@monetize.software/sdk 3.0.0-alpha.1 → 3.0.0-alpha.3

package/dist/core.d.ts

@@ -487,6 +487,8 @@ export declare class BillingClient {
     private balancesStorageUnwatch;
     private inflightBalances;
     private balanceListeners;
+    private readonly previewMode;
+    private previewVersionCounter;
     constructor(opts: BillingClientOptions);
     /**
      * Stable visitor_id (UUID v4). Первый вызов awaitит первичный резолв из
@@ -519,6 +521,24 @@ export declare class BillingClient {
      * unsubscribe.
      */
     onBootstrapChange(cb: (b: PaywallBootstrap) => void): () => void;
+    /**
+     * Заменить cachedBootstrap частичными или полными данными и эмитнуть всем
+     * подписчикам. Используется host'ом в preview-mode (редактор админки) для
+     * live-обновления открытой модалки без сетевого revalidate'а.
+     *
+     * Поведение:
+     *  - Без `cachedBootstrap` ожидаются как минимум `settings` + `prices` —
+     *    иначе PaywallRoot не сможет отрендерить тарифы и упадёт.
+     *  - С существующим кешем партиал мёрджится поверх: `settings` глубокий мёрдж
+     *    на 1 уровень (поля настроек), массивы `prices`/`offers` перезаписываются.
+     *  - Каждый вызов бампит `version` ("preview:<n>"), чтобы applyBootstrap'овая
+     *    проверка `versionChanged` всегда срабатывала и listener'ы дёргались.
+     *  - Persist в storage НЕ делаем — preview не должен утекать в другие вкладки.
+     *
+     * В non-preview режиме метод доступен, но это редкий путь (например, для
+     * тестов host'а) — production-код должен полагаться на bootstrap() + revalidate.
+     */
+    setBootstrap(partial: Partial<PaywallBootstrap>): void;
     private fetchBootstrap;
     private revalidateBootstrap;
     private applyBootstrap;
@@ -790,6 +810,16 @@ export declare interface BillingClientOptions {
      * через `setIdentity`, Bearer не отправляется.
      */
     auth?: AuthClient;
+    /**
+     * Preview/editor-mode. Когда true:
+     *  - `bootstrap()` НЕ ходит в сеть — отдаёт только `cachedBootstrap`, заданный
+     *    через `setBootstrap()`. Без seed'а throw'ает (caller обязан засидить до open).
+     *  - Storage.watch / persist отключены (preview редактора локален для текущей вкладки).
+     *  - `setBootstrap(partial)` доступен как публичный setter — host'у разрешено
+     *    мутировать кеш для live-обновления модалки в редакторе админки.
+     * Дефолт false — обычный production-режим.
+     */
+    preview?: boolean;
 }
 
 export declare interface CheckoutResult {

package/dist/core.js

@@ -3,21 +3,21 @@ class r extends Error {
     super(e), this.name = "PaywallError", this.code = t, this.status = s.status, this.cause = s.cause;
   }
 }
-class R extends r {
+class q extends r {
   constructor(t) {
     super("not_enough_queries", t.message ?? "Not enough queries", {
       status: 402
     }), this.name = "QuotaExceededError", this.balances = t.balances, this.queryType = t.queryType, this.currentBalance = t.currentBalance;
   }
 }
-const g = "3.0.0-alpha.0";
-class k {
+const m = "3.0.0-alpha.0";
+class O {
   constructor(t) {
     this.opts = t;
   }
   async request(t, e = {}) {
     const s = new URL(t, this.opts.apiOrigin).toString(), i = this.opts.fetch ?? fetch, n = new Headers(e.headers);
-    n.set("Accept", "application/json"), n.set("X-SDK-Version", g), n.set("X-Paywall-Id", this.opts.paywallId), this.opts.capabilities?.length && n.set("X-SDK-Capabilities", this.opts.capabilities.join(","));
