@prove-identity/prove-auth 2.9.1 → 2.10.0

package/build/bundle/release/prove-auth.js

@@ -1 +1 @@
-!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.proveAuth=t():e.proveAuth=t()}(self,(()=>(()=>{"use strict";var e={6616:(e,t,r)=>{r.r(t),r.d(t,{ERROR_API_KEY_EXPIRED:()=>w,ERROR_API_KEY_INVALID:()=>R,ERROR_API_KEY_MISSING:()=>E,ERROR_BAD_REQUEST_FORMAT:()=>O,ERROR_BAD_RESPONSE_FORMAT:()=>l,ERROR_CLIENT_TIMEOUT:()=>s,ERROR_CSP_BLOCK:()=>u,ERROR_FORBIDDEN_ENDPOINT:()=>_,ERROR_FORBIDDEN_HEADER:()=>I,ERROR_FORBIDDEN_ORIGIN:()=>y,ERROR_GENERAL_SERVER_FAILURE:()=>A,ERROR_INSTALLATION_METHOD_RESTRICTED:()=>v,ERROR_INTEGRATION_FAILURE:()=>m,ERROR_INVALID_ENDPOINT:()=>d,ERROR_NETWORK_ABORT:()=>c,ERROR_NETWORK_CONNECTION:()=>a,ERROR_RATE_LIMIT:()=>b,ERROR_SCRIPT_LOAD_FAIL:()=>C,ERROR_SERVER_TIMEOUT:()=>S,ERROR_SUBSCRIPTION_NOT_ACTIVE:()=>g,ERROR_TOKEN_EXPIRED:()=>N,ERROR_TOKEN_INVALID:()=>D,ERROR_TOKEN_MISSING:()=>P,ERROR_UNSUPPORTED_VERSION:()=>p,ERROR_WRONG_REGION:()=>f,default:()=>j,defaultEndpoint:()=>n,defaultScriptUrlPattern:()=>F,defaultTlsEndpoint:()=>o,load:()=>x});var i=function(){return i=Object.assign||function(e){for(var t,r=1,i=arguments.length;r<i;r++)for(var n in t=arguments[r])Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n]);return e},i.apply(this,arguments)};Object.create,Object.create,"function"==typeof SuppressedError&&SuppressedError;var n={default:"endpoint"},o={default:"tlsEndpoint"},s="Client timeout",a="Network connection error",c="Network request aborted",l="Response cannot be parsed",u="Blocked by CSP",d="The endpoint parameter is not a valid URL";function h(e){for(var t="",r=0;r<e.length;++r)if(r>0){var i=e[r].toLowerCase();i!==e[r]?t+=" ".concat(i):t+=e[r]}else t+=e[r].toUpperCase();return t}var f=h("WrongRegion"),g=h("SubscriptionNotActive"),p=h("UnsupportedVersion"),v=h("InstallationMethodRestricted"),_=h("HostnameRestricted"),m=h("IntegrationFailed"),E="API key required",R="API key not found",w="API key expired",O="Request cannot be parsed",A="Request failed",S="Request failed to process",b="Too many requests, rate limit exceeded",y="Not available for this origin",I="Not available with restricted header",P=E,D=R,N=w,T="3.11.0",C="Failed to load the JS script of the agent",L="9319";function M(e,t){var r,i,n,o,s=[],a=(r=function(e){var t=function(e,t,r){if(r||2===arguments.length)for(var i,n=0,o=t.length;n<o;n++)!i&&n in t||(i||(i=Array.prototype.slice.call(t,0,n)),i[n]=t[n]);return e.concat(i||Array.prototype.slice.call(t))}([],e,!0);return{current:function(){return t[0]},postpone:function(){var e=t.shift();void 0!==e&&t.push(e)},exclude:function(){t.shift()}}}(e),o=0,i=function(){return Math.random()*Math.min(3e3,100*Math.pow(2,o++))},n=new Set,[r.current(),function(e,t){var o,s=t instanceof Error?t.message:"";if(s===u||s===d)r.exclude(),o=0;else if(s===L)r.exclude();else if(s===C){var a=Date.now()-e.getTime()<50,c=r.current();c&&a&&!n.has(c)&&(n.add(c),o=0),r.postpone()}else r.postpone();var l=r.current();return void 0===l?void 0:[l,null!=o?o:e.getTime()+i()-Date.now()]}]),c=a[0],l=a[1];if(void 0===c)return Promise.reject(new TypeError("The list of script URL patterns is empty"));var h=function(e){var r=new Date,i=function(t){return s.push({url:e,startedAt:r,finishedAt:new Date,error:t})},n=t(e);return n.then((function(){return i()}),i),n.catch((function(e){if(s.length>=5)throw e;var t=l(r,e);if(!t)throw e;var i,n=t[0],o=t[1];return(i=o,new Promise((function(e){return setTimeout(e,i)}))).then((function(){return h(n)}))}))};return h(c).then((function(e){return[e,s]}))}var U="https://fpnpmcdn.net/v<version>/<apiKey>/loader_v<loaderVersion>.js",F=U;function x(e){var t;e.scriptUrlPattern;var r=e.token,n=e.apiKey,o=void 0===n?r:n,s=function(e,t){var r={};for(var i in e)Object.prototype.hasOwnProperty.call(e,i)&&t.indexOf(i)<0&&(r[i]=e[i]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var n=0;for(i=Object.getOwnPropertySymbols(e);n<i.length;n++)t.indexOf(i[n])<0&&Object.prototype.propertyIsEnumerable.call(e,i[n])&&(r[i[n]]=e[i[n]])}return r}(e,["scriptUrlPattern","token","apiKey"]),a=null!==(t=function(e,t){return function(e,t){return Object.prototype.hasOwnProperty.call(e,t)}(e,t)?e[t]:void 0}(e,"scriptUrlPattern"))&&void 0!==t?t:U,c=function(){var e=[],t=function(){e.push({time:new Date,state:document.visibilityState})},r=function(e,t,r,i){return e.addEventListener(t,r,i),function(){return e.removeEventListener(t,r,i)}}(document,"visibilitychange",t);return t(),[e,r]}(),l=c[0],u=c[1];return Promise.resolve().then((function(){if(!o||"string"!=typeof o)throw new Error(E);return M(function(e,t){return(Array.isArray(e)?e:[e]).map((function(e){return function(e,t){var r=encodeURIComponent;return e.replace(/<[^<>]+>/g,(function(e){return"<version>"===e?"3":"<apiKey>"===e?r(t):"<loaderVersion>"===e?r(T):e}))}(String(e),t)}))}(a,o),k)})).catch((function(e){throw u(),function(e){return e instanceof Error&&e.message===L?new Error(C):e}(e)})).then((function(e){var t=e[0],r=e[1];return u(),t.load(i(i({},s),{ldi:{attempts:r,visibilityStates:l}}))}))}function k(e){return function(e,t,r,i){var n,o=document,s="securitypolicyviolation",a=function(t){var r=new URL(e,location.href),i=t.blockedURI;i!==r.href&&i!==r.protocol.slice(0,-1)&&i!==r.origin||(n=t,c())};o.addEventListener(s,a);var c=function(){return o.removeEventListener(s,a)};return Promise.resolve().then(t).then((function(e){return c(),e}),(function(e){return new Promise((function(e){var t=new MessageChannel;t.port1.onmessage=function(){return e()},t.port2.postMessage(null)})).then((function(){if(c(),n)return function(){throw new Error(u)}();throw e}))}))}(e,(function(){return function(e){return new Promise((function(t,r){if(function(e){if(URL.prototype)try{return new URL(e,location.href),!1}catch(e){if(e instanceof Error&&"TypeError"===e.name)return!0;throw e}}(e))throw new Error(d);var i=document.createElement("script"),n=function(){var e;return null===(e=i.parentNode)||void 0===e?void 0:e.removeChild(i)},o=document.head||document.getElementsByTagName("head")[0];i.onload=function(){n(),t()},i.onerror=function(){n(),r(new Error(C))},i.async=!0,i.src=e,o.appendChild(i)}))}(e)})).then(B)}function B(){var e=window,t="__fpjs_p_l_b",r=e[t];if(function(e,t){var r,i=null===(r=Object.getOwnPropertyDescriptor)||void 0===r?void 0:r.call(Object,e,t);(null==i?void 0:i.configurable)?delete e[t]:i&&!i.writable||(e[t]=void 0)}(e,t),"function"!=typeof(null==r?void 0:r.load))throw new Error(L);return r}var j={load:x,defaultScriptUrlPattern:U,ERROR_SCRIPT_LOAD_FAIL:C,ERROR_API_KEY_EXPIRED:w,ERROR_API_KEY_INVALID:R,ERROR_API_KEY_MISSING:E,ERROR_BAD_REQUEST_FORMAT:O,ERROR_BAD_RESPONSE_FORMAT:l,ERROR_CLIENT_TIMEOUT:s,ERROR_CSP_BLOCK:u,ERROR_FORBIDDEN_ENDPOINT:_,ERROR_FORBIDDEN_HEADER:I,ERROR_FORBIDDEN_ORIGIN:y,ERROR_GENERAL_SERVER_FAILURE:A,ERROR_INSTALLATION_METHOD_RESTRICTED:v,ERROR_INTEGRATION_FAILURE:m,ERROR_INVALID_ENDPOINT:d,ERROR_NETWORK_ABORT:c,ERROR_NETWORK_CONNECTION:a,ERROR_RATE_LIMIT:b,ERROR_SERVER_TIMEOUT:S,ERROR_SUBSCRIPTION_NOT_ACTIVE:g,ERROR_TOKEN_EXPIRED:w,ERROR_TOKEN_INVALID:R,ERROR_TOKEN_MISSING:E,ERROR_UNSUPPORTED_VERSION:p,ERROR_WRONG_REGION:f,defaultEndpoint:n,defaultTlsEndpoint:o}},2715:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.LoggerFactory=t.LogLevel=void 0,function(e){e[e.disabled=0]="disabled",e[e.error=1]="error",e[e.warn=2]="warn",e[e.info=3]="info",e[e.debug=4]="debug",e[e.trace=5]="trace"}(r=t.LogLevel||(t.LogLevel={}));class i{static setLogLevel(e){i.logLevel=e}static setLogWriter(e){i.logWriter=e}static getLogger(e){return{trace:(...e)=>{i.logLevel>=r.trace&&i.logWriter.write(r.trace,...e)},debug:(...e)=>{i.logLevel>=r.debug&&i.logWriter.write(r.debug,...e)},info:(...e)=>{i.logLevel>=r.info&&i.logWriter.write(r.info,...e)},warn:(...e)=>{i.logLevel>=r.warn&&i.logWriter.write(r.warn,...e)},error:(...e)=>{i.logLevel>=r.error&&i.logWriter.write(r.error,...e)}}}}i.logWriter=new class{write(e,...t){switch(e){case r.trace:case r.debug:console.debug(...t);break;case r.info:console.info(...t);break;case r.warn:console.warn(...t);break;case r.error:console.error(...t)}}},i.logLevel=r.info,t.LoggerFactory=i},8266:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.LogLevel=t.LoggerFactory=t.DeviceDescriptor=t.StepCode=t.ErrorCode=t.AuthenticatorBuilder=t.VERSION_CODE=t.VERSION_NAME=void 0;const n=r(9843);Object.defineProperty(t,"VERSION_NAME",{enumerable:!0,get:function(){return n.VERSION_NAME}}),Object.defineProperty(t,"VERSION_CODE",{enumerable:!0,get:function(){return n.VERSION_CODE}});const o=i(r(7460));t.AuthenticatorBuilder=o.default;const s=r(6639);Object.defineProperty(t,"ErrorCode",{enumerable:!0,get:function(){return s.ErrorCode}});const a=r(2400);Object.defineProperty(t,"StepCode",{enumerable:!0,get:function(){return a.StepCode}});const c=i(r(79));t.DeviceDescriptor=c.default;const l=r(2715);Object.defineProperty(t,"LoggerFactory",{enumerable:!0,get:function(){return l.LoggerFactory}}),Object.defineProperty(t,"LogLevel",{enumerable:!0,get:function(){return l.LogLevel}})},7460:function(e,t,r){var i=this&&this.__createBinding||(Object.create?function(e,t,r,i){void 0===i&&(i=r);var n=Object.getOwnPropertyDescriptor(t,r);n&&!("get"in n?!t.__esModule:n.writable||n.configurable)||(n={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,i,n)}:function(e,t,r,i){void 0===i&&(i=r),e[i]=t[r]}),n=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t}),o=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var r in e)"default"!==r&&Object.prototype.hasOwnProperty.call(e,r)&&i(t,e,r);return n(t,e),t},s=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const a=s(r(3060)),c=s(r(7834)),l=s(r(7747)),u=s(r(5386)),d=s(r(689)),h=s(r(4670)),f=o(r(9134));function g(e){return"function"==typeof e?{execute:t=>e(t)}:e}t.default=class{constructor(e){this._deviceIpDetection=!1,this._timeout=0,this._config=e||new a.default}withStartStep(e){return this._startStep=g(e),this}withFinishStep(e){return this._finishStep=g(e),this}withPixelImplementation(){return this._authStep=void 0,this}withFetchImplementation(){return this._authStep=new l.default,this}withPassiveImplementation(){return this._authStep=new h.default,this}withDeviceIpDetection(e=!0){return this._deviceIpDetection=e,this}withTimeout(e){return this._timeout=e,this}build(){let e=this._authStep;const t=this._startStep;let r=this._finishStep;e||(e=new f.default,r=new f.PixelFinishStep);const i=this._deviceIpDetection?new u.default:new d.default;if(!t)throw new Error("Start step is required");if(!r)throw new Error("Finish step is required");return new c.default(i,t,e,r,this._timeout)}}},6639:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.ErrorCode=void 0,(r=t.ErrorCode||(t.ErrorCode={}))[r.GENERIC_UNKNOWN_REASON=0]="GENERIC_UNKNOWN_REASON",r[r.GENERIC_TIMEOUT=1]="GENERIC_TIMEOUT",r[r.GENERIC_INVALID_STATE=2]="GENERIC_INVALID_STATE",r[r.GENERIC_COMMUNICATION_ERROR=3]="GENERIC_COMMUNICATION_ERROR",r[r.PRE_CHECK_AIRPLANE_MODE_ENABLED=17]="PRE_CHECK_AIRPLANE_MODE_ENABLED",r[r.PRE_CHECK_NO_CELLULAR_RADIO=18]="PRE_CHECK_NO_CELLULAR_RADIO",r[r.PRE_CHECK_NO_CELLULAR_CONNECTION=19]="PRE_CHECK_NO_CELLULAR_CONNECTION",r[r.PRE_CHECK_WIFI_CALLING_ENABLED=20]="PRE_CHECK_WIFI_CALLING_ENABLED",r[r.PRE_CHECK_WIFI_CANNOT_BE_OVERRIDDEN=21]="PRE_CHECK_WIFI_CANNOT_BE_OVERRIDDEN",r[r.AUTH_MALFORMED_INPUT_DATA=65]="AUTH_MALFORMED_INPUT_DATA",r[r.AUTH_BAD_CREDENTIALS=66]="AUTH_BAD_CREDENTIALS",r[r.AUTH_VFP_KEY_EXPIRED=67]="AUTH_VFP_KEY_EXPIRED",r[r.AUTH_INVALID_RESPONSE=68]="AUTH_INVALID_RESPONSE"},6902:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r extends Error{constructor(e,...t){super(...t),this.errorCode=e,Error.captureStackTrace&&Error.captureStackTrace(this,r),this.name="AuthLocalError",this.errorCode=e}}t.default=r},7747:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=n(r(8498)),s=n(r(5112)),a=n(r(5030)),c=r(2715),l=r(6458);t.default=class{constructor(){this.logger=c.LoggerFactory.getLogger("fetch-authentication-step")}execute(e){return i(this,void 0,void 0,(function*(){this.logger.info("use fetch");const t=(0,l.toURL)(e.authUrl);let r;return t.searchParams.get("testVfp")?(this.logger.info("test flow detected"),r=a.default.create(t)):"2"===t.searchParams.get("pfflow")?(this.logger.info("flow v2 detected"),r=s.default.create(t)):(this.logger.info("flow v1 detected"),r=o.default.create(t)),{vfp:yield r.handle()}}))}}},5030:function(e,t){var r=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:!0});class i{static create(e){var t,r,n;const o=null!==(r=parseInt(null!==(t=e.searchParams.get("delay"))&&void 0!==t?t:"0"))&&void 0!==r?r:0,s=null!==(n=e.searchParams.get("testVfp"))&&void 0!==n?n:"";return new i(s,o)}constructor(e,t){this.testVfp=e,this.delay=t}handle(){return r(this,void 0,void 0,(function*(){return new Promise((e=>{setTimeout((()=>e(this.testVfp)),this.delay)}))}))}}t.default=i},6458:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.RawURL=t.Base64=t.fetchAuth=t.handleHttpError=t.toURL=void 0;const o=r(2715),s=r(6639),a=r(9843),c=n(r(6902));t.toURL=function(e){try{return new l(e)}catch(t){throw new c.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Malformed url "+e)}},t.handleHttpError=function(e){return i(this,void 0,void 0,(function*(){const t=e.status;switch(t){case 404:throw new c.default(s.ErrorCode.AUTH_BAD_CREDENTIALS);case 410:throw new c.default(s.ErrorCode.AUTH_VFP_KEY_EXPIRED);default:let r;try{r=(yield e.json()).error}catch(e){}throw new c.default(s.ErrorCode.AUTH_INVALID_RESPONSE,r||`http error (${e.statusText} , code = ${t})`)}}))},t.fetchAuth=function(e,t){var r;const i=o.LoggerFactory.getLogger("http-client"),n=null!=t?t:{},l=null!==(r=n.method)&&void 0!==r?r:"GET";if(i.debug(`${l} ${e} ${e.protocol}`),"http:"===e.protocol)throw new c.default(s.ErrorCode.GENERIC_INVALID_STATE,`Web SDK cannot make http request [${e}]`);const u={};let d;return e.searchParams.set("sdkVersion",a.VERSION_NAME),"object"==typeof n.body&&(u["Content-Type"]="application/json",d=JSON.stringify(n.body)),d&&i.debug(`request body: ${d}`),fetch(e.toString(),{method:l,mode:"cors",headers:u,body:d}).then((e=>(i.debug(`${e.status} ${e.statusText}`),e)))},t.Base64=new class{constructor(){this.PADCHAR="=",this.ALPHA="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"}getByte(e,t){return e.charCodeAt(t)}getByte64(e,t){return this.ALPHA.indexOf(e.charAt(t))}_decode(e){let t,r,i=0,n=e.length,o=[];if(e=String(e),0===n)return e;for(e.charAt(n-1)===this.PADCHAR&&(i=1,e.charAt(n-2)===this.PADCHAR&&(i=2),n-=4),t=0;t<n;t+=4)r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12|this.getByte64(e,t+2)<<6|this.getByte64(e,t+3),o.push(String.fromCharCode(r>>16,r>>8&255,255&r));switch(i){case 1:r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12|this.getByte64(e,t+2)<<6,o.push(String.fromCharCode(r>>16,r>>8&255));break;case 2:r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12,o.push(String.fromCharCode(r>>16))}return o.join("")}_encode(e){let t,r,i=[],n=(e=String(e)).length-e.length%3;if(0===e.length)return e;for(t=0;t<n;t+=3)r=this.getByte(e,t)<<16|this.getByte(e,t+1)<<8|this.getByte(e,t+2),i.push(this.ALPHA.charAt(r>>18)),i.push(this.ALPHA.charAt(r>>12&63)),i.push(this.ALPHA.charAt(r>>6&63)),i.push(this.ALPHA.charAt(63&r));switch(e.length-n){case 1:r=this.getByte(e,t)<<16,i.push(this.ALPHA.charAt(r>>18)+this.ALPHA.charAt(r>>12&63)+this.PADCHAR+this.PADCHAR);break;case 2:r=this.getByte(e,t)<<16|this.getByte(e,t+1)<<8,i.push(this.ALPHA.charAt(r>>18)+this.ALPHA.charAt(r>>12&63)+this.ALPHA.charAt(r>>6&63)+this.PADCHAR)}return i.join("")}decode(e,t=!0){return e=t?e.replace(".","+").replace("_","/").replace("-","="):e,this._decode(e)}encode(e,t=!0){const r=this._encode(e);return t?r.replace("+",".").replace("/","_").replace("=","-"):r}};class l{constructor(e){this.url=e,this.params=[],this.searchParams={get:e=>this._get(e),getAll:e=>this._getAll(e),set:(e,t,r=!1)=>this._set(e,t,r)};const t=new URL(e);this.protocol=t.protocol;for(const e of t.searchParams.keys())this.params.push({key:e,values:t.searchParams.getAll(e),encode:!1})}_set(e,t,r=!1){const i=this.params.findIndex((t=>t.key===e));-1===i?this.params.push({key:e,values:[t],encode:r}):this.params.splice(i,1,{key:e,values:[t],encode:r})}_get(e){const t=this._getAll(e);return t?t[0]:void 0}_getAll(e){var t;return null===(t=this.params.find((t=>t.key===e)))||void 0===t?void 0:t.values}toString(){function e(e,t){return t?encodeURIComponent(e):null==e?void 0:e.replace(/\?