npm - @playcademy/sdk - Versions diffs - 0.2.1 → 0.2.3 - Mend

@playcademy/sdk 0.2.1 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.js CHANGED Viewed

@@ -1,3 +1,202 @@
+// src/messaging.ts
+var MessageEvents;
+((MessageEvents2) => {
+  MessageEvents2["INIT"] = "PLAYCADEMY_INIT";
+  MessageEvents2["TOKEN_REFRESH"] = "PLAYCADEMY_TOKEN_REFRESH";
+  MessageEvents2["PAUSE"] = "PLAYCADEMY_PAUSE";
+  MessageEvents2["RESUME"] = "PLAYCADEMY_RESUME";
+  MessageEvents2["FORCE_EXIT"] = "PLAYCADEMY_FORCE_EXIT";
+  MessageEvents2["OVERLAY"] = "PLAYCADEMY_OVERLAY";
+  MessageEvents2["CONNECTION_STATE"] = "PLAYCADEMY_CONNECTION_STATE";
+  MessageEvents2["READY"] = "PLAYCADEMY_READY";
+  MessageEvents2["EXIT"] = "PLAYCADEMY_EXIT";
+  MessageEvents2["TELEMETRY"] = "PLAYCADEMY_TELEMETRY";
+  MessageEvents2["KEY_EVENT"] = "PLAYCADEMY_KEY_EVENT";
+  MessageEvents2["DISPLAY_ALERT"] = "PLAYCADEMY_DISPLAY_ALERT";
+  MessageEvents2["AUTH_STATE_CHANGE"] = "PLAYCADEMY_AUTH_STATE_CHANGE";
+  MessageEvents2["AUTH_CALLBACK"] = "PLAYCADEMY_AUTH_CALLBACK";
+})(MessageEvents ||= {});
+class PlaycademyMessaging {
+  listeners = new Map;
+  send(type, payload, options) {
+    if (options?.target) {
+      this.sendViaPostMessage(type, payload, options.target, options.origin || "*");
+      return;
+    }
+    const context = this.getMessagingContext(type);
+    if (context.shouldUsePostMessage) {
+      this.sendViaPostMessage(type, payload, context.target, context.origin);
+    } else {
+      this.sendViaCustomEvent(type, payload);
+    }
+  }
+  listen(type, handler) {
+    const postMessageListener = (event) => {
+      const messageEvent = event;
+      if (messageEvent.data?.type === type) {
+        handler(messageEvent.data.payload || messageEvent.data);
+      }
+    };
+    const customEventListener = (event) => {
+      handler(event.detail);
+    };
+    if (!this.listeners.has(type)) {
+      this.listeners.set(type, new Map);
+    }
+    const listenerMap = this.listeners.get(type);
+    listenerMap.set(handler, {
+      postMessage: postMessageListener,
+      customEvent: customEventListener
+    });
+    window.addEventListener("message", postMessageListener);
+    window.addEventListener(type, customEventListener);
+  }
+  unlisten(type, handler) {
+    const typeListeners = this.listeners.get(type);
+    if (!typeListeners || !typeListeners.has(handler)) {
+      return;
+    }
+    const listeners = typeListeners.get(handler);
+    window.removeEventListener("message", listeners.postMessage);
+    window.removeEventListener(type, listeners.customEvent);
+    typeListeners.delete(handler);
+    if (typeListeners.size === 0) {
+      this.listeners.delete(type);
+    }
+  }
+  getMessagingContext(eventType) {
+    const isIframe = typeof window !== "undefined" && window.self !== window.top;
+    const iframeToParentEvents = [
+      "PLAYCADEMY_READY" /* READY */,
+      "PLAYCADEMY_EXIT" /* EXIT */,
+      "PLAYCADEMY_TELEMETRY" /* TELEMETRY */,
+      "PLAYCADEMY_KEY_EVENT" /* KEY_EVENT */,
+      "PLAYCADEMY_DISPLAY_ALERT" /* DISPLAY_ALERT */
+    ];
+    const shouldUsePostMessage = isIframe && iframeToParentEvents.includes(eventType);
+    return {
+      shouldUsePostMessage,
+      target: shouldUsePostMessage ? window.parent : undefined,
+      origin: "*"
+    };
+  }
+  sendViaPostMessage(type, payload, target = window.parent, origin = "*") {
+    const messageData = { type };
+    if (payload !== undefined) {
+      messageData.payload = payload;
+    }
+    target.postMessage(messageData, origin);
+  }
+  sendViaCustomEvent(type, payload) {
+    window.dispatchEvent(new CustomEvent(type, { detail: payload }));
+  }
+}
+var messaging = new PlaycademyMessaging;
+// src/core/static/init.ts
+async function getPlaycademyConfig(allowedParentOrigins) {
+  const preloaded = window.PLAYCADEMY;
+  if (preloaded?.token) {
+    return preloaded;
+  }
+  if (window.self !== window.top) {
+    return await waitForPlaycademyInit(allowedParentOrigins);
+  } else {
+    return createStandaloneConfig();
+  }
+}
+function getReferrerOrigin() {
+  try {
+    return document.referrer ? new URL(document.referrer).origin : null;
+  } catch {
+    return null;
+  }
+}
+function buildAllowedOrigins(explicit) {
+  if (Array.isArray(explicit) && explicit.length > 0)
+    return explicit;
+  const ref = getReferrerOrigin();
+  return ref ? [ref] : [];
+}
+function isOriginAllowed(origin, allowlist) {
+  if (window.location.hostname === "localhost" || window.location.hostname === "127.0.0.1") {
+    return true;
+  }
+  if (!allowlist || allowlist.length === 0) {
+    console.error("[Playcademy SDK] No allowed origins configured. Consider passing allowedParentOrigins explicitly to init().");
+    return false;
+  }
+  return allowlist.includes(origin);
+}
+async function waitForPlaycademyInit(allowedParentOrigins) {
+  return new Promise((resolve, reject) => {
+    let contextReceived = false;
+    const timeoutDuration = 5000;
+    const allowlist = buildAllowedOrigins(allowedParentOrigins);
+    let hasWarnedAboutUntrustedOrigin = false;
+    function warnAboutUntrustedOrigin(origin) {
+      if (hasWarnedAboutUntrustedOrigin)
+        return;
+      hasWarnedAboutUntrustedOrigin = true;
+      console.warn("[Playcademy SDK] Ignoring INIT from untrusted origin:", origin);
+    }
+    const handleMessage = (event) => {
+      if (event.data?.type !== "PLAYCADEMY_INIT" /* INIT */)
+        return;
+      if (!isOriginAllowed(event.origin, allowlist)) {
+        warnAboutUntrustedOrigin(event.origin);
+        return;
+      }
+      contextReceived = true;
+      window.removeEventListener("message", handleMessage);
+      clearTimeout(timeoutId);
+      window.PLAYCADEMY = event.data.payload;
+      resolve(event.data.payload);
+    };
+    window.addEventListener("message", handleMessage);
+    const timeoutId = setTimeout(() => {
+      if (!contextReceived) {
+        window.removeEventListener("message", handleMessage);
+        reject(new Error(`${"PLAYCADEMY_INIT" /* INIT */} not received within ${timeoutDuration}ms`));
+      }
+    }, timeoutDuration);
+  });
+}
+function createStandaloneConfig() {
+  console.debug("[Playcademy SDK] Standalone mode detected, creating mock context for sandbox development");
+  const mockConfig = {
+    baseUrl: "http://localhost:4321",
+    gameUrl: window.location.origin,
+    token: "mock-game-token-for-local-dev",
+    gameId: "mock-game-id-from-template",
+    realtimeUrl: undefined
+  };
+  window.PLAYCADEMY = mockConfig;
+  return mockConfig;
+}
+async function init(options) {
+  if (typeof window === "undefined") {
+    throw new Error("Playcademy SDK must run in a browser context");
+  }
+  const config = await getPlaycademyConfig(options?.allowedParentOrigins);
+  if (options?.baseUrl) {
+    config.baseUrl = options.baseUrl;
+  }
+  const client = new this({
+    baseUrl: config.baseUrl,
+    gameUrl: config.gameUrl,
+    token: config.token,
+    gameId: config.gameId,
+    autoStartSession: window.self !== window.top,
+    onDisconnect: options?.onDisconnect,
+    enableConnectionMonitoring: options?.enableConnectionMonitoring
+  });
+  client["initPayload"] = config;
+  messaging.listen("PLAYCADEMY_TOKEN_REFRESH" /* TOKEN_REFRESH */, ({ token }) => client.setToken(token));
+  messaging.send("PLAYCADEMY_READY" /* READY */, undefined);
+  return client;
+}
 // ../logger/src/index.ts
 var isBrowser = () => {
   const g = globalThis;
@@ -42,6 +241,7 @@ var detectOutputFormat = () => {
 };
 var colors = {
   reset: "\x1B[0m",
+  bold: "\x1B[1m",
   dim: "\x1B[2m",
   red: "\x1B[31m",
   yellow: "\x1B[33m",
@@ -63,44 +263,48 @@ var getLevelColor = (level) => {
       return colors.reset;
   }
 };
-var formatBrowserOutput = (level, message, context) => {
+var formatBrowserOutput = (level, message, context, scope) => {
   const timestamp = new Date().toISOString();
   const levelUpper = level.toUpperCase();
   const consoleMethod = getConsoleMethod(level);
+  const scopePrefix = scope ? `[${scope}] ` : "";
   if (context && Object.keys(context).length > 0) {
-    consoleMethod(`[${timestamp}] ${levelUpper}`, message, context);
+    consoleMethod(`[${timestamp}] ${levelUpper}`, `${scopePrefix}${message}`, context);
   } else {
-    consoleMethod(`[${timestamp}] ${levelUpper}`, message);
+    consoleMethod(`[${timestamp}] ${levelUpper}`, `${scopePrefix}${message}`);
   }
 };
-var formatColorTTY = (level, message, context) => {
+var formatColorTTY = (level, message, context, scope) => {
   const timestamp = new Date().toISOString();
   const levelColor = getLevelColor(level);
   const levelUpper = level.toUpperCase().padEnd(5);
   const consoleMethod = getConsoleMethod(level);
   const coloredPrefix = `${colors.dim}[${timestamp}]${colors.reset} ${levelColor}${levelUpper}${colors.reset}`;
+  const scopePrefix = scope ? `${colors.bold}[${scope}]${colors.reset} ` : "";
   if (context && Object.keys(context).length > 0) {
-    consoleMethod(`${coloredPrefix} ${message}`, context);
+    consoleMethod(`${coloredPrefix} ${scopePrefix}${message}`, context);
   } else {
-    consoleMethod(`${coloredPrefix} ${message}`);
+    consoleMethod(`${coloredPrefix} ${scopePrefix}${message}`);
   }
 };
-var formatJSONSingleLine = (level, message, context) => {
+var formatJSONSingleLine = (level, message, context, scope) => {
   const timestamp = new Date().toISOString();
   const logEntry = {
     timestamp,
     level: level.toUpperCase(),
+    ...scope && { scope },
     message,
     ...context && Object.keys(context).length > 0 && { context }
   };
   const consoleMethod = getConsoleMethod(level);
   consoleMethod(JSON.stringify(logEntry));
 };
-var formatJSONPretty = (level, message, context) => {
+var formatJSONPretty = (level, message, context, scope) => {
   const timestamp = new Date().toISOString();
   const logEntry = {
     timestamp,
     level: level.toUpperCase(),
+    ...scope && { scope },
     message,
     ...context && Object.keys(context).length > 0 && { context }
   };
@@ -141,119 +345,216 @@ var shouldLog = (level) => {
   return levelPriority[level] >= levelPriority[minLevel];
 };
 var customHandler;
-var performLog = (level, message, context) => {
+var performLog = (level, message, context, scope) => {
   if (!shouldLog(level))
     return;
   if (customHandler) {
-    customHandler(level, message, context);
+    customHandler(level, message, context, scope);
     return;
   }
   const outputFormat = detectOutputFormat();
   switch (outputFormat) {
     case "browser":
-      formatBrowserOutput(level, message, context);
+      formatBrowserOutput(level, message, context, scope);
       break;
     case "color-tty":
-      formatColorTTY(level, message, context);
+      formatColorTTY(level, message, context, scope);
       break;
     case "json-single-line":
-      formatJSONSingleLine(level, message, context);
+      formatJSONSingleLine(level, message, context, scope);
       break;
     case "json-pretty":
-      formatJSONPretty(level, message, context);
+      formatJSONPretty(level, message, context, scope);
       break;
   }
 };
-var createLogger = () => {
+var createLogger = (scopeName) => {
   return {
-    debug: (message, context) => performLog("debug", message, context),
-    info: (message, context) => performLog("info", message, context),
-    warn: (message, context) => performLog("warn", message, context),
-    error: (message, context) => performLog("error", message, context),
-    log: performLog
+    debug: (message, context) => performLog("debug", message, context, scopeName),
+    info: (message, context) => performLog("info", message, context, scopeName),
+    warn: (message, context) => performLog("warn", message, context, scopeName),
+    error: (message, context) => performLog("error", message, context, scopeName),
+    log: (level, message, context) => performLog(level, message, context, scopeName),
+    scope: (name) => createLogger(scopeName ? `${scopeName}.${name}` : name)
   };
 };
 var log = createLogger();
-// src/core/auth/strategies.ts
-class ApiKeyAuth {
-  apiKey;
-  constructor(apiKey) {
-    this.apiKey = apiKey;
-  }
-  getToken() {
-    return this.apiKey;
-  }
-  getType() {
-    return "apiKey";
-  }
-  getHeaders() {
-    return { "x-api-key": this.apiKey };
+// src/core/errors.ts
+class PlaycademyError extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "PlaycademyError";
   }
 }
-class SessionAuth {
-  sessionToken;
-  constructor(sessionToken) {
-    this.sessionToken = sessionToken;
-  }
-  getToken() {
-    return this.sessionToken;
-  }
-  getType() {
-    return "session";
+class ApiError extends Error {
+  status;
+  code;
+  details;
+  rawBody;
+  constructor(status, code, message, details, rawBody) {
+    super(message);
+    this.status = status;
+    this.name = "ApiError";
+    this.code = code;
+    this.details = details;
+    this.rawBody = rawBody;
+    Object.setPrototypeOf(this, ApiError.prototype);
   }
-  getHeaders() {
-    return { Authorization: `Bearer ${this.sessionToken}` };
+  static fromResponse(status, statusText, body) {
+    if (body && typeof body === "object" && "error" in body) {
+      const errorBody = body;
+      const err = errorBody.error;
+      if (err && typeof err === "object") {
