@monterosa/sdk-identify-kit 2.0.0-rc.1 → 2.0.0-rc.3

package/dist/index.cjs

@@ -0,0 +1,1158 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var sdkCore = require('@monterosa/sdk-core');
+var sdkUtil = require('@monterosa/sdk-util');
+var sdkLauncherKit = require('@monterosa/sdk-launcher-kit');
+var sdkConnectKit = require('@monterosa/sdk-connect-kit');
+var sdkInteractInterop = require('@monterosa/sdk-interact-interop');
+
+/**
+ * @license
+ * @monterosa/sdk-identify-kit
+ *
+ * Copyright © 2023-2026 Monterosa Productions Limited. All rights reserved.
+ *
+ * More details on the license can be found at https://www.monterosa.co/sdk/license
+ */
+/**
+ * @internal
+ */
+var IdentifyEvent;
+(function (IdentifyEvent) {
+    IdentifyEvent["StateUpdated"] = "state_updated";
+    IdentifyEvent["LoginRequested"] = "login_requested";
+    IdentifyEvent["LogoutRequested"] = "logout_requested";
+    IdentifyEvent["SignatureUpdated"] = "signature_updated";
+    IdentifyEvent["UserdataUpdated"] = "userdata_updated";
+    IdentifyEvent["CredentialsUpdated"] = "credentials_updated";
+    IdentifyEvent["EnmasseLogin"] = "enmasse_login";
+})(IdentifyEvent || (IdentifyEvent = {}));
+/**
+ * Defines a set of error codes that may be encountered when using the
+ * Identify kit of the Monterosa SDK.
+ *
+ * @example
+ * ```javascript
+ * try {
+ *   // some code that uses the IdentifyKit
+ * } catch (err) {
+ *   if (err.code === IdentifyError.NoCredentials) {
+ *     // handle missing credentials error
+ *   } else if (err.code === IdentifyError.NotInitialised) {
+ *     // handle initialization error
+ *   } else {
+ *     // handle other error types
+ *   }
+ * }
+ * ```
+ *
+ * @remarks
+ * - The `IdentifyError` enum provides a convenient way to handle errors
+ *   encountered when using the `IdentifyKit` module. By checking the code
+ *   property of the caught error against the values of the enum, the error
+ *   type can be determined and appropriate action taken.
+ *
+ * - The `IdentifyError` enum is not intended to be instantiated or extended.
+ */
+exports.IdentifyError = void 0;
+(function (IdentifyError) {
+    /**
+     * Indicates an error occurred during the call to the extension API.
+     */
+    IdentifyError["ExtensionApiError"] = "extension_api_error";
+    /**
+     * Indicates the extension required by the IdentifyKit is not set up properly.
+     */
+    IdentifyError["ExtensionNotSetup"] = "extension_not_setup";
+    /**
+     * Indicates the user's authentication credentials are not available
+     * or have expired.
+     */
+    IdentifyError["NoCredentials"] = "no_credentials";
+    /**
+     * Indicates the IdentifyKit has not been initialised properly.
+     */
+    IdentifyError["NotInitialised"] = "not_initialised";
+    /**
+     * Indicates an error occurred in the parent app.
+     */
+    IdentifyError["ParentAppError"] = "parent_app_error";
+    /**
+     * Indicates an unexpected or invalid login state was encountered.
+     */
+    IdentifyError["UnexpectedState"] = "unexpected_state";
+    /**
+     * Indicates there is no parent application to delegate to.
+     */
+    IdentifyError["NoParentApplication"] = "no_parent_application";
+    /**
+     * Indicates a timeout occurred when communicating with the parent app.