/g,"%3F").replace(/\&/g,"%26")}const t=this.url.indexOf("?");let r=-1==t?this.url:this.url.slice(0,t),i=[];for(const t of this.params)for(const r of t.values)i.push(`${e(t.key,t.encode)}=${e(r,t.encode)}`);return i.length&&(r+="?"+i.join("&")),r}}t.RawURL=l},8498:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=n(r(6902)),a=r(6639),c=r(6458);class l{static create(e){return e.searchParams.set("r","f"),new l(e)}constructor(e){this.url=e,this.logger=o.LoggerFactory.getLogger("flow-v1")}handle(){var e,t;return i(this,void 0,void 0,(function*(){let r;const i=this.url.searchParams.get("vfp");let n=this.url;for(this.logger.debug(`current vfp ${i}`);;){try{r=yield(0,c.fetchAuth)(n,{})}catch(e){throw new s.default(a.ErrorCode.GENERIC_COMMUNICATION_ERROR,e.message)}if(console.log(r.url),r.status>=300&&r.status<400){const o=new c.RawURL(null!==(e=r.headers.get("Location"))&&void 0!==e?e:"");this.logger.debug(`redirect to ${o}`);const s=null!==(t=o.searchParams.get("vfp"))&&void 0!==t?t:o.searchParams.get("token");if(s&&s!==i)return this.logger.debug(`vfp changed to ${s}`),s;n=o}else{if(r.status>=200&&r.status<300){let e;try{e=yield r.json()}catch(e){throw new s.default(a.ErrorCode.AUTH_INVALID_RESPONSE,e.message)}this.logger.debug("got json response",e);const t=this.getVfpFromJson(e);if(!t)throw new s.default(a.ErrorCode.AUTH_INVALID_RESPONSE,`Received unknown payload: ${JSON.stringify(e)}`);return t}yield(0,c.handleHttpError)(r)}}}))}getVfpFromJson(e){const t=e.vfp;if(t)return t;const r=e.token,i=e.correlation_id;if(r)return i?i+"..."+r:r;const n=e.reconcilation_token;return n?i?i+"..."+n:n:void 0}}t.default=l},5112:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=r(6639),a=n(r(6902)),c=r(6458);class l{static create(e){var t;const r=e.searchParams.get("data");if(!r)throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing in url");let i,n,o,u;try{const e=c.Base64.decode(r);console.log("decoded",e),i=JSON.parse(e)}catch(e){throw console.error(e),new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - cannot parse as json")}try{n=new c.RawURL(null!==(t=i.url)&&void 0!==t?t:"")}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing/invalid url field")}try{o=i.vfp}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing vfp field")}try{u=i.data}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing data field")}return new l(n,o,u,i["att-1004"])}constructor(e,t,r,i){this.url=e,this.vfp=t,this.data=r,this.att1004=i,this.logger=o.LoggerFactory.getLogger("flow-v2")}handle(){var e;return i(this,void 0,void 0,(function*(){let t=!1,r=JSON.parse(JSON.stringify(this.data));for(;;){let i;try{i=yield(0,c.fetchAuth)(this.url,{method:"POST",body:r})}catch(e){throw new a.default(s.ErrorCode.GENERIC_COMMUNICATION_ERROR,e.message)}if(i.status>=200&&i.status<300){const n=yield i.text();if(this.logger.trace(`att response body: ${n}`),!t)try{if(1004===JSON.parse(n).status){const i=null!==(e=this.att1004)&&void 0!==e?e:["application-id"];if(i){t=!0,this.logger.debug(`flow v2.5 detected, use application-id: ${i}`),r.put("application-id",i);continue}this.logger.debug("missing att1004.application-id, continue flow v2")}}catch(e){}const o=c.Base64.encode(n);return`${this.vfp}___${o}${t?"___R2":""}`}if(i.status>=300&&i.status<400)throw new a.default(s.ErrorCode.AUTH_INVALID_RESPONSE,"Unexpected redirect in flow v2");yield(0,c.handleHttpError)(i)}}))}}t.default=l},4670:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=n(r(5030)),s=r(2715),a=r(6458),c=r(9843);t.default=class{constructor(){this.logger=s.LoggerFactory.getLogger("passive-authentication-step")}execute(e){return i(this,void 0,void 0,(function*(){this.logger.info("use passive");const t=(0,a.toURL)(e.authUrl);let r;if(t.searchParams.get("testVfp"))this.logger.info("test flow detected"),r=o.default.create(t);else{if("2"===t.searchParams.get("pfflow"))throw new Error("flow v2 detected but not supported by passive auth implementation");this.logger.info("flow v1 detected"),r=new l(t)}return{vfp:yield r.handle()}}))}};class l{constructor(e){this.url=e,this.logger=s.LoggerFactory.getLogger("passive-flow-v1")}handle(){return i(this,void 0,void 0,(function*(){return new Promise(((e,t)=>{const r="_proveAuthResponse";this.url.searchParams.set("jsonp","true"),this.url.searchParams.set("sdkVersion",c.VERSION_NAME);const i=window;this.logger.trace("install global callback"),i[r]=r=>{if(o)return;s();const i=r?this.getVfpFromJson(r):void 0;i?e(i):t(new Error(r?"script loaded but vfp not defined":"script loaded but callback not trigerred"))};const n=document.createElement("script");let o=!1;const s=()=>{this.logger.trace("cleanup global callback"),o=!0,i[r]=void 0,document.body.removeChild(n)};n.onload=()=>{this.logger.trace("script loaded"),setTimeout((()=>{o||(s(),t(new Error("script loaded, but not executed")))}),1e3)},n.onerror=()=>{this.logger.trace("script load error"),o||(s(),t(new Error("script load error")))},document.body.appendChild(n),n.src=this.url.toString()}))}))}getVfpFromJson(e){const t=e.vfp;if(t)return t;const r=e.token,i=e.correlation_id;if(r)return i?i+"..."+r:r;const n=e.reconcilation_token;return n?i?i+"..."+n:n:void 0}}},9134:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.PixelFinishStep=void 0;const o=n(r(5030)),s=r(2715),a=r(6458),c=r(9843);t.default=class{constructor(){this.logger=s.LoggerFactory.getLogger("pixel-authentication-step")}execute(e){return i(this,void 0,void 0,(function*(){this.logger.info("use pixel");const t=(0,a.toURL)(e.authUrl);let r;if(t.searchParams.get("testVfp"))this.logger.info("test flow detected"),r=o.default.create(t);else{if("2"===t.searchParams.get("pfflow"))throw new Error("flow v2 detected but not supported by pixel auth implementation");this.logger.info("flow v1 detected"),r=new l(t)}return{vfp:yield r.handle()}}))}};class l{constructor(e){this.url=e,this.logger=s.LoggerFactory.getLogger("pixel-flow-v1")}handle(){return i(this,void 0,void 0,(function*(){return new Promise(((e,t)=>{this.url.searchParams.set("sdkVersion",c.VERSION_NAME);const r=document.createElement("img");r.onload=()=>{this.logger.trace("pixel loaded"),e("")},r.onerror=()=>{this.logger.trace("pixel load error"),t(new Error("pixel load error"))},r.src=this.url.toString()}))}))}}t.PixelFinishStep=class{execute(e){return Promise.resolve(void 0)}}},7834:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=r(2400),a=n(r(4517)),c=r(6639);class l{constructor(e){this._providedDeviceDescriptor=e}get providedDeviceDescriptor(){return this._providedDeviceDescriptor}get deviceDescriptor(){return this._deviceDescriptor}get authUrl(){return this._authUrl}get vfp(){return this._vfp}}class u{constructor(){this.currentStep=s.StepCode.PRE_CHECK,this.timedOut=!1}}t.default=class{constructor(e,t,r,i,n=0){this.deviceDescriptorStep=e,this.startStep=t,this.authenticationStep=r,this.finishStep=i,this.timeout=n,this.logger=o.LoggerFactory.getLogger("auth")}executeStep(e,t,r,n){var o;return i(this,void 0,void 0,(function*(){if(e.timedOut)throw new Error("timeout");try{e.currentStep=t,this.logger.debug(`execute step ${s.StepCode[t]}`);let i=yield r.execute(n);return this.logger.debug(`executed step ${s.StepCode[t]}`),i}catch(e){const r=null!==(o=e.errorCode)&&void 0!==o?o:c.ErrorCode.GENERIC_UNKNOWN_REASON;throw new a.default(t,r,e.message)}}))}authenticate(e){return new Promise(((t,r)=>{const i=new u;let n;this.timeout>0&&(n=setTimeout((()=>{i.timedOut=!0,r(new a.default(i.currentStep,c.ErrorCode.GENERIC_TIMEOUT,`authenticator timeout after ${this.timeout}ms`))}),this.timeout)),this.executeAuth(i,e).then((e=>{i.timedOut||(clearTimeout(n),t(e))}),(e=>{i.timedOut||(clearTimeout(n),r(e))}))}))}executeAuth(e,t){return i(this,void 0,void 0,(function*(){const r=new l(t);r._deviceDescriptor=(yield this.executeStep(e,s.StepCode.DEVICE_DESCRIPTOR,this.deviceDescriptorStep,r)).deviceDescriptor,this.logger.info(`deviceDescriptor=${r.deviceDescriptor}`),r._authUrl=(yield this.executeStep(e,s.StepCode.START,this.startStep,r)).authUrl,this.logger.info(`authUrl=${r.authUrl}`),r._vfp=(yield this.executeStep(e,s.StepCode.AUTHENTICATION,this.authenticationStep,r)).vfp,this.logger.info(`vfp=${r.vfp}`);const i=yield this.executeStep(e,s.StepCode.FINISH,this.finishStep,r);return this.logger.info("result",i),i}))}}},5386:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(6639),s=n(r(79)),a=n(r(6902));t.default=class{constructor(e){this.ipQueryUrl=null!=e?e:"https://device.payfone.com:4443/whatismyipaddress"}execute(e){return i(this,void 0,void 0,(function*(){if(e.providedDeviceDescriptor)return{deviceDescriptor:e.providedDeviceDescriptor};const t=yield fetch("https://device.payfone.com:4443/whatismyipaddress");if(t.ok)return{deviceDescriptor:new s.default(yield t.text())};throw new a.default(o.ErrorCode.GENERIC_COMMUNICATION_ERROR,`ip api response=${t.status}`)}))}}},689:function(e,t,r){var i=this&&this.__awaiter||function(e,t,r,i){return new(r||(r=Promise))((function(n,o){function s(e){try{c(i.next(e))}catch(e){o(e)}}function a(e){try{c(i.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?n(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((i=i.apply(e,t||[])).next())}))},n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=n(r(79));t.default=class{execute(e){var t;return i(this,void 0,void 0,(function*(){return{deviceDescriptor:null!==(t=e.providedDeviceDescriptor)&&void 0!==t?t:new o.default}}))}}},3060:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=class{}},4517:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const i=r(6639),n=r(2400);class o extends Error{constructor(e,t,r){super(`${r} (stepCode=${n.StepCode[e]}, errorCode=${i.ErrorCode[t]})`),this.stepCode=e,this.errorCode=t,Error.captureStackTrace&&Error.captureStackTrace(this,o),this.name="AuthProcessError",this.stepCode=e}}t.default=o},79:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{static ip(e){return new r(e)}constructor(e,t,r){this.ip=e,this.mno=t,this.phoneNumber=r}toString(){return`ip=[${this.ip}] mno=[${this.mno}] phoneNumber=[${this.phoneNumber}]`}}t.default=r},2400:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.StepCode=void 0,(r=t.StepCode||(t.StepCode={}))[r.PRE_CHECK=16]="PRE_CHECK",r[r.DEVICE_DESCRIPTOR=32]="DEVICE_DESCRIPTOR",r[r.START=48]="START",r[r.AUTHENTICATION=64]="AUTHENTICATION",r[r.FINISH=80]="FINISH"},9843:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.VERSION_CODE=t.VERSION_NAME=void 0,t.VERSION_NAME="3.0.0",t.VERSION_CODE=3e4},3607:function(e,t,r){var i=this&&this.__createBinding||(Object.create?function(e,t,r,i){void 0===i&&(i=r);var n=Object.getOwnPropertyDescriptor(t,r);n&&!("get"in n?!t.__esModule:n.writable||n.configurable)||(n={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,i,n)}:function(e,t,r,i){void 0===i&&(i=r),e[i]=t[r]}),n=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t}),o=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var r in e)"default"!==r&&Object.prototype.hasOwnProperty.call(e,r)&&i(t,e,r);return n(t,e),t},s=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.DarwiniumWrapper=t.BuildConfig=t.PhoneValidationError=t.OtpError=t.OtpFinishResultType=t.MobileAuthImplementation=t.LogLevel=t.LoggerFactory=t.DeviceRole=t.CancelablePromise=t.AuthResponseStatus=t.AuthenticatorBuilder=t.VERSION=void 0;const a=r(6462);Object.defineProperty(t,"VERSION",{enumerable:!0,get:function(){return a.VERSION}});const c=o(r(4817));t.AuthenticatorBuilder=c.default,Object.defineProperty(t,"DeviceRole",{enumerable:!0,get:function(){return c.DeviceRole}}),Object.defineProperty(t,"MobileAuthImplementation",{enumerable:!0,get:function(){return c.MobileAuthImplementation}});const l=r(5501);Object.defineProperty(t,"BuildConfig",{enumerable:!0,get:function(){return l.BuildConfig}});const u=r(6267);Object.defineProperty(t,"AuthResponseStatus",{enumerable:!0,get:function(){return u.AuthResponseStatus}});const d=r(1727);Object.defineProperty(t,"LoggerFactory",{enumerable:!0,get:function(){return d.LoggerFactory}}),Object.defineProperty(t,"LogLevel",{enumerable:!0,get:function(){return d.LogLevel}});const h=s(r(4610));t.CancelablePromise=h.default;const f=r(3794);Object.defineProperty(t,"PhoneValidationError",{enumerable:!0,get:function(){return f.PhoneValidationError}});const g=r(8864);Object.defineProperty(t,"OtpError",{enumerable:!0,get:function(){return g.OtpError}}),Object.defineProperty(t,"OtpFinishResultType",{enumerable:!0,get:function(){return g.OtpFinishResultType}});const p=r(2582);Object.defineProperty(t,"DarwiniumWrapper",{enumerable:!0,get:function(){return p.DarwiniumWrapper}})},4817:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.MobileAuthImplementation=t.DeviceRole=void 0;const n=r(1092),o=i(r(8370)),s=i(r(6736)),a=i(r(1840)),c=i(r(7625)),l=i(r(3075)),u=i(r(8907)),d=i(r(1703)),h=i(r(6185)),f=i(r(1044)),g=i(r(1474)),p=i(r(9790)),v=r(2207),_=i(r(9568)),m=r(1727),E=i(r(7370)),R=r(5501),w=i(r(2654)),O=i(r(3350));var A,S;!function(e){e[e.Primary=0]="Primary",e[e.Secondary=1]="Secondary"}(A=t.DeviceRole||(t.DeviceRole={})),function(e){e.Pixel="pixel",e.Fetch="fetch"}(S=t.MobileAuthImplementation||(t.MobileAuthImplementation={})),t.default=class{constructor(){this.role=A.Primary,this.mobileAuthImplementation=S.Fetch,this.upkEnabled=!1,this.log=m.LoggerFactory.getLogger("authenticator-builder"),"undefined"!=typeof window&&(this.storage=window.localStorage,this.platform=new n.WebPlatform)}withDeviceContext(e){return this.deviceContextOptions=e,this}withAuthFinishStep(e){return this.authFinishStep="function"==typeof e?{execute:t=>e(t)}:e,this}withDisplayName(e){return this.getDisplayName="function"==typeof e?e:()=>e,this}withAuthMessageHandler(e){return this.authMessageHandler=e,this}withStorage(e){return this.storage=e,this}withPlatform(e){return this.platform=e,this}withRole(e){return this.role=e,this}withMobileAuthImplementation(e){return this.mobileAuthImplementation=e,this}withDeviceIpAddress(e){return this.getDeviceIp="function"==typeof e?e:()=>e,this}withOtpFallback(e,t){return this.otpStartStep="function"==typeof e?{execute:e}:e,this.otpFinishStep="function"==typeof t?{execute:t}:t,this}withInstantLinkFallback(e){return this.instantLinkStartStep="function"==typeof e?{execute:e}:e,this}withUPKEnabled(){return this.withUniversalProveKey()}withUniversalProveKey(e){return this.userConsentStep=e?"function"==typeof e?{execute:e}:e:{execute:()=>Promise.resolve({consentGranted:!0})},this.upkEnabled=null!=this.userConsentStep,this}getUrlsByBuildConfig(e){switch(e){case R.BuildConfig.US_PROD:return[R.ProveAuthProxyScriptUrl.DEFAULT_US_PROD_SCRIPT_URL.toString(),R.ProveAuthProxyEndpoint.DEFAULT_US_PROD_ENDPOINT.toString()];case R.BuildConfig.US_UAT:return[R.ProveAuthProxyScriptUrl.DEFAULT_US_UAT_SCRIPT_URL.toString(),R.ProveAuthProxyEndpoint.DEFAULT_US_UAT_ENDPOINT.toString()];case R.BuildConfig.DEV:return this.log.debug("Recommended for Prove's internal testing only, BuildConfig.DEV might need custom endpoint URL and custom script URL values to bypass ad blockers"),[void 0,void 0];default:return this.log.warn("Unknown BuildConfig value: "+e),[void 0,void 0]}}getRegionByBuildConfig(e){var t;switch(e){case R.BuildConfig.DEV:case R.BuildConfig.US_PROD:case R.BuildConfig.US_UAT:t="us";break;default:this.log.warn("Unknown BuildConfig value, set Region to default value: us"),t="us"}return t}getFpPromiseInstanceFromOptions(e){try{const t=r(6616);if(t){if(e){let r=this.getRegionByBuildConfig(e.buildConfig),[i,n]=this.getUrlsByBuildConfig(e.buildConfig);e.customScriptUrl&&e.customEndpointUrl&&(i=e.customScriptUrl,n=e.customEndpointUrl);const o=i?