this.storage = R(t.storage), this.api = new P({
+    if (!t.apiOrigin)
+      throw new o(
+        "invalid_config",
+        "apiOrigin is required. Pass the paywall custom_domain configured in the platform."
+      );
+    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin, this.storage = R(t.storage), this.api = new P({
       apiOrigin: this.apiOrigin,
       paywallId: t.paywallId,
       fetch: t.fetch
@@ -227,14 +232,15 @@ class mt {
   async applyExternalSession(t) {
     if (!this.destroyed && (await this.hydrated, !this.destroyed)) {
       if (t == null) {
-        this.session && this.setSession(null, { skipPersist: !0 });
+        this.session && this.setSession(null, { skipPersist: !0, event: "SIGNED_OUT" });
         return;
       }
       try {
         const e = JSON.parse(t);
         if (!e || typeof e.access_token != "string" || typeof e.refresh_token != "string" || typeof e.expires_at != "number" || !e.user)
           return;
-        this.setSession(e, { skipPersist: !0 });
+        const s = !this.session || this.session.user.id !== e.user.id ? "SIGNED_IN" : "TOKEN_REFRESHED";
+        this.setSession(e, { skipPersist: !0, event: s });
       } catch {
       }
     }
@@ -291,7 +297,7 @@ class mt {
         })
       }
     ), n = this.toSession(a, a.user);
-    return this.setSession(n), n;
+    return this.setSession(n, { event: "SIGNED_IN" }), n;
   }
   /**
    * Signup. Если в Supabase включён email confirm — сервер возвращает
@@ -319,7 +325,7 @@ class mt {
     if (a.status === "confirmation_required")
       return { kind: "confirmation_required", user: a.user };
     const n = this.toSession(a, a.user);
-    return this.setSession(n), { kind: "signed_in", session: n };
+    return this.setSession(n, { event: "SIGNED_IN" }), { kind: "signed_in", session: n };
   }
   /**
    * Повторная отправка confirmation-email после signUp с включённым
@@ -382,8 +388,8 @@ class mt {
           user_meta: t.userMeta
         })
       }
-    ), a = this.toSession(s, s.user);
-    return this.setSession(a), a;
+    ), a = this.toSession(s, s.user), n = t.type === "recovery" ? "PASSWORD_RECOVERY" : "SIGNED_IN";
+    return this.setSession(a, { event: n }), a;
   }
   /**
    * Запрос recovery email. Бэк всегда ok, чтобы не палить enumeration.
@@ -475,7 +481,7 @@ class mt {
         email: s.user.email ?? null,
         is_anonymous: !0
       }, n = this.toSession(s, a);
-      return this.setSession(n), await this.writeAnonRefreshToken(n.refresh_token), n;
+      return this.setSession(n, { event: "SIGNED_IN" }), await this.writeAnonRefreshToken(n.refresh_token), n;
     })();
     try {
       return await this.inflightAnonSignin;
@@ -497,7 +503,7 @@ class mt {
         `/api/v1/paywall/${this.paywallId}/auth/refresh`,
         { method: "POST", body: JSON.stringify({ refresh_token: t }) }
       ), s = this.session?.user.is_anonymous === !0 ? this.session.user : { id: "", email: null, is_anonymous: !0 }, a = this.toSession(e, s);
-      return this.setSession(a), await this.writeAnonRefreshToken(a.refresh_token), a;
+      return this.setSession(a, { event: "SIGNED_IN" }), await this.writeAnonRefreshToken(a.refresh_token), a;
     } catch (e) {
       if (e instanceof o && e.status === 401)
         return await this.clearAnonRefreshToken(), null;
@@ -560,7 +566,7 @@ class mt {
       email: a.user.email,
       is_anonymous: a.user.is_anonymous ?? !1
     }, l = { ...n, user: r };
-    return this.setSession(l), await this.clearAnonRefreshToken(), { kind: "updated", session: l };