+     */
+    IdentifyError["ParentTimeoutError"] = "parent_timeout_error";
+})(exports.IdentifyError || (exports.IdentifyError = {}));
+/**
+ * @internal
+ */
+const IdentifyErrorMessages = {
+    [exports.IdentifyError.ExtensionApiError]: (error) => `Identify extension API returned an error: ${error}`,
+    [exports.IdentifyError.ExtensionNotSetup]: () => 'Identify extension is not set up for this project',
+    [exports.IdentifyError.NoCredentials]: () => 'Identify credentials are not set',
+    [exports.IdentifyError.NotInitialised]: () => 'Identify instance is not initialised',
+    [exports.IdentifyError.ParentAppError]: (error) => `Parent application error: ${error}`,
+    [exports.IdentifyError.UnexpectedState]: (state) => `Unexpected LoginState: ${state}`,
+    [exports.IdentifyError.NoParentApplication]: () => 'No parent application available for delegation',
+    [exports.IdentifyError.ParentTimeoutError]: (error) => `Parent application timeout: ${error}. Please check if the identify-kit is imported on the parent page.`,
+};
+var IdentifyAction;
+(function (IdentifyAction) {
+    IdentifyAction["Login"] = "identifyLogin";
+    IdentifyAction["Logout"] = "identifyLogout";
+    IdentifyAction["RequestLogin"] = "identifyRequestLogin";
+    IdentifyAction["RequestLogout"] = "identifyRequestLogout";
+    IdentifyAction["GetUserData"] = "identifyGetUserData";
+    IdentifyAction["GetSessionSignature"] = "identifyGetSessionSignature";
+    IdentifyAction["SetCredentials"] = "identifySetCredentials";
+    IdentifyAction["ClearCredentials"] = "identifyClearCredentials";
+    IdentifyAction["OnStateUpdated"] = "identifyOnStateUpdated";
+    IdentifyAction["OnCredentialsUpdated"] = "identifyOnCredentialsUpdated";
+    IdentifyAction["OnUserDataUpdated"] = "identifyOnUserDataUpdated";
+    IdentifyAction["OnSessionSignatureUpdated"] = "identifyOnSessionSignatureUpdated";
+})(IdentifyAction || (IdentifyAction = {}));
+
+/**
+ * @license
+ * @monterosa/sdk-identify-kit
+ *
+ * Copyright © 2023 Monterosa Productions Limited. All rights reserved.
+ *
+ * More details on the license can be found at https://www.monterosa.co/sdk/license
+ */
+const EXTENSION_ID = 'lvis-id-custom-tab';
+const SIGNATURE_TTL = 10000;
+
+/**
+ * @license
+ * @monterosa/sdk-identify-kit
+ *
+ * Copyright © 2023 Monterosa Productions Limited. All rights reserved.
+ *
+ * More details on the license can be found at https://www.monterosa.co/sdk/license
+ */
+class Identify extends sdkUtil.Emitter {
+    constructor(sdk, options = {}) {
+        super();
+        this.sdk = sdk;
+        this.wasLoggedIn = false;
+        this._credentials = null;
+        this._signature = null;
+        this._userData = null;
+        this._state = {
+            state: 'logged_out',
+        };
+        this._options = Object.assign({ strategy: 'email', deviceId: sdkCore.getDeviceId(), version: 1, loginPolicy: 'disabled' }, options);
+    }
+    static async fetchIdentifyHost(host, projectId) {
+        var _a, _b;
+        const listings = await sdkInteractInterop.fetchListings(host, projectId);
+        const extensionAssets = (_b = (_a = listings.assets) === null || _a === void 0 ? void 0 : _a[EXTENSION_ID]) !== null && _b !== void 0 ? _b : [];
+        const endpointAsset = extensionAssets.find(({ name }) => name === 'endpoint');
+        if (!endpointAsset) {
+            throw sdkUtil.createError(exports.IdentifyError.ExtensionNotSetup, IdentifyErrorMessages);
+        }
+        return endpointAsset.data;
+    }
+    get state() {
+        return this._state;
+    }
+    set state(state) {
+        if (this._state.state === state.state) {
+            return;
+        }
+        switch (state.state) {
+            case 'logged_in':
+                this.wasLoggedIn = true;
+                break;
+            case 'logged_out':
+            case 'error':
+                this.wasLoggedIn = false;
+                break;
+            case 'pending':
+                // preserve wasLoggedIn value during transitional state
+                break;
+            default: {
+                // Exhaustiveness check: TypeScript errors if a new state is added
+                // but not handled. This is a compile-time error.
+                //
+                // See: https://www.typescriptlang.org/docs/handbook/2/narrowing.html#exhaustiveness-checking
+                const exhaustiveCheck = state.state;
+                throw sdkUtil.createError(exports.IdentifyError.UnexpectedState, IdentifyErrorMessages, String(exhaustiveCheck));
+            }
+        }
+        this._state = state;
+        this.emit(IdentifyEvent.StateUpdated, state);
+    }
+    get options() {
+        return this._options;
+    }
+    set signature(signature) {
+        if (this._signature === signature) {
+            return;
+        }
+        this._signature = signature;
+        clearTimeout(this.signatureExpireTimeout);
+        if (signature !== null) {
+            this.signatureExpireTimeout = setTimeout(() => {
+                this.signature = null;
+            }, SIGNATURE_TTL);
+        }
+        this.emit(IdentifyEvent.SignatureUpdated, this.signature);
+    }
+    get signature() {
+        return this._signature;
+    }
+    set credentials(credentials) {
+        if (this._credentials === credentials) {
+            return;
+        }
+        this._credentials = credentials;
+        this.emit(IdentifyEvent.CredentialsUpdated, credentials);
+    }
+    get credentials() {
+        return this._credentials;
+    }
+    set userData(data) {
+        if (this._userData === data) {
+            return;
+        }
+        this._userData = data;
+        clearTimeout(this.userDataExpireTimeout);
+        this.emit(IdentifyEvent.UserdataUpdated, data);
+    }
+    get userData() {
+        return this._userData;
+    }
+    get shouldLoginOnReconnect() {
+        return (this.wasLoggedIn &&
+            this.options.loginPolicy === 'auto' &&
+            this.credentials !== null);
+    }
+    reset() {
+        this.credentials = null;
+        this.userData = null;
+        this.signature = null;
+        this.wasLoggedIn = false;
+    }
+    async getUrl(path = '') {
+        const { options: { host, projectId }, } = this.sdk;
+        if (this.host === undefined) {
+            this.host = await Identify.fetchIdentifyHost(host, projectId);
+        }
+        const url = new URL(this.host);
+        const { version, deviceId, strategy, provider } = this._options;
+        url.pathname = `/v${version}${path}`;
+        url.searchParams.set('projectId', projectId);
+        url.searchParams.set('deviceId', deviceId);
+        url.searchParams.set('strategy', strategy);
+        if (provider !== undefined) {
+            url.searchParams.set('provider', provider);
+        }
+        return url.toString();
+    }
+}
+
+/**
+ * @license
+ * @monterosa/sdk-identify-kit
+ *
+ * Copyright © 2025-2026 Monterosa Productions Limited. All rights reserved.