+        return new ApiError(status, err.code ?? statusCodeToErrorCode(status), err.message ?? statusText, err.details, body);
+      }
+    }
+    return new ApiError(status, statusCodeToErrorCode(status), statusText, undefined, body);
   }
-}
-class GameJwtAuth {
-  gameToken;
-  constructor(gameToken) {
-    this.gameToken = gameToken;
+  is(code) {
+    return this.code === code;
   }
-  getToken() {
-    return this.gameToken;
+  isClientError() {
+    return this.status >= 400 && this.status < 500;
   }
-  getType() {
-    return "gameJwt";
+  isServerError() {
+    return this.status >= 500;
   }
-  getHeaders() {
-    return { Authorization: `Bearer ${this.gameToken}` };
+  isRetryable() {
+    return this.isServerError() || this.code === "TOO_MANY_REQUESTS" || this.code === "RATE_LIMITED" || this.code === "TIMEOUT";
   }
 }
-class NoAuth {
-  getToken() {
-    return null;
+function statusCodeToErrorCode(status) {
+  switch (status) {
+    case 400:
+      return "BAD_REQUEST";
+    case 401:
+      return "UNAUTHORIZED";
+    case 403:
+      return "FORBIDDEN";
+    case 404:
+      return "NOT_FOUND";
+    case 405:
+      return "METHOD_NOT_ALLOWED";
+    case 409:
+      return "CONFLICT";
+    case 410:
+      return "GONE";
+    case 412:
+      return "PRECONDITION_FAILED";
+    case 413:
+      return "PAYLOAD_TOO_LARGE";
+    case 422:
+      return "VALIDATION_FAILED";
+    case 429:
+      return "TOO_MANY_REQUESTS";
+    case 500:
+      return "INTERNAL_ERROR";
+    case 501:
+      return "NOT_IMPLEMENTED";
+    case 503:
+      return "SERVICE_UNAVAILABLE";
+    case 504:
+      return "TIMEOUT";
+    default:
+      return status >= 500 ? "INTERNAL_ERROR" : "BAD_REQUEST";
   }
-  getType() {
-    return "session";
-  }
-  getHeaders() {
-    return {};
+}
+function extractApiErrorInfo(error) {
+  if (!(error instanceof ApiError)) {
+    return null;
   }
+  return {
+    status: error.status,
+    code: error.code,
+    message: error.message,
+    ...error.details !== undefined && { details: error.details }
+  };
 }
-function createAuthStrategy(token, tokenType) {
-  if (!token) {
-    return new NoAuth;
+// src/core/static/login.ts
+async function login(baseUrl, email, password) {
+  let url = baseUrl;
+  if (baseUrl.startsWith("/") && typeof window !== "undefined") {
+    url = window.location.origin + baseUrl;
   }
-  if (tokenType === "apiKey") {
-    return new ApiKeyAuth(token);
+  url = url + "/auth/login";
+  const response = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify({ email, password })
+  });
+  if (!response.ok) {
+    try {
+      const errorData = await response.json();
+      const errorMessage = errorData && errorData.message ? String(errorData.message) : response.statusText;
+      throw new PlaycademyError(errorMessage);
+    } catch (error) {
+      log.error("[Playcademy SDK] Failed to parse error response JSON, using status text instead:", { error });
+      throw new PlaycademyError(response.statusText);
+    }
   }
-  if (tokenType === "session") {
-    return new SessionAuth(token);
+  return response.json();
+}
+// ../utils/src/random.ts
+async function generateSecureRandomString(length) {
+  const charset = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
+  const randomValues = new Uint8Array(length);
+  globalThis.crypto.getRandomValues(randomValues);
+  return Array.from(randomValues).map((byte) => charset[byte % charset.length]).join("");
+}
+// src/core/auth/oauth.ts
+function getTimebackConfig() {
+  return {
+    authorizationEndpoint: "https://alpha-auth-production-idp.auth.us-west-2.amazoncognito.com/oauth2/authorize",
+    tokenEndpoint: "https://alpha-auth-production-idp.auth.us-west-2.amazoncognito.com/oauth2/token",
+    scope: "openid email phone"
+  };
+}
+var OAUTH_CONFIGS = {
+  get TIMEBACK() {
+    return getTimebackConfig;
   }
-  if (tokenType === "gameJwt") {
-    return new GameJwtAuth(token);
+};
+async function generateOAuthState(data) {
+  const csrfToken = await generateSecureRandomString(32);
+  if (data && Object.keys(data).length > 0) {
+    const jsonStr = JSON.stringify(data);
+    const base64 = btoa(jsonStr).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+    return `${csrfToken}.${base64}`;
   }
-  if (token.startsWith("cademy")) {
-    return new ApiKeyAuth(token);
+  return csrfToken;
+}
+function parseOAuthState(state) {
+  const lastDotIndex = state.lastIndexOf(".");
+  if (lastDotIndex > 0 && lastDotIndex < state.length - 1) {
+    try {
+      const csrfToken = state.substring(0, lastDotIndex);
+      const base64 = state.substring(lastDotIndex + 1);
+      const base64WithPadding = base64.replace(/-/g, "+").replace(/_/g, "/");
+      const paddedBase64 = base64WithPadding + "=".repeat((4 - base64WithPadding.length % 4) % 4);
+      const jsonStr = atob(paddedBase64);
+      const data = JSON.parse(jsonStr);
+      return { csrfToken, data };
+    } catch {}
   }
-  return new GameJwtAuth(token);
+  return { csrfToken: state };
+}
+function getOAuthConfig(provider) {
+  const configGetter = OAUTH_CONFIGS[provider];
+  if (!configGetter)
+    throw new Error(`Unsupported auth provider: ${provider}`);
+  return configGetter();
 }
+// src/core/static/identity.ts
+var identity = {
+  parseOAuthState
+};
 // src/core/auth/utils.ts
 function openPopupWindow(url, name = "auth-popup", width = 500, height = 600) {
   const left = window.screenX + (window.outerWidth - width) / 2;
@@ -283,845 +584,208 @@ function isInIframe() {
   }
 }
-// src/core/connection/monitor.ts
-class ConnectionMonitor {
-  state = "online";
-  callbacks = new Set;
-  heartbeatInterval;
-  consecutiveFailures = 0;
-  isMonitoring = false;
-  config;
-  constructor(config) {
-    this.config = {
-      baseUrl: config.baseUrl,
-      heartbeatInterval: config.heartbeatInterval ?? 1e4,
-      heartbeatTimeout: config.heartbeatTimeout ?? 5000,
-      failureThreshold: config.failureThreshold ?? 2,
-      enableHeartbeat: config.enableHeartbeat ?? true,
-      enableOfflineEvents: config.enableOfflineEvents ?? true
-    };
-    this._detectInitialState();
-  }
-  start() {
-    if (this.isMonitoring)
-      return;
-    this.isMonitoring = true;
-    if (this.config.enableOfflineEvents && typeof window !== "undefined") {
-      window.addEventListener("online", this._handleOnline);
-      window.addEventListener("offline", this._handleOffline);
-    }
-    if (this.config.enableHeartbeat) {
-      this._startHeartbeat();
-    }
-  }
-  stop() {
-    if (!this.isMonitoring)
-      return;
-    this.isMonitoring = false;
-    if (typeof window !== "undefined") {
-      window.removeEventListener("online", this._handleOnline);
-      window.removeEventListener("offline", this._handleOffline);
+// src/core/auth/flows/popup.ts
+async function initiatePopupFlow(options) {
+  const { provider, callbackUrl, onStateChange, oauth } = options;
+  try {
+    onStateChange?.({
+      status: "opening_popup",
+      message: "Opening authentication window..."
+    });
+    const defaults = getOAuthConfig(provider);
+    const config = oauth ? { ...defaults, ...oauth } : defaults;
+    if (!config.clientId) {
+      throw new Error(`clientId is required for ${provider} authentication. ` + "Please provide it in the oauth parameter.");
     }
-    if (this.heartbeatInterval) {
-      clearInterval(this.heartbeatInterval);
-      this.heartbeatInterval = undefined;
+    const stateData = options.stateData;
+    const state = await generateOAuthState(stateData);
+    const params = new URLSearchParams({
+      response_type: "code",
+      client_id: config.clientId,
+      redirect_uri: callbackUrl,
+      state
+    });
+    if (config.scope) {
+      params.set("scope", config.scope);
     }
-  }
-  onChange(callback) {
-    this.callbacks.add(callback);
-    return () => this.callbacks.delete(callback);
-  }
-  getState() {
-    return this.state;
-  }
-  async checkNow() {
-    await this._performHeartbeat();
-    return this.state;
-  }
-  reportRequestFailure(error) {
-    const isNetworkError = error instanceof TypeError || error instanceof Error && error.message.includes("fetch");
-    if (!isNetworkError)
-      return;
-    this.consecutiveFailures++;
-    if (this.consecutiveFailures >= this.config.failureThreshold) {
-      this._setState("degraded", "Multiple consecutive request failures");
+    const authUrl = `${config.authorizationEndpoint}?${params.toString()}`;
+    const popup = openPopupWindow(authUrl, "playcademy-auth");
+    if (!popup || popup.closed) {
+      throw new Error("Popup blocked. Please enable popups and try again.");
     }
+    onStateChange?.({
+      status: "exchanging_token",
+      message: "Waiting for authentication..."
+    });
+    return await waitForServerMessage(popup, onStateChange);
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : "Authentication failed";
+    onStateChange?.({
+      status: "error",
+      message: errorMessage,
+      error: error instanceof Error ? error : new Error(errorMessage)
+    });
+    throw error;
   }
-  reportRequestSuccess() {
-    if (this.consecutiveFailures > 0) {
-      this.consecutiveFailures = 0;
-      if (this.state === "degraded") {
-        this._setState("online", "Requests succeeding again");
+}
+async function waitForServerMessage(popup, onStateChange) {
+  return new Promise((resolve) => {
+    let resolved = false;
+    const handleMessage = (event) => {
+      if (event.origin !== window.location.origin)
+        return;
+      const data = event.data;
+      if (data?.type === "PLAYCADEMY_AUTH_STATE_CHANGE") {
+        resolved = true;
+        window.removeEventListener("message", handleMessage);
+        if (data.authenticated && data.user) {
+          onStateChange?.({
+            status: "complete",
+            message: "Authentication successful"
+          });
+          resolve({
+            success: true,
+            user: data.user
+          });
+        } else {
+          const error = new Error(data.error || "Authentication failed");
+          onStateChange?.({
+            status: "error",
+            message: error.message,
+            error
+          });
+          resolve({
+            success: false,
+            error
+          });
+        }
       }
-    }
-  }
-  _detectInitialState() {
-    if (typeof navigator !== "undefined" && !navigator.onLine) {
-      this.state = "offline";
-    }
-  }
-  _handleOnline = () => {
-    this.consecutiveFailures = 0;
-    this._setState("online", "Browser online event");
-  };
-  _handleOffline = () => {
-    this._setState("offline", "Browser offline event");
-  };
-  _startHeartbeat() {
-    this._performHeartbeat();
-    this.heartbeatInterval = setInterval(() => {
-      this._performHeartbeat();
-    }, this.config.heartbeatInterval);
-  }
-  async _performHeartbeat() {
-    if (typeof navigator !== "undefined" && !navigator.onLine) {
-      return;
-    }
-    try {
-      const controller = new AbortController;
-      const timeoutId = setTimeout(() => controller.abort(), this.config.heartbeatTimeout);
-      const response = await fetch(`${this.config.baseUrl}/ping`, {
-        method: "GET",
-        signal: controller.signal,
-        cache: "no-store"
-      });
-      clearTimeout(timeoutId);
-      if (response.ok) {
-        this.consecutiveFailures = 0;
-        if (this.state !== "online") {
-          this._setState("online", "Heartbeat successful");
-        }
-      } else {
-        this._handleHeartbeatFailure("Heartbeat returned non-OK status");
+    };
+    window.addEventListener("message", handleMessage);
+    const checkClosed = setInterval(() => {
+      if (popup.closed && !resolved) {
+        clearInterval(checkClosed);
+        window.removeEventListener("message", handleMessage);
+        const error = new Error("Authentication cancelled");
+        onStateChange?.({
+          status: "error",
+          message: error.message,
+          error
+        });
+        resolve({
+          success: false,
+          error
+        });
       }
-    } catch (error) {
-      this._handleHeartbeatFailure(error instanceof Error ? error.message : "Heartbeat failed");
-    }
-  }
-  _handleHeartbeatFailure(reason) {
-    this.consecutiveFailures++;
-    if (this.consecutiveFailures >= this.config.failureThreshold) {
-      if (typeof navigator !== "undefined" && !navigator.onLine) {
-        this._setState("offline", reason);
-      } else {
-        this._setState("degraded", reason);
+    }, 500);
+    setTimeout(() => {
+      if (!resolved) {
+        window.removeEventListener("message", handleMessage);
+        clearInterval(checkClosed);
+        const error = new Error("Authentication timeout");
+        onStateChange?.({
+          status: "error",
+          message: error.message,
+          error
+        });
+        resolve({
+          success: false,
+          error
+        });
       }
+    }, 5 * 60 * 1000);
+  });
+}
+// src/core/auth/flows/redirect.ts
+async function initiateRedirectFlow(options) {
+  const { provider, callbackUrl, onStateChange, oauth } = options;
+  try {
+    onStateChange?.({
+      status: "opening_popup",
+      message: "Redirecting to authentication provider..."