+    n.set("Accept", "application/json"), n.set("X-SDK-Version", m), n.set("X-Paywall-Id", this.opts.paywallId), this.opts.capabilities?.length && n.set("X-SDK-Capabilities", this.opts.capabilities.join(","));
     const o = await this.opts.getAuthToken?.();
     o && n.set("Authorization", `Bearer ${o}`);
     const u = typeof FormData < "u" && e.body instanceof FormData;
@@ -40,12 +40,12 @@ class k {
     return f;
   }
 }
-const q = "https://appbox.space";
+const $ = "https://appbox.space";
 class K {
   constructor(t) {
     if (!t.paywallId)
       throw new r("invalid_config", "paywallId is required");
-    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? q, this.auth = t.auth, this.userId = t.userId, this.capabilities = t.capabilities, this.customFetch = t.fetch, this.onChargeSuccess = t.onChargeSuccess, this.onQuotaExceeded = t.onQuotaExceeded, t.userId && !t.auth && typeof window < "u" && typeof window.document < "u" && console.warn(
+    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? $, this.auth = t.auth, this.userId = t.userId, this.capabilities = t.capabilities, this.customFetch = t.fetch, this.onChargeSuccess = t.onChargeSuccess, this.onQuotaExceeded = t.onQuotaExceeded, t.userId && !t.auth && typeof window < "u" && typeof window.document < "u" && console.warn(
       "[paywall] WARNING: ApiGatewayClient.userId set without auth in browser. Client can spoof userId. Use AuthClient + Bearer for trusted user.id."
     );
   }
@@ -56,7 +56,7 @@ class K {
     );
     s.searchParams.set("paywall_id", this.paywallId);
     const i = new Headers(t.headers);
-    i.set("X-SDK-Version", g), i.set("X-Paywall-Id", this.paywallId), this.capabilities?.length && i.set("X-SDK-Capabilities", this.capabilities.join(","));
+    i.set("X-SDK-Version", m), i.set("X-Paywall-Id", this.paywallId), this.capabilities?.length && i.set("X-SDK-Capabilities", this.capabilities.join(","));
     const n = await this.auth?.getAccessToken();
     n ? i.set("Authorization", `Bearer ${n}`) : this.userId && i.set("X-User-ID", this.userId);
     const o = typeof FormData < "u" && t.body instanceof FormData, u = typeof Blob < "u" && t.body instanceof Blob, l = typeof ReadableStream < "u" && t.body instanceof ReadableStream, d = typeof t.body == "string";
@@ -73,15 +73,15 @@ class K {
         credentials: "omit"
       });
     } catch (p) {
-      const P = p instanceof Error ? p.message : String(p);
-      throw new r("network_error", `Network request failed: ${P}`, { cause: p });
+      const R = p instanceof Error ? p.message : String(p);
+      throw new r("network_error", `Network request failed: ${R}`, { cause: p });
     }
     if (c.status === 402) {
-      const p = await $(c);
+      const p = await F(c);
       throw this.onQuotaExceeded?.(p), p;
     }
     if (!c.ok) {
-      const p = await F(c.clone());
+      const p = await N(c.clone());
       throw new r(
         p ?? `http_${c.status}`,
         c.statusText || "Gateway request failed",
@@ -92,7 +92,7 @@ class K {
     return this.onChargeSuccess?.(w), c;
   }
 }
-async function $(a) {
+async function F(a) {
   let t = {};
   try {
     t = await a.json();
@@ -104,13 +104,13 @@ async function $(a) {
     const i = e[0];
     Array.isArray(i) ? s = i : i && Array.isArray(i.balances) && (s = i.balances);
   }
-  return new R({
+  return new q({
     balances: s,
     queryType: t.details?.queryType ?? "",
     currentBalance: t.details?.currentBalance ?? null
   });
 }
-async function F(a) {
+async function N(a) {
   if (!(a.headers.get("content-type") ?? "").includes("application/json")) return null;
   try {
     const e = await a.json();
