@prove-identity/prove-auth 2.4.5 → 2.7.1

package/build/bundle/release/prove-auth.js

@@ -1 +0,0 @@
-!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.proveAuth=t():e.proveAuth=t()}(self,(()=>(()=>{"use strict";var e={2715:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.LoggerFactory=t.LogLevel=void 0,function(e){e[e.disabled=0]="disabled",e[e.error=1]="error",e[e.warn=2]="warn",e[e.info=3]="info",e[e.debug=4]="debug",e[e.trace=5]="trace"}(r=t.LogLevel||(t.LogLevel={}));class i{static setLogLevel(e){i.logLevel=e}static setLogWriter(e){i.logWriter=e}static getLogger(e){return{trace:(...e)=>{i.logLevel>=r.trace&&i.logWriter.write(r.trace,...e)},debug:(...e)=>{i.logLevel>=r.debug&&i.logWriter.write(r.debug,...e)},info:(...e)=>{i.logLevel>=r.info&&i.logWriter.write(r.info,...e)},warn:(...e)=>{i.logLevel>=r.warn&&i.logWriter.write(r.warn,...e)},error:(...e)=>{i.logLevel>=r.error&&i.logWriter.write(r.error,...e)}}}}i.logWriter=new class{write(e,...t){switch(e){case r.trace:case r.debug:console.debug(...t);break;case r.info:console.info(...t);break;case r.warn:console.warn(...t);break;case r.error:console.error(...t)}}},i.logLevel=r.info,t.LoggerFactory=i},8266:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.LogLevel=t.LoggerFactory=t.DeviceDescriptor=t.StepCode=t.ErrorCode=t.AuthenticatorBuilder=t.VERSION_CODE=t.VERSION_NAME=void 0;const n=r(9843);Object.defineProperty(t,"VERSION_NAME",{enumerable:!0,get:function(){return n.VERSION_NAME}}),Object.defineProperty(t,"VERSION_CODE",{enumerable:!0,get:function(){return n.VERSION_CODE}});const o=i(r(7460));t.AuthenticatorBuilder=o.default;const s=r(6639);Object.defineProperty(t,"ErrorCode",{enumerable:!0,get:function(){return s.ErrorCode}});const a=r(2400);Object.defineProperty(t,"StepCode",{enumerable:!0,get:function(){return a.StepCode}});const c=i(r(79));t.DeviceDescriptor=c.default;const l=r(2715);Object.defineProperty(t,"LoggerFactory",{enumerable:!0,get:function(){return l.LoggerFactory}}),Object.defineProperty(t,"LogLevel",{enumerable:!0,get:function(){return l.LogLevel}})},7460:function(e,t,r){var i=this&&this.__createBinding||(Object.create?function(e,t,r,i){void 0===i&&(i=r);var n=Object.getOwnPropertyDescriptor(t,r);n&&!("get"in n?!t.__esModule:n.writable||n.configurable)||(n={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,i,n)}:function(e,t,r,i){void 0===i&&(i=r),e[i]=t[r]}),n=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t}),o=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var r in e)"default"!==r&&Object.prototype.hasOwnProperty.call(e,r)&&i(t,e,r);return n(t,e),t},s=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const a=s(r(3060)),c=s(r(7834)),l=s(r(7747)),u=s(r(5386)),d=s(r(689)),h=s(r(4670)),f=o(r(9134));function g(e){return"function"==typeof e?{execute:t=>e(t)}:e}t.default=class{constructor(e){this._deviceIpDetection=!1,this._timeout=0,this._config=e||new a.default}withStartStep(e){return this._startStep=g(e),this}withFinishStep(e){return this._finishStep=g(e),this}withPixelImplementation(){return this._authStep=void 0,this}withFetchImplementation(){return this._authStep=new l.default,this}withPassiveImplementation(){return this._authStep=new h.default,this}withDeviceIpDetection(e=!0){return this._deviceIpDetection=e,this}withTimeout(e){return this._timeout=e,this}build(){let e=this._authStep;const t=this._startStep;let r=this._finishStep;e||(e=new f.default,r=new f.PixelFinishStep);const i=this._deviceIpDetection?new u.default:new d.default;if(!t)throw new Error("Start step is required");if(!r)throw new Error("Finish step is required");return new c.default(i,t,e,r,this._timeout)}}},6639:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.ErrorCode=void 0,(r=t.ErrorCode||(t.ErrorCode={}))[r.GENERIC_UNKNOWN_REASON=0]="GENERIC_UNKNOWN_REASON",r[r.GENERIC_TIMEOUT=1]="GENERIC_TIMEOUT",r[r.GENERIC_INVALID_STATE=2]="GENERIC_INVALID_STATE",r[r.GENERIC_COMMUNICATION_ERROR=3]="GENERIC_COMMUNICATION_ERROR",r[r.PRE_CHECK_AIRPLANE_MODE_ENABLED=17]="PRE_CHECK_AIRPLANE_MODE_ENABLED",r[r.PRE_CHECK_NO_CELLULAR_RADIO=18]="PRE_CHECK_NO_CELLULAR_RADIO",r[r.PRE_CHECK_NO_CELLULAR_CONNECTION=19]="PRE_CHECK_NO_CELLULAR_CONNECTION",r[r.PRE_CHECK_WIFI_CALLING_ENABLED=20]="PRE_CHECK_WIFI_CALLING_ENABLED",r[r.PRE_CHECK_WIFI_CANNOT_BE_OVERRIDDEN=21]="PRE_CHECK_WIFI_CANNOT_BE_OVERRIDDEN",r[r.AUTH_MALFORMED_INPUT_DATA=65]="AUTH_MALFORMED_INPUT_DATA",r[r.AUTH_BAD_CREDENTIALS=66]="AUTH_BAD_CREDENTIALS",r[r.AUTH_VFP_KEY_EXPIRED=67]="AUTH_VFP_KEY_EXPIRED",r[r.AUTH_INVALID_RESPONSE=68]="AUTH_INVALID_RESPONSE"},6902:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r extends Error{constructor(e,...t){super(...t),this.errorCode=e,Error.captureStackTrace&&Error.captureStackTrace(this,r),this.name="AuthLocalError",this.errorCode=e}}t.default=r},7747:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=n(r(8498)),s=n(r(5112)),a=n(r(5030)),c=r(2715),l=r(6458);t.default=class{constructor(){this.logger=c.LoggerFactory.getLogger("fetch-authentication-step")}execute(e){return i(this,void 0,void 0,(function*(){this.logger.info("use fetch");const t=(0,l.toURL)(e.authUrl);let r;return t.searchParams.get("testVfp")?(this.logger.info("test flow detected"),r=a.default.create(t)):"2"===t.searchParams.get("pfflow")?(this.logger.info("flow v2 detected"),r=s.default.create(t)):(this.logger.info("flow v1 detected"),r=o.default.create(t)),{vfp:yield r.handle()}}))}}},5030:function(e,t){var r=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:!0});class i{static create(e){var t,r,n;const o=null!==(r=parseInt(null!==(t=e.searchParams.get("delay"))&&void 0!==t?t:"0"))&&void 0!==r?r:0,s=null!==(n=e.searchParams.get("testVfp"))&&void 0!==n?n:"";return new i(s,o)}constructor(e,t){this.testVfp=e,this.delay=t}handle(){return r(this,void 0,void 0,(function*(){return new Promise((e=>{setTimeout((()=>e(this.testVfp)),this.delay)}))}))}}t.default=i},6458:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.RawURL=t.Base64=t.fetchAuth=t.handleHttpError=t.toURL=void 0;const o=r(2715),s=r(6639),a=r(9843),c=n(r(6902));t.toURL=function(e){try{return new l(e)}catch(t){throw new c.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Malformed url "+e)}},t.handleHttpError=function(e){return i(this,void 0,void 0,(function*(){const t=e.status;switch(t){case 404:throw new c.default(s.ErrorCode.AUTH_BAD_CREDENTIALS);case 410:throw new c.default(s.ErrorCode.AUTH_VFP_KEY_EXPIRED);default:let r;try{r=(yield e.json()).error}catch(e){}throw new c.default(s.ErrorCode.AUTH_INVALID_RESPONSE,r||`http error (${e.statusText} , code = ${t})`)}}))},t.fetchAuth=function(e,t){var r;const i=o.LoggerFactory.getLogger("http-client"),n=null!=t?t:{},l=null!==(r=n.method)&&void 0!