@omni2fa/core 0.6.1 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +1 -1
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +29 -29
- package/dist/index.js.map +1 -1
- package/dist/machines/challenge/ChallengeContext.d.ts +2 -0
- package/dist/machines/challenge/ChallengeContext.d.ts.map +1 -1
- package/dist/machines/challenge/challengeMachine.d.ts +12 -0
- package/dist/machines/challenge/challengeMachine.d.ts.map +1 -1
- package/dist/machines/emailEnrollment/EmailEnrollmentEvent.d.ts +1 -1
- package/dist/machines/emailEnrollment/EmailEnrollmentEvent.d.ts.map +1 -1
- package/dist/machines/emailEnrollment/emailEnrollmentMachine.d.ts +2 -2
- package/dist/machines/emailEnrollment/emailEnrollmentMachine.d.ts.map +1 -1
- package/dist/types/api.d.ts +17 -6
- package/dist/types/api.d.ts.map +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import
|
|
1
|
+
import O from "openapi-fetch";
|
|
2
2
|
import { setup as h, fromPromise as l, createActor as u } from "xstate";
|
|
3
|
-
class
|
|
3
|
+
class N {
|
|
4
4
|
map = /* @__PURE__ */ new Map();
|
|
5
5
|
get(e) {
|
|
6
6
|
return this.map.get(e) ?? null;
|
|
@@ -29,7 +29,7 @@ const s = {
|
|
|
29
29
|
ValidationFailed: "VALIDATION_FAILED",
|
|
30
30
|
NetworkError: "NETWORK_ERROR",
|
|
31
31
|
Unknown: "UNKNOWN"
|
|
32
|
-
},
|
|
32
|
+
}, v = {
|
|
33
33
|
[s.InvalidCode]: "The code you entered is invalid.",
|
|
34
34
|
[s.PreAuthExpired]: "Your session has expired. Please sign in again.",
|
|
35
35
|
[s.PreAuthInvalid]: "Your session is invalid. Please sign in again.",
|
|
@@ -47,8 +47,8 @@ const s = {
|
|
|
47
47
|
[s.NetworkError]: "Network error. Please check your connection.",
|
|
48
48
|
[s.Unknown]: "An unexpected error occurred."
|
|
49
49
|
};
|
|
50
|
-
function
|
|
51
|
-
return
|
|
50
|
+
function w(t) {
|
|
51
|
+
return v[t] ?? v[s.Unknown];
|
|
52
52
|
}
|
|
53
53
|
const R = "omni2fa:preauth", D = "omni2fa:session", I = "http://omni2fa.local";
|
|
54
54
|
class P {
|
|
@@ -58,7 +58,7 @@ class P {
|
|
|
58
58
|
basePath;
|
|
59
59
|
inner;
|
|
60
60
|
constructor(e) {
|
|
61
|
-
this.storage = e.storage ?? new
|
|
61
|
+
this.storage = e.storage ?? new N(), this.preAuthKey = e.preAuthStorageKey ?? R, this.sessionKey = e.sessionStorageKey ?? D, this.basePath = new URL(e.baseUrl, I).pathname.replace(/\/$/, ""), this.inner = O({
|
|
62
62
|
baseUrl: e.baseUrl,
|
|
63
63
|
fetch: e.fetch ?? globalThis.fetch.bind(globalThis),
|
|
64
64
|
...e.credentials ? { credentials: e.credentials } : {}
|
|
@@ -151,7 +151,7 @@ class P {
|
|
|
151
151
|
return r !== void 0 ? this.errorCall(r, n) : e === void 0 ? {
|
|
152
152
|
ok: !1,
|
|
153
153
|
code: s.NetworkError,
|
|
154
|
-
message:
|
|
154
|
+
message: w(s.NetworkError),
|
|
155
155
|
httpStatus: n.status
|
|
156
156
|
} : { ok: !0, value: e };
|
|
157
157
|
}
|
|
@@ -160,7 +160,7 @@ class P {
|
|
|
160
160
|
return {
|
|
161
161
|
ok: !1,
|
|
162
162
|
code: n,
|
|
163
|
-
message: e.message ||
|
|
163
|
+
message: e.message || w(n),
|
|
164
164
|
httpStatus: r.status,
|
|
165
165
|
details: e.details ?? null
|
|
166
166
|
};
|
|
@@ -318,7 +318,7 @@ function F(t) {
|
|
|
318
318
|
},
|
|
319
319
|
actors: {
|
|
320
320
|
startEnrollment: l(async ({ input: e }) => {
|
|
321
|
-
const r = await t.startEmailEnrollment({ email: e.email });
|
|
321
|
+
const r = await t.startEmailEnrollment(e.email !== void 0 ? { email: e.email } : {});
|
|
322
322
|
if (!r.ok)
|
|
323
323
|
throw new a(r.code, r.message, r.httpStatus, r.details ?? null);
|
|
324
324
|
return r.value;
|
|
@@ -352,17 +352,16 @@ function F(t) {
|
|
|
352
352
|
},
|
|
353
353
|
starting: {
|
|
354
354
|
entry: ({ context: e, event: r }) => {
|
|
355
|
-
r.type === "start" && (e.email = r.email);
|
|
355
|
+
r.type === "start" && (e.email = r.email ?? null);
|
|
356
356
|
},
|
|
357
357
|
invoke: {
|
|
358
358
|
src: "startEnrollment",
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
|
|
362
|
-
},
|
|
359
|
+
// Under the server's default ClaimOnly source the address is derived from the
|
|
360
|
+
// session, so an absent email is valid; HostSupplied callers pass one through.
|
|
361
|
+
input: ({ context: e }) => ({ email: e.email ?? void 0 }),
|
|
363
362
|
onDone: {
|
|
364
363
|
target: "awaitingCode",
|
|
365
|
-
actions: ({ context: e, event: r }) =>
|
|
364
|
+
actions: ({ context: e, event: r }) => T(e, r.output)
|
|
366
365
|
},
|
|
367
366
|
onError: {
|
|
368
367
|
target: "failed",
|
|
@@ -386,7 +385,7 @@ function F(t) {
|
|
|
386
385
|
},
|
|
387
386
|
onDone: {
|
|
388
387
|
target: "awaitingCode",
|
|
389
|
-
actions: ({ context: e, event: r }) =>
|
|
388
|
+
actions: ({ context: e, event: r }) => T(e, r.output)
|
|
390
389
|
},
|
|
391
390
|
onError: {
|
|
392
391
|
target: "awaitingCode",
|
|
@@ -428,7 +427,7 @@ function F(t) {
|
|
|
428
427
|
}
|
|
429
428
|
});
|
|
430
429
|
}
|
|
431
|
-
function
|
|
430
|
+
function T(t, e) {
|
|
432
431
|
t.enrollmentId = e.enrollmentId, t.expiresAt = e.expiresAt, t.resendAvailableAt = e.resendAvailableAt, t.errorCode = null, t.errorMessage = null;
|
|
433
432
|
}
|
|
434
433
|
function f({ context: t }) {
|
|
@@ -450,7 +449,7 @@ function d(t) {
|
|
|
450
449
|
r += String.fromCharCode(n);
|
|
451
450
|
return btoa(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
452
451
|
}
|
|
453
|
-
function
|
|
452
|
+
function k(t) {
|
|
454
453
|
return (t ?? []).map((e) => ({ ...e, id: g(e.id) }));
|
|
455
454
|
}
|
|
456
455
|
async function L(t) {
|
|
@@ -458,7 +457,7 @@ async function L(t) {
|
|
|
458
457
|
...e,
|
|
459
458
|
challenge: g(e.challenge),
|
|
460
459
|
user: { ...e.user, id: g(e.user.id) },
|
|
461
|
-
excludeCredentials:
|
|
460
|
+
excludeCredentials: k(e.excludeCredentials)
|
|
462
461
|
// Cast through unknown: the spread carries Fido2's index-signature fields the DOM type omits.
|
|
463
462
|
}, n = await navigator.credentials.create({ publicKey: r });
|
|
464
463
|
if (n === null)
|
|
@@ -479,7 +478,7 @@ async function K(t) {
|
|
|
479
478
|
const e = JSON.parse(t), r = {
|
|
480
479
|
...e,
|
|
481
480
|
challenge: g(e.challenge),
|
|
482
|
-
allowCredentials:
|
|
481
|
+
allowCredentials: k(e.allowCredentials)
|
|
483
482
|
}, n = await navigator.credentials.get({ publicKey: r });
|
|
484
483
|
if (n === null)
|
|
485
484
|
throw new Error("WebAuthn authentication produced no credential.");
|
|
@@ -579,19 +578,19 @@ function $(t) {
|
|
|
579
578
|
},
|
|
580
579
|
enrolled: {
|
|
581
580
|
on: {
|
|
582
|
-
reset: { target: "idle", actions:
|
|
581
|
+
reset: { target: "idle", actions: b }
|
|
583
582
|
}
|
|
584
583
|
},
|
|
585
584
|
failed: {
|
|
586
585
|
on: {
|
|
587
586
|
retry: { target: "starting" },
|
|
588
|
-
reset: { target: "idle", actions:
|
|
587
|
+
reset: { target: "idle", actions: b }
|
|
589
588
|
}
|
|
590
589
|
}
|
|
591
590
|
}
|
|
592
591
|
});
|
|
593
592
|
}
|
|
594
|
-
function
|
|
593
|
+
function b({ context: t }) {
|
|
595
594
|
t.enrollmentId = null, t.optionsJson = null, t.name = null, t.methodId = null, t.recoveryCodes = null, t.errorCode = null, t.errorMessage = null;
|
|
596
595
|
}
|
|
597
596
|
function M(t, e) {
|
|
@@ -601,6 +600,7 @@ const H = {
|
|
|
601
600
|
methodId: null,
|
|
602
601
|
methodType: null,
|
|
603
602
|
userId: null,
|
|
603
|
+
verifiedToken: null,
|
|
604
604
|
expiresAt: null,
|
|
605
605
|
resendAvailableAt: null,
|
|
606
606
|
optionsJson: null,
|
|
@@ -693,7 +693,7 @@ function Y(t) {
|
|
|
693
693
|
onDone: {
|
|
694
694
|
target: "verified",
|
|
695
695
|
actions: ({ context: e, event: r }) => {
|
|
696
|
-
e.userId = r.output.userId, e.errorCode = null, e.errorMessage = null;
|
|
696
|
+
e.userId = r.output.userId, e.verifiedToken = r.output.verifiedToken, e.errorCode = null, e.errorMessage = null;
|
|
697
697
|
}
|
|
698
698
|
},
|
|
699
699
|
onError: {
|
|
@@ -720,7 +720,7 @@ function Y(t) {
|
|
|
720
720
|
onDone: {
|
|
721
721
|
target: "verified",
|
|
722
722
|
actions: ({ context: e, event: r }) => {
|
|
723
|
-
e.userId = r.output.userId, e.errorCode = null, e.errorMessage = null;
|
|
723
|
+
e.userId = r.output.userId, e.verifiedToken = r.output.verifiedToken, e.errorCode = null, e.errorMessage = null;
|
|
724
724
|
}
|
|
725
725
|
},
|
|
726
726
|
onError: {
|
|
@@ -757,7 +757,7 @@ function Y(t) {
|
|
|
757
757
|
onDone: {
|
|
758
758
|
target: "verified",
|
|
759
759
|
actions: ({ context: e, event: r }) => {
|
|
760
|
-
e.userId = r.output.userId, e.errorCode = null, e.errorMessage = null;
|
|
760
|
+
e.userId = r.output.userId, e.verifiedToken = r.output.verifiedToken, e.errorCode = null, e.errorMessage = null;
|
|
761
761
|
}
|
|
762
762
|
},
|
|
763
763
|
onError: {
|
|
@@ -785,7 +785,7 @@ function C(t, e) {
|
|
|
785
785
|
t.methodType = e.type, t.expiresAt = e.expiresAt ?? null, t.resendAvailableAt = e.resendAvailableAt ?? null, t.optionsJson = e.optionsJson ?? null, t.errorCode = null, t.errorMessage = null;
|
|
786
786
|
}
|
|
787
787
|
function E({ context: t }) {
|
|
788
|
-
t.methodId = null, t.methodType = null, t.userId = null, t.expiresAt = null, t.resendAvailableAt = null, t.optionsJson = null, t.errorCode = null, t.errorMessage = null;
|
|
788
|
+
t.methodId = null, t.methodType = null, t.userId = null, t.verifiedToken = null, t.expiresAt = null, t.resendAvailableAt = null, t.optionsJson = null, t.errorCode = null, t.errorMessage = null;
|
|
789
789
|
}
|
|
790
790
|
function c(t, e) {
|
|
791
791
|
e instanceof a ? (t.errorCode = e.code, t.errorMessage = e.message) : (t.errorCode = "UNKNOWN", t.errorMessage = e instanceof Error ? e.message : null);
|
|
@@ -897,7 +897,7 @@ function Q(t) {
|
|
|
897
897
|
}
|
|
898
898
|
export {
|
|
899
899
|
X as LocalStorageStorage,
|
|
900
|
-
|
|
900
|
+
N as MemoryStorage,
|
|
901
901
|
a as Omni2FaApiError,
|
|
902
902
|
P as Omni2FaClient,
|
|
903
903
|
s as Omni2FaErrorCodes,
|
|
@@ -908,7 +908,7 @@ export {
|
|
|
908
908
|
Q as createOmni2Fa,
|
|
909
909
|
_ as createTotpEnrollmentMachine,
|
|
910
910
|
$ as createWebAuthnEnrollmentMachine,
|
|
911
|
-
|
|
911
|
+
w as getDefaultMessage,
|
|
912
912
|
K as startAuthentication,
|
|
913
913
|
L as startRegistration
|
|
914
914
|
};
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sources":["../src/storage/MemoryStorage.ts","../src/errors/codes.ts","../src/errors/messages.ts","../src/client/Omni2FaClient.ts","../src/storage/SessionStorageStorage.ts","../src/storage/LocalStorageStorage.ts","../src/errors/Omni2FaApiError.ts","../src/machines/totpEnrollment/totpEnrollmentMachine.ts","../src/machines/emailEnrollment/emailEnrollmentMachine.ts","../src/webauthn/base64url.ts","../src/webauthn/ceremony.ts","../src/machines/webauthnEnrollment/webauthnEnrollmentMachine.ts","../src/machines/challenge/challengeMachine.ts","../src/machines/methods/methodsMachine.ts","../src/createOmni2Fa.ts"],"sourcesContent":["import type { IStorage } from './Interfaces/IStorage';\r\n\r\n/** In-process storage. Default. Values vanish on page reload — safest default. */\r\nexport class MemoryStorage implements IStorage {\r\n private readonly map = new Map<string, string>();\r\n\r\n get(key: string): string | null {\r\n return this.map.get(key) ?? null;\r\n }\r\n\r\n set(key: string, value: string): void {\r\n this.map.set(key, value);\r\n }\r\n\r\n remove(key: string): void {\r\n this.map.delete(key);\r\n }\r\n}\r\n","export const Omni2FaErrorCodes = {\r\n InvalidCode: 'INVALID_CODE',\r\n PreAuthExpired: 'PREAUTH_EXPIRED',\r\n PreAuthInvalid: 'PREAUTH_INVALID',\r\n ChallengeNotFound: 'CHALLENGE_NOT_FOUND',\r\n ChallengeConsumed: 'CHALLENGE_CONSUMED',\r\n TooManyAttempts: 'TOO_MANY_ATTEMPTS',\r\n MethodNotFound: 'METHOD_NOT_FOUND',\r\n TypeAlreadyEnrolled: 'TYPE_ALREADY_ENROLLED',\r\n MaxMethodsReached: 'MAX_METHODS_REACHED',\r\n LastMethodProtected: 'LAST_METHOD_PROTECTED',\r\n RecoveryCodeInvalid: 'RECOVERY_CODE_INVALID',\r\n RecoveryCodeUsed: 'RECOVERY_CODE_USED',\r\n WebAuthnVerificationFailed: 'WEBAUTHN_VERIFICATION_FAILED',\r\n ValidationFailed: 'VALIDATION_FAILED',\r\n NetworkError: 'NETWORK_ERROR',\r\n Unknown: 'UNKNOWN',\r\n} as const;\r\n\r\nexport type Omni2FaErrorCode = (typeof Omni2FaErrorCodes)[keyof typeof Omni2FaErrorCodes];\r\n","import { Omni2FaErrorCodes, type Omni2FaErrorCode } from './codes';\r\n\r\nconst defaults: Record<Omni2FaErrorCode, string> = {\r\n [Omni2FaErrorCodes.InvalidCode]: 'The code you entered is invalid.',\r\n [Omni2FaErrorCodes.PreAuthExpired]: 'Your session has expired. Please sign in again.',\r\n [Omni2FaErrorCodes.PreAuthInvalid]: 'Your session is invalid. Please sign in again.',\r\n [Omni2FaErrorCodes.ChallengeNotFound]: 'No active verification step. Please restart.',\r\n [Omni2FaErrorCodes.ChallengeConsumed]: 'This verification step was already used. Please sign in again.',\r\n [Omni2FaErrorCodes.TooManyAttempts]: 'Too many attempts. Please wait before trying again.',\r\n [Omni2FaErrorCodes.MethodNotFound]: 'The selected 2FA method was not found.',\r\n [Omni2FaErrorCodes.TypeAlreadyEnrolled]: 'You already have this type of 2FA enabled.',\r\n [Omni2FaErrorCodes.MaxMethodsReached]: 'You have reached the maximum number of 2FA methods.',\r\n [Omni2FaErrorCodes.LastMethodProtected]: 'You cannot remove your last 2FA method.',\r\n [Omni2FaErrorCodes.RecoveryCodeInvalid]: 'The recovery code is invalid.',\r\n [Omni2FaErrorCodes.RecoveryCodeUsed]: 'This recovery code has already been used.',\r\n [Omni2FaErrorCodes.WebAuthnVerificationFailed]: 'Security key verification failed.',\r\n [Omni2FaErrorCodes.ValidationFailed]: 'The request was malformed.',\r\n [Omni2FaErrorCodes.NetworkError]: 'Network error. Please check your connection.',\r\n [Omni2FaErrorCodes.Unknown]: 'An unexpected error occurred.',\r\n};\r\n\r\nexport function getDefaultMessage(code: string): string {\r\n return defaults[code as Omni2FaErrorCode] ?? defaults[Omni2FaErrorCodes.Unknown];\r\n}\r\n","import createClient from 'openapi-fetch';\r\nimport type { paths } from '../types/api';\r\nimport type { IStorage } from '../storage/Interfaces/IStorage';\r\nimport { MemoryStorage } from '../storage/MemoryStorage';\r\nimport { Omni2FaErrorCodes } from '../errors/codes';\r\nimport { getDefaultMessage } from '../errors/messages';\r\nimport type {\r\n ChallengeResendRequest,\r\n ChallengeStartRequest,\r\n ChallengeStartResponse,\r\n ChallengeVerifyRequest,\r\n EmailEnrollConfirmRequest,\r\n EmailEnrollResendRequest,\r\n EmailEnrollStartRequest,\r\n EmailEnrollStartResponse,\r\n ErrorResponse,\r\n MethodCreatedResponse,\r\n RecoveryCodesResponse,\r\n RecoveryCodeVerifyRequest,\r\n TotpEnrollConfirmRequest,\r\n TotpEnrollStartResponse,\r\n TwoFactorMethodDto,\r\n VerifySuccessResponse,\r\n WebAuthnEnrollConfirmRequest,\r\n WebAuthnEnrollStartResponse,\r\n} from '../types/dtos';\r\nimport type { ClientCall } from './Interfaces/ClientCall';\r\nimport type { IOmni2FaClient } from './Interfaces/IOmni2FaClient';\r\nimport type { Omni2FaClientConfig } from './Omni2FaClientConfig';\r\n\r\nconst DEFAULT_PREAUTH_KEY = 'omni2fa:preauth';\r\nconst DEFAULT_SESSION_KEY = 'omni2fa:session';\r\n// Only used to resolve a relative baseUrl/request URL so we can read its pathname; the origin is irrelevant.\r\nconst FALLBACK_ORIGIN = 'http://omni2fa.local';\r\n\r\ntype FetchClient = ReturnType<typeof createClient<paths>>;\r\n\r\nexport class Omni2FaClient implements IOmni2FaClient {\r\n private readonly storage: IStorage;\r\n private readonly preAuthKey: string;\r\n private readonly sessionKey: string;\r\n private readonly basePath: string;\r\n private readonly inner: FetchClient;\r\n\r\n constructor(config: Omni2FaClientConfig) {\r\n this.storage = config.storage ?? new MemoryStorage();\r\n this.preAuthKey = config.preAuthStorageKey ?? DEFAULT_PREAUTH_KEY;\r\n this.sessionKey = config.sessionStorageKey ?? DEFAULT_SESSION_KEY;\r\n // Mount path of the API, e.g. \"/api/2fa\" — used to classify endpoints by their path under it.\r\n this.basePath = new URL(config.baseUrl, FALLBACK_ORIGIN).pathname.replace(/\\/$/, '');\r\n this.inner = createClient<paths>({\r\n baseUrl: config.baseUrl,\r\n fetch: config.fetch ?? globalThis.fetch.bind(globalThis),\r\n ...(config.credentials ? { credentials: config.credentials } : {}),\r\n });\r\n this.inner.use({\r\n onRequest: ({ request }) => {\r\n // A custom fetch / host-set header always wins.\r\n if (request.headers.has('Authorization')) {\r\n return request;\r\n }\r\n // Pre-auth token guards the 2FA ceremony; everything else uses the host session token.