[`${i}?apiKey=<apiKey>&version=<version>&loaderVersion=<loaderVersion>`,t.defaultScriptUrlPattern]:[t.defaultScriptUrlPattern],s=n?[`${n}?region=${r}`,t.defaultEndpoint]:[t.defaultEndpoint],a=t.load({apiKey:e.publicApiKey,endpoint:s,scriptUrlPattern:o,region:r}),c=a?"successfully":"unsuccessfully with null instance";return this.log.trace(`Instantiating FingerprintJS ${c}`),a}this.log.warn("Prove Key Persistence feature is not enabled")}else this.log.debug("fingerprintjs package is not installed or failed to load")}catch(e){this.log.trace("FingerprintJS is not installed or failed to load",e)}}runDarwiniumDataCollection(e,t){var r,i;if(!t)return;if(!t.extraDeviceSignalEnabled)return;const n=e.darwiniumResult;if(!n||n.isExpired())if(t.iFrameEnabledForExtraDeviceSignals){let i;switch(t.buildConfig){case R.BuildConfig.US_PROD:i=R.DarwiniumCollectionEndpoint.US_PROD;break;case R.BuildConfig.US_UAT:i=R.DarwiniumCollectionEndpoint.US_UAT;break;case R.BuildConfig.DEV:i=R.DarwiniumCollectionEndpoint.DEV;break;default:const t=new w.default;return t.setExpiration(),t.setErr("Unknown BuildConfig"),void(e.darwiniumResult=t)}null===(r=this.platform)||void 0===r||r.collectDarwiniumData(!0,i).then((t=>e.darwiniumResult=t)).catch((t=>{const r=new w.default;r.setExpiration(),r.setErr(O.default.extractMessage(t)),e.darwiniumResult=r}))}else null===(i=this.platform)||void 0===i||i.collectDarwiniumData(!1).then((t=>e.darwiniumResult=t)).catch((t=>{const r=new w.default;r.setExpiration(),r.setErr(O.default.extractMessage(t)),e.darwiniumResult=r}))}withPasskeyAlreadyExistCallback(e){return this.passkeyCreationHandler=e,this}build(){var e;if(!this.platform)throw new Error("Implementation of Platform is required");if(!this.storage)throw new Error("Implementation of Storage is required");const t=this.getFpPromiseInstanceFromOptions(this.deviceContextOptions);t&&(null===(e=this.platform)||void 0===e||e.setFpPromise(t));const r=new E.default(this.storage);return r.upkEnabled=this.upkEnabled,this.runDarwiniumDataCollection(r,this.deviceContextOptions),this.role===A.Primary?new _.default(this.platform,r,this.authFinishStep,[new p.default(this.upkEnabled),new v.DeviceUniversalRedirectExchangeStep,new v.DeviceUniversalRedirectFinishStep,new s.default(this.getDisplayName,this.passkeyCreationHandler,this.role),new g.default(this.getDisplayName,this.passkeyCreationHandler),new f.default(this.upkEnabled,this.userConsentStep),new o.default,new a.default,new c.default(this.mobileAuthImplementation,this.getDeviceIp),new l.default(this.instantLinkStartStep,this.getDeviceIp),new u.default(this.otpStartStep,this.otpFinishStep),new h.default,new d.default(this.authMessageHandler)]):new _.default(this.platform,r,this.authFinishStep,[new s.default(this.getDisplayName,void 0,this.role),new c.default(this.mobileAuthImplementation,this.getDeviceIp),new l.default(this.instantLinkStartStep,this.getDeviceIp)])}}},8607:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{static stringToBase64(e){return e.replace(/\-/g,"+").replace(/_/g,"/")+"=".repeat(e.length%4?4-e.length%4:0)}static bufferDecode(e){return Uint8Array.from(atob(r.stringToBase64(e)),(e=>e.charCodeAt(0)))}static bufferEncode(e){const t=ArrayBuffer.isView(e)?e.buffer:e;return btoa(String.fromCharCode.apply(null,Array.from(new Uint8Array(t)))).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}}t.default=r},4610:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=class extends Promise{constructor(e){let t=()=>{};super(((r,i)=>e(r,i,(e=>t=e)))),this.onCancel=()=>{t()}}cancel(){this.onCancel()}}},1727:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.LoggerFactory=t.LogLevel=void 0,function(e){e[e.disabled=0]="disabled",e[e.error=1]="error",e[e.warn=2]="warn",e[e.info=3]="info",e[e.debug=4]="debug",e[e.trace=5]="trace"}(r=t.LogLevel||(t.LogLevel={}));class i{static setLogLevel(e){i.logLevel=e}static setLogWriter(e){i.logWriter=e}static getLogger(e){return{trace:(...t)=>{i.logLevel>=r.trace&&i.logWriter.write(r.trace,e+": ",...t)},debug:(...t)=>{i.logLevel>=r.debug&&i.logWriter.write(r.debug,e+": ",...t)},info:(...t)=>{i.logLevel>=r.info&&i.logWriter.write(r.info,e+": ",...t)},warn:(...t)=>{i.logLevel>=r.warn&&i.logWriter.write(r.warn,e+": ",...t)},error:(...t)=>{i.logLevel>=r.error&&i.logWriter.write(r.error,e+": ",...t)}}}}i.logWriter=new class{write(e,...t){switch(e){case r.trace:case r.debug:console.debug(...t);break;case r.info:console.info(...t);break;case r.warn:console.warn(...t);break;case r.error:console.error(...t)}}},i.logLevel=r.info,t.LoggerFactory=i},2654:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=class{setResultBlob(e){this.resultBlob=e}setErr(e){this.err=e}getResultBlob(){return this.resultBlob}getError(){return this.err}setExpiration(){const e=new Date,t=new Date(e.getTime()+6e5);this.expiredAt=t.getTime()}isExpired(){return!this.expiredAt||Date.now()>this.expiredAt}}},2582:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.DarwiniumWrapper=void 0;const n=i(r(2654)),o=i(r(3350));t.DarwiniumWrapper=class{static collectData(){return new Promise((e=>{const t=new n.default;dwn?dwn.start({geo_location_enabled:!1,mouse:!0}).collect().then((r=>{t.setResultBlob(r),t.setExpiration(),e(t)})).catch((r=>{t.setErr(o.default.extractMessage(r)),t.setExpiration(),e(t)})):(t.setErr("Darwinium instance is not avaialble"),t.setExpiration(),e(t))}))}static collectDataInIFrame(e){return new Promise((t=>{var r;const i=new n.default,o=e=>{if(e.data&&"prove-device-signal"===e.data.source){const r=e.data.dwnData;i.setResultBlob(r),i.setExpiration(),console.log(r),t(i),window.removeEventListener("message",o)}else if(e.data&&"prove-device-signal-error"===e.data.source){const r=e.data.dwnErr;i.setErr(r),i.setExpiration(),t(i),window.removeEventListener("message",o)}};let s=document.getElementById("prove-iframe");s&&(null===(r=s.parentNode)||void 0===r||r.removeChild(s)),window.addEventListener("message",o);const a=document.createElement("iframe");a.src=e,a.style.display="none",a.id="prove-iframe",document.body.appendChild(a)}))}static runDarwinmiumAndPostResultInMsg(){dwn?dwn.start({geo_location_enabled:!1,mouse:!0}).collect().then((e=>{window.parent.postMessage({source:"prove-device-signal",dwnData:e},"*")})).catch((e=>{window.parent.postMessage({source:"prove-device-signal-error",dwnErr:e},"*")})):window.parent.postMessage({source:"prove-device-signal-error",fpErr:"Darwinium instance is not avaialble"},"*")}}},5501:(e,t)=>{var r,i,n,o;Object.defineProperty(t,"__esModule",{value:!0}),t.DarwiniumCollectionEndpoint=t.BuildConfig=t.ProveAuthProxyEndpoint=t.ProveAuthProxyScriptUrl=void 0,(o=t.ProveAuthProxyScriptUrl||(t.ProveAuthProxyScriptUrl={})).DEFAULT_US_UAT_SCRIPT_URL="https://upk.uat.prove-auth.proveapis.com/vFqZceQyx8/uqLttozA7q",o.DEFAULT_US_PROD_SCRIPT_URL="https://upk.prove-auth.proveapis.com/vf82rhgDRK/r4VnwuwPUd",(n=t.ProveAuthProxyEndpoint||(t.ProveAuthProxyEndpoint={})).DEFAULT_US_UAT_ENDPOINT="https://upk.uat.prove-auth.proveapis.com/vFqZceQyx8/bt9xhGAgQw",n.DEFAULT_US_PROD_ENDPOINT="https://upk.prove-auth.proveapis.com/vf82rhgDRK/ePaZsNne4X",(i=t.BuildConfig||(t.BuildConfig={})).DEV="DEV",i.US_UAT="US_UAT",i.US_PROD="US_PROD",(r=t.DarwiniumCollectionEndpoint||(t.DarwiniumCollectionEndpoint={})).DEV="https://upk.dev.prove-auth.proveapis.com/device-context",r.US_UAT="https://upk.uat.prove-auth.proveapis.com/device-context",r.US_PROD="https://upk.prove-auth.proveapis.com/device-context"},3350:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r extends Error{constructor(e,t,r,i){super(e),this.code=t,this.nextStep=r,this.reportable=void 0===i||i}static extractMessage(e){let t="";if(e){const r="message";e[r]?t=e[r]:(t=e.toString(),t.startsWith("[object ")&&(t=JSON.stringify(e)))}return t}}t.default=r},6267:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.AuthResponseStatus=void 0,(r=t.AuthResponseStatus||(t.AuthResponseStatus={})).Accept="accept",r.Reject="reject",r.Cancel="cancel",r.Unexpected="unexpected",r.Timeout="timeout",r.Unknown="unknown"},1204:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=r(6462),s=r(2102),a=i(r(5186)),c=r(1786);class l{get namespace(){var e;return(null===(e=this.claims)||void 0===e?void 0:e.auth.ans)||this.settings.namespace}get backendOrigin(){var e;return this.backendOriginOverride||(null===(e=this.claims)||void 0===e?void 0:e.auth.endp)}get authId(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.id}get challenge(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.chlg}get next(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.next}constructor(e,t,r){var i,o;this.channels=new Set,this.log=n.LoggerFactory.getLogger("auth-session"),this.platform=t,this.authToken=r,this.settings=e,r&&(this.claims=this.parseJwt(r),this.settings.namespace=this.claims.auth.ans,this.uvLevel=(null===(o=null===(i=this.claims.auth.subs.dev)||void 0===i?void 0:i.auths.pasv)||void 0===o?void 0:o.uvlvl)||s.UserVerificationLevel.Discouraged),this.requestSigner=t.createRequestSigner(this)}fetchFromBackend(e,t){const r="POST",i="application/json",n=JSON.stringify(t),s=e.split("?"),c=s[0],l=s.length>1?s[1]:"",u=new Headers({Accept:i,"Content-Type":i,"PA-Version":o.USER_AGENT_VERSIONS});return this.authToken&&u.set("Authorization","Bearer "+this.authToken),new Promise(((t,o)=>{this.requestSigner.sign(r,c,l,i,n).then((i=>{i&&(u.set("PA-Sig-Version",i.version),u.set("PA-Challenge",i.challenge),u.set("PA-KID",i.keyId),u.set("PA-Signature",i.signature)),this.platform.fetch(this.backendOrigin+e,{mode:"cors",method:r,headers:u,body:n}).then((e=>e.json())).then((e=>{e.error&&e.error.code===a.default.ERROR_NO_DEVICE_FOUND&&(this.settings.reset(),this.platform.deviceAuth.reset()),t(e)})).catch(o)})).catch(o)}))}static parseCloseEvent(e){var t=c.WebSocketCloseReasons.UNKNOWN_REASON;switch(e.code){case 1e3:t=c.WebSocketCloseReasons.NORMAL_CLOSURE;break;case 1001:t=c.WebSocketCloseReasons.GOING_AWAY;break;case 1002:t=c.WebSocketCloseReasons.PROTOCOL_ERROR;break;case 1003:t=c.WebSocketCloseReasons.UNSUPPORTED_DATA;break;case 1005:t=c.WebSocketCloseReasons.NO_STATUS_RECEIVED;break;case 1006:t=c.WebSocketCloseReasons.ABNORMAL_CLOSURE;break;case 1007:t=c.WebSocketCloseReasons.INVALID_FRAME_PAYLOAD_DATA;break;case 1008:t=c.WebSocketCloseReasons.POLICY_VIOLATION;break;case 1009:t=c.WebSocketCloseReasons.MESSAGE_TOO_BIG;break;case 1010:t=c.WebSocketCloseReasons.MANDATORY_EXTENSION;break;case 1011:t=c.WebSocketCloseReasons.INTERNAL_ERROR;break;case 1015:t=c.WebSocketCloseReasons.TLS_HANDSHAKE}return[t,e.code]}createMessageChannel(e,t,r,i){if(!this.authToken)throw new Error("Authentication token is not initialized, cannot create MessageChannel");const n=this.backendOrigin.replace(/^http/,"ws"),o=this.platform.createMessageChannel(n+e);var s=!0;const a=setInterval((()=>{s?(this.log.trace("Sending ping message"),s=!1,o.send("ping")):(this.log.warn("Failed to receive ping response in time, closing the channel"),clearInterval(a),o.close(),r("Channel communication stalled"),this.channels.delete(o))}),3e4);return o.addEventListener("close",(e=>{var r=e.code?`with status code: ${e.code}`:"without status code";this.log.debug(`Message channel is closed ${r}`),clearInterval(a),this.channels.delete(o);const[i,n]=l.parseCloseEvent(e);t(i,n)})),o.addEventListener("error",(e=>{this.log.debug("Message channel encountered an error"),this.log.debug(e)})),o.addEventListener("message",(e=>{if(this.log.trace("Message channel received a message"),this.log.trace(e),"origin"in e&&e.origin!==n)r("Unexpected origin");else{const t=e.data;t&&"string"==typeof t?"pong"===t?s=!0:i(t):i(e.toString())}})),this.channels.add(o),o}closeAllMessageChannels(){this.log.trace("Closing all message channels, total "+this.channels.size+" registered channels");const e=new Set(this.channels);e.forEach((e=>e.close())),e.clear(),this.channels.clear()}getDeviceRegistration(){return new Promise(((e,t)=>{this.platform.deviceAuth.getRegistration(this.namespace).then((t=>{t&&(this.backendOriginOverride?this.log.debug("Not overriding backend URL since it has been already set"):(this.backendOriginOverride=t.endpoint,this.log.debug("backend URL overridden with "+this.backendOriginOverride))),e(t)})).catch(t)}))}embedFpResultToDeviceRegistration(e){return new Promise((t=>{this.getFingerprintData().then((r=>{r&&e.setFpSignal(r),t(e)})).catch((t=>{const r=`Unexpected error happened during Fingerprint data collection: ${t.toString}`;this.log.warn(r),e.setFpSignal({error:r})}))}))}embedDarwiniumResultToDeviceRegistration(e){return new Promise((t=>{const r="Darwinium data is not avaialble";if(this.shouldSendDarwiniumData()){const t=this.settings.darwiniumResult;t?t.isExpired()?e.setDarwiniumSignal({error:"Darwinium data is expired"}):t.getResultBlob()?e.setDarwiniumSignal({results:t.getResultBlob()}):t.getError()?e.setDarwiniumSignal({error:t.getError()}):e.setDarwiniumSignal({error:r}):e.setDarwiniumSignal({error:r})}t(e)}))}embedDarwiniumSignal(e){const t="Darwinium data is not avaialble";if(this.shouldSendDarwiniumData()){const r=this.settings.darwiniumResult;r?r.isExpired()?e.darwinium={error:"Darwinium data is expired"}:r.getResultBlob()?e.darwinium={results:r.getResultBlob()}:r.getError()?e.darwinium={error:r.getError()}:e.darwinium={error:t}:e.darwinium={error:t}}}getFingerprintData(){return new Promise((e=>{var t=this.platform.getFpPromise();if(this.shouldCollectFP())if(t)t.then((e=>e.get())).then((t=>{if(t.sealedResult)this.log.debug(`FP result: ${t.sealedResult}`),e({results:t.sealedResult});else{const t="Cannot found sealed result in Fingerprint returned payload";this.log.warn(t),e({error:t})}})).catch((t=>{const r=`Error in collecting Fingerprint data: ${t.toString}`;this.log.warn(r),e({error:r})}));else{const t="Found null instance of Fingerprint, check if your input API key is valid";this.log.warn(t),e({error:t})}else this.log.debug("Fingerprint is not enabled from AuthToken"),e(void 0)}))}shouldCollectFP(){var e,t,r;return!!(null===(r=null===(t=null===(e=this.claims)||void 0===e?void 0:e.auth.subs.dev)||void 0===t?void 0:t.sgnls)||void 0===r?void 0:r.fpt)}shouldSendDarwiniumData(){var e,t,r;return!!(null===(r=null===(t=null===(e=this.claims)||void 0===e?void 0:e.auth.subs.dev)||void 0===t?void 0:t.sgnls)||void 0===r?void 0:r.dwn)}parseJwt(e){return JSON.parse(atob(e.split(".")[1]))}}t.default=l},3225:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.AuthStatusActions=void 0;const n=r(1727),o=i(r(3350));t.AuthStatusActions=class{constructor(){this.log=n.LoggerFactory.getLogger("auth-status-actions")}waitForStatus(e){var t=!1;return this.log.trace("Waiting for auth status"),new Promise(((r,i)=>{const n=e.createMessageChannel("/v1/client/status?token="+encodeURIComponent(e.authToken),((e,r)=>{t||i(new o.default(`Failed to receive secondary authentication with status code ${r}. ${e}`))}),(e=>{t=!0,i(new o.default("Failed to receive secondary authentication status: "+e))}),(s=>{t=!0;try{this.log.debug("Secondary authentication status: "+s);const t=JSON.parse(s);t.error?i(new o.default(t.error.message,t.error.code,t.next,!1)):(e.lastStep=t.next,r(t.next))}catch(e){i(e)}finally{this.log.trace("Closing channel"),n.close()}}))}))}}},2102:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.UserVerificationLevel=void 0,(r=t.UserVerificationLevel||(t.UserVerificationLevel={})).Discouraged="none",r.Preferred="pref",r.Required="req"},8370:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(8607)),o=r(1727),s=i(r(3350)),a=i(r(5186)),c=i(r(1840));class l{constructor(){this.log=o.LoggerFactory.getLogger("device-passive-register-step"),this.name=l.NAME}execute(e){return new Promise(((t,r)=>{l.hasAssertionResponse(e)?c.default.runFidoVerify(this.log,e).then(t).catch(r):e.getDeviceRegistration().then((i=>{i?e.embedFpResultToDeviceRegistration(i).then((t=>e.embedDarwiniumResultToDeviceRegistration(t))).then((i=>{this.finishRegistration(e,[this.getFido2Registration(e)],i.getSignals()).then(t).catch(r)})):e.platform.deviceAuth.createRegistration({namespace:e.namespace,endpoint:e.backendOrigin}).then((t=>e.embedFpResultToDeviceRegistration(t))).then((t=>e.embedDarwiniumResultToDeviceRegistration(t))).then((i=>{i.getAuthRegistration(e.challenge).then((t=>this.finishRegistration(e,[this.getFido2Registration(e),t],i.getSignals()))).then((n=>{i.deviceId=e.settings.deviceId,e.platform.deviceAuth.storeRegistration(i).then((()=>t(n))).catch(r)})).catch(r)})).catch(r)})).catch(r)}))}static hasAssertionResponse(e){const t=e.credential.response;return t&&"authenticatorData"in t&&"signature"in t}finishRegistration(e,t,r){return new Promise(((i,n)=>{e.fetchFromBackend("/v1/client/device/fido2/register/finish",{deviceName:e.platform.getPlatformName(),deviceCapabilities:e.platform.getDeviceCapabilities(),registrations:t,signals:r}).then((t=>{if(t.error)n(new s.default(t.error.message,t.error.code,t.next,!1));else{const r=t.data;r?