@monetize.software/sdk 3.0.0-alpha.8 → 3.0.0-alpha.9

package/dist/core.js

@@ -1,9 +1,9 @@
-class n extends Error {
+class r extends Error {
   constructor(t, e, s = {}) {
     super(e), this.name = "PaywallError", this.code = t, this.status = s.status, this.cause = s.cause;
   }
 }
-class D extends n {
+class R extends r {
   constructor(t) {
     super("not_enough_queries", t.message ?? "Not enough queries", {
       status: 402
@@ -16,36 +16,36 @@ class E {
     this.opts = t;
   }
   async request(t, e = {}) {
-    const s = new URL(t, this.opts.apiOrigin).toString(), a = this.opts.fetch ?? fetch, r = new Headers(e.headers);
-    r.set("Accept", "application/json"), r.set("X-SDK-Version", m), r.set("X-Paywall-Id", this.opts.paywallId), this.opts.capabilities?.length && r.set("X-SDK-Capabilities", this.opts.capabilities.join(","));
+    const s = new URL(t, this.opts.apiOrigin).toString(), a = this.opts.fetch ?? fetch, n = new Headers(e.headers);
+    n.set("Accept", "application/json"), n.set("X-SDK-Version", m), n.set("X-Paywall-Id", this.opts.paywallId), this.opts.capabilities?.length && n.set("X-SDK-Capabilities", this.opts.capabilities.join(","));
     const o = await this.opts.getAuthToken?.();
-    o && r.set("Authorization", `Bearer ${o}`);
+    o && n.set("Authorization", `Bearer ${o}`);
     const d = typeof FormData < "u" && e.body instanceof FormData;
-    e.body && !r.has("Content-Type") && !d && r.set("Content-Type", "application/json");
+    e.body && !n.has("Content-Type") && !d && n.set("Content-Type", "application/json");
     let u;
     try {
       u = await a(s, {
         ...e,
-        headers: r,
+        headers: n,
         credentials: "omit"
       });
     } catch (c) {
-      throw (c && typeof c == "object" && "name" in c ? c.name : void 0) === "AbortError" ? new n("aborted", "Request aborted", { cause: c }) : new n("network_error", "Network request failed", { cause: c });
+      throw (c && typeof c == "object" && "name" in c ? c.name : void 0) === "AbortError" ? new r("aborted", "Request aborted", { cause: c }) : new r("network_error", "Network request failed", { cause: c });
     }
     const y = (u.headers.get("content-type") ?? "").includes("application/json") ? await u.json().catch(() => null) : null;
     if (!u.ok) {
       const c = y && typeof y == "object" && "code" in y && String(y.code) || `http_${u.status}`, g = y && typeof y == "object" && "message" in y && String(y.message) || u.statusText || "Request failed";
-      throw new n(c, g, { status: u.status, cause: y });
+      throw new r(c, g, { status: u.status, cause: y });
     }
     return y;
   }
 }
-class q {
+class D {
   constructor(t) {
     if (!t.paywallId)
-      throw new n("invalid_config", "paywallId is required");
+      throw new r("invalid_config", "paywallId is required");
     if (!t.apiOrigin)
-      throw new n(
+      throw new r(
         "invalid_config",
         "apiOrigin is required. Pass the paywall custom_domain configured in the platform."
       );
@@ -61,8 +61,8 @@ class q {
     s.searchParams.set("paywall_id", this.paywallId);
     const a = new Headers(t.headers);
     a.set("X-SDK-Version", m), a.set("X-Paywall-Id", this.paywallId), this.capabilities?.length && a.set("X-SDK-Capabilities", this.capabilities.join(","));
-    const r = await this.auth?.getAccessToken();
-    r ? a.set("Authorization", `Bearer ${r}`) : this.userId && a.set("X-User-ID", this.userId);
+    const n = await this.auth?.getAccessToken();
+    n ? a.set("Authorization", `Bearer ${n}`) : this.userId && a.set("X-User-ID", this.userId);
     const o = typeof FormData < "u" && t.body instanceof FormData, d = typeof Blob < "u" && t.body instanceof Blob, u = typeof ReadableStream < "u" && t.body instanceof ReadableStream, f = typeof t.body == "string";
     let h;
     t.body === void 0 || t.body === null ? h = void 0 : o || d || u || f ? h = t.body : (h = JSON.stringify(t.body), a.has("Content-Type") || a.set("Content-Type", "application/json"));
@@ -77,16 +77,16 @@ class q {
         credentials: "omit"
       });
     } catch (p) {
-      const R = p instanceof Error ? p.message : String(p);
-      throw new n("network_error", `Network request failed: ${R}`, { cause: p });
+      const P = p instanceof Error ? p.message : String(p);
+      throw new r("network_error", `Network request failed: ${P}`, { cause: p });
     }
     if (c.status === 402) {
-      const p = await K(c);
+      const p = await q(c);
       throw this.onQuotaExceeded?.(p), p;
     }
     if (!c.ok) {
       const p = await $(c.clone());
-      throw new n(
+      throw new r(
         p ?? `http_${c.status}`,
         c.statusText || "Gateway request failed",
         { status: c.status }
@@ -96,7 +96,7 @@ class q {
     return this.onChargeSuccess?.(g), c;
   }
 }
-async function K(i) {