==r?r:"GET";if(i.debug(`${l} ${e} ${e.protocol}`),"http:"===e.protocol)throw new c.default(s.ErrorCode.GENERIC_INVALID_STATE,`Web SDK cannot make http request [${e}]`);const u={};let d;return e.searchParams.set("sdkVersion",a.VERSION_NAME),"object"==typeof n.body&&(u["Content-Type"]="application/json",d=JSON.stringify(n.body)),d&&i.debug(`request body: ${d}`),fetch(e.toString(),{method:l,mode:"cors",headers:u,body:d}).then((e=>(i.debug(`${e.status} ${e.statusText}`),e)))},t.Base64=new class{constructor(){this.PADCHAR="=",this.ALPHA="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"}getByte(e,t){return e.charCodeAt(t)}getByte64(e,t){return this.ALPHA.indexOf(e.charAt(t))}_decode(e){let t,r,i=0,n=e.length,o=[];if(e=String(e),0===n)return e;for(e.charAt(n-1)===this.PADCHAR&&(i=1,e.charAt(n-2)===this.PADCHAR&&(i=2),n-=4),t=0;t<n;t+=4)r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12|this.getByte64(e,t+2)<<6|this.getByte64(e,t+3),o.push(String.fromCharCode(r>>16,r>>8&255,255&r));switch(i){case 1:r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12|this.getByte64(e,t+2)<<6,o.push(String.fromCharCode(r>>16,r>>8&255));break;case 2:r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12,o.push(String.fromCharCode(r>>16))}return o.join("")}_encode(e){let t,r,i=[],n=(e=String(e)).length-e.length%3;if(0===e.length)return e;for(t=0;t<n;t+=3)r=this.getByte(e,t)<<16|this.getByte(e,t+1)<<8|this.getByte(e,t+2),i.push(this.ALPHA.charAt(r>>18)),i.push(this.ALPHA.charAt(r>>12&63)),i.push(this.ALPHA.charAt(r>>6&63)),i.push(this.ALPHA.charAt(63&r));switch(e.length-n){case 1:r=this.getByte(e,t)<<16,i.push(this.ALPHA.charAt(r>>18)+this.ALPHA.charAt(r>>12&63)+this.PADCHAR+this.PADCHAR);break;case 2:r=this.getByte(e,t)<<16|this.getByte(e,t+1)<<8,i.push(this.ALPHA.charAt(r>>18)+this.ALPHA.charAt(r>>12&63)+this.ALPHA.charAt(r>>6&63)+this.PADCHAR)}return i.join("")}decode(e,t=!0){return e=t?e.replace(".","+").replace("_","/").replace("-","="):e,this._decode(e)}encode(e,t=!0){const r=this._encode(e);return t?r.replace("+",".").replace("/","_").replace("=","-"):r}};class l{constructor(e){this.url=e,this.params=[],this.searchParams={get:e=>this._get(e),getAll:e=>this._getAll(e),set:(e,t,r=!1)=>this._set(e,t,r)};const t=new URL(e);this.protocol=t.protocol;for(const e of t.searchParams.keys())this.params.push({key:e,values:t.searchParams.getAll(e),encode:!1})}_set(e,t,r=!1){const i=this.params.findIndex((t=>t.key===e));-1===i?this.params.push({key:e,values:[t],encode:r}):this.params.splice(i,1,{key:e,values:[t],encode:r})}_get(e){const t=this._getAll(e);return t?t[0]:void 0}_getAll(e){var t;return null===(t=this.params.find((t=>t.key===e)))||void 0===t?void 0:t.values}toString(){function e(e,t){return t?encodeURIComponent(e):null==e?void 0:e.replace(/\?/g,"%3F").replace(/\&/g,"%26")}const t=this.url.indexOf("?");let r=-1==t?this.url:this.url.slice(0,t),i=[];for(const t of this.params)for(const r of t.values)i.push(`${e(t.key,t.encode)}=${e(r,t.encode)}`);return i.length&&(r+="?"+i.join("&")),r}}t.RawURL=l},8498:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=n(r(6902)),a=r(6639),c=r(6458);class l{static create(e){return e.searchParams.set("r","f"),new l(e)}constructor(e){this.url=e,this.logger=o.LoggerFactory.getLogger("flow-v1")}handle(){var e,t;return i(this,void 0,void 0,(function*(){let r;const i=this.url.searchParams.get("vfp");let n=this.url;for(this.logger.debug(`current vfp ${i}`);;){try{r=yield(0,c.fetchAuth)(n,{})}catch(e){throw new s.default(a.ErrorCode.GENERIC_COMMUNICATION_ERROR,e.message)}if(console.log(r.url),r.status>=300&&r.status<400){const o=new c.RawURL(null!==(e=r.headers.get("Location"))&&void 0!==e?e:"");this.logger.debug(`redirect to ${o}`);const s=null!==(t=o.searchParams.get("vfp"))&&void 0!==t?t:o.searchParams.get("token");if(s&&s!==i)return this.logger.debug(`vfp changed to ${s}`),s;n=o}else{if(r.status>=200&&r.status<300){let e;try{e=yield r.json()}catch(e){throw new s.default(a.ErrorCode.AUTH_INVALID_RESPONSE,e.message)}this.logger.debug("got json response",e);const t=this.getVfpFromJson(e);if(!t)throw new s.default(a.ErrorCode.AUTH_INVALID_RESPONSE,`Received unknown payload: ${JSON.stringify(e)}`);return t}yield(0,c.handleHttpError)(r)}}}))}getVfpFromJson(e){const t=e.vfp;if(t)return t;const r=e.token,i=e.correlation_id;if(r)return i?i+"..."+r:r;const n=e.reconcilation_token;return n?i?i+"..."+n:n:void 0}}t.default=l},5112:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=r(6639),a=n(r(6902)),c=r(6458);class l{static create(e){var t;const r=e.searchParams.get("data");if(!r)throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing in url");let i,n,o,u;try{const e=c.Base64.decode(r);console.log("decoded",e),i=JSON.parse(e)}catch(e){throw console.error(e),new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - cannot parse as json")}try{n=new c.RawURL(null!==(t=i.url)&&void 0!==t?t:"")}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing/invalid url field")}try{o=i.vfp}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing vfp field")}try{u=i.data}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing data field")}return new l(n,o,u,i["att-1004"])}constructor(e,t,r,i){this.url=e,this.vfp=t,this.data=r,this.att1004=i,this.logger=o.LoggerFactory.getLogger("flow-v2")}handle(){var e;return i(this,void 0,void 0,(function*(){let t=!1,r=JSON.parse(JSON.stringify(this.data));for(;;){let i;try{i=yield(0,c.fetchAuth)(this.url,{method:"POST",body:r})}catch(e){throw new a.default(s.ErrorCode.GENERIC_COMMUNICATION_ERROR,e.message)}if(i.status>=200&&i.status<300){const n=yield i.text();if(this.logger.trace(`att response body: ${n}`),!t)try{if(1004===JSON.parse(n).status){const i=null!==(e=this.att1004)&&void 0!==e?e:["application-id"];if(i){t=!0,this.logger.debug(`flow v2.5 detected, use application-id: ${i}`),r.put("application-id",i);continue}this.logger.debug("missing att1004.application-id, continue flow v2")}}catch(e){}const o=c.Base64.encode(n);return`${this.vfp}___${o}${t?"___R2":""}`}if(i.status>=300&&i.status<400)throw new a.default(s.ErrorCode.AUTH_INVALID_RESPONSE,"Unexpected redirect in flow v2");yield(0,c.handleHttpError)(i)}}))}}t.default=l},4670:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=n(r(5030)),s=r(2715),a=r(6458),c=r(9843);t.default=class{constructor(){this.logger=s.LoggerFactory.getLogger("passive-authentication-step")}execute(e){return i(this,void 0,void 0,(function*(){this.logger.info("use passive");const t=(0,a.toURL)(e.authUrl);let r;if(t.searchParams.get("testVfp"))this.logger.info("test flow detected"),r=o.default.create(t);else{if("2"===t.searchParams.get("pfflow"))throw new Error("flow v2 detected but not supported by passive auth implementation");this.logger.info("flow v1 detected"),r=new l(t)}return{vfp:yield r.handle()}}))}};class l{constructor(e){this.url=e,this.logger=s.LoggerFactory.getLogger("passive-flow-v1")}handle(){return i(this,void 0,void 0,(function*(){return new Promise(((e,t)=>{const r="_proveAuthResponse";this.url.searchParams.set("jsonp","true"),this.url.searchParams.set("sdkVersion",c.VERSION_NAME);const i=window;this.logger.trace("install global callback"),i[r]=r=>{if(o)return;s();const i=r?this.getVfpFromJson(r):void 0;i?e(i):t(new Error(r?"script loaded but vfp not defined":"script loaded but callback not trigerred"))};const n=document.createElement("script");let o=!1;const s=()=>{this.logger.trace("cleanup global callback"),o=!0,i[r]=void 0,document.body.removeChild(n)};n.onload=()=>{this.logger.trace("script loaded"),setTimeout((()=>{o||(s(),t(new Error("script loaded, but not executed")))}),1e3)},n.onerror=()=>{this.logger.trace("script load error"),o||(s(),t(new Error("script load error")))},document.body.appendChild(n),n.src=this.url.toString()}))}))}getVfpFromJson(e){const t=e.vfp;if(t)return t;const r=e.token,i=e.correlation_id;if(r)return i?i+"..."+r:r;const n=e.reconcilation_token;return n?i?i+"..."