(r.deviceId&&(e.settings.deviceId=r.deviceId,e.settings.fidoPasskeyRegistered=!0),r.scanMessage&&(e.authMessage=r.scanMessage),i(t.next)):n(new s.default("Failed to register device, returned deviceId is null or empty",a.default.ERROR_AUTHENTICATION_FAILURE,t.next,!1))}})).catch(n)}))}getFido2Registration(e){const t=e.credential,r=t.response;return{webAuthnCredential:{type:null==t?void 0:t.type,id:null==t?void 0:t.id,rawId:n.default.bufferEncode(null==t?void 0:t.rawId),response:{attestationObject:n.default.bufferEncode(r.attestationObject),clientDataJSON:n.default.bufferEncode(r.clientDataJSON)}}}}}l.NAME="device/passive/register",t.default=l},1044:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(3350));class s{constructor(e,t){this.name=s.NAME,this.log=n.LoggerFactory.getLogger("device-passive-silent-step"),this.forUPK=e,this.userConsentStep=null!=t?t:{execute:()=>Promise.resolve({consentGranted:!0})}}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{e.getDeviceRegistration().then((i=>{i?e.embedFpResultToDeviceRegistration(i).then((t=>e.embedDarwiniumResultToDeviceRegistration(t))).then((i=>{this.verify(e,i).then(t).catch(r)})):this.userConsentStep.execute().then((i=>{i.consentGranted?e.platform.deviceAuth.createRegistration({namespace:e.namespace,endpoint:e.backendOrigin}).then((t=>e.embedFpResultToDeviceRegistration(t))).then((t=>e.embedDarwiniumResultToDeviceRegistration(t))).then((t=>this.register(e,t))).then(t).catch(r):r(new Error("User denied the consent to register the device"))})).catch(r)})).catch(r)}))}getBackendRegisterEndpoint(){return this.forUPK?"/v1/client/device/universal/register":"/v1/client/device/passive/register"}getBackendVerifyEndpoint(){return this.forUPK?"/v1/client/device/universal/verify":"/v1/client/device/passive/verify"}register(e,t){return this.log.trace("Registering"),new Promise(((r,i)=>{t.getAuthRegistration(e.challenge).then((n=>{e.fetchFromBackend(this.getBackendRegisterEndpoint(),{deviceName:e.platform.getPlatformName(),deviceCapabilities:e.platform.getDeviceCapabilities(),registrations:[n],signals:t.getSignals()}).then((n=>{if(n.error)i(new o.default(n.error.message,n.error.code,n.next,!1));else{const s=n,a=s.data.deviceId;a||i(new o.default("Failed to register device, returned deviceId is null or empty",0,n.next)),e.settings.deviceId=a,e.settings.fidoPasskeyRegistered=s.data.passkey,t.deviceId=a,this.log.debug("Device ID: "+a);const c=n.data;c&&c.scanMessage&&(e.authMessage=c.scanMessage),e.platform.deviceAuth.storeRegistration(t).then((()=>r(n.next))).catch(i)}})).catch(i)}))}))}verify(e,t){return this.log.trace("Verifying"),new Promise(((r,i)=>{if(t.deviceId){const n=t.deviceId+":"+e.challenge;t.sign(n).then((n=>{e.fetchFromBackend(this.getBackendVerifyEndpoint(),{deviceId:t.deviceId,keyId:t.keyId,signature:n,signals:t.getSignals()}).then((e=>{e.error?i(new o.default(e.error.message,e.error.code,e.next,!1)):r(e.next)})).catch(i)}))}else i(new o.default("Failed to initiate verification, DeviceId is missing"))}))}}s.NAME="device/passive/silent",t.default=s},6736:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.DevicePassiveActions=void 0;const n=r(1727),o=i(r(8607)),s=i(r(1044)),a=r(2102),c=i(r(3350)),l=r(4817),u=r(3225),d=r(9229),h=r(6267);class f extends u.AuthStatusActions{constructor(e,t){super(),this.log=n.LoggerFactory.getLogger("device-passive-actions"),this.getDisplayName=e||(()=>null),this.handler=t}register(e,t){return this.log.trace("Registering Passkey"),new Promise(((r,i)=>{const n=this.getDisplayName();e.fetchFromBackend("/v1/client/device/fido2/register/start",{displayName:n||void 0,signals:t}).then((t=>{var o,s;if(t.error)i(new c.default(t.error.message,t.error.code,t.next,!1));else{const a=null===(o=t.data)||void 0===o?void 0:o.credCreateOptions,l=null===(s=t.data)||void 0===s?void 0:s.credRequestOptions;if(a)this.createCredentials(e,n,a,t).then(r).catch(i);else if(l)this.getCredentials(e,l,t).then(r).catch(i);else{const e=new c.default(f.NO_CREDS_FOUND);i(e)}}})).catch(i)}))}verify(e){return this.log.trace("Verifying Passkey"),new Promise(((t,r)=>{e.settings.deviceId?e.fetchFromBackend("/v1/client/device/fido2/verify/start",{deviceId:e.settings.deviceId}).then((i=>{if(i.error)r(new c.default(i.error.message,i.error.code,i.next,!1));else{const n=i.data.credRequestOptions;this.getCredentials(e,n,i).then(t).catch(r)}})).catch(r):r(new c.default("Failed to start verification, DeviceId is missing"))}))}createCredentials(e,t,r,i){return this.log.trace("Trying create new FIDO credentials"),new Promise(((n,s)=>{r.challenge=o.default.bufferDecode(r.challenge),r.user.id=o.default.bufferDecode(r.user.id),t&&(r.user.displayName=t),r.excludeCredentials&&r.excludeCredentials.forEach((e=>{e.id=o.default.bufferDecode(e.id)}));const a={publicKey:r};e.platform.webauthn.createCredentials(a).then((t=>{t?(e.credential=t,n(i.next)):s(new c.default("Failed to create FIDO2 credentials"))})).catch((t=>{const r=d.FidoOptionsError.identifyRegistrationError({error:t,options:a,platform:e.platform});r instanceof d.FidoOptionsError&&"InvalidStateError"===r.name?this.handler?(this.log.trace("Passkey handler callback has been defined"),this.handler().then((t=>{t===h.AuthResponseStatus.Accept?this.parseCredRequestOptions(i,e).then(n).catch(s):s(new c.default(`${f.USER_NOT_ACCEPTING_RESPONSE}: ${t}`))})).catch(s)):(this.log.trace("Passkey handler callback is null, go ahead with passkey discoverable as default behavior"),this.parseCredRequestOptions(i,e).then(n).catch(s)):s(r)}))}))}parseCredRequestOptions(e,t){return new Promise(((r,i)=>{const n=e.data;if(n.credRequestOptions){const o=n.credRequestOptions;this.getCredentials(t,o,e).then(r).catch(i)}else i(new c.default(f.NO_REQUEST_CREDS_FOUND))}))}getCredentials(e,t,r){return this.log.trace("Trying get existing FIDO credentials"),new Promise(((i,n)=>{var s,a;if(0==(null===(s=t.allowCredentials)||void 0===s?void 0:s.length))n(new c.default("AllowCredentials array should not be empty when call getCredentials()"));else{t.challenge=o.default.bufferDecode(t.challenge),t.allowCredentials&&(null===(a=t.allowCredentials)||void 0===a||a.forEach((e=>{e.id=o.default.bufferDecode(e.id)})));const s={publicKey:t};e.platform.webauthn.getCredentials(s).then((t=>{t?(e.credential=t,i(r.next)):n(new c.default("Failed to load FIDO2 credentials"))})).catch((t=>{const r=d.FidoOptionsError.identifyAuthenticationError({error:t,options:s,platform:e.platform});n(r)}))}}))}}f.NO_REQUEST_CREDS_FOUND="Passkey has already been registered but found no CredentialRequestOptions in the fido/register/start response payload",f.NO_CREDS_FOUND="Neither credCreateOptions nor credRequestOptions are found in the fido/register/start response payload",f.USER_NOT_ACCEPTING_RESPONSE="User not accepting to continue by reusing the existing passkey with user response",t.DevicePassiveActions=f;class g extends f{constructor(e,t,r){super(e,t),this.name=g.NAME,this.role=null!=r?r:l.DeviceRole.Primary,this.log=n.LoggerFactory.getLogger("device-passive-step")}execute(e){return this.role==l.DeviceRole.Secondary?this.waitForStatus(e):e.platform.isFidoSupported()&&e.uvLevel!==a.UserVerificationLevel.Discouraged?e.settings.deviceId?e.settings.fidoPasskeyRegistered?this.verify(e):Promise.resolve(s.default.NAME):new Promise(((t,r)=>{e.getFingerprintData().then((i=>{const n={fingerprint:i};e.embedDarwiniumSignal(n),this.register(e,n).then(t).catch(r)})).catch((i=>{const n=`Unexpected error happened during Fingerprint data collection: ${i.message}`;this.log.warn(n),this.log.warn(i);const o={fingerprint:{error:n}};e.embedDarwiniumSignal(o),this.register(e,o).then(t).catch(r)}))})):Promise.resolve(s.default.NAME)}}g.NAME="device/passive",t.default=g},1474:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),n=r(6736);class o extends n.DevicePassiveActions{constructor(e,t){super(e,t),this.name=o.NAME,this.log=i.LoggerFactory.getLogger("device-passive-stepup-step")}execute(e){return e.platform.isFidoSupported()?e.settings.deviceId?e.settings.fidoPasskeyRegistered?Promise.reject(new Error("FIDO2 Passkey is already registered")):new Promise(((t,r)=>{e.getFingerprintData().then((i=>{const n={fingerprint:i};e.embedDarwiniumSignal(n),this.register(e,n).then(t).catch(r)})).catch((i=>{const n=`Unexpected error happened during Fingerprint data collection: ${i.message}`;this.log.warn(n),this.log.warn(i);const o={fingerprint:{error:n}};e.embedDarwiniumSignal(o),this.register(e,o).then(t).catch(r)}))})):Promise.reject(new Error("Device is not registered")):Promise.reject(new Error("FIDO2 is not supported"))}}o.NAME="device/passive/stepup",t.default=o},1840:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(8607)),o=r(1727),s=i(r(3350));class a{constructor(){this.log=o.LoggerFactory.getLogger("device-passive-verify-step"),this.name=a.NAME}execute(e){return new Promise(((t,r)=>{a.runFidoVerify(this.log,e).then(t).catch(r)}))}static runFidoVerify(e,t){return new Promise(((r,i)=>{t.getFingerprintData().then((n=>{const o={fingerprint:n};t.embedDarwiniumSignal(o),a.makeFidoVerifyFinishRequest(e,t,o).then(r).catch(i)})).catch((n=>{const o=`Unexpected error happened during Fingerprint data collection ${n.toString}`;e.warn(o);const s={fingerprint:{error:o}};t.embedDarwiniumSignal(s),a.makeFidoVerifyFinishRequest(e,t,s).then(r).catch(i)}))}))}static makeFidoVerifyFinishRequest(e,t,r){return new Promise(((i,o)=>{const a=t.credential,c=a.response;t.fetchFromBackend("/v1/client/device/fido2/verify/finish",{webAuthnAssertion:{type:null==a?void 0:a.type,id:null==a?void 0:a.id,rawId:n.default.bufferEncode(null==a?void 0:a.rawId),response:{authenticatorData:n.default.bufferEncode(c.authenticatorData),clientDataJSON:n.default.bufferEncode(c.clientDataJSON),signature:n.default.bufferEncode(c.signature),userHandle:c.userHandle?n.default.bufferEncode(c.userHandle):void 0}},signals:r}).then((r=>{if(r.error)o(new s.default(r.error.message,r.error.code,r.next,!1));else{const n=r.data;n?(n.deviceId&&(t.settings.deviceId=n.deviceId),n.passkey&&(t.settings.fidoPasskeyRegistered=!0),n.scanMessage&&(t.authMessage=n.scanMessage)):e.warn("No data was received in the response"),t.settings.fidoPasskeyRegistered=!0,i(r.next)}})).catch(o)}))}}a.NAME="device/passive/verify",t.default=a},2207:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.DeviceUniversalRedirectExchangeStep=t.DeviceUniversalRedirectFinishStep=t.DeviceUniversalRedirectBaseStep=void 0;const n=i(r(3350));class o{constructor(){this.name=""}execute(e){return new Promise(((t,r)=>{var i,o,s,a,c,l;let u=null===(l=null===(c=null===(a=null===(s=null===(o=null===(i=e.claims)||void 0===i?void 0:i.auth)||void 0===o?void 0:o.subs)||void 0===s?void 0:s.dev)||void 0===a?void 0:a.auths)||void 0===c?void 0:c.unvsl)||void 0===l?void 0:l.ftu;if(void 0!==u&&u){u+=`?authId=${e.authId}`;let i="";if("redirect/exchange"===this.name)i="authexchange";else{if("redirect/finish"!==this.name)return void r(new n.default(`Unknown UPK Step: ${this.name}`,0,e.next,!0));i="authfinish"}u+=`&next=${i}`,e.platform.urlRedirect(u),t("")}else r(new n.default("AuthToken claims do not contain final target URL",0,e.next,!0))}))}}t.DeviceUniversalRedirectBaseStep=o;class s extends o{constructor(){super(...arguments),this.name=s.NAME}}s.NAME="redirect/finish",t.DeviceUniversalRedirectFinishStep=s;class a extends o{constructor(){super(...arguments),this.name=a.NAME}}a.NAME="redirect/exchange",t.DeviceUniversalRedirectExchangeStep=a},9790:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(3350)),s=i(r(1044));class a{constructor(e){this.log=n.LoggerFactory.getLogger("device-universal-step"),this.name=a.NAME,this.forUPK=!1,this.forUPK=e}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{var i,n,a;if(this.forUPK)t(s.default.NAME);else{let s=null===(a=null===(n=null===(i=e.claims)||void 0===i?void 0:i.auth.subs.dev)||void 0===n?void 0:n.auths.unvsl)||void 0===a?void 0:a.endp;void 0!==s&&s?(s+=`?authId=${e.authId}&authtoken=${e.authToken}`,e.platform.urlRedirect(s),t("")):r(new o.default("AuthToken claims do not contain universal redirect URL",0,e.next,!0))}}))}}a.NAME="device/universal",t.default=a},5186:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{}r.ERROR_AUTHENTICATION_FAILURE=1e4,r.ERROR_AUTHENTICATION_EXTERNAL_FAILURE=10001,r.ERROR_AUTHENTICATION_CLIENT_FAILURE=10002,r.ERROR_AUTHENTICATION_PROHIBITED_ACTION=10003,r.ERROR_MISSING_AUTHENTICATOR_COMPLETION=10004,r.ERROR_MAX_ATTEMPTS=10005,r.ERROR_NO_DEVICE_FOUND=10006,t.default=r},9229:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.FidoOptionsError=void 0;class r extends Error{constructor({message:e,cause:t,name:r}){super(e,{cause:t}),this.name=null!=r?r:t.name}static identifyAuthenticationError({error:e,options:t,platform:i}){const{publicKey:n}=t;if(!n)return new r({message:r.MISSING_PUBLIC_KEY_PROPERTY,cause:new Error(r.MISSING_PUBLIC_KEY_PROPERTY)});if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new r({message:r.ABORT_SIGNAL,cause:e})}else{if("NotAllowedError"===e.name)return new r({message:e.message,cause:e});if("SecurityError"===e.name){const t=i.getOrigin();return n.rpId!==t?new r({message:`${r.INVALID_RP_ID}: ${n.rpId}`,cause:e}):new r({message:`${r.SECURITY_ERROR_FOUND}: ${e.message}`,cause:e})}if("UnknownError"===e.name)return new r({message:r.UNKNOWN_ERROR,cause:e})}return e}static identifyRegistrationError({error:e,options:t,platform:i}){var n,o,s;const{publicKey:a}=t;if(!a)return new r({message:r.MISSING_PUBLIC_KEY_PROPERTY,cause:new Error(r.MISSING_PUBLIC_KEY_PROPERTY)});if("InvalidStateError"===e.name)return new r({message:r.INVALID_STATE_ERROR,cause:e});if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new r({message:this.ABORT_SIGNAL,cause:e})}else if("ConstraintError"===e.name){if(!0===(null===(n=a.authenticatorSelection)||void 0===n?void 0:n.requireResidentKey))return new r({message:this.CONSTRAINT_ERROR,cause:e});if("conditional"===t.mediation&&"required"===(null===(o=a.authenticatorSelection)||void 0===o?void 0:o.userVerification))return new r({message:this.USER_VERIFICATION_NOT_POSSILE,cause:e});if("required"===(null===(s=a.authenticatorSelection)||void 0===s?void 0:s.userVerification))return new r({message:this.NO_MATCHING_AUTHENTICATOR,cause:e})}else{if("NotAllowedError"===e.name)return new r({message:e.message,cause:e});if("NotSupportedError"===e.name)return 0===a.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new r({message:this.INVALID_CRED_PARAMS,cause:e}):new r({message:r.NO_MATCHING_AUTHENTICATOR_FOR_PARAMS_ALGO,cause:e});if("SecurityError"===e.name){const t=i.getOrigin();return a.rp.id!