+ *
+ * More details on the license can be found at https://www.monterosa.co/sdk/license
+ */
+const entries = new Map();
+function getExperiences() {
+    return Array.from(entries.values()).map((entry) => entry.experience);
+}
+function addExperience(experience, unsubs = []) {
+    entries.set(experience.id, {
+        experience,
+        unsubs: new Set(unsubs),
+    });
+}
+function deleteExperience(experience) {
+    const entry = entries.get(experience.id);
+    if (entry) {
+        entry.unsubs.forEach((unsub) => unsub());
+        entries.delete(experience.id);
+    }
+}
+
+/**
+ * @license
+ * identify-kit
+ *
+ * Copyright © 2023-2026 Monterosa Productions Limited. All rights reserved.
+ *
+ * More details on the license can be found at https://www.monterosa.co/sdk/license
+ */
+const identifyKits = new Map();
+const identifyHooks = [];
+/**
+ * @internal
+ */
+const taskQueue = new sdkUtil.TaskQueue();
+function isSdk(value) {
+    return value instanceof sdkCore.Sdk;
+}
+async function api(url, token, method = 'GET') {
+    const headers = {
+        accept: 'application/json',
+    };
+    let credentials;
+    // Only include Authorization header for bearer token authentication
+    // When token is 'cookie', use credentials: 'include' to ensure HttpOnly
+    // cookies are sent
+    if (token === 'cookie') {
+        // Use credentials: 'include' to ensure HttpOnly cookies are sent
+        credentials = 'include';
+    }
+    else {
+        headers.Authorization = `Bearer ${token}`;
+    }
+    const response = await fetch(url, {
+        method,
+        headers,
+        credentials,
+    });
+    const data = (await response.json());
+    if (data.result < 0) {
+        throw sdkUtil.createError(exports.IdentifyError.ExtensionApiError, IdentifyErrorMessages, data.message);
+    }
+    return data;
+}
+/**
+ * @internal
+ */
+async function parentAppRequest(identify, action, payload) {
+    var _a;
+    const parentApp = sdkLauncherKit.getParentApplication();
+    if (parentApp === null) {
+        throw sdkUtil.createError(exports.IdentifyError.NoParentApplication, IdentifyErrorMessages);
+    }
+    const { host, projectId } = identify.sdk.options;
+    // Preserve existing origin (relay) or set from current context (source)
+    const origin = (_a = payload === null || payload === void 0 ? void 0 : payload.origin) !== null && _a !== void 0 ? _a : { host, projectId };
+    try {
+        const response = await sdkLauncherKit.sendSdkRequest(parentApp, action, Object.assign(Object.assign({}, payload), { origin }));
+        const { error, data } = response.payload;
+        if (error !== undefined) {
+            throw sdkUtil.createError(exports.IdentifyError.ParentAppError, IdentifyErrorMessages, error);
+        }
+        return data;
+    }
+    catch (err) {
+        if (err instanceof sdkUtil.MonterosaError &&
+            err.code === sdkLauncherKit.BridgeError.RequestTimeoutError) {
+            const errorMessage = sdkUtil.getErrorMessage(err);
+            throw sdkUtil.createError(exports.IdentifyError.ParentTimeoutError, IdentifyErrorMessages, errorMessage);
+        }
+        throw err;
+    }
+}
+/**
+ * @internal
+ */
+function registerIdentifyHook(hook) {
+    identifyHooks.push(hook);
+}
+/**
+ * @internal
+ */
+async function login(identify, credentials) {
+    const signature = await getSessionSignatureMemoized(identify, credentials);
+    const conn = await sdkConnectKit.getConnect(identify.sdk.options.host);
+    await sdkConnectKit.connect(conn);
+    await sdkConnectKit.login(conn, ...signature);
+}
+const loginWithRetry = sdkUtil.withRetryAsync(login);
+/**
+ * @internal
+ */
+async function logout(identify) {
+    const conn = await sdkConnectKit.getConnect(identify.sdk.options.host);
+    await sdkConnectKit.connect(conn);
+    await sdkConnectKit.logout(conn);
+}
+const logoutWithRetry = sdkUtil.withRetryAsync(logout);
+/**
+ * @internal
+ */
+async function loginTask(identify, credentials) {
+    try {
+        identify.state = {
+            state: 'pending',
+        };
+        await loginWithRetry(identify, credentials);