+n:n:void 0}}},9134:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.PixelFinishStep=void 0;const o=n(r(5030)),s=r(2715),a=r(6458),c=r(9843);t.default=class{constructor(){this.logger=s.LoggerFactory.getLogger("pixel-authentication-step")}execute(e){return i(this,void 0,void 0,(function*(){this.logger.info("use pixel");const t=(0,a.toURL)(e.authUrl);let r;if(t.searchParams.get("testVfp"))this.logger.info("test flow detected"),r=o.default.create(t);else{if("2"===t.searchParams.get("pfflow"))throw new Error("flow v2 detected but not supported by pixel auth implementation");this.logger.info("flow v1 detected"),r=new l(t)}return{vfp:yield r.handle()}}))}};class l{constructor(e){this.url=e,this.logger=s.LoggerFactory.getLogger("pixel-flow-v1")}handle(){return i(this,void 0,void 0,(function*(){return new Promise(((e,t)=>{this.url.searchParams.set("sdkVersion",c.VERSION_NAME);const r=document.createElement("img");r.onload=()=>{this.logger.trace("pixel loaded"),e("")},r.onerror=()=>{this.logger.trace("pixel load error"),t(new Error("pixel load error"))},r.src=this.url.toString()}))}))}}t.PixelFinishStep=class{execute(e){return Promise.resolve(void 0)}}},7834:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=r(2400),a=n(r(4517)),c=r(6639);class l{constructor(e){this._providedDeviceDescriptor=e}get providedDeviceDescriptor(){return this._providedDeviceDescriptor}get deviceDescriptor(){return this._deviceDescriptor}get authUrl(){return this._authUrl}get vfp(){return this._vfp}}class u{constructor(){this.currentStep=s.StepCode.PRE_CHECK,this.timedOut=!1}}t.default=class{constructor(e,t,r,i,n=0){this.deviceDescriptorStep=e,this.startStep=t,this.authenticationStep=r,this.finishStep=i,this.timeout=n,this.logger=o.LoggerFactory.getLogger("auth")}executeStep(e,t,r,n){var o;return i(this,void 0,void 0,(function*(){if(e.timedOut)throw new Error("timeout");try{e.currentStep=t,this.logger.debug(`execute step ${s.StepCode[t]}`);let i=yield r.execute(n);return this.logger.debug(`executed step ${s.StepCode[t]}`),i}catch(e){const r=null!==(o=e.errorCode)&&void 0!==o?o:c.ErrorCode.GENERIC_UNKNOWN_REASON;throw new a.default(t,r,e.message)}}))}authenticate(e){return new Promise(((t,r)=>{const i=new u;let n;this.timeout>0&&(n=setTimeout((()=>{i.timedOut=!0,r(new a.default(i.currentStep,c.ErrorCode.GENERIC_TIMEOUT,`authenticator timeout after ${this.timeout}ms`))}),this.timeout)),this.executeAuth(i,e).then((e=>{i.timedOut||(clearTimeout(n),t(e))}),(e=>{i.timedOut||(clearTimeout(n),r(e))}))}))}executeAuth(e,t){return i(this,void 0,void 0,(function*(){const r=new l(t);r._deviceDescriptor=(yield this.executeStep(e,s.StepCode.DEVICE_DESCRIPTOR,this.deviceDescriptorStep,r)).deviceDescriptor,this.logger.info(`deviceDescriptor=${r.deviceDescriptor}`),r._authUrl=(yield this.executeStep(e,s.StepCode.START,this.startStep,r)).authUrl,this.logger.info(`authUrl=${r.authUrl}`),r._vfp=(yield this.executeStep(e,s.StepCode.AUTHENTICATION,this.authenticationStep,r)).vfp,this.logger.info(`vfp=${r.vfp}`);const i=yield this.executeStep(e,s.StepCode.FINISH,this.finishStep,r);return this.logger.info("result",i),i}))}}},5386:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(6639),s=n(r(79)),a=n(r(6902));t.default=class{constructor(e){this.ipQueryUrl=null!=e?e:"https://device.payfone.com:4443/whatismyipaddress"}execute(e){return i(this,void 0,void 0,(function*(){if(e.providedDeviceDescriptor)return{deviceDescriptor:e.providedDeviceDescriptor};const t=yield fetch("https://device.payfone.com:4443/whatismyipaddress");if(t.ok)return{deviceDescriptor:new s.default(yield t.text())};throw new a.default(o.ErrorCode.GENERIC_COMMUNICATION_ERROR,`ip api response=${t.status}`)}))}}},689:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=n(r(79));t.default=class{execute(e){var t;return i(this,void 0,void 0,(function*(){return{deviceDescriptor:null!==(t=e.providedDeviceDescriptor)&&void 0!==t?t:new o.default}}))}}},3060:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=class{}},4517:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const i=r(6639),n=r(2400);class o extends Error{constructor(e,t,r){super(`${r} (stepCode=${n.StepCode[e]}, errorCode=${i.ErrorCode[t]})`),this.stepCode=e,this.errorCode=t,Error.captureStackTrace&&Error.captureStackTrace(this,o),this.name="AuthProcessError",this.stepCode=e}}t.default=o},79:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{static ip(e){return new r(e)}constructor(e,t,r){this.ip=e,this.mno=t,this.phoneNumber=r}toString(){return`ip=[${this.ip}] mno=[${this.mno}] phoneNumber=[${this.phoneNumber}]`}}t.default=r},2400:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.StepCode=void 0,(r=t.StepCode||(t.StepCode={}))[r.PRE_CHECK=16]="PRE_CHECK",r[r.DEVICE_DESCRIPTOR=32]="DEVICE_DESCRIPTOR",r[r.START=48]="START",r[r.AUTHENTICATION=64]="AUTHENTICATION",r[r.FINISH=80]="FINISH"},9843:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.VERSION_CODE=t.VERSION_NAME=void 0,t.VERSION_NAME="3.0.0",t.VERSION_CODE=3e4},3607:function(e,t,r){var i=this&&this.__createBinding||(Object.create?function(e,t,r,i){void 0===i&&(i=r);var n=Object.getOwnPropertyDescriptor(t,r);n&&!("get"in n?!t.__esModule:n.writable||n.configurable)||(n={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,i,n)}:function(e,t,r,i){void 0===i&&(i=r),e[i]=t[r]}),n=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t}),o=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var r in e)"default"!==r&&Object.prototype.hasOwnProperty.call(e,r)&&i(t,e,r);return n(t,e),t},s=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.PhoneValidationError=t.OtpError=t.OtpFinishResultType=t.MobileAuthImplementation=t.LogLevel=t.LoggerFactory=t.DeviceRole=t.CancelablePromise=t.AuthResponseStatus=t.AuthenticatorBuilder=t.VERSION=void 0;const a=r(6462);Object.defineProperty(t,"VERSION",{enumerable:!0,get:function(){return a.VERSION}});const c=o(r(4817));t.AuthenticatorBuilder=c.default,Object.defineProperty(t,"DeviceRole",{enumerable:!0,get:function(){return c.DeviceRole}}),Object.defineProperty(t,"MobileAuthImplementation",{enumerable:!0,get:function(){return c.MobileAuthImplementation}});const l=r(6267);Object.defineProperty(t,"AuthResponseStatus",{enumerable:!0,get:function(){return l.AuthResponseStatus}});const u=r(1727);Object.defineProperty(t,"LoggerFactory",{enumerable:!0,get:function(){return u.LoggerFactory}}),Object.defineProperty(t,"LogLevel",{enumerable:!0,get:function(){return u.LogLevel}});const d=s(r(4610));t.CancelablePromise=d.default;const h=r(3794);Object.defineProperty(t,"PhoneValidationError",{enumerable:!0,get:function(){return h.PhoneValidationError}});const f=r(8864);Object.defineProperty(t,"OtpError",{enumerable:!0,get:function(){return f.OtpError}}),Object.defineProperty(t,"OtpFinishResultType",{enumerable:!0,get:function(){return f.OtpFinishResultType}})},4817:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.MobileAuthImplementation=t.DeviceRole=void 0;const n=r(1092),o=i(r(8370)),s=i(r(6736)),a=i(r(1840)),c=i(r(7625)),l=i(r(3075)),u=i(r(8907)),d=i(r(1703)),h=i(r(6185)),f=i(r(1044)),g=i(r(1474)),p=i(r(9790)),v=r(2207),_=i(r(9568));var m,E;!function(e){e[e.Primary=0]="Primary",e[e.Secondary=1]="Secondary"}(m=t.DeviceRole||(t.DeviceRole={})),function(e){e.Pixel="pixel",e.Fetch="fetch"}(E=t.MobileAuthImplementation||(t.MobileAuthImplementation={})),t.default=class{constructor(){this.role=m.Primary,this.mobileAuthImplementation=E.Fetch,this.forUPK=!1,this.instantLinkTestMode=!1,"undefined"!=typeof window&&(this.storage=window.localStorage,this.platform=new n.WebPlatform)}withAuthFinishStep(e){return this.authFinishStep="function"==typeof e?{execute:t=>e(t)}:e,this}withDisplayName(e){return this.getDisplayName="function"==typeof e?e:()=>e,this}withAuthMessageHandler(e){return this.authMessageHandler=e,this}withStorage(e){return this.storage=e,this}withPlatform(e){return this.platform=e,this}withRole(e){return this.role=e,this}withMobileAuthImplementation(e){return this.mobileAuthImplementation=e,this}withDeviceIpAddress(e){return this.getDeviceIp="function"==typeof e?e:()=>e,this}withOtpFallback(e,t){return this.otpStartStep="function"==typeof e?{execute:e}:e,this.otpFinishStep="function"==typeof t?{execute:t}:t,this}withInstantLinkFallback(e){return this.instantLinkStartStep="function"==typeof e?