+    });
+    const defaults = getOAuthConfig(provider);
+    const config = oauth ? { ...defaults, ...oauth } : defaults;
+    if (!config.clientId) {
+      throw new Error(`clientId is required for ${provider} authentication. ` + "Please provide it in the oauth parameter.");
     }
-  }
-  _setState(newState, reason) {
-    if (this.state === newState)
-      return;
-    const oldState = this.state;
-    this.state = newState;
-    console.debug(`[ConnectionMonitor] ${oldState} → ${newState}: ${reason}`);
-    this.callbacks.forEach((callback) => {
-      try {
-        callback(newState, reason);
-      } catch (error) {
-        console.error("[ConnectionMonitor] Error in callback:", error);
-      }
+    const stateData = options.stateData;
+    const state = await generateOAuthState(stateData);
+    const params = new URLSearchParams({
+      response_type: "code",
+      client_id: config.clientId,
+      redirect_uri: callbackUrl,
+      state
+    });
+    if (config.scope) {
+      params.set("scope", config.scope);
+    }
+    const authUrl = `${config.authorizationEndpoint}?${params.toString()}`;
+    window.location.href = authUrl;
+    return new Promise(() => {});
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : "Authentication failed";
+    onStateChange?.({
+      status: "error",
+      message: errorMessage,
+      error: error instanceof Error ? error : new Error(errorMessage)
     });
+    throw error;
   }
 }
-// src/messaging.ts
-var MessageEvents;
-((MessageEvents2) => {
-  MessageEvents2["INIT"] = "PLAYCADEMY_INIT";
-  MessageEvents2["TOKEN_REFRESH"] = "PLAYCADEMY_TOKEN_REFRESH";
-  MessageEvents2["PAUSE"] = "PLAYCADEMY_PAUSE";
-  MessageEvents2["RESUME"] = "PLAYCADEMY_RESUME";
-  MessageEvents2["FORCE_EXIT"] = "PLAYCADEMY_FORCE_EXIT";
-  MessageEvents2["OVERLAY"] = "PLAYCADEMY_OVERLAY";
-  MessageEvents2["CONNECTION_STATE"] = "PLAYCADEMY_CONNECTION_STATE";
-  MessageEvents2["READY"] = "PLAYCADEMY_READY";
-  MessageEvents2["EXIT"] = "PLAYCADEMY_EXIT";
-  MessageEvents2["TELEMETRY"] = "PLAYCADEMY_TELEMETRY";
-  MessageEvents2["KEY_EVENT"] = "PLAYCADEMY_KEY_EVENT";
-  MessageEvents2["DISPLAY_ALERT"] = "PLAYCADEMY_DISPLAY_ALERT";
-  MessageEvents2["AUTH_STATE_CHANGE"] = "PLAYCADEMY_AUTH_STATE_CHANGE";
-  MessageEvents2["AUTH_CALLBACK"] = "PLAYCADEMY_AUTH_CALLBACK";
-})(MessageEvents ||= {});
-class PlaycademyMessaging {
-  listeners = new Map;
-  send(type, payload, options) {
-    if (options?.target) {
-      this.sendViaPostMessage(type, payload, options.target, options.origin || "*");
-      return;
-    }
-    const context = this.getMessagingContext(type);
-    if (context.shouldUsePostMessage) {
-      this.sendViaPostMessage(type, payload, context.target, context.origin);
-    } else {
-      this.sendViaCustomEvent(type, payload);
-    }
+// src/core/auth/flows/unified.ts
+async function initiateUnifiedFlow(options) {
+  const { mode = "auto" } = options;
+  const effectiveMode = mode === "auto" ? isInIframe() ? "popup" : "redirect" : mode;
+  switch (effectiveMode) {
+    case "popup":
+      return initiatePopupFlow(options);
+    case "redirect":
+      return initiateRedirectFlow(options);
+    default:
+      throw new Error(`Unsupported authentication mode: ${effectiveMode}`);
   }
-  listen(type, handler) {
-    const postMessageListener = (event) => {
-      const messageEvent = event;
-      if (messageEvent.data?.type === type) {
-        handler(messageEvent.data.payload || messageEvent.data);
+}
+// src/core/auth/login.ts
+async function login2(client, options) {
+  try {
+    let stateData = options.stateData;
+    if (!stateData) {
+      try {
+        const currentUser = await client.users.me();
+        if (currentUser?.id) {
+          stateData = { playcademy_user_id: currentUser.id };
+        }
+      } catch {
+        log.debug("[Playcademy SDK] No current user available for state data");
       }
-    };
-    const customEventListener = (event) => {
-      handler(event.detail);
-    };
-    if (!this.listeners.has(type)) {
-      this.listeners.set(type, new Map);
     }
-    const listenerMap = this.listeners.get(type);
-    listenerMap.set(handler, {
-      postMessage: postMessageListener,
-      customEvent: customEventListener
+    log.debug("[Playcademy SDK] Starting OAuth login", {
+      provider: options.provider,
+      mode: options.mode || "auto",
+      callbackUrl: options.callbackUrl,
+      hasStateData: !!stateData
     });
-    window.addEventListener("message", postMessageListener);
-    window.addEventListener(type, customEventListener);
-  }
-  unlisten(type, handler) {
-    const typeListeners = this.listeners.get(type);
-    if (!typeListeners || !typeListeners.has(handler)) {
-      return;
-    }
-    const listeners = typeListeners.get(handler);
-    window.removeEventListener("message", listeners.postMessage);
-    window.removeEventListener(type, listeners.customEvent);
-    typeListeners.delete(handler);
-    if (typeListeners.size === 0) {
-      this.listeners.delete(type);
+    const optionsWithState = {
+      ...options,
+      stateData
+    };
+    const result = await initiateUnifiedFlow(optionsWithState);
+    if (result.success && result.user) {
+      log.debug("[Playcademy SDK] OAuth login successful", {
+        userId: result.user.sub
+      });
     }
-  }
-  getMessagingContext(eventType) {
-    const isIframe = typeof window !== "undefined" && window.self !== window.top;
-    const iframeToParentEvents = [
-      "PLAYCADEMY_READY" /* READY */,
-      "PLAYCADEMY_EXIT" /* EXIT */,
-      "PLAYCADEMY_TELEMETRY" /* TELEMETRY */,
-      "PLAYCADEMY_KEY_EVENT" /* KEY_EVENT */,
-      "PLAYCADEMY_DISPLAY_ALERT" /* DISPLAY_ALERT */
-    ];
-    const shouldUsePostMessage = isIframe && iframeToParentEvents.includes(eventType);
+    return result;
+  } catch (error) {
+    log.error("[Playcademy SDK] OAuth login failed", { error });
+    const authError = error instanceof Error ? error : new Error("Authentication failed");
     return {
-      shouldUsePostMessage,
-      target: shouldUsePostMessage ? window.parent : undefined,
-      origin: "*"
-    };
-  }
-  sendViaPostMessage(type, payload, target = window.parent, origin = "*") {
-    const messageData = { type };
-    if (payload !== undefined) {
-      messageData.payload = payload;
-    }
-    target.postMessage(messageData, origin);
-  }
-  sendViaCustomEvent(type, payload) {
-    window.dispatchEvent(new CustomEvent(type, { detail: payload }));
-  }
-}
-var messaging = new PlaycademyMessaging;
-// src/core/connection/utils.ts
-function createDisplayAlert(authContext) {
-  return (message, options) => {
-    if (authContext?.isInIframe && typeof window !== "undefined" && window.parent !== window) {
-      window.parent.postMessage({
-        type: "PLAYCADEMY_DISPLAY_ALERT",
-        message,
-        options
-      }, "*");
-    } else {
-      const prefix = options?.type === "error" ? "❌" : options?.type === "warning" ? "⚠️" : "ℹ️";
-      console.log(`${prefix} ${message}`);
-    }
-  };
-}
-// src/core/connection/manager.ts
-class ConnectionManager {
-  monitor;
-  authContext;
-  disconnectHandler;
-  connectionChangeCallback;
-  currentState = "online";
-  additionalDisconnectHandlers = new Set;
-  constructor(config) {
-    this.authContext = config.authContext;
-    this.disconnectHandler = config.onDisconnect;
-    this.connectionChangeCallback = config.onConnectionChange;
-    if (config.authContext?.isInIframe) {
-      this._setupPlatformListener();
-    }
-  }
-  getState() {
-    return this.monitor?.getState() ?? this.currentState;
-  }
-  async checkNow() {
-    if (!this.monitor) {
-      return this.currentState;
-    }
-    return await this.monitor.checkNow();
-  }
-  reportRequestSuccess() {
-    this.monitor?.reportRequestSuccess();
-  }
-  reportRequestFailure(error) {
-    this.monitor?.reportRequestFailure(error);
-  }
-  onDisconnect(callback) {
-    this.additionalDisconnectHandlers.add(callback);
-    return () => {
-      this.additionalDisconnectHandlers.delete(callback);
-    };
-  }
-  stop() {
-    this.monitor?.stop();
-  }
-  _setupPlatformListener() {
-    messaging.listen("PLAYCADEMY_CONNECTION_STATE" /* CONNECTION_STATE */, ({ state, reason }) => {
-      this.currentState = state;
-      this._handleConnectionChange(state, reason);
-    });
-  }
-  _handleConnectionChange(state, reason) {
-    this.connectionChangeCallback?.(state, reason);
-    if (state === "offline" || state === "degraded") {
-      const context = {
-        state,
-        reason,
-        timestamp: Date.now(),
-        displayAlert: createDisplayAlert(this.authContext)
-      };
-      if (this.disconnectHandler) {
-        this.disconnectHandler(context);
-      }
-      this.additionalDisconnectHandlers.forEach((handler) => {
-        handler(context);
-      });
-    }
-  }
-}
-// src/core/errors.ts
-class PlaycademyError extends Error {
-  constructor(message) {
-    super(message);
-    this.name = "PlaycademyError";
-  }
-}
-class ApiError extends Error {
-  status;
-  details;
-  constructor(status, message, details) {
-    super(`${status} ${message}`);
-    this.status = status;
-    this.details = details;
-    Object.setPrototypeOf(this, ApiError.prototype);
-  }
-}
-function extractApiErrorInfo(error) {
-  if (!(error instanceof ApiError)) {
-    return null;
-  }
-  const info = {
-    status: error.status,
-    statusText: error.message
-  };
-  if (error.details) {
-    info.details = error.details;
-  }
-  return info;
-}
-// src/core/request.ts
-function checkDevWarnings(data) {
-  if (!data || typeof data !== "object")
-    return;
-  const response = data;
-  const warningType = response.__playcademyDevWarning;
-  if (!warningType)
-    return;
-  switch (warningType) {
-    case "timeback-not-configured":
-      console.warn("%c⚠️ TimeBack Not Configured", "background: #f59e0b; color: white; padding: 6px 12px; border-radius: 4px; font-weight: bold; font-size: 13px");
-      console.log("%cTimeBack is configured in playcademy.config.js but the sandbox does not have TimeBack credentials.", "color: #f59e0b; font-weight: 500");
-      console.log("To test TimeBack locally:");
-      console.log("  Set the following environment variables:");
-      console.log("    • %cTIMEBACK_ONEROSTER_API_URL", "color: #0ea5e9; font-weight: 600; font-family: monospace");
-      console.log("    • %cTIMEBACK_CALIPER_API_URL", "color: #0ea5e9; font-weight: 600; font-family: monospace");
-      console.log("    • %cTIMEBACK_API_CLIENT_ID/SECRET", "color: #0ea5e9; font-weight: 600; font-family: monospace");
-      console.log("  Or deploy your game: %cplaycademy deploy", "color: #10b981; font-weight: 600; font-family: monospace");
-      console.log("  Or wait for %c@superbuilders/timeback-local%c (coming soon)", "color: #8b5cf6; font-weight: 600; font-family: monospace", "color: inherit");
-      break;
-    default:
-      console.warn(`[Playcademy Dev Warning] ${warningType}`);
-  }
-}
-function prepareRequestBody(body, headers) {
-  if (body instanceof FormData) {
-    return body;
-  }
-  if (body instanceof ArrayBuffer || body instanceof Blob || ArrayBuffer.isView(body)) {
-    if (!headers["Content-Type"]) {
-      headers["Content-Type"] = "application/octet-stream";
-    }
-    return body;
-  }
-  if (body !== undefined && body !== null) {
-    headers["Content-Type"] = "application/json";
-    return JSON.stringify(body);
-  }
-  return;
-}
-async function request({
-  path,
-  baseUrl,
-  method = "GET",
-  body,
-  extraHeaders = {},
-  raw = false
-}) {
-  const url = baseUrl.replace(/\/$/, "") + (path.startsWith("/") ? path : `/${path}`);
-  const headers = { ...extraHeaders };
-  const payload = prepareRequestBody(body, headers);
-  const res = await fetch(url, {
-    method,
-    headers,
-    body: payload,
-    credentials: "omit"
-  });