@@ -119,10 +119,10 @@ async function F(a) {
     return null;
   }
 }
-function N() {
+function D() {
   return typeof chrome < "u" && !!chrome?.storage?.local && !!chrome?.runtime?.id;
 }
-const D = {
+const M = {
   getItem(a) {
     return new Promise((t) => {
       chrome.storage.local.get([a], (e) => {
@@ -180,19 +180,19 @@ const D = {
     };
     return window.addEventListener("storage", e), () => window.removeEventListener("storage", e);
   }
-}, m = /* @__PURE__ */ new Map(), M = {
+}, b = /* @__PURE__ */ new Map(), J = {
   async getItem(a) {
-    return m.get(a) ?? null;
+    return b.get(a) ?? null;
   },
   async setItem(a, t) {
-    m.set(a, t);
+    b.set(a, t);
   },
   async removeItem(a) {
-    m.delete(a);
+    b.delete(a);
   }
 };
-function O(a) {
-  return a || (N() ? D : typeof window < "u" && "localStorage" in window ? x : M);
+function C(a) {
+  return a || (D() ? M : typeof window < "u" && "localStorage" in window ? x : J);
 }
 const y = {
   visitorId: "pw-visitor-id",
@@ -224,7 +224,7 @@ const y = {
   // (оптимистично через `decrementBalanceLocal`).
   balances: (a, t) => `pw-${a}-${t}-balances-v1`
 };
-function C() {
+function E() {
   const a = typeof globalThis < "u" ? globalThis.crypto : void 0;
   if (a && typeof a.randomUUID == "function") return a.randomUUID();
   const t = new Uint8Array(16);
@@ -236,48 +236,48 @@ function C() {
   const e = Array.from(t, (s) => s.toString(16).padStart(2, "0")).join("");
   return `${e.slice(0, 8)}-${e.slice(8, 12)}-${e.slice(12, 16)}-${e.slice(16, 20)}-${e.slice(20)}`;
 }
-async function I(a) {
+async function S(a) {
   try {
     const e = await a.getItem(y.visitorId);
     if (e && typeof e == "string" && e.length >= 16) return e;
   } catch {
   }
-  const t = C();
+  const t = E();
   try {
     await a.setItem(y.visitorId, t);
   } catch {
   }
   return t;
 }
-const J = 5e3, H = 30 * 6e4, v = 60 * 6e4, V = 5 * 6e4, _ = {
+const H = 5e3, V = 30 * 6e4, I = 60 * 6e4, j = 5 * 6e4, B = {
   has_active_subscription: !1,
   purchases: [],
   trial: null
 };
-function B(a) {
+function _(a) {
   return a && (a.email || a.userId || a.anonymousId) || "guest";
 }
-function j(a, t) {
+function X(a, t) {
   return a === t ? !0 : !a || !t ? !1 : JSON.stringify(a) === JSON.stringify(t);
 }
-const X = 5e3, A = 5 * 6e4, z = 3e4;
-function G(a, t) {
+const z = 5e3, A = 5 * 6e4, G = 3e4;
+function Q(a, t) {
   if (a === t) return !0;
   if (!a || !t || a.length !== t.length) return !1;
   for (let e = 0; e < a.length; e++)
     if (a[e].type !== t[e].type || a[e].count !== t[e].count) return !1;
   return !0;
 }
-const Q = "https://appbox.space";
+const W = "https://appbox.space";
 class ut {
   constructor(t) {
-    if (this.cachedBootstrap = null, this.cachedBootstrapAt = 0, this.inflightBootstrap = null, this.bootstrapListeners = /* @__PURE__ */ new Set(), this.bootstrapStorageUnwatch = null, this.authUnsubscribe = null, this.cachedUser = null, this.cachedUserAt = 0, this.inflightUser = null, this.userListeners = /* @__PURE__ */ new Set(), this.visitorIdPromise = null, this.visitorId = null, this.inflightCheckouts = /* @__PURE__ */ new Map(), this.cachedBalances = null, this.cachedBalancesAt = 0, this.balancesStorageUnwatch = null, this.inflightBalances = null, this.balanceListeners = /* @__PURE__ */ new Set(), !t.paywallId)