{execute:e}:e,this}withUPKEnabled(){return this.forUPK=!0,this}build(){return this.role===m.Primary?new _.default(this.platform,this.storage,this.authFinishStep,[new p.default(this.forUPK),new v.DeviceUniversalRedirectExchangeStep,new v.DeviceUniversalRedirectFinishStep,new s.default(this.getDisplayName,this.role),new g.default(this.getDisplayName),new f.default(this.forUPK),new o.default,new a.default,new c.default(this.mobileAuthImplementation,this.getDeviceIp),new l.default(this.instantLinkStartStep,this.getDeviceIp),new u.default(this.otpStartStep,this.otpFinishStep),new h.default,new d.default(this.authMessageHandler)]):new _.default(this.platform,this.storage,this.authFinishStep,[new s.default(this.getDisplayName,this.role),new c.default(this.mobileAuthImplementation,this.getDeviceIp),new l.default(this.instantLinkStartStep,this.getDeviceIp)])}}},8607:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{static stringToBase64(e){return e.replace(/\-/g,"+").replace(/_/g,"/")+"=".repeat(e.length%4?4-e.length%4:0)}static bufferDecode(e){return Uint8Array.from(atob(r.stringToBase64(e)),(e=>e.charCodeAt(0)))}static bufferEncode(e){const t=ArrayBuffer.isView(e)?e.buffer:e;return btoa(String.fromCharCode.apply(null,Array.from(new Uint8Array(t)))).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}}t.default=r},4610:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=class extends Promise{constructor(e){let t=()=>{};super(((r,i)=>e(r,i,(e=>t=e)))),this.onCancel=()=>{t()}}cancel(){this.onCancel()}}},1727:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.LoggerFactory=t.LogLevel=void 0,function(e){e[e.disabled=0]="disabled",e[e.error=1]="error",e[e.warn=2]="warn",e[e.info=3]="info",e[e.debug=4]="debug",e[e.trace=5]="trace"}(r=t.LogLevel||(t.LogLevel={}));class i{static setLogLevel(e){i.logLevel=e}static setLogWriter(e){i.logWriter=e}static getLogger(e){return{trace:(...t)=>{i.logLevel>=r.trace&&i.logWriter.write(r.trace,e+": ",...t)},debug:(...t)=>{i.logLevel>=r.debug&&i.logWriter.write(r.debug,e+": ",...t)},info:(...t)=>{i.logLevel>=r.info&&i.logWriter.write(r.info,e+": ",...t)},warn:(...t)=>{i.logLevel>=r.warn&&i.logWriter.write(r.warn,e+": ",...t)},error:(...t)=>{i.logLevel>=r.error&&i.logWriter.write(r.error,e+": ",...t)}}}}i.logWriter=new class{write(e,...t){switch(e){case r.trace:case r.debug:console.debug(...t);break;case r.info:console.info(...t);break;case r.warn:console.warn(...t);break;case r.error:console.error(...t)}}},i.logLevel=r.info,t.LoggerFactory=i},3350:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r extends Error{constructor(e,t,r,i){super(e),this.code=t,this.nextStep=r,this.reportable=void 0===i||i}static extractMessage(e){let t="";if(e){const r="message";e[r]?t=e[r]:(t=e.toString(),"[object Object]"===t&&(t=JSON.stringify(e)))}return t}}t.default=r},6267:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.AuthResponseStatus=void 0,(r=t.AuthResponseStatus||(t.AuthResponseStatus={})).Accept="accept",r.Reject="reject",r.Cancel="cancel",r.Unexpected="unexpected",r.Timeout="timeout",r.Unknown="unknown"},1204:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=r(6462),s=r(2102),a=i(r(5186));t.default=class{get namespace(){var e;return(null===(e=this.claims)||void 0===e?void 0:e.auth.ans)||this.settings.namespace}get backendUrl(){var e;return(null===(e=this.claims)||void 0===e?void 0:e.auth.endp)||this.backendUrlOverride}get authId(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.id}get challenge(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.chlg}get next(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.next}constructor(e,t,r){var i,n;this.channels=new Set,this.lastStep=null,this.credential=null,this.authMessage=null,this.uvLevel=null,this.backendUrlOverride=null,this.platform=t,this.authToken=r,this.settings=e,r&&(this.claims=this.parseJwt(r),this.settings.namespace=this.claims.auth.ans,this.uvLevel=(null===(n=null===(i=this.claims.auth.subs.dev)||void 0===i?void 0:i.auths.pasv)||void 0===n?void 0:n.uvlvl)||s.UserVerificationLevel.Discouraged),this.requestSigner=t.createRequestSigner(this)}fetchFromBackend(e,t){const r="POST",i="application/json",n=JSON.stringify(t),s=e.split("?"),c=s[0],l=s.length>1?s[1]:"",u=new Headers({Accept:i,"Content-Type":i,"PA-Version":o.USER_AGENT_VERSIONS});return this.authToken&&u.set("Authorization","Bearer "+this.authToken),new Promise(((t,o)=>{this.requestSigner.sign(r,c,l,i,n).then((i=>{i&&(u.set("PA-Sig-Version",i.version),u.set("PA-Challenge",i.challenge),u.set("PA-KID",i.keyId),u.set("PA-Signature",i.signature)),this.platform.fetch(this.backendUrl+e,{mode:"cors",method:r,headers:u,body:n}).then((e=>e.json())).then((e=>{e.error&&e.error.code===a.default.ERROR_NO_DEVICE_FOUND&&(this.settings.reset(),this.platform.deviceAuth.reset()),t(e)})).catch(o)})).catch(o)}))}createMessageChannel(e,t,r,i){if(!this.authToken)throw new Error("Authentication token is not initialized, cannot create MessageChannel");const o=this.backendUrl.replace(/^http/,"ws"),s=this.platform.createMessageChannel(o+e),a=n.LoggerFactory.getLogger("web-message-channel"),c=setInterval((()=>{a.trace("Sending keep-alive message"),s.send("")}),3e4);return s.addEventListener("close",(e=>{c&&clearInterval(c),t(),this.channels.delete(s)})),s.addEventListener("error",(e=>{r("message"in e?e.message:e.toString())})),s.addEventListener("message",(e=>{if("origin"in e&&e.origin!==o)r("Unexpected origin");else{var t=e.data;i(t&&"string"==typeof t?t:e.toString())}})),this.channels.add(s),s}closeAllMessageChannels(){const e=new Set(this.channels);e.forEach((e=>e.close())),e.clear(),this.channels.clear()}getDeviceRegistration(){return new Promise(((e,t)=>{this.platform.deviceAuth.getRegistration(this.namespace).then((t=>{t&&(this.backendUrlOverride=null==t?void 0:t.endpoint),e(t)})).catch(t)}))}parseJwt(e){return JSON.parse(atob(e.split(".")[1]))}}},3225:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.AuthStatusActions=void 0;const n=r(1727),o=i(r(3350));t.AuthStatusActions=class{constructor(){this.log=n.LoggerFactory.getLogger("auth-status-actions")}waitForStatus(e){var t=!1;return this.log.trace("Waiting for auth status"),new Promise(((r,i)=>{const n=e.createMessageChannel("/v1/client/status?token="+encodeURIComponent(e.authToken),(()=>{t||i(new o.default("Failed to receive secondary authentication status, no response"))}),(e=>{t=!0,this.log.error("Failed: "+e),i(new o.default("Failed to receive secondary authentication status: "+e))}),(s=>{t=!0;try{this.log.debug("Secondary authentication status: "+s);const t=JSON.parse(s);t.error?i(new o.default(t.error.message,t.error.code,t.next)):(e.lastStep=t.next,r(t.next))}catch(e){i(e)}finally{n.close()}}))}))}}},2102:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.UserVerificationLevel=void 0,(r=t.UserVerificationLevel||(t.UserVerificationLevel={})).Discouraged="none",r.Preferred="pref",r.Required="req"},8370:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(8607)),o=r(1727),s=i(r(3350)),a=i(r(5186));class c{constructor(){this.log=o.LoggerFactory.getLogger("device-passive-register-step"),this.name=c.NAME}execute(e){return new Promise(((t,r)=>{e.getDeviceRegistration().then((i=>{i?this.finishRegistration(e,[this.getFido2Registration(e)]).then(t).catch(r):e.platform.deviceAuth.createRegistration({namespace:e.namespace,endpoint:e.backendUrl}).then((i=>{i.getAuthRegistration(e.challenge).then((t=>this.finishRegistration(e,[this.getFido2Registration(e),t]))).then((n=>{i.deviceId=e.settings.deviceId,e.platform.deviceAuth.storeRegistration(i).then((()=>t(n))).catch(r)})).catch(r)})).catch(r)})).catch(r)}))}finishRegistration(e,t){return new Promise(((r,i)=>{e.fetchFromBackend("/v1/client/device/fido2/register/finish",{deviceName:e.platform.getPlatformName(),deviceCapabilities:e.platform.getDeviceCapabilities(),registrations:t}).then((t=>{if(t.error)i(new s.default(t.error.message,t.error.code,t.next));else{const n=t.data;n&&n.deviceId?