+async function q(i) {
   let t = {};
   try {
     t = await i.json();
@@ -108,7 +108,7 @@ async function K(i) {
     const a = e[0];
     Array.isArray(a) ? s = a : a && Array.isArray(a.balances) && (s = a.balances);
   }
-  return new D({
+  return new R({
     balances: s,
     queryType: t.details?.queryType ?? "",
     currentBalance: t.details?.currentBalance ?? null
@@ -149,8 +149,8 @@ const M = {
     const e = chrome?.storage?.onChanged;
     if (!e) return () => {
     };
-    const s = (a, r) => {
-      if (r !== "local") return;
+    const s = (a, n) => {
+      if (n !== "local") return;
       const o = a[i];
       o && t(typeof o.newValue == "string" ? o.newValue : null);
     };
@@ -184,15 +184,15 @@ const M = {
     };
     return window.addEventListener("storage", e), () => window.removeEventListener("storage", e);
   }
-}, v = /* @__PURE__ */ new Map(), J = {
+}, I = /* @__PURE__ */ new Map(), J = {
   async getItem(i) {
-    return v.get(i) ?? null;
+    return I.get(i) ?? null;
   },
   async setItem(i, t) {
-    v.set(i, t);
+    I.set(i, t);
   },
   async removeItem(i) {
-    v.delete(i);
+    I.delete(i);
   }
 };
 function L(i) {
@@ -253,7 +253,7 @@ async function b(i) {
   }
   return t;
 }
-const H = 5e3, V = 30 * 6e4, _ = 60 * 6e4, j = 5 * 6e4, S = {
+const H = 5e3, V = 30 * 6e4, _ = 60 * 6e4, j = 5 * 6e4, v = {
   has_active_subscription: !1,
   purchases: [],
   trial: null,
@@ -262,10 +262,10 @@ const H = 5e3, V = 30 * 6e4, _ = 60 * 6e4, j = 5 * 6e4, S = {
 function B(i) {
   return i && (i.email || i.userId || i.anonymousId) || "guest";
 }
-function G(i, t) {
+function X(i, t) {
   return i === t ? !0 : !i || !t ? !1 : JSON.stringify(i) === JSON.stringify(t);
 }
-const X = 5e3, A = 5 * 6e4, z = 3e4;
+const G = 5e3, A = 5 * 6e4, z = 3e4;
 function Q(i, t) {
   if (i === t) return !0;
   if (!i || !t || i.length !== t.length) return !1;
@@ -273,12 +273,12 @@ function Q(i, t) {
     if (i[e].type !== t[e].type || i[e].count !== t[e].count) return !1;
   return !0;
 }
-class ut {
+class dt {
   constructor(t) {
     if (this.cachedBootstrap = null, this.cachedBootstrapAt = 0, this.inflightBootstrap = null, this.bootstrapListeners = /* @__PURE__ */ new Set(), this.bootstrapStorageUnwatch = null, this.authUnsubscribe = null, this.cachedUser = null, this.cachedUserAt = 0, this.inflightUser = null, this.userListeners = /* @__PURE__ */ new Set(), this.visitorIdPromise = null, this.visitorId = null, this.inflightCheckouts = /* @__PURE__ */ new Map(), this.cachedBalances = null, this.cachedBalancesAt = 0, this.balancesStorageUnwatch = null, this.inflightBalances = null, this.balanceListeners = /* @__PURE__ */ new Set(), this.previewVersionCounter = 0, !t.paywallId)
-      throw new n("invalid_config", "paywallId is required");
+      throw new r("invalid_config", "paywallId is required");
     if (!t.apiOrigin)
-      throw new n(
+      throw new r(
         "invalid_config",
         'apiOrigin is required. Pass the paywall custom_domain configured in the platform (e.g. "https://pay.your-domain.com"). The legacy "appbox.space" fallback is not used in SDK 3.0.'
       );
@@ -296,8 +296,8 @@ class ut {
       // Authorization-хедер просто не выставится.
       getAuthToken: t.auth ? () => t.auth.getAccessToken() : void 0
     }), t.auth && (this.authUnsubscribe = t.auth.onAuthChange((s, a) => {
-      const r = a ? T(a.user) : void 0;
-      W(this.identity, r) || this.setIdentity(r);
+      const n = a ? T(a.user) : void 0;
+      W(this.identity, n) || this.setIdentity(n);
     })), this.hydrateUserFromStorage(), this.hydrateBootstrapFromStorage(), this.subscribeBootstrapStorage(), this.hydrateBalancesFromStorage(), this.subscribeBalancesStorage(), this.visitorIdPromise = b(this.storage).then((s) => (this.visitorId = s, s));
   }
   /**
@@ -314,7 +314,7 @@ class ut {
   }
   setIdentity(t) {
     this.identity = t, this.cachedUser = null, this.cachedUserAt = 0, this.inflightUser = null, this.cachedBalances = null, this.cachedBalancesAt = 0, this.inflightBalances = null, this.balancesStorageUnwatch && (this.balancesStorageUnwatch(), this.balancesStorageUnwatch = null), this.hydrateBalancesFromStorage(), this.subscribeBalancesStorage(), this.hydrateUserFromStorage(), t ? this.getUser({ force: !0 }).catch(() => {
-    }) : (this.applyUser(S), this.applyBalances([]));
+    }) : (this.applyUser(v), this.applyBalances([]));
   }
   /**
    * Отписаться от auth-event'ов и сбросить listener'ы. Вызывать когда
@@ -337,7 +337,7 @@ class ut {
     const e = typeof t == "boolean" ? { force: t } : t;
     if (this.previewMode) {
       if (this.cachedBootstrap) return this.cachedBootstrap;
-      throw new n(
+      throw new r(
         "invalid_config",
         "BillingClient in preview mode but cachedBootstrap is not seeded. Call setBootstrap(bootstrap) before open()."