+        // Update state only if there are no pending tasks in the queue
+        if (taskQueue.isEmpty()) {
+            identify.state = {
+                state: 'logged_in',
+            };
+        }
+    }
+    catch (err) {
+        taskQueue.clear();
+        identify.state = {
+            state: 'error',
+            error: err instanceof Error ? err.message : 'Unknown error',
+            errorType: 'login',
+        };
+    }
+}
+/**
+ * @internal
+ */
+async function logoutTask(identify) {
+    try {
+        identify.state = {
+            state: 'pending',
+        };
+        await logoutWithRetry(identify);
+        // Update state only if there are no pending tasks in the queue
+        if (taskQueue.isEmpty()) {
+            identify.state = {
+                state: 'logged_out',
+            };
+        }
+    }
+    catch (err) {
+        taskQueue.clear();
+        identify.state = {
+            state: 'error',
+            error: err instanceof Error ? err.message : 'Unknown error',
+            errorType: 'logout',
+        };
+    }
+}
+/**
+ * @internal
+ */
+function enqueueLogin(identify, credentials, prioritise = false) {
+    if (identify.options.loginPolicy === 'auto') {
+        if (prioritise) {
+            taskQueue.enqueueFront(() => loginTask(identify, credentials));
+        }
+        else {
+            taskQueue.enqueue(() => loginTask(identify, credentials));
+        }
+    }
+    for (const experience of getExperiences()) {
+        sdkLauncherKit.sendSdkMessage(experience, IdentifyAction.Login, credentials);
+    }
+}
+/**
+ * @internal
+ */
+function enqueueLogout(identify) {
+    if (identify.options.loginPolicy === 'auto') {
+        taskQueue.enqueue(() => logoutTask(identify));
+    }
+    for (const experience of getExperiences()) {
+        sdkLauncherKit.sendSdkMessage(experience, IdentifyAction.Logout);
+    }
+}
+function getIdentify(sdkOrOptions, options) {
+    let sdk;
+    let identifyOptions;
+    if (isSdk(sdkOrOptions)) {
+        /**
+         * Interface: getIdentify(sdk, options?)
+         */
+        sdk = sdkOrOptions;
+        if (options !== undefined) {
+            identifyOptions = options;
+        }
+        else {
+            identifyOptions = {};
+        }
+    }
+    else if (sdkOrOptions !== undefined) {
+        /**
+         * Interface: getIdentify(options)
+         */
+        sdk = sdkCore.getSdk();
+        identifyOptions = sdkOrOptions;
+    }
+    else {
+        /**
+         * Interface: getIdentify()
+         */
+        sdk = sdkCore.getSdk();
+        identifyOptions = {};
+    }
+    const { options: { projectId }, } = sdk;
+    if (identifyKits.has(projectId)) {
+        return identifyKits.get(projectId);
+    }
+    const identify = new Identify(sdk, identifyOptions);
+    for (const hook of identifyHooks) {
+        hook(identify);
+    }
+    watchConnectionStatus(identify);
+    identifyKits.set(projectId, identify);
+    return identify;
+}
+/**
+ * A function that requests a user login via the `IdentifyKit` of the Monterosa SDK.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, requestLogin } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * try {
+ *   const identify = getIdentify();
+ *
+ *   await requestLogin(identify);
+ *
+ *   console.log('Login request successful');
+ * } catch (err) {
+ *   console.error('Error requesting login:', error.message)
+ * }
+ * ```
+ *
+ * @remarks
+ * - If the app is running within a third-party application that uses
+ *   the Monterosa SDK, the function delegates to the parent app
+ *   to handle the login process.
+ *
+ * @param identify - An instance of the `IdentifyKit` class used for user
+ *   identification.
+ * @returns A Promise that resolves with `void` when the login request
+ *   is completed.
+ */
+async function requestLogin(identify) {
+    const parentApp = sdkLauncherKit.getParentApplication();
+    if (parentApp !== null) {
+        await parentAppRequest(identify, IdentifyAction.RequestLogin);
+        return;
+    }
+    identify.emit(IdentifyEvent.LoginRequested);
+}
+/**
+ * A function that requests a user login via the `IdentifyKit` of the Space.