(e.settings.deviceId=n.deviceId,e.settings.fidoPasskeyRegistered=!0,r(t.next)):i(new s.default("Failed to register device, returned deviceId is null or empty",a.default.ERROR_AUTHENTICATION_FAILURE,t.next,!1))}})).catch(i)}))}getFido2Registration(e){const t=e.credential,r=t.response;return{webAuthnCredential:{type:null==t?void 0:t.type,id:null==t?void 0:t.id,rawId:n.default.bufferEncode(null==t?void 0:t.rawId),response:{attestationObject:n.default.bufferEncode(r.attestationObject),clientDataJSON:n.default.bufferEncode(r.clientDataJSON)}}}}}c.NAME="device/passive/register",t.default=c},1044:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(3350));class s{constructor(e){this.log=n.LoggerFactory.getLogger("device-passive-silent-step"),this.name=s.NAME,this.forUPK=!1,this.forUPK=e}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{e.getDeviceRegistration().then((i=>{i?this.verify(e,i).then(t).catch(r):e.platform.deviceAuth.createRegistration({namespace:e.namespace,endpoint:e.backendUrl}).then((t=>this.register(e,t))).then(t).catch(r)})).catch(r)}))}getBackendRegisterEndpoint(){return this.forUPK?"/v1/client/device/universal/register":"/v1/client/device/passive/register"}getBackendVerifyEndpoint(){return this.forUPK?"/v1/client/device/universal/verify":"/v1/client/device/passive/verify"}register(e,t){return this.log.trace("Registering"),new Promise(((r,i)=>{t.getAuthRegistration(e.challenge).then((n=>{e.fetchFromBackend(this.getBackendRegisterEndpoint(),{deviceName:e.platform.getPlatformName(),deviceCapabilities:e.platform.getDeviceCapabilities(),registrations:[n]}).then((n=>{if(n.error)i(new o.default(n.error.message,n.error.code,n.next,!1));else{const s=n.data.deviceId;s||i(new o.default("Failed to register device, returned deviceId is null or empty",0,n.next)),e.settings.deviceId=s,t.deviceId=s,this.log.debug("Device ID: "+s),e.platform.deviceAuth.storeRegistration(t).then((()=>r(n.next))).catch(i)}})).catch(i)}))}))}verify(e,t){return this.log.trace("Verifying"),new Promise(((r,i)=>{if(t.deviceId){const n=t.deviceId+":"+e.challenge;t.sign(n).then((n=>{e.fetchFromBackend(this.getBackendVerifyEndpoint(),{deviceId:t.deviceId,keyId:t.keyId,signature:n}).then((e=>{e.error?i(new o.default(e.error.message,e.error.code,e.next,!1)):r(e.next)})).catch(i)}))}else i(new o.default("Failed to initiate verification, DeviceId is missing"))}))}}s.NAME="device/passive/silent",t.default=s},6736:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.DevicePassiveActions=void 0;const n=r(1727),o=i(r(8607)),s=i(r(1044)),a=r(2102),c=i(r(3350)),l=r(4817),u=r(3225);class d extends u.AuthStatusActions{constructor(e){super(),this.log=n.LoggerFactory.getLogger("device-passive-actions"),this.getDisplayName=e||(()=>null)}register(e){return this.log.trace("Registering"),new Promise(((t,r)=>{const i=this.getDisplayName();e.fetchFromBackend("/v1/client/device/fido2/register/start",{displayName:i||void 0}).then((n=>{if(n.error)r(new c.default(n.error.message,n.error.code,n.next));else{let s=n.data.credCreateOptions;s.challenge=o.default.bufferDecode(s.challenge),s.user.id=o.default.bufferDecode(s.user.id),i&&(s.user.displayName=i),s.excludeCredentials&&s.excludeCredentials.forEach((e=>{e.id=o.default.bufferDecode(e.id)})),e.platform.webauthn.createCredentials({publicKey:s}).then((i=>{i?(e.credential=i,t(n.next)):r(new c.default("Failed to create FIDO2 credentials"))})).catch(r)}})).catch(r)}))}verify(e){return this.log.trace("Verifying"),new Promise(((t,r)=>{e.settings.deviceId?e.fetchFromBackend("/v1/client/device/fido2/verify/start",{deviceId:e.settings.deviceId}).then((i=>{var n;if(i.error)r(new c.default(i.error.message,i.error.code,i.next));else{let s=i.data.credRequestOptions;s.challenge=o.default.bufferDecode(s.challenge),s.allowCredentials&&(null===(n=s.allowCredentials)||void 0===n||n.forEach((e=>{e.id=o.default.bufferDecode(e.id)}))),e.platform.webauthn.getCredentials({publicKey:s}).then((n=>{n?(e.credential=n,t(i.next)):r(new Error("Failed to load FIDO2 credentials"))})).catch(r)}})).catch(r):r(new c.default("Failed to start verification, DeviceId is missing"))}))}}t.DevicePassiveActions=d;class h extends d{constructor(e,t){super(e),this.name=h.NAME,this.role=null!=t?t:l.DeviceRole.Primary,this.log=n.LoggerFactory.getLogger("device-passive-step")}execute(e){return this.role==l.DeviceRole.Secondary?this.waitForStatus(e):e.platform.isFidoSupported()&&e.uvLevel!==a.UserVerificationLevel.Discouraged?e.settings.deviceId?e.settings.fidoPasskeyRegistered?this.verify(e):Promise.resolve(s.default.NAME):this.register(e):Promise.resolve(s.default.NAME)}}h.NAME="device/passive",t.default=h},1474:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),n=r(6736);class o extends n.DevicePassiveActions{constructor(e){super(e),this.name=o.NAME,this.log=i.LoggerFactory.getLogger("device-passive-stepup-step")}execute(e){return e.platform.isFidoSupported()?e.settings.deviceId?e.settings.fidoPasskeyRegistered?Promise.reject(new Error("FIDO2 Passkey is already registered")):this.register(e):Promise.reject(new Error("Device is not registered")):Promise.reject(new Error("FIDO2 is not supported"))}}o.NAME="device/passive/stepup",t.default=o},1840:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(8607)),o=r(1727),s=i(r(3350));class a{constructor(){this.log=o.LoggerFactory.getLogger("device-passive-verify-step"),this.name=a.NAME}execute(e){return new Promise(((t,r)=>{const i=e.credential,o=i.response;e.fetchFromBackend("/v1/client/device/fido2/verify/finish",{webAuthnAssertion:{type:null==i?void 0:i.type,id:null==i?void 0:i.id,rawId:n.default.bufferEncode(null==i?void 0:i.rawId),response:{authenticatorData:n.default.bufferEncode(o.authenticatorData),clientDataJSON:n.default.bufferEncode(o.clientDataJSON),signature:n.default.bufferEncode(o.signature),userHandle:o.userHandle?n.default.bufferEncode(o.userHandle):void 0}}}).then((i=>{if(i.error)r(new s.default(i.error.message,i.error.code,i.next));else{const r=i.data;r&&r.scanMessage?e.authMessage=r.scanMessage:this.log.warn("No data was received in the response"),t(i.next)}})).catch(r)}))}}a.NAME="device/passive/verify",t.default=a},2207:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.DeviceUniversalRedirectExchangeStep=t.DeviceUniversalRedirectFinishStep=t.DeviceUniversalRedirectBaseStep=void 0;const n=i(r(3350));class o{constructor(){this.name=""}execute(e){return new Promise(((t,r)=>{var i,o,s;let a=null===(s=null===(o=null===(i=e.claims)||void 0===i?void 0:i.auth.subs.dev)||void 0===o?void 0:o.auths.unvsl)||void 0===s?void 0:s.ftu;if(void 0!==a&&a){a+=`?authId=${e.authId}`;let i="";if("redirect/exchange"===this.name)i="authexchange";else{if("redirect/finish"!==this.name)return void r(new n.default(`Unknown UPK Step: ${this.name}`,0,e.next,!0));i="authfinish"}a+=`&next=${i}`,e.platform.urlRedirect(a),t("")}else r(new n.default("AuthToken claims do not contain final target URL",0,e.next,!0))}))}}t.DeviceUniversalRedirectBaseStep=o;class s extends o{constructor(){super(...arguments),this.name=s.NAME}}s.NAME="redirect/finish",t.DeviceUniversalRedirectFinishStep=s;class a extends o{constructor(){super(...arguments),this.name=a.NAME}}a.NAME="redirect/exchange",t.DeviceUniversalRedirectExchangeStep=a},9790:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(3350)),s=i(r(1044));class a{constructor(e){this.log=n.LoggerFactory.getLogger("device-universal-step"),this.name=a.NAME,this.forUPK=!1,this.forUPK=e}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{var i,n,a;if(this.forUPK)t(s.default.NAME);else{let s=null===(a=null===(n=null===(i=e.claims)||void 0===i?void 0:i.auth.subs.dev)||void 0===n?void 0:n.auths.unvsl)||void 0===a?void 0:a.endp;void 0!