       );
@@ -396,8 +396,8 @@ class ut {
     for (const a of this.bootstrapListeners)
       try {
         a(s);
-      } catch (r) {
-        console.warn("[paywall] onBootstrapChange listener threw", r);
+      } catch (n) {
+        console.warn("[paywall] onBootstrapChange listener threw", n);
       }
   }
   // Network primitive — единая точка для force-запроса, revalidate'а и
@@ -413,8 +413,8 @@ class ut {
     });
     if ("unchanged" in a && a.unchanged)
       return this.cachedBootstrap ? (this.cachedBootstrapAt = Date.now(), a.user && this.applyUser(a.user), this.cachedBootstrap) : this.fetchBootstrap({ signal: t.signal });
-    const r = a;
-    return Y(r.settings.custom_domain, this.apiOrigin), r.layout || (r.layout = O(r.settings, r.prices)), w(r), this.applyBootstrap(r, { persist: !0 }), r.user && this.applyUser(r.user), r;
+    const n = a;
+    return Y(n.settings.custom_domain, this.apiOrigin), n.layout || (n.layout = O(n.settings, n.prices)), w(n), this.applyBootstrap(n, { persist: !0 }), n.user && this.applyUser(n.user), n;
   }
   // Фоновый revalidate из stale-while-revalidate ветки. Дедуплицируется через
   // `inflightBootstrap`, чтобы параллельные revalidate'ы не пересекались.
@@ -437,8 +437,8 @@ class ut {
       for (const a of this.bootstrapListeners)
         try {
           a(t);
-        } catch (r) {
-          console.warn("[paywall] onBootstrapChange listener threw", r);
+        } catch (n) {
+          console.warn("[paywall] onBootstrapChange listener threw", n);
         }
   }
   async hydrateBootstrapFromStorage() {
@@ -531,7 +531,7 @@ class ut {
    * есть `navigator.language`.
    */
   getUserLanguage() {
-    const t = typeof navigator < "u" && navigator.language ? navigator.language : null, e = this.cachedBootstrap?.settings.locale_default ?? null, s = this.cachedBootstrap ? N(this.cachedBootstrap) : null;
+    const t = typeof navigator < "u" && navigator.language ? navigator.language : null, e = this.cachedBootstrap?.settings.locale_default ?? null, s = this.cachedBootstrap ? K(this.cachedBootstrap) : null;
     return { tag: s ?? t ?? e, applied: s, browserLanguage: t, countryLanguage: e };
   }
   /**
@@ -546,7 +546,7 @@ class ut {
     return !t && this.cachedUser && Date.now() - this.cachedUserAt < H ? this.cachedUser : this.inflightUser ? this.inflightUser : (this.inflightUser = (async () => {
       try {
         if (!this.identity?.email)
-          return this.applyUser(S), S;
+          return this.applyUser(v), v;
         const s = await this.api.request(
           `/api/v1/paywall/${this.paywallId}/user-state`,
           { headers: { "X-User-Email": this.identity.email }, signal: e }
@@ -582,8 +582,8 @@ class ut {
       if (s === "sync")
         try {
           t(a);
-        } catch (r) {
-          console.warn("[paywall] onUserChange initial sync threw", r);
+        } catch (n) {
+          console.warn("[paywall] onUserChange initial sync threw", n);
         }
       else
         queueMicrotask(() => {
@@ -599,7 +599,7 @@ class ut {
     return this.cachedUser;
   }
   applyUser(t) {
-    const e = !G(this.cachedUser, t);
+    const e = !X(this.cachedUser, t);
     if (this.cachedUser = t, this.cachedUserAt = Date.now(), e) {
       this.persistUser(t);
       for (const s of this.userListeners)
@@ -648,7 +648,7 @@ class ut {
    */
   async getBalances({ force: t = !1, signal: e } = {}) {
     const s = Date.now(), a = this.cachedBalances ? s - this.cachedBalancesAt : 1 / 0;
-    return !t && this.cachedBalances && (a < X || a < z) ? this.cachedBalances : !t && this.cachedBalances && a < A ? (this.fetchBalances({ signal: e }).catch(() => {
+    return !t && this.cachedBalances && (a < G || a < z) ? this.cachedBalances : !t && this.cachedBalances && a < A ? (this.fetchBalances({ signal: e }).catch(() => {
     }), this.cachedBalances) : this.inflightBalances ? this.inflightBalances : this.fetchBalances({ signal: e });
   }
   // Network primitive — единая точка для force/stale-revalidate/cold-start.