==t?new r({message:`${r.INVALID_RP_ID}: ${a.rp.id}`,cause:e}):new r({message:`${r.SECURITY_ERROR_FOUND}: ${e.message}`,cause:e})}if("TypeError"===e.name){if(a.user.id.byteLength<1||a.user.id.byteLength>64)return new r({message:r.INVALID_USER_ID_LENGTH,cause:e})}else if("UnknownError"===e.name)return new r({message:r.UNKNOWN_ERROR,cause:e})}return e}}r.MISSING_PUBLIC_KEY_PROPERTY="options missing publicKey property",r.ABORT_SIGNAL="Authentication was sent an abort signal",r.INVALID_STATE_ERROR="The authenticator was already registered",r.UNKNOWN_ERROR="Unknown error: the authenticator was unable to process the predefined options, or unable to generate a new credential",r.SECURITY_ERROR_FOUND="Security error found",r.INVALID_RP_ID="The rp.id is not valid for the current domain",r.CONSTRAINT_ERROR="Discoverable credentials is required but found no matching supported authenticator",r.USER_VERIFICATION_NOT_POSSILE="User verification is required during automatic registration but this could not be performed",r.NO_MATCHING_AUTHENTICATOR="User verification is required but found no matching supported authenticator",r.INVALID_CRED_PARAMS="No entry in pubKeyCredParams having the type of public-key",r.NO_MATCHING_AUTHENTICATOR_FOR_PARAMS_ALGO="No available authenticator supported any of the specified pubKeyCredParams algorithms",r.INVALID_USER_ID_LENGTH="User ID has invalid length",t.FidoOptionsError=r},9568:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(4610)),s=i(r(1204)),a=i(r(3350)),c=i(r(6105)),l=i(r(5186));class u{constructor(e,t,r,i){if(this.steps=new Map,this.log=n.LoggerFactory.getLogger("main-authenticator"),this.platform=e,this.authFinishStep=r,this.settings=t,i)for(let e of i)this.steps.set(e.name,e)}isPasskeyRegistered(){return this.settings.fidoPasskeyRegistered}isFidoSupported(){return this.platform.isFidoSupported()}isDeviceRegistered(){return null!==this.settings.deviceId}isMobileWeb(){const e=this.platform.getUserAgent();return null!==e&&/Mobi|Android|webOS|iPhone|iPad|BlackBerry|Opera Mini/i.test(e)}getDeviceId(){return this.settings.deviceId}resetDeviceSettings(){this.settings.reset(),this.platform.deviceAuth.reset()}authenticate(e){return new o.default(((t,r,i)=>{e||r(new Error("No authentication token provided")),this.authFinishStep||r(new Error("AuthFinish step must be specified"));try{const n=new s.default(this.settings,this.platform,e),o=this.process(n);i((()=>o.cancel())),o.then((()=>{var e;if(n.lastStep!==u.AUTH_EMPTY)return this.log.info("Authentication flow has been completed."),null===(e=this.authFinishStep)||void 0===e?void 0:e.execute({authId:n.authId});this.log.info("Next step is not provided, authentication flow is terminated without completion."),t()})).then(t).catch(r)}catch(e){r(e)}}))}unregisterDevice(){return this.isDeviceRegistered()?new Promise(((e,t)=>{this.unregister("/v1/client/device/unregister").then((()=>{this.resetDeviceSettings(),e()})).catch(t)})):Promise.resolve()}unregisterPasskey(){return this.settings.fidoPasskeyRegistered?new Promise(((e,t)=>{this.unregister("/v1/client/stepup/unregister").then((()=>{this.settings.fidoPasskeyRegistered=!1,e()})).catch(t)})):Promise.resolve()}unregister(e){return new Promise(((t,r)=>{try{new s.default(this.settings,this.platform).fetchFromBackend(e,{deviceId:this.getDeviceId()}).then((e=>{e.error?r(new a.default(e.error.message,e.error.code,e.next,!1)):t()})).catch(r)}catch(e){r(e)}}))}process(e){return new o.default(((t,r,i)=>{i((()=>{this.log.info("Canceled"),e.closeAllMessageChannels(),t()})),this.nextStep(e,e.next,1).then(t).catch(r)}))}nextStep(e,t,r){return this.log.debug(`Authentication attempt ${r}, next step: ${t}`),e.lastStep=t,new Promise(((i,n)=>{[u.AUTH_DONE,u.AUTH_EMPTY].includes(t)?i():r>u.MAX_ATTEMPTS?n(new a.default("Too many authentication steps",l.default.ERROR_MAX_ATTEMPTS)):this.getNextStep(t).execute(e).then((t=>this.nextStep(e,t,r+1))).then(i).catch((t=>new c.default(t).execute(e).then((t=>this.nextStep(e,t,r+1))).then(i).catch(n)))}))}getNextStep(e){return this.steps.get(e)||new c.default("Unknown authentication step: "+e)}}u.AUTH_DONE="done",u.AUTH_EMPTY="",u.MAX_ATTEMPTS=50,t.default=u},7625:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(3350)),o=r(1727),s=r(4817),a=i(r(5186));class c{constructor(e,t){this.name=c.NAME,this.log=o.LoggerFactory.getLogger("mobile-instant-step"),this.errorCodeBak=a.default.ERROR_AUTHENTICATION_CLIENT_FAILURE,this.implementation=e,t?(this.getDeviceIp=t,this.deviceIpDetection=!1):(this.getDeviceIp=()=>null,this.deviceIpDetection=!0)}execute(e){return new Promise(((t,r)=>{let i=e.platform.getMobileAuthBuilder().withDeviceIpDetection(this.deviceIpDetection);switch(this.implementation){case s.MobileAuthImplementation.Pixel:i=i.withPixelImplementation();break;case s.MobileAuthImplementation.Fetch:i=i.withFetchImplementation().withFinishStep((t=>new Promise(((r,i)=>{e.fetchFromBackend("/v1/client/mobile/instant/finish",{vfp:t.vfp}).then(r).catch(i)}))))}i=i.withStartStep((t=>new Promise(((r,i)=>{const o=this.deviceIpDetection?t.deviceDescriptor.ip:this.getDeviceIp();e.fetchFromBackend("/v1/client/mobile/instant/start",{cellularIp:o,implementation:this.implementation}).then((e=>{var t;e.error?(this.nextBak=e.next,this.errorCodeBak=e.error.code,i(new n.default(e.error.message,e.error.code,e.next,!1))):r({authUrl:null===(t=e.data)||void 0===t?void 0:t.redirectUrl})})).catch(i)})))),i.build().authenticate().then((i=>{if(i){const e=i;e.error&&r(new n.default(i.error.message,i.error.code,i.next,!1)),t(e.next)}else e.fetchFromBackend("/v1/client/mobile/instant/finish",{}).then((e=>t(e.next))).catch((e=>{r(new n.default(i.error.message,i.error.code,i.next,!1))}))})).catch((e=>{r(new n.default(e,this.errorCodeBak,this.nextBak,!1))}))}))}}c.NAME="mobile/instant",t.default=c},3075:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=r(3794),s=i(r(3350)),a=r(3225),c=i(r(8907));class l extends a.AuthStatusActions{constructor(e,t){super(),this.name=l.NAME,this.log=n.LoggerFactory.getLogger("mobile-instantlink-step"),this.startStep=e,this.getDeviceIp=null!=t?t:()=>null}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{var i,n,o,s,a,c,l=!0;(null===(o=null===(n=null===(i=e.claims)||void 0===i?void 0:i.auth.subs.mob)||void 0===n?void 0:n.auths.inln)||void 0===o?void 0:o.mnp)&&(l=!1);var u=!1;(null===(c=null===(a=null===(s=e.claims)||void 0===s?void 0:s.auth.subs.mob)||void 0===a?void 0:a.auths.inln)||void 0===c?void 0:c.tme)&&(u=!0),this.runStartStep(e,l).then((i=>{this.runFinishStep(e,u).then((()=>this.waitForStatus(e))).then((e=>t(e))).catch(r)})).catch(r)}))}runStartStep(e,t,r){return new Promise(((i,n)=>{this.startStep?this.startStep.execute(t,r).then((r=>{const a=c.default.validatePhoneNumberInput(r);a?n(a):e.fetchFromBackend("/v1/client/mobile/instantlink/start",{sourceIp:this.getDeviceIp(),mobileNumber:null==r?void 0:r.phoneNumber}).then((r=>{var a,c,l;const u=r;if(u.error)n(new s.default(u.error.message,u.error.code,r.next,!1));else if(u.data){var d="";(null===(a=u.data)||void 0===a?void 0:a.code)&&(d+=`Error Code: ${u.data.code}, `),(null===(c=u.data)||void 0===c?void 0:c.message)?d+=`${u.data.message}`:d+="Error validating phone number";let r=new o.PhoneValidationError(d,null===(l=u.data)||void 0===l?void 0:l.code);this.log.error(`Server reports invalid phone number: ${d}`),this.runStartStep(e,t,r).then(i).catch(n)}else i(u.next)})).catch(n)})).catch(n):n(new Error("InstantLink start step must be specified"))}))}runFinishStep(e,t){return new Promise(((r,i)=>{t?(this.log.info("Simulating user clicking the instant link"),setTimeout((()=>{e.platform.fetch(e.backendOrigin+"/v1/client/mobile/instantlink/finish?token="+encodeURIComponent(e.authToken)+"&vfp=test-vfp",{mode:"no-cors",method:"GET"}).catch((e=>{this.log.error("Calling AuthFinish in test mode has failed: ",s.default.extractMessage(e))})).finally(r)}),100)):r()}))}}l.NAME="mobile/instantlink",t.default=l},8907:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(3350)),s=r(8864),a=r(3794);class c{constructor(e,t){this.name=c.NAME,this.log=n.LoggerFactory.getLogger("mobile-otp-step"),this.otpStartStep=e,this.otpFinishStep=t}execute(e){return new Promise(((t,r)=>{var i,n,o;if(this.otpStartStep)if(this.otpFinishStep){var s=!0;(null===(o=null===(n=null===(i=e.claims)||void 0===i?void 0:i.auth.subs.mob)||void 0===n?void 0:n.auths.otp)||void 0===o?void 0:o.mnp)&&(s=!1),this.runOtpStartStep(e,this.otpStartStep,this.otpFinishStep,s).then(t).catch(r)}else r(new Error("OtpFinishStep step must be specified"));else r(new Error("OtpStartStep step must be specified"))}))}static validatePhoneNumberInput(e){if(null!=e)return"object"!=typeof e?new o.default("Input must be an object"):"phoneNumber"in e?"string"!=typeof e.phoneNumber?new o.default("phoneNumber field in the input must be a string"):void 0:new o.default("phoneNumber field in the input is missing")}runOtpStartStep(e,t,r,i,n){return new Promise(((s,l)=>{t.execute(i,n).then((n=>{const u=c.validatePhoneNumberInput(n);u?l(u):e.fetchFromBackend("/v1/client/mobile/otp/start",{mobileNumber:null==n?void 0:n.phoneNumber}).then((n=>{const c=n;if(c.error)l(new o.default(c.error.message,c.error.code,n.next,!1));else if(c.data){let n=c.data;var u="";(null==n?void 0:n.code)&&(u+=`Error Code: ${n.code}, `),(null==n?void 0:n.message)?u+=`${n.message}`:u+="Error validating phone number";let o=new a.PhoneValidationError(u,null==n?void 0:n.code);this.log.error(`Server reports invalid phone number: ${u}`),this.runOtpStartStep(e,t,r,i,o).then(s).catch(l)}else this.runOtpFinishStep(e,t,r,i).then(s).catch(l)})).catch(l)})).catch((e=>{const t=o.default.extractMessage(e);l(new Error(`Failed to start OTP flow: ${t}`))}))}))}static validateFinishResult(e){if(null==e||"object"!=typeof e)return new o.default("result should be a valid object");if(!("resultType"in e))return new o.default("resultType field in the result is missing");if(e.resultType===s.OtpFinishResultType.OnSuccess){const t=e.input;if(null==t||"object"!=typeof t)return new o.default("input should be a valid object when resultType field is set with OnSuccess value");if(!("otp"in t))return new o.default("otp field in the input is missing");if("string"!=typeof t.otp)return new o.default("otp field in the input must be a string")}}runOtpFinishStep(e,t,r,i,n){return new Promise(((a,l)=>{r.execute(n).then((n=>{var u;let d=n;const h=c.validateFinishResult(d);if(h)l(h);else switch(d.resultType){case s.OtpFinishResultType.OnResendOtp:this.runOtpStartStep(e,t,r,i).then(a).catch(l);break;case s.OtpFinishResultType.OnSuccess:let n=d.input;e.fetchFromBackend("/v1/client/mobile/otp/finish",{otp:null!==(u=null==n?void 0:n.otp)&&void 0!==u?u:""}).then((n=>{const c=n;if(c.error)l(new o.default(c.error.message,c.error.code,n.next,!1));else if(c.data){let n=c.data;var u="";(null==n?void 0:n.code)&&(u+=`Error Code: ${n.code}, `),(null==n?void 0:n.message)?u+=`${n.message}`:u+="Error validating OTP";let o=new s.OtpError(u,null==n?void 0:n.code);this.log.error(`Server reports invalid OTP: ${u}`),this.runOtpFinishStep(e,t,r,i,o).then(a).catch(l)}else a(n.next)})).catch(l)}})).catch((e=>{const t=o.default.extractMessage(e);l(new Error(`Failed to obtain OTP for verification: ${t}}`))}))}))}}c.NAME="mobile/otp",t.default=c},3794:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.PhoneValidationError=void 0;const n=i(r(3350));class o extends n.default{constructor(e,t){super(e,t)}}t.PhoneValidationError=o},8566:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.getUnixTime=t.arrayBufferToHexString=t.arrayBufferToString=t.stringToArrayBuffer=t.DEVICE_CAPABILITY_WEBAUTHN=void 0,t.DEVICE_CAPABILITY_WEBAUTHN="webauthn",t.stringToArrayBuffer=function(e){return(new TextEncoder).encode(e)},t.arrayBufferToString=function(e){return String.fromCharCode.apply(null,Array.from(new Uint8Array(e)))},t.arrayBufferToHexString=function(e){return Array.from(new Uint8Array(e),(e=>("00"+e.toString(16)).slice(-2))).join("")},t.getUnixTime=function(){return Math.floor(Date.now()/1e3)}},6105:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(3350)),s=i(r(9568)),a=i(r(8370)),c=i(r(1044)),l=i(r(6736)),u=i(r(1840)),d=i(r(7625)),h=i(r(3075)),f=i(r(8907)),g=i(r(4704)),p=i(r(1474)),v=r(2207);class _{constructor(e){if(this.logger=n.LoggerFactory.getLogger("report-error-step"),this._message="Unknown error",this.reportable=!0,this.name="error",e instanceof o.default){const t=e;this._message=t.message,this._code=t.code,this.nextStep=t.nextStep,this.reportable=t.reportable}else e&&(this._message=o.default.extractMessage(e));this._message||this.logger.warn("Unexpected error: "+e)}get code(){return this._code}get message(){return this._message}execute(e){let t=`Authentication step ${e.lastStep} failed`;if(this._code&&(t=t+", code: "+this._code),this._message&&(t=t+", message: "+this._message),this.logger.error(t),this.nextStep===s.default.AUTH_DONE)return Promise.resolve(s.default.AUTH_DONE);const r=e.lastStep?_.endpointMap.get(e.lastStep):void 0;return!r||!this.reportable&&this.nextStep?this.nextStep?Promise.resolve(this.nextStep):Promise.reject(new o.default("Cannot determine the next auth step")):new Promise(((t,i)=>{e.fetchFromBackend(`/v1/client/${r}/error`,{code:this._code?this._code:void 0,message:this._message}).then((e=>t(e.next))).catch(i)}))}}_.endpointMap=new Map([[l.default.NAME,"device/passive"],[c.default.NAME,"device/passive"],[a.default.NAME,"device/fido2"],[u.default.NAME,"device/fido2"],[p.default.NAME,"device/fido2"],[d.default.NAME,"mobile/instant"],[h.default.NAME,"mobile/instantlink"],[f.default.NAME,"mobile/otp"],[g.default.NAME,"user/mobileactive"],[v.DeviceUniversalRedirectExchangeStep.NAME,"device/universal"],[v.DeviceUniversalRedirectFinishStep.NAME,"device/universal"]]),t.default=_},1770:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),n=r(8566),o=["/v1/client/stepup/unregister","/v1/client/device/unregister","/v1/client/device/passive/error","/v1/client/mobile/instant/error","/v1/client/mobile/otp/error","/v1/client/user/mobileactive","/v1/client/user/mobileactive/error"];t.default=class{constructor(e){this.log=i.LoggerFactory.getLogger("request-signer"),this.session=e}sign(e,t,r,i,n){return new Promise(((s,a)=>{this.session.getDeviceRegistration().then((c=>c&&c.deviceId?o.includes(t)?void Promise.all([this.getChallenge(c.deviceId),this.getHash(n)]).then((n=>{const o=n[0],l=n[1],u=e+"\n"+t+"\n"+r+"\n"+i+"\n"+o+"\n"+l;c.sign(u).then((e=>s({version:"3",challenge:o,signature:e,keyId:c.keyId}))).catch(a)})).catch(a):(this.log.debug("No signing needed for "+t),void s(null)):(this.log.debug("Device not registered, cannot sign"),void s(null)))).catch(a)}))}getChallenge(e){return new Promise(((t,r)=>{this.cachedChallenge&&this.cachedChallenge.receivedAt&&this.cachedChallenge.ttl&&this.cachedChallenge.deviceId===e&&this.cachedChallenge.receivedAt+this.cachedChallenge.ttl-60>(0,n.getUnixTime)()?t(this.cachedChallenge.challenge):this.session.fetchFromBackend("/v1/client/challenge",{deviceId:e}).then((e=>e)).then((e=>{var i;e.error?r(null===(i=e.error)||void 0===i?void 0:i.message):(e.receivedAt=(0,n.getUnixTime)(),this.cachedChallenge=e,t(e.challenge))})).catch(r)}))}getHash(e){return new Promise(((t,r)=>{crypto.subtle.digest("SHA-256",(0,n.stringToArrayBuffer)(e)).then((e=>t((0,n.arrayBufferToHexString)(e)))).catch(r)}))}}},1703:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(3350)),o=r(1727);class s{constructor(e){this.log=o.LoggerFactory.getLogger("scan-message-step"),this.name=s.NAME,this.authMessageHandler=e}execute(e){return new Promise(((t,r)=>{this.authMessageHandler?