+    if (this.cachedBootstrap = null, this.cachedBootstrapAt = 0, this.inflightBootstrap = null, this.bootstrapListeners = /* @__PURE__ */ new Set(), this.bootstrapStorageUnwatch = null, this.authUnsubscribe = null, this.cachedUser = null, this.cachedUserAt = 0, this.inflightUser = null, this.userListeners = /* @__PURE__ */ new Set(), this.visitorIdPromise = null, this.visitorId = null, this.inflightCheckouts = /* @__PURE__ */ new Map(), this.cachedBalances = null, this.cachedBalancesAt = 0, this.balancesStorageUnwatch = null, this.inflightBalances = null, this.balanceListeners = /* @__PURE__ */ new Set(), this.previewVersionCounter = 0, !t.paywallId)
       throw new r("invalid_config", "paywallId is required");
-    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? Q, this.capabilities = t.capabilities, this.auth = t.auth;
+    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? W, this.capabilities = t.capabilities, this.auth = t.auth, this.previewMode = t.preview === !0;
     const e = t.auth?.getCachedUser();
     this.identity = t.identity ?? (e ? T(e) : void 0), this.apiKey = t.apiKey, this.fetchImpl = t.fetch, t.apiKey && typeof window < "u" && typeof window.document < "u" && console.error(
       "[paywall] SECURITY: BillingClient.apiKey detected in browser context. This is a server-SDK key and exposes your account. Remove apiKey or move BillingClient to a trusted backend."
-    ), this.storage = O(t.storage), this.api = new k({
+    ), this.storage = C(t.storage), this.api = new O({
       apiOrigin: this.apiOrigin,
       paywallId: t.paywallId,
       capabilities: t.capabilities,
@@ -288,8 +288,8 @@ class ut {
       getAuthToken: t.auth ? () => t.auth.getAccessToken() : void 0
     }), t.auth && (this.authUnsubscribe = t.auth.onAuthChange((s) => {
       const i = s ? T(s.user) : void 0;
-      W(this.identity, i) || this.setIdentity(i);
-    })), this.hydrateUserFromStorage(), this.hydrateBootstrapFromStorage(), this.subscribeBootstrapStorage(), this.hydrateBalancesFromStorage(), this.subscribeBalancesStorage(), this.visitorIdPromise = I(this.storage).then((s) => (this.visitorId = s, s));
+      Y(this.identity, i) || this.setIdentity(i);
+    })), this.hydrateUserFromStorage(), this.hydrateBootstrapFromStorage(), this.subscribeBootstrapStorage(), this.hydrateBalancesFromStorage(), this.subscribeBalancesStorage(), this.visitorIdPromise = S(this.storage).then((s) => (this.visitorId = s, s));
   }
   /**
    * Stable visitor_id (UUID v4). Первый вызов awaitит первичный резолв из
@@ -297,7 +297,7 @@ class ut {
    * EventTracker'ом для атрибуции аналитики.
    */
   async getVisitorId() {
-    return this.visitorId ? this.visitorId : (this.visitorIdPromise || (this.visitorIdPromise = I(this.storage).then((t) => (this.visitorId = t, t))), this.visitorIdPromise);
+    return this.visitorId ? this.visitorId : (this.visitorIdPromise || (this.visitorIdPromise = S(this.storage).then((t) => (this.visitorId = t, t))), this.visitorIdPromise);
   }
   /** Sync-доступ к visitor_id. null если ещё не зарезолвили (первые ms жизни). */
   getCachedVisitorId() {
@@ -325,8 +325,16 @@ class ut {
     return this.storage;
   }
   async bootstrap(t = !1) {
-    const e = typeof t == "boolean" ? { force: t } : t, s = Date.now(), i = this.cachedBootstrap && this.cachedBootstrapAt > 0 && s - this.cachedBootstrapAt < v;
-    return !e.force && i ? (s - this.cachedBootstrapAt > V && this.revalidateBootstrap(e.signal).catch(() => {
+    const e = typeof t == "boolean" ? { force: t } : t;
+    if (this.previewMode) {
+      if (this.cachedBootstrap) return this.cachedBootstrap;
+      throw new r(
+        "invalid_config",
+        "BillingClient in preview mode but cachedBootstrap is not seeded. Call setBootstrap(bootstrap) before open()."