\r\n const token = this.isPreAuthEndpoint(request.url) ? this.getPreAuthToken() : this.getSessionToken();\r\n if (token) {\r\n request.headers.set('Authorization', `Bearer ${token}`);\r\n }\r\n return request;\r\n },\r\n });\r\n }\r\n\r\n /** Pre-auth endpoints are exactly the ones mounted under <c>{basePath}/challenge/</c>. */\r\n private isPreAuthEndpoint(url: string): boolean {\r\n const path = new URL(url, FALLBACK_ORIGIN).pathname;\r\n const relative = path.startsWith(this.basePath) ? path.slice(this.basePath.length) : path;\r\n return relative.startsWith('/challenge/');\r\n }\r\n\r\n setPreAuthToken(token: string | null): void {\r\n this.setToken(this.preAuthKey, token);\r\n }\r\n\r\n getPreAuthToken(): string | null {\r\n return this.storage.get(this.preAuthKey);\r\n }\r\n\r\n setSessionToken(token: string | null): void {\r\n this.setToken(this.sessionKey, token);\r\n }\r\n\r\n getSessionToken(): string | null {\r\n return this.storage.get(this.sessionKey);\r\n }\r\n\r\n private setToken(key: string, token: string | null): void {\r\n if (token === null || token.length === 0) {\r\n this.storage.remove(key);\r\n } else {\r\n this.storage.set(key, token);\r\n }\r\n }\r\n\r\n async listMethods(): Promise<ClientCall<TwoFactorMethodDto[]>> {\r\n const { data, error, response } = await this.inner.GET('/methods');\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async removeMethod(methodId: string): Promise<ClientCall<void>> {\r\n const { error, response } = await this.inner.DELETE('/methods/{methodId}', { params: { path: { methodId } } });\r\n if (error) {\r\n return this.errorCall(error, response);\r\n }\r\n return { ok: true, value: undefined };\r\n }\r\n\r\n async startTotpEnrollment(): Promise<ClientCall<TotpEnrollStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/totp/start');\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async confirmTotpEnrollment(request: TotpEnrollConfirmRequest): Promise<ClientCall<MethodCreatedResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/totp/confirm', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async startEmailEnrollment(request: EmailEnrollStartRequest): Promise<ClientCall<EmailEnrollStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/email/start', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async confirmEmailEnrollment(request: EmailEnrollConfirmRequest): Promise<ClientCall<MethodCreatedResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/email/confirm', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async resendEmailEnrollment(request: EmailEnrollResendRequest): Promise<ClientCall<EmailEnrollStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/email/resend', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async startWebAuthnEnrollment(): Promise<ClientCall<WebAuthnEnrollStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/webauthn/start');\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async confirmWebAuthnEnrollment(request: WebAuthnEnrollConfirmRequest): Promise<ClientCall<MethodCreatedResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/webauthn/confirm', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async startChallenge(request: ChallengeStartRequest): Promise<ClientCall<ChallengeStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/challenge/start', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async resendChallenge(request: ChallengeResendRequest): Promise<ClientCall<ChallengeStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/challenge/resend', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async verifyChallenge(request: ChallengeVerifyRequest): Promise<ClientCall<VerifySuccessResponse>> {\r\n const { data, error, response } = await this.inner.POST('/challenge/verify', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async verifyRecoveryCode(request: RecoveryCodeVerifyRequest): Promise<ClientCall<VerifySuccessResponse>> {\r\n const { data, error, response } = await this.inner.POST('/challenge/recovery-code', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async regenerateRecoveryCodes(): Promise<ClientCall<RecoveryCodesResponse>> {\r\n const { data, error, response } = await this.inner.POST('/recovery-codes/regenerate');\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n private toCall<T>(data: T | undefined, error: ErrorResponse | undefined, response: Response): ClientCall<T> {\r\n if (error !== undefined) {\r\n return this.errorCall(error, response);\r\n }\r\n if (data === undefined) {\r\n return {\r\n ok: false,\r\n code: Omni2FaErrorCodes.NetworkError,\r\n message: getDefaultMessage(Omni2FaErrorCodes.NetworkError),\r\n httpStatus: response.status,\r\n };\r\n }\r\n return { ok: true, value: data };\r\n }\r\n\r\n private errorCall(error: ErrorResponse, response: Response): ClientCall<never> {\r\n const code = error.code || Omni2FaErrorCodes.Unknown;\r\n return {\r\n ok: false,\r\n code,\r\n message: error.message || getDefaultMessage(code),\r\n httpStatus: response.status,\r\n details: error.details ?? null,\r\n };\r\n }\r\n}\r\n","import type { IStorage } from './Interfaces/IStorage';\r\n\r\n/** Browser <c>sessionStorage</c>. Values persist across page reloads in the same tab, gone when tab closes. */\r\nexport class SessionStorageStorage implements IStorage {\r\n get(key: string): string | null {\r\n return globalThis.sessionStorage?.getItem(key) ?? null;\r\n }\r\n\r\n set(key: string, value: string): void {\r\n globalThis.sessionStorage?.setItem(key, value);\r\n }\r\n\r\n remove(key: string): void {\r\n globalThis.sessionStorage?.removeItem(key);\r\n }\r\n}\r\n","import type { IStorage } from './Interfaces/IStorage';\r\n\r\n/** Browser <c>localStorage</c>. Values persist indefinitely across sessions. Use with caution for sensitive data. */\r\nexport class LocalStorageStorage implements IStorage {\r\n get(key: string): string | null {\r\n return globalThis.localStorage?.getItem(key) ?? null;\r\n }\r\n\r\n set(key: string, value: string): void {\r\n globalThis.localStorage?.setItem(key, value);\r\n }\r\n\r\n remove(key: string): void {\r\n globalThis.localStorage?.removeItem(key);\r\n }\r\n}\r\n","/**\r\n * Error thrown by core machines when an HTTP call fails. Carries the stable error code,\r\n * HTTP status, and optional structured details. Adapters read it from xstate's <c>onError</c>\r\n * <c>event.error</c>.\r\n */\r\nexport class Omni2FaApiError extends Error {\r\n readonly code: string;\r\n readonly httpStatus: number;\r\n readonly details: Record<string, unknown> | null;\r\n\r\n constructor(code: string, message: string, httpStatus: number, details: Record<string, unknown> | null = null) {\r\n super(message);\r\n this.name = 'Omni2FaApiError';\r\n this.code = code;\r\n this.httpStatus = httpStatus;\r\n this.details = details;\r\n }\r\n}\r\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\r\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\r\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\r\nimport type { TotpEnrollmentContext } from './TotpEnrollmentContext';\r\nimport type { TotpEnrollmentEvent } from './TotpEnrollmentEvent';\r\n\r\nconst initialContext: TotpEnrollmentContext = {\r\n enrollmentId: null,\r\n otpAuthUri: null,\r\n secret: null,\r\n methodId: null,\r\n recoveryCodes: null,\r\n errorCode: null,\r\n errorMessage: null,\r\n};\r\n\r\nexport function createTotpEnrollmentMachine(client: IOmni2FaClient) {\r\n return setup({\r\n types: {\r\n context: {} as TotpEnrollmentContext,\r\n events: {} as TotpEnrollmentEvent,\r\n },\r\n actors: {\r\n startEnrollment: fromPromise(async () => {\r\n const result = await client.startTotpEnrollment();\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n confirmEnrollment: fromPromise(async ({ input }: { input: { enrollmentId: string; code: string; name: string | null } }) => {\r\n const result = await client.confirmTotpEnrollment({\r\n enrollmentId: input.enrollmentId,\r\n code: input.code,\r\n name: input.name,\r\n });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n },\r\n }).createMachine({\r\n id: 'totpEnrollment',\r\n initial: 'idle',\r\n context: initialContext,\r\n states: {\r\n idle: {\r\n on: {\r\n start: { target: 'starting' },\r\n },\r\n },\r\n starting: {\r\n invoke: {\r\n src: 'startEnrollment',\r\n onDone: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => {\r\n context.enrollmentId = event.output.enrollmentId;\r\n context.otpAuthUri = event.output.otpAuthUri;\r\n context.secret = event.output.secret;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n awaitingCode: {\r\n on: {\r\n submit: { target: 'confirming' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n confirming: {\r\n invoke: {\r\n src: 'confirmEnrollment',\r\n input: ({ context, event }) => {\r\n if (event.type !== 'submit') throw new Error('confirming requires submit event');\r\n if (!context.enrollmentId) throw new Error('no enrollmentId');\r\n return { enrollmentId: context.enrollmentId, code: event.code, name: event.name ?? null };\r\n },\r\n onDone: {\r\n target: 'enrolled',\r\n actions: ({ context, event }) => {\r\n context.methodId = event.output.methodId;\r\n context.recoveryCodes = event.output.recoveryCodes ?? null;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n enrolled: {\r\n on: {\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n failed: {\r\n on: {\r\n start: { target: 'starting' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n },\r\n });\r\n}\r\n\r\nfunction assignInitial({ context }: { context: TotpEnrollmentContext }) {\r\n context.enrollmentId = null;\r\n context.otpAuthUri = null;\r\n context.secret = null;\r\n context.methodId = null;\r\n context.recoveryCodes = null;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n}\r\n\r\nfunction assignApiError(context: TotpEnrollmentContext, error: unknown) {\r\n if (error instanceof Omni2FaApiError) {\r\n context.errorCode = error.code;\r\n context.errorMessage = error.message;\r\n } else {\r\n context.errorCode = 'UNKNOWN';\r\n context.errorMessage = error instanceof Error ? error.message : null;\r\n }\r\n}\r\n\r\nexport type TotpEnrollmentMachine = ReturnType<typeof createTotpEnrollmentMachine>;\r\nexport type TotpEnrollmentActor = ActorRefFrom<TotpEnrollmentMachine>;\r\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\nimport type { EmailEnrollmentContext } from './EmailEnrollmentContext';\nimport type { EmailEnrollmentEvent } from './EmailEnrollmentEvent';\n\nconst initialContext: EmailEnrollmentContext = {\n enrollmentId: null,\n email: null,\n expiresAt: null,\n resendAvailableAt: null,\n methodId: null,\n recoveryCodes: null,\n errorCode: null,\n errorMessage: null,\n};\n\nexport function createEmailEnrollmentMachine(client: IOmni2FaClient) {\n return setup({\n types: {\n context: {} as EmailEnrollmentContext,\n events: {} as EmailEnrollmentEvent,\n },\n actors: {\n startEnrollment: fromPromise(async ({ input }: { input: { email: string } }) => {\n const result = await client.startEmailEnrollment({ email: input.email });\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n resendEnrollment: fromPromise(async ({ input }: { input: { enrollmentId: string } }) => {\n const result = await client.resendEmailEnrollment({ enrollmentId: input.enrollmentId });\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n confirmEnrollment: fromPromise(async ({ input }: { input: { enrollmentId: string; code: string; name: string | null } }) => {\n const result = await client.confirmEmailEnrollment({\n enrollmentId: input.enrollmentId,\n code: input.code,\n name: input.name,\n });\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n },\n }).createMachine({\n id: 'emailEnrollment',\n initial: 'idle',\n context: initialContext,\n states: {\n idle: {\n on: {\n start: { target: 'starting' },\n },\n },\n starting: {\n entry: ({ context, event }) => {\n if (event.type === 'start') {\n context.email = event.email;\n }\n },\n invoke: {\n src: 'startEnrollment',\n input: ({ context }) => {\n if (!context.email) throw new Error('no email');\n return { email: context.email };\n },\n onDone: {\n target: 'awaitingCode',\n actions: ({ context, event }) => assignStartOutput(context, event.output),\n },\n onError: {\n target: 'failed',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n awaitingCode: {\n on: {\n submit: { target: 'confirming' },\n resend: { target: 'resending' },\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n resending: {\n invoke: {\n src: 'resendEnrollment',\n input: ({ context }) => {\n if (!context.enrollmentId) throw new Error('no enrollmentId');\n return { enrollmentId: context.enrollmentId };\n },\n onDone: {\n target: 'awaitingCode',\n actions: ({ context, event }) => assignStartOutput(context, event.output),\n },\n onError: {\n target: 'awaitingCode',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n confirming: {\n invoke: {\n src: 'confirmEnrollment',\n input: ({ context, event }) => {\n if (event.type !== 'submit') throw new Error('confirming requires submit event');\n if (!context.enrollmentId) throw new Error('no enrollmentId');\n return { enrollmentId: context.enrollmentId, code: event.code, name: event.name ?? null };\n },\n onDone: {\n target: 'enrolled',\n actions: ({ context, event }) => {\n context.methodId = event.output.methodId;\n context.recoveryCodes = event.output.recoveryCodes ?? null;\n context.errorCode = null;\n context.errorMessage = null;\n },\n },\n onError: {\n target: 'awaitingCode',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n enrolled: {\n on: {\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n failed: {\n on: {\n start: { target: 'starting' },\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n },\n });\n}\n\nfunction assignStartOutput(context: EmailEnrollmentContext, output: { enrollmentId: string; expiresAt: string; resendAvailableAt: string }) {\n context.enrollmentId = output.enrollmentId;\n context.expiresAt = output.expiresAt;\n context.resendAvailableAt = output.resendAvailableAt;\n context.errorCode = null;\n context.errorMessage = null;\n}\n\nfunction assignInitial({ context }: { context: EmailEnrollmentContext }) {\n context.enrollmentId = null;\n context.email = null;\n context.expiresAt = null;\n context.resendAvailableAt = null;\n context.methodId = null;\n context.recoveryCodes = null;\n context.errorCode = null;\n context.errorMessage = null;\n}\n\nfunction assignApiError(context: EmailEnrollmentContext, error: unknown) {\n if (error instanceof Omni2FaApiError) {\n context.errorCode = error.code;\n context.errorMessage = error.message;\n } else {\n context.errorCode = 'UNKNOWN';\n context.errorMessage = error instanceof Error ? error.message : null;\n }\n}\n\nexport type EmailEnrollmentMachine = ReturnType<typeof createEmailEnrollmentMachine>;\nexport type EmailEnrollmentActor = ActorRefFrom<EmailEnrollmentMachine>;\n","/** base64url ↔ ArrayBuffer conversions for WebAuthn binary fields. Tolerates standard base64 input too. */\n\nexport function base64urlToBuffer(value: string): ArrayBuffer {\n const base64 = value.replace(/-/g, '+').replace(/_/g, '/');\n const padded = base64.padEnd(Math.ceil(base64.length / 4) * 4, '=');\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n}\n\nexport function bufferToBase64url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n","import { base64urlToBuffer, bufferToBase64url } from './base64url';\n\n/**\n * Browser-side WebAuthn marshaling. Parses the server's options JSON (Fido2NetLib format — binary\n * fields base64url-encoded) into the `ArrayBuffer` shape the browser API needs, runs the ceremony,\n * and serializes the credential back to JSON for the server. Browser-only.\n */\n\ninterface CredentialDescriptorJson {\n type: PublicKeyCredentialType;\n id: string;\n transports?: AuthenticatorTransport[];\n}\n\ninterface CreationOptionsJson {\n challenge: string;\n user: { id: string; name: string; displayName: string };\n excludeCredentials?: CredentialDescriptorJson[];\n [key: string]: unknown;\n}\n\ninterface RequestOptionsJson {\n challenge: string;\n allowCredentials?: CredentialDescriptorJson[];\n [key: string]: unknown;\n}\n\nfunction mapDescriptors(list: CredentialDescriptorJson[] | undefined): PublicKeyCredentialDescriptor[] {\n return (list ?? []).map((c) => ({ ...c, id: base64urlToBuffer(c.id) }));\n}\n\n/** Run a registration ceremony and return the attestation JSON for `/enroll/webauthn/confirm`. */\nexport async function startRegistration(optionsJson: string): Promise<string> {\n const parsed = JSON.parse(optionsJson) as CreationOptionsJson;\n const publicKey = {\n ...parsed,\n challenge: base64urlToBuffer(parsed.challenge),\n user: { ...parsed.user, id: base64urlToBuffer(parsed.user.id) },\n excludeCredentials: mapDescriptors(parsed.excludeCredentials),\n // Cast through unknown: the spread carries Fido2's index-signature fields the DOM type omits.