(e.authMessage||(this.log.warn("Auth message is missing"),e.authMessage={}),this.authMessageHandler(e.authMessage).then((i=>{e.fetchFromBackend("/v1/client/user/response",{response:i}).then((e=>{e.error?r(new n.default(e.error.message,e.error.code,e.next,!1)):t(e.next)}))})).catch(r)):r(new n.default("Failed to process auth message, the handler was not specified"))}))}}s.NAME="scan/message",t.default=s},7370:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),o=i(r(2654));class s{constructor(e){this.log=n.LoggerFactory.getLogger("settings"),this.upkEnabled=!1,this.storage=e}reset(){this.log.trace("reset"),this.deviceId=null,this.namespace=null,this.fidoPasskeyRegistered=!1,this.darwiniumResult=void 0}get deviceId(){return this.storage.getItem(this.getKey(s.DEVICE_ID_KEY))}set deviceId(e){this.setOrRemove(s.DEVICE_ID_KEY,e)}get fidoPasskeyRegistered(){return"true"===this.storage.getItem(this.getKey(s.FIDO_PASSKEY_REGISTERED_KEY))}set fidoPasskeyRegistered(e){this.setOrRemove(s.FIDO_PASSKEY_REGISTERED_KEY,e?"true":null)}get namespace(){return this.storage.getItem(this.getKey(s.NAMESPACE_KEY))}set namespace(e){this.log.trace("namespace set to "+e),this.setOrRemove(s.NAMESPACE_KEY,e)}get darwiniumResult(){let e=this.storage.getItem(this.getKey(s.DARWINIUM_RESULT_KEY));if(e){const t=JSON.parse(e);return Object.assign(new o.default,t)}}set darwiniumResult(e){this.setOrRemove(s.DARWINIUM_RESULT_KEY,JSON.stringify(e))}getKey(e){return`${s.KEY_PREFIX}.${e}`}setOrRemove(e,t){t?this.storage.setItem(this.getKey(e),t):this.storage.removeItem(this.getKey(e))}}s.KEY_PREFIX="ProveAuth",s.DEVICE_ID_KEY="DeviceId",s.NAMESPACE_KEY="namespace",s.FIDO_PASSKEY_REGISTERED_KEY="fidoPasskeyRegistered",s.DARWINIUM_RESULT_KEY="DarwiniumResult",t.default=s},6185:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(3350));class o{constructor(){this.name=o.NAME}execute(e){return new Promise(((e,t)=>{t(new n.default(`Step ${this.name} is not supported yet`))}))}}o.NAME="user/mobileactive",t.default=o},4704:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const n=i(r(3350));class o{constructor(){this.name=o.NAME}execute(e){return new Promise(((e,t)=>{t(new n.default(`Step ${this.name} is not supported yet`))}))}}o.NAME="user/present",t.default=o},4781:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.WebDeviceRegistration=void 0;const n=r(1727),o=i(r(3350)),s=r(8566);class a{constructor(e){this.deviceId=null,this.namespace=e.namespace,this.endpoint=e.endpoint,e.createdAt?(this.createdAt=e.createdAt,this.keyId=e.keyId,this.deviceId=e.deviceId,this.algorithm=e.algorithm,this.keys=e.keys):(this.keyId=crypto.randomUUID(),this.algorithm="ES256",this.createdAt=(0,s.getUnixTime)())}setFpSignal(e){this.fingerprint=e}sign(e){return new Promise(((t,r)=>{this.initialize().then((()=>{this.keys&&crypto.subtle.sign({name:"ECDSA",hash:{name:"SHA-256"}},this.keys.privateKey,(0,s.stringToArrayBuffer)(e)).then((e=>t(btoa((0,s.arrayBufferToString)(this.p1363ToDer(e)))))).catch(r)})).catch(r)}))}getPublicKey(){return new Promise(((e,t)=>{this.initialize().then((()=>{this.keys&&crypto.subtle.exportKey("spki",this.keys.publicKey).then((t=>{const r=btoa((0,s.arrayBufferToString)(t));e("-----BEGIN PUBLIC KEY-----\n"+r+"\n-----END PUBLIC KEY-----")})).catch(t)})).catch(t)}))}getAuthRegistration(e){return new Promise(((t,r)=>{this.sign(e).then((e=>{this.getPublicKey().then((r=>{t({publicKey:{id:this.keyId,alg:this.algorithm,key:r,uvLevel:0},signature:e})})).catch(r)})).catch(r)}))}getSignals(){return{fingerprint:this.fingerprint,darwinium:this.darwinium}}setDarwiniumSignal(e){this.darwinium=e}initialize(){return new Promise(((e,t)=>{this.keys?e():crypto.subtle.generateKey({name:"ECDSA",namedCurve:"P-256"},!1,["sign","verify"]).then((t=>{this.keys=t,e()})).catch(t)}))}p1363ToDer(e){const t=(0,s.arrayBufferToHexString)(e);let r=t.substring(0,t.length/2),i=t.substring(t.length/2);r=r.replace(/^(00)+/,""),i=i.replace(/^(00)+/,""),parseInt(r.charAt(0),16)>=8&&(r=`00${r}`),parseInt(i.charAt(0),16)>=8&&(i=`00${i}`);const n=`02${(r.length/2).toString(16).padStart(2,"0")}${r}`,o=`02${(i.length/2).toString(16).padStart(2,"0")}${i}`,a=`30${((n.length+o.length)/2).toString(16).padStart(2,"0")}${n}${o}`.match(/[\da-f]{2}/gi);return a?new Uint8Array(a.map((e=>parseInt(e,16)))):new Uint8Array}lenVal(e){if("string"==typeof e||e instanceof String){const t=e;return`[${t.length}]: ${t}`}{const t=e;return`[${t.byteLength}]: ${Array.from(new Uint8Array(t),(e=>e.toString(16))).join(",")}`}}}t.WebDeviceRegistration=a;class c{constructor(e){this.log=n.LoggerFactory.getLogger("web-device-auth"),this.dbFactory=e}createRegistration(e){return new Promise(((t,r)=>{t(new a(e))}))}getRegistration(e){return new Promise(((t,r)=>{const i=this.openDatabase();i.onerror=e=>{r("Failed to open registration database: "+e)},i.onsuccess=i=>{const n=i.target.result,o=n.transaction([c.DB_STORE],"readonly");o.oncomplete=()=>n.close();const s=o.objectStore(c.DB_STORE).get(e);s.onerror=e=>{this.log.error(e),r(new Error("Failed to access registration"))},s.onsuccess=()=>{s.result?t(new a(s.result)):t(null)}}}))}storeRegistration(e){return new Promise(((t,r)=>{const i=this.openDatabase();i.onerror=e=>{r("Failed to open registration database: "+e)},i.onsuccess=i=>{const n=i.target.result,s=n.transaction([c.DB_STORE],"readwrite");s.oncomplete=()=>n.close();const a=s.objectStore(c.DB_STORE);this.log.trace("Saving registration");const l=a.put(e);l.onsuccess=()=>{this.log.trace("Registration saved"),t()},l.onerror=e=>{this.log.error(e),r(new o.default("Failed to store registration"))}}}))}deleteRegistration(e){return new Promise(((t,r)=>{var i=this.openDatabase();i.onerror=e=>{r("Failed to open registration database: "+e)},i.onsuccess=i=>{var n=i.target.result,o=n.transaction([c.DB_STORE],"readwrite");if(o.oncomplete=()=>n.close(),!n.objectStoreNames.contains(c.DB_STORE))return this.log.debug("Registration not found, store is missing"),void t();var s=o.objectStore(c.DB_STORE).delete(e);s.onsuccess=()=>{t()},s.onerror=e=>{this.log.error(e),r(new Error("Failed to delete registration"))}}}))}reset(){return new Promise(((e,t)=>{var r=this.dbFactory.deleteDatabase(c.DB_NAME);r.onsuccess=t=>{e()},r.onerror=t=>{this.log.warn("Failed to delete registration database"),this.log.warn(t),e()}}))}openDatabase(){const e=this.dbFactory.open(c.DB_NAME,c.DB_VERSION);return e.onupgradeneeded=e=>{var t;const r=null===(t=e.target)||void 0===t?void 0:t.result;r?(this.log.debug("Registration not found, database is missing, initializing"),r.createObjectStore(c.DB_STORE,{keyPath:"namespace"}).transaction.oncomplete=e=>{this.log.trace("Store initialization completed")}):this.log.error("Failed to initialize registration database: database is null")},e}}c.DB_VERSION=1,c.DB_NAME="ProveAuth",c.DB_STORE="Registrations",t.default=c},1092:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.WebPlatform=t.WebSocketMessageChannel=void 0;const n=r(8266),o=r(8566),s=i(r(1770)),a=i(r(4781)),c=i(r(2654)),l=r(2582);class u{constructor(e){this.webSocket=new WebSocket(e)}addEventListener(e,t){this.webSocket.addEventListener(e,t)}send(e){this.webSocket.send(e)}close(){this.webSocket.close()}}t.WebSocketMessageChannel=u,t.WebPlatform=class{constructor(){this.webauthn={getCredentials:e=>navigator.credentials.get(e),createCredentials:e=>navigator.credentials.create(e)},this.deviceAuth=new a.default(window.indexedDB)}getPlatformName(){return`${this.getBrowserName()} ${this.getBrowserVersion()} on ${this.getOSName()}`}getUserAgent(){return navigator.userAgent}isFidoSupported(){return null!=window.PublicKeyCredential}fetch(e,t){return fetch(e,t)}createMessageChannel(e){return new u(e)}createRequestSigner(e){return new s.default(e)}getBrowserName(){const e=navigator.userAgent;let t;return t=e.indexOf("Firefox")>-1?"Firefox":e.indexOf("Opera")>-1||e.indexOf("OPR")>-1?"Opera":e.indexOf("DuckDuckGo")>-1?"DuckDuckGo":e.indexOf("SamsungBrowser")>-1?"Samsung Browser":e.indexOf("Trident")>-1?"Internet Explorer":e.indexOf("Edge")>-1?"Edge":e.indexOf("Chrome")>-1?"Chrome":e.indexOf("Safari")>-1?"Safari":"Unknown",t}getBrowserVersion(){const e=navigator.userAgent.match(/(?:Firefox|Opera|OPR|SamsungBrowser|DuckDuckGo|Internet Explorer|Edge|Chrome|Safari)[\/|\s](\d+(\.\d+)?)/i);return e?e[1]:"Unknown"}getOSName(){const e=navigator.platform,t=navigator.userAgent;let r;if(/Win/i.test(e)){r="Windows";const e=t.match(/Win(?:dows )?NT (\d+\.\d+)/i);if(e){const t=parseFloat(e[1]);r+=11===t?" 11":10===t?" 10":6.3===t?" 8.1":6.2===t?" 8":6.1===t?" 7":6===t?" Vista":5.1===t||5.2===t?" XP":" (Unknown Version)"}}else if(e.match(/Mac/i)){r="Mac OS";const e=t.match(/Mac OS X (\d+[_.]\d+([_.]\d+)?)/i);e&&(r+=" "+e[1].replace(/_/g,"."))}else r=t.match(/Android/i)?"Android":t.match(/iOS|iPhone|iPad|iPod/i)?"iOS":e.match(/Linux/i)?"Linux":"Unknown";return r}getDeviceCapabilities(){return this.isFidoSupported()?[o.DEVICE_CAPABILITY_WEBAUTHN]:[]}getMobileAuthBuilder(){return new n.AuthenticatorBuilder}exit(e){}urlRedirect(e){window.location.replace(e)}getFpPromise(){return this.fpPromise}setFpPromise(e){this.fpPromise=e}getOrigin(){return window.location.origin}collectDarwiniumData(e,t){return new Promise((r=>{if(!e)return l.DarwiniumWrapper.collectData().then((e=>r(e)));if(t)return l.DarwiniumWrapper.collectDataInIFrame(t).then((e=>r(e)));{const e=new c.default;e.setErr("iFrame is enabled for Darwinium data collection but iFrame src endpoint is unavailable"),r(e)}}))}}},1786:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.WebSocketCloseReasons=void 0,(r=t.WebSocketCloseReasons||(t.WebSocketCloseReasons={})).NORMAL_CLOSURE="Normal closure",r.GOING_AWAY="The connection is closed because a server is going down or a browser has navigated away from the page.",r.PROTOCOL_ERROR="The connection is closed due to a protocol error",r.UNSUPPORTED_DATA="The connection is closed because it has received unsupported data",r.NO_STATUS_RECEIVED="No closed status code was actually present.",r.ABNORMAL_CLOSURE="The connection was closed unexpectedly without a close frame",r.INVALID_FRAME_PAYLOAD_DATA="The connection was closed because it received inconsistent data in a message.",r.POLICY_VIOLATION="The connection was closed due to policy violation",r.MESSAGE_TOO_BIG="The connection was closed because it has received a message that is too big for it to process.",r.MANDATORY_EXTENSION="The connection was closed because the client required a server extension that was not supported.",r.INTERNAL_ERROR="The connection was closed because the server encountered an unexpected error",r.TLS_HANDSHAKE="The connection was closed due to a failure to perform a TLS handshake",r.UNKNOWN_REASON="Unknown reason"},8864:function(e,t,r){var i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.OtpFinishResultType=t.OtpError=void 0;const n=i(r(3350));class o extends n.default{constructor(e,t){super(e,t)}}var s;t.OtpError=o,(s=t.OtpFinishResultType||(t.OtpFinishResultType={}))[s.OnSuccess=0]="OnSuccess",s[s.OnResendOtp=1]="OnResendOtp"},6462:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.USER_AGENT_VERSIONS=t.API_CONTRACT_VERSION=t.VERSION=void 0,t.VERSION="2.9.1",t.API_CONTRACT_VERSION="2.9.1",t.USER_AGENT_VERSIONS=`ProveAuth/${t.VERSION} Contract/${t.API_CONTRACT_VERSION} WEB/1`}},t={};function r(i){var n=t[i];if(void 0!==n)return n.exports;var o=t[i]={exports:{}};return e[i].call(o.exports,o,o.exports,r),o.exports}return r.d=(e,t)=>{for(var i in t)r.o(t,i)&&!r.o(e,i)&&Object.defineProperty(e,i,{enumerable:!0,get:t[i]})},r.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),r.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r(3607)})()));
+!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.proveAuth=t():e.proveAuth=t()}(self,(()=>(()=>{"use strict";var e={6616:(e,t,r)=>{r.r(t),r.d(t,{ERROR_API_KEY_EXPIRED:()=>O,ERROR_API_KEY_INVALID:()=>R,ERROR_API_KEY_MISSING:()=>m,ERROR_BAD_REQUEST_FORMAT:()=>A,ERROR_BAD_RESPONSE_FORMAT:()=>l,ERROR_CLIENT_TIMEOUT:()=>s,ERROR_CSP_BLOCK:()=>u,ERROR_FORBIDDEN_ENDPOINT:()=>_,ERROR_FORBIDDEN_HEADER:()=>I,ERROR_FORBIDDEN_ORIGIN:()=>b,ERROR_GENERAL_SERVER_FAILURE:()=>w,ERROR_INSTALLATION_METHOD_RESTRICTED:()=>v,ERROR_INTEGRATION_FAILURE:()=>E,ERROR_INVALID_ENDPOINT:()=>d,ERROR_NETWORK_ABORT:()=>c,ERROR_NETWORK_CONNECTION:()=>a,ERROR_RATE_LIMIT:()=>y,ERROR_SCRIPT_LOAD_FAIL:()=>C,ERROR_SERVER_TIMEOUT:()=>S,ERROR_SUBSCRIPTION_NOT_ACTIVE:()=>g,ERROR_TOKEN_EXPIRED:()=>T,ERROR_TOKEN_INVALID:()=>N,ERROR_TOKEN_MISSING:()=>P,ERROR_UNSUPPORTED_VERSION:()=>p,ERROR_WRONG_REGION:()=>f,default:()=>j,defaultEndpoint:()=>i,defaultScriptUrlPattern:()=>F,defaultTlsEndpoint:()=>o,load:()=>x});var n=function(){return n=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var i in t=arguments[r])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},n.apply(this,arguments)};Object.create,Object.create,"function"==typeof SuppressedError&&SuppressedError;var i={default:"endpoint"},o={default:"tlsEndpoint"},s="Client timeout",a="Network connection error",c="Network request aborted",l="Response cannot be parsed",u="Blocked by CSP",d="The endpoint parameter is not a valid URL";function h(e){for(var t="",r=0;r<e.length;++r)if(r>0){var n=e[r].toLowerCase();n!==e[r]?t+=" ".concat(n):t+=e[r]}else t+=e[r].toUpperCase();return t}var f=h("WrongRegion"),g=h("SubscriptionNotActive"),p=h("UnsupportedVersion"),v=h("InstallationMethodRestricted"),_=h("HostnameRestricted"),E=h("IntegrationFailed"),m="API key required",R="API key not found",O="API key expired",A="Request cannot be parsed",w="Request failed",S="Request failed to process",y="Too many requests, rate limit exceeded",b="Not available for this origin",I="Not available with restricted header",P=m,N=R,T=O,D="3.11.0",C="Failed to load the JS script of the agent",L="9319";function M(e,t){var r,n,i,o,s=[],a=(r=function(e){var t=function(e,t,r){if(r||2===arguments.length)for(var n,i=0,o=t.length;i<o;i++)!n&&i in t||(n||(n=Array.prototype.slice.call(t,0,i)),n[i]=t[i]);return e.concat(n||Array.prototype.slice.call(t))}([],e,!0);return{current:function(){return t[0]},postpone:function(){var e=t.shift();void 0!==e&&t.push(e)},exclude:function(){t.shift()}}}(e),o=0,n=function(){return Math.random()*Math.min(3e3,100*Math.pow(2,o++))},i=new Set,[r.current(),function(e,t){var o,s=t instanceof Error?t.message:"";if(s===u||s===d)r.exclude(),o=0;else if(s===L)r.exclude();else if(s===C){var a=Date.now()-e.getTime()<50,c=r.current();c&&a&&!i.has(c)&&(i.add(c),o=0),r.postpone()}else r.postpone();var l=r.current();return void 0===l?void 0:[l,null!=o?o:e.getTime()+n()-Date.now()]}]),c=a[0],l=a[1];if(void 0===c)return Promise.reject(new TypeError("The list of script URL patterns is empty"));var h=function(e){var r=new Date,n=function(t){return s.push({url:e,startedAt:r,finishedAt:new Date,error:t})},i=t(e);return i.then((function(){return n()}),n),i.catch((function(e){if(s.length>=5)throw e;var t=l(r,e);if(!t)throw e;var n,i=t[0],o=t[1];return(n=o,new Promise((function(e){return setTimeout(e,n)}))).then((function(){return h(i)}))}))};return h(c).then((function(e){return[e,s]}))}var U="https://fpnpmcdn.net/v<version>/<apiKey>/loader_v<loaderVersion>.js",F=U;function x(e){var t;e.scriptUrlPattern;var r=e.token,i=e.apiKey,o=void 0===i?r:i,s=function(e,t){var r={};for(var n in e)Object.prototype.hasOwnProperty.call(e,n)&&t.indexOf(n)<0&&(r[n]=e[n]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var i=0;for(n=Object.getOwnPropertySymbols(e);i<n.length;i++)t.indexOf(n[i])<0&&Object.prototype.propertyIsEnumerable.call(e,n[i])&&(r[n[i]]=e[n[i]])}return r}(e,["scriptUrlPattern","token","apiKey"]),a=null!==(t=function(e,t){return function(e,t){return Object.prototype.hasOwnProperty.call(e,t)}(e,t)?e[t]:void 0}(e,"scriptUrlPattern"))&&void 0!==t?t:U,c=function(){var e=[],t=function(){e.push({time:new Date,state:document.visibilityState})},r=function(e,t,r,n){return e.addEventListener(t,r,n),function(){return e.removeEventListener(t,r,n)}}(document,"visibilitychange",t);return t(),[e,r]}(),l=c[0],u=c[1];return Promise.resolve().then((function(){if(!o||"string"!=typeof o)throw new Error(m);return M(function(e,t){return(Array.isArray(e)?e:[e]).map((function(e){return function(e,t){var r=encodeURIComponent;return e.replace(/<[^<>]+>/g,(function(e){return"<version>"===e?"3":"<apiKey>"===e?r(t):"<loaderVersion>"===e?r(D):e}))}(String(e),t)}))}(a,o),k)})).catch((function(e){throw u(),function(e){return e instanceof Error&&e.message===L?new Error(C):e}(e)})).then((function(e){var t=e[0],r=e[1];return u(),t.load(n(n({},s),{ldi:{attempts:r,visibilityStates:l}}))}))}function k(e){return function(e,t,r,n){var i,o=document,s="securitypolicyviolation",a=function(t){var r=new URL(e,location.href),n=t.blockedURI;n!