+ *
+ * @example
+ * ```javascript
+ * import { getSpace } from '@monterosa/sdk-core';
+ * import { getIdentify, requestLogout } from '@monterosa/sdk-identify-kit';
+ *
+ * const space = getSpace('host', 'space-id');
+ * const identify = getIdentify(space);
+ *
+ * try {
+ *   await requestLogout(identify);
+ *
+ *   console.log('Logout request successful');
+ * } catch (err) {
+ *   console.error('Error requesting logout:', error.message)
+ * }
+ * ```
+ *
+ * @remarks
+ * - If the app is running within a third-party application that uses
+ *   the Space, the function delegates to the parent app
+ *   to handle the logout process.
+ *
+ * @param identify - An instance of the `IdentifyKit` class used for user
+ *   identification.
+ * @returns A Promise that resolves with `void` when the logout request
+ *   is completed.
+ */
+async function requestLogout(identify) {
+    const parentApp = sdkLauncherKit.getParentApplication();
+    if (parentApp !== null) {
+        await parentAppRequest(identify, IdentifyAction.RequestLogout);
+        return;
+    }
+    identify.emit(IdentifyEvent.LogoutRequested);
+}
+/**
+ * @internal
+ *
+ * Returns a signature for a user session. The signature is based on the
+ * user's identifying information provided in the `IdentifyKit` instance.
+ *
+ * @remarks
+ * This function does not handle errors. Callers are responsible for catching
+ * and handling failures.
+ *
+ * @param identify - An instance of the `IdentifyKit` class used for user
+ *   identification.
+ * @param credentials - The credentials of the user.
+ *
+ * @returns A Promise that resolves to a `Signature` object.
+ */
+async function getSessionSignature(identify, credentials) {
+    const parentApp = sdkLauncherKit.getParentApplication();
+    if (parentApp !== null) {
+        const signature = await parentAppRequest(identify, IdentifyAction.GetSessionSignature, credentials);
+        return signature;
+    }
+    if (identify.signature !== null) {
+        return identify.signature;
+    }
+    const url = await identify.getUrl('/user/check');
+    const { data } = await api(url, credentials.token);
+    const signature = [data.userId, data.timeStamp, data.signature];
+    identify.signature = signature;
+    return signature;
+}
+/**
+ * A memoized version of the `getSessionSignature` function.
+ */
+const getSessionSignatureMemoized = sdkUtil.memoizePromise(getSessionSignature, (identify, credentials) => credentials.token, {
+    clearOnResolve: true,
+    clearOnReject: true,
+});
+/**
+ * The function that takes an instance of `IdentifyKit` as its argument and
+ * returns a Promise that resolves to a key-value object representing user data.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, getUserData } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * const identify = getIdentify();
+ * const userData = await getUserData(identify);
+ *
+ * console.log('User data:', userData);
+ * ```
+ *
+ * @remarks
+ * - If the app is running within a third-party application that uses
+ *   the Monterosa SDK, the function delegates to the parent app
+ *   to get user data.
+ *
+ * - If the request is successful, the function resolves with a key-value object
+ *   representing user data. If not, a `MonterosaError` is thrown.
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @returns A Promise that resolves to a key-value object representing user data.
+ *   The structure and content of the user data object depend on the identify
+ *   service provider and may vary. It typically contains information about the user,
+ *   but the specific fields are determined by the Identify service provider.
+ */
+async function getUserData(identify) {
+    const parentApp = sdkLauncherKit.getParentApplication();
+    if (parentApp !== null) {
+        const userData = await parentAppRequest(identify, IdentifyAction.GetUserData);
+        return userData;
+    }
+    // Return cached user data if available
+    if (identify.userData !== null) {
+        return identify.userData;
+    }
+    if (identify.credentials === null) {
+        throw sdkUtil.createError(exports.IdentifyError.NoCredentials, IdentifyErrorMessages);
+    }
+    const url = await identify.getUrl('/user');
+    const { data } = await api(url, identify.credentials.token);
+    identify.userData = data;
+    return data;
+}
+/**
+ * Sets the user's authentication credentials.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, setCredentials } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * const credentials = { token: 'abc123' };
+ * const identify = getIdentify();
+ *
+ * await setCredentials(identify, credentials)
+ * ```
+ *
+ * @remarks
+ * - If the app is running within a third-party application that uses
+ *   the Monterosa SDK, the function delegates to the parent app
+ *   to set user credentials.
+ *
+ * - If the request is successful, the function resolves to `void`.
+ *   If not, a `MonterosaError` is thrown.
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @param credentials - An object representing the user's authentication
+ *   credentials.
+ * @returns A Promise that resolves to `void`.