+    return this.setSession(l, { event: "USER_UPDATED" }), await this.clearAnonRefreshToken(), { kind: "updated", session: l };
   }
   /**
    * OAuth signin через popup с PKCE. Жизненный цикл:
@@ -617,7 +623,7 @@ class mt {
    */
   async startOAuthFlow(t) {
     await this.hydrated, this.gcOAuthFlows();
-    const e = V(), s = await j(e), a = X(), n = {}, r = await this.getAccessToken().catch(() => null);
+    const e = j(), s = await G(e), a = X(), n = {}, r = await this.getAccessToken().catch(() => null);
     r && (n.Authorization = `Bearer ${r}`);
     const { authorize_url: l } = await this.api.request(
       `/api/v1/paywall/${this.paywallId}/auth/oauth/init`,
@@ -671,7 +677,7 @@ class mt {
     if (this.destroyed)
       throw new o("aborted", "AuthClient destroyed mid-flow");
     const n = this.toSession(a, a.user);
-    return this.setSession(n), n;
+    return this.setSession(n, { event: "SIGNED_IN" }), n;
   }
   gcOAuthFlows() {
     const t = Date.now() - Q;
@@ -700,10 +706,10 @@ class mt {
             body: JSON.stringify({ refresh_token: t })
           }
         ), a = this.toSession(s, e);
-        return this.setSession(a), e.is_anonymous === !0 && await this.writeAnonRefreshToken(a.refresh_token), a;
+        return this.setSession(a, { event: "TOKEN_REFRESHED" }), e.is_anonymous === !0 && await this.writeAnonRefreshToken(a.refresh_token), a;
       } catch (s) {
         if (s instanceof o && s.status === 401)
-          return e.is_anonymous === !0 && await this.clearAnonRefreshToken(), this.setSession(null), null;
+          return e.is_anonymous === !0 && await this.clearAnonRefreshToken(), this.setSession(null, { event: "SIGNED_OUT" }), null;
         throw s;
       } finally {
         this.inflightRefresh = null;
@@ -736,7 +742,7 @@ class mt {
         method: "POST",
         headers: { Authorization: `Bearer ${t}` }
       }
-    ), this.setSession(null);
+    ), this.setSession(null, { event: "SIGNED_OUT" });
   }
   /**
    * Signout: чистит локальную session СРАЗУ (UX — мгновенный logout без
@@ -756,7 +762,7 @@ class mt {
   async signOut(t = {}) {
     await this.hydrated;
     const e = this.session?.access_token, s = this.session?.user.is_anonymous === !0;
-    if (this.setSession(null), t.forgetAnonymous && await this.clearAnonRefreshToken(), !!e && !(s && !t.forgetAnonymous))
+    if (this.setSession(null, { event: "SIGNED_OUT" }), t.forgetAnonymous && await this.clearAnonRefreshToken(), !!e && !(s && !t.forgetAnonymous))
       try {
         await this.api.request(
           `/api/v1/paywall/${this.paywallId}/auth/signout`,
@@ -770,22 +776,35 @@ class mt {
   }
   /**
    * Подписка на изменения session: signin/signup/refresh/signOut/expired-401.
-   * Колбек вызывается с текущим snapshot через microtask (если session есть)
-   * + на каждое реальное изменение. Возвращает unsubscribe.
+   *
+   * Гарантированный контракт: ПЕРВЫЙ callback каждому subscriber'у — всегда
+   * `event = 'INITIAL_SESSION'`, дёргается асинхронно после resolve hydrate'а
+   * (даже если session=null — listener получает explicit «нет сессии», а не
+   * молчание). Все последующие callback'и — реальные переходы с конкретным
+   * event'ом (SIGNED_IN / SIGNED_OUT / TOKEN_REFRESHED / USER_UPDATED /
+   * PASSWORD_RECOVERY).
+   *
+   * Это позволяет listener'у безопасно делать «only on real signin» побочные
+   * эффекты (force refetch balances и т.п.) через `event === 'SIGNED_IN'`,
+   * не путая их с восстановлением из storage.
+   *
+   * Возвращает unsubscribe.