+      );
+    }
+    const s = Date.now(), i = this.cachedBootstrap && this.cachedBootstrapAt > 0 && s - this.cachedBootstrapAt < I;
+    return !e.force && i ? (s - this.cachedBootstrapAt > j && this.revalidateBootstrap(e.signal).catch(() => {
     }), this.cachedBootstrap) : this.inflightBootstrap ? this.inflightBootstrap : (this.inflightBootstrap = this.fetchBootstrap({
       ifVersion: e.force ? void 0 : this.cachedBootstrap?.version,
       signal: e.signal
@@ -345,6 +353,44 @@ class ut {
       this.bootstrapListeners.delete(t);
     };
   }
+  /**
+   * Заменить cachedBootstrap частичными или полными данными и эмитнуть всем
+   * подписчикам. Используется host'ом в preview-mode (редактор админки) для
+   * live-обновления открытой модалки без сетевого revalidate'а.
+   *
+   * Поведение:
+   *  - Без `cachedBootstrap` ожидаются как минимум `settings` + `prices` —
+   *    иначе PaywallRoot не сможет отрендерить тарифы и упадёт.
+   *  - С существующим кешем партиал мёрджится поверх: `settings` глубокий мёрдж
+   *    на 1 уровень (поля настроек), массивы `prices`/`offers` перезаписываются.
+   *  - Каждый вызов бампит `version` ("preview:<n>"), чтобы applyBootstrap'овая
+   *    проверка `versionChanged` всегда срабатывала и listener'ы дёргались.
+   *  - Persist в storage НЕ делаем — preview не должен утекать в другие вкладки.
+   *
+   * В non-preview режиме метод доступен, но это редкий путь (например, для
+   * тестов host'а) — production-код должен полагаться на bootstrap() + revalidate.
+   */
+  setBootstrap(t) {
+    const e = this.cachedBootstrap ?? {
+      settings: { id: this.paywallId, name: "" },
+      prices: [],
+      offers: []
+    }, s = {
+      ...e,
+      ...t,
+      settings: t.settings !== void 0 ? { ...e.settings, ...t.settings } : e.settings,
+      prices: t.prices !== void 0 ? t.prices : e.prices,
+      offers: t.offers !== void 0 ? t.offers : e.offers,
+      version: `preview:${++this.previewVersionCounter}`
+    };
+    s.layout || (s.layout = U(s.settings, s.prices)), g(s), this.cachedBootstrap = s, this.cachedBootstrapAt = Date.now();
+    for (const i of this.bootstrapListeners)
+      try {
+        i(s);
+      } catch (n) {
+        console.warn("[paywall] onBootstrapChange listener threw", n);
+      }
+  }
   // Network primitive — единая точка для force-запроса, revalidate'а и
   // первого холодного bootstrap'а. `ifVersion` шлёт server-side short-circuit:
   // если совпала — бэк отвечает `{unchanged: true, version, user}` и мы лишь
@@ -359,7 +405,7 @@ class ut {
     if ("unchanged" in i && i.unchanged)
       return this.cachedBootstrap ? (this.cachedBootstrapAt = Date.now(), i.user && this.applyUser(i.user), this.cachedBootstrap) : this.fetchBootstrap({ signal: t.signal });
     const n = i;
-    return n.layout || (n.layout = Y(n.settings, n.prices)), b(n), this.applyBootstrap(n, { persist: !0 }), n.user && this.applyUser(n.user), n;
+    return n.layout || (n.layout = U(n.settings, n.prices)), g(n), this.applyBootstrap(n, { persist: !0 }), n.user && this.applyUser(n.user), n;
   }
   // Фоновый revalidate из stale-while-revalidate ветки. Дедуплицируется через
   // `inflightBootstrap`, чтобы параллельные revalidate'ы не пересекались.