+ */
+async function setCredentials(identify, credentials) {
+    const parentApp = sdkLauncherKit.getParentApplication();
+    if (parentApp !== null) {
+        await parentAppRequest(identify, IdentifyAction.SetCredentials, credentials);
+        return;
+    }
+    const shouldLogin = identify.credentials === null;
+    identify.credentials = credentials;
+    if (shouldLogin) {
+        enqueueLogin(identify, credentials);
+    }
+}
+/**
+ * Clears the user's authentication credentials.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, clearCredentials } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * const identify = getIdentify();
+ *
+ * await clearCredentials(identify);
+ * ```
+ *
+ * @remarks
+ * - If the app is running within a third-party application that uses
+ *   the Monterosa SDK, the function delegates to the parent app
+ *   to clear user credentials.
+ *
+ * - If the request is successful, the function resolves to `void`.
+ *   If not, a `MonterosaError` is thrown.
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @returns A Promise that resolves to `void`.
+ */
+async function clearCredentials(identify) {
+    const parentApp = sdkLauncherKit.getParentApplication();
+    if (parentApp !== null) {
+        await parentAppRequest(identify, IdentifyAction.ClearCredentials);
+        return;
+    }
+    const shouldLogout = identify.credentials !== null;
+    identify.credentials = null;
+    identify.userData = null;
+    identify.signature = null;
+    if (shouldLogout) {
+        enqueueLogout(identify);
+    }
+}
+/**
+ * Registers a callback function that will be called whenever the `LoginState`
+ * object associated with the `IdentifyKit` instance is updated.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, onStateUpdated } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * const identify = getIdentify();
+ *
+ * const unsubscribe = onStateUpdated(identify, (state) => {
+ *   console.log("State updated:", state);
+ * });
+ *
+ * // Call unsubscribe() to unregister the callback function
+ * // unsubscribe();
+ * ```
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @param callback - The callback function to register. This function will be
+ *   called with the updated `LoginState` object as its only argument.
+ * @returns An `Unsubscribe` function that can be called to unregister
+ *   the callback function.
+ */
+function onStateUpdated(identify, callback) {
+    return sdkUtil.subscribe(identify, IdentifyEvent.StateUpdated, callback);
+}
+/**
+ * Registers a callback function that will be called whenever the `Credentials`
+ * object associated with the `IdentifyKit` instance is updated.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, onCredentialsUpdated } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * const identify = getIdentify();
+ *
+ * const unsubscribe = onCredentialsUpdated(identify, (credentials) => {
+ *   if (credentials !== null) {
+ *     console.log("Credentials updated:", credentials);
+ *   } else {
+ *     console.log("Credentials cleared.");
+ *   }
+ * });
+ *
+ * // Call unsubscribe() to unregister the callback function
+ * // unsubscribe();
+ * ```
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @param callback - The callback function to register. This function will be
+ *   called with the updated `Credentials` object as its only argument.
+ *   If the value `null` is received, it indicates that the signature has
+ *   been cleared
+ * @returns An `Unsubscribe` function that can be called to unregister
+ *   the callback function.
+ */
+function onCredentialsUpdated(identify, callback) {
+    return sdkUtil.subscribe(identify, IdentifyEvent.CredentialsUpdated, callback);
+}
+/**
+ * Registers a callback function that will be called whenever the `Signature`
+ * object associated with the `IdentifyKit` instance is updated.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, onSignatureUpdated } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * const identify = getIdentify();
+ *
+ * const unsubscribe = onSignatureUpdated(identify, (signature) => {
+ *   if (signature !== null) {
+ *     console.log("Signature updated:", signature);
+ *   } else {
+ *     console.log("Signature cleared.");
+ *   }
+ * });
+ *
+ * // Call unsubscribe() to unregister the callback function
+ * // unsubscribe();
+ * ```
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @param callback - The callback function to register. This function will be
+ *   called with the updated `Signature` object as its only argument.
+ *   If the value `null` is received, it indicates that the signature has
+ *   been cleared
+ * @returns An `Unsubscribe` function that can be called to unregister
+ *   the callback function.
+ */
+function onSignatureUpdated(identify, callback) {
+    return sdkUtil.subscribe(identify, IdentifyEvent.SignatureUpdated, callback);
+}
+/**
+ * Registers a callback function that will be called whenever the `UserData`
+ * object associated with the `IdentifyKit` instance is updated.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, onUserDataUpdated } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * const identify = getIdentify();
+ *
+ * const unsubscribe = onUserDataUpdated(identify, (userData) => {
+ *   if (userData !== null) {
+ *     console.log("User's data updated:", userData);
+ *   } else {
+ *     console.log("User's data cleared.");
+ *   }
+ * });
+ *
+ * // Call unsubscribe() to unregister the callback function
+ * // unsubscribe();
+ * ```
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @param callback - The callback function to register. This function will be
+ *   called with the updated `UserData` object as its only argument.