    */
   onAuthChange(t) {
-    if (this.listeners.add(t), this.session) {
+    return this.listeners.add(t), this.hydrated.then(() => {
+      if (this.destroyed || !this.listeners.has(t)) return;
       const e = this.session;
-      queueMicrotask(() => {
-        this.listeners.has(t) && t(e);
-      });
-    }
-    return () => {
+      try {
+        t("INITIAL_SESSION", e);
+      } catch (s) {
+        console.warn("[paywall] onAuthChange INITIAL_SESSION threw", s);
+      }
+    }), () => {
       this.listeners.delete(t);
     };
   }
   isFresh(t) {
-    return t.expires_at - Date.now() > G;
+    return t.expires_at - Date.now() > z;
   }
   toSession(t, e) {
     const s = t.expires_at != null ? t.expires_at * 1e3 : Date.now() + t.expires_in * 1e3;
@@ -796,17 +815,17 @@ class mt {
       user: e
     };
   }
-  setSession(t, e = {}) {
+  setSession(t, e) {
     if (this.destroyed) return;
     const s = this.session;
-    this.session = t, e.skipPersist || this.persist(), tt(s, t) || this.emit();
+    this.session = t, e.skipPersist || this.persist(), tt(s, t) || this.emit(e.event);
   }
-  emit() {
-    for (const t of this.listeners)
+  emit(t) {
+    for (const e of this.listeners)
       try {
-        t(this.session);
-      } catch (e) {
-        console.warn("[paywall] onAuthChange listener threw", e);
+        e(t, this.session);
+      } catch (s) {
+        console.warn("[paywall] onAuthChange listener threw", s);
       }
   }
   storageKey() {
@@ -819,7 +838,7 @@ class mt {
       const e = JSON.parse(t);
       if (!e || typeof e.access_token != "string" || typeof e.refresh_token != "string" || typeof e.expires_at != "number" || !e.user)
         return;
-      this.session = e, this.emit();
+      this.session = e;
     } catch {
     }
   }
@@ -833,7 +852,7 @@ class mt {
       const e = JSON.parse(t);
       if (!e || typeof e.access_token != "string" || typeof e.refresh_token != "string" || typeof e.expires_at != "number" || !e.user)
         return;
-      this.setSession(e, { skipPersist: !0 });
+      this.setSession(e, { skipPersist: !0, event: "SIGNED_IN" });
     } catch {
     }
   }
@@ -959,12 +978,16 @@ function Z(i, t) {
 function tt(i, t) {
   return i === t ? !0 : !i || !t ? !1 : i.access_token === t.access_token && i.refresh_token === t.refresh_token && i.expires_at === t.expires_at && i.user.id === t.user.id && i.user.email === t.user.email;
 }
-const et = "https://appbox.space";
-class st {
+class et {
   constructor(t) {
     if (!t.paywallId)
       throw new o("invalid_config", "paywallId is required");
-    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? et, this.auth = t.auth, this.userId = t.userId, this.capabilities = t.capabilities, this.customFetch = t.fetch, this.onChargeSuccess = t.onChargeSuccess, this.onQuotaExceeded = t.onQuotaExceeded, t.userId && !t.auth && typeof window < "u" && typeof window.document < "u" && console.warn(
+    if (!t.apiOrigin)
+      throw new o(
+        "invalid_config",
+        "apiOrigin is required. Pass the paywall custom_domain configured in the platform."
+      );
+    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin, this.auth = t.auth, this.userId = t.userId, this.capabilities = t.capabilities, this.customFetch = t.fetch, this.onChargeSuccess = t.onChargeSuccess, this.onQuotaExceeded = t.onQuotaExceeded, t.userId && !t.auth && typeof window < "u" && typeof window.document < "u" && console.warn(
       "[paywall] WARNING: ApiGatewayClient.userId set without auth in browser. Client can spoof userId. Use AuthClient + Bearer for trusted user.id."