\n } as unknown as PublicKeyCredentialCreationOptions;\n\n const credential = (await navigator.credentials.create({ publicKey })) as PublicKeyCredential | null;\n if (credential === null) {\n throw new Error('WebAuthn registration produced no credential.');\n }\n const response = credential.response as AuthenticatorAttestationResponse;\n return JSON.stringify({\n id: credential.id,\n rawId: bufferToBase64url(credential.rawId),\n type: credential.type,\n extensions: credential.getClientExtensionResults(),\n response: {\n attestationObject: bufferToBase64url(response.attestationObject),\n clientDataJSON: bufferToBase64url(response.clientDataJSON),\n },\n });\n}\n\n/** Run an assertion ceremony and return the assertion JSON for `/challenge/verify`. */\nexport async function startAuthentication(optionsJson: string): Promise<string> {\n const parsed = JSON.parse(optionsJson) as RequestOptionsJson;\n const publicKey = {\n ...parsed,\n challenge: base64urlToBuffer(parsed.challenge),\n allowCredentials: mapDescriptors(parsed.allowCredentials),\n } as unknown as PublicKeyCredentialRequestOptions;\n\n const credential = (await navigator.credentials.get({ publicKey })) as PublicKeyCredential | null;\n if (credential === null) {\n throw new Error('WebAuthn authentication produced no credential.');\n }\n const response = credential.response as AuthenticatorAssertionResponse;\n return JSON.stringify({\n id: credential.id,\n rawId: bufferToBase64url(credential.rawId),\n type: credential.type,\n extensions: credential.getClientExtensionResults(),\n response: {\n authenticatorData: bufferToBase64url(response.authenticatorData),\n clientDataJSON: bufferToBase64url(response.clientDataJSON),\n signature: bufferToBase64url(response.signature),\n userHandle: response.userHandle ? bufferToBase64url(response.userHandle) : null,\n },\n });\n}\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\nimport { startRegistration } from '../../webauthn/ceremony';\nimport type { WebAuthnEnrollmentContext } from './WebAuthnEnrollmentContext';\nimport type { WebAuthnEnrollmentEvent } from './WebAuthnEnrollmentEvent';\n\nconst initialContext: WebAuthnEnrollmentContext = {\n enrollmentId: null,\n optionsJson: null,\n name: null,\n methodId: null,\n recoveryCodes: null,\n errorCode: null,\n errorMessage: null,\n};\n\nexport function createWebAuthnEnrollmentMachine(client: IOmni2FaClient) {\n return setup({\n types: {\n context: {} as WebAuthnEnrollmentContext,\n events: {} as WebAuthnEnrollmentEvent,\n },\n actors: {\n startEnrollment: fromPromise(async () => {\n const result = await client.startWebAuthnEnrollment();\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n registerAndConfirm: fromPromise(async ({ input }: { input: { enrollmentId: string; optionsJson: string; name: string | null } }) => {\n const attestationResponseJson = await startRegistration(input.optionsJson);\n const result = await client.confirmWebAuthnEnrollment({\n enrollmentId: input.enrollmentId,\n attestationResponseJson,\n name: input.name,\n });\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n },\n }).createMachine({\n id: 'webauthnEnrollment',\n initial: 'idle',\n context: initialContext,\n states: {\n idle: {\n on: {\n start: { target: 'starting' },\n },\n },\n starting: {\n entry: ({ context, event }) => {\n if (event.type === 'start') {\n context.name = event.name ?? null;\n }\n },\n invoke: {\n src: 'startEnrollment',\n onDone: {\n target: 'registering',\n actions: ({ context, event }) => {\n context.enrollmentId = event.output.enrollmentId;\n context.optionsJson = event.output.optionsJson;\n context.errorCode = null;\n context.errorMessage = null;\n },\n },\n onError: {\n target: 'failed',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n registering: {\n invoke: {\n src: 'registerAndConfirm',\n input: ({ context }) => {\n if (!context.enrollmentId || !context.optionsJson) throw new Error('no pending enrollment');\n return { enrollmentId: context.enrollmentId, optionsJson: context.optionsJson, name: context.name };\n },\n onDone: {\n target: 'enrolled',\n actions: ({ context, event }) => {\n context.methodId = event.output.methodId;\n context.recoveryCodes = event.output.recoveryCodes ?? null;\n context.errorCode = null;\n context.errorMessage = null;\n },\n },\n onError: {\n target: 'failed',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n enrolled: {\n on: {\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n failed: {\n on: {\n retry: { target: 'starting' },\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n },\n });\n}\n\nfunction assignInitial({ context }: { context: WebAuthnEnrollmentContext }) {\n context.enrollmentId = null;\n context.optionsJson = null;\n context.name = null;\n context.methodId = null;\n context.recoveryCodes = null;\n context.errorCode = null;\n context.errorMessage = null;\n}\n\nfunction assignApiError(context: WebAuthnEnrollmentContext, error: unknown) {\n if (error instanceof Omni2FaApiError) {\n context.errorCode = error.code;\n context.errorMessage = error.message;\n } else {\n context.errorCode = 'UNKNOWN';\n context.errorMessage = error instanceof Error ? error.message : null;\n }\n}\n\nexport type WebAuthnEnrollmentMachine = ReturnType<typeof createWebAuthnEnrollmentMachine>;\nexport type WebAuthnEnrollmentActor = ActorRefFrom<WebAuthnEnrollmentMachine>;\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\r\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\r\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\r\nimport { startAuthentication } from '../../webauthn/ceremony';\r\nimport type { ChallengeContext } from './ChallengeContext';\r\nimport type { ChallengeEvent } from './ChallengeEvent';\r\n\r\nconst initialContext: ChallengeContext = {\r\n methodId: null,\r\n methodType: null,\r\n userId: null,\r\n expiresAt: null,\r\n resendAvailableAt: null,\r\n optionsJson: null,\r\n errorCode: null,\r\n errorMessage: null,\r\n};\r\n\r\nexport function createChallengeMachine(client: IOmni2FaClient) {\r\n return setup({\r\n types: {\r\n context: {} as ChallengeContext,\r\n events: {} as ChallengeEvent,\r\n },\r\n actors: {\r\n startChallenge: fromPromise(async ({ input }: { input: { methodId: string } }) => {\r\n const result = await client.startChallenge({ methodId: input.methodId });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n resendChallenge: fromPromise(async ({ input }: { input: { methodId: string } }) => {\r\n const result = await client.resendChallenge({ methodId: input.methodId });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n verifyChallenge: fromPromise(async ({ input }: { input: { methodId: string; code: string } }) => {\r\n const result = await client.verifyChallenge({ methodId: input.methodId, code: input.code });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n assertChallenge: fromPromise(async ({ input }: { input: { methodId: string; optionsJson: string } }) => {\r\n const assertionResponseJson = await startAuthentication(input.optionsJson);\r\n const result = await client.verifyChallenge({ methodId: input.methodId, assertionResponseJson });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n verifyRecoveryCode: fromPromise(async ({ input }: { input: { code: string } }) => {\r\n const result = await client.verifyRecoveryCode({ recoveryCode: input.code });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n },\r\n }).createMachine({\r\n id: 'challenge',\r\n initial: 'idle',\r\n context: initialContext,\r\n states: {\r\n idle: {\r\n on: {\r\n pick: { target: 'starting' },\r\n useRecoveryCode: { target: 'verifyingRecovery' },\r\n },\r\n },\r\n starting: {\r\n entry: ({ context, event }) => {\r\n if (event.type === 'pick') {\r\n context.methodId = event.methodId;\r\n }\r\n },\r\n invoke: {\r\n src: 'startChallenge',\r\n input: ({ context }) => {\r\n if (!context.methodId) throw new Error('no methodId');\r\n return { methodId: context.methodId };\r\n },\r\n onDone: [\r\n {\r\n guard: ({ event }) => event.output.type === 'WebAuthn',\r\n target: 'asserting',\r\n actions: ({ context, event }) => assignStartOutput(context, event.output),\r\n },\r\n {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignStartOutput(context, event.output),\r\n },\r\n ],\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n asserting: {\r\n invoke: {\r\n src: 'assertChallenge',\r\n input: ({ context }) => {\r\n if (!context.methodId || !context.optionsJson) throw new Error('no assertion options');\r\n return { methodId: context.methodId, optionsJson: context.optionsJson };\r\n },\r\n onDone: {\r\n target: 'verified',\r\n actions: ({ context, event }) => {\r\n context.userId = event.output.userId;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n awaitingCode: {\r\n on: {\r\n submit: { target: 'verifying' },\r\n resend: { target: 'resending' },\r\n useRecoveryCode: { target: 'verifyingRecovery' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n verifyingRecovery: {\r\n invoke: {\r\n src: 'verifyRecoveryCode',\r\n input: ({ event }) => {\r\n if (event.type !== 'useRecoveryCode') throw new Error('verifyingRecovery requires useRecoveryCode event');\r\n return { code: event.code };\r\n },\r\n onDone: {\r\n target: 'verified',\r\n actions: ({ context, event }) => {\r\n context.userId = event.output.userId;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n resending: {\r\n invoke: {\r\n src: 'resendChallenge',\r\n input: ({ context }) => {\r\n if (!context.methodId) throw new Error('no methodId');\r\n return { methodId: context.methodId };\r\n },\r\n onDone: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignStartOutput(context, event.output),\r\n },\r\n onError: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n verifying: {\r\n invoke: {\r\n src: 'verifyChallenge',\r\n input: ({ context, event }) => {\r\n if (event.type !== 'submit') throw new Error('verifying requires submit event');\r\n if (!context.methodId) throw new Error('no methodId');\r\n return { methodId: context.methodId, code: event.code };\r\n },\r\n onDone: {\r\n target: 'verified',\r\n actions: ({ context, event }) => {\r\n context.userId = event.output.userId;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n verified: {\r\n on: {\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n failed: {\r\n on: {\r\n pick: { target: 'starting' },\r\n useRecoveryCode: { target: 'verifyingRecovery' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n },\r\n });\r\n}\r\n\r\nfunction assignStartOutput(context: ChallengeContext, output: { type: ChallengeContext['methodType']; expiresAt?: string | null; resendAvailableAt?: string | null; optionsJson?: string | null }) {\r\n context.methodType = output.type;\r\n context.expiresAt = output.expiresAt ?? null;\r\n context.resendAvailableAt = output.resendAvailableAt ?? null;\r\n context.optionsJson = output.optionsJson ?? null;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n}\r\n\r\nfunction assignInitial({ context }: { context: ChallengeContext }) {\r\n context.methodId = null;\r\n context.methodType = null;\r\n context.userId = null;\r\n context.expiresAt = null;\r\n context.resendAvailableAt = null;\r\n context.optionsJson = null;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n}\r\n\r\nfunction assignApiError(context: ChallengeContext, error: unknown) {\r\n if (error instanceof Omni2FaApiError) {\r\n context.errorCode = error.code;\r\n context.errorMessage = error.message;\r\n } else {\r\n context.errorCode = 'UNKNOWN';\r\n context.errorMessage = error instanceof Error ? error.message : null;\r\n }\r\n}\r\n\r\nexport type ChallengeMachine = ReturnType<typeof createChallengeMachine>;\r\nexport type ChallengeActor = ActorRefFrom<ChallengeMachine>;\r\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\r\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\r\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\r\nimport type { MethodsContext } from './MethodsContext';\r\nimport type { MethodsEvent } from './MethodsEvent';\r\n\r\nconst initialContext: MethodsContext = {\r\n items: [],\r\n errorCode: null,\r\n errorMessage: null,\r\n};\r\n\r\nexport function createMethodsMachine(client: IOmni2FaClient) {\r\n return setup({\r\n types: {\r\n context: {} as MethodsContext,\r\n events: {} as MethodsEvent,\r\n },\r\n actors: {\r\n load: fromPromise(async () => {\r\n const result = await client.listMethods();\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n remove: fromPromise(async ({ input }: { input: { methodId: string } }) => {\r\n const result = await client.removeMethod(input.methodId);\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return input.methodId;\r\n }),\r\n },\r\n }).createMachine({\r\n id: 'methods',\r\n initial: 'idle',\r\n context: initialContext,\r\n states: {\r\n idle: {\r\n on: {\r\n load: { target: 'loading' },\r\n },\r\n },\r\n loading: {\r\n invoke: {\r\n src: 'load',\r\n onDone: {\r\n target: 'ready',\r\n actions: ({ context, event }) => {\r\n context.items = event.output;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n ready: {\r\n on: {\r\n load: { target: 'loading' },\r\n remove: { target: 'removing' },\r\n },\r\n },\r\n removing: {\r\n invoke: {\r\n src: 'remove',\r\n input: ({ event }) => {\r\n if (event.type !== 'remove') throw new Error('removing requires remove event');\r\n return { methodId: event.methodId };\r\n },\r\n onDone: {\r\n target: 'ready',\r\n actions: ({ context, event }) => {\r\n const removedId = event.output;\r\n context.items = context.items.filter((m) => m.id !== removedId);\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'ready',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n failed: {\r\n on: {\r\n load: { target: 'loading' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n },\r\n });\r\n}\r\n\r\nfunction assignInitial({ context }: { context: MethodsContext }) {\r\n context.items = [];\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n}\r\n\r\nfunction assignApiError(context: MethodsContext, error: unknown) {\r\n if (error instanceof Omni2FaApiError) {\r\n context.errorCode = error.code;\r\n context.errorMessage = error.message;\r\n } else {\r\n context.errorCode = 'UNKNOWN';\r\n context.errorMessage = error instanceof Error ? error.message : null;\r\n }\r\n}\r\n\r\nexport type MethodsMachine = ReturnType<typeof createMethodsMachine>;\r\nexport type MethodsActor = ActorRefFrom<MethodsMachine>;\r\n","import { createActor } from 'xstate';\r\nimport { Omni2FaClient } from './client/Omni2FaClient';\r\nimport type { Omni2FaClientConfig } from './client/Omni2FaClientConfig';\r\nimport type { IOmni2Fa } from './Interfaces/IOmni2Fa';\r\nimport { createTotpEnrollmentMachine } from './machines/totpEnrollment/totpEnrollmentMachine';\r\nimport { createEmailEnrollmentMachine } from './machines/emailEnrollment/emailEnrollmentMachine';\r\nimport { createWebAuthnEnrollmentMachine } from './machines/webauthnEnrollment/webauthnEnrollmentMachine';\r\nimport { createChallengeMachine } from './machines/challenge/challengeMachine';\r\nimport { createMethodsMachine } from './machines/methods/methodsMachine';\r\n\r\n/**\r\n * One-call assembly of the Omni2FA core: client + three actors (TOTP enrollment, login challenge, methods list).\r\n * Actors are <c>start()</c>ed and ready to receive events. Pass the returned instance to your UI adapter.