-  if (raw) {
-    return res;
-  }
-  if (!res.ok) {
-    const clonedRes = res.clone();
-    const errorBody = await clonedRes.json().catch(() => clonedRes.text().catch(() => {
-      return;
-    })) ?? undefined;
-    throw new ApiError(res.status, res.statusText, errorBody);
-  }
-  if (res.status === 204)
-    return;
-  const contentType = res.headers.get("content-type") ?? "";
-  if (contentType.includes("application/json")) {
-    try {
-      const parsed = await res.json();
-      checkDevWarnings(parsed);
-      return parsed;
-    } catch (err) {
-      if (err instanceof SyntaxError)
-        return;
-      throw err;
-    }
-  }
-  const rawText = await res.text().catch(() => "");
-  return rawText && rawText.length > 0 ? rawText : undefined;
-}
-async function fetchManifest(deploymentUrl) {
-  const manifestUrl = `${deploymentUrl.replace(/\/$/, "")}/playcademy.manifest.json`;
-  try {
-    const response = await fetch(manifestUrl);
-    if (!response.ok) {
-      log.error(`[fetchManifest] Failed to fetch manifest from ${manifestUrl}. Status: ${response.status}`);
-      throw new PlaycademyError(`Failed to fetch manifest: ${response.status} ${response.statusText}`);
-    }
-    return await response.json();
-  } catch (error) {
-    if (error instanceof PlaycademyError) {
-      throw error;
-    }
-    log.error(`[Playcademy SDK] Error fetching or parsing manifest from ${manifestUrl}:`, {
-      error
-    });
-    throw new PlaycademyError("Failed to load or parse game manifest");
-  }
-}
-// src/core/static/init.ts
-async function getPlaycademyConfig(allowedParentOrigins) {
-  const preloaded = window.PLAYCADEMY;
-  if (preloaded?.token) {
-    return preloaded;
-  }
-  if (window.self !== window.top) {
-    return await waitForPlaycademyInit(allowedParentOrigins);
-  } else {
-    return createStandaloneConfig();
-  }
-}
-function getReferrerOrigin() {
-  try {
-    return document.referrer ? new URL(document.referrer).origin : null;
-  } catch {
-    return null;
-  }
-}
-function buildAllowedOrigins(explicit) {
-  if (Array.isArray(explicit) && explicit.length > 0)
-    return explicit;
-  const ref = getReferrerOrigin();
-  return ref ? [ref] : [];
-}
-function isOriginAllowed(origin, allowlist) {
-  if (window.location.hostname === "localhost" || window.location.hostname === "127.0.0.1") {
-    return true;
-  }
-  if (!allowlist || allowlist.length === 0) {
-    console.error("[Playcademy SDK] No allowed origins configured. Consider passing allowedParentOrigins explicitly to init().");
-    return false;
-  }
-  return allowlist.includes(origin);
-}
-async function waitForPlaycademyInit(allowedParentOrigins) {
-  return new Promise((resolve, reject) => {
-    let contextReceived = false;
-    const timeoutDuration = 5000;
-    const allowlist = buildAllowedOrigins(allowedParentOrigins);
-    let hasWarnedAboutUntrustedOrigin = false;
-    function warnAboutUntrustedOrigin(origin) {
-      if (hasWarnedAboutUntrustedOrigin)
-        return;
-      hasWarnedAboutUntrustedOrigin = true;
-      console.warn("[Playcademy SDK] Ignoring INIT from untrusted origin:", origin);
-    }
-    const handleMessage = (event) => {
-      if (event.data?.type !== "PLAYCADEMY_INIT" /* INIT */)
-        return;
-      if (!isOriginAllowed(event.origin, allowlist)) {
-        warnAboutUntrustedOrigin(event.origin);
-        return;
-      }
-      contextReceived = true;
-      window.removeEventListener("message", handleMessage);
-      clearTimeout(timeoutId);
-      window.PLAYCADEMY = event.data.payload;
-      resolve(event.data.payload);
-    };
-    window.addEventListener("message", handleMessage);
-    const timeoutId = setTimeout(() => {
-      if (!contextReceived) {
-        window.removeEventListener("message", handleMessage);
-        reject(new Error(`${"PLAYCADEMY_INIT" /* INIT */} not received within ${timeoutDuration}ms`));
-      }
-    }, timeoutDuration);
-  });
-}
-function createStandaloneConfig() {
-  console.debug("[Playcademy SDK] Standalone mode detected, creating mock context for sandbox development");
-  const mockConfig = {
-    baseUrl: "http://localhost:4321",
-    gameUrl: window.location.origin,
-    token: "mock-game-token-for-local-dev",
-    gameId: "mock-game-id-from-template",
-    realtimeUrl: undefined
-  };
-  window.PLAYCADEMY = mockConfig;
-  return mockConfig;
-}
-async function init(options) {
-  if (typeof window === "undefined") {
-    throw new Error("Playcademy SDK must run in a browser context");
-  }
-  const config = await getPlaycademyConfig(options?.allowedParentOrigins);
-  if (options?.baseUrl) {
-    config.baseUrl = options.baseUrl;
-  }
-  const client = new this({
-    baseUrl: config.baseUrl,
-    gameUrl: config.gameUrl,
-    token: config.token,
-    gameId: config.gameId,
-    autoStartSession: window.self !== window.top,
-    onDisconnect: options?.onDisconnect,
-    enableConnectionMonitoring: options?.enableConnectionMonitoring
-  });
-  client["initPayload"] = config;
-  messaging.listen("PLAYCADEMY_TOKEN_REFRESH" /* TOKEN_REFRESH */, ({ token }) => client.setToken(token));
-  messaging.send("PLAYCADEMY_READY" /* READY */, undefined);
-  return client;
-}
-// src/core/static/login.ts
-async function login(baseUrl, email, password) {
-  let url = baseUrl;
-  if (baseUrl.startsWith("/") && typeof window !== "undefined") {
-    url = window.location.origin + baseUrl;
-  }
-  url = url + "/auth/login";
-  const response = await fetch(url, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify({ email, password })
-  });
-  if (!response.ok) {
-    try {
-      const errorData = await response.json();
-      const errorMessage = errorData && errorData.message ? String(errorData.message) : response.statusText;
-      throw new PlaycademyError(errorMessage);
-    } catch (error) {
-      log.error("[Playcademy SDK] Failed to parse error response JSON, using status text instead:", { error });
-      throw new PlaycademyError(response.statusText);
-    }
-  }
-  return response.json();
-}
-// ../utils/src/random.ts
-async function generateSecureRandomString(length) {
-  const charset = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
-  const randomValues = new Uint8Array(length);
-  globalThis.crypto.getRandomValues(randomValues);
-  return Array.from(randomValues).map((byte) => charset[byte % charset.length]).join("");
-}
-// src/core/auth/oauth.ts
-function getTimebackConfig() {
-  return {
-    authorizationEndpoint: "https://alpha-auth-production-idp.auth.us-west-2.amazoncognito.com/oauth2/authorize",
-    tokenEndpoint: "https://alpha-auth-production-idp.auth.us-west-2.amazoncognito.com/oauth2/token",
-    scope: "openid email phone"
-  };
-}
-var OAUTH_CONFIGS = {
-  get TIMEBACK() {
-    return getTimebackConfig;
-  }
-};
-async function generateOAuthState(data) {
-  const csrfToken = await generateSecureRandomString(32);
-  if (data && Object.keys(data).length > 0) {
-    const jsonStr = JSON.stringify(data);
-    const base64 = btoa(jsonStr).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
-    return `${csrfToken}.${base64}`;
-  }
-  return csrfToken;
-}
-function parseOAuthState(state) {
-  const lastDotIndex = state.lastIndexOf(".");
-  if (lastDotIndex > 0 && lastDotIndex < state.length - 1) {
-    try {
-      const csrfToken = state.substring(0, lastDotIndex);
-      const base64 = state.substring(lastDotIndex + 1);
-      const base64WithPadding = base64.replace(/-/g, "+").replace(/_/g, "/");
-      const paddedBase64 = base64WithPadding + "=".repeat((4 - base64WithPadding.length % 4) % 4);
-      const jsonStr = atob(paddedBase64);
-      const data = JSON.parse(jsonStr);
-      return { csrfToken, data };
-    } catch {}
-  }
-  return { csrfToken: state };
-}
-function getOAuthConfig(provider) {
-  const configGetter = OAUTH_CONFIGS[provider];
-  if (!configGetter)
-    throw new Error(`Unsupported auth provider: ${provider}`);
-  return configGetter();
-}
-// src/core/static/identity.ts
-var identity = {
-  parseOAuthState
-};
-// src/core/auth/flows/popup.ts
-async function initiatePopupFlow(options) {
-  const { provider, callbackUrl, onStateChange, oauth } = options;
-  try {
-    onStateChange?.({
-      status: "opening_popup",
-      message: "Opening authentication window..."
-    });
-    const defaults = getOAuthConfig(provider);
-    const config = oauth ? { ...defaults, ...oauth } : defaults;
-    if (!config.clientId) {
-      throw new Error(`clientId is required for ${provider} authentication. ` + "Please provide it in the oauth parameter.");
-    }
-    const stateData = options.stateData;
-    const state = await generateOAuthState(stateData);
-    const params = new URLSearchParams({
-      response_type: "code",
-      client_id: config.clientId,
-      redirect_uri: callbackUrl,
-      state
-    });
-    if (config.scope) {
-      params.set("scope", config.scope);
-    }
-    const authUrl = `${config.authorizationEndpoint}?${params.toString()}`;
-    const popup = openPopupWindow(authUrl, "playcademy-auth");
-    if (!popup || popup.closed) {
-      throw new Error("Popup blocked. Please enable popups and try again.");
-    }
-    onStateChange?.({
-      status: "exchanging_token",
-      message: "Waiting for authentication..."
-    });
-    return await waitForServerMessage(popup, onStateChange);
-  } catch (error) {
-    const errorMessage = error instanceof Error ? error.message : "Authentication failed";
-    onStateChange?.({
-      status: "error",
-      message: errorMessage,
-      error: error instanceof Error ? error : new Error(errorMessage)
-    });
-    throw error;
-  }
-}
-async function waitForServerMessage(popup, onStateChange) {
-  return new Promise((resolve) => {
-    let resolved = false;
-    const handleMessage = (event) => {
-      if (event.origin !== window.location.origin)
-        return;
-      const data = event.data;
-      if (data?.type === "PLAYCADEMY_AUTH_STATE_CHANGE") {
-        resolved = true;
-        window.removeEventListener("message", handleMessage);
-        if (data.authenticated && data.user) {
-          onStateChange?.({
-            status: "complete",
-            message: "Authentication successful"
-          });
-          resolve({
-            success: true,
-            user: data.user
-          });
-        } else {
-          const error = new Error(data.error || "Authentication failed");
-          onStateChange?.({
-            status: "error",
-            message: error.message,
-            error
-          });
-          resolve({
-            success: false,
-            error
-          });
-        }
-      }
-    };
-    window.addEventListener("message", handleMessage);
-    const checkClosed = setInterval(() => {
-      if (popup.closed && !resolved) {
-        clearInterval(checkClosed);
-        window.removeEventListener("message", handleMessage);
-        const error = new Error("Authentication cancelled");
-        onStateChange?.({
-          status: "error",
-          message: error.message,
-          error
-        });
-        resolve({
-          success: false,
-          error
-        });
-      }
-    }, 500);
-    setTimeout(() => {
-      if (!resolved) {
-        window.removeEventListener("message", handleMessage);
-        clearInterval(checkClosed);
-        const error = new Error("Authentication timeout");
-        onStateChange?.({
-          status: "error",
-          message: error.message,
-          error
-        });
-        resolve({
-          success: false,
-          error
-        });
-      }
-    }, 5 * 60 * 1000);
-  });
-}
-// src/core/auth/flows/redirect.ts
-async function initiateRedirectFlow(options) {
-  const { provider, callbackUrl, onStateChange, oauth } = options;
-  try {
-    onStateChange?.({
-      status: "opening_popup",
-      message: "Redirecting to authentication provider..."