@@ -683,8 +683,8 @@ class ut {
       if (s === "sync")
         try {
           t(a);
-        } catch (r) {
-          console.warn("[paywall] onBalanceChange initial sync threw", r);
+        } catch (n) {
+          console.warn("[paywall] onBalanceChange initial sync threw", n);
         }
       else
         queueMicrotask(() => {
@@ -715,10 +715,10 @@ class ut {
       return;
     }
     if (!this.cachedBalances) return;
-    const e = this.cachedBalances.findIndex((r) => r.type === t);
+    const e = this.cachedBalances.findIndex((n) => n.type === t);
     if (e < 0 || this.cachedBalances[e].count <= 0) return;
     const a = this.cachedBalances.map(
-      (r, o) => o === e ? { ...r, count: r.count - 1 } : r
+      (n, o) => o === e ? { ...n, count: n.count - 1 } : n
     );
     this.applyBalances(a);
   }
@@ -739,7 +739,7 @@ class ut {
    */
   createApiGatewayClient(t = {}) {
     const e = t.onChargeSuccess, s = t.onQuotaExceeded;
-    return new q({
+    return new D({
       paywallId: this.paywallId,
       apiOrigin: this.apiOrigin,
       auth: this.auth,
@@ -761,8 +761,8 @@ class ut {
       for (const a of this.balanceListeners)
         try {
           a(t);
-        } catch (r) {
-          console.warn("[paywall] onBalanceChange listener threw", r);
+        } catch (n) {
+          console.warn("[paywall] onBalanceChange listener threw", n);
         }
   }
   balancesStorageKey() {
@@ -813,19 +813,19 @@ class ut {
   }
   async createCheckout(t) {
     if (!this.identity?.email)
-      throw new n(
+      throw new r(
         "identity_required",
         "createCheckout requires identity with email"
       );
     const e = t.idempotencyKey ?? `auto:${t.priceId}`, s = this.inflightCheckouts.get(e);
     if (s) return s;
-    const r = {
+    const n = {
       "Idempotency-Key": t.idempotencyKey ?? C()
     };
-    this.apiKey && (r["X-Api-Key"] = this.apiKey);
+    this.apiKey && (n["X-Api-Key"] = this.apiKey);
     const o = this.cachedBootstrap?.settings, d = t.successUrl ?? o?.success_redirect_url ?? void 0, u = t.shopUrl ?? o?.checkout_shop_url ?? void 0, f = this.api.request(`/api/v1/paywall/${this.paywallId}/start-checkout`, {
       method: "POST",
-      headers: r,
+      headers: n,
       signal: t.signal,
       body: JSON.stringify({
         email: this.identity.email,
@@ -839,7 +839,7 @@ class ut {
         userMeta: this.identity.userId ? { userId: this.identity.userId } : void 0
       })
     }).then((h) => ({ url: h.checkoutUrl, acquiring: h.acquiring })).catch((h) => {
-      throw h instanceof n && h.status === 409 && h.cause && typeof h.cause == "object" && h.cause.hasActivePurchase === !0 ? new n(
+      throw h instanceof r && h.status === 409 && h.cause && typeof h.cause == "object" && h.cause.hasActivePurchase === !0 ? new r(
         "already_purchased",
         "You already have an active subscription",
         { status: 409, cause: h.cause }
@@ -868,7 +868,7 @@ class ut {
    */
   async getCustomerPortalUrl(t = {}) {
     if (!this.auth && !this.apiKey && !this.identity?.email)
-      throw new n(
+      throw new r(
         "identity_required",
         "getCustomerPortalUrl requires auth, apiKey, or identity.email"
       );
@@ -895,43 +895,65 @@ class ut {
    * `/api/v1/paywall/[id]/user` без unstable_cache, потому что list для UI
    * должен быть свежим после cancel-а.
    *
-   * Auth: Bearer обязателен (через AuthClient). Без Bearer — 401 от бэка,
-   * пробрасываем как PaywallError('http_401'). Гость → пустой список.
+   * Auth (два пути):
+   *  - Bearer (через AuthClient) — user.id резолвится из сессии, identity
+   *    в query игнорируется.
+   *  - `apiKey` + `identity.email`/`identity.userId` — server-SDK путь для
+   *    интеграций со своей авторизацией. Бэк проверяет, что identity линкована
+   *    к этому пейволу (защита от cross-paywall lookup).
+   * Без auth и без apiKey+identity — `identity_required`.