     );
   }
@@ -992,15 +1015,15 @@ class st {
         credentials: "omit"
       });
     } catch (p) {
-      const K = p instanceof Error ? p.message : String(p);
-      throw new o("network_error", `Network request failed: ${K}`, { cause: p });
+      const $ = p instanceof Error ? p.message : String(p);
+      throw new o("network_error", `Network request failed: ${$}`, { cause: p });
     }
     if (h.status === 402) {
-      const p = await it(h);
+      const p = await st(h);
       throw this.onQuotaExceeded?.(p), p;
     }
     if (!h.ok) {
-      const p = await at(h.clone());
+      const p = await it(h.clone());
       throw new o(
         p ?? `http_${h.status}`,
         h.statusText || "Gateway request failed",
@@ -1011,7 +1034,7 @@ class st {
     return this.onChargeSuccess?.(g), h;
   }
 }
-async function it(i) {
+async function st(i) {
   let t = {};
   try {
     t = await i.json();
@@ -1023,13 +1046,13 @@ async function it(i) {
     const a = e[0];
     Array.isArray(a) ? s = a : a && Array.isArray(a.balances) && (s = a.balances);
   }
-  return new N({
+  return new F({
     balances: s,
     queryType: t.details?.queryType ?? "",
     currentBalance: t.details?.currentBalance ?? null
   });
 }
-async function at(i) {
+async function it(i) {
   if (!(i.headers.get("content-type") ?? "").includes("application/json")) return null;
   try {
     const e = await i.json();
@@ -1038,7 +1061,7 @@ async function at(i) {
     return null;
   }
 }
-const nt = 5e3, rt = 30 * 6e4, _ = 60 * 6e4, ot = 5 * 6e4, k = {
+const at = 5e3, nt = 30 * 6e4, B = 60 * 6e4, rt = 5 * 6e4, k = {
   has_active_subscription: !1,
   purchases: [],
   trial: null
@@ -1046,25 +1069,29 @@ const nt = 5e3, rt = 30 * 6e4, _ = 60 * 6e4, ot = 5 * 6e4, k = {
 function A(i) {
   return i && (i.email || i.userId || i.anonymousId) || "guest";
 }
-function ct(i, t) {
+function ot(i, t) {
   return i === t ? !0 : !i || !t ? !1 : JSON.stringify(i) === JSON.stringify(t);
 }
-const ht = 5e3, T = 5 * 6e4, lt = 3e4;
-function ut(i, t) {
+const ct = 5e3, T = 5 * 6e4, ht = 3e4;
+function lt(i, t) {
   if (i === t) return !0;
   if (!i || !t || i.length !== t.length) return !1;
   for (let e = 0; e < i.length; e++)
     if (i[e].type !== t[e].type || i[e].count !== t[e].count) return !1;
   return !0;
 }
-const dt = "https://appbox.space";
-class bt {
+class mt {
   constructor(t) {
     if (this.cachedBootstrap = null, this.cachedBootstrapAt = 0, this.inflightBootstrap = null, this.bootstrapListeners = /* @__PURE__ */ new Set(), this.bootstrapStorageUnwatch = null, this.authUnsubscribe = null, this.cachedUser = null, this.cachedUserAt = 0, this.inflightUser = null, this.userListeners = /* @__PURE__ */ new Set(), this.visitorIdPromise = null, this.visitorId = null, this.inflightCheckouts = /* @__PURE__ */ new Map(), this.cachedBalances = null, this.cachedBalancesAt = 0, this.balancesStorageUnwatch = null, this.inflightBalances = null, this.balanceListeners = /* @__PURE__ */ new Set(), this.previewVersionCounter = 0, !t.paywallId)
       throw new o("invalid_config", "paywallId is required");
-    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? dt, this.capabilities = t.capabilities, this.auth = t.auth, this.previewMode = t.preview === !0;
+    if (!t.apiOrigin)
+      throw new o(
+        "invalid_config",
+        'apiOrigin is required. Pass the paywall custom_domain configured in the platform (e.g. "https://pay.your-domain.com"). The legacy "appbox.space" fallback is not used in SDK 3.0.'
+      );
+    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin, this.capabilities = t.capabilities, this.auth = t.auth, this.previewMode = t.preview === !0;
     const e = t.auth?.getCachedUser();
-    this.identity = t.identity ?? (e ? U(e) : void 0), this.apiKey = t.apiKey, this.fetchImpl = t.fetch, t.apiKey && typeof window < "u" && typeof window.document < "u" && console.error(
+    this.identity = t.identity ?? (e ? O(e) : void 0), this.apiKey = t.apiKey, this.fetchImpl = t.fetch, t.apiKey && typeof window < "u" && typeof window.document < "u" && console.error(
       "[paywall] SECURITY: BillingClient.apiKey detected in browser context. This is a server-SDK key and exposes your account. Remove apiKey or move BillingClient to a trusted backend."
     ), this.storage = R(t.storage), this.api = new P({
       apiOrigin: this.apiOrigin,
@@ -1075,10 +1102,10 @@ class bt {
       // делает lazy refresh, дедупит, на 401 возвращает null — тогда
       // Authorization-хедер просто не выставится.