-    });
-    const defaults = getOAuthConfig(provider);
-    const config = oauth ? { ...defaults, ...oauth } : defaults;
-    if (!config.clientId) {
-      throw new Error(`clientId is required for ${provider} authentication. ` + "Please provide it in the oauth parameter.");
-    }
-    const stateData = options.stateData;
-    const state = await generateOAuthState(stateData);
-    const params = new URLSearchParams({
-      response_type: "code",
-      client_id: config.clientId,
-      redirect_uri: callbackUrl,
-      state
-    });
-    if (config.scope) {
-      params.set("scope", config.scope);
-    }
-    const authUrl = `${config.authorizationEndpoint}?${params.toString()}`;
-    window.location.href = authUrl;
-    return new Promise(() => {});
-  } catch (error) {
-    const errorMessage = error instanceof Error ? error.message : "Authentication failed";
-    onStateChange?.({
-      status: "error",
-      message: errorMessage,
-      error: error instanceof Error ? error : new Error(errorMessage)
-    });
-    throw error;
-  }
-}
-// src/core/auth/flows/unified.ts
-async function initiateUnifiedFlow(options) {
-  const { mode = "auto" } = options;
-  const effectiveMode = mode === "auto" ? isInIframe() ? "popup" : "redirect" : mode;
-  switch (effectiveMode) {
-    case "popup":
-      return initiatePopupFlow(options);
-    case "redirect":
-      return initiateRedirectFlow(options);
-    default:
-      throw new Error(`Unsupported authentication mode: ${effectiveMode}`);
-  }
-}
-// src/core/auth/login.ts
-async function login2(client, options) {
-  try {
-    let stateData = options.stateData;
-    if (!stateData) {
-      try {
-        const currentUser = await client.users.me();
-        if (currentUser?.id) {
-          stateData = { playcademy_user_id: currentUser.id };
-        }
-      } catch {
-        log.debug("[Playcademy SDK] No current user available for state data");
-      }
-    }
-    log.debug("[Playcademy SDK] Starting OAuth login", {
-      provider: options.provider,
-      mode: options.mode || "auto",
-      callbackUrl: options.callbackUrl,
-      hasStateData: !!stateData
-    });
-    const optionsWithState = {
-      ...options,
-      stateData
-    };
-    const result = await initiateUnifiedFlow(optionsWithState);
-    if (result.success && result.user) {
-      log.debug("[Playcademy SDK] OAuth login successful", {
-        userId: result.user.sub
-      });
-    }
-    return result;
-  } catch (error) {
-    log.error("[Playcademy SDK] OAuth login failed", { error });
-    const authError = error instanceof Error ? error : new Error("Authentication failed");
-    return {
-      success: false,
-      error: authError
+      success: false,
+      error: authError
     };
   }
 }
@@ -1243,49 +907,53 @@ function createRuntimeNamespace(client) {
       }
       return counts;
     },
-    assets: {
-      url(pathOrStrings, ...values) {
-        const gameUrl = client["initPayload"]?.gameUrl;
-        let path;
-        if (Array.isArray(pathOrStrings) && "raw" in pathOrStrings) {
-          const strings = pathOrStrings;
-          path = strings.reduce((acc, str, i) => {
-            return acc + str + (values[i] != null ? String(values[i]) : "");
-          }, "");
-        } else {
-          path = pathOrStrings;
-        }
-        if (!gameUrl) {
-          return path.startsWith("./") ? path : "./" + path;
-        }
-        const cleanPath = path.startsWith("./") ? path.slice(2) : path;
-        return gameUrl + cleanPath;
-      },
-      fetch: async (path, options) => {
-        const gameUrl = client["initPayload"]?.gameUrl;
-        if (!gameUrl) {
-          const relativePath = path.startsWith("./") ? path : "./" + path;
-          return fetch(relativePath, options);
-        }
-        const cleanPath = path.startsWith("./") ? path.slice(2) : path;
-        return fetch(gameUrl + cleanPath, options);
-      },
-      json: async (path) => {
-        const response = await client.runtime.assets.fetch(path);
-        return response.json();
-      },
-      blob: async (path) => {
-        const response = await client.runtime.assets.fetch(path);
-        return response.blob();
-      },
-      text: async (path) => {
-        const response = await client.runtime.assets.fetch(path);
-        return response.text();
-      },
-      arrayBuffer: async (path) => {
-        const response = await client.runtime.assets.fetch(path);
-        return response.arrayBuffer();
+    assets: createAssetsNamespace(client)
+  };
+}
+function createAssetsNamespace(client) {
+  const fetchAsset = async (path, options) => {
+    const gameUrl = client["initPayload"]?.gameUrl;
+    if (!gameUrl) {
+      const relativePath = path.startsWith("./") ? path : "./" + path;
+      return fetch(relativePath, options);
+    }
+    const cleanPath = path.startsWith("./") ? path.slice(2) : path;
+    return fetch(gameUrl + cleanPath, options);
+  };
+  return {
+    url(pathOrStrings, ...values) {
+      const gameUrl = client["initPayload"]?.gameUrl;
+      let path;
+      if (Array.isArray(pathOrStrings) && "raw" in pathOrStrings) {
+        const strings = pathOrStrings;
+        path = strings.reduce((acc, str, i) => {
+          return acc + str + (values[i] != null ? String(values[i]) : "");
+        }, "");
+      } else {
+        path = pathOrStrings;
+      }
+      if (!gameUrl) {
+        return path.startsWith("./") ? path : "./" + path;
       }
+      const cleanPath = path.startsWith("./") ? path.slice(2) : path;
+      return gameUrl + cleanPath;
+    },
+    fetch: fetchAsset,
+    json: async (path) => {
+      const response = await fetchAsset(path);
+      return response.json();
+    },
+    blob: async (path) => {
+      const response = await fetchAsset(path);
+      return response.blob();
+    },
+    text: async (path) => {
+      const response = await fetchAsset(path);
+      return response.text();
+    },
+    arrayBuffer: async (path) => {
+      const response = await fetchAsset(path);
+      return response.arrayBuffer();
     }
   };
 }
@@ -1324,530 +992,914 @@ function createBackendNamespace(client) {
         }, "");
         return `${client.gameUrl}/api${path2.startsWith("/") ? path2 : `/${path2}`}`;
       }
-      const path = pathOrStrings;
-      return `${client.gameUrl}/api${path.startsWith("/") ? path : `/${path}`}`;
+      const path = pathOrStrings;
+      return `${client.gameUrl}/api${path.startsWith("/") ? path : `/${path}`}`;
+    }
+  };
+}
+// src/core/cache/permanent-cache.ts
+function createPermanentCache(keyPrefix) {
+  const cache = new Map;
+  async function get(key, loader) {
+    const fullKey = keyPrefix ? `${keyPrefix}:${key}` : key;
+    const existing = cache.get(fullKey);
+    if (existing)
+      return existing;
+    const promise = loader().catch((error) => {
+      cache.delete(fullKey);
+      throw error;
+    });
+    cache.set(fullKey, promise);
+    return promise;
+  }
+  function clear(key) {
+    if (key === undefined) {
+      cache.clear();
+    } else {
+      const fullKey = keyPrefix ? `${keyPrefix}:${key}` : key;
+      cache.delete(fullKey);
+    }
+  }
+  function has(key) {
+    const fullKey = keyPrefix ? `${keyPrefix}:${key}` : key;
+    return cache.has(fullKey);
+  }
+  function size() {
+    return cache.size;
+  }
+  function keys() {
+    const result = [];
+    const prefixLen = keyPrefix ? keyPrefix.length + 1 : 0;
+    for (const fullKey of cache.keys()) {
+      result.push(fullKey.substring(prefixLen));
+    }
+    return result;
+  }
+  return { get, clear, has, size, keys };
+}
+// src/namespaces/game/users.ts
+function createUsersNamespace(client) {
+  const itemIdCache = createPermanentCache("items");
+  const UUID_REGEX = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+  const resolveItemId = async (identifier) => {
+    if (UUID_REGEX.test(identifier))
+      return identifier;
+    const gameId = client["gameId"];
+    const cacheKey = gameId ? `${identifier}:${gameId}` : identifier;
+    return itemIdCache.get(cacheKey, async () => {
+      const queryParams = new URLSearchParams({ slug: identifier });
+      if (gameId)
+        queryParams.append("gameId", gameId);
+      const item = await client["request"](`/items/resolve?${queryParams.toString()}`, "GET");
+      return item.id;
+    });
+  };
+  return {
+    me: async () => {
+      return client["request"]("/users/me", "GET");
+    },
+    inventory: {
+      get: async () => client["request"](`/inventory`, "GET"),
+      add: async (identifier, qty) => {
+        const itemId = await resolveItemId(identifier);
+        const res = await client["request"](`/inventory/add`, "POST", { body: { itemId, qty } });
+        client["emit"]("inventoryChange", {
+          itemId,
+          delta: qty,
+          newTotal: res.newTotal
+        });
+        return res;
+      },
+      remove: async (identifier, qty) => {
+        const itemId = await resolveItemId(identifier);
+        const res = await client["request"](`/inventory/remove`, "POST", { body: { itemId, qty } });
+        client["emit"]("inventoryChange", {
+          itemId,
+          delta: -qty,
+          newTotal: res.newTotal
+        });
+        return res;
+      },
+      quantity: async (identifier) => {
+        const itemId = await resolveItemId(identifier);
+        const inventory = await client["request"](`/inventory`, "GET");
+        const item = inventory.find((inv) => inv.item?.id === itemId);
+        return item?.quantity ?? 0;
+      },
+      has: async (identifier, minQuantity = 1) => {
+        const itemId = await resolveItemId(identifier);
+        const inventory = await client["request"](`/inventory`, "GET");
+        const item = inventory.find((inv) => inv.item?.id === itemId);
+        const qty = item?.quantity ?? 0;
+        return qty >= minQuantity;
+      }
+    }
+  };
+}
+// ../constants/src/achievements.ts
+var ACHIEVEMENT_IDS = {
+  PLAY_ANY_GAME_DAILY: "play_any_game_daily",
+  DAILY_CHEST_OPEN: "daily_chest_open",
+  LEADERBOARD_TOP3_DAILY: "leaderboard_top3_daily",
+  LEADERBOARD_TOP3_WEEKLY: "leaderboard_top3_weekly",
+  FIRST_SCORE_ANY_GAME: "first_score_any_game",
+  PERSONAL_BEST_ANY_GAME: "personal_best_any_game"
+};
+var ACHIEVEMENT_DEFINITIONS = [
+  {
+    id: ACHIEVEMENT_IDS.PLAY_ANY_GAME_DAILY,
+    title: "Play any game",
+    description: "Play any arcade game for at least 60 seconds in a single session.",
+    scope: "daily",
+    rewardCredits: 10,
+    limit: 1,
+    completionType: "time_played_session",
+    completionConfig: { minSeconds: 60 },
+    target: { anyArcadeGame: true },
+    active: true
+  },
+  {
+    id: ACHIEVEMENT_IDS.DAILY_CHEST_OPEN,
+    title: "Opened the daily chest",
+    description: "Find the chest on the map and open it to claim your reward.",
+    scope: "daily",
+    rewardCredits: 10,
+    limit: 1,
+    completionType: "interaction",
+    completionConfig: { triggerId: "bunny_chest" },
+    target: { map: "arcade" },
+    active: true
+  },
+  {
+    id: ACHIEVEMENT_IDS.LEADERBOARD_TOP3_DAILY,
+    title: "Daily Champion",
+    description: "Finish in the top 3 of any game leaderboard for the day.",
+    scope: "daily",
+    rewardCredits: 25,
+    limit: 1,
+    completionType: "leaderboard_rank",
+    completionConfig: {
+      rankRewards: [50, 30, 15]
+    },
+    target: { anyArcadeGame: true },
+    active: true
+  },
+  {
+    id: ACHIEVEMENT_IDS.LEADERBOARD_TOP3_WEEKLY,
+    title: "Weekly Legend",
+    description: "Finish in the top 3 of any game leaderboard for the week.",
+    scope: "weekly",
+    rewardCredits: 50,
+    limit: 1,
+    completionType: "leaderboard_rank",
+    completionConfig: {
+      rankRewards: [100, 60, 30]
+    },
+    target: { anyArcadeGame: true },
+    active: true
+  },
+  {
+    id: ACHIEVEMENT_IDS.FIRST_SCORE_ANY_GAME,
+    title: "First Score",
+    description: "Submit your first score in any arcade game.",
+    scope: "game",
+    rewardCredits: 5,
+    limit: 1,
+    completionType: "first_score",
+    completionConfig: {},
+    target: { anyArcadeGame: true },
+    active: true
+  },
+  {
+    id: ACHIEVEMENT_IDS.PERSONAL_BEST_ANY_GAME,
+    title: "Personal Best",
+    description: "Beat your personal best score in any arcade game.",
+    scope: "daily",
+    rewardCredits: 5,
+    limit: 3,
+    completionType: "personal_best",
+    completionConfig: {},
+    target: { anyArcadeGame: true },
+    active: true
+  }
+];
+// ../constants/src/typescript.ts
+var TSC_PACKAGE = "@typescript/native-preview";