    */
   async listPurchases(t = {}) {
-    if (!this.auth)
-      throw new n(
-        "auth_required",
-        "listPurchases requires AuthClient (Bearer auth)"
+    const e = !!(this.identity?.email || this.identity?.userId);
+    if (!this.auth && !(this.apiKey && e))
+      throw new r(
+        "identity_required",
+        "listPurchases requires AuthClient (Bearer) or apiKey + identity.email/userId"
       );
-    return (await this.api.request(`/api/v1/paywall/${this.paywallId}/user`, {
+    const s = {};
+    this.apiKey && (s["X-Api-Key"] = this.apiKey);
+    const a = new URLSearchParams();
+    this.apiKey && this.identity?.email && a.set("email", this.identity.email), this.apiKey && this.identity?.userId && a.set("user_id", this.identity.userId);
+    const n = a.toString(), o = n ? `/api/v1/paywall/${this.paywallId}/user?${n}` : `/api/v1/paywall/${this.paywallId}/user`;
+    return (await this.api.request(o, {
       method: "GET",
+      headers: s,
       signal: t.signal
     })).purchases ?? [];
   }
   /**
-   * Отменить подписку. Бэк проверит что subscription принадлежит auth-юзеру
-   * и сделает cancel у acquiring'а (Stripe/Paddle/Chargebee). По умолчанию
-   * cancel в конце текущего периода — юзер сохраняет access до renewal date'ы.
+   * Отменить подписку. Бэк проверит, что subscription принадлежит юзеру
+   * (Bearer-путь — из сессии; apiKey-путь — из identity), и сделает cancel у
+   * acquiring'а (Stripe/Paddle/Chargebee/Overpay). По умолчанию cancel в
+   * конце текущего периода — юзер сохраняет access до renewal date'ы.
    *
-   * `reason` обязательна (валидация на бэке). Удобно собрать через select
-   * причин в host-UI, как в legacy customer portal'е.
+   * `reason` обязательна (валидация на бэке).
    *
-   * Auth: Bearer обязателен.
+   * Auth (два пути):
+   *  - Bearer (через AuthClient) — стандартный путь для UI customer-portal'a.
+   *  - `apiKey` + `identity.email`/`identity.userId` — для self-service UI на
+   *    бэке клиента со своей авторизацией. Бэк дополнительно фильтрует
+   *    subscription по paywall_id, чтобы owner пейвола A не отменил подписку
+   *    пейвола B.
    */
   async cancelSubscription(t) {
-    if (!this.auth)
-      throw new n(
-        "auth_required",
-        "cancelSubscription requires AuthClient (Bearer auth)"
+    const e = !!(this.identity?.email || this.identity?.userId);
+    if (!this.auth && !(this.apiKey && e))
+      throw new r(
+        "identity_required",
+        "cancelSubscription requires AuthClient (Bearer) or apiKey + identity.email/userId"
       );
-    return this.api.request("/api/paywall/cancel-subscription", {
+    const s = {};
+    this.apiKey && (s["X-Api-Key"] = this.apiKey);
+    const a = {
+      subscriptionId: t.subscriptionId,
+      paywallId: this.paywallId,
+      cancellationReason: t.reason
+    };
+    return this.apiKey && this.identity?.email && (a.email = this.identity.email), this.apiKey && this.identity?.userId && (a.userId = this.identity.userId), this.api.request("/api/paywall/cancel-subscription", {
       method: "POST",
-      body: JSON.stringify({
-        subscriptionId: t.subscriptionId,
-        paywallId: this.paywallId,
-        cancellationReason: t.reason
-      }),
+      headers: s,
+      body: JSON.stringify(a),
       signal: t.signal
     });
   }
@@ -946,12 +968,12 @@ class ut {
   async createSupportTicket(t) {
     const e = t.email ?? this.identity?.email ?? null, s = `/api/v1/paywall/${this.paywallId}/support/ticket`;
     if (!!t.files && t.files.length > 0) {
-      const r = new FormData();
-      r.set("subject", t.subject), r.set("content", t.content), e && r.set("customer_email", e);
-      for (const o of t.files) r.append("files", o);
+      const n = new FormData();
+      n.set("subject", t.subject), n.set("content", t.content), e && n.set("customer_email", e);
+      for (const o of t.files) n.append("files", o);
       return this.api.request(s, {
         method: "POST",
-        body: r
+        body: n
       });
     }
     return this.api.request(s, {
@@ -983,7 +1005,7 @@ function U(i) {
 function Y(i, t) {
   const e = U(i);
   if (!(!e || U(t) === e))
-    throw new n(
+    throw new r(
       "invalid_config",
       `apiOrigin mismatch: SDK initialized with "${t}" but paywall is configured with custom_domain "${i}". Use the custom_domain from the platform paywall settings.`
     );
@@ -1003,7 +1025,7 @@ function O(i, t) {
     ]
   };
 }
-function N(i) {
+function K(i) {
   const t = i.locales;
   if (!t) return null;
   const e = [];
@@ -1019,17 +1041,17 @@ function N(i) {
   return null;
 }