       getAuthToken: t.auth ? () => t.auth.getAccessToken() : void 0
-    }), t.auth && (this.authUnsubscribe = t.auth.onAuthChange((s) => {
-      const a = s ? U(s.user) : void 0;
-      ft(this.identity, a) || this.setIdentity(a);
-    })), this.hydrateUserFromStorage(), this.hydrateBootstrapFromStorage(), this.subscribeBootstrapStorage(), this.hydrateBalancesFromStorage(), this.subscribeBalancesStorage(), this.visitorIdPromise = B(this.storage).then((s) => (this.visitorId = s, s));
+    }), t.auth && (this.authUnsubscribe = t.auth.onAuthChange((s, a) => {
+      const n = a ? O(a.user) : void 0;
+      ut(this.identity, n) || this.setIdentity(n);
+    })), this.hydrateUserFromStorage(), this.hydrateBootstrapFromStorage(), this.subscribeBootstrapStorage(), this.hydrateBalancesFromStorage(), this.subscribeBalancesStorage(), this.visitorIdPromise = _(this.storage).then((s) => (this.visitorId = s, s));
   }
   /**
    * Stable visitor_id (UUID v4). Первый вызов awaitит первичный резолв из
@@ -1086,7 +1113,7 @@ class bt {
    * EventTracker'ом для атрибуции аналитики.
    */
   async getVisitorId() {
-    return this.visitorId ? this.visitorId : (this.visitorIdPromise || (this.visitorIdPromise = B(this.storage).then((t) => (this.visitorId = t, t))), this.visitorIdPromise);
+    return this.visitorId ? this.visitorId : (this.visitorIdPromise || (this.visitorIdPromise = _(this.storage).then((t) => (this.visitorId = t, t))), this.visitorIdPromise);
   }
   /** Sync-доступ к visitor_id. null если ещё не зарезолвили (первые ms жизни). */
   getCachedVisitorId() {
@@ -1122,9 +1149,9 @@ class bt {
         "BillingClient in preview mode but cachedBootstrap is not seeded. Call setBootstrap(bootstrap) before open()."
       );
     }
-    const s = Date.now(), a = this.cachedBootstrap && this.cachedBootstrapAt > 0 && s - this.cachedBootstrapAt < _;
-    return !e.force && a ? (s - this.cachedBootstrapAt > ot && this.revalidateBootstrap(e.signal).catch(() => {
-    }), this.cachedBootstrap) : this.inflightBootstrap ? this.inflightBootstrap : (this.inflightBootstrap = this.fetchBootstrap({
+    const s = Date.now(), a = this.cachedBootstrap && this.cachedBootstrapAt > 0 && s - this.cachedBootstrapAt < B;
+    return !e.force && a ? (s - this.cachedBootstrapAt > rt && this.revalidateBootstrap(e.signal).catch(() => {
+    }), { ...this.cachedBootstrap, user: this.cachedUser ?? void 0 }) : this.inflightBootstrap ? this.inflightBootstrap : (this.inflightBootstrap = this.fetchBootstrap({
       ifVersion: e.force ? void 0 : this.cachedBootstrap?.version,
       signal: e.signal
     }).finally(() => {
@@ -1172,7 +1199,7 @@ class bt {
       offers: t.offers !== void 0 ? t.offers : e.offers,
       version: `preview:${++this.previewVersionCounter}`
     };
-    s.layout || (s.layout = O(s.settings, s.prices)), w(s), this.cachedBootstrap = s, this.cachedBootstrapAt = Date.now();
+    s.layout || (s.layout = E(s.settings, s.prices)), w(s), this.cachedBootstrap = s, this.cachedBootstrapAt = Date.now();
     for (const a of this.bootstrapListeners)
       try {
         a(s);
@@ -1194,7 +1221,7 @@ class bt {
     if ("unchanged" in a && a.unchanged)
       return this.cachedBootstrap ? (this.cachedBootstrapAt = Date.now(), a.user && this.applyUser(a.user), this.cachedBootstrap) : this.fetchBootstrap({ signal: t.signal });
     const n = a;
-    return n.layout || (n.layout = O(n.settings, n.prices)), w(n), this.applyBootstrap(n, { persist: !0 }), n.user && this.applyUser(n.user), n;
+    return dt(n.settings.custom_domain, this.apiOrigin), n.layout || (n.layout = E(n.settings, n.prices)), w(n), this.applyBootstrap(n, { persist: !0 }), n.user && this.applyUser(n.user), n;
   }
   // Фоновый revalidate из stale-while-revalidate ветки. Дедуплицируется через
   // `inflightBootstrap`, чтобы параллельные revalidate'ы не пересекались.