==s&&s?(s+=`?authId=${e.authId}&authtoken=${e.authToken}`,e.platform.urlRedirect(s),t("")):r(new o.default("AuthToken claims do not contain universal redirect URL",0,e.next,!0))}}))}}a.NAME="device/universal",t.default=a},5186:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{}r.ERROR_AUTHENTICATION_FAILURE=1e4,r.ERROR_AUTHENTICATION_EXTERNAL_FAILURE=10001,r.ERROR_AUTHENTICATION_CLIENT_FAILURE=10002,r.ERROR_AUTHENTICATION_PROHIBITED_ACTION=10003,r.ERROR_MISSING_AUTHENTICATOR_COMPLETION=10004,r.ERROR_MAX_ATTEMPTS=10005,r.ERROR_NO_DEVICE_FOUND=10006,t.default=r},9568:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(7370)),o=r(1727),s=i(r(4610)),a=i(r(1204)),c=i(r(3350)),l=i(r(6105)),u=i(r(5186));class d{constructor(e,t,r,i){if(this.steps=new Map,!e)throw new Error("Implementation of Platform is required");if(!t)throw new Error("Implementation of Storage is required");if(this.log=o.LoggerFactory.getLogger("main-authenticator"),this.platform=e,this.authFinishStep=r,this.settings=new n.default(t),i)for(let e of i)this.steps.set(e.name,e)}isPasskeyRegistered(){return this.settings.fidoPasskeyRegistered}isFidoSupported(){return this.platform.isFidoSupported()}isDeviceRegistered(){return null!==this.settings.deviceId}isMobileWeb(){const e=this.platform.getUserAgent();return null!==e&&/Mobi|Android|webOS|iPhone|iPad|BlackBerry|Opera Mini/i.test(e)}getDeviceId(){return this.settings.deviceId}resetDeviceSettings(){this.settings.reset(),this.platform.deviceAuth.reset()}authenticate(e){return new s.default(((t,r,i)=>{e||r(new Error("No authentication token provided")),this.authFinishStep||r(new Error("AuthFinish step must be specified"));try{const o=new a.default(this.settings,this.platform,e);var n=this.process(o);i((()=>n.cancel())),n.then((()=>{var e;if(o.lastStep!==d.AUTH_EMPTY)return this.log.info("Authentication flow has been completed."),null===(e=this.authFinishStep)||void 0===e?void 0:e.execute({authId:o.authId});this.log.info("Next step is not provided, authentication flow is terminated without completion."),t()})).then(t).catch(r)}catch(e){r(e)}}))}unregisterDevice(){return this.isDeviceRegistered()?new Promise(((e,t)=>{this.unregister("/v1/client/device/unregister").then((()=>{this.resetDeviceSettings(),e()})).catch(t)})):Promise.resolve()}unregisterPasskey(){return this.settings.fidoPasskeyRegistered?new Promise(((e,t)=>{this.unregister("/v1/client/stepup/unregister").then((()=>{this.settings.fidoPasskeyRegistered=!1,e()})).catch(t)})):Promise.resolve()}unregister(e){return new Promise(((t,r)=>{try{new a.default(this.settings,this.platform).fetchFromBackend(e,{deviceId:this.getDeviceId()}).then((e=>{e.error?r(new c.default(e.error.message,e.error.code,e.next)):t()})).catch(r)}catch(e){r(e)}}))}process(e){return new s.default(((t,r,i)=>{i((()=>{this.log.info("Canceled"),e.closeAllMessageChannels(),t()})),this.nextStep(e,e.next,1).then(t).catch(r)}))}nextStep(e,t,r){return this.log.debug(`Authentication attempt ${r}, next step: ${t}`),e.lastStep=t,new Promise(((i,n)=>{[d.AUTH_DONE,d.AUTH_EMPTY].includes(t)?i():r>d.MAX_ATTEMPTS?n(new c.default("Too many authentication steps",u.default.ERROR_MAX_ATTEMPTS)):this.getNextStep(t).execute(e).then((t=>this.nextStep(e,t,r+1))).then(i).catch((t=>new l.default(t).execute(e).then((t=>this.nextStep(e,t,r+1))).then(i).catch(n)))}))}getNextStep(e){return this.steps.get(e)||new l.default("Unknown authentication step: "+e)}}d.AUTH_DONE="done",d.AUTH_EMPTY="",d.MAX_ATTEMPTS=50,t.default=d},7625:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(3350)),o=r(1727),s=r(4817),a=i(r(5186));class c{constructor(e,t){this.name=c.NAME,this.log=o.LoggerFactory.getLogger("mobile-instant-step"),this.errorCodeBak=a.default.ERROR_AUTHENTICATION_CLIENT_FAILURE,this.implementation=e,t?(this.getDeviceIp=t,this.deviceIpDetection=!1):(this.getDeviceIp=()=>null,this.deviceIpDetection=!0)}execute(e){return new Promise(((t,r)=>{let i=e.platform.getMobileAuthBuilder().withDeviceIpDetection(this.deviceIpDetection);switch(this.implementation){case s.MobileAuthImplementation.Pixel:i=i.withPixelImplementation();break;case s.MobileAuthImplementation.Fetch:i=i.withFetchImplementation().withFinishStep((t=>new Promise(((r,i)=>{e.fetchFromBackend("/v1/client/mobile/instant/finish",{vfp:t.vfp}).then(r).catch(i)}))))}i=i.withStartStep((t=>new Promise(((r,i)=>{const o=this.deviceIpDetection?t.deviceDescriptor.ip:this.getDeviceIp();e.fetchFromBackend("/v1/client/mobile/instant/start",{cellularIp:o,implementation:this.implementation}).then((e=>{var t;e.error?(this.nextBak=e.next,this.errorCodeBak=e.error.code,i(new n.default(e.error.message,e.error.code,e.next,!1))):r({authUrl:null===(t=e.data)||void 0===t?void 0:t.redirectUrl})})).catch(i)})))),i.build().authenticate().then((i=>{if(i){const e=i;e.error&&r(new n.default(i.error.message,i.error.code,i.next,!1)),t(e.next)}else e.fetchFromBackend("/v1/client/mobile/instant/finish",{}).then((e=>t(e.next))).catch((e=>{r(new n.default(i.error.message,i.error.code,i.next,!1))}))})).catch((e=>{r(new n.default(e,this.errorCodeBak,this.nextBak,!1))}))}))}}c.NAME="mobile/instant",t.default=c},3075:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=r(3794),s=i(r(3350)),a=r(3225);class c extends a.AuthStatusActions{constructor(e,t){super(),this.name=c.NAME,this.log=n.LoggerFactory.getLogger("mobile-instantlink-step"),this.startStep=e,this.getDeviceIp=null!=t?t:()=>null}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{var i,n,o,s,a,c,l=!0;(null===(o=null===(n=null===(i=e.claims)||void 0===i?void 0:i.auth.subs.mob)||void 0===n?void 0:n.auths.inln)||void 0===o?void 0:o.mnp)&&(l=!1);var u=!1;(null===(c=null===(a=null===(s=e.claims)||void 0===s?void 0:s.auth.subs.mob)||void 0===a?void 0:a.auths.inln)||void 0===c?void 0:c.tme)&&(u=!0),this.runStartStep(e,l).then((i=>{this.runFinishStep(e,u).then((()=>this.waitForStatus(e))).then((e=>t(e))).catch(r)})).catch(r)}))}runStartStep(e,t,r){return new Promise(((i,n)=>{this.startStep?this.startStep.execute(t,r).then((r=>{e.fetchFromBackend("/v1/client/mobile/instantlink/start",{sourceIp:this.getDeviceIp(),mobileNumber:null==r?void 0:r.phoneNumber}).then((r=>{var a,c,l;const u=r;if(u.error)n(new s.default(u.error.message,u.error.code,r.next,!1));else if(u.data){var d="";(null===(a=u.data)||void 0===a?void 0:a.code)&&(d+=`Error Code: ${u.data.code}, `),(null===(c=u.data)||void 0===c?void 0:c.message)?d+=`${u.data.message}`:d+="Error validating phone number";let r=new o.PhoneValidationError(d,null===(l=u.data)||void 0===l?void 0:l.code);this.log.error(`Server reports invalid phone number: ${d}`),this.runStartStep(e,t,r).then(i).catch(n)}else i(u.next)})).catch(n)})).catch(n):n(new Error("InstantLink start step must be specified"))}))}runFinishStep(e,t){return new Promise(((r,i)=>{t?