\r\n */\r\nexport function createOmni2Fa(config: Omni2FaClientConfig): IOmni2Fa {\r\n const client = new Omni2FaClient(config);\r\n\r\n const totpEnrollment = createActor(createTotpEnrollmentMachine(client));\r\n const emailEnrollment = createActor(createEmailEnrollmentMachine(client));\r\n const webauthnEnrollment = createActor(createWebAuthnEnrollmentMachine(client));\r\n const challenge = createActor(createChallengeMachine(client));\r\n const methods = createActor(createMethodsMachine(client));\r\n\r\n totpEnrollment.start();\r\n emailEnrollment.start();\r\n webauthnEnrollment.start();\r\n challenge.start();\r\n methods.start();\r\n\r\n return {\r\n client,\r\n totpEnrollment,\r\n emailEnrollment,\r\n webauthnEnrollment,\r\n challenge,\r\n methods,\r\n dispose() {\r\n totpEnrollment.stop();\r\n emailEnrollment.stop();\r\n webauthnEnrollment.stop();\r\n challenge.stop();\r\n methods.stop();\r\n },\r\n };\r\n}\r\n"],"names":["MemoryStorage","key","value","Omni2FaErrorCodes","defaults","getDefaultMessage","code","DEFAULT_PREAUTH_KEY","DEFAULT_SESSION_KEY","FALLBACK_ORIGIN","Omni2FaClient","config","createClient","request","token","url","path","data","error","response","methodId","SessionStorageStorage","LocalStorageStorage","Omni2FaApiError","message","httpStatus","details","initialContext","createTotpEnrollmentMachine","client","setup","fromPromise","result","input","context","event","assignApiError","assignInitial","createEmailEnrollmentMachine","assignStartOutput","output","base64urlToBuffer","base64","padded","binary","bytes","bufferToBase64url","buffer","byte","mapDescriptors","list","c","startRegistration","optionsJson","parsed","publicKey","credential","startAuthentication","createWebAuthnEnrollmentMachine","attestationResponseJson","createChallengeMachine","assertionResponseJson","createMethodsMachine","removedId","m","createOmni2Fa","totpEnrollment","createActor","emailEnrollment","webauthnEnrollment","challenge","methods"],"mappings":";;AAGO,MAAMA,EAAkC;AAAA,EAC1B,0BAAU,IAAA;AAAA,EAE3B,IAAIC,GAA4B;AAC5B,WAAO,KAAK,IAAI,IAAIA,CAAG,KAAK;AAAA,EAChC;AAAA,EAEA,IAAIA,GAAaC,GAAqB;AAClC,SAAK,IAAI,IAAID,GAAKC,CAAK;AAAA,EAC3B;AAAA,EAEA,OAAOD,GAAmB;AACtB,SAAK,IAAI,OAAOA,CAAG;AAAA,EACvB;AACJ;ACjBO,MAAME,IAAoB;AAAA,EAC7B,aAAa;AAAA,EACb,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,mBAAmB;AAAA,EACnB,mBAAmB;AAAA,EACnB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,qBAAqB;AAAA,EACrB,mBAAmB;AAAA,EACnB,qBAAqB;AAAA,EACrB,qBAAqB;AAAA,EACrB,kBAAkB;AAAA,EAClB,4BAA4B;AAAA,EAC5B,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,SAAS;AACb,GCfMC,IAA6C;AAAA,EAC/C,CAACD,EAAkB,WAAW,GAAG;AAAA,EACjC,CAACA,EAAkB,cAAc,GAAG;AAAA,EACpC,CAACA,EAAkB,cAAc,GAAG;AAAA,EACpC,CAACA,EAAkB,iBAAiB,GAAG;AAAA,EACvC,CAACA,EAAkB,iBAAiB,GAAG;AAAA,EACvC,CAACA,EAAkB,eAAe,GAAG;AAAA,EACrC,CAACA,EAAkB,cAAc,GAAG;AAAA,EACpC,CAACA,EAAkB,mBAAmB,GAAG;AAAA,EACzC,CAACA,EAAkB,iBAAiB,GAAG;AAAA,EACvC,CAACA,EAAkB,mBAAmB,GAAG;AAAA,EACzC,CAACA,EAAkB,mBAAmB,GAAG;AAAA,EACzC,CAACA,EAAkB,gBAAgB,GAAG;AAAA,EACtC,CAACA,EAAkB,0BAA0B,GAAG;AAAA,EAChD,CAACA,EAAkB,gBAAgB,GAAG;AAAA,EACtC,CAACA,EAAkB,YAAY,GAAG;AAAA,EAClC,CAACA,EAAkB,OAAO,GAAG;AACjC;AAEO,SAASE,EAAkBC,GAAsB;AACpD,SAAOF,EAASE,CAAwB,KAAKF,EAASD,EAAkB,OAAO;AACnF;ACOA,MAAMI,IAAsB,mBACtBC,IAAsB,mBAEtBC,IAAkB;AAIjB,MAAMC,EAAwC;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAYC,GAA6B;AACrC,SAAK,UAAUA,EAAO,WAAW,IAAIX,EAAA,GACrC,KAAK,aAAaW,EAAO,qBAAqBJ,GAC9C,KAAK,aAAaI,EAAO,qBAAqBH,GAE9C,KAAK,WAAW,IAAI,IAAIG,EAAO,SAASF,CAAe,EAAE,SAAS,QAAQ,OAAO,EAAE,GACnF,KAAK,QAAQG,EAAoB;AAAA,MAC7B,SAASD,EAAO;AAAA,MAChB,OAAOA,EAAO,SAAS,WAAW,MAAM,KAAK,UAAU;AAAA,MACvD,GAAIA,EAAO,cAAc,EAAE,aAAaA,EAAO,YAAA,IAAgB,CAAA;AAAA,IAAC,CACnE,GACD,KAAK,MAAM,IAAI;AAAA,MACX,WAAW,CAAC,EAAE,SAAAE,QAAc;AAExB,YAAIA,EAAQ,QAAQ,IAAI,eAAe;AACnC,iBAAOA;AAGX,cAAMC,IAAQ,KAAK,kBAAkBD,EAAQ,GAAG,IAAI,KAAK,gBAAA,IAAoB,KAAK,gBAAA;AAClF,eAAIC,KACAD,EAAQ,QAAQ,IAAI,iBAAiB,UAAUC,CAAK,EAAE,GAEnDD;AAAA,MACX;AAAA,IAAA,CACH;AAAA,EACL;AAAA;AAAA,EAGQ,kBAAkBE,GAAsB;AAC5C,UAAMC,IAAO,IAAI,IAAID,GAAKN,CAAe,EAAE;AAE3C,YADiBO,EAAK,WAAW,KAAK,QAAQ,IAAIA,EAAK,MAAM,KAAK,SAAS,MAAM,IAAIA,GACrE,WAAW,aAAa;AAAA,EAC5C;AAAA,EAEA,gBAAgBF,GAA4B;AACxC,SAAK,SAAS,KAAK,YAAYA,CAAK;AAAA,EACxC;AAAA,EAEA,kBAAiC;AAC7B,WAAO,KAAK,QAAQ,IAAI,KAAK,UAAU;AAAA,EAC3C;AAAA,EAEA,gBAAgBA,GAA4B;AACxC,SAAK,SAAS,KAAK,YAAYA,CAAK;AAAA,EACxC;AAAA,EAEA,kBAAiC;AAC7B,WAAO,KAAK,QAAQ,IAAI,KAAK,UAAU;AAAA,EAC3C;AAAA,EAEQ,SAASb,GAAaa,GAA4B;AACtD,IAAIA,MAAU,QAAQA,EAAM,WAAW,IACnC,KAAK,QAAQ,OAAOb,CAAG,IAEvB,KAAK,QAAQ,IAAIA,GAAKa,CAAK;AAAA,EAEnC;AAAA,EAEA,MAAM,cAAyD;AAC3D,UAAM,EAAE,MAAAG,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,IAAI,UAAU;AACjE,WAAO,KAAK,OAAOF,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,aAAaC,GAA6C;AAC5D,UAAM,EAAE,OAAAF,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,OAAO,uBAAuB,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAAC,EAAA,EAAS,GAAK;AAC7G,WAAIF,IACO,KAAK,UAAUA,GAAOC,CAAQ,IAElC,EAAE,IAAI,IAAM,OAAO,OAAA;AAAA,EAC9B;AAAA,EAEA,MAAM,sBAAoE;AACtE,UAAM,EAAE,MAAAF,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,oBAAoB;AAC5E,WAAO,KAAK,OAAOF,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,sBAAsBN,GAA+E;AACvG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,wBAAwB,EAAE,MAAMN,GAAS;AACjG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,qBAAqBN,GAAiF;AACxG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,uBAAuB,EAAE,MAAMN,GAAS;AAChG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,uBAAuBN,GAAgF;AACzG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,yBAAyB,EAAE,MAAMN,GAAS;AAClG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,sBAAsBN,GAAkF;AAC1G,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,wBAAwB,EAAE,MAAMN,GAAS;AACjG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,0BAA4E;AAC9E,UAAM,EAAE,MAAAF,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,wBAAwB;AAChF,WAAO,KAAK,OAAOF,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,0BAA0BN,GAAmF;AAC/G,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,4BAA4B,EAAE,MAAMN,GAAS;AACrG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,eAAeN,GAA6E;AAC9F,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,oBAAoB,EAAE,MAAMN,GAAS;AAC7F,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,gBAAgBN,GAA8E;AAChG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,qBAAqB,EAAE,MAAMN,GAAS;AAC9F,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,gBAAgBN,GAA6E;AAC/F,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,qBAAqB,EAAE,MAAMN,GAAS;AAC9F,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,mBAAmBN,GAAgF;AACrG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,4BAA4B,EAAE,MAAMN,GAAS;AACrG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,0BAAsE;AACxE,UAAM,EAAE,MAAAF,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,4BAA4B;AACpF,WAAO,KAAK,OAAOF,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEQ,OAAUF,GAAqBC,GAAkCC,GAAmC;AACxG,WAAID,MAAU,SACH,KAAK,UAAUA,GAAOC,CAAQ,IAErCF,MAAS,SACF;AAAA,MACH,IAAI;AAAA,MACJ,MAAMd,EAAkB;AAAA,MACxB,SAASE,EAAkBF,EAAkB,YAAY;AAAA,MACzD,YAAYgB,EAAS;AAAA,IAAA,IAGtB,EAAE,IAAI,IAAM,OAAOF,EAAA;AAAA,EAC9B;AAAA,EAEQ,UAAUC,GAAsBC,GAAuC;AAC3E,UAAMb,IAAOY,EAAM,QAAQf,EAAkB;AAC7C,WAAO;AAAA,MACH,IAAI;AAAA,MACJ,MAAAG;AAAA,MACA,SAASY,EAAM,WAAWb,EAAkBC,CAAI;AAAA,MAChD,YAAYa,EAAS;AAAA,MACrB,SAASD,EAAM,WAAW;AAAA,IAAA;AAAA,EAElC;AACJ;ACrMO,MAAMG,EAA0C;AAAA,EACnD,IAAIpB,GAA4B;AAC5B,WAAO,WAAW,gBAAgB,QAAQA,CAAG,KAAK;AAAA,EACtD;AAAA,EAEA,IAAIA,GAAaC,GAAqB;AAClC,eAAW,gBAAgB,QAAQD,GAAKC,CAAK;AAAA,EACjD;AAAA,EAEA,OAAOD,GAAmB;AACtB,eAAW,gBAAgB,WAAWA,CAAG;AAAA,EAC7C;AACJ;ACZO,MAAMqB,EAAwC;AAAA,EACjD,IAAIrB,GAA4B;AAC5B,WAAO,WAAW,cAAc,QAAQA,CAAG,KAAK;AAAA,EACpD;AAAA,EAEA,IAAIA,GAAaC,GAAqB;AAClC,eAAW,cAAc,QAAQD,GAAKC,CAAK;AAAA,EAC/C;AAAA,EAEA,OAAOD,GAAmB;AACtB,eAAW,cAAc,WAAWA,CAAG;AAAA,EAC3C;AACJ;ACVO,MAAMsB,UAAwB,MAAM;AAAA,EAC9B;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAYjB,GAAckB,GAAiBC,GAAoBC,IAA0C,MAAM;AAC3G,UAAMF,CAAO,GACb,KAAK,OAAO,mBACZ,KAAK,OAAOlB,GACZ,KAAK,aAAamB,GAClB,KAAK,UAAUC;AAAA,EACnB;AACJ;ACXA,MAAMC,IAAwC;AAAA,EAC1C,cAAc;AAAA,EACd,YAAY;AAAA,EACZ,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,eAAe;AAAA,EACf,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAASC,EAA4BC,GAAwB;AAChE,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,iBAAiBC,EAAY,YAAY;AACrC,cAAMC,IAAS,MAAMH,EAAO,oBAAA;AAC5B,YAAI,CAACG,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,mBAAmBD,EAAY,OAAO,EAAE,OAAAE,QAAoF;AACxH,cAAMD,IAAS,MAAMH,EAAO,sBAAsB;AAAA,UAC9C,cAAcI,EAAM;AAAA,UACpB,MAAMA,EAAM;AAAA,UACZ,MAAMA,EAAM;AAAA,QAAA,CACf;AACD,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASL;AAAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,QAAW;AAAA,MAChC;AAAA,MAEJ,UAAU;AAAA,QACN,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,eAAeC,EAAM,OAAO,cACpCD,EAAQ,aAAaC,EAAM,OAAO,YAClCD,EAAQ,SAASC,EAAM,OAAO,QAC9BD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,cAAc;AAAA,QACV,IAAI;AAAA,UACA,QAAQ,EAAE,QAAQ,aAAA;AAAA,UAClB,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,YAAY;AAAA,QACR,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAH,GAAS,OAAAC,QAAY;AAC3B,gBAAIA,EAAM,SAAS,SAAU,OAAM,IAAI,MAAM,kCAAkC;AAC/E,gBAAI,CAACD,EAAQ,aAAc,OAAM,IAAI,MAAM,iBAAiB;AAC5D,mBAAO,EAAE,cAAcA,EAAQ,cAAc,MAAMC,EAAM,MAAM,MAAMA,EAAM,QAAQ,KAAA;AAAA,UACvF;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,WAAWC,EAAM,OAAO,UAChCD,EAAQ,gBAAgBC,EAAM,OAAO,iBAAiB,MACtDD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,UAAU;AAAA,QACN,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,UACjB,OAAO,EAAE,QAAQ,QAAQ,SAASA,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASA,EAAc,EAAE,SAAAH,KAA+C;AACpE,EAAAA,EAAQ,eAAe,MACvBA,EAAQ,aAAa,MACrBA,EAAQ,SAAS,MACjBA,EAAQ,WAAW,MACnBA,EAAQ,gBAAgB,MACxBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAAgChB,GAAgB;AACpE,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;AC/HA,MAAMS,IAAyC;AAAA,EAC3C,cAAc;AAAA,EACd,OAAO;AAAA,EACP,WAAW;AAAA,EACX,mBAAmB;AAAA,EACnB,UAAU;AAAA,EACV,eAAe;AAAA,EACf,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAASW,EAA6BT,GAAwB;AACjE,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,iBAAiBC,EAAY,OAAO,EAAE,OAAAE,QAA0C;AAC5E,cAAMD,IAAS,MAAMH,EAAO,qBAAqB,EAAE,OAAOI,EAAM,OAAO;AACvE,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,kBAAkBD,EAAY,OAAO,EAAE,OAAAE,QAAiD;AACpF,cAAMD,IAAS,MAAMH,EAAO,sBAAsB,EAAE,cAAcI,EAAM,cAAc;AACtF,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,mBAAmBD,EAAY,OAAO,EAAE,OAAAE,QAAoF;AACxH,cAAMD,IAAS,MAAMH,EAAO,uBAAuB;AAAA,UAC/C,cAAcI,EAAM;AAAA,UACpB,MAAMA,EAAM;AAAA,UACZ,MAAMA,EAAM;AAAA,QAAA,CACf;AACD,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASL;AAAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,QAAW;AAAA,MAChC;AAAA,MAEJ,UAAU;AAAA,QACN,OAAO,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC3B,UAAIA,EAAM,SAAS,YACfD,EAAQ,QAAQC,EAAM;AAAA,QAE9B;AAAA,QACA,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,MAAO,OAAM,IAAI,MAAM,UAAU;AAC9C,mBAAO,EAAE,OAAOA,EAAQ,MAAA;AAAA,UAC5B;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,UAAA;AAAA,UAE5E,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,cAAc;AAAA,QACV,IAAI;AAAA,UACA,QAAQ,EAAE,QAAQ,aAAA;AAAA,UAClB,QAAQ,EAAE,QAAQ,YAAA;AAAA,UAClB,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,WAAW;AAAA,QACP,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAH,QAAc;AACpB,gBAAI,CAACA,EAAQ,aAAc,OAAM,IAAI,MAAM,iBAAiB;AAC5D,mBAAO,EAAE,cAAcA,EAAQ,aAAA;AAAA,UACnC;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,UAAA;AAAA,UAE5E,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,YAAY;AAAA,QACR,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC3B,gBAAIA,EAAM,SAAS,SAAU,OAAM,IAAI,MAAM,kCAAkC;AAC/E,gBAAI,CAACD,EAAQ,aAAc,OAAM,IAAI,MAAM,iBAAiB;AAC5D,mBAAO,EAAE,cAAcA,EAAQ,cAAc,MAAMC,EAAM,MAAM,MAAMA,EAAM,QAAQ,KAAA;AAAA,UACvF;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,WAAWC,EAAM,OAAO,UAChCD,EAAQ,gBAAgBC,EAAM,OAAO,iBAAiB,MACtDD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,UAAU;AAAA,QACN,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,UACjB,OAAO,EAAE,QAAQ,QAAQ,SAASA,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASE,EAAkBL,GAAiCM,GAAgF;AACxI,EAAAN,EAAQ,eAAeM,EAAO,cAC9BN,EAAQ,YAAYM,EAAO,WAC3BN,EAAQ,oBAAoBM,EAAO,mBACnCN,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASG,EAAc,EAAE,SAAAH,KAAgD;AACrE,EAAAA,EAAQ,eAAe,MACvBA,EAAQ,QAAQ,MAChBA,EAAQ,YAAY,MACpBA,EAAQ,oBAAoB,MAC5BA,EAAQ,WAAW,MACnBA,EAAQ,gBAAgB,MACxBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAAiChB,GAAgB;AACrE,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;ACzKO,SAASuB,EAAkBvC,GAA4B;AAC1D,QAAMwC,IAASxC,EAAM,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG,GACnDyC,IAASD,EAAO,OAAO,KAAK,KAAKA,EAAO,SAAS,CAAC,IAAI,GAAG,GAAG,GAC5DE,IAAS,KAAKD,CAAM,GACpBE,IAAQ,IAAI,WAAWD,EAAO,MAAM;AAC1C,WAAS,IAAI,GAAG,IAAIA,EAAO,QAAQ;AAC/B,IAAAC,EAAM,CAAC,IAAID,EAAO,WAAW,CAAC;AAElC,SAAOC,EAAM;AACjB;AAEO,SAASC,EAAkBC,GAA6B;AAC3D,QAAMF,IAAQ,IAAI,WAAWE,CAAM;AACnC,MAAIH,IAAS;AACb,aAAWI,KAAQH;AACf,IAAAD,KAAU,OAAO,aAAaI,CAAI;AAEtC,SAAO,KAAKJ,CAAM,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,EAAE;AACjF;ACOA,SAASK,EAAeC,GAA+E;AACnG,UAAQA,KAAQ,CAAA,GAAI,IAAI,CAACC,OAAO,EAAE,GAAGA,GAAG,IAAIV,EAAkBU,EAAE,EAAE,IAAI;AAC1E;AAGA,eAAsBC,EAAkBC,GAAsC;AAC1E,QAAMC,IAAS,KAAK,MAAMD,CAAW,GAC/BE,IAAY;AAAA,IACd,GAAGD;AAAA,IACH,WAAWb,EAAkBa,EAAO,SAAS;AAAA,IAC7C,MAAM,EAAE,GAAGA,EAAO,MAAM,IAAIb,EAAkBa,EAAO,KAAK,EAAE,EAAA;AAAA,IAC5D,oBAAoBL,EAAeK,EAAO,kBAAkB;AAAA;AAAA,EAAA,GAI1DE,IAAc,MAAM,UAAU,YAAY,OAAO,EAAE,WAAAD,GAAW;AACpE,MAAIC,MAAe;AACf,UAAM,IAAI,MAAM,+CAA+C;AAEnE,QAAMrC,IAAWqC,EAAW;AAC5B,SAAO,KAAK,UAAU;AAAA,IAClB,IAAIA,EAAW;AAAA,IACf,OAAOV,EAAkBU,EAAW,KAAK;AAAA,IACzC,MAAMA,EAAW;AAAA,IACjB,YAAYA,EAAW,0BAAA;AAAA,IACvB,UAAU;AAAA,MACN,mBAAmBV,EAAkB3B,EAAS,iBAAiB;AAAA,MAC/D,gBAAgB2B,EAAkB3B,EAAS,cAAc;AAAA,IAAA;AAAA,EAC7D,CACH;AACL;AAGA,eAAsBsC,EAAoBJ,GAAsC;AAC5E,QAAMC,IAAS,KAAK,MAAMD,CAAW,GAC/BE,IAAY;AAAA,IACd,GAAGD;AAAA,IACH,WAAWb,EAAkBa,EAAO,SAAS;AAAA,IAC7C,kBAAkBL,EAAeK,EAAO,gBAAgB;AAAA,EAAA,GAGtDE,IAAc,MAAM,UAAU,YAAY,IAAI,EAAE,WAAAD,GAAW;AACjE,MAAIC,MAAe;AACf,UAAM,IAAI,MAAM,iDAAiD;AAErE,QAAMrC,IAAWqC,EAAW;AAC5B,SAAO,KAAK,UAAU;AAAA,IAClB,IAAIA,EAAW;AAAA,IACf,OAAOV,EAAkBU,EAAW,KAAK;AAAA,IACzC,MAAMA,EAAW;AAAA,IACjB,YAAYA,EAAW,0BAAA;AAAA,IACvB,UAAU;AAAA,MACN,mBAAmBV,EAAkB3B,EAAS,iBAAiB;AAAA,MAC/D,gBAAgB2B,EAAkB3B,EAAS,cAAc;AAAA,MACzD,WAAW2B,EAAkB3B,EAAS,SAAS;AAAA,MAC/C,YAAYA,EAAS,aAAa2B,EAAkB3B,EAAS,UAAU,IAAI;AAAA,IAAA;AAAA,EAC/E,CACH;AACL;AC9EA,MAAMQ,IAA4C;AAAA,EAC9C,cAAc;AAAA,EACd,aAAa;AAAA,EACb,MAAM;AAAA,EACN,UAAU;AAAA,EACV,eAAe;AAAA,EACf,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAAS+B,EAAgC7B,GAAwB;AACpE,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,iBAAiBC,EAAY,YAAY;AACrC,cAAMC,IAAS,MAAMH,EAAO,wBAAA;AAC5B,YAAI,CAACG,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,oBAAoBD,EAAY,OAAO,EAAE,OAAAE,QAA2F;AAChI,cAAM0B,IAA0B,MAAMP,EAAkBnB,EAAM,WAAW,GACnED,IAAS,MAAMH,EAAO,0BAA0B;AAAA,UAClD,cAAcI,EAAM;AAAA,UACpB,yBAAA0B;AAAA,UACA,MAAM1B,EAAM;AAAA,QAAA,CACf;AACD,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASL;AAAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,QAAW;AAAA,MAChC;AAAA,MAEJ,UAAU;AAAA,QACN,OAAO,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC3B,UAAIA,EAAM,SAAS,YACfD,EAAQ,OAAOC,EAAM,QAAQ;AAAA,QAErC;AAAA,QACA,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,eAAeC,EAAM,OAAO,cACpCD,EAAQ,cAAcC,EAAM,OAAO,aACnCD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,aAAa;AAAA,QACT,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,gBAAgB,CAACA,EAAQ,YAAa,OAAM,IAAI,MAAM,uBAAuB;AAC1F,mBAAO,EAAE,cAAcA,EAAQ,cAAc,aAAaA,EAAQ,aAAa,MAAMA,EAAQ,KAAA;AAAA,UACjG;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,WAAWC,EAAM,OAAO,UAChCD,EAAQ,gBAAgBC,EAAM,OAAO,iBAAiB,MACtDD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,UAAU;AAAA,QACN,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,UACjB,OAAO,EAAE,QAAQ,QAAQ,SAASA,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASA,EAAc,EAAE,SAAAH,KAAmD;AACxE,EAAAA,EAAQ,eAAe,MACvBA,EAAQ,cAAc,MACtBA,EAAQ,OAAO,MACfA,EAAQ,WAAW,MACnBA,EAAQ,gBAAgB,MACxBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAAoChB,GAAgB;AACxE,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;AC7HA,MAAMS,IAAmC;AAAA,EACrC,UAAU;AAAA,EACV,YAAY;AAAA,EACZ,QAAQ;AAAA,EACR,WAAW;AAAA,EACX,mBAAmB;AAAA,EACnB,aAAa;AAAA,EACb,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAASiC,EAAuB/B,GAAwB;AAC3D,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,gBAAgBC,EAAY,OAAO,EAAE,OAAAE,QAA6C;AAC9E,cAAMD,IAAS,MAAMH,EAAO,eAAe,EAAE,UAAUI,EAAM,UAAU;AACvE,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,iBAAiBD,EAAY,OAAO,EAAE,OAAAE,QAA6C;AAC/E,cAAMD,IAAS,MAAMH,EAAO,gBAAgB,EAAE,UAAUI,EAAM,UAAU;AACxE,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,iBAAiBD,EAAY,OAAO,EAAE,OAAAE,QAA2D;AAC7F,cAAMD,IAAS,MAAMH,EAAO,gBAAgB,EAAE,UAAUI,EAAM,UAAU,MAAMA,EAAM,KAAA,CAAM;AAC1F,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,iBAAiBD,EAAY,OAAO,EAAE,OAAAE,QAAkE;AACpG,cAAM4B,IAAwB,MAAMJ,EAAoBxB,EAAM,WAAW,GACnED,IAAS,MAAMH,EAAO,gBAAgB,EAAE,UAAUI,EAAM,UAAU,uBAAA4B,GAAuB;AAC/F,YAAI,CAAC7B,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,oBAAoBD,EAAY,OAAO,EAAE,OAAAE,QAAyC;AAC9E,cAAMD,IAAS,MAAMH,EAAO,mBAAmB,EAAE,cAAcI,EAAM,MAAM;AAC3E,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASL;AAAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,WAAA;AAAA,UAChB,iBAAiB,EAAE,QAAQ,oBAAA;AAAA,QAAoB;AAAA,MACnD;AAAA,MAEJ,UAAU;AAAA,QACN,OAAO,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC3B,UAAIA,EAAM,SAAS,WACfD,EAAQ,WAAWC,EAAM;AAAA,QAEjC;AAAA,QACA,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,SAAU,OAAM,IAAI,MAAM,aAAa;AACpD,mBAAO,EAAE,UAAUA,EAAQ,SAAA;AAAA,UAC/B;AAAA,UACA,QAAQ;AAAA,YACJ;AAAA,cACI,OAAO,CAAC,EAAE,OAAAC,QAAYA,EAAM,OAAO,SAAS;AAAA,cAC5C,QAAQ;AAAA,cACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,YAAA;AAAA,YAE5E;AAAA,cACI,QAAQ;AAAA,cACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,YAAA;AAAA,UAC5E;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,WAAW;AAAA,QACP,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,YAAY,CAACA,EAAQ,YAAa,OAAM,IAAI,MAAM,sBAAsB;AACrF,mBAAO,EAAE,UAAUA,EAAQ,UAAU,aAAaA,EAAQ,YAAA;AAAA,UAC9D;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,SAASC,EAAM,OAAO,QAC9BD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,cAAc;AAAA,QACV,IAAI;AAAA,UACA,QAAQ,EAAE,QAAQ,YAAA;AAAA,UAClB,QAAQ,EAAE,QAAQ,YAAA;AAAA,UAClB,iBAAiB,EAAE,QAAQ,oBAAA;AAAA,UAC3B,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,mBAAmB;AAAA,QACf,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,OAAAF,QAAY;AAClB,gBAAIA,EAAM,SAAS,kBAAmB,OAAM,IAAI,MAAM,kDAAkD;AACxG,mBAAO,EAAE,MAAMA,EAAM,KAAA;AAAA,UACzB;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,SAASC,EAAM,OAAO,QAC9BD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,WAAW;AAAA,QACP,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,SAAU,OAAM,IAAI,MAAM,aAAa;AACpD,mBAAO,EAAE,UAAUA,EAAQ,SAAA;AAAA,UAC/B;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,UAAA;AAAA,UAE5E,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,WAAW;AAAA,QACP,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC3B,gBAAIA,EAAM,SAAS,SAAU,OAAM,IAAI,MAAM,iCAAiC;AAC9E,gBAAI,CAACD,EAAQ,SAAU,OAAM,IAAI,MAAM,aAAa;AACpD,mBAAO,EAAE,UAAUA,EAAQ,UAAU,MAAMC,EAAM,KAAA;AAAA,UACrD;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,SAASC,EAAM,OAAO,QAC9BD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,UAAU;AAAA,QACN,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,WAAA;AAAA,UAChB,iBAAiB,EAAE,QAAQ,oBAAA;AAAA,UAC3B,OAAO,EAAE,QAAQ,QAAQ,SAASA,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASE,EAAkBL,GAA2BM,GAA6I;AAC/L,EAAAN,EAAQ,aAAaM,EAAO,MAC5BN,EAAQ,YAAYM,EAAO,aAAa,MACxCN,EAAQ,oBAAoBM,EAAO,qBAAqB,MACxDN,EAAQ,cAAcM,EAAO,eAAe,MAC5CN,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASG,EAAc,EAAE,SAAAH,KAA0C;AAC/D,EAAAA,EAAQ,WAAW,MACnBA,EAAQ,aAAa,MACrBA,EAAQ,SAAS,MACjBA,EAAQ,YAAY,MACpBA,EAAQ,oBAAoB,MAC5BA,EAAQ,cAAc,MACtBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAA2BhB,GAAgB;AAC/D,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;ACrOA,MAAMS,IAAiC;AAAA,EACnC,OAAO,CAAA;AAAA,EACP,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAASmC,EAAqBjC,GAAwB;AACzD,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,MAAMC,EAAY,YAAY;AAC1B,cAAMC,IAAS,MAAMH,EAAO,YAAA;AAC5B,YAAI,CAACG,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,QAAQD,EAAY,OAAO,EAAE,OAAAE,QAA6C;AACtE,cAAMD,IAAS,MAAMH,EAAO,aAAaI,EAAM,QAAQ;AACvD,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOC,EAAM;AAAA,MACjB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASN;AAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,UAAA;AAAA,QAAU;AAAA,MAC9B;AAAA,MAEJ,SAAS;AAAA,QACL,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,QAAQC,EAAM,QACtBD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,OAAO;AAAA,QACH,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,UAAA;AAAA,UAChB,QAAQ,EAAE,QAAQ,WAAA;AAAA,QAAW;AAAA,MACjC;AAAA,MAEJ,UAAU;AAAA,QACN,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,OAAAA,QAAY;AAClB,gBAAIA,EAAM,SAAS,SAAU,OAAM,IAAI,MAAM,gCAAgC;AAC7E,mBAAO,EAAE,UAAUA,EAAM,SAAA;AAAA,UAC7B;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,oBAAM4B,IAAY5B,EAAM;AACxB,cAAAD,EAAQ,QAAQA,EAAQ,MAAM,OAAO,CAAC8B,MAAMA,EAAE,OAAOD,CAAS,GAC9D7B,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,UAAA;AAAA,UAChB,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASA,EAAc,EAAE,SAAAH,KAAwC;AAC7D,EAAAA,EAAQ,QAAQ,CAAA,GAChBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAAyBhB,GAAgB;AAC7D,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;ACnGO,SAAS+C,EAActD,GAAuC;AACjE,QAAMkB,IAAS,IAAInB,EAAcC,CAAM,GAEjCuD,IAAiBC,EAAYvC,EAA4BC,CAAM,CAAC,GAChEuC,IAAkBD,EAAY7B,EAA6BT,CAAM,CAAC,GAClEwC,IAAqBF,EAAYT,EAAgC7B,CAAM,CAAC,GACxEyC,IAAYH,EAAYP,EAAuB/B,CAAM,CAAC,GACtD0C,IAAUJ,EAAYL,EAAqBjC,CAAM,CAAC;AAExD,SAAAqC,EAAe,MAAA,GACfE,EAAgB,MAAA,GAChBC,EAAmB,MAAA,GACnBC,EAAU,MAAA,GACVC,EAAQ,MAAA,GAED;AAAA,IACH,QAAA1C;AAAA,IACA,gBAAAqC;AAAA,IACA,iBAAAE;AAAA,IACA,oBAAAC;AAAA,IACA,WAAAC;AAAA,IACA,SAAAC;AAAA,IACA,UAAU;AACN,MAAAL,EAAe,KAAA,GACfE,EAAgB,KAAA,GAChBC,EAAmB,KAAA,GACnBC,EAAU,KAAA,GACVC,EAAQ,KAAA;AAAA,IACZ;AAAA,EAAA;AAER;"}
|
|
1
|
+
{"version":3,"file":"index.js","sources":["../src/storage/MemoryStorage.ts","../src/errors/codes.ts","../src/errors/messages.ts","../src/client/Omni2FaClient.ts","../src/storage/SessionStorageStorage.ts","../src/storage/LocalStorageStorage.ts","../src/errors/Omni2FaApiError.ts","../src/machines/totpEnrollment/totpEnrollmentMachine.ts","../src/machines/emailEnrollment/emailEnrollmentMachine.ts","../src/webauthn/base64url.ts","../src/webauthn/ceremony.ts","../src/machines/webauthnEnrollment/webauthnEnrollmentMachine.ts","../src/machines/challenge/challengeMachine.ts","../src/machines/methods/methodsMachine.ts","../src/createOmni2Fa.ts"],"sourcesContent":["import type { IStorage } from './Interfaces/IStorage';\r\n\r\n/** In-process storage. Default. Values vanish on page reload — safest default. */\r\nexport class MemoryStorage implements IStorage {\r\n private readonly map = new Map<string, string>();\r\n\r\n get(key: string): string | null {\r\n return this.map.get(key) ?? null;\r\n }\r\n\r\n set(key: string, value: string): void {\r\n this.map.set(key, value);\r\n }\r\n\r\n remove(key: string): void {\r\n this.map.delete(key);\r\n }\r\n}\r\n","export const Omni2FaErrorCodes = {\r\n InvalidCode: 'INVALID_CODE',\r\n PreAuthExpired: 'PREAUTH_EXPIRED',\r\n PreAuthInvalid: 'PREAUTH_INVALID',\r\n ChallengeNotFound: 'CHALLENGE_NOT_FOUND',\r\n ChallengeConsumed: 'CHALLENGE_CONSUMED',\r\n TooManyAttempts: 'TOO_MANY_ATTEMPTS',\r\n MethodNotFound: 'METHOD_NOT_FOUND',\r\n TypeAlreadyEnrolled: 'TYPE_ALREADY_ENROLLED',\r\n MaxMethodsReached: 'MAX_METHODS_REACHED',\r\n LastMethodProtected: 'LAST_METHOD_PROTECTED',\r\n RecoveryCodeInvalid: 'RECOVERY_CODE_INVALID',\r\n RecoveryCodeUsed: 'RECOVERY_CODE_USED',\r\n WebAuthnVerificationFailed: 'WEBAUTHN_VERIFICATION_FAILED',\r\n ValidationFailed: 'VALIDATION_FAILED',\r\n NetworkError: 'NETWORK_ERROR',\r\n Unknown: 'UNKNOWN',\r\n} as const;\r\n\r\nexport type Omni2FaErrorCode = (typeof Omni2FaErrorCodes)[keyof typeof Omni2FaErrorCodes];\r\n","import { Omni2FaErrorCodes, type Omni2FaErrorCode } from './codes';\r\n\r\nconst defaults: Record<Omni2FaErrorCode, string> = {\r\n [Omni2FaErrorCodes.InvalidCode]: 'The code you entered is invalid.',\r\n [Omni2FaErrorCodes.PreAuthExpired]: 'Your session has expired. Please sign in again.',\r\n [Omni2FaErrorCodes.PreAuthInvalid]: 'Your session is invalid. Please sign in again.',\r\n [Omni2FaErrorCodes.ChallengeNotFound]: 'No active verification step. Please restart.',\r\n [Omni2FaErrorCodes.ChallengeConsumed]: 'This verification step was already used. Please sign in again.',\r\n [Omni2FaErrorCodes.TooManyAttempts]: 'Too many attempts. Please wait before trying again.',\r\n [Omni2FaErrorCodes.MethodNotFound]: 'The selected 2FA method was not found.',\r\n [Omni2FaErrorCodes.TypeAlreadyEnrolled]: 'You already have this type of 2FA enabled.',\r\n [Omni2FaErrorCodes.MaxMethodsReached]: 'You have reached the maximum number of 2FA methods.',\r\n [Omni2FaErrorCodes.LastMethodProtected]: 'You cannot remove your last 2FA method.',\r\n [Omni2FaErrorCodes.RecoveryCodeInvalid]: 'The recovery code is invalid.',\r\n [Omni2FaErrorCodes.RecoveryCodeUsed]: 'This recovery code has already been used.',\r\n [Omni2FaErrorCodes.WebAuthnVerificationFailed]: 'Security key verification failed.',\r\n [Omni2FaErrorCodes.ValidationFailed]: 'The request was malformed.',\r\n [Omni2FaErrorCodes.NetworkError]: 'Network error. Please check your connection.',\r\n [Omni2FaErrorCodes.Unknown]: 'An unexpected error occurred.',\r\n};\r\n\r\nexport function getDefaultMessage(code: string): string {\r\n return defaults[code as Omni2FaErrorCode] ?? defaults[Omni2FaErrorCodes.Unknown];\r\n}\r\n","import createClient from 'openapi-fetch';\r\nimport type { paths } from '../types/api';\r\nimport type { IStorage } from '../storage/Interfaces/IStorage';\r\nimport { MemoryStorage } from '../storage/MemoryStorage';\r\nimport { Omni2FaErrorCodes } from '../errors/codes';\r\nimport { getDefaultMessage } from '../errors/messages';\r\nimport type {\r\n ChallengeResendRequest,\r\n ChallengeStartRequest,\r\n ChallengeStartResponse,\r\n ChallengeVerifyRequest,\r\n EmailEnrollConfirmRequest,\r\n EmailEnrollResendRequest,\r\n EmailEnrollStartRequest,\r\n EmailEnrollStartResponse,\r\n ErrorResponse,\r\n MethodCreatedResponse,\r\n RecoveryCodesResponse,\r\n RecoveryCodeVerifyRequest,\r\n TotpEnrollConfirmRequest,\r\n TotpEnrollStartResponse,\r\n TwoFactorMethodDto,\r\n VerifySuccessResponse,\r\n WebAuthnEnrollConfirmRequest,\r\n WebAuthnEnrollStartResponse,\r\n} from '../types/dtos';\r\nimport type { ClientCall } from './Interfaces/ClientCall';\r\nimport type { IOmni2FaClient } from './Interfaces/IOmni2FaClient';\r\nimport type { Omni2FaClientConfig } from './Omni2FaClientConfig';\r\n\r\nconst DEFAULT_PREAUTH_KEY = 'omni2fa:preauth';\r\nconst DEFAULT_SESSION_KEY = 'omni2fa:session';\r\n// Only used to resolve a relative baseUrl/request URL so we can read its pathname; the origin is irrelevant.\r\nconst FALLBACK_ORIGIN = 'http://omni2fa.local';\r\n\r\ntype FetchClient = ReturnType<typeof createClient<paths>>;\r\n\r\nexport class Omni2FaClient implements IOmni2FaClient {\r\n private readonly storage: IStorage;\r\n private readonly preAuthKey: string;\r\n private readonly sessionKey: string;\r\n private readonly basePath: string;\r\n private readonly inner: FetchClient;\r\n\r\n constructor(config: Omni2FaClientConfig) {\r\n this.storage = config.storage ?? new MemoryStorage();\r\n this.preAuthKey = config.preAuthStorageKey ?? DEFAULT_PREAUTH_KEY;\r\n this.sessionKey = config.sessionStorageKey ?? DEFAULT_SESSION_KEY;\r\n // Mount path of the API, e.g. \"/api/2fa\" — used to classify endpoints by their path under it.\r\n this.basePath = new URL(config.baseUrl, FALLBACK_ORIGIN).pathname.replace(/\\/$/, '');\r\n this.inner = createClient<paths>({\r\n baseUrl: config.baseUrl,\r\n fetch: config.fetch ?? globalThis.fetch.bind(globalThis),\r\n ...(config.credentials ? { credentials: config.credentials } : {}),\r\n });\r\n this.inner.use({\r\n onRequest: ({ request }) => {\r\n // A custom fetch / host-set header always wins.\r\n if (request.headers.has('Authorization')) {\r\n return request;\r\n }\r\n // Pre-auth token guards the 2FA ceremony; everything else uses the host session token.\r\n const token = this.isPreAuthEndpoint(request.url) ? this.getPreAuthToken() : this.getSessionToken();\r\n if (token) {\r\n request.headers.set('Authorization', `Bearer ${token}`);\r\n }\r\n return request;\r\n },\r\n });\r\n }\r\n\r\n /** Pre-auth endpoints are exactly the ones mounted under <c>{basePath}/challenge/</c>. */\r\n private isPreAuthEndpoint(url: string): boolean {\r\n const path = new URL(url, FALLBACK_ORIGIN).pathname;\r\n const relative = path.startsWith(this.basePath) ? path.slice(this.basePath.length) : path;\r\n return relative.startsWith('/challenge/');\r\n }\r\n\r\n setPreAuthToken(token: string | null): void {\r\n this.setToken(this.preAuthKey, token);\r\n }\r\n\r\n getPreAuthToken(): string | null {\r\n return this.storage.get(this.preAuthKey);\r\n }\r\n\r\n setSessionToken(token: string | null): void {\r\n this.setToken(this.sessionKey, token);\r\n }\r\n\r\n getSessionToken(): string | null {\r\n return this.storage.get(this.sessionKey);\r\n }\r\n\r\n private setToken(key: string, token: string | null): void {\r\n if (token === null || token.length === 0) {\r\n this.storage.remove(key);\r\n } else {\r\n this.storage.set(key, token);\r\n }\r\n }\r\n\r\n async listMethods(): Promise<ClientCall<TwoFactorMethodDto[]>> {\r\n const { data, error, response } = await this.inner.GET('/methods');\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async removeMethod(methodId: string): Promise<ClientCall<void>> {\r\n const { error, response } = await this.inner.DELETE('/methods/{methodId}', { params: { path: { methodId } } });\r\n if (error) {\r\n return this.errorCall(error, response);\r\n }\r\n return { ok: true, value: undefined };\r\n }\r\n\r\n async startTotpEnrollment(): Promise<ClientCall<TotpEnrollStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/totp/start');\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async confirmTotpEnrollment(request: TotpEnrollConfirmRequest): Promise<ClientCall<MethodCreatedResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/totp/confirm', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async startEmailEnrollment(request: EmailEnrollStartRequest): Promise<ClientCall<EmailEnrollStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/email/start', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async confirmEmailEnrollment(request: EmailEnrollConfirmRequest): Promise<ClientCall<MethodCreatedResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/email/confirm', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async resendEmailEnrollment(request: EmailEnrollResendRequest): Promise<ClientCall<EmailEnrollStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/email/resend', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async startWebAuthnEnrollment(): Promise<ClientCall<WebAuthnEnrollStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/webauthn/start');\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async confirmWebAuthnEnrollment(request: WebAuthnEnrollConfirmRequest): Promise<ClientCall<MethodCreatedResponse>> {\r\n const { data, error, response } = await this.inner.POST('/enroll/webauthn/confirm', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async startChallenge(request: ChallengeStartRequest): Promise<ClientCall<ChallengeStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/challenge/start', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async resendChallenge(request: ChallengeResendRequest): Promise<ClientCall<ChallengeStartResponse>> {\r\n const { data, error, response } = await this.inner.POST('/challenge/resend', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async verifyChallenge(request: ChallengeVerifyRequest): Promise<ClientCall<VerifySuccessResponse>> {\r\n const { data, error, response } = await this.inner.POST('/challenge/verify', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async verifyRecoveryCode(request: RecoveryCodeVerifyRequest): Promise<ClientCall<VerifySuccessResponse>> {\r\n const { data, error, response } = await this.inner.POST('/challenge/recovery-code', { body: request });\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n async regenerateRecoveryCodes(): Promise<ClientCall<RecoveryCodesResponse>> {\r\n const { data, error, response } = await this.inner.POST('/recovery-codes/regenerate');\r\n return this.toCall(data, error, response);\r\n }\r\n\r\n private toCall<T>(data: T | undefined, error: ErrorResponse | undefined, response: Response): ClientCall<T> {\r\n if (error !== undefined) {\r\n return this.errorCall(error, response);\r\n }\r\n if (data === undefined) {\r\n return {\r\n ok: false,\r\n code: Omni2FaErrorCodes.NetworkError,\r\n message: getDefaultMessage(Omni2FaErrorCodes.NetworkError),\r\n httpStatus: response.status,\r\n };\r\n }\r\n return { ok: true, value: data };\r\n }\r\n\r\n private errorCall(error: ErrorResponse, response: Response): ClientCall<never> {\r\n const code = error.code || Omni2FaErrorCodes.Unknown;\r\n return {\r\n ok: false,\r\n code,\r\n message: error.message || getDefaultMessage(code),\r\n httpStatus: response.status,\r\n details: error.details ?? null,\r\n };\r\n }\r\n}\r\n","import type { IStorage } from './Interfaces/IStorage';\r\n\r\n/** Browser <c>sessionStorage</c>. Values persist across page reloads in the same tab, gone when tab closes. */\r\nexport class SessionStorageStorage implements IStorage {\r\n get(key: string): string | null {\r\n return globalThis.sessionStorage?.getItem(key) ?? null;\r\n }\r\n\r\n set(key: string, value: string): void {\r\n globalThis.sessionStorage?.setItem(key, value);\r\n }\r\n\r\n remove(key: string): void {\r\n globalThis.sessionStorage?.removeItem(key);\r\n }\r\n}\r\n","import type { IStorage } from './Interfaces/IStorage';\r\n\r\n/** Browser <c>localStorage</c>. Values persist indefinitely across sessions. Use with caution for sensitive data. */\r\nexport class LocalStorageStorage implements IStorage {\r\n get(key: string): string | null {\r\n return globalThis.localStorage?.getItem(key) ?? null;\r\n }\r\n\r\n set(key: string, value: string): void {\r\n globalThis.localStorage?.setItem(key, value);\r\n }\r\n\r\n remove(key: string): void {\r\n globalThis.localStorage?.removeItem(key);\r\n }\r\n}\r\n","/**\r\n * Error thrown by core machines when an HTTP call fails. Carries the stable error code,\r\n * HTTP status, and optional structured details. Adapters read it from xstate's <c>onError</c>\r\n * <c>event.error</c>.