@@ -1227,7 +1254,7 @@ class bt {
         const t = await this.storage.getItem(y.bootstrap(this.paywallId));
         if (!t) return;
         const e = JSON.parse(t);
-        if (!e?.bootstrap || Date.now() - e.at > _ || this.cachedBootstrap) return;
+        if (!e?.bootstrap || Date.now() - e.at > B || this.cachedBootstrap) return;
         w(e.bootstrap), this.cachedBootstrap = e.bootstrap, this.cachedBootstrapAt = e.at;
         for (const s of this.bootstrapListeners)
           try {
@@ -1311,7 +1338,7 @@ class bt {
    * есть `navigator.language`.
    */
   getUserLanguage() {
-    const t = typeof navigator < "u" && navigator.language ? navigator.language : null, e = this.cachedBootstrap?.settings.locale_default ?? null, s = this.cachedBootstrap ? $(this.cachedBootstrap) : null;
+    const t = typeof navigator < "u" && navigator.language ? navigator.language : null, e = this.cachedBootstrap?.settings.locale_default ?? null, s = this.cachedBootstrap ? K(this.cachedBootstrap) : null;
     return { tag: s ?? t ?? e, applied: s, browserLanguage: t, countryLanguage: e };
   }
   /**
@@ -1323,7 +1350,7 @@ class bt {
    * - Без identity возвращает empty-state (сервер тоже так делает).
    */
   async getUser({ force: t = !1, signal: e } = {}) {
-    return !t && this.cachedUser && Date.now() - this.cachedUserAt < nt ? this.cachedUser : this.inflightUser ? this.inflightUser : (this.inflightUser = (async () => {
+    return !t && this.cachedUser && Date.now() - this.cachedUserAt < at ? this.cachedUser : this.inflightUser ? this.inflightUser : (this.inflightUser = (async () => {
       try {
         if (!this.identity?.email)
           return this.applyUser(k), k;
@@ -1379,7 +1406,7 @@ class bt {
     return this.cachedUser;
   }
   applyUser(t) {
-    const e = !ct(this.cachedUser, t);
+    const e = !ot(this.cachedUser, t);
     if (this.cachedUser = t, this.cachedUserAt = Date.now(), e) {
       this.persistUser(t);
       for (const s of this.userListeners)
@@ -1399,7 +1426,7 @@ class bt {
         const t = await this.storage.getItem(this.storageKey());
         if (!t) return;
         const e = JSON.parse(t);
-        if (!e?.user || Date.now() - e.at > rt || this.cachedUser) return;
+        if (!e?.user || Date.now() - e.at > nt || this.cachedUser) return;
         this.applyUser(e.user);
       } catch {
       }
@@ -1428,7 +1455,7 @@ class bt {
    */
   async getBalances({ force: t = !1, signal: e } = {}) {
     const s = Date.now(), a = this.cachedBalances ? s - this.cachedBalancesAt : 1 / 0;
-    return !t && this.cachedBalances && (a < ht || a < lt) ? this.cachedBalances : !t && this.cachedBalances && a < T ? (this.fetchBalances({ signal: e }).catch(() => {
+    return !t && this.cachedBalances && (a < ct || a < ht) ? this.cachedBalances : !t && this.cachedBalances && a < T ? (this.fetchBalances({ signal: e }).catch(() => {
     }), this.cachedBalances) : this.inflightBalances ? this.inflightBalances : this.fetchBalances({ signal: e });
   }
   // Network primitive — единая точка для force/stale-revalidate/cold-start.