 function w(i) {
-  const t = N(i);
+  const t = K(i);
   if (!t) return;
   const e = i.locales?.[t];
   e && (e.layout && (i.layout = e.layout), e.prices && (i.prices = i.prices.map((s) => {
     const a = e.prices?.[s.id];
     if (!a) return s;
-    const r = { ...s };
-    return "label" in a && (r.label = a.label ?? null), "description" in a && (r.description = a.description ?? null), r;
+    const n = { ...s };
+    return "label" in a && (n.label = a.label ?? null), "description" in a && (n.description = a.description ?? null), n;
   })));
 }
-function P(i) {
+function N(i) {
   const t = new Uint8Array(i), e = typeof globalThis < "u" ? globalThis.crypto : void 0;
   if (e && typeof e.getRandomValues == "function")
     e.getRandomValues(t);
@@ -1037,31 +1059,31 @@ function P(i) {
     for (let s = 0; s < i; s++) t[s] = Math.floor(Math.random() * 256);
   return t;
 }
-function I(i) {
+function S(i) {
   let t = "";
   for (let e = 0; e < i.length; e++) t += String.fromCharCode(i[e]);
   return btoa(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
 function Z() {
-  return I(P(64));
+  return S(N(64));
 }
 async function tt(i) {
   const t = new TextEncoder().encode(i), e = globalThis.crypto;
   if (!e?.subtle?.digest)
     throw new Error("crypto.subtle is required for PKCE");
   const s = await e.subtle.digest("SHA-256", t);
-  return I(new Uint8Array(s));
+  return S(new Uint8Array(s));
 }
 function et() {
-  return I(P(16));
+  return S(N(16));
 }
 const st = 6e4, it = 600 * 1e3;
-class dt {
+class ut {
   constructor(t) {
     if (this.session = null, this.inflightRefresh = null, this.inflightAnonSignin = null, this.listeners = /* @__PURE__ */ new Set(), this.storageUnwatch = null, this.destroyed = !1, this.oauthFlows = /* @__PURE__ */ new Map(), !t.paywallId)
-      throw new n("invalid_config", "paywallId is required");
+      throw new r("invalid_config", "paywallId is required");
     if (!t.apiOrigin)
-      throw new n(
+      throw new r(
         "invalid_config",
         "apiOrigin is required. Pass the paywall custom_domain configured in the platform."
       );
@@ -1155,8 +1177,8 @@ class dt {
           user_meta: t.userMeta
         })
       }
-    ), r = this.toSession(a, a.user);
-    return this.setSession(r, { event: "SIGNED_IN" }), this.recordLastLogin("email", t.email), r;
+    ), n = this.toSession(a, a.user);
+    return this.setSession(n, { event: "SIGNED_IN" }), this.recordLastLogin("email", t.email), n;
   }
   /**
    * Signup. Если в Supabase включён email confirm — сервер возвращает
@@ -1183,8 +1205,8 @@ class dt {
     );
     if (a.status === "confirmation_required")
       return this.recordLastLogin("email", t.email), { kind: "confirmation_required", user: a.user };
-    const r = this.toSession(a, a.user);
-    return this.setSession(r, { event: "SIGNED_IN" }), this.recordLastLogin("email", t.email), { kind: "signed_in", session: r };
+    const n = this.toSession(a, a.user);
+    return this.setSession(n, { event: "SIGNED_IN" }), this.recordLastLogin("email", t.email), { kind: "signed_in", session: n };
   }
   /**
    * Повторная отправка confirmation-email после signUp с включённым
@@ -1247,8 +1269,8 @@ class dt {
           user_meta: t.userMeta
         })
       }
-    ), a = this.toSession(s, s.user), r = t.type === "recovery" ? "PASSWORD_RECOVERY" : "SIGNED_IN";
-    return this.setSession(a, { event: r }), a;
+    ), a = this.toSession(s, s.user), n = t.type === "recovery" ? "PASSWORD_RECOVERY" : "SIGNED_IN";
+    return this.setSession(a, { event: n }), a;
   }
   /**
    * Запрос recovery email. Бэк всегда ok, чтобы не палить enumeration.
@@ -1274,7 +1296,7 @@ class dt {
     await this.hydrated;
     const e = await this.getAccessToken();
     if (!e)
-      throw new n("not_authenticated", "no active session");
+      throw new r("not_authenticated", "no active session");
     await this.api.request(
       `/api/v1/paywall/${this.paywallId}/auth/password/update`,
       {
@@ -1307,10 +1329,8 @@ class dt {
    * когда сервер начнёт возвращать challenge_required в риск-сценариях,
    * SDK сможет передать proof-of-something обратно без breaking change.
    *
-   * `forceCaptcha: true` пропускает шаги 1-2 и сразу делает /signin (создаёт
-   * нового anon-юзера). Используется в switch-account flow. Имя поля исторически
-   * остаётся `forceCaptcha`, хотя капчи там больше нет — менять имя ломает
-   * host-сигнатуру; смысл «принудительно новая anon-сессия» сохранён.
+   * `forceNewAnon: true` пропускает шаги 1-2 и сразу делает /signin (создаёт
+   * нового anon-юзера). Используется в switch-account flow.