@@ -392,8 +438,8 @@ class ut {
         const t = await this.storage.getItem(y.bootstrap(this.paywallId));
         if (!t) return;
         const e = JSON.parse(t);
-        if (!e?.bootstrap || Date.now() - e.at > v || this.cachedBootstrap) return;
-        b(e.bootstrap), this.cachedBootstrap = e.bootstrap, this.cachedBootstrapAt = e.at;
+        if (!e?.bootstrap || Date.now() - e.at > I || this.cachedBootstrap) return;
+        g(e.bootstrap), this.cachedBootstrap = e.bootstrap, this.cachedBootstrapAt = e.at;
         for (const s of this.bootstrapListeners)
           try {
             s(e.bootstrap);
@@ -429,7 +475,7 @@ class ut {
               this.cachedBootstrapAt = e.at;
               return;
             }
-            b(e.bootstrap), this.applyBootstrap(e.bootstrap, { persist: !1 });
+            g(e.bootstrap), this.applyBootstrap(e.bootstrap, { persist: !1 });
           } catch {
           }
       }
@@ -476,7 +522,7 @@ class ut {
    * есть `navigator.language`.
    */
   getUserLanguage() {
-    const t = typeof navigator < "u" && navigator.language ? navigator.language : null, e = this.cachedBootstrap?.settings.locale_default ?? null, s = this.cachedBootstrap ? E(this.cachedBootstrap) : null;
+    const t = typeof navigator < "u" && navigator.language ? navigator.language : null, e = this.cachedBootstrap?.settings.locale_default ?? null, s = this.cachedBootstrap ? L(this.cachedBootstrap) : null;
     return { tag: s ?? t ?? e, applied: s, browserLanguage: t, countryLanguage: e };
   }
   /**
@@ -488,10 +534,10 @@ class ut {
    * - Без identity возвращает empty-state (сервер тоже так делает).
    */
   async getUser({ force: t = !1, signal: e } = {}) {
-    return !t && this.cachedUser && Date.now() - this.cachedUserAt < J ? this.cachedUser : this.inflightUser ? this.inflightUser : (this.inflightUser = (async () => {
+    return !t && this.cachedUser && Date.now() - this.cachedUserAt < H ? this.cachedUser : this.inflightUser ? this.inflightUser : (this.inflightUser = (async () => {
       try {
         if (!this.identity?.email)
-          return this.applyUser(_), _;
+          return this.applyUser(B), B;
         const s = await this.api.request(
           `/api/v1/paywall/${this.paywallId}/user-state`,
           { headers: { "X-User-Email": this.identity.email }, signal: e }
@@ -544,7 +590,7 @@ class ut {
     return this.cachedUser;
   }
   applyUser(t) {
-    const e = !j(this.cachedUser, t);
+    const e = !X(this.cachedUser, t);
     if (this.cachedUser = t, this.cachedUserAt = Date.now(), e) {
       this.persistUser(t);
       for (const s of this.userListeners)
@@ -556,7 +602,7 @@ class ut {
     }
   }
   storageKey() {
-    return y.userState(this.paywallId, B(this.identity));
+    return y.userState(this.paywallId, _(this.identity));
   }
   async hydrateUserFromStorage() {
     if (!this.cachedUser)
@@ -564,7 +610,7 @@ class ut {
         const t = await this.storage.getItem(this.storageKey());
         if (!t) return;
         const e = JSON.parse(t);
-        if (!e?.user || Date.now() - e.at > H || this.cachedUser) return;
+        if (!e?.user || Date.now() - e.at > V || this.cachedUser) return;
         this.applyUser(e.user);
       } catch {
       }
@@ -593,7 +639,7 @@ class ut {
    */
   async getBalances({ force: t = !1, signal: e } = {}) {
     const s = Date.now(), i = this.cachedBalances ? s - this.cachedBalancesAt : 1 / 0;
-    return !t && this.cachedBalances && (i < X || i < z) ? this.cachedBalances : !t && this.cachedBalances && i < A ? (this.fetchBalances({ signal: e }).catch(() => {
+    return !t && this.cachedBalances && (i < z || i < G) ? this.cachedBalances : !t && this.cachedBalances && i < A ? (this.fetchBalances({ signal: e }).catch(() => {
     }), this.cachedBalances) : this.inflightBalances ? this.inflightBalances : this.fetchBalances({ signal: e });
   }
   // Network primitive — единая точка для force/stale-revalidate/cold-start.