+var USE_NATIVE_TSC = TSC_PACKAGE.includes("native-preview");
+// ../constants/src/overworld.ts
+var ITEM_SLUGS = {
+  PLAYCADEMY_CREDITS: "PLAYCADEMY_CREDITS",
+  PLAYCADEMY_XP: "PLAYCADEMY_XP",
+  FOUNDING_MEMBER_BADGE: "FOUNDING_MEMBER_BADGE",
+  EARLY_ADOPTER_BADGE: "EARLY_ADOPTER_BADGE",
+  FIRST_GAME_BADGE: "FIRST_GAME_BADGE",
+  COMMON_SWORD: "COMMON_SWORD",
+  SMALL_HEALTH_POTION: "SMALL_HEALTH_POTION",
+  SMALL_BACKPACK: "SMALL_BACKPACK",
+  LAVA_LAMP: "LAVA_LAMP",
+  BOOMBOX: "BOOMBOX",
+  CABIN_BED: "CABIN_BED"
+};
+var CURRENCIES = {
+  PRIMARY: ITEM_SLUGS.PLAYCADEMY_CREDITS,
+  XP: ITEM_SLUGS.PLAYCADEMY_XP
+};
+var BADGES = {
+  FOUNDING_MEMBER: ITEM_SLUGS.FOUNDING_MEMBER_BADGE,
+  EARLY_ADOPTER: ITEM_SLUGS.EARLY_ADOPTER_BADGE,
+  FIRST_GAME: ITEM_SLUGS.FIRST_GAME_BADGE
+};
+// ../constants/src/timeback.ts
+var TIMEBACK_ROUTES = {
+  END_ACTIVITY: "/integrations/timeback/end-activity"
+};
+// src/core/cache/singleton-cache.ts
+function createSingletonCache() {
+  let cachedValue;
+  let hasValue = false;
+  async function get(loader) {
+    if (hasValue) {
+      return cachedValue;
+    }
+    const value = await loader();
+    cachedValue = value;
+    hasValue = true;
+    return value;
+  }
+  function clear() {
+    cachedValue = undefined;
+    hasValue = false;
+  }
+  function has() {
+    return hasValue;
+  }
+  return { get, clear, has };
+}
+// src/namespaces/game/credits.ts
+function createCreditsNamespace(client) {
+  const creditsIdCache = createSingletonCache();
+  const getCreditsItemId = async () => {
+    return creditsIdCache.get(async () => {
+      const queryParams = new URLSearchParams({ slug: CURRENCIES.PRIMARY });
+      const creditsItem = await client["request"](`/items/resolve?${queryParams.toString()}`, "GET");
+      if (!creditsItem || !creditsItem.id) {
+        throw new Error("Playcademy Credits item not found in catalog");
+      }
+      return creditsItem.id;
+    });
+  };
+  return {
+    balance: async () => {
+      const inventory = await client["request"]("/inventory", "GET");
+      const primaryCurrencyInventoryItem = inventory.find((item) => item.item?.slug === CURRENCIES.PRIMARY);
+      return primaryCurrencyInventoryItem?.quantity ?? 0;
+    },
+    add: async (amount) => {
+      if (amount <= 0) {
+        throw new Error("Amount must be positive");
+      }
+      const creditsItemId = await getCreditsItemId();
+      const result = await client["request"]("/inventory/add", "POST", {
+        body: {
+          itemId: creditsItemId,
+          qty: amount
+        }
+      });
+      client["emit"]("inventoryChange", {
+        itemId: creditsItemId,
+        delta: amount,
+        newTotal: result.newTotal
+      });
+      return result.newTotal;
+    },
+    spend: async (amount) => {
+      if (amount <= 0) {
+        throw new Error("Amount must be positive");
+      }
+      const creditsItemId = await getCreditsItemId();
+      const result = await client["request"]("/inventory/remove", "POST", {
+        body: {
+          itemId: creditsItemId,
+          qty: amount
+        }
+      });
+      client["emit"]("inventoryChange", {
+        itemId: creditsItemId,
+        delta: -amount,
+        newTotal: result.newTotal
+      });
+      return result.newTotal;
+    }
+  };
+}
+// src/namespaces/game/scores.ts
+function createScoresNamespace(client) {
+  return {
+    submit: async (gameId, score, metadata) => {
+      return client["request"](`/games/${gameId}/scores`, "POST", {
+        body: {
+          score,
+          metadata
+        }
+      });
+    }
+  };
+}
+// src/namespaces/game/realtime.ts
+function createRealtimeNamespace(client) {
+  return {
+    token: {
+      get: async () => {
+        const endpoint = client["gameId"] ? `/games/${client["gameId"]}/realtime/token` : "/realtime/token";
+        return client["request"](endpoint, "POST");
+      }
     }
   };
 }
-// src/core/cache/permanent-cache.ts
-function createPermanentCache(keyPrefix) {
+// src/core/cache/ttl-cache.ts
+function createTTLCache(options) {
   const cache = new Map;
-  async function get(key, loader) {
+  const { ttl: defaultTTL, keyPrefix = "", onClear } = options;
+  async function get(key, loader, config) {
     const fullKey = keyPrefix ? `${keyPrefix}:${key}` : key;
-    const existing = cache.get(fullKey);
-    if (existing)
-      return existing;
+    const now = Date.now();
+    const effectiveTTL = config?.ttl !== undefined ? config.ttl : defaultTTL;
+    const force = config?.force || false;
+    const skipCache = config?.skipCache || false;
+    if (effectiveTTL === 0 || skipCache) {
+      return loader();
+    }
+    if (!force) {
+      const cached = cache.get(fullKey);
+      if (cached && cached.expiresAt > now) {
+        return cached.value;
+      }
+    }
     const promise = loader().catch((error) => {
       cache.delete(fullKey);
       throw error;
     });
-    cache.set(fullKey, promise);
+    cache.set(fullKey, {
+      value: promise,
+      expiresAt: now + effectiveTTL
+    });
     return promise;
   }
   function clear(key) {
     if (key === undefined) {
       cache.clear();
+      onClear?.();
     } else {
       const fullKey = keyPrefix ? `${keyPrefix}:${key}` : key;
       cache.delete(fullKey);
     }
   }
-  function has(key) {
-    const fullKey = keyPrefix ? `${keyPrefix}:${key}` : key;
-    return cache.has(fullKey);
-  }
   function size() {
     return cache.size;
   }
-  function keys() {
-    const result = [];
+  function prune() {
+    const now = Date.now();
+    for (const [key, entry] of cache.entries()) {
+      if (entry.expiresAt <= now) {
+        cache.delete(key);
+      }
+    }
+  }
+  function getKeys() {
+    const keys = [];
     const prefixLen = keyPrefix ? keyPrefix.length + 1 : 0;
     for (const fullKey of cache.keys()) {
-      result.push(fullKey.substring(prefixLen));
+      keys.push(fullKey.substring(prefixLen));
     }
-    return result;
+    return keys;
   }
-  return { get, clear, has, size, keys };
+  function has(key) {
+    const fullKey = keyPrefix ? `${keyPrefix}:${key}` : key;
+    const cached = cache.get(fullKey);
+    if (!cached)
+      return false;
+    const now = Date.now();
+    if (cached.expiresAt <= now) {
+      cache.delete(fullKey);
+      return false;
+    }
+    return true;
+  }
+  return { get, clear, size, prune, getKeys, has };
 }
-// src/namespaces/game/users.ts
-function createUsersNamespace(client) {
-  const itemIdCache = createPermanentCache("items");
-  const UUID_REGEX = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
-  const resolveItemId = async (identifier) => {
-    if (UUID_REGEX.test(identifier))
-      return identifier;
-    const gameId = client["gameId"];
-    const cacheKey = gameId ? `${identifier}:${gameId}` : identifier;
-    return itemIdCache.get(cacheKey, async () => {
-      const queryParams = new URLSearchParams({ slug: identifier });
-      if (gameId)
-        queryParams.append("gameId", gameId);
-      const item = await client["request"](`/items/resolve?${queryParams.toString()}`, "GET");
-      return item.id;
-    });
-  };
+// src/namespaces/game/timeback.ts
+function createTimebackNamespace(client) {
+  let currentActivity = null;
+  const userCache = createTTLCache({
+    ttl: 5 * 60 * 1000,
+    keyPrefix: "game.timeback.user"
+  });
+  const getTimeback = () => client["initPayload"]?.timeback;
   return {
-    me: async () => {
-      return client["request"]("/users/me", "GET");
+    get user() {
+      return {
+        get id() {
+          return getTimeback()?.id;
+        },
+        get role() {
+          return getTimeback()?.role;
+        },
+        get enrollments() {
+          return getTimeback()?.enrollments ?? [];
+        },
+        get organizations() {
+          return getTimeback()?.organizations ?? [];
+        },
+        fetch: async (options) => {
+          return userCache.get("current", async () => {
+            const response = await client["request"]("/timeback/user", "GET");
+            const initPayload = client["initPayload"];
+            if (initPayload) {
+              initPayload.timeback = response;
+            }
+            return {
+              id: response.id,
+              role: response.role,
+              enrollments: response.enrollments,
+              organizations: response.organizations
+            };
+          }, options);
+        }
+      };
     },
-    inventory: {
-      get: async () => client["request"](`/inventory`, "GET"),
-      add: async (identifier, qty) => {
-        const itemId = await resolveItemId(identifier);
-        const res = await client["request"](`/inventory/add`, "POST", { body: { itemId, qty } });
-        client["emit"]("inventoryChange", {
-          itemId,
-          delta: qty,
-          newTotal: res.newTotal
-        });
-        return res;
-      },
-      remove: async (identifier, qty) => {
-        const itemId = await resolveItemId(identifier);
-        const res = await client["request"](`/inventory/remove`, "POST", { body: { itemId, qty } });
-        client["emit"]("inventoryChange", {
-          itemId,
-          delta: -qty,
-          newTotal: res.newTotal
-        });
-        return res;
-      },
-      quantity: async (identifier) => {
-        const itemId = await resolveItemId(identifier);
-        const inventory = await client["request"](`/inventory`, "GET");
-        const item = inventory.find((inv) => inv.item?.id === itemId);
-        return item?.quantity ?? 0;
-      },
-      has: async (identifier, minQuantity = 1) => {
-        const itemId = await resolveItemId(identifier);
-        const inventory = await client["request"](`/inventory`, "GET");
-        const item = inventory.find((inv) => inv.item?.id === itemId);
-        const qty = item?.quantity ?? 0;
-        return qty >= minQuantity;
+    startActivity: (metadata) => {
+      currentActivity = {
+        startTime: Date.now(),
+        metadata,
+        pausedTime: 0,
+        pauseStartTime: null
+      };
+    },
+    pauseActivity: () => {
+      if (!currentActivity) {
+        throw new Error("No activity in progress. Call startActivity() before pauseActivity().");
+      }
+      if (currentActivity.pauseStartTime !== null) {
+        throw new Error("Activity is already paused.");
+      }
+      currentActivity.pauseStartTime = Date.now();
+    },
+    resumeActivity: () => {
+      if (!currentActivity) {
+        throw new Error("No activity in progress. Call startActivity() before resumeActivity().");
+      }
+      if (currentActivity.pauseStartTime === null) {
+        throw new Error("Activity is not paused.");
+      }
+      const pauseDuration = Date.now() - currentActivity.pauseStartTime;
+      currentActivity.pausedTime += pauseDuration;
+      currentActivity.pauseStartTime = null;
+    },
+    endActivity: async (data) => {
+      if (!currentActivity) {
+        throw new Error("No activity in progress. Call startActivity() before endActivity().");
+      }
+      if (currentActivity.pauseStartTime !== null) {
+        const pauseDuration = Date.now() - currentActivity.pauseStartTime;
+        currentActivity.pausedTime += pauseDuration;
+        currentActivity.pauseStartTime = null;
+      }
+      const endTime = Date.now();
+      const totalElapsed = endTime - currentActivity.startTime;
+      const activeTime = totalElapsed - currentActivity.pausedTime;
+      const durationSeconds = Math.floor(activeTime / 1000);
+      const { correctQuestions, totalQuestions } = data;
+      const request = {
+        activityData: currentActivity.metadata,
+        scoreData: {
+          correctQuestions,
+          totalQuestions
+        },
+        timingData: {
+          durationSeconds
+        },
+        xpEarned: data.xpAwarded,
+        masteredUnits: data.masteredUnits
+      };
+      try {
+        const response = await client["requestGameBackend"](TIMEBACK_ROUTES.END_ACTIVITY, "POST", request);
+        currentActivity = null;
+        return response;
+      } catch (error) {
+        currentActivity = null;
+        throw error;
       }
     }
   };
 }
-// ../constants/src/overworld.ts
-var ITEM_SLUGS = {
-  PLAYCADEMY_CREDITS: "PLAYCADEMY_CREDITS",
-  PLAYCADEMY_XP: "PLAYCADEMY_XP",
-  FOUNDING_MEMBER_BADGE: "FOUNDING_MEMBER_BADGE",
-  EARLY_ADOPTER_BADGE: "EARLY_ADOPTER_BADGE",
-  FIRST_GAME_BADGE: "FIRST_GAME_BADGE",
-  COMMON_SWORD: "COMMON_SWORD",
-  SMALL_HEALTH_POTION: "SMALL_HEALTH_POTION",
-  SMALL_BACKPACK: "SMALL_BACKPACK",