==r.href&&n!==r.protocol.slice(0,-1)&&n!==r.origin||(i=t,c())};o.addEventListener(s,a);var c=function(){return o.removeEventListener(s,a)};return Promise.resolve().then(t).then((function(e){return c(),e}),(function(e){return new Promise((function(e){var t=new MessageChannel;t.port1.onmessage=function(){return e()},t.port2.postMessage(null)})).then((function(){if(c(),i)return function(){throw new Error(u)}();throw e}))}))}(e,(function(){return function(e){return new Promise((function(t,r){if(function(e){if(URL.prototype)try{return new URL(e,location.href),!1}catch(e){if(e instanceof Error&&"TypeError"===e.name)return!0;throw e}}(e))throw new Error(d);var n=document.createElement("script"),i=function(){var e;return null===(e=n.parentNode)||void 0===e?void 0:e.removeChild(n)},o=document.head||document.getElementsByTagName("head")[0];n.onload=function(){i(),t()},n.onerror=function(){i(),r(new Error(C))},n.async=!0,n.src=e,o.appendChild(n)}))}(e)})).then(B)}function B(){var e=window,t="__fpjs_p_l_b",r=e[t];if(function(e,t){var r,n=null===(r=Object.getOwnPropertyDescriptor)||void 0===r?void 0:r.call(Object,e,t);(null==n?void 0:n.configurable)?delete e[t]:n&&!n.writable||(e[t]=void 0)}(e,t),"function"!=typeof(null==r?void 0:r.load))throw new Error(L);return r}var j={load:x,defaultScriptUrlPattern:U,ERROR_SCRIPT_LOAD_FAIL:C,ERROR_API_KEY_EXPIRED:O,ERROR_API_KEY_INVALID:R,ERROR_API_KEY_MISSING:m,ERROR_BAD_REQUEST_FORMAT:A,ERROR_BAD_RESPONSE_FORMAT:l,ERROR_CLIENT_TIMEOUT:s,ERROR_CSP_BLOCK:u,ERROR_FORBIDDEN_ENDPOINT:_,ERROR_FORBIDDEN_HEADER:I,ERROR_FORBIDDEN_ORIGIN:b,ERROR_GENERAL_SERVER_FAILURE:w,ERROR_INSTALLATION_METHOD_RESTRICTED:v,ERROR_INTEGRATION_FAILURE:E,ERROR_INVALID_ENDPOINT:d,ERROR_NETWORK_ABORT:c,ERROR_NETWORK_CONNECTION:a,ERROR_RATE_LIMIT:y,ERROR_SERVER_TIMEOUT:S,ERROR_SUBSCRIPTION_NOT_ACTIVE:g,ERROR_TOKEN_EXPIRED:O,ERROR_TOKEN_INVALID:R,ERROR_TOKEN_MISSING:m,ERROR_UNSUPPORTED_VERSION:p,ERROR_WRONG_REGION:f,defaultEndpoint:i,defaultTlsEndpoint:o}},2715:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.LoggerFactory=t.LogLevel=void 0,function(e){e[e.disabled=0]="disabled",e[e.error=1]="error",e[e.warn=2]="warn",e[e.info=3]="info",e[e.debug=4]="debug",e[e.trace=5]="trace"}(r=t.LogLevel||(t.LogLevel={}));class n{static setLogLevel(e){n.logLevel=e}static setLogWriter(e){n.logWriter=e}static getLogger(e){return{trace:(...e)=>{n.logLevel>=r.trace&&n.logWriter.write(r.trace,...e)},debug:(...e)=>{n.logLevel>=r.debug&&n.logWriter.write(r.debug,...e)},info:(...e)=>{n.logLevel>=r.info&&n.logWriter.write(r.info,...e)},warn:(...e)=>{n.logLevel>=r.warn&&n.logWriter.write(r.warn,...e)},error:(...e)=>{n.logLevel>=r.error&&n.logWriter.write(r.error,...e)}}}}n.logWriter=new class{write(e,...t){switch(e){case r.trace:case r.debug:console.debug(...t);break;case r.info:console.info(...t);break;case r.warn:console.warn(...t);break;case r.error:console.error(...t)}}},n.logLevel=r.info,t.LoggerFactory=n},8266:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.LogLevel=t.LoggerFactory=t.DeviceDescriptor=t.StepCode=t.ErrorCode=t.AuthenticatorBuilder=t.VERSION_CODE=t.VERSION_NAME=void 0;const i=r(9843);Object.defineProperty(t,"VERSION_NAME",{enumerable:!0,get:function(){return i.VERSION_NAME}}),Object.defineProperty(t,"VERSION_CODE",{enumerable:!0,get:function(){return i.VERSION_CODE}});const o=n(r(7460));t.AuthenticatorBuilder=o.default;const s=r(6639);Object.defineProperty(t,"ErrorCode",{enumerable:!0,get:function(){return s.ErrorCode}});const a=r(2400);Object.defineProperty(t,"StepCode",{enumerable:!0,get:function(){return a.StepCode}});const c=n(r(79));t.DeviceDescriptor=c.default;const l=r(2715);Object.defineProperty(t,"LoggerFactory",{enumerable:!0,get:function(){return l.LoggerFactory}}),Object.defineProperty(t,"LogLevel",{enumerable:!0,get:function(){return l.LogLevel}})},7460:function(e,t,r){var n=this&&this.__createBinding||(Object.create?function(e,t,r,n){void 0===n&&(n=r);var i=Object.getOwnPropertyDescriptor(t,r);i&&!("get"in i?!t.__esModule:i.writable||i.configurable)||(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,n,i)}:function(e,t,r,n){void 0===n&&(n=r),e[n]=t[r]}),i=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t}),o=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var r in e)"default"!==r&&Object.prototype.hasOwnProperty.call(e,r)&&n(t,e,r);return i(t,e),t},s=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const a=s(r(3060)),c=s(r(7834)),l=s(r(7747)),u=s(r(5386)),d=s(r(689)),h=s(r(4670)),f=o(r(9134));function g(e){return"function"==typeof e?{execute:t=>e(t)}:e}t.default=class{constructor(e){this._deviceIpDetection=!1,this._timeout=0,this._config=e||new a.default}withStartStep(e){return this._startStep=g(e),this}withFinishStep(e){return this._finishStep=g(e),this}withPixelImplementation(){return this._authStep=void 0,this}withFetchImplementation(){return this._authStep=new l.default,this}withPassiveImplementation(){return this._authStep=new h.default,this}withDeviceIpDetection(e=!0){return this._deviceIpDetection=e,this}withTimeout(e){return this._timeout=e,this}build(){let e=this._authStep;const t=this._startStep;let r=this._finishStep;e||(e=new f.default,r=new f.PixelFinishStep);const n=this._deviceIpDetection?new u.default:new d.default;if(!t)throw new Error("Start step is required");if(!r)throw new Error("Finish step is required");return new c.default(n,t,e,r,this._timeout)}}},6639:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.ErrorCode=void 0,(r=t.ErrorCode||(t.ErrorCode={}))[r.GENERIC_UNKNOWN_REASON=0]="GENERIC_UNKNOWN_REASON",r[r.GENERIC_TIMEOUT=1]="GENERIC_TIMEOUT",r[r.GENERIC_INVALID_STATE=2]="GENERIC_INVALID_STATE",r[r.GENERIC_COMMUNICATION_ERROR=3]="GENERIC_COMMUNICATION_ERROR",r[r.PRE_CHECK_AIRPLANE_MODE_ENABLED=17]="PRE_CHECK_AIRPLANE_MODE_ENABLED",r[r.PRE_CHECK_NO_CELLULAR_RADIO=18]="PRE_CHECK_NO_CELLULAR_RADIO",r[r.PRE_CHECK_NO_CELLULAR_CONNECTION=19]="PRE_CHECK_NO_CELLULAR_CONNECTION",r[r.PRE_CHECK_WIFI_CALLING_ENABLED=20]="PRE_CHECK_WIFI_CALLING_ENABLED",r[r.PRE_CHECK_WIFI_CANNOT_BE_OVERRIDDEN=21]="PRE_CHECK_WIFI_CANNOT_BE_OVERRIDDEN",r[r.AUTH_MALFORMED_INPUT_DATA=65]="AUTH_MALFORMED_INPUT_DATA",r[r.AUTH_BAD_CREDENTIALS=66]="AUTH_BAD_CREDENTIALS",r[r.AUTH_VFP_KEY_EXPIRED=67]="AUTH_VFP_KEY_EXPIRED",r[r.AUTH_INVALID_RESPONSE=68]="AUTH_INVALID_RESPONSE"},6902:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r extends Error{constructor(e,...t){super(...t),this.errorCode=e,Error.captureStackTrace&&Error.captureStackTrace(this,r),this.name="AuthLocalError",this.errorCode=e}}t.default=r},7747:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=i(r(8498)),s=i(r(5112)),a=i(r(5030)),c=r(2715),l=r(6458);t.default=class{constructor(){this.logger=c.LoggerFactory.getLogger("fetch-authentication-step")}execute(e){return n(this,void 0,void 0,(function*(){this.logger.info("use fetch");const t=(0,l.toURL)(e.authUrl);let r;return t.searchParams.get("testVfp")?(this.logger.info("test flow detected"),r=a.default.create(t)):"2"===t.searchParams.get("pfflow")?(this.logger.info("flow v2 detected"),r=s.default.create(t)):(this.logger.info("flow v1 detected"),r=o.default.create(t)),{vfp:yield r.handle()}}))}}},5030:function(e,t){var r=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))};Object.defineProperty(t,"__esModule",{value:!0});class n{static create(e){var t,r,i;const o=null!==(r=parseInt(null!==(t=e.searchParams.get("delay"))&&void 0!==t?t:"0"))&&void 0!==r?r:0,s=null!==(i=e.searchParams.get("testVfp"))&&void 0!==i?i:"";return new n(s,o)}constructor(e,t){this.testVfp=e,this.delay=t}handle(){return r(this,void 0,void 0,(function*(){return new Promise((e=>{setTimeout((()=>e(this.testVfp)),this.delay)}))}))}}t.default=n},6458:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.RawURL=t.Base64=t.fetchAuth=t.handleHttpError=t.toURL=void 0;const o=r(2715),s=r(6639),a=r(9843),c=i(r(6902));t.toURL=function(e){try{return new l(e)}catch(t){throw new c.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Malformed url "+e)}},t.handleHttpError=function(e){return n(this,void 0,void 0,(function*(){const t=e.status;switch(t){case 404:throw new c.default(s.ErrorCode.AUTH_BAD_CREDENTIALS);case 410:throw new c.default(s.ErrorCode.AUTH_VFP_KEY_EXPIRED);default:let r;try{r=(yield e.json()).error}catch(e){}throw new c.default(s.ErrorCode.AUTH_INVALID_RESPONSE,r||`http error (${e.statusText} , code = ${t})`)}}))},t.fetchAuth=function(e,t){var r;const n=o.LoggerFactory.getLogger("http-client"),i=null!=t?t:{},l=null!==(r=i.method)&&void 0!==r?r:"GET";if(n.debug(`${l} ${e} ${e.protocol}`),"http:"===e.protocol)throw new c.default(s.ErrorCode.GENERIC_INVALID_STATE,`Web SDK cannot make http request [${e}]`);const u={};let d;return e.searchParams.set("sdkVersion",a.VERSION_NAME),"object"==typeof i.body&&(u["Content-Type"]="application/json",d=JSON.stringify(i.body)),d&&n.debug(`request body: ${d}`),fetch(e.toString(),{method:l,mode:"cors",headers:u,body:d}).then((e=>(n.debug(`${e.status} ${e.statusText}`),e)))},t.Base64=new class{constructor(){this.PADCHAR="=",this.ALPHA="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"}getByte(e,t){return e.charCodeAt(t)}getByte64(e,t){return this.ALPHA.indexOf(e.charAt(t))}_decode(e){let t,r,n=0,i=e.length,o=[];if(e=String(e),0===i)return e;for(e.charAt(i-1)===this.PADCHAR&&(n=1,e.charAt(i-2)===this.PADCHAR&&(n=2),i-=4),t=0;t<i;t+=4)r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12|this.getByte64(e,t+2)<<6|this.getByte64(e,t+3),o.push(String.fromCharCode(r>>16,r>>8&255,255&r));switch(n){case 1:r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12|this.getByte64(e,t+2)<<6,o.push(String.fromCharCode(r>>16,r>>8&255));break;case 2:r=this.getByte64(e,t)<<18|this.getByte64(e,t+1)<<12,o.push(String.fromCharCode(r>>16))}return o.join("")}_encode(e){let t,r,n=[],i=(e=String(e)).length-e.length%3;if(0===e.length)return e;for(t=0;t<i;t+=3)r=this.getByte(e,t)<<16|this.getByte(e,t+1)<<8|this.getByte(e,t+2),n.push(this.ALPHA.charAt(r>>18)),n.push(this.ALPHA.charAt(r>>12&63)),n.push(this.ALPHA.charAt(r>>6&63)),n.push(this.ALPHA.charAt(63&r));switch(e.length-i){case 1:r=this.getByte(e,t)<<16,n.push(this.ALPHA.charAt(r>>18)+this.ALPHA.charAt(r>>12&63)+this.PADCHAR+this.PADCHAR);break;case 2:r=this.getByte(e,t)<<16|this.getByte(e,t+1)<<8,n.push(this.ALPHA.charAt(r>>18)+this.ALPHA.charAt(r>>12&63)+this.ALPHA.charAt(r>>6&63)+this.PADCHAR)}return n.join("")}decode(e,t=!0){return e=t?e.replace(".","+").replace("_","/").replace("-","="):e,this._decode(e)}encode(e,t=!0){const r=this._encode(e);return t?r.replace("+",".").replace("/","_").replace("=","-"):r}};class l{constructor(e){this.url=e,this.params=[],this.searchParams={get:e=>this._get(e),getAll:e=>this._getAll(e),set:(e,t,r=!1)=>this._set(e,t,r)};const t=new URL(e);this.protocol=t.protocol;for(const e of t.searchParams.keys())this.params.push({key:e,values:t.searchParams.getAll(e),encode:!1})}_set(e,t,r=!1){const n=this.params.findIndex((t=>t.key===e));-1===n?this.params.push({key:e,values:[t],encode:r}):this.params.splice(n,1,{key:e,values:[t],encode:r})}_get(e){const t=this._getAll(e);return t?t[0]:void 0}_getAll(e){var t;return null===(t=this.params.find((t=>t.key===e)))||void 0===t?void 0:t.values}toString(){function e(e,t){return t?encodeURIComponent(e):null==e?void 0:e.replace(/\?/g,"%3F").replace(/\&/g,"%26")}const t=this.url.indexOf("?");let r=-1==t?this.url:this.url.slice(0,t),n=[];for(const t of this.params)for(const r of t.values)n.push(`${e(t.key,t.encode)}=${e(r,t.encode)}`);return n.length&&(r+="?"+n.join("&")),r}}t.RawURL=l},8498:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=i(r(6902)),a=r(6639),c=r(6458);class l{static create(e){return e.searchParams.set("r","f"),new l(e)}constructor(e){this.url=e,this.logger=o.LoggerFactory.getLogger("flow-v1")}handle(){var e,t;return n(this,void 0,void 0,(function*(){let r;const n=this.url.searchParams.get("vfp");let i=this.url;for(this.logger.debug(`current vfp ${n}`);;){try{r=yield(0,c.fetchAuth)(i,{})}catch(e){throw new s.default(a.ErrorCode.GENERIC_COMMUNICATION_ERROR,e.message)}if(console.log(r.url),r.status>=300&&r.status<400){const o=new c.RawURL(null!==(e=r.headers.get("Location"))&&void 0!==e?e:"");this.logger.debug(`redirect to ${o}`);const s=null!==(t=o.searchParams.get("vfp"))&&void 0!==t?t:o.searchParams.get("token");if(s&&s!==n)return this.logger.debug(`vfp changed to ${s}`),s;i=o}else{if(r.status>=200&&r.status<300){let e;try{e=yield r.json()}catch(e){throw new s.default(a.ErrorCode.AUTH_INVALID_RESPONSE,e.message)}this.logger.debug("got json response",e);const t=this.getVfpFromJson(e);if(!t)throw new s.default(a.ErrorCode.AUTH_INVALID_RESPONSE,`Received unknown payload: ${JSON.stringify(e)}`);return t}yield(0,c.handleHttpError)(r)}}}))}getVfpFromJson(e){const t=e.vfp;if(t)return t;const r=e.token,n=e.correlation_id;if(r)return n?n+"..."+r:r;const i=e.reconcilation_token;return i?n?n+"..."+i:i:void 0}}t.default=l},5112:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=r(6639),a=i(r(6902)),c=r(6458);class l{static create(e){var t;const r=e.searchParams.get("data");if(!r)throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing in url");let n,i,o,u;try{const e=c.Base64.decode(r);console.log("decoded",e),n=JSON.parse(e)}catch(e){throw console.error(e),new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - cannot parse as json")}try{i=new c.RawURL(null!==(t=n.url)&&void 0!==t?t:"")}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing/invalid url field")}try{o=n.vfp}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing vfp field")}try{u=n.data}catch(e){throw new a.default(s.ErrorCode.AUTH_MALFORMED_INPUT_DATA,"Invalid flow.v2 data - missing data field")}return new l(i,o,u,n["att-1004"])}constructor(e,t,r,n){this.url=e,this.vfp=t,this.data=r,this.att1004=n,this.logger=o.LoggerFactory.getLogger("flow-v2")}handle(){var e;return n(this,void 0,void 0,(function*(){let t=!1,r=JSON.parse(JSON.stringify(this.data));for(;;){let n;try{n=yield(0,c.fetchAuth)(this.url,{method:"POST",body:r})}catch(e){throw new a.default(s.ErrorCode.GENERIC_COMMUNICATION_ERROR,e.message)}if(n.status>=200&&n.status<300){const i=yield n.text();if(this.logger.trace(`att response body: ${i}`),!t)try{if(1004===JSON.parse(i).status){const n=null!==(e=this.att1004)&&void 0!==e?e:["application-id"];if(n){t=!0,this.logger.debug(`flow v2.5 detected, use application-id: ${n}`),r.put("application-id",n);continue}this.logger.debug("missing att1004.application-id, continue flow v2")}}catch(e){}const o=c.Base64.encode(i);return`${this.vfp}___${o}${t?"___R2":""}`}if(n.status>=300&&n.status<400)throw new a.default(s.ErrorCode.AUTH_INVALID_RESPONSE,"Unexpected redirect in flow v2");yield(0,c.handleHttpError)(n)}}))}}t.default=l},4670:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=i(r(5030)),s=r(2715),a=r(6458),c=r(9843);t.default=class{constructor(){this.logger=s.LoggerFactory.getLogger("passive-authentication-step")}execute(e){return n(this,void 0,void 0,(function*(){this.logger.info("use passive");const t=(0,a.toURL)(e.authUrl);let r;if(t.searchParams.get("testVfp"))this.logger.info("test flow detected"),r=o.default.create(t);else{if("2"===t.searchParams.get("pfflow"))throw new Error("flow v2 detected but not supported by passive auth implementation");this.logger.info("flow v1 detected"),r=new l(t)}return{vfp:yield r.handle()}}))}};class l{constructor(e){this.url=e,this.logger=s.LoggerFactory.getLogger("passive-flow-v1")}handle(){return n(this,void 0,void 0,(function*(){return new Promise(((e,t)=>{const r="_proveAuthResponse";this.url.searchParams.set("jsonp","true"),this.url.searchParams.set("sdkVersion",c.VERSION_NAME);const n=window;this.logger.trace("install global callback"),n[r]=r=>{if(o)return;s();const n=r?this.getVfpFromJson(r):void 0;n?e(n):t(new Error(r?"script loaded but vfp not defined":"script loaded but callback not trigerred"))};const i=document.createElement("script");let o=!1;const s=()=>{this.logger.trace("cleanup global callback"),o=!0,n[r]=void 0,document.body.removeChild(i)};i.onload=()=>{this.logger.trace("script loaded"),setTimeout((()=>{o||(s(),t(new Error("script loaded, but not executed")))}),1e3)},i.onerror=()=>{this.logger.trace("script load error"),o||(s(),t(new Error("script load error")))},document.body.appendChild(i),i.src=this.url.toString()}))}))}getVfpFromJson(e){const t=e.vfp;if(t)return t;const r=e.token,n=e.correlation_id;if(r)return n?n+"..."