+ *   If the value `null` is received, it indicates that the user's data has
+ *   been cleared
+ * @returns An `Unsubscribe` function that can be called to unregister
+ *   the callback function.
+ */
+function onUserDataUpdated(identify, callback) {
+    return sdkUtil.subscribe(identify, IdentifyEvent.UserdataUpdated, callback);
+}
+/**
+ * Registers a callback function that will be called when a login is requested
+ * by an Experience.
+ *
+ * @example
+ * ```javascript
+ * import { configure } from '@monterosa/sdk-core';
+ * import { getIdentify, onLoginRequestedByExperience } from '@monterosa/sdk-identify-kit';
+ *
+ * configure({ host: '...', projectId: '...' });
+ *
+ * const identify = getIdentify();
+ *
+ * const unsubscribe = onLoginRequestedByExperience(identify, () => {
+ *   showLoginForm();
+ * });
+ *
+ * // Call unsubscribe() to unregister the callback function
+ * // unsubscribe();
+ * ```
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @param callback - The callback function to register. This function will
+ *   be called when a login is requested by an Experience.
+ * @returns An `Unsubscribe` function that can be called to unregister
+ *   the callback function.
+ */
+function onLoginRequestedByExperience(identify, callback) {
+    return sdkUtil.subscribe(identify, IdentifyEvent.LoginRequested, callback);
+}
+/**
+ * Registers a callback function that will be called when a logout is requested
+ * by an Experience.
+ *
+ * @example
+ * ```javascript
+ * import { getSpace } from '@monterosa/sdk-core';
+ * import { getIdentify, onLogoutRequestedByExperience } from '@monterosa/sdk-identify-kit';
+ *
+ * const space = getSpace('host', 'space-id');
+ * const identify = getIdentify(space);
+ *
+ * const unsubscribe = onLogoutRequestedByExperience(identify, () => {
+ *   // logout requested by experience
+ *   // perform logout from Auth service
+ * });
+ *
+ * // Call unsubscribe() to unregister the callback function
+ * // unsubscribe();
+ * ```
+ *
+ * @param identify - An instance of `IdentifyKit` that provides the user
+ *   identification functionality.
+ * @param callback - The callback function to register. This function will
+ *   be called when a logout is requested by an Experience.
+ * @returns An `Unsubscribe` function that can be called to unregister
+ *   the callback function.
+ */
+function onLogoutRequestedByExperience(identify, callback) {
+    return sdkUtil.subscribe(identify, IdentifyEvent.LogoutRequested, callback);
+}
+/**
+ *
+ * @internal
+ */
+async function watchConnectionStatus(identify) {
+    const conn = await sdkConnectKit.getConnect(identify.sdk.options.host);
+    sdkConnectKit.onConnected(conn, () => {
+        if (identify.shouldLoginOnReconnect) {
+            enqueueLogin(identify, identify.credentials, true);
+        }
+        taskQueue.resume();
+    });
+    sdkConnectKit.onConnecting(conn, () => {
+        taskQueue.pause();
+        // If the user was logged in before the connection loss, set the state
+        // to pending to notify that the user is no longer logged in and a login
+        // attempt will be made when the connection is restored.
+        if (identify.state.state === 'logged_in') {
+            identify.state = {
+                state: 'pending',
+            };
+        }
+    });
+    sdkConnectKit.onDisconnected(conn, () => {
+        taskQueue.pause();
+        taskQueue.clear();
+        // If the user was logged in before the connection loss, set the state
+        // to logged_out to notify that the user is no longer logged in.
+        if (identify.state.state === 'logged_in') {
+            identify.state = {
+                state: 'logged_out',
+            };
+        }
+    });
+}
+
+/**
+ * @license
+ * @monterosa/sdk-identify-kit
+ *
+ * Copyright © 2023-2026 Monterosa Productions Limited. All rights reserved.
+ *
+ * More details on the license can be found at https://www.monterosa.co/sdk/license
+ */
+/**
+ * @internal
+ */
+function parentMessagesHook(identify) {
+    const parentApp = sdkLauncherKit.getParentApplication();
+    if (parentApp === null) {
+        return () => { };
+    }
+    return sdkLauncherKit.onSdkMessage(parentApp, async (message) => {
+        switch (message.action) {
+            case IdentifyAction.OnCredentialsUpdated: {
+                identify.credentials = message.payload.data;
+                break;
+            }
+            case IdentifyAction.OnSessionSignatureUpdated: {
+                identify.signature = message.payload.data;
+                break;
+            }
+            case IdentifyAction.OnUserDataUpdated: {
+                identify.userData = message.payload.data;
+                break;
+            }
+            case IdentifyAction.Login: {
+                enqueueLogin(identify, message.payload);
+                break;
+            }
+            case IdentifyAction.Logout: {
+                enqueueLogout(identify);
+                break;
+            }
+        }
+    });
+}
+/**
+ * Finds an existing SDK with matching projectId, or creates a new one.