    *
    * Параллельные вызовы дедуплицируются через `inflightAnonSignin` — два
    * click'а на «Войти как гость» не создадут двух anon-юзеров (два /signup =
@@ -1319,9 +1339,9 @@ class dt {
   async signInAnonymously(t = {}) {
     if (this.inflightAnonSignin) return this.inflightAnonSignin;
     this.inflightAnonSignin = (async () => {
-      if (await this.hydrated, !t.forceCaptcha && this.session?.user.is_anonymous === !0)
+      if (await this.hydrated, !t.forceNewAnon && this.session?.user.is_anonymous === !0)
         return this.session;
-      if (!t.forceCaptcha) {
+      if (!t.forceNewAnon) {
         const o = await this.resumeAnonymous();
         if (o) return o;
       }
@@ -1339,8 +1359,8 @@ class dt {
         ...s.user,
         email: s.user.email ?? null,
         is_anonymous: !0
-      }, r = this.toSession(s, a);
-      return this.setSession(r, { event: "SIGNED_IN" }), await this.writeAnonRefreshToken(r.refresh_token), r;
+      }, n = this.toSession(s, a);
+      return this.setSession(n, { event: "SIGNED_IN" }), await this.writeAnonRefreshToken(n.refresh_token), n;
     })();
     try {
       return await this.inflightAnonSignin;
@@ -1364,7 +1384,7 @@ class dt {
       ), s = this.session?.user.is_anonymous === !0 ? this.session.user : { id: "", email: null, is_anonymous: !0 }, a = this.toSession(e, s);
       return this.setSession(a, { event: "SIGNED_IN" }), await this.writeAnonRefreshToken(a.refresh_token), a;
     } catch (e) {
-      if (e instanceof n && e.status === 401)
+      if (e instanceof r && e.status === 401)
         return await this.clearAnonRefreshToken(), null;
       throw e;
     }
@@ -1394,7 +1414,7 @@ class dt {
     await this.hydrated;
     const e = await this.getAccessToken();
     if (!e)
-      throw new n("not_authenticated", "no active session");
+      throw new r("not_authenticated", "no active session");
     const s = {
       Authorization: `Bearer ${e}`
     };
@@ -1413,18 +1433,18 @@ class dt {
     );
     if (a.status === "confirmation_required")
       return { kind: "confirmation_required", email: a.email };
-    const r = this.session;
-    if (!r)
-      throw new n(
+    const n = this.session;
+    if (!n)
+      throw new r(
         "not_authenticated",
         "session disappeared during upgrade"
       );
     const o = {
-      ...r.user,
+      ...n.user,
       id: a.user.id,
       email: a.user.email,
       is_anonymous: a.user.is_anonymous ?? !1
-    }, d = { ...r, user: o };
+    }, d = { ...n, user: o };
     return this.setSession(d, { event: "USER_UPDATED" }), await this.clearAnonRefreshToken(), { kind: "updated", session: d };
   }
   /**
@@ -1449,22 +1469,22 @@ class dt {
    */
   async signInWithOAuth(t) {
     if (typeof window > "u")
-      throw new n("oauth_unavailable", "window is required for OAuth");
+      throw new r("oauth_unavailable", "window is required for OAuth");
     const { authorize_url: e, state: s } = await this.startOAuthFlow({
       provider: t.provider,
       scopes: t.scopes,
       userMeta: t.userMeta
     }), a = this.openPopup(e, `pw-oauth-${s}`);
     if (!a)
-      throw this.oauthFlows.delete(s), new n(
+      throw this.oauthFlows.delete(s), new r(
         "popup_blocked",
         "browser blocked auth popup — call from a user gesture"
       );
     t.onPopupOpened?.();
-    const r = await nt(a, s);
+    const n = await rt(a, s);
     if (this.destroyed)
-      throw this.oauthFlows.delete(s), new n("aborted", "AuthClient destroyed mid-flow");
-    return this.completeOAuthFlow({ state: s, code: r });
+      throw this.oauthFlows.delete(s), new r("aborted", "AuthClient destroyed mid-flow");
+    return this.completeOAuthFlow({ state: s, code: n });
   }
   /**
    * Шаг 1 OAuth split-API: инициирует flow на бэке, генерит PKCE verifier
@@ -1482,13 +1502,13 @@ class dt {
    */
   async startOAuthFlow(t) {
     await this.hydrated, this.gcOAuthFlows();
-    const e = Z(), s = await tt(e), a = et(), r = {}, o = await this.getAccessToken().catch(() => null);
-    o && (r.Authorization = `Bearer ${o}`);
+    const e = Z(), s = await tt(e), a = et(), n = {}, o = await this.getAccessToken().catch(() => null);
+    o && (n.Authorization = `Bearer ${o}`);
     const { authorize_url: d } = await this.api.request(
       `/api/v1/paywall/${this.paywallId}/auth/oauth/init`,
       {
         method: "POST",
-        headers: Object.keys(r).length ? r : void 0,
+        headers: Object.keys(n).length ? n : void 0,
         body: JSON.stringify({
           provider: t.provider,
           code_challenge: s,
@@ -1517,7 +1537,7 @@ class dt {
     await this.hydrated;
     const e = this.oauthFlows.get(t.state);
     if (!e)
-      throw new n(
+      throw new r(
         "oauth_invalid_state",
         "OAuth flow not found — start with startOAuthFlow first or check TTL"