@@ -701,7 +747,7 @@ class ut {
     });
   }
   applyBalances(t, { persist: e = !0 } = {}) {
-    const s = !G(this.cachedBalances, t);
+    const s = !Q(this.cachedBalances, t);
     if (this.cachedBalances = t, this.cachedBalancesAt = Date.now(), e && this.persistBalances(t), s)
       for (const i of this.balanceListeners)
         try {
@@ -711,7 +757,7 @@ class ut {
         }
   }
   balancesStorageKey() {
-    return y.balances(this.paywallId, B(this.identity));
+    return y.balances(this.paywallId, _(this.identity));
   }
   async hydrateBalancesFromStorage() {
     if (!this.cachedBalances)
@@ -765,7 +811,7 @@ class ut {
     const e = t.idempotencyKey ?? `auto:${t.priceId}`, s = this.inflightCheckouts.get(e);
     if (s) return s;
     const n = {
-      "Idempotency-Key": t.idempotencyKey ?? C()
+      "Idempotency-Key": t.idempotencyKey ?? E()
     };
     this.apiKey && (n["X-Api-Key"] = this.apiKey);
     const o = this.cachedBootstrap?.settings, u = t.successUrl ?? o?.success_redirect_url ?? void 0, l = t.shopUrl ?? o?.checkout_shop_url ?? void 0, d = this.api.request(`/api/v1/paywall/${this.paywallId}/start-checkout`, {
@@ -912,10 +958,10 @@ class ut {
 function T(a) {
   return { email: a.email, userId: a.id };
 }
-function W(a, t) {
+function Y(a, t) {
   return a === t ? !0 : !a || !t ? !1 : a.email === t.email && a.userId === t.userId && a.anonymousId === t.anonymousId;
 }
-function Y(a, t) {
+function U(a, t) {
   return {
     type: "modal",
     blocks: [
@@ -925,7 +971,7 @@ function Y(a, t) {
     ]
   };
 }
-function E(a) {
+function L(a) {
   const t = a.locales;
   if (!t) return null;
   const e = [];
@@ -940,8 +986,8 @@ function E(a) {
     if (i && Object.prototype.hasOwnProperty.call(t, i)) return i;
   return null;
 }
-function b(a) {
-  const t = E(a);
+function g(a) {
+  const t = L(a);
   if (!t) return;
   const e = a.locales?.[t];
   e && (e.layout && (a.layout = e.layout), e.prices && (a.prices = a.prices.map((s) => {
@@ -951,7 +997,7 @@ function b(a) {
     return "label" in i && (n.label = i.label ?? null), "description" in i && (n.description = i.description ?? null), n;
   })));
 }
-function L(a) {
+function P(a) {
   const t = new Uint8Array(a), e = typeof globalThis < "u" ? globalThis.crypto : void 0;
   if (e && typeof e.getRandomValues == "function")
     e.getRandomValues(t);
@@ -959,30 +1005,30 @@ function L(a) {
     for (let s = 0; s < a; s++) t[s] = Math.floor(Math.random() * 256);
   return t;
 }
-function S(a) {
+function v(a) {
   let t = "";
   for (let e = 0; e < a.length; e++) t += String.fromCharCode(a[e]);
   return btoa(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
 function Z() {
-  return S(L(64));
+  return v(P(64));
 }
 async function tt(a) {
   const t = new TextEncoder().encode(a), e = globalThis.crypto;
   if (!e?.subtle?.digest)
     throw new Error("crypto.subtle is required for PKCE");
   const s = await e.subtle.digest("SHA-256", t);