@@ -1519,7 +1546,7 @@ class bt {
    */
   createApiGatewayClient(t = {}) {
     const e = t.onChargeSuccess, s = t.onQuotaExceeded;
-    return new st({
+    return new et({
       paywallId: this.paywallId,
       apiOrigin: this.apiOrigin,
       auth: this.auth,
@@ -1536,7 +1563,7 @@ class bt {
     });
   }
   applyBalances(t, { persist: e = !0 } = {}) {
-    const s = !ut(this.cachedBalances, t);
+    const s = !lt(this.cachedBalances, t);
     if (this.cachedBalances = t, this.cachedBalancesAt = Date.now(), e && this.persistBalances(t), s)
       for (const a of this.balanceListeners)
         try {
@@ -1600,7 +1627,7 @@ class bt {
     const e = t.idempotencyKey ?? `auto:${t.priceId}`, s = this.inflightCheckouts.get(e);
     if (s) return s;
     const n = {
-      "Idempotency-Key": t.idempotencyKey ?? M()
+      "Idempotency-Key": t.idempotencyKey ?? D()
     };
     this.apiKey && (n["X-Api-Key"] = this.apiKey);
     const r = this.cachedBootstrap?.settings, l = t.successUrl ?? r?.success_redirect_url ?? void 0, u = t.shopUrl ?? r?.checkout_shop_url ?? void 0, d = this.api.request(`/api/v1/paywall/${this.paywallId}/start-checkout`, {
@@ -1744,23 +1771,43 @@ class bt {
     });
   }
 }
-function U(i) {
+function O(i) {
   return { email: i.email, userId: i.id };
 }
-function ft(i, t) {
+function ut(i, t) {
   return i === t ? !0 : !i || !t ? !1 : i.email === t.email && i.userId === t.userId && i.anonymousId === t.anonymousId;
 }
-function O(i, t) {
+function U(i) {
+  if (!i) return null;
+  const t = i.trim();
+  if (!t) return null;
+  try {
+    return new URL(t.includes("://") ? t : `https://${t}`).origin;
+  } catch {
+    return null;
+  }
+}
+function dt(i, t) {
+  const e = U(i);
+  if (!(!e || U(t) === e))
+    throw new o(
+      "invalid_config",
+      `apiOrigin mismatch: SDK initialized with "${t}" but paywall is configured with custom_domain "${i}". Use the custom_domain from the platform paywall settings.`
+    );
+}
+function E(i, t) {
   return {
     type: "modal",
     blocks: [
       { type: "heading", text: i.name || "Upgrade", level: 1 },
       { type: "price_grid", priceIds: t.map((e) => e.id) },
-      { type: "cta_button", label: "Continue", action: "checkout" }
+      { type: "cta_button", label: "Continue", action: "checkout" },
+      { type: "guarantee_badge" },
+      { type: "current_session" }
     ]
   };
 }
-function $(i) {
+function K(i) {
   const t = i.locales;
   if (!t) return null;
   const e = [];
@@ -1776,7 +1823,7 @@ function $(i) {
   return null;
 }
 function w(i) {
-  const t = $(i);
+  const t = K(i);
   if (!t) return;
   const e = i.locales?.[t];
   e && (e.layout && (i.layout = e.layout), e.prices && (i.prices = i.prices.map((s) => {
@@ -1786,8 +1833,8 @@ function w(i) {
     return "label" in a && (n.label = a.label ?? null), "description" in a && (n.description = a.description ?? null), n;
   })));
 }
-const yt = 1500, pt = 20, C = 200;
-class vt {
+const ft = 1500, yt = 20, C = 200;
+class St {
   constructor(t) {
     this.buffer = [], this.flushTimer = null, this.destroyed = !1, this.unloadHandler = null, this.visibilityHandler = null, this.opts = t, this.isEnabled() && this.attachUnloadHandlers();
   }
@@ -1797,7 +1844,7 @@ class vt {
   track(t, e) {
     if (this.destroyed || !this.isEnabled() || typeof t != "string" || t.length === 0) return;
     this.buffer.push({ type: t, ts: Date.now(), props: e });
-    const s = this.opts.maxBufferSize ?? pt;
+    const s = this.opts.maxBufferSize ?? yt;
     if (this.buffer.length >= s) {
       this.flush();
       return;
@@ -1806,7 +1853,7 @@ class vt {
   }
   scheduleFlush() {
     if (this.flushTimer || this.destroyed) return;
-    const t = this.opts.flushIntervalMs ?? yt;
+    const t = this.opts.flushIntervalMs ?? ft;
     this.flushTimer = setTimeout(() => {
       this.flushTimer = null, this.flush();
     }, t);
@@ -1885,14 +1932,14 @@ class vt {
     this.destroyed || (this.destroyed = !0, this.flushTimer && (clearTimeout(this.flushTimer), this.flushTimer = null), this.flush(), this.detachUnloadHandlers());
   }