       );
@@ -1535,9 +1555,9 @@ class dt {
       }
     );
     if (this.destroyed)
-      throw new n("aborted", "AuthClient destroyed mid-flow");
-    const r = this.toSession(a, a.user);
-    return this.setSession(r, { event: "SIGNED_IN" }), r.user.email && this.recordLastLoginEmail(r.user.email), r;
+      throw new r("aborted", "AuthClient destroyed mid-flow");
+    const n = this.toSession(a, a.user);
+    return this.setSession(n, { event: "SIGNED_IN" }), n.user.email && this.recordLastLoginEmail(n.user.email), n;
   }
   gcOAuthFlows() {
     const t = Date.now() - it;
@@ -1568,7 +1588,7 @@ class dt {
         ), a = this.toSession(s, e);
         return this.setSession(a, { event: "TOKEN_REFRESHED" }), e.is_anonymous === !0 && await this.writeAnonRefreshToken(a.refresh_token), a;
       } catch (s) {
-        if (s instanceof n && s.status === 401)
+        if (s instanceof r && s.status === 401)
           return e.is_anonymous === !0 && await this.clearAnonRefreshToken(), this.setSession(null, { event: "SIGNED_OUT" }), null;
         throw s;
       } finally {
@@ -1595,7 +1615,7 @@ class dt {
     await this.hydrated;
     const t = this.session?.access_token;
     if (!t)
-      throw new n("not_authenticated", "no active session");
+      throw new r("not_authenticated", "no active session");
     await this.api.request(
       `/api/v1/paywall/${this.paywallId}/auth/revoke-all`,
       {
@@ -1812,31 +1832,31 @@ class dt {
     }
   }
 }
-const at = 5 * 6e4, rt = 500;
-function nt(i, t) {
+const at = 5 * 6e4, nt = 500;
+function rt(i, t) {
   return new Promise((e, s) => {
     let a = !1;
-    const r = () => {
+    const n = () => {
       a = !0, window.removeEventListener("message", o), clearInterval(d), clearTimeout(u);
     }, o = (f) => {
       if (a) return;
       const h = f.data;
       if (!(!h || h.type !== "pw-oauth") && h.messageId === t) {
         if (h.status === "success" && h.code) {
-          r();
+          n();
           try {
             i.close();
           } catch {
           }
           e(h.code);
         } else if (h.status === "error") {
-          r();
+          n();
           try {
             i.close();
           } catch {
           }
           s(
-            new n(
+            new r(
               "oauth_failed",
               h.description || h.error || "OAuth provider returned error"
             )
@@ -1851,15 +1871,15 @@ function nt(i, t) {
       } catch {
         return;
       }
-      f && (r(), s(new n("oauth_cancelled", "auth popup was closed")));
-    }, rt), u = setTimeout(() => {
+      f && (n(), s(new r("oauth_cancelled", "auth popup was closed")));
+    }, nt), u = setTimeout(() => {
       if (!a) {
-        r();
+        n();
         try {
           i.close();
         } catch {
         }
-        s(new n("oauth_timeout", "OAuth flow timed out"));
+        s(new r("oauth_timeout", "OAuth flow timed out"));
       }
     }, at);
     window.addEventListener("message", o);
@@ -1902,9 +1922,9 @@ class ft {
     const t = this.buffer;
     this.buffer = [];
     try {
-      const e = await this.opts.getVisitorId(), s = this.opts.getUserId?.() ?? null, a = JSON.stringify({ events: t }), r = this.opts.fetch ?? (typeof fetch < "u" ? fetch : void 0);
-      if (!r) return;
-      await r(this.opts.endpoint, {
+      const e = await this.opts.getVisitorId(), s = this.opts.getUserId?.() ?? null, a = JSON.stringify({ events: t }), n = this.opts.fetch ?? (typeof fetch < "u" ? fetch : void 0);
+      if (!n) return;
+      await n(this.opts.endpoint, {
         method: "POST",
         credentials: "omit",
         keepalive: !0,
@@ -1938,13 +1958,13 @@ class ft {
       sdk_version: m,
       paywall_id: this.opts.paywallId,
       capabilities: this.opts.capabilities?.join(",") ?? ""
-    }), r = this.opts.sendBeacon ?? (typeof navigator < "u" && typeof navigator.sendBeacon == "function" ? navigator.sendBeacon.bind(navigator) : null);
-    if (!r) {
+    }), n = this.opts.sendBeacon ?? (typeof navigator < "u" && typeof navigator.sendBeacon == "function" ? navigator.sendBeacon.bind(navigator) : null);
+    if (!n) {
       this.buffer.unshift(...t), this.flush();
       return;
     }
     try {
-      r(this.opts.endpoint, a) || (this.buffer.unshift(...t), this.flush());
+      n(this.opts.endpoint, a) || (this.buffer.unshift(...t), this.flush());
     } catch {
       this.buffer.unshift(...t), this.flush();
     }
@@ -1972,12 +1992,12 @@ class ft {
 }
 export {
   E as ApiClient,
-  q as ApiGatewayClient,
-  dt as AuthClient,
-  ut as BillingClient,
+  D as ApiGatewayClient,
+  ut as AuthClient,
+  dt as BillingClient,
   ft as EventTracker,
-  n as PaywallError,
-  D as QuotaExceededError,
+  r as PaywallError,
+  R as QuotaExceededError,
   m as SDK_VERSION,
   l as STORAGE_KEYS,
   L as createStorage,