-  return S(new Uint8Array(s));
+  return v(new Uint8Array(s));
 }
 function et() {
-  return S(L(16));
+  return v(P(16));
 }
 const st = "https://appbox.space", it = 6e4, at = 600 * 1e3;
 class dt {
   constructor(t) {
     if (this.session = null, this.inflightRefresh = null, this.inflightAnonSignin = null, this.listeners = /* @__PURE__ */ new Set(), this.storageUnwatch = null, this.destroyed = !1, this.oauthFlows = /* @__PURE__ */ new Map(), !t.paywallId)
       throw new r("invalid_config", "paywallId is required");
-    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? st, this.storage = O(t.storage), this.api = new k({
+    this.paywallId = t.paywallId, this.apiOrigin = t.apiOrigin ?? st, this.storage = C(t.storage), this.api = new O({
       apiOrigin: this.apiOrigin,
       paywallId: t.paywallId,
       fetch: t.fetch
@@ -1740,7 +1786,7 @@ function ot(a, t) {
 function ht(a, t) {
   return a === t ? !0 : !a || !t ? !1 : a.access_token === t.access_token && a.refresh_token === t.refresh_token && a.expires_at === t.expires_at && a.user.id === t.user.id && a.user.email === t.user.email;
 }
-const ct = 1500, lt = 20, U = 200;
+const ct = 1500, lt = 20, k = 200;
 class ft {
   constructor(t) {
     this.buffer = [], this.flushTimer = null, this.destroyed = !1, this.unloadHandler = null, this.visibilityHandler = null, this.opts = t, this.isEnabled() && this.attachUnloadHandlers();
@@ -1756,7 +1802,7 @@ class ft {
       this.flush();
       return;
     }
-    this.buffer.length > U && (this.buffer = this.buffer.slice(-U)), this.scheduleFlush();
+    this.buffer.length > k && (this.buffer = this.buffer.slice(-k)), this.scheduleFlush();
   }
   scheduleFlush() {
     if (this.flushTimer || this.destroyed) return;
@@ -1804,7 +1850,7 @@ class ft {
       // body-level дубликаты для beacon-flow, читаются сервером как fallback.
       visitor_id: e,
       user_id: s,
-      sdk_version: g,
+      sdk_version: m,
       paywall_id: this.opts.paywallId,
       capabilities: this.opts.capabilities?.join(",") ?? ""
     }), n = this.opts.sendBeacon ?? (typeof navigator < "u" && typeof navigator.sendBeacon == "function" ? navigator.sendBeacon.bind(navigator) : null);
@@ -1821,7 +1867,7 @@ class ft {
   buildHeaders(t, e) {
     const s = {
       "Content-Type": "application/json",
-      "X-SDK-Version": g,
+      "X-SDK-Version": m,
       "X-Paywall-Id": this.opts.paywallId,
       "X-Visitor-Id": t
     };
@@ -1840,17 +1886,17 @@ class ft {
   }
 }
 export {
-  k as ApiClient,
+  O as ApiClient,
   K as ApiGatewayClient,
   dt as AuthClient,
   ut as BillingClient,
   ft as EventTracker,
   r as PaywallError,
-  R as QuotaExceededError,
-  g as SDK_VERSION,
+  q as QuotaExceededError,
+  m as SDK_VERSION,
   y as STORAGE_KEYS,
-  O as createStorage,
-  I as ensureVisitorId,
-  C as generateVisitorId
+  C as createStorage,
+  S as ensureVisitorId,
+  E as generateVisitorId
 };
 //# sourceMappingURL=core.js.map