-  LAVA_LAMP: "LAVA_LAMP",
-  BOOMBOX: "BOOMBOX",
-  CABIN_BED: "CABIN_BED"
-};
-var CURRENCIES = {
-  PRIMARY: ITEM_SLUGS.PLAYCADEMY_CREDITS,
-  XP: ITEM_SLUGS.PLAYCADEMY_XP
-};
-var BADGES = {
-  FOUNDING_MEMBER: ITEM_SLUGS.FOUNDING_MEMBER_BADGE,
-  EARLY_ADOPTER: ITEM_SLUGS.EARLY_ADOPTER_BADGE,
-  FIRST_GAME: ITEM_SLUGS.FIRST_GAME_BADGE
-};
-// ../constants/src/timeback.ts
-var TIMEBACK_ROUTES = {
-  END_ACTIVITY: "/integrations/timeback/end-activity"
-};
-// src/core/cache/singleton-cache.ts
-function createSingletonCache() {
-  let cachedValue;
-  let hasValue = false;
-  async function get(loader) {
-    if (hasValue) {
-      return cachedValue;
-    }
-    const value = await loader();
-    cachedValue = value;
-    hasValue = true;
-    return value;
+// src/core/auth/strategies.ts
+class ApiKeyAuth {
+  apiKey;
+  constructor(apiKey) {
+    this.apiKey = apiKey;
+  }
+  getToken() {
+    return this.apiKey;
+  }
+  getType() {
+    return "apiKey";
+  }
+  getHeaders() {
+    return { "x-api-key": this.apiKey };
+  }
+}
+class SessionAuth {
+  sessionToken;
+  constructor(sessionToken) {
+    this.sessionToken = sessionToken;
+  }
+  getToken() {
+    return this.sessionToken;
+  }
+  getType() {
+    return "session";
+  }
+  getHeaders() {
+    return { Authorization: `Bearer ${this.sessionToken}` };
+  }
+}
+class GameJwtAuth {
+  gameToken;
+  constructor(gameToken) {
+    this.gameToken = gameToken;
+  }
+  getToken() {
+    return this.gameToken;
+  }
+  getType() {
+    return "gameJwt";
+  }
+  getHeaders() {
+    return { Authorization: `Bearer ${this.gameToken}` };
+  }
+}
+class NoAuth {
+  getToken() {
+    return null;
+  }
+  getType() {
+    return "session";
+  }
+  getHeaders() {
+    return {};
   }
-  function clear() {
-    cachedValue = undefined;
-    hasValue = false;
+}
+function createAuthStrategy(token, tokenType) {
+  if (!token) {
+    return new NoAuth;
   }
-  function has() {
-    return hasValue;
+  if (tokenType === "apiKey") {
+    return new ApiKeyAuth(token);
   }
-  return { get, clear, has };
+  if (tokenType === "session") {
+    return new SessionAuth(token);
+  }
+  if (tokenType === "gameJwt") {
+    return new GameJwtAuth(token);
+  }
+  if (token.startsWith("cademy")) {
+    return new ApiKeyAuth(token);
+  }
+  return new GameJwtAuth(token);
 }
-// src/namespaces/game/credits.ts
-function createCreditsNamespace(client) {
-  const creditsIdCache = createSingletonCache();
-  const getCreditsItemId = async () => {
-    return creditsIdCache.get(async () => {
-      const queryParams = new URLSearchParams({ slug: CURRENCIES.PRIMARY });
-      const creditsItem = await client["request"](`/items/resolve?${queryParams.toString()}`, "GET");
-      if (!creditsItem || !creditsItem.id) {
-        throw new Error("Playcademy Credits item not found in catalog");
+// src/core/connection/monitor.ts
+class ConnectionMonitor {
+  state = "online";
+  callbacks = new Set;
+  heartbeatInterval;
+  consecutiveFailures = 0;
+  isMonitoring = false;
+  config;
+  constructor(config) {
+    this.config = {
+      baseUrl: config.baseUrl,
+      heartbeatInterval: config.heartbeatInterval ?? 1e4,
+      heartbeatTimeout: config.heartbeatTimeout ?? 5000,
+      failureThreshold: config.failureThreshold ?? 2,
+      enableHeartbeat: config.enableHeartbeat ?? true,
+      enableOfflineEvents: config.enableOfflineEvents ?? true
+    };
+    this._detectInitialState();
+  }
+  start() {
+    if (this.isMonitoring)
+      return;
+    this.isMonitoring = true;
+    if (this.config.enableOfflineEvents && typeof window !== "undefined") {
+      window.addEventListener("online", this._handleOnline);
+      window.addEventListener("offline", this._handleOffline);
+    }
+    if (this.config.enableHeartbeat) {
+      this._startHeartbeat();
+    }
+  }
+  stop() {
+    if (!this.isMonitoring)
+      return;
+    this.isMonitoring = false;
+    if (typeof window !== "undefined") {
+      window.removeEventListener("online", this._handleOnline);
+      window.removeEventListener("offline", this._handleOffline);
+    }
+    if (this.heartbeatInterval) {
+      clearInterval(this.heartbeatInterval);
+      this.heartbeatInterval = undefined;
+    }
+  }
+  onChange(callback) {
+    this.callbacks.add(callback);
+    return () => this.callbacks.delete(callback);
+  }
+  getState() {
+    return this.state;
+  }
+  async checkNow() {
+    await this._performHeartbeat();
+    return this.state;
+  }
+  reportRequestFailure(error) {
+    const isNetworkError = error instanceof TypeError || error instanceof Error && error.message.includes("fetch");
+    if (!isNetworkError)
+      return;
+    this.consecutiveFailures++;
+    if (this.consecutiveFailures >= this.config.failureThreshold) {
+      this._setState("degraded", "Multiple consecutive request failures");
+    }
+  }
+  reportRequestSuccess() {
+    if (this.consecutiveFailures > 0) {
+      this.consecutiveFailures = 0;
+      if (this.state === "degraded") {
+        this._setState("online", "Requests succeeding again");
       }
-      return creditsItem.id;
-    });
+    }
+  }
+  _detectInitialState() {
+    if (typeof navigator !== "undefined" && !navigator.onLine) {
+      this.state = "offline";
+    }
+  }
+  _handleOnline = () => {
+    this.consecutiveFailures = 0;
+    this._setState("online", "Browser online event");
   };
-  return {
-    balance: async () => {
-      const inventory = await client["request"]("/inventory", "GET");
-      const primaryCurrencyInventoryItem = inventory.find((item) => item.item?.slug === CURRENCIES.PRIMARY);
-      return primaryCurrencyInventoryItem?.quantity ?? 0;
-    },
-    add: async (amount) => {
-      if (amount <= 0) {
-        throw new Error("Amount must be positive");
-      }
-      const creditsItemId = await getCreditsItemId();
-      const result = await client["request"]("/inventory/add", "POST", {
-        body: {
-          itemId: creditsItemId,
-          qty: amount
-        }
-      });
-      client["emit"]("inventoryChange", {
-        itemId: creditsItemId,
-        delta: amount,
-        newTotal: result.newTotal
+  _handleOffline = () => {
+    this._setState("offline", "Browser offline event");
+  };
+  _startHeartbeat() {
+    this._performHeartbeat();
+    this.heartbeatInterval = setInterval(() => {
+      this._performHeartbeat();
+    }, this.config.heartbeatInterval);
+  }
+  async _performHeartbeat() {
+    if (typeof navigator !== "undefined" && !navigator.onLine) {
+      return;
+    }
+    try {
+      const controller = new AbortController;
+      const timeoutId = setTimeout(() => controller.abort(), this.config.heartbeatTimeout);
+      const response = await fetch(`${this.config.baseUrl}/ping`, {
+        method: "GET",
+        signal: controller.signal,
+        cache: "no-store"
       });
-      return result.newTotal;
-    },
-    spend: async (amount) => {
-      if (amount <= 0) {
-        throw new Error("Amount must be positive");
-      }
-      const creditsItemId = await getCreditsItemId();
-      const result = await client["request"]("/inventory/remove", "POST", {
-        body: {
-          itemId: creditsItemId,
-          qty: amount
+      clearTimeout(timeoutId);
+      if (response.ok) {
+        this.consecutiveFailures = 0;
+        if (this.state !== "online") {
+          this._setState("online", "Heartbeat successful");
         }
-      });
-      client["emit"]("inventoryChange", {
-        itemId: creditsItemId,
-        delta: -amount,
-        newTotal: result.newTotal
-      });
-      return result.newTotal;
+      } else {
+        this._handleHeartbeatFailure("Heartbeat returned non-OK status");
+      }
+    } catch (error) {
+      this._handleHeartbeatFailure(error instanceof Error ? error.message : "Heartbeat failed");
     }
-  };
+  }
+  _handleHeartbeatFailure(reason) {
+    this.consecutiveFailures++;
+    if (this.consecutiveFailures >= this.config.failureThreshold) {
+      if (typeof navigator !== "undefined" && !navigator.onLine) {
+        this._setState("offline", reason);
+      } else {
+        this._setState("degraded", reason);
+      }
+    }
+  }
+  _setState(newState, reason) {
+    if (this.state === newState)
+      return;
+    const oldState = this.state;
+    this.state = newState;
+    console.debug(`[ConnectionMonitor] ${oldState} → ${newState}: ${reason}`);
+    this.callbacks.forEach((callback) => {
+      try {
+        callback(newState, reason);
+      } catch (error) {
+        console.error("[ConnectionMonitor] Error in callback:", error);
+      }
+    });
+  }
 }
-// src/namespaces/game/scores.ts
-function createScoresNamespace(client) {
-  return {
-    submit: async (gameId, score, metadata) => {
-      return client["request"](`/games/${gameId}/scores`, "POST", {
-        body: {
-          score,
-          metadata
-        }
-      });
+// src/core/connection/utils.ts
+function createDisplayAlert(authContext) {
+  return (message, options) => {
+    if (authContext?.isInIframe && typeof window !== "undefined" && window.parent !== window) {
+      window.parent.postMessage({
+        type: "PLAYCADEMY_DISPLAY_ALERT",
+        message,
+        options
+      }, "*");
+    } else {
+      const prefix = options?.type === "error" ? "❌" : options?.type === "warning" ? "⚠️" : "ℹ️";
+      console.log(`${prefix} ${message}`);
     }
   };
 }
-// src/namespaces/game/realtime.client.ts
-var CLOSE_CODES = {
-  NORMAL_CLOSURE: 1000,
-  TOKEN_REFRESH: 4000
-};
-class RealtimeChannelClient {
-  gameId;
-  _channelName;
-  getToken;
-  baseUrl;
-  ws;
-  listeners = new Set;
-  isClosing = false;
-  tokenRefreshUnsubscribe;
-  constructor(gameId, _channelName, getToken, baseUrl) {
-    this.gameId = gameId;
-    this._channelName = _channelName;
-    this.getToken = getToken;
-    this.baseUrl = baseUrl;
-  }
-  async connect() {
-    try {
-      const token = await this.getToken();
-      let wsBase;
-      if (/^ws(s)?:\/\//.test(this.baseUrl)) {
-        wsBase = this.baseUrl;
-      } else if (/^http(s)?:\/\//.test(this.baseUrl)) {
-        wsBase = this.baseUrl.replace(/^http/, "ws");
-      } else {
-        const isBrowser2 = typeof window !== "undefined";
-        if (isBrowser2) {
-          const proto = window.location.protocol === "https:" ? "wss" : "ws";
-          wsBase = `${proto}://${window.location.host}${this.baseUrl}`;
-        } else {
-          wsBase = `ws://${this.baseUrl.replace(/^\//, "")}`;
-        }
-      }
-      const url = new URL(wsBase);
-      url.searchParams.set("token", token);
-      url.searchParams.set("c", this._channelName);
-      this.ws = new WebSocket(url);
-      this.setupEventHandlers();
-      this.setupTokenRefreshListener();
-      await new Promise((resolve, reject) => {
-        if (!this.ws) {
-          reject(new Error("WebSocket creation failed"));
-          return;
-        }
-        const onOpen = () => {
-          this.ws?.removeEventListener("open", onOpen);
-          this.ws?.removeEventListener("error", onError);
-          resolve();
-        };
-        const onError = (event) => {
-          this.ws?.removeEventListener("open", onOpen);
-          this.ws?.removeEventListener("error", onError);
-          reject(new Error(`WebSocket connection failed: ${event}`));
-        };
-        this.ws.addEventListener("open", onOpen);
-        this.ws.addEventListener("error", onError);
-      });
-      log.debug("[RealtimeChannelClient] Connected to channel", {
-        gameId: this.gameId,
-        channel: this._channelName
-      });
-      return this;
-    } catch (error) {
-      log.error("[RealtimeChannelClient] Connection failed", {
-        gameId: this.gameId,
-        channel: this._channelName,
-        error
-      });
-      throw error;
+// src/core/connection/manager.ts
+class ConnectionManager {
+  monitor;
+  authContext;
+  disconnectHandler;
+  connectionChangeCallback;
+  currentState = "online";
+  additionalDisconnectHandlers = new Set;
+  constructor(config) {
+    this.authContext = config.authContext;
+    this.disconnectHandler = config.onDisconnect;
+    this.connectionChangeCallback = config.onConnectionChange;
+    if (config.authContext?.isInIframe) {
+      this._setupPlatformListener();
     }
   }
-  setupEventHandlers() {
-    if (!this.ws)
-      return;
-    this.ws.onmessage = (event) => {
-      try {
-        const data = JSON.parse(event.data);
-        this.listeners.forEach((callback) => {
-          try {
-            callback(data);
-          } catch (error) {