 }
-const E = 3600 * 1e3;
+const N = 3600 * 1e3;
 function v(i) {
   return `paywall-${i}-trial-time-first-open`;
 }
-function S(i) {
+function b(i) {
   return `paywall-${i}-skip-times`;
 }
-class F {
+class M {
   constructor(t, e, s) {
     this.storage = t, this.paywallId = e, this.config = s;
   }
@@ -1903,10 +1950,10 @@ class F {
     return this.config.mode === "time" ? this.recordTime() : this.recordOpens();
   }
   async reset() {
-    await this.storage.removeItem(this.config.mode === "time" ? v(this.paywallId) : S(this.paywallId));
+    await this.storage.removeItem(this.config.mode === "time" ? v(this.paywallId) : b(this.paywallId));
   }
   async checkTime() {
-    const t = this.config.payload * E, e = await this.storage.getItem(v(this.paywallId)), s = e ? Number(e) : null;
+    const t = this.config.payload * N, e = await this.storage.getItem(v(this.paywallId)), s = e ? Number(e) : null;
     if (!s || !Number.isFinite(s))
       return {
         mode: "time",
@@ -1927,7 +1974,7 @@ class F {
     };
   }
   async checkOpens() {
-    const t = this.config.payload, e = await this.storage.getItem(S(this.paywallId)), s = e ? Number(e) : 0, a = Number.isFinite(s) ? s : 0, n = a < t, r = Math.max(0, t - a);
+    const t = this.config.payload, e = await this.storage.getItem(b(this.paywallId)), s = e ? Number(e) : 0, a = Number.isFinite(s) ? s : 0, n = a < t, r = Math.max(0, t - a);
     return {
       mode: "opens",
       blocked: n,
@@ -1936,7 +1983,7 @@ class F {
     };
   }
   async recordTime() {
-    const t = this.config.payload * E, e = v(this.paywallId), s = await this.storage.getItem(e);
+    const t = this.config.payload * N, e = v(this.paywallId), s = await this.storage.getItem(e);
     let a = s ? Number(s) : null;
     (!a || !Number.isFinite(a)) && (a = Date.now(), await this.storage.setItem(e, String(a)));
     const n = a + t, r = Math.max(0, n - Date.now());
@@ -1950,7 +1997,7 @@ class F {
     };
   }
   async recordOpens() {
-    const t = this.config.payload, e = S(this.paywallId), s = await this.storage.getItem(e), a = s ? Number(s) : 0, n = Number.isFinite(a) ? a : 0, r = Math.min(t, n + 1);
+    const t = this.config.payload, e = b(this.paywallId), s = await this.storage.getItem(e), a = s ? Number(s) : 0, n = Number.isFinite(a) ? a : 0, r = Math.min(t, n + 1);
     await this.storage.setItem(e, String(r));
     const l = Math.max(0, t - r);
     return {
@@ -1962,11 +2009,11 @@ class F {
   }
 }
 let L = !1;
-class gt {
+class pt {
   constructor(t, e, s) {
     L || (L = !0, console.warn(
       '[paywall] trial.storage="server" is not implemented yet — falling back to client storage. State lives in localStorage; users can reset trial by clearing site data.'
-    )), this.fallback = new F(t, e, s);
+    )), this.fallback = new M(t, e, s);
   }
   check() {
     return this.fallback.check();
@@ -1978,11 +2025,11 @@ class gt {
     return this.fallback.reset();
   }
 }
-function St(i, t, e) {
-  return e.storage === "server" ? new gt(i, t, e) : new F(i, t, e);
+function vt(i, t, e) {
+  return e.storage === "server" ? new pt(i, t, e) : new M(i, t, e);
 }
-const It = 1;
-function Bt(i) {
+const bt = 1;
+function It(i) {
   return i instanceof o ? {
     name: "PaywallError",
     code: i.code,
@@ -2008,7 +2055,7 @@ function _t(i) {
   const t = new Error(i.message);
   return t.name = i.name, i.stack && (t.stack = i.stack), t;
 }
-function wt(i) {
+function gt(i) {
   let t = !1;
   const e = /* @__PURE__ */ new Set(), s = /* @__PURE__ */ new Set(), a = (r) => {
     for (const l of e) l(r);
@@ -2040,21 +2087,21 @@ function wt(i) {
     }
   };
 }
-function kt(i) {
+function Bt(i) {
   const t = chrome.runtime.connect({ name: i });
-  return wt(t);
+  return gt(t);
 }
 export {
-  mt as A,
-  bt as B,
-  vt as E,
+  wt as A,
+  mt as B,
+  St as E,
   o as P,
-  It as a,
-  kt as b,
-  St as c,
-  wt as p,
+  bt as a,
+  Bt as b,
+  vt as c,
+  gt as p,
   _t as r,
-  Bt as s,
+  It as s,
   Z as w
 };
-//# sourceMappingURL=chrome-port-DPFUj1MP.js.map
+//# sourceMappingURL=chrome-port-rPi6zrjD.js.map