(this.log.info("Simulating user clicking the instant link"),setTimeout((()=>{e.platform.fetch(e.backendUrl+"/v1/client/mobile/instantlink/finish?token="+encodeURIComponent(e.authToken)+"&vfp=test-vfp",{mode:"cors",method:"GET"}).then((e=>r())).catch(i)}),100)):r()}))}}c.NAME="mobile/instantlink",t.default=c},8907:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(3350)),s=r(8864),a=r(3794);class c{constructor(e,t){this.name=c.NAME,this.log=n.LoggerFactory.getLogger("mobile-otp-step"),this.otpStartStep=e,this.otpFinishStep=t}execute(e){return new Promise(((t,r)=>{var i,n,o;if(this.otpStartStep)if(this.otpFinishStep){var s=!0;(null===(o=null===(n=null===(i=e.claims)||void 0===i?void 0:i.auth.subs.mob)||void 0===n?void 0:n.auths.otp)||void 0===o?void 0:o.mnp)&&(s=!1),this.runOtpStartStep(e,this.otpStartStep,this.otpFinishStep,s).then(t).catch(r)}else r(new Error("OtpFinishStep step must be specified"));else r(new Error("OtpStartStep step must be specified"))}))}runOtpStartStep(e,t,r,i,n){return new Promise(((s,c)=>{t.execute(i,n).then((n=>{e.fetchFromBackend("/v1/client/mobile/otp/start",{mobileNumber:null==n?void 0:n.phoneNumber}).then((n=>{const l=n;if(l.error)c(new o.default(l.error.message,l.error.code,n.next,!1));else if(l.data){let n=l.data;var u="";(null==n?void 0:n.code)&&(u+=`Error Code: ${n.code}, `),(null==n?void 0:n.message)?u+=`${n.message}`:u+="Error validating phone number";let o=new a.PhoneValidationError(u,null==n?void 0:n.code);this.log.error(`Server reports invalid phone number: ${u}`),this.runOtpStartStep(e,t,r,i,o).then(s).catch(c)}else this.runOtpFinishStep(e,t,r,i).then(s).catch(c)})).catch(c)})).catch((e=>{const t=o.default.extractMessage(e);c(new Error(`Failed to start OTP flow: ${t}`))}))}))}runOtpFinishStep(e,t,r,i,n){return new Promise(((a,c)=>{r.execute(n).then((n=>{var l;let u=n;switch(u.resultType){case s.OtpFinishResultType.OnResendOtp:this.runOtpStartStep(e,t,r,i).then(a).catch(c);break;case s.OtpFinishResultType.OnSuccess:let n=u.input;e.fetchFromBackend("/v1/client/mobile/otp/finish",{otp:null!==(l=null==n?void 0:n.otp)&&void 0!==l?l:""}).then((n=>{const l=n;if(l.error)c(new o.default(l.error.message,l.error.code,n.next,!1));else if(l.data){let n=l.data;var u="";(null==n?void 0:n.code)&&(u+=`Error Code: ${n.code}, `),(null==n?void 0:n.message)?u+=`${n.message}`:u+="Error validating OTP";let o=new s.OtpError(u,null==n?void 0:n.code);this.log.error(`Server reports invalid OTP: ${u}`),this.runOtpFinishStep(e,t,r,i,o).then(a).catch(c)}else a(n.next)})).catch(c)}})).catch((e=>{const t=o.default.extractMessage(e);c(new Error(`Failed to obtain OTP for verification: ${t}}`))}))}))}}c.NAME="mobile/otp",t.default=c},3794:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.PhoneValidationError=void 0;const n=i(r(3350));class o extends n.default{constructor(e,t){super(e,t)}}t.PhoneValidationError=o},8566:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.getUnixTime=t.arrayBufferToHexString=t.arrayBufferToString=t.stringToArrayBuffer=t.DEVICE_CAPABILITY_WEBAUTHN=void 0,t.DEVICE_CAPABILITY_WEBAUTHN="webauthn",t.stringToArrayBuffer=function(e){return(new TextEncoder).encode(e)},t.arrayBufferToString=function(e){return String.fromCharCode.apply(null,Array.from(new Uint8Array(e)))},t.arrayBufferToHexString=function(e){return Array.from(new Uint8Array(e),(e=>("00"+e.toString(16)).slice(-2))).join("")},t.getUnixTime=function(){return Math.floor(Date.now()/1e3)}},6105:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(3350)),s=i(r(9568)),a=i(r(8370)),c=i(r(1044)),l=i(r(6736)),u=i(r(1840)),d=i(r(7625)),h=i(r(3075)),f=i(r(8907)),g=i(r(4704)),p=r(2207);class v{constructor(e){if(this.logger=n.LoggerFactory.getLogger("report-error-step"),this._message="Unknown error",this.reportable=!0,this.name="error",e instanceof o.default){const t=e;this._message=t.message,this._code=t.code,this.nextStep=t.nextStep,this.reportable=t.reportable}else e&&(this._message=o.default.extractMessage(e));this._message||this.logger.warn("Unexpected error: "+e)}get code(){return this._code}get message(){return this._message}execute(e){let t=`Authentication step ${e.lastStep} failed`;return this._code&&(t=t+", code: "+this._code),this._message&&(t=t+", message: "+this._message),this.logger.error(t),this.nextStep===s.default.AUTH_DONE?Promise.resolve(s.default.AUTH_DONE):!this.nextStep||this.reportable?new Promise(((t,r)=>{const i=this.getKind(e.lastStep);e.fetchFromBackend(`/v1/client/${i}/error`,{code:this._code?this._code:void 0,message:this._message}).then((e=>{t(e.next)})).catch(r)})):Promise.resolve(this.nextStep)}getKind(e){return e&&v.errorKinds.get(e)||"device/passive"}}v.errorKinds=new Map([[l.default.NAME,"device/passive"],[c.default.NAME,"device/passive"],[a.default.NAME,"device/fido2"],[u.default.NAME,"device/fido2"],[d.default.NAME,"mobile/instant"],[h.default.NAME,"mobile/instantlink"],[f.default.NAME,"mobile/otp"],[g.default.NAME,"user/mobileactive"],[p.DeviceUniversalRedirectExchangeStep.NAME,"device/universal"],[p.DeviceUniversalRedirectFinishStep.NAME,"device/universal"]]),t.default=v},1770:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),n=r(8566),o=["/v1/client/stepup/unregister","/v1/client/device/unregister","/v1/client/device/passive/error","/v1/client/mobile/instant/error","/v1/client/mobile/otp/error","/v1/client/user/mobileactive","/v1/client/user/mobileactive/error"];t.default=class{constructor(e){this.log=i.LoggerFactory.getLogger("request-signer"),this.session=e}sign(e,t,r,i,n){return new Promise(((s,a)=>{this.session.getDeviceRegistration().then((c=>c&&c.deviceId?o.includes(t)?void Promise.all([this.getChallenge(c.deviceId),this.getHash(n)]).then((n=>{const o=n[0],l=n[1],u=e+"\n"+t+"\n"+r+"\n"+i+"\n"+o+"\n"+l;c.sign(u).then((e=>s({version:"3",challenge:o,signature:e,keyId:c.keyId}))).catch(a)})).catch(a):(this.log.debug("No signing needed for "+t),void s(null)):(this.log.debug("Device not registered, cannot sign"),void s(null)))).catch(a)}))}getChallenge(e){return new Promise(((t,r)=>{this.cachedChallenge&&this.cachedChallenge.receivedAt&&this.cachedChallenge.ttl&&this.cachedChallenge.deviceId===e&&this.cachedChallenge.receivedAt+this.cachedChallenge.ttl-60>(0,n.getUnixTime)()?t(this.cachedChallenge.challenge):this.session.fetchFromBackend("/v1/client/challenge",{deviceId:e}).then((e=>e)).then((e=>{var i;e.error?r(null===(i=e.error)||void 0===i?void 0:i.message):(e.receivedAt=(0,n.getUnixTime)(),this.cachedChallenge=e,t(e.challenge))})).catch(r)}))}getHash(e){return new Promise(((t,r)=>{crypto.subtle.digest("SHA-256",(0,n.stringToArrayBuffer)(e)).then((e=>t((0,n.arrayBufferToHexString)(e)))).catch(r)}))}}},1703:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(3350)),o=r(1727);class s{constructor(e){this.log=o.LoggerFactory.getLogger("scan-message-step"),this.name=s.NAME,this.authMessageHandler=e}execute(e){return new Promise(((t,r)=>{this.authMessageHandler?(e.authMessage||(this.log.warn("Auth message is missing"),e.authMessage={}),this.authMessageHandler(e.authMessage).then((i=>{e.fetchFromBackend("/v1/client/user/response",{response:i}).then((e=>{e.error?r(new n.default(e.error.message,e.error.code,e.next)):t(e.next)}))})).catch(r)):r(new n.default("Failed to process auth message, the handler was not specified"))}))}}s.NAME="scan/message",t.default=s},7370:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727);class n{constructor(e){this.log=i.LoggerFactory.getLogger("settings"),this.storage=e}reset(){this.log.trace("reset"),this.deviceId=null,this.namespace=null,this.fidoPasskeyRegistered=!1}get deviceId(){return this.storage.getItem(this.getKey(n.DEVICE_ID_KEY))}set deviceId(e){this.setOrRemove(n.DEVICE_ID_KEY,e)}get fidoPasskeyRegistered(){return"true"===this.storage.getItem(this.getKey(n.FIDO_PASSKEY_REGISTERED_KEY))}set fidoPasskeyRegistered(e){this.setOrRemove(n.FIDO_PASSKEY_REGISTERED_KEY,e?"true":null)}get namespace(){return this.storage.getItem(this.getKey(n.NAMESPACE_KEY))}set namespace(e){this.log.trace("namespace set to "+e),this.setOrRemove(n.NAMESPACE_KEY,e)}getKey(e){return`${n.KEY_PREFIX}.