-            log.warn("[RealtimeChannelClient] Message listener error", {
-              channel: this._channelName,
-              error
-            });
-          }
-        });
-      } catch (error) {
-        log.warn("[RealtimeChannelClient] Failed to parse message", {
-          channel: this._channelName,
-          message: event.data,
-          error
-        });
-      }
-    };
-    this.ws.onclose = (event) => {
-      log.debug("[RealtimeChannelClient] Connection closed", {
-        channel: this._channelName,
-        code: event.code,
-        reason: event.reason,
-        wasClean: event.wasClean
-      });
-      if (!this.isClosing && event.code !== CLOSE_CODES.TOKEN_REFRESH) {
-        log.warn("[RealtimeChannelClient] Unexpected disconnection", {
-          channel: this._channelName,
-          code: event.code,
-          reason: event.reason
-        });
-      }
-    };
-    this.ws.onerror = (event) => {
-      log.error("[RealtimeChannelClient] WebSocket error", {
-        channel: this._channelName,
-        event
-      });
-    };
+  getState() {
+    return this.monitor?.getState() ?? this.currentState;
   }
-  setupTokenRefreshListener() {
-    const tokenRefreshHandler = async ({ token }) => {
-      log.debug("[RealtimeChannelClient] Token refresh received, reconnecting", {
-        channel: this._channelName
-      });
-      try {
-        await this.reconnectWithNewToken(token);
-      } catch (error) {
-        log.error("[RealtimeChannelClient] Token refresh reconnection failed", {
-          channel: this._channelName,
-          error
-        });
-      }
-    };
-    messaging.listen("PLAYCADEMY_TOKEN_REFRESH" /* TOKEN_REFRESH */, tokenRefreshHandler);
-    this.tokenRefreshUnsubscribe = () => {
-      messaging.unlisten("PLAYCADEMY_TOKEN_REFRESH" /* TOKEN_REFRESH */, tokenRefreshHandler);
+  async checkNow() {
+    if (!this.monitor) {
+      return this.currentState;
+    }
+    return await this.monitor.checkNow();
+  }
+  reportRequestSuccess() {
+    this.monitor?.reportRequestSuccess();
+  }
+  reportRequestFailure(error) {
+    this.monitor?.reportRequestFailure(error);
+  }
+  onDisconnect(callback) {
+    this.additionalDisconnectHandlers.add(callback);
+    return () => {
+      this.additionalDisconnectHandlers.delete(callback);
     };
   }
-  async reconnectWithNewToken(_token) {
-    if (this.ws && this.ws.readyState === WebSocket.OPEN) {
-      this.ws.close(CLOSE_CODES.TOKEN_REFRESH, "token_refresh");
-      await new Promise((resolve) => {
-        const checkClosed = () => {
-          if (!this.ws || this.ws.readyState === WebSocket.CLOSED) {
-            resolve();
-          } else {
-            setTimeout(checkClosed, 10);
-          }
-        };
-        checkClosed();
-      });
-    }
-    await this.connect();
+  stop() {
+    this.monitor?.stop();
   }
-  send(data) {
-    if (this.ws?.readyState === WebSocket.OPEN) {
-      try {
-        const message = JSON.stringify(data);
-        this.ws.send(message);
-      } catch (error) {
-        log.error("[RealtimeChannelClient] Failed to send message", {
-          channel: this._channelName,
-          error,
-          data
-        });
+  _setupPlatformListener() {
+    messaging.listen("PLAYCADEMY_CONNECTION_STATE" /* CONNECTION_STATE */, ({ state, reason }) => {
+      this.currentState = state;
+      this._handleConnectionChange(state, reason);
+    });
+  }
+  _handleConnectionChange(state, reason) {
+    this.connectionChangeCallback?.(state, reason);
+    if (state === "offline" || state === "degraded") {
+      const context = {
+        state,
+        reason,
+        timestamp: Date.now(),
+        displayAlert: createDisplayAlert(this.authContext)
+      };
+      if (this.disconnectHandler) {
+        this.disconnectHandler(context);
       }
-    } else {
-      log.warn("[RealtimeChannelClient] Cannot send message - connection not open", {
-        channel: this._channelName,
-        readyState: this.ws?.readyState
+      this.additionalDisconnectHandlers.forEach((handler) => {
+        handler(context);
       });
     }
   }
-  onMessage(callback) {
-    this.listeners.add(callback);
-    return () => this.listeners.delete(callback);
+}
+// src/core/request.ts
+function checkDevWarnings(data) {
+  if (!data || typeof data !== "object")
+    return;
+  const response = data;
+  const warningType = response.__playcademyDevWarning;
+  if (!warningType)
+    return;
+  switch (warningType) {
+    case "timeback-not-configured":
+      console.warn("%c⚠️ TimeBack Not Configured", "background: #f59e0b; color: white; padding: 6px 12px; border-radius: 4px; font-weight: bold; font-size: 13px");
+      console.log("%cTimeBack is configured in playcademy.config.js but the sandbox does not have TimeBack credentials.", "color: #f59e0b; font-weight: 500");
+      console.log("To test TimeBack locally:");
+      console.log("  Set the following environment variables:");
+      console.log("    • %cTIMEBACK_ONEROSTER_API_URL", "color: #0ea5e9; font-weight: 600; font-family: monospace");
+      console.log("    • %cTIMEBACK_CALIPER_API_URL", "color: #0ea5e9; font-weight: 600; font-family: monospace");
+      console.log("    • %cTIMEBACK_API_CLIENT_ID/SECRET", "color: #0ea5e9; font-weight: 600; font-family: monospace");
+      console.log("  Or deploy your game: %cplaycademy deploy", "color: #10b981; font-weight: 600; font-family: monospace");
+      console.log("  Or wait for %c@superbuilders/timeback-local%c (coming soon)", "color: #8b5cf6; font-weight: 600; font-family: monospace", "color: inherit");
+      break;
+    default:
+      console.warn(`[Playcademy Dev Warning] ${warningType}`);
+  }
+}
+function prepareRequestBody(body, headers) {
+  if (body instanceof FormData) {
+    return body;
   }
-  close() {
-    this.isClosing = true;
-    if (this.tokenRefreshUnsubscribe) {
-      this.tokenRefreshUnsubscribe();
-      this.tokenRefreshUnsubscribe = undefined;
-    }
-    if (this.ws) {
-      this.ws.close(CLOSE_CODES.NORMAL_CLOSURE, "client_close");
-      this.ws = undefined;
+  if (body instanceof ArrayBuffer || body instanceof Blob || ArrayBuffer.isView(body)) {
+    if (!headers["Content-Type"]) {
+      headers["Content-Type"] = "application/octet-stream";
     }
-    this.listeners.clear();
-    log.debug("[RealtimeChannelClient] Channel closed", {
-      channel: this._channelName
-    });
-  }
-  get channelName() {
-    return this._channelName;
+    return body;
   }
-  get isConnected() {
-    return this.ws?.readyState === WebSocket.OPEN;
+  if (body !== undefined && body !== null) {
+    headers["Content-Type"] = "application/json";
+    return JSON.stringify(body);
   }
+  return;
 }
-// src/namespaces/game/realtime.ts
-function createRealtimeNamespace(client) {
-  return {
-    token: {
-      get: async () => {
-        const endpoint = client["gameId"] ? `/games/${client["gameId"]}/realtime/token` : "/realtime/token";
-        return client["request"](endpoint, "POST");
-      }
-    },
-    async open(channel = "default", url) {
-      if (!client["gameId"]) {
-        throw new Error("gameId is required for realtime channels");
-      }
-      let wsBaseUrl = url;
-      if (!wsBaseUrl && typeof window !== "undefined") {
-        const ctx = window.PLAYCADEMY;
-        if (ctx?.realtimeUrl) {
-          wsBaseUrl = ctx.realtimeUrl;
-        }
-      }
-      const realtimeClient = new RealtimeChannelClient(client["gameId"], channel, () => client.realtime.token.get().then((r) => r.token), wsBaseUrl ?? client.getBaseUrl());
-      return realtimeClient.connect();
+async function request({
+  path,
+  baseUrl,
+  method = "GET",
+  body,
+  extraHeaders = {},
+  raw = false
+}) {
+  const url = baseUrl.replace(/\/$/, "") + (path.startsWith("/") ? path : `/${path}`);
+  const headers = { ...extraHeaders };
+  const payload = prepareRequestBody(body, headers);
+  const res = await fetch(url, {
+    method,
+    headers,
+    body: payload,
+    credentials: "omit"
+  });
+  if (raw) {
+    return res;
+  }
+  if (!res.ok) {
+    const clonedRes = res.clone();
+    const errorBody = await clonedRes.json().catch(() => clonedRes.text().catch(() => {
+      return;
+    })) ?? undefined;
+    throw ApiError.fromResponse(res.status, res.statusText, errorBody);
+  }
+  if (res.status === 204)
+    return;
+  const contentType = res.headers.get("content-type") ?? "";
+  if (contentType.includes("application/json")) {
+    try {
+      const parsed = await res.json();
+      checkDevWarnings(parsed);
+      return parsed;
+    } catch (err) {
+      if (err instanceof SyntaxError)
+        return;
+      throw err;
     }
-  };
+  }
+  const rawText = await res.text().catch(() => "");
+  return rawText && rawText.length > 0 ? rawText : undefined;
 }
-// src/namespaces/game/timeback.ts
-function createTimebackNamespace(client) {
-  let currentActivity = null;
-  return {
-    startActivity: (metadata) => {
-      currentActivity = {
-        startTime: Date.now(),
-        metadata,
-        pausedTime: 0,
-        pauseStartTime: null
-      };
-    },
-    pauseActivity: () => {
-      if (!currentActivity) {
-        throw new Error("No activity in progress. Call startActivity() before pauseActivity().");
-      }
-      if (currentActivity.pauseStartTime !== null) {
-        throw new Error("Activity is already paused.");
-      }
-      currentActivity.pauseStartTime = Date.now();
-    },
-    resumeActivity: () => {
-      if (!currentActivity) {
-        throw new Error("No activity in progress. Call startActivity() before resumeActivity().");
-      }
-      if (currentActivity.pauseStartTime === null) {
-        throw new Error("Activity is not paused.");
-      }
-      const pauseDuration = Date.now() - currentActivity.pauseStartTime;
-      currentActivity.pausedTime += pauseDuration;
-      currentActivity.pauseStartTime = null;
-    },
-    endActivity: async (data) => {
-      if (!currentActivity) {
-        throw new Error("No activity in progress. Call startActivity() before endActivity().");
-      }
-      if (currentActivity.pauseStartTime !== null) {
-        const pauseDuration = Date.now() - currentActivity.pauseStartTime;
-        currentActivity.pausedTime += pauseDuration;
-        currentActivity.pauseStartTime = null;
-      }
-      const endTime = Date.now();
-      const totalElapsed = endTime - currentActivity.startTime;
-      const activeTime = totalElapsed - currentActivity.pausedTime;
-      const durationSeconds = Math.floor(activeTime / 1000);
-      const { correctQuestions, totalQuestions } = data;
-      const request2 = {
-        activityData: currentActivity.metadata,
-        scoreData: {
-          correctQuestions,
-          totalQuestions
-        },
-        timingData: {
-          durationSeconds
-        },
-        xpEarned: data.xpAwarded,
-        masteredUnits: data.masteredUnits
-      };
-      try {
-        const response = await client["requestGameBackend"](TIMEBACK_ROUTES.END_ACTIVITY, "POST", request2);
-        currentActivity = null;
-        return response;
-      } catch (error) {
-        currentActivity = null;
-        throw error;
-      }
+async function fetchManifest(deploymentUrl) {
+  const manifestUrl = `${deploymentUrl.replace(/\/$/, "")}/playcademy.manifest.json`;
+  try {
+    const response = await fetch(manifestUrl);
+    if (!response.ok) {
+      log.error(`[fetchManifest] Failed to fetch manifest from ${manifestUrl}. Status: ${response.status}`);
+      throw new PlaycademyError(`Failed to fetch manifest: ${response.status} ${response.statusText}`);
     }
-  };
+    return await response.json();
+  } catch (error) {
+    if (error instanceof PlaycademyError) {
+      throw error;
+    }
+    log.error(`[Playcademy SDK] Error fetching or parsing manifest from ${manifestUrl}:`, {
+      error
+    });
+    throw new PlaycademyError("Failed to load or parse game manifest");
+  }
 }
-// src/clients/public.ts
-class PlaycademyClient {
+// src/clients/base.ts
+class PlaycademyBaseClient {
   baseUrl;
   gameUrl;
   authStrategy;
@@ -2025,9 +2077,13 @@ class PlaycademyClient {
       });
     }
   }
+  users = createUsersNamespace(this);
+}
+// src/clients/public.ts
+class PlaycademyClient extends PlaycademyBaseClient {
   identity = createIdentityNamespace(this);
   runtime = createRuntimeNamespace(this);
-  users = createUsersNamespace(this);
   timeback = createTimebackNamespace(this);
   credits = createCreditsNamespace(this);
   scores = createScoresNamespace(this);