\r\n */\r\nexport class Omni2FaApiError extends Error {\r\n readonly code: string;\r\n readonly httpStatus: number;\r\n readonly details: Record<string, unknown> | null;\r\n\r\n constructor(code: string, message: string, httpStatus: number, details: Record<string, unknown> | null = null) {\r\n super(message);\r\n this.name = 'Omni2FaApiError';\r\n this.code = code;\r\n this.httpStatus = httpStatus;\r\n this.details = details;\r\n }\r\n}\r\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\r\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\r\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\r\nimport type { TotpEnrollmentContext } from './TotpEnrollmentContext';\r\nimport type { TotpEnrollmentEvent } from './TotpEnrollmentEvent';\r\n\r\nconst initialContext: TotpEnrollmentContext = {\r\n enrollmentId: null,\r\n otpAuthUri: null,\r\n secret: null,\r\n methodId: null,\r\n recoveryCodes: null,\r\n errorCode: null,\r\n errorMessage: null,\r\n};\r\n\r\nexport function createTotpEnrollmentMachine(client: IOmni2FaClient) {\r\n return setup({\r\n types: {\r\n context: {} as TotpEnrollmentContext,\r\n events: {} as TotpEnrollmentEvent,\r\n },\r\n actors: {\r\n startEnrollment: fromPromise(async () => {\r\n const result = await client.startTotpEnrollment();\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n confirmEnrollment: fromPromise(async ({ input }: { input: { enrollmentId: string; code: string; name: string | null } }) => {\r\n const result = await client.confirmTotpEnrollment({\r\n enrollmentId: input.enrollmentId,\r\n code: input.code,\r\n name: input.name,\r\n });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n },\r\n }).createMachine({\r\n id: 'totpEnrollment',\r\n initial: 'idle',\r\n context: initialContext,\r\n states: {\r\n idle: {\r\n on: {\r\n start: { target: 'starting' },\r\n },\r\n },\r\n starting: {\r\n invoke: {\r\n src: 'startEnrollment',\r\n onDone: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => {\r\n context.enrollmentId = event.output.enrollmentId;\r\n context.otpAuthUri = event.output.otpAuthUri;\r\n context.secret = event.output.secret;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n awaitingCode: {\r\n on: {\r\n submit: { target: 'confirming' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n confirming: {\r\n invoke: {\r\n src: 'confirmEnrollment',\r\n input: ({ context, event }) => {\r\n if (event.type !== 'submit') throw new Error('confirming requires submit event');\r\n if (!context.enrollmentId) throw new Error('no enrollmentId');\r\n return { enrollmentId: context.enrollmentId, code: event.code, name: event.name ?? null };\r\n },\r\n onDone: {\r\n target: 'enrolled',\r\n actions: ({ context, event }) => {\r\n context.methodId = event.output.methodId;\r\n context.recoveryCodes = event.output.recoveryCodes ?? null;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n enrolled: {\r\n on: {\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n failed: {\r\n on: {\r\n start: { target: 'starting' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n },\r\n });\r\n}\r\n\r\nfunction assignInitial({ context }: { context: TotpEnrollmentContext }) {\r\n context.enrollmentId = null;\r\n context.otpAuthUri = null;\r\n context.secret = null;\r\n context.methodId = null;\r\n context.recoveryCodes = null;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n}\r\n\r\nfunction assignApiError(context: TotpEnrollmentContext, error: unknown) {\r\n if (error instanceof Omni2FaApiError) {\r\n context.errorCode = error.code;\r\n context.errorMessage = error.message;\r\n } else {\r\n context.errorCode = 'UNKNOWN';\r\n context.errorMessage = error instanceof Error ? error.message : null;\r\n }\r\n}\r\n\r\nexport type TotpEnrollmentMachine = ReturnType<typeof createTotpEnrollmentMachine>;\r\nexport type TotpEnrollmentActor = ActorRefFrom<TotpEnrollmentMachine>;\r\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\nimport type { EmailEnrollmentContext } from './EmailEnrollmentContext';\nimport type { EmailEnrollmentEvent } from './EmailEnrollmentEvent';\n\nconst initialContext: EmailEnrollmentContext = {\n enrollmentId: null,\n email: null,\n expiresAt: null,\n resendAvailableAt: null,\n methodId: null,\n recoveryCodes: null,\n errorCode: null,\n errorMessage: null,\n};\n\nexport function createEmailEnrollmentMachine(client: IOmni2FaClient) {\n return setup({\n types: {\n context: {} as EmailEnrollmentContext,\n events: {} as EmailEnrollmentEvent,\n },\n actors: {\n startEnrollment: fromPromise(async ({ input }: { input: { email?: string | undefined } }) => {\n const result = await client.startEmailEnrollment(input.email !== undefined ? { email: input.email } : {});\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n resendEnrollment: fromPromise(async ({ input }: { input: { enrollmentId: string } }) => {\n const result = await client.resendEmailEnrollment({ enrollmentId: input.enrollmentId });\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n confirmEnrollment: fromPromise(async ({ input }: { input: { enrollmentId: string; code: string; name: string | null } }) => {\n const result = await client.confirmEmailEnrollment({\n enrollmentId: input.enrollmentId,\n code: input.code,\n name: input.name,\n });\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n },\n }).createMachine({\n id: 'emailEnrollment',\n initial: 'idle',\n context: initialContext,\n states: {\n idle: {\n on: {\n start: { target: 'starting' },\n },\n },\n starting: {\n entry: ({ context, event }) => {\n if (event.type === 'start') {\n context.email = event.email ?? null;\n }\n },\n invoke: {\n src: 'startEnrollment',\n // Under the server's default ClaimOnly source the address is derived from the\n // session, so an absent email is valid; HostSupplied callers pass one through.\n input: ({ context }) => ({ email: context.email ?? undefined }),\n onDone: {\n target: 'awaitingCode',\n actions: ({ context, event }) => assignStartOutput(context, event.output),\n },\n onError: {\n target: 'failed',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n awaitingCode: {\n on: {\n submit: { target: 'confirming' },\n resend: { target: 'resending' },\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n resending: {\n invoke: {\n src: 'resendEnrollment',\n input: ({ context }) => {\n if (!context.enrollmentId) throw new Error('no enrollmentId');\n return { enrollmentId: context.enrollmentId };\n },\n onDone: {\n target: 'awaitingCode',\n actions: ({ context, event }) => assignStartOutput(context, event.output),\n },\n onError: {\n target: 'awaitingCode',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n confirming: {\n invoke: {\n src: 'confirmEnrollment',\n input: ({ context, event }) => {\n if (event.type !== 'submit') throw new Error('confirming requires submit event');\n if (!context.enrollmentId) throw new Error('no enrollmentId');\n return { enrollmentId: context.enrollmentId, code: event.code, name: event.name ?? null };\n },\n onDone: {\n target: 'enrolled',\n actions: ({ context, event }) => {\n context.methodId = event.output.methodId;\n context.recoveryCodes = event.output.recoveryCodes ?? null;\n context.errorCode = null;\n context.errorMessage = null;\n },\n },\n onError: {\n target: 'awaitingCode',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n enrolled: {\n on: {\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n failed: {\n on: {\n start: { target: 'starting' },\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n },\n });\n}\n\nfunction assignStartOutput(context: EmailEnrollmentContext, output: { enrollmentId: string; expiresAt: string; resendAvailableAt: string }) {\n context.enrollmentId = output.enrollmentId;\n context.expiresAt = output.expiresAt;\n context.resendAvailableAt = output.resendAvailableAt;\n context.errorCode = null;\n context.errorMessage = null;\n}\n\nfunction assignInitial({ context }: { context: EmailEnrollmentContext }) {\n context.enrollmentId = null;\n context.email = null;\n context.expiresAt = null;\n context.resendAvailableAt = null;\n context.methodId = null;\n context.recoveryCodes = null;\n context.errorCode = null;\n context.errorMessage = null;\n}\n\nfunction assignApiError(context: EmailEnrollmentContext, error: unknown) {\n if (error instanceof Omni2FaApiError) {\n context.errorCode = error.code;\n context.errorMessage = error.message;\n } else {\n context.errorCode = 'UNKNOWN';\n context.errorMessage = error instanceof Error ? error.message : null;\n }\n}\n\nexport type EmailEnrollmentMachine = ReturnType<typeof createEmailEnrollmentMachine>;\nexport type EmailEnrollmentActor = ActorRefFrom<EmailEnrollmentMachine>;\n","/** base64url ↔ ArrayBuffer conversions for WebAuthn binary fields. Tolerates standard base64 input too. */\n\nexport function base64urlToBuffer(value: string): ArrayBuffer {\n const base64 = value.replace(/-/g, '+').replace(/_/g, '/');\n const padded = base64.padEnd(Math.ceil(base64.length / 4) * 4, '=');\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n}\n\nexport function bufferToBase64url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n","import { base64urlToBuffer, bufferToBase64url } from './base64url';\n\n/**\n * Browser-side WebAuthn marshaling. Parses the server's options JSON (Fido2NetLib format — binary\n * fields base64url-encoded) into the `ArrayBuffer` shape the browser API needs, runs the ceremony,\n * and serializes the credential back to JSON for the server. Browser-only.\n */\n\ninterface CredentialDescriptorJson {\n type: PublicKeyCredentialType;\n id: string;\n transports?: AuthenticatorTransport[];\n}\n\ninterface CreationOptionsJson {\n challenge: string;\n user: { id: string; name: string; displayName: string };\n excludeCredentials?: CredentialDescriptorJson[];\n [key: string]: unknown;\n}\n\ninterface RequestOptionsJson {\n challenge: string;\n allowCredentials?: CredentialDescriptorJson[];\n [key: string]: unknown;\n}\n\nfunction mapDescriptors(list: CredentialDescriptorJson[] | undefined): PublicKeyCredentialDescriptor[] {\n return (list ?? []).map((c) => ({ ...c, id: base64urlToBuffer(c.id) }));\n}\n\n/** Run a registration ceremony and return the attestation JSON for `/enroll/webauthn/confirm`. */\nexport async function startRegistration(optionsJson: string): Promise<string> {\n const parsed = JSON.parse(optionsJson) as CreationOptionsJson;\n const publicKey = {\n ...parsed,\n challenge: base64urlToBuffer(parsed.challenge),\n user: { ...parsed.user, id: base64urlToBuffer(parsed.user.id) },\n excludeCredentials: mapDescriptors(parsed.excludeCredentials),\n // Cast through unknown: the spread carries Fido2's index-signature fields the DOM type omits.\n } as unknown as PublicKeyCredentialCreationOptions;\n\n const credential = (await navigator.credentials.create({ publicKey })) as PublicKeyCredential | null;\n if (credential === null) {\n throw new Error('WebAuthn registration produced no credential.');\n }\n const response = credential.response as AuthenticatorAttestationResponse;\n return JSON.stringify({\n id: credential.id,\n rawId: bufferToBase64url(credential.rawId),\n type: credential.type,\n extensions: credential.getClientExtensionResults(),\n response: {\n attestationObject: bufferToBase64url(response.attestationObject),\n clientDataJSON: bufferToBase64url(response.clientDataJSON),\n },\n });\n}\n\n/** Run an assertion ceremony and return the assertion JSON for `/challenge/verify`. */\nexport async function startAuthentication(optionsJson: string): Promise<string> {\n const parsed = JSON.parse(optionsJson) as RequestOptionsJson;\n const publicKey = {\n ...parsed,\n challenge: base64urlToBuffer(parsed.challenge),\n allowCredentials: mapDescriptors(parsed.allowCredentials),\n } as unknown as PublicKeyCredentialRequestOptions;\n\n const credential = (await navigator.credentials.get({ publicKey })) as PublicKeyCredential | null;\n if (credential === null) {\n throw new Error('WebAuthn authentication produced no credential.');\n }\n const response = credential.response as AuthenticatorAssertionResponse;\n return JSON.stringify({\n id: credential.id,\n rawId: bufferToBase64url(credential.rawId),\n type: credential.type,\n extensions: credential.getClientExtensionResults(),\n response: {\n authenticatorData: bufferToBase64url(response.authenticatorData),\n clientDataJSON: bufferToBase64url(response.clientDataJSON),\n signature: bufferToBase64url(response.signature),\n userHandle: response.userHandle ? bufferToBase64url(response.userHandle) : null,\n },\n });\n}\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\nimport { startRegistration } from '../../webauthn/ceremony';\nimport type { WebAuthnEnrollmentContext } from './WebAuthnEnrollmentContext';\nimport type { WebAuthnEnrollmentEvent } from './WebAuthnEnrollmentEvent';\n\nconst initialContext: WebAuthnEnrollmentContext = {\n enrollmentId: null,\n optionsJson: null,\n name: null,\n methodId: null,\n recoveryCodes: null,\n errorCode: null,\n errorMessage: null,\n};\n\nexport function createWebAuthnEnrollmentMachine(client: IOmni2FaClient) {\n return setup({\n types: {\n context: {} as WebAuthnEnrollmentContext,\n events: {} as WebAuthnEnrollmentEvent,\n },\n actors: {\n startEnrollment: fromPromise(async () => {\n const result = await client.startWebAuthnEnrollment();\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n registerAndConfirm: fromPromise(async ({ input }: { input: { enrollmentId: string; optionsJson: string; name: string | null } }) => {\n const attestationResponseJson = await startRegistration(input.optionsJson);\n const result = await client.confirmWebAuthnEnrollment({\n enrollmentId: input.enrollmentId,\n attestationResponseJson,\n name: input.name,\n });\n if (!result.ok) {\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\n }\n return result.value;\n }),\n },\n }).createMachine({\n id: 'webauthnEnrollment',\n initial: 'idle',\n context: initialContext,\n states: {\n idle: {\n on: {\n start: { target: 'starting' },\n },\n },\n starting: {\n entry: ({ context, event }) => {\n if (event.type === 'start') {\n context.name = event.name ?? null;\n }\n },\n invoke: {\n src: 'startEnrollment',\n onDone: {\n target: 'registering',\n actions: ({ context, event }) => {\n context.enrollmentId = event.output.enrollmentId;\n context.optionsJson = event.output.optionsJson;\n context.errorCode = null;\n context.errorMessage = null;\n },\n },\n onError: {\n target: 'failed',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n registering: {\n invoke: {\n src: 'registerAndConfirm',\n input: ({ context }) => {\n if (!context.enrollmentId || !context.optionsJson) throw new Error('no pending enrollment');\n return { enrollmentId: context.enrollmentId, optionsJson: context.optionsJson, name: context.name };\n },\n onDone: {\n target: 'enrolled',\n actions: ({ context, event }) => {\n context.methodId = event.output.methodId;\n context.recoveryCodes = event.output.recoveryCodes ?? null;\n context.errorCode = null;\n context.errorMessage = null;\n },\n },\n onError: {\n target: 'failed',\n actions: ({ context, event }) => assignApiError(context, event.error),\n },\n },\n },\n enrolled: {\n on: {\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n failed: {\n on: {\n retry: { target: 'starting' },\n reset: { target: 'idle', actions: assignInitial },\n },\n },\n },\n });\n}\n\nfunction assignInitial({ context }: { context: WebAuthnEnrollmentContext }) {\n context.enrollmentId = null;\n context.optionsJson = null;\n context.name = null;\n context.methodId = null;\n context.recoveryCodes = null;\n context.errorCode = null;\n context.errorMessage = null;\n}\n\nfunction assignApiError(context: WebAuthnEnrollmentContext, error: unknown) {\n if (error instanceof Omni2FaApiError) {\n context.errorCode = error.code;\n context.errorMessage = error.message;\n } else {\n context.errorCode = 'UNKNOWN';\n context.errorMessage = error instanceof Error ? error.message : null;\n }\n}\n\nexport type WebAuthnEnrollmentMachine = ReturnType<typeof createWebAuthnEnrollmentMachine>;\nexport type WebAuthnEnrollmentActor = ActorRefFrom<WebAuthnEnrollmentMachine>;\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\r\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\r\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\r\nimport { startAuthentication } from '../../webauthn/ceremony';\r\nimport type { ChallengeContext } from './ChallengeContext';\r\nimport type { ChallengeEvent } from './ChallengeEvent';\r\n\r\nconst initialContext: ChallengeContext = {\r\n methodId: null,\r\n methodType: null,\r\n userId: null,\r\n verifiedToken: null,\r\n expiresAt: null,\r\n resendAvailableAt: null,\r\n optionsJson: null,\r\n errorCode: null,\r\n errorMessage: null,\r\n};\r\n\r\nexport