+ */
+function getOrConfigureSdk(host, projectId) {
+    const existingSdk = sdkCore.getSdks().find((sdk) => sdk.options.projectId === projectId);
+    return existingSdk !== null && existingSdk !== void 0 ? existingSdk : sdkCore.configure({ host, projectId }, projectId);
+}
+/**
+ * @internal
+ */
+function handleExperienceEmbedded(experience) {
+    const identify = getIdentify(experience.sdk);
+    // Send login action with current credentials to the new experience if available.
+    // The bridge queues this message until the experience is initialised.
+    if (identify.credentials) {
+        sdkLauncherKit.sendSdkMessage(experience, IdentifyAction.Login, identify.credentials);
+    }
+    const credentialsUpdatedUnsub = onCredentialsUpdated(identify, (data) => {
+        sdkLauncherKit.sendSdkMessage(experience, IdentifyAction.OnCredentialsUpdated, {
+            data,
+        });
+    });
+    const signatureUpdatedUnsub = onSignatureUpdated(identify, (data) => {
+        sdkLauncherKit.sendSdkMessage(experience, IdentifyAction.OnSessionSignatureUpdated, {
+            data,
+        });
+    });
+    const userDataUpdatedUnsub = onUserDataUpdated(identify, (data) => {
+        sdkLauncherKit.sendSdkMessage(experience, IdentifyAction.OnUserDataUpdated, {
+            data,
+        });
+    });
+    const sdkMessageUnsub = sdkLauncherKit.onSdkMessage(experience, async (message) => {
+        if (!Object.values(IdentifyAction).includes(message.action)) {
+            return;
+        }
+        // Extract origin context from payload if available.
+        // New clients include origin (host, projectId) to ensure correct project context
+        // in multilevel integrations. Old clients don't send origin, so we fall back
+        // to the experience's SDK to maintain backward compatibility.
+        const { origin } = message.payload;
+        const originSdk = origin
+            ? getOrConfigureSdk(origin.host, origin.projectId)
+            : experience.sdk;
+        const originIdentify = getIdentify(originSdk);
+        const respond = (payload) => sdkLauncherKit.respondToSdkMessage(experience, message, payload);
+        try {
+            switch (message.action) {
+                case IdentifyAction.RequestLogin: {
+                    await requestLogin(originIdentify);
+                    respond();
+                    break;
+                }
+                case IdentifyAction.RequestLogout: {
+                    await requestLogout(identify);
+                    respond();
+                    break;
+                }
+                case IdentifyAction.GetUserData: {
+                    const data = await getUserData(identify);
+                    respond({ data });
+                    break;
+                }
+                case IdentifyAction.GetSessionSignature: {
+                    const signature = await getSessionSignatureMemoized(identify, message.payload);
+                    respond({ data: signature });
+                    break;
+                }
+                case IdentifyAction.SetCredentials: {
+                    await setCredentials(originIdentify, {
+                        token: message.payload.token,
+                    });
+                    respond();
+                    break;
+                }
+                case IdentifyAction.ClearCredentials: {
+                    await clearCredentials(identify);
+                    respond();
+                    break;
+                }
+            }
+        }
+        catch (err) {
+            respond({
+                error: sdkUtil.getErrorMessage(err),
+            });
+        }
+    });
+    addExperience(experience, [
+        credentialsUpdatedUnsub,
+        signatureUpdatedUnsub,
+        userDataUpdatedUnsub,
+        sdkMessageUnsub,
+    ]);
+}
+/**
+ * @internal
+ */
+function handleExperienceUnmounted(experience) {
+    deleteExperience(experience);
+}
+sdkLauncherKit.onStateChanged((experience, state) => {
+    if (state === 'mounted') {
+        handleExperienceEmbedded(experience);
+    }
+    else if (state === 'unmounted') {
+        handleExperienceUnmounted(experience);
+    }
+});
+registerIdentifyHook(parentMessagesHook);
+
+exports.clearCredentials = clearCredentials;
+exports.getIdentify = getIdentify;
+exports.getUserData = getUserData;
+exports.onCredentialsUpdated = onCredentialsUpdated;
+exports.onLoginRequestedByExperience = onLoginRequestedByExperience;
+exports.onLogoutRequestedByExperience = onLogoutRequestedByExperience;
+exports.onSignatureUpdated = onSignatureUpdated;
+exports.onStateUpdated = onStateUpdated;
+exports.onUserDataUpdated = onUserDataUpdated;
+exports.requestLogin = requestLogin;
+exports.requestLogout = requestLogout;
+exports.setCredentials = setCredentials;
+//# sourceMappingURL=index.cjs.map