${e}`}setOrRemove(e,t){t?this.storage.setItem(this.getKey(e),t):this.storage.removeItem(this.getKey(e))}}n.KEY_PREFIX="ProveAuth",n.DEVICE_ID_KEY="DeviceId",n.NAMESPACE_KEY="namespace",n.FIDO_PASSKEY_REGISTERED_KEY="fidoPasskeyRegistered",t.default=n},6185:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(3350));class o{constructor(){this.name=o.NAME}execute(e){return new Promise(((e,t)=>{t(new n.default(`Step ${this.name} is not supported yet`))}))}}o.NAME="user/mobileactive",t.default=o},4704:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(3350));class o{constructor(){this.name=o.NAME}execute(e){return new Promise(((e,t)=>{t(new n.default(`Step ${this.name} is not supported yet`))}))}}o.NAME="user/present",t.default=o},4781:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.WebDeviceRegistration=void 0;const n=r(1727),o=i(r(3350)),s=r(8566);class a{constructor(e){this.deviceId=null,this.namespace=e.namespace,this.endpoint=e.endpoint,e.createdAt?(this.createdAt=e.createdAt,this.keyId=e.keyId,this.deviceId=e.deviceId,this.algorithm=e.algorithm,this.keys=e.keys):(this.keyId=crypto.randomUUID(),this.algorithm="ES256",this.createdAt=(0,s.getUnixTime)())}sign(e){return new Promise(((t,r)=>{this.initialize().then((()=>{this.keys&&crypto.subtle.sign({name:"ECDSA",hash:{name:"SHA-256"}},this.keys.privateKey,(0,s.stringToArrayBuffer)(e)).then((e=>t(btoa((0,s.arrayBufferToString)(this.p1363ToDer(e)))))).catch(r)})).catch(r)}))}getPublicKey(){return new Promise(((e,t)=>{this.initialize().then((()=>{this.keys&&crypto.subtle.exportKey("spki",this.keys.publicKey).then((t=>{const r=btoa((0,s.arrayBufferToString)(t));e("-----BEGIN PUBLIC KEY-----\n"+r+"\n-----END PUBLIC KEY-----")})).catch(t)})).catch(t)}))}getAuthRegistration(e){return new Promise(((t,r)=>{this.sign(e).then((e=>{this.getPublicKey().then((r=>{t({publicKey:{id:this.keyId,alg:this.algorithm,key:r,uvLevel:0},signature:e})})).catch(r)})).catch(r)}))}initialize(){return new Promise(((e,t)=>{this.keys?e():crypto.subtle.generateKey({name:"ECDSA",namedCurve:"P-256"},!1,["sign","verify"]).then((t=>{this.keys=t,e()})).catch(t)}))}p1363ToDer(e){const t=(0,s.arrayBufferToHexString)(e);let r=t.substring(0,t.length/2),i=t.substring(t.length/2);r=r.replace(/^(00)+/,""),i=i.replace(/^(00)+/,""),parseInt(r.charAt(0),16)>=8&&(r=`00${r}`),parseInt(i.charAt(0),16)>=8&&(i=`00${i}`);const n=`02${(r.length/2).toString(16).padStart(2,"0")}${r}`,o=`02${(i.length/2).toString(16).padStart(2,"0")}${i}`,a=`30${((n.length+o.length)/2).toString(16).padStart(2,"0")}${n}${o}`.match(/[\da-f]{2}/gi);return a?new Uint8Array(a.map((e=>parseInt(e,16)))):new Uint8Array}lenVal(e){if("string"==typeof e||e instanceof String){const t=e;return`[${t.length}]: ${t}`}{const t=e;return`[${t.byteLength}]: ${Array.from(new Uint8Array(t),(e=>e.toString(16))).join(",")}`}}}t.WebDeviceRegistration=a;class c{constructor(e){this.log=n.LoggerFactory.getLogger("web-device-auth"),this.dbFactory=e}createRegistration(e){return new Promise(((t,r)=>{t(new a(e))}))}getRegistration(e){return new Promise(((t,r)=>{const i=this.openDatabase();i.onerror=e=>{r("Failed to open registration database: "+e)},i.onsuccess=n=>{const o=i.result,s=o.transaction([c.DB_STORE],"readonly");s.oncomplete=()=>o.close();const l=s.objectStore(c.DB_STORE).get(e);l.onsuccess=()=>{l.result?t(new a(l.result)):t(null)},l.onerror=e=>{r(new Error("Failed to access registration"))}}}))}storeRegistration(e){return new Promise(((t,r)=>{const i=this.openDatabase();i.onerror=e=>{r("Failed to open registration database: "+e)},i.onsuccess=n=>{const s=i.result,a=s.transaction([c.DB_STORE],"readwrite");a.oncomplete=()=>s.close();const l=a.objectStore(c.DB_STORE);this.log.trace("Saving registration");const u=l.put(e);u.onsuccess=()=>{this.log.trace("Registration saved")},u.onerror=e=>{r(new o.default("Failed to store registration"))},t()}}))}deleteRegistration(e){return new Promise(((t,r)=>{var i=this.openDatabase();i.onerror=e=>{r("Failed to open registration database: "+e)},i.onsuccess=n=>{var o=i.result,s=o.transaction([c.DB_STORE],"readwrite");if(s.oncomplete=()=>o.close(),!o.objectStoreNames.contains(c.DB_STORE))return this.log.debug("Registration not found, store is missing"),void t();var a=s.objectStore(c.DB_STORE).delete(e);a.onsuccess=()=>{t()},a.onerror=e=>{r(new Error("Failed to delete registration"))}}}))}reset(){return new Promise(((e,t)=>{var r=this.dbFactory.deleteDatabase(c.DB_NAME);r.onsuccess=t=>{e()},r.onerror=t=>{this.log.warn("Failed to delete registration database: "+t),e()}}))}openDatabase(){const e=this.dbFactory.open(c.DB_NAME,c.DB_VERSION);return e.onupgradeneeded=t=>{const r=e.result;this.log.debug("Registration not found, database is missing, initializing"),r.createObjectStore(c.DB_STORE,{keyPath:"namespace"}).transaction.oncomplete=e=>{this.log.trace("Store initialization completed")}},e}}c.DB_VERSION=1,c.DB_NAME="ProveAuth",c.DB_STORE="Registrations",t.default=c},1092:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.WebPlatform=t.WebSocketMessageChannel=void 0;const n=r(8266),o=r(8566),s=i(r(1770)),a=i(r(4781));class c{constructor(e){this.webSocket=new WebSocket(e)}addEventListener(e,t){this.webSocket.addEventListener(e,t)}send(e){this.webSocket.send(e)}close(){this.webSocket.close()}}t.WebSocketMessageChannel=c,t.WebPlatform=class{constructor(){this.webauthn={getCredentials:e=>navigator.credentials.get(e),createCredentials:e=>navigator.credentials.create(e)},this.deviceAuth=new a.default(window.indexedDB)}getPlatformName(){return`${this.getBrowserName()} ${this.getBrowserVersion()} on ${this.getOSName()}`}getUserAgent(){return navigator.userAgent}isFidoSupported(){return null!=window.PublicKeyCredential}fetch(e,t){return fetch(e,t)}createMessageChannel(e){return new c(e)}createRequestSigner(e){return new s.default(e)}getBrowserName(){const e=navigator.userAgent;let t;return t=e.indexOf("Firefox")>-1?"Firefox":e.indexOf("Opera")>-1||e.indexOf("OPR")>-1?"Opera":e.indexOf("DuckDuckGo")>-1?"DuckDuckGo":e.indexOf("SamsungBrowser")>-1?"Samsung Browser":e.indexOf("Trident")>-1?"Internet Explorer":e.indexOf("Edge")>-1?"Edge":e.indexOf("Chrome")>-1?"Chrome":e.indexOf("Safari")>-1?"Safari":"Unknown",t}getBrowserVersion(){const e=navigator.userAgent.match(/(?:Firefox|Opera|OPR|SamsungBrowser|DuckDuckGo|Internet Explorer|Edge|Chrome|Safari)[\/|\s](\d+(\.\d+)?)/i);return e?e[1]:"Unknown"}getOSName(){const e=navigator.platform,t=navigator.userAgent;let r;if(/Win/i.test(e)){r="Windows";const e=t.match(/Win(?:dows )?NT (\d+\.\d+)/i);if(e){const t=parseFloat(e[1]);r+=11===t?" 11":10===t?" 10":6.3===t?" 8.1":6.2===t?" 8":6.1===t?" 7":6===t?" Vista":5.1===t||5.2===t?" XP":" (Unknown Version)"}}else if(e.match(/Mac/i)){r="Mac OS";const e=t.match(/Mac OS X (\d+[_.]\d+([_.]\d+)?)/i);e&&(r+=" "+e[1].replace(/_/g,"."))}else r=t.match(/Android/i)?"Android":t.match(/iOS|iPhone|iPad|iPod/i)?"iOS":e.match(/Linux/i)?"Linux":"Unknown";return r}getDeviceCapabilities(){return this.isFidoSupported()?[o.DEVICE_CAPABILITY_WEBAUTHN]:[]}getMobileAuthBuilder(){return new n.AuthenticatorBuilder}exit(e){}urlRedirect(e){window.location.replace(e)}}},8864:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.OtpFinishResultType=t.OtpError=void 0;const n=i(r(3350));class o extends n.default{constructor(e,t){super(e,t)}}var s;t.OtpError=o,(s=t.OtpFinishResultType||(t.OtpFinishResultType={}))[s.OnSuccess=0]="OnSuccess",s[s.OnResendOtp=1]="OnResendOtp"},6462:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.USER_AGENT_VERSIONS=t.API_CONTRACT_VERSION=t.VERSION=void 0,t.VERSION="2.4.5",t.API_CONTRACT_VERSION="2.7.0",t.USER_AGENT_VERSIONS=`ProveAuth/${t.VERSION} Contract/${t.API_CONTRACT_VERSION} WEB/1`}},t={};return function r(i){var n=t[i];if(void 0!==n)return n.exports;var o=t[i]={exports:{}};return e[i].call(o.exports,o,o.exports,r),o.exports}(3607)})()));