function createChallengeMachine(client: IOmni2FaClient) {\r\n return setup({\r\n types: {\r\n context: {} as ChallengeContext,\r\n events: {} as ChallengeEvent,\r\n },\r\n actors: {\r\n startChallenge: fromPromise(async ({ input }: { input: { methodId: string } }) => {\r\n const result = await client.startChallenge({ methodId: input.methodId });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n resendChallenge: fromPromise(async ({ input }: { input: { methodId: string } }) => {\r\n const result = await client.resendChallenge({ methodId: input.methodId });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n verifyChallenge: fromPromise(async ({ input }: { input: { methodId: string; code: string } }) => {\r\n const result = await client.verifyChallenge({ methodId: input.methodId, code: input.code });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n assertChallenge: fromPromise(async ({ input }: { input: { methodId: string; optionsJson: string } }) => {\r\n const assertionResponseJson = await startAuthentication(input.optionsJson);\r\n const result = await client.verifyChallenge({ methodId: input.methodId, assertionResponseJson });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n verifyRecoveryCode: fromPromise(async ({ input }: { input: { code: string } }) => {\r\n const result = await client.verifyRecoveryCode({ recoveryCode: input.code });\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n },\r\n }).createMachine({\r\n id: 'challenge',\r\n initial: 'idle',\r\n context: initialContext,\r\n states: {\r\n idle: {\r\n on: {\r\n pick: { target: 'starting' },\r\n useRecoveryCode: { target: 'verifyingRecovery' },\r\n },\r\n },\r\n starting: {\r\n entry: ({ context, event }) => {\r\n if (event.type === 'pick') {\r\n context.methodId = event.methodId;\r\n }\r\n },\r\n invoke: {\r\n src: 'startChallenge',\r\n input: ({ context }) => {\r\n if (!context.methodId) throw new Error('no methodId');\r\n return { methodId: context.methodId };\r\n },\r\n onDone: [\r\n {\r\n guard: ({ event }) => event.output.type === 'WebAuthn',\r\n target: 'asserting',\r\n actions: ({ context, event }) => assignStartOutput(context, event.output),\r\n },\r\n {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignStartOutput(context, event.output),\r\n },\r\n ],\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n asserting: {\r\n invoke: {\r\n src: 'assertChallenge',\r\n input: ({ context }) => {\r\n if (!context.methodId || !context.optionsJson) throw new Error('no assertion options');\r\n return { methodId: context.methodId, optionsJson: context.optionsJson };\r\n },\r\n onDone: {\r\n target: 'verified',\r\n actions: ({ context, event }) => {\r\n context.userId = event.output.userId;\r\n context.verifiedToken = event.output.verifiedToken;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n awaitingCode: {\r\n on: {\r\n submit: { target: 'verifying' },\r\n resend: { target: 'resending' },\r\n useRecoveryCode: { target: 'verifyingRecovery' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n verifyingRecovery: {\r\n invoke: {\r\n src: 'verifyRecoveryCode',\r\n input: ({ event }) => {\r\n if (event.type !== 'useRecoveryCode') throw new Error('verifyingRecovery requires useRecoveryCode event');\r\n return { code: event.code };\r\n },\r\n onDone: {\r\n target: 'verified',\r\n actions: ({ context, event }) => {\r\n context.userId = event.output.userId;\r\n context.verifiedToken = event.output.verifiedToken;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n resending: {\r\n invoke: {\r\n src: 'resendChallenge',\r\n input: ({ context }) => {\r\n if (!context.methodId) throw new Error('no methodId');\r\n return { methodId: context.methodId };\r\n },\r\n onDone: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignStartOutput(context, event.output),\r\n },\r\n onError: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n verifying: {\r\n invoke: {\r\n src: 'verifyChallenge',\r\n input: ({ context, event }) => {\r\n if (event.type !== 'submit') throw new Error('verifying requires submit event');\r\n if (!context.methodId) throw new Error('no methodId');\r\n return { methodId: context.methodId, code: event.code };\r\n },\r\n onDone: {\r\n target: 'verified',\r\n actions: ({ context, event }) => {\r\n context.userId = event.output.userId;\r\n context.verifiedToken = event.output.verifiedToken;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'awaitingCode',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n verified: {\r\n on: {\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n failed: {\r\n on: {\r\n pick: { target: 'starting' },\r\n useRecoveryCode: { target: 'verifyingRecovery' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n },\r\n });\r\n}\r\n\r\nfunction assignStartOutput(context: ChallengeContext, output: { type: ChallengeContext['methodType']; expiresAt?: string | null; resendAvailableAt?: string | null; optionsJson?: string | null }) {\r\n context.methodType = output.type;\r\n context.expiresAt = output.expiresAt ?? null;\r\n context.resendAvailableAt = output.resendAvailableAt ?? null;\r\n context.optionsJson = output.optionsJson ?? null;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n}\r\n\r\nfunction assignInitial({ context }: { context: ChallengeContext }) {\r\n context.methodId = null;\r\n context.methodType = null;\r\n context.userId = null;\r\n context.verifiedToken = null;\r\n context.expiresAt = null;\r\n context.resendAvailableAt = null;\r\n context.optionsJson = null;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n}\r\n\r\nfunction assignApiError(context: ChallengeContext, error: unknown) {\r\n if (error instanceof Omni2FaApiError) {\r\n context.errorCode = error.code;\r\n context.errorMessage = error.message;\r\n } else {\r\n context.errorCode = 'UNKNOWN';\r\n context.errorMessage = error instanceof Error ? error.message : null;\r\n }\r\n}\r\n\r\nexport type ChallengeMachine = ReturnType<typeof createChallengeMachine>;\r\nexport type ChallengeActor = ActorRefFrom<ChallengeMachine>;\r\n","import { fromPromise, setup, type ActorRefFrom } from 'xstate';\r\nimport type { IOmni2FaClient } from '../../client/Interfaces/IOmni2FaClient';\r\nimport { Omni2FaApiError } from '../../errors/Omni2FaApiError';\r\nimport type { MethodsContext } from './MethodsContext';\r\nimport type { MethodsEvent } from './MethodsEvent';\r\n\r\nconst initialContext: MethodsContext = {\r\n items: [],\r\n errorCode: null,\r\n errorMessage: null,\r\n};\r\n\r\nexport function createMethodsMachine(client: IOmni2FaClient) {\r\n return setup({\r\n types: {\r\n context: {} as MethodsContext,\r\n events: {} as MethodsEvent,\r\n },\r\n actors: {\r\n load: fromPromise(async () => {\r\n const result = await client.listMethods();\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return result.value;\r\n }),\r\n remove: fromPromise(async ({ input }: { input: { methodId: string } }) => {\r\n const result = await client.removeMethod(input.methodId);\r\n if (!result.ok) {\r\n throw new Omni2FaApiError(result.code, result.message, result.httpStatus, result.details ?? null);\r\n }\r\n return input.methodId;\r\n }),\r\n },\r\n }).createMachine({\r\n id: 'methods',\r\n initial: 'idle',\r\n context: initialContext,\r\n states: {\r\n idle: {\r\n on: {\r\n load: { target: 'loading' },\r\n },\r\n },\r\n loading: {\r\n invoke: {\r\n src: 'load',\r\n onDone: {\r\n target: 'ready',\r\n actions: ({ context, event }) => {\r\n context.items = event.output;\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'failed',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n ready: {\r\n on: {\r\n load: { target: 'loading' },\r\n remove: { target: 'removing' },\r\n },\r\n },\r\n removing: {\r\n invoke: {\r\n src: 'remove',\r\n input: ({ event }) => {\r\n if (event.type !== 'remove') throw new Error('removing requires remove event');\r\n return { methodId: event.methodId };\r\n },\r\n onDone: {\r\n target: 'ready',\r\n actions: ({ context, event }) => {\r\n const removedId = event.output;\r\n context.items = context.items.filter((m) => m.id !== removedId);\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n },\r\n },\r\n onError: {\r\n target: 'ready',\r\n actions: ({ context, event }) => assignApiError(context, event.error),\r\n },\r\n },\r\n },\r\n failed: {\r\n on: {\r\n load: { target: 'loading' },\r\n reset: { target: 'idle', actions: assignInitial },\r\n },\r\n },\r\n },\r\n });\r\n}\r\n\r\nfunction assignInitial({ context }: { context: MethodsContext }) {\r\n context.items = [];\r\n context.errorCode = null;\r\n context.errorMessage = null;\r\n}\r\n\r\nfunction assignApiError(context: MethodsContext, error: unknown) {\r\n if (error instanceof Omni2FaApiError) {\r\n context.errorCode = error.code;\r\n context.errorMessage = error.message;\r\n } else {\r\n context.errorCode = 'UNKNOWN';\r\n context.errorMessage = error instanceof Error ? error.message : null;\r\n }\r\n}\r\n\r\nexport type MethodsMachine = ReturnType<typeof createMethodsMachine>;\r\nexport type MethodsActor = ActorRefFrom<MethodsMachine>;\r\n","import { createActor } from 'xstate';\r\nimport { Omni2FaClient } from './client/Omni2FaClient';\r\nimport type { Omni2FaClientConfig } from './client/Omni2FaClientConfig';\r\nimport type { IOmni2Fa } from './Interfaces/IOmni2Fa';\r\nimport { createTotpEnrollmentMachine } from './machines/totpEnrollment/totpEnrollmentMachine';\r\nimport { createEmailEnrollmentMachine } from './machines/emailEnrollment/emailEnrollmentMachine';\r\nimport { createWebAuthnEnrollmentMachine } from './machines/webauthnEnrollment/webauthnEnrollmentMachine';\r\nimport { createChallengeMachine } from './machines/challenge/challengeMachine';\r\nimport { createMethodsMachine } from './machines/methods/methodsMachine';\r\n\r\n/**\r\n * One-call assembly of the Omni2FA core: client + three actors (TOTP enrollment, login challenge, methods list).\r\n * Actors are <c>start()</c>ed and ready to receive events. Pass the returned instance to your UI adapter.\r\n */\r\nexport function createOmni2Fa(config: Omni2FaClientConfig): IOmni2Fa {\r\n const client = new Omni2FaClient(config);\r\n\r\n const totpEnrollment = createActor(createTotpEnrollmentMachine(client));\r\n const emailEnrollment = createActor(createEmailEnrollmentMachine(client));\r\n const webauthnEnrollment = createActor(createWebAuthnEnrollmentMachine(client));\r\n const challenge = createActor(createChallengeMachine(client));\r\n const methods = createActor(createMethodsMachine(client));\r\n\r\n totpEnrollment.start();\r\n emailEnrollment.start();\r\n webauthnEnrollment.start();\r\n challenge.start();\r\n methods.start();\r\n\r\n return {\r\n client,\r\n totpEnrollment,\r\n emailEnrollment,\r\n webauthnEnrollment,\r\n challenge,\r\n methods,\r\n dispose() {\r\n totpEnrollment.stop();\r\n emailEnrollment.stop();\r\n webauthnEnrollment.stop();\r\n challenge.stop();\r\n methods.stop();\r\n },\r\n };\r\n}\r\n"],"names":["MemoryStorage","key","value","Omni2FaErrorCodes","defaults","getDefaultMessage","code","DEFAULT_PREAUTH_KEY","DEFAULT_SESSION_KEY","FALLBACK_ORIGIN","Omni2FaClient","config","createClient","request","token","url","path","data","error","response","methodId","SessionStorageStorage","LocalStorageStorage","Omni2FaApiError","message","httpStatus","details","initialContext","createTotpEnrollmentMachine","client","setup","fromPromise","result","input","context","event","assignApiError","assignInitial","createEmailEnrollmentMachine","assignStartOutput","output","base64urlToBuffer","base64","padded","binary","bytes","bufferToBase64url","buffer","byte","mapDescriptors","list","c","startRegistration","optionsJson","parsed","publicKey","credential","startAuthentication","createWebAuthnEnrollmentMachine","attestationResponseJson","createChallengeMachine","assertionResponseJson","createMethodsMachine","removedId","m","createOmni2Fa","totpEnrollment","createActor","emailEnrollment","webauthnEnrollment","challenge","methods"],"mappings":";;AAGO,MAAMA,EAAkC;AAAA,EAC1B,0BAAU,IAAA;AAAA,EAE3B,IAAIC,GAA4B;AAC5B,WAAO,KAAK,IAAI,IAAIA,CAAG,KAAK;AAAA,EAChC;AAAA,EAEA,IAAIA,GAAaC,GAAqB;AAClC,SAAK,IAAI,IAAID,GAAKC,CAAK;AAAA,EAC3B;AAAA,EAEA,OAAOD,GAAmB;AACtB,SAAK,IAAI,OAAOA,CAAG;AAAA,EACvB;AACJ;ACjBO,MAAME,IAAoB;AAAA,EAC7B,aAAa;AAAA,EACb,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,EAChB,mBAAmB;AAAA,EACnB,mBAAmB;AAAA,EACnB,iBAAiB;AAAA,EACjB,gBAAgB;AAAA,EAChB,qBAAqB;AAAA,EACrB,mBAAmB;AAAA,EACnB,qBAAqB;AAAA,EACrB,qBAAqB;AAAA,EACrB,kBAAkB;AAAA,EAClB,4BAA4B;AAAA,EAC5B,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,SAAS;AACb,GCfMC,IAA6C;AAAA,EAC/C,CAACD,EAAkB,WAAW,GAAG;AAAA,EACjC,CAACA,EAAkB,cAAc,GAAG;AAAA,EACpC,CAACA,EAAkB,cAAc,GAAG;AAAA,EACpC,CAACA,EAAkB,iBAAiB,GAAG;AAAA,EACvC,CAACA,EAAkB,iBAAiB,GAAG;AAAA,EACvC,CAACA,EAAkB,eAAe,GAAG;AAAA,EACrC,CAACA,EAAkB,cAAc,GAAG;AAAA,EACpC,CAACA,EAAkB,mBAAmB,GAAG;AAAA,EACzC,CAACA,EAAkB,iBAAiB,GAAG;AAAA,EACvC,CAACA,EAAkB,mBAAmB,GAAG;AAAA,EACzC,CAACA,EAAkB,mBAAmB,GAAG;AAAA,EACzC,CAACA,EAAkB,gBAAgB,GAAG;AAAA,EACtC,CAACA,EAAkB,0BAA0B,GAAG;AAAA,EAChD,CAACA,EAAkB,gBAAgB,GAAG;AAAA,EACtC,CAACA,EAAkB,YAAY,GAAG;AAAA,EAClC,CAACA,EAAkB,OAAO,GAAG;AACjC;AAEO,SAASE,EAAkBC,GAAsB;AACpD,SAAOF,EAASE,CAAwB,KAAKF,EAASD,EAAkB,OAAO;AACnF;ACOA,MAAMI,IAAsB,mBACtBC,IAAsB,mBAEtBC,IAAkB;AAIjB,MAAMC,EAAwC;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAYC,GAA6B;AACrC,SAAK,UAAUA,EAAO,WAAW,IAAIX,EAAA,GACrC,KAAK,aAAaW,EAAO,qBAAqBJ,GAC9C,KAAK,aAAaI,EAAO,qBAAqBH,GAE9C,KAAK,WAAW,IAAI,IAAIG,EAAO,SAASF,CAAe,EAAE,SAAS,QAAQ,OAAO,EAAE,GACnF,KAAK,QAAQG,EAAoB;AAAA,MAC7B,SAASD,EAAO;AAAA,MAChB,OAAOA,EAAO,SAAS,WAAW,MAAM,KAAK,UAAU;AAAA,MACvD,GAAIA,EAAO,cAAc,EAAE,aAAaA,EAAO,YAAA,IAAgB,CAAA;AAAA,IAAC,CACnE,GACD,KAAK,MAAM,IAAI;AAAA,MACX,WAAW,CAAC,EAAE,SAAAE,QAAc;AAExB,YAAIA,EAAQ,QAAQ,IAAI,eAAe;AACnC,iBAAOA;AAGX,cAAMC,IAAQ,KAAK,kBAAkBD,EAAQ,GAAG,IAAI,KAAK,gBAAA,IAAoB,KAAK,gBAAA;AAClF,eAAIC,KACAD,EAAQ,QAAQ,IAAI,iBAAiB,UAAUC,CAAK,EAAE,GAEnDD;AAAA,MACX;AAAA,IAAA,CACH;AAAA,EACL;AAAA;AAAA,EAGQ,kBAAkBE,GAAsB;AAC5C,UAAMC,IAAO,IAAI,IAAID,GAAKN,CAAe,EAAE;AAE3C,YADiBO,EAAK,WAAW,KAAK,QAAQ,IAAIA,EAAK,MAAM,KAAK,SAAS,MAAM,IAAIA,GACrE,WAAW,aAAa;AAAA,EAC5C;AAAA,EAEA,gBAAgBF,GAA4B;AACxC,SAAK,SAAS,KAAK,YAAYA,CAAK;AAAA,EACxC;AAAA,EAEA,kBAAiC;AAC7B,WAAO,KAAK,QAAQ,IAAI,KAAK,UAAU;AAAA,EAC3C;AAAA,EAEA,gBAAgBA,GAA4B;AACxC,SAAK,SAAS,KAAK,YAAYA,CAAK;AAAA,EACxC;AAAA,EAEA,kBAAiC;AAC7B,WAAO,KAAK,QAAQ,IAAI,KAAK,UAAU;AAAA,EAC3C;AAAA,EAEQ,SAASb,GAAaa,GAA4B;AACtD,IAAIA,MAAU,QAAQA,EAAM,WAAW,IACnC,KAAK,QAAQ,OAAOb,CAAG,IAEvB,KAAK,QAAQ,IAAIA,GAAKa,CAAK;AAAA,EAEnC;AAAA,EAEA,MAAM,cAAyD;AAC3D,UAAM,EAAE,MAAAG,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,IAAI,UAAU;AACjE,WAAO,KAAK,OAAOF,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,aAAaC,GAA6C;AAC5D,UAAM,EAAE,OAAAF,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,OAAO,uBAAuB,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAAC,EAAA,EAAS,GAAK;AAC7G,WAAIF,IACO,KAAK,UAAUA,GAAOC,CAAQ,IAElC,EAAE,IAAI,IAAM,OAAO,OAAA;AAAA,EAC9B;AAAA,EAEA,MAAM,sBAAoE;AACtE,UAAM,EAAE,MAAAF,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,oBAAoB;AAC5E,WAAO,KAAK,OAAOF,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,sBAAsBN,GAA+E;AACvG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,wBAAwB,EAAE,MAAMN,GAAS;AACjG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,qBAAqBN,GAAiF;AACxG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,uBAAuB,EAAE,MAAMN,GAAS;AAChG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,uBAAuBN,GAAgF;AACzG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,yBAAyB,EAAE,MAAMN,GAAS;AAClG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,sBAAsBN,GAAkF;AAC1G,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,wBAAwB,EAAE,MAAMN,GAAS;AACjG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,0BAA4E;AAC9E,UAAM,EAAE,MAAAF,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,wBAAwB;AAChF,WAAO,KAAK,OAAOF,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,0BAA0BN,GAAmF;AAC/G,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,4BAA4B,EAAE,MAAMN,GAAS;AACrG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,eAAeN,GAA6E;AAC9F,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,oBAAoB,EAAE,MAAMN,GAAS;AAC7F,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,gBAAgBN,GAA8E;AAChG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,qBAAqB,EAAE,MAAMN,GAAS;AAC9F,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,gBAAgBN,GAA6E;AAC/F,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,qBAAqB,EAAE,MAAMN,GAAS;AAC9F,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,mBAAmBN,GAAgF;AACrG,UAAM,EAAE,MAAAI,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,4BAA4B,EAAE,MAAMN,GAAS;AACrG,WAAO,KAAK,OAAOI,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEA,MAAM,0BAAsE;AACxE,UAAM,EAAE,MAAAF,GAAM,OAAAC,GAAO,UAAAC,EAAA,IAAa,MAAM,KAAK,MAAM,KAAK,4BAA4B;AACpF,WAAO,KAAK,OAAOF,GAAMC,GAAOC,CAAQ;AAAA,EAC5C;AAAA,EAEQ,OAAUF,GAAqBC,GAAkCC,GAAmC;AACxG,WAAID,MAAU,SACH,KAAK,UAAUA,GAAOC,CAAQ,IAErCF,MAAS,SACF;AAAA,MACH,IAAI;AAAA,MACJ,MAAMd,EAAkB;AAAA,MACxB,SAASE,EAAkBF,EAAkB,YAAY;AAAA,MACzD,YAAYgB,EAAS;AAAA,IAAA,IAGtB,EAAE,IAAI,IAAM,OAAOF,EAAA;AAAA,EAC9B;AAAA,EAEQ,UAAUC,GAAsBC,GAAuC;AAC3E,UAAMb,IAAOY,EAAM,QAAQf,EAAkB;AAC7C,WAAO;AAAA,MACH,IAAI;AAAA,MACJ,MAAAG;AAAA,MACA,SAASY,EAAM,WAAWb,EAAkBC,CAAI;AAAA,MAChD,YAAYa,EAAS;AAAA,MACrB,SAASD,EAAM,WAAW;AAAA,IAAA;AAAA,EAElC;AACJ;ACrMO,MAAMG,EAA0C;AAAA,EACnD,IAAIpB,GAA4B;AAC5B,WAAO,WAAW,gBAAgB,QAAQA,CAAG,KAAK;AAAA,EACtD;AAAA,EAEA,IAAIA,GAAaC,GAAqB;AAClC,eAAW,gBAAgB,QAAQD,GAAKC,CAAK;AAAA,EACjD;AAAA,EAEA,OAAOD,GAAmB;AACtB,eAAW,gBAAgB,WAAWA,CAAG;AAAA,EAC7C;AACJ;ACZO,MAAMqB,EAAwC;AAAA,EACjD,IAAIrB,GAA4B;AAC5B,WAAO,WAAW,cAAc,QAAQA,CAAG,KAAK;AAAA,EACpD;AAAA,EAEA,IAAIA,GAAaC,GAAqB;AAClC,eAAW,cAAc,QAAQD,GAAKC,CAAK;AAAA,EAC/C;AAAA,EAEA,OAAOD,GAAmB;AACtB,eAAW,cAAc,WAAWA,CAAG;AAAA,EAC3C;AACJ;ACVO,MAAMsB,UAAwB,MAAM;AAAA,EAC9B;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAYjB,GAAckB,GAAiBC,GAAoBC,IAA0C,MAAM;AAC3G,UAAMF,CAAO,GACb,KAAK,OAAO,mBACZ,KAAK,OAAOlB,GACZ,KAAK,aAAamB,GAClB,KAAK,UAAUC;AAAA,EACnB;AACJ;ACXA,MAAMC,IAAwC;AAAA,EAC1C,cAAc;AAAA,EACd,YAAY;AAAA,EACZ,QAAQ;AAAA,EACR,UAAU;AAAA,EACV,eAAe;AAAA,EACf,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAASC,EAA4BC,GAAwB;AAChE,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,iBAAiBC,EAAY,YAAY;AACrC,cAAMC,IAAS,MAAMH,EAAO,oBAAA;AAC5B,YAAI,CAACG,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,mBAAmBD,EAAY,OAAO,EAAE,OAAAE,QAAoF;AACxH,cAAMD,IAAS,MAAMH,EAAO,sBAAsB;AAAA,UAC9C,cAAcI,EAAM;AAAA,UACpB,MAAMA,EAAM;AAAA,UACZ,MAAMA,EAAM;AAAA,QAAA,CACf;AACD,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASL;AAAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,QAAW;AAAA,MAChC;AAAA,MAEJ,UAAU;AAAA,QACN,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,eAAeC,EAAM,OAAO,cACpCD,EAAQ,aAAaC,EAAM,OAAO,YAClCD,EAAQ,SAASC,EAAM,OAAO,QAC9BD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,cAAc;AAAA,QACV,IAAI;AAAA,UACA,QAAQ,EAAE,QAAQ,aAAA;AAAA,UAClB,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,YAAY;AAAA,QACR,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAH,GAAS,OAAAC,QAAY;AAC3B,gBAAIA,EAAM,SAAS,SAAU,OAAM,IAAI,MAAM,kCAAkC;AAC/E,gBAAI,CAACD,EAAQ,aAAc,OAAM,IAAI,MAAM,iBAAiB;AAC5D,mBAAO,EAAE,cAAcA,EAAQ,cAAc,MAAMC,EAAM,MAAM,MAAMA,EAAM,QAAQ,KAAA;AAAA,UACvF;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,WAAWC,EAAM,OAAO,UAChCD,EAAQ,gBAAgBC,EAAM,OAAO,iBAAiB,MACtDD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,UAAU;AAAA,QACN,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,UACjB,OAAO,EAAE,QAAQ,QAAQ,SAASA,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASA,EAAc,EAAE,SAAAH,KAA+C;AACpE,EAAAA,EAAQ,eAAe,MACvBA,EAAQ,aAAa,MACrBA,EAAQ,SAAS,MACjBA,EAAQ,WAAW,MACnBA,EAAQ,gBAAgB,MACxBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAAgChB,GAAgB;AACpE,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;AC/HA,MAAMS,IAAyC;AAAA,EAC3C,cAAc;AAAA,EACd,OAAO;AAAA,EACP,WAAW;AAAA,EACX,mBAAmB;AAAA,EACnB,UAAU;AAAA,EACV,eAAe;AAAA,EACf,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAASW,EAA6BT,GAAwB;AACjE,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,iBAAiBC,EAAY,OAAO,EAAE,OAAAE,QAAuD;AACzF,cAAMD,IAAS,MAAMH,EAAO,qBAAqBI,EAAM,UAAU,SAAY,EAAE,OAAOA,EAAM,MAAA,IAAU,CAAA,CAAE;AACxG,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,kBAAkBD,EAAY,OAAO,EAAE,OAAAE,QAAiD;AACpF,cAAMD,IAAS,MAAMH,EAAO,sBAAsB,EAAE,cAAcI,EAAM,cAAc;AACtF,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,mBAAmBD,EAAY,OAAO,EAAE,OAAAE,QAAoF;AACxH,cAAMD,IAAS,MAAMH,EAAO,uBAAuB;AAAA,UAC/C,cAAcI,EAAM;AAAA,UACpB,MAAMA,EAAM;AAAA,UACZ,MAAMA,EAAM;AAAA,QAAA,CACf;AACD,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASL;AAAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,QAAW;AAAA,MAChC;AAAA,MAEJ,UAAU;AAAA,QACN,OAAO,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC3B,UAAIA,EAAM,SAAS,YACfD,EAAQ,QAAQC,EAAM,SAAS;AAAA,QAEvC;AAAA,QACA,QAAQ;AAAA,UACJ,KAAK;AAAA;AAAA;AAAA,UAGL,OAAO,CAAC,EAAE,SAAAD,SAAe,EAAE,OAAOA,EAAQ,SAAS;UACnD,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,UAAA;AAAA,UAE5E,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,cAAc;AAAA,QACV,IAAI;AAAA,UACA,QAAQ,EAAE,QAAQ,aAAA;AAAA,UAClB,QAAQ,EAAE,QAAQ,YAAA;AAAA,UAClB,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,WAAW;AAAA,QACP,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAH,QAAc;AACpB,gBAAI,CAACA,EAAQ,aAAc,OAAM,IAAI,MAAM,iBAAiB;AAC5D,mBAAO,EAAE,cAAcA,EAAQ,aAAA;AAAA,UACnC;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,UAAA;AAAA,UAE5E,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,YAAY;AAAA,QACR,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC3B,gBAAIA,EAAM,SAAS,SAAU,OAAM,IAAI,MAAM,kCAAkC;AAC/E,gBAAI,CAACD,EAAQ,aAAc,OAAM,IAAI,MAAM,iBAAiB;AAC5D,mBAAO,EAAE,cAAcA,EAAQ,cAAc,MAAMC,EAAM,MAAM,MAAMA,EAAM,QAAQ,KAAA;AAAA,UACvF;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,WAAWC,EAAM,OAAO,UAChCD,EAAQ,gBAAgBC,EAAM,OAAO,iBAAiB,MACtDD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,UAAU;AAAA,QACN,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,UACjB,OAAO,EAAE,QAAQ,QAAQ,SAASA,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASE,EAAkBL,GAAiCM,GAAgF;AACxI,EAAAN,EAAQ,eAAeM,EAAO,cAC9BN,EAAQ,YAAYM,EAAO,WAC3BN,EAAQ,oBAAoBM,EAAO,mBACnCN,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASG,EAAc,EAAE,SAAAH,KAAgD;AACrE,EAAAA,EAAQ,eAAe,MACvBA,EAAQ,QAAQ,MAChBA,EAAQ,YAAY,MACpBA,EAAQ,oBAAoB,MAC5BA,EAAQ,WAAW,MACnBA,EAAQ,gBAAgB,MACxBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAAiChB,GAAgB;AACrE,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;ACxKO,SAASuB,EAAkBvC,GAA4B;AAC1D,QAAMwC,IAASxC,EAAM,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG,GACnDyC,IAASD,EAAO,OAAO,KAAK,KAAKA,EAAO,SAAS,CAAC,IAAI,GAAG,GAAG,GAC5DE,IAAS,KAAKD,CAAM,GACpBE,IAAQ,IAAI,WAAWD,EAAO,MAAM;AAC1C,WAAS,IAAI,GAAG,IAAIA,EAAO,QAAQ;AAC/B,IAAAC,EAAM,CAAC,IAAID,EAAO,WAAW,CAAC;AAElC,SAAOC,EAAM;AACjB;AAEO,SAASC,EAAkBC,GAA6B;AAC3D,QAAMF,IAAQ,IAAI,WAAWE,CAAM;AACnC,MAAIH,IAAS;AACb,aAAWI,KAAQH;AACf,IAAAD,KAAU,OAAO,aAAaI,CAAI;AAEtC,SAAO,KAAKJ,CAAM,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,EAAE;AACjF;ACOA,SAASK,EAAeC,GAA+E;AACnG,UAAQA,KAAQ,CAAA,GAAI,IAAI,CAACC,OAAO,EAAE,GAAGA,GAAG,IAAIV,EAAkBU,EAAE,EAAE,IAAI;AAC1E;AAGA,eAAsBC,EAAkBC,GAAsC;AAC1E,QAAMC,IAAS,KAAK,MAAMD,CAAW,GAC/BE,IAAY;AAAA,IACd,GAAGD;AAAA,IACH,WAAWb,EAAkBa,EAAO,SAAS;AAAA,IAC7C,MAAM,EAAE,GAAGA,EAAO,MAAM,IAAIb,EAAkBa,EAAO,KAAK,EAAE,EAAA;AAAA,IAC5D,oBAAoBL,EAAeK,EAAO,kBAAkB;AAAA;AAAA,EAAA,GAI1DE,IAAc,MAAM,UAAU,YAAY,OAAO,EAAE,WAAAD,GAAW;AACpE,MAAIC,MAAe;AACf,UAAM,IAAI,MAAM,+CAA+C;AAEnE,QAAMrC,IAAWqC,EAAW;AAC5B,SAAO,KAAK,UAAU;AAAA,IAClB,IAAIA,EAAW;AAAA,IACf,OAAOV,EAAkBU,EAAW,KAAK;AAAA,IACzC,MAAMA,EAAW;AAAA,IACjB,YAAYA,EAAW,0BAAA;AAAA,IACvB,UAAU;AAAA,MACN,mBAAmBV,EAAkB3B,EAAS,iBAAiB;AAAA,MAC/D,gBAAgB2B,EAAkB3B,EAAS,cAAc;AAAA,IAAA;AAAA,EAC7D,CACH;AACL;AAGA,eAAsBsC,EAAoBJ,GAAsC;AAC5E,QAAMC,IAAS,KAAK,MAAMD,CAAW,GAC/BE,IAAY;AAAA,IACd,GAAGD;AAAA,IACH,WAAWb,EAAkBa,EAAO,SAAS;AAAA,IAC7C,kBAAkBL,EAAeK,EAAO,gBAAgB;AAAA,EAAA,GAGtDE,IAAc,MAAM,UAAU,YAAY,IAAI,EAAE,WAAAD,GAAW;AACjE,MAAIC,MAAe;AACf,UAAM,IAAI,MAAM,iDAAiD;AAErE,QAAMrC,IAAWqC,EAAW;AAC5B,SAAO,KAAK,UAAU;AAAA,IAClB,IAAIA,EAAW;AAAA,IACf,OAAOV,EAAkBU,EAAW,KAAK;AAAA,IACzC,MAAMA,EAAW;AAAA,IACjB,YAAYA,EAAW,0BAAA;AAAA,IACvB,UAAU;AAAA,MACN,mBAAmBV,EAAkB3B,EAAS,iBAAiB;AAAA,MAC/D,gBAAgB2B,EAAkB3B,EAAS,cAAc;AAAA,MACzD,WAAW2B,EAAkB3B,EAAS,SAAS;AAAA,MAC/C,YAAYA,EAAS,aAAa2B,EAAkB3B,EAAS,UAAU,IAAI;AAAA,IAAA;AAAA,EAC/E,CACH;AACL;AC9EA,MAAMQ,IAA4C;AAAA,EAC9C,cAAc;AAAA,EACd,aAAa;AAAA,EACb,MAAM;AAAA,EACN,UAAU;AAAA,EACV,eAAe;AAAA,EACf,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAAS+B,EAAgC7B,GAAwB;AACpE,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,iBAAiBC,EAAY,YAAY;AACrC,cAAMC,IAAS,MAAMH,EAAO,wBAAA;AAC5B,YAAI,CAACG,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,oBAAoBD,EAAY,OAAO,EAAE,OAAAE,QAA2F;AAChI,cAAM0B,IAA0B,MAAMP,EAAkBnB,EAAM,WAAW,GACnED,IAAS,MAAMH,EAAO,0BAA0B;AAAA,UAClD,cAAcI,EAAM;AAAA,UACpB,yBAAA0B;AAAA,UACA,MAAM1B,EAAM;AAAA,QAAA,CACf;AACD,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASL;AAAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,QAAW;AAAA,MAChC;AAAA,MAEJ,UAAU;AAAA,QACN,OAAO,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC3B,UAAIA,EAAM,SAAS,YACfD,EAAQ,OAAOC,EAAM,QAAQ;AAAA,QAErC;AAAA,QACA,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,eAAeC,EAAM,OAAO,cACpCD,EAAQ,cAAcC,EAAM,OAAO,aACnCD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,aAAa;AAAA,QACT,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,gBAAgB,CAACA,EAAQ,YAAa,OAAM,IAAI,MAAM,uBAAuB;AAC1F,mBAAO,EAAE,cAAcA,EAAQ,cAAc,aAAaA,EAAQ,aAAa,MAAMA,EAAQ,KAAA;AAAA,UACjG;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,WAAWC,EAAM,OAAO,UAChCD,EAAQ,gBAAgBC,EAAM,OAAO,iBAAiB,MACtDD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,UAAU;AAAA,QACN,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,WAAA;AAAA,UACjB,OAAO,EAAE,QAAQ,QAAQ,SAASA,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASA,EAAc,EAAE,SAAAH,KAAmD;AACxE,EAAAA,EAAQ,eAAe,MACvBA,EAAQ,cAAc,MACtBA,EAAQ,OAAO,MACfA,EAAQ,WAAW,MACnBA,EAAQ,gBAAgB,MACxBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAAoChB,GAAgB;AACxE,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;AC7HA,MAAMS,IAAmC;AAAA,EACrC,UAAU;AAAA,EACV,YAAY;AAAA,EACZ,QAAQ;AAAA,EACR,eAAe;AAAA,EACf,WAAW;AAAA,EACX,mBAAmB;AAAA,EACnB,aAAa;AAAA,EACb,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAASiC,EAAuB/B,GAAwB;AAC3D,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,gBAAgBC,EAAY,OAAO,EAAE,OAAAE,QAA6C;AAC9E,cAAMD,IAAS,MAAMH,EAAO,eAAe,EAAE,UAAUI,EAAM,UAAU;AACvE,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,iBAAiBD,EAAY,OAAO,EAAE,OAAAE,QAA6C;AAC/E,cAAMD,IAAS,MAAMH,EAAO,gBAAgB,EAAE,UAAUI,EAAM,UAAU;AACxE,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,iBAAiBD,EAAY,OAAO,EAAE,OAAAE,QAA2D;AAC7F,cAAMD,IAAS,MAAMH,EAAO,gBAAgB,EAAE,UAAUI,EAAM,UAAU,MAAMA,EAAM,KAAA,CAAM;AAC1F,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,iBAAiBD,EAAY,OAAO,EAAE,OAAAE,QAAkE;AACpG,cAAM4B,IAAwB,MAAMJ,EAAoBxB,EAAM,WAAW,GACnED,IAAS,MAAMH,EAAO,gBAAgB,EAAE,UAAUI,EAAM,UAAU,uBAAA4B,GAAuB;AAC/F,YAAI,CAAC7B,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,oBAAoBD,EAAY,OAAO,EAAE,OAAAE,QAAyC;AAC9E,cAAMD,IAAS,MAAMH,EAAO,mBAAmB,EAAE,cAAcI,EAAM,MAAM;AAC3E,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASL;AAAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,WAAA;AAAA,UAChB,iBAAiB,EAAE,QAAQ,oBAAA;AAAA,QAAoB;AAAA,MACnD;AAAA,MAEJ,UAAU;AAAA,QACN,OAAO,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC3B,UAAIA,EAAM,SAAS,WACfD,EAAQ,WAAWC,EAAM;AAAA,QAEjC;AAAA,QACA,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,SAAU,OAAM,IAAI,MAAM,aAAa;AACpD,mBAAO,EAAE,UAAUA,EAAQ,SAAA;AAAA,UAC/B;AAAA,UACA,QAAQ;AAAA,YACJ;AAAA,cACI,OAAO,CAAC,EAAE,OAAAC,QAAYA,EAAM,OAAO,SAAS;AAAA,cAC5C,QAAQ;AAAA,cACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,YAAA;AAAA,YAE5E;AAAA,cACI,QAAQ;AAAA,cACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,YAAA;AAAA,UAC5E;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,WAAW;AAAA,QACP,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,YAAY,CAACA,EAAQ,YAAa,OAAM,IAAI,MAAM,sBAAsB;AACrF,mBAAO,EAAE,UAAUA,EAAQ,UAAU,aAAaA,EAAQ,YAAA;AAAA,UAC9D;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,SAASC,EAAM,OAAO,QAC9BD,EAAQ,gBAAgBC,EAAM,OAAO,eACrCD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,cAAc;AAAA,QACV,IAAI;AAAA,UACA,QAAQ,EAAE,QAAQ,YAAA;AAAA,UAClB,QAAQ,EAAE,QAAQ,YAAA;AAAA,UAClB,iBAAiB,EAAE,QAAQ,oBAAA;AAAA,UAC3B,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,mBAAmB;AAAA,QACf,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,OAAAF,QAAY;AAClB,gBAAIA,EAAM,SAAS,kBAAmB,OAAM,IAAI,MAAM,kDAAkD;AACxG,mBAAO,EAAE,MAAMA,EAAM,KAAA;AAAA,UACzB;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,SAASC,EAAM,OAAO,QAC9BD,EAAQ,gBAAgBC,EAAM,OAAO,eACrCD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,WAAW;AAAA,QACP,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,QAAc;AACpB,gBAAI,CAACA,EAAQ,SAAU,OAAM,IAAI,MAAM,aAAa;AACpD,mBAAO,EAAE,UAAUA,EAAQ,SAAA;AAAA,UAC/B;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYI,EAAkBL,GAASC,EAAM,MAAM;AAAA,UAAA;AAAA,UAE5E,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,WAAW;AAAA,QACP,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC3B,gBAAIA,EAAM,SAAS,SAAU,OAAM,IAAI,MAAM,iCAAiC;AAC9E,gBAAI,CAACD,EAAQ,SAAU,OAAM,IAAI,MAAM,aAAa;AACpD,mBAAO,EAAE,UAAUA,EAAQ,UAAU,MAAMC,EAAM,KAAA;AAAA,UACrD;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,SAASC,EAAM,OAAO,QAC9BD,EAAQ,gBAAgBC,EAAM,OAAO,eACrCD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,UAAU;AAAA,QACN,IAAI;AAAA,UACA,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,WAAA;AAAA,UAChB,iBAAiB,EAAE,QAAQ,oBAAA;AAAA,UAC3B,OAAO,EAAE,QAAQ,QAAQ,SAASA,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASE,EAAkBL,GAA2BM,GAA6I;AAC/L,EAAAN,EAAQ,aAAaM,EAAO,MAC5BN,EAAQ,YAAYM,EAAO,aAAa,MACxCN,EAAQ,oBAAoBM,EAAO,qBAAqB,MACxDN,EAAQ,cAAcM,EAAO,eAAe,MAC5CN,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASG,EAAc,EAAE,SAAAH,KAA0C;AAC/D,EAAAA,EAAQ,WAAW,MACnBA,EAAQ,aAAa,MACrBA,EAAQ,SAAS,MACjBA,EAAQ,gBAAgB,MACxBA,EAAQ,YAAY,MACpBA,EAAQ,oBAAoB,MAC5BA,EAAQ,cAAc,MACtBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAA2BhB,GAAgB;AAC/D,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;AC1OA,MAAMS,IAAiC;AAAA,EACnC,OAAO,CAAA;AAAA,EACP,WAAW;AAAA,EACX,cAAc;AAClB;AAEO,SAASmC,EAAqBjC,GAAwB;AACzD,SAAOC,EAAM;AAAA,IACT,OAAO;AAAA,MACH,SAAS,CAAA;AAAA,MACT,QAAQ,CAAA;AAAA,IAAC;AAAA,IAEb,QAAQ;AAAA,MACJ,MAAMC,EAAY,YAAY;AAC1B,cAAMC,IAAS,MAAMH,EAAO,YAAA;AAC5B,YAAI,CAACG,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOA,EAAO;AAAA,MAClB,CAAC;AAAA,MACD,QAAQD,EAAY,OAAO,EAAE,OAAAE,QAA6C;AACtE,cAAMD,IAAS,MAAMH,EAAO,aAAaI,EAAM,QAAQ;AACvD,YAAI,CAACD,EAAO;AACR,gBAAM,IAAIT,EAAgBS,EAAO,MAAMA,EAAO,SAASA,EAAO,YAAYA,EAAO,WAAW,IAAI;AAEpG,eAAOC,EAAM;AAAA,MACjB,CAAC;AAAA,IAAA;AAAA,EACL,CACH,EAAE,cAAc;AAAA,IACb,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,SAASN;AAAA,IACT,QAAQ;AAAA,MACJ,MAAM;AAAA,QACF,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,UAAA;AAAA,QAAU;AAAA,MAC9B;AAAA,MAEJ,SAAS;AAAA,QACL,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAO,GAAS,OAAAC,QAAY;AAC7B,cAAAD,EAAQ,QAAQC,EAAM,QACtBD,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,OAAO;AAAA,QACH,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,UAAA;AAAA,UAChB,QAAQ,EAAE,QAAQ,WAAA;AAAA,QAAW;AAAA,MACjC;AAAA,MAEJ,UAAU;AAAA,QACN,QAAQ;AAAA,UACJ,KAAK;AAAA,UACL,OAAO,CAAC,EAAE,OAAAA,QAAY;AAClB,gBAAIA,EAAM,SAAS,SAAU,OAAM,IAAI,MAAM,gCAAgC;AAC7E,mBAAO,EAAE,UAAUA,EAAM,SAAA;AAAA,UAC7B;AAAA,UACA,QAAQ;AAAA,YACJ,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAD,GAAS,OAAAC,QAAY;AAC7B,oBAAM4B,IAAY5B,EAAM;AACxB,cAAAD,EAAQ,QAAQA,EAAQ,MAAM,OAAO,CAAC8B,MAAMA,EAAE,OAAOD,CAAS,GAC9D7B,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAAA,YAC3B;AAAA,UAAA;AAAA,UAEJ,SAAS;AAAA,YACL,QAAQ;AAAA,YACR,SAAS,CAAC,EAAE,SAAAA,GAAS,OAAAC,QAAYC,EAAeF,GAASC,EAAM,KAAK;AAAA,UAAA;AAAA,QACxE;AAAA,MACJ;AAAA,MAEJ,QAAQ;AAAA,QACJ,IAAI;AAAA,UACA,MAAM,EAAE,QAAQ,UAAA;AAAA,UAChB,OAAO,EAAE,QAAQ,QAAQ,SAASE,EAAA;AAAA,QAAc;AAAA,MACpD;AAAA,IACJ;AAAA,EACJ,CACH;AACL;AAEA,SAASA,EAAc,EAAE,SAAAH,KAAwC;AAC7D,EAAAA,EAAQ,QAAQ,CAAA,GAChBA,EAAQ,YAAY,MACpBA,EAAQ,eAAe;AAC3B;AAEA,SAASE,EAAeF,GAAyBhB,GAAgB;AAC7D,EAAIA,aAAiBK,KACjBW,EAAQ,YAAYhB,EAAM,MAC1BgB,EAAQ,eAAehB,EAAM,YAE7BgB,EAAQ,YAAY,WACpBA,EAAQ,eAAehB,aAAiB,QAAQA,EAAM,UAAU;AAExE;ACnGO,SAAS+C,EAActD,GAAuC;AACjE,QAAMkB,IAAS,IAAInB,EAAcC,CAAM,GAEjCuD,IAAiBC,EAAYvC,EAA4BC,CAAM,CAAC,GAChEuC,IAAkBD,EAAY7B,EAA6BT,CAAM,CAAC,GAClEwC,IAAqBF,EAAYT,EAAgC7B,CAAM,CAAC,GACxEyC,IAAYH,EAAYP,EAAuB/B,CAAM,CAAC,GACtD0C,IAAUJ,EAAYL,EAAqBjC,CAAM,CAAC;AAExD,SAAAqC,EAAe,MAAA,GACfE,EAAgB,MAAA,GAChBC,EAAmB,MAAA,GACnBC,EAAU,MAAA,GACVC,EAAQ,MAAA,GAED;AAAA,IACH,QAAA1C;AAAA,IACA,gBAAAqC;AAAA,IACA,iBAAAE;AAAA,IACA,oBAAAC;AAAA,IACA,WAAAC;AAAA,IACA,SAAAC;AAAA,IACA,UAAU;AACN,MAAAL,EAAe,KAAA,GACfE,EAAgB,KAAA,GAChBC,EAAmB,KAAA,GACnBC,EAAU,KAAA,GACVC,EAAQ,KAAA;AAAA,IACZ;AAAA,EAAA;AAER;"}
|
|
@@ -4,6 +4,8 @@ export interface ChallengeContext {
|
|
|
4
4
|
methodId: string | null;
|
|
5
5
|
methodType: TwoFactorMethodType | null;
|
|
6
6
|
userId: string | null;
|
|
7
|
+
/** Verified-handoff token, set at `verified`. Send this to the host's finalize endpoint, not the pre-auth token. */
|
|
8
|
+
verifiedToken: string | null;
|
|
7
9
|
/** UTC ISO instant an Email login code stops validating. Null for TOTP. */
|
|
8
10
|
expiresAt: string | null;
|
|
9
11
|
/** UTC ISO instant an Email login code may be re-sent. Null for TOTP. */
|