+r:r;const i=e.reconcilation_token;return i?n?n+"..."+i:i:void 0}}},9134:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.PixelFinishStep=void 0;const o=i(r(5030)),s=r(2715),a=r(6458),c=r(9843);t.default=class{constructor(){this.logger=s.LoggerFactory.getLogger("pixel-authentication-step")}execute(e){return n(this,void 0,void 0,(function*(){this.logger.info("use pixel");const t=(0,a.toURL)(e.authUrl);let r;if(t.searchParams.get("testVfp"))this.logger.info("test flow detected"),r=o.default.create(t);else{if("2"===t.searchParams.get("pfflow"))throw new Error("flow v2 detected but not supported by pixel auth implementation");this.logger.info("flow v1 detected"),r=new l(t)}return{vfp:yield r.handle()}}))}};class l{constructor(e){this.url=e,this.logger=s.LoggerFactory.getLogger("pixel-flow-v1")}handle(){return n(this,void 0,void 0,(function*(){return new Promise(((e,t)=>{this.url.searchParams.set("sdkVersion",c.VERSION_NAME);const r=document.createElement("img");r.onload=()=>{this.logger.trace("pixel loaded"),e("")},r.onerror=()=>{this.logger.trace("pixel load error"),t(new Error("pixel load error"))},r.src=this.url.toString()}))}))}}t.PixelFinishStep=class{execute(e){return Promise.resolve(void 0)}}},7834:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(2715),s=r(2400),a=i(r(4517)),c=r(6639);class l{constructor(e){this._providedDeviceDescriptor=e}get providedDeviceDescriptor(){return this._providedDeviceDescriptor}get deviceDescriptor(){return this._deviceDescriptor}get authUrl(){return this._authUrl}get vfp(){return this._vfp}}class u{constructor(){this.currentStep=s.StepCode.PRE_CHECK,this.timedOut=!1}}t.default=class{constructor(e,t,r,n,i=0){this.deviceDescriptorStep=e,this.startStep=t,this.authenticationStep=r,this.finishStep=n,this.timeout=i,this.logger=o.LoggerFactory.getLogger("auth")}executeStep(e,t,r,i){var o;return n(this,void 0,void 0,(function*(){if(e.timedOut)throw new Error("timeout");try{e.currentStep=t,this.logger.debug(`execute step ${s.StepCode[t]}`);let n=yield r.execute(i);return this.logger.debug(`executed step ${s.StepCode[t]}`),n}catch(e){const r=null!==(o=e.errorCode)&&void 0!==o?o:c.ErrorCode.GENERIC_UNKNOWN_REASON;throw new a.default(t,r,e.message)}}))}authenticate(e){return new Promise(((t,r)=>{const n=new u;let i;this.timeout>0&&(i=setTimeout((()=>{n.timedOut=!0,r(new a.default(n.currentStep,c.ErrorCode.GENERIC_TIMEOUT,`authenticator timeout after ${this.timeout}ms`))}),this.timeout)),this.executeAuth(n,e).then((e=>{n.timedOut||(clearTimeout(i),t(e))}),(e=>{n.timedOut||(clearTimeout(i),r(e))}))}))}executeAuth(e,t){return n(this,void 0,void 0,(function*(){const r=new l(t);r._deviceDescriptor=(yield this.executeStep(e,s.StepCode.DEVICE_DESCRIPTOR,this.deviceDescriptorStep,r)).deviceDescriptor,this.logger.info(`deviceDescriptor=${r.deviceDescriptor}`),r._authUrl=(yield this.executeStep(e,s.StepCode.START,this.startStep,r)).authUrl,this.logger.info(`authUrl=${r.authUrl}`),r._vfp=(yield this.executeStep(e,s.StepCode.AUTHENTICATION,this.authenticationStep,r)).vfp,this.logger.info(`vfp=${r.vfp}`);const n=yield this.executeStep(e,s.StepCode.FINISH,this.finishStep,r);return this.logger.info("result",n),n}))}}},5386:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=r(6639),s=i(r(79)),a=i(r(6902));t.default=class{constructor(e){this.ipQueryUrl=null!=e?e:"https://device.payfone.com:4443/whatismyipaddress"}execute(e){return n(this,void 0,void 0,(function*(){if(e.providedDeviceDescriptor)return{deviceDescriptor:e.providedDeviceDescriptor};const t=yield fetch("https://device.payfone.com:4443/whatismyipaddress");if(t.ok)return{deviceDescriptor:new s.default(yield t.text())};throw new a.default(o.ErrorCode.GENERIC_COMMUNICATION_ERROR,`ip api response=${t.status}`)}))}}},689:function(e,t,r){var n=this&&this.__awaiter||function(e,t,r,n){return new(r||(r=Promise))((function(i,o){function s(e){try{c(n.next(e))}catch(e){o(e)}}function a(e){try{c(n.throw(e))}catch(e){o(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(s,a)}c((n=n.apply(e,t||[])).next())}))},i=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const o=i(r(79));t.default=class{execute(e){var t;return n(this,void 0,void 0,(function*(){return{deviceDescriptor:null!==(t=e.providedDeviceDescriptor)&&void 0!==t?t:new o.default}}))}}},3060:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=class{}},4517:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const n=r(6639),i=r(2400);class o extends Error{constructor(e,t,r){super(`${r} (stepCode=${i.StepCode[e]}, errorCode=${n.ErrorCode[t]})`),this.stepCode=e,this.errorCode=t,Error.captureStackTrace&&Error.captureStackTrace(this,o),this.name="AuthProcessError",this.stepCode=e}}t.default=o},79:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{static ip(e){return new r(e)}constructor(e,t,r){this.ip=e,this.mno=t,this.phoneNumber=r}toString(){return`ip=[${this.ip}] mno=[${this.mno}] phoneNumber=[${this.phoneNumber}]`}}t.default=r},2400:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.StepCode=void 0,(r=t.StepCode||(t.StepCode={}))[r.PRE_CHECK=16]="PRE_CHECK",r[r.DEVICE_DESCRIPTOR=32]="DEVICE_DESCRIPTOR",r[r.START=48]="START",r[r.AUTHENTICATION=64]="AUTHENTICATION",r[r.FINISH=80]="FINISH"},9843:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.VERSION_CODE=t.VERSION_NAME=void 0,t.VERSION_NAME="3.0.0",t.VERSION_CODE=3e4},3607:function(e,t,r){var n=this&&this.__createBinding||(Object.create?function(e,t,r,n){void 0===n&&(n=r);var i=Object.getOwnPropertyDescriptor(t,r);i&&!("get"in i?!t.__esModule:i.writable||i.configurable)||(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,n,i)}:function(e,t,r,n){void 0===n&&(n=r),e[n]=t[r]}),i=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t}),o=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var r in e)"default"!==r&&Object.prototype.hasOwnProperty.call(e,r)&&n(t,e,r);return i(t,e),t},s=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.BuildConfig=t.PhoneValidationError=t.OtpError=t.OtpFinishResultType=t.MobileAuthImplementation=t.LogLevel=t.LoggerFactory=t.DeviceRole=t.CancelablePromise=t.AuthResponseStatus=t.AuthenticatorBuilder=t.VERSION=void 0;const a=r(6462);Object.defineProperty(t,"VERSION",{enumerable:!0,get:function(){return a.VERSION}});const c=o(r(4817));t.AuthenticatorBuilder=c.default,Object.defineProperty(t,"DeviceRole",{enumerable:!0,get:function(){return c.DeviceRole}}),Object.defineProperty(t,"MobileAuthImplementation",{enumerable:!0,get:function(){return c.MobileAuthImplementation}});const l=r(5501);Object.defineProperty(t,"BuildConfig",{enumerable:!0,get:function(){return l.BuildConfig}});const u=r(6267);Object.defineProperty(t,"AuthResponseStatus",{enumerable:!0,get:function(){return u.AuthResponseStatus}});const d=r(1727);Object.defineProperty(t,"LoggerFactory",{enumerable:!0,get:function(){return d.LoggerFactory}}),Object.defineProperty(t,"LogLevel",{enumerable:!0,get:function(){return d.LogLevel}});const h=s(r(4610));t.CancelablePromise=h.default;const f=r(3794);Object.defineProperty(t,"PhoneValidationError",{enumerable:!0,get:function(){return f.PhoneValidationError}});const g=r(8864);Object.defineProperty(t,"OtpError",{enumerable:!0,get:function(){return g.OtpError}}),Object.defineProperty(t,"OtpFinishResultType",{enumerable:!0,get:function(){return g.OtpFinishResultType}})},4817:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.MobileAuthImplementation=t.DeviceRole=void 0;const i=r(1092),o=n(r(8370)),s=n(r(6736)),a=n(r(1840)),c=n(r(7625)),l=n(r(3075)),u=n(r(8907)),d=n(r(1703)),h=n(r(6185)),f=n(r(1044)),g=n(r(1474)),p=n(r(9790)),v=r(2207),_=n(r(9568)),E=r(1727),m=n(r(7370)),R=r(5501);var O,A;!function(e){e[e.Primary=0]="Primary",e[e.Secondary=1]="Secondary"}(O=t.DeviceRole||(t.DeviceRole={})),function(e){e.Pixel="pixel",e.Fetch="fetch"}(A=t.MobileAuthImplementation||(t.MobileAuthImplementation={})),t.default=class{constructor(){this.role=O.Primary,this.mobileAuthImplementation=A.Fetch,this.upkEnabled=!1,this.log=E.LoggerFactory.getLogger("authenticator-builder"),"undefined"!=typeof window&&(this.storage=window.localStorage,this.platform=new i.WebPlatform)}withDeviceContext(e){return this.deviceContextOptions=e,this}withAuthFinishStep(e){return this.authFinishStep="function"==typeof e?{execute:t=>e(t)}:e,this}withDisplayName(e){return this.getDisplayName="function"==typeof e?e:()=>e,this}withAuthMessageHandler(e){return this.authMessageHandler=e,this}withStorage(e){return this.storage=e,this}withPlatform(e){return this.platform=e,this}withRole(e){return this.role=e,this}withMobileAuthImplementation(e){return this.mobileAuthImplementation=e,this}withDeviceIpAddress(e){return this.getDeviceIp="function"==typeof e?e:()=>e,this}withOtpFallback(e,t){return this.otpStartStep="function"==typeof e?{execute:e}:e,this.otpFinishStep="function"==typeof t?{execute:t}:t,this}withInstantLinkFallback(e){return this.instantLinkStartStep="function"==typeof e?{execute:e}:e,this}withUPKEnabled(){return this.withUniversalProveKey()}withUniversalProveKey(e){return this.userConsentStep=e?"function"==typeof e?{execute:e}:e:{execute:()=>Promise.resolve({consentGranted:!0})},this.upkEnabled=null!=this.userConsentStep,this}getUrlsByBuildConfig(e){switch(e){case R.BuildConfig.US_PROD:return[R.ProveAuthProxyScriptUrl.DEFAULT_US_PROD_SCRIPT_URL.toString(),R.ProveAuthProxyEndpoint.DEFAULT_US_PROD_ENDPOINT.toString()];case R.BuildConfig.US_UAT:return[R.ProveAuthProxyScriptUrl.DEFAULT_US_UAT_SCRIPT_URL.toString(),R.ProveAuthProxyEndpoint.DEFAULT_US_UAT_ENDPOINT.toString()];case R.BuildConfig.DEV:return this.log.debug("Recommended for Prove's internal testing only, BuildConfig.DEV might need custom endpoint URL and custom script URL values to bypass ad blockers"),[void 0,void 0];default:return this.log.warn("Unknown BuildConfig value: "+e),[void 0,void 0]}}getRegionByBuildConfig(e){var t;switch(e){case R.BuildConfig.DEV:case R.BuildConfig.US_PROD:case R.BuildConfig.US_UAT:t="us";break;default:this.log.warn("Unknown BuildConfig value, set Region to default value: us"),t="us"}return t}getFpPromiseInstanceFromOptions(e){try{const t=r(6616);if(t){if(e){let r=this.getRegionByBuildConfig(e.buildConfig),[n,i]=this.getUrlsByBuildConfig(e.buildConfig);e.customScriptUrl&&e.customEndpointUrl&&(n=e.customScriptUrl,i=e.customEndpointUrl);const o=n?[`${n}?apiKey=<apiKey>&version=<version>&loaderVersion=<loaderVersion>`,t.defaultScriptUrlPattern]:[t.defaultScriptUrlPattern],s=i?[`${i}?region=${r}`,t.defaultEndpoint]:[t.defaultEndpoint],a=t.load({apiKey:e.publicApiKey,endpoint:s,scriptUrlPattern:o,region:r}),c=a?"successfully":"unsuccessfully with null instance";return this.log.trace(`Instantiating FingerprintJS ${c}`),a}this.log.warn("Prove Key Persistence feature is not enabled")}else this.log.debug("fingerprintjs package is not installed or failed to load")}catch(e){this.log.trace("FingerprintJS is not installed or failed to load",e)}}withPasskeyAlreadyExistCallback(e){return this.passkeyCreationHandler=e,this}build(){var e;if(!this.platform)throw new Error("Implementation of Platform is required");if(!this.storage)throw new Error("Implementation of Storage is required");const t=this.getFpPromiseInstanceFromOptions(this.deviceContextOptions);t&&(null===(e=this.platform)||void 0===e||e.setFpPromise(t));const r=new m.default(this.storage);return r.upkEnabled=this.upkEnabled,this.role===O.Primary?new _.default(this.platform,r,this.authFinishStep,[new p.default(this.upkEnabled),new v.DeviceUniversalRedirectExchangeStep,new v.DeviceUniversalRedirectFinishStep,new s.default(this.getDisplayName,this.passkeyCreationHandler,this.role),new g.default(this.getDisplayName,this.passkeyCreationHandler),new f.default(this.upkEnabled,this.userConsentStep),new o.default,new a.default,new c.default(this.mobileAuthImplementation,this.getDeviceIp),new l.default(this.instantLinkStartStep,this.getDeviceIp),new u.default(this.otpStartStep,this.otpFinishStep),new h.default,new d.default(this.authMessageHandler)]):new _.default(this.platform,r,this.authFinishStep,[new s.default(this.getDisplayName,void 0,this.role),new c.default(this.mobileAuthImplementation,this.getDeviceIp),new l.default(this.instantLinkStartStep,this.getDeviceIp)])}}},8607:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{static stringToBase64(e){return e.replace(/\-/g,"+").replace(/_/g,"/")+"=".repeat(e.length%4?4-e.length%4:0)}static bufferDecode(e){return Uint8Array.from(atob(r.stringToBase64(e)),(e=>e.charCodeAt(0)))}static bufferEncode(e){const t=ArrayBuffer.isView(e)?e.buffer:e;return btoa(String.fromCharCode.apply(null,Array.from(new Uint8Array(t)))).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}}t.default=r},4610:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.default=class extends Promise{constructor(e){let t=()=>{};super(((r,n)=>e(r,n,(e=>t=e)))),this.onCancel=()=>{t()}}cancel(){this.onCancel()}}},1727:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.LoggerFactory=t.LogLevel=void 0,function(e){e[e.disabled=0]="disabled",e[e.error=1]="error",e[e.warn=2]="warn",e[e.info=3]="info",e[e.debug=4]="debug",e[e.trace=5]="trace"}(r=t.LogLevel||(t.LogLevel={}));class n{static setLogLevel(e){n.logLevel=e}static setLogWriter(e){n.logWriter=e}static getLogger(e){return{trace:(...t)=>{n.logLevel>=r.trace&&n.logWriter.write(r.trace,e+": ",...t)},debug:(...t)=>{n.logLevel>=r.debug&&n.logWriter.write(r.debug,e+": ",...t)},info:(...t)=>{n.logLevel>=r.info&&n.logWriter.write(r.info,e+": ",...t)},warn:(...t)=>{n.logLevel>=r.warn&&n.logWriter.write(r.warn,e+": ",...t)},error:(...t)=>{n.logLevel>=r.error&&n.logWriter.write(r.error,e+": ",...t)}}}}n.logWriter=new class{write(e,...t){switch(e){case r.trace:case r.debug:console.debug(...t);break;case r.info:console.info(...t);break;case r.warn:console.warn(...t);break;case r.error:console.error(...t)}}},n.logLevel=r.info,t.LoggerFactory=n},5501:(e,t)=>{var r,n,i;Object.defineProperty(t,"__esModule",{value:!0}),t.BuildConfig=t.ProveAuthProxyEndpoint=t.ProveAuthProxyScriptUrl=void 0,(i=t.ProveAuthProxyScriptUrl||(t.ProveAuthProxyScriptUrl={})).DEFAULT_US_UAT_SCRIPT_URL="https://upk.uat.prove-auth.proveapis.com/vFqZceQyx8/uqLttozA7q",i.DEFAULT_US_PROD_SCRIPT_URL="https://upk.prove-auth.proveapis.com/vf82rhgDRK/r4VnwuwPUd",(n=t.ProveAuthProxyEndpoint||(t.ProveAuthProxyEndpoint={})).DEFAULT_US_UAT_ENDPOINT="https://upk.uat.prove-auth.proveapis.com/vFqZceQyx8/bt9xhGAgQw",n.DEFAULT_US_PROD_ENDPOINT="https://upk.prove-auth.proveapis.com/vf82rhgDRK/ePaZsNne4X",(r=t.BuildConfig||(t.BuildConfig={})).DEV="DEV",r.US_UAT="US_UAT",r.US_PROD="US_PROD"},3350:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r extends Error{constructor(e,t,r,n){super(e),this.code=t,this.nextStep=r,this.reportable=void 0===n||n}static extractMessage(e){let t="";if(e){const r="message";e[r]?t=e[r]:(t=e.toString(),t.startsWith("[object ")&&(t=JSON.stringify(e)))}return t}}t.default=r},6267:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.AuthResponseStatus=void 0,(r=t.AuthResponseStatus||(t.AuthResponseStatus={})).Accept="accept",r.Reject="reject",r.Cancel="cancel",r.Unexpected="unexpected",r.Timeout="timeout",r.Unknown="unknown"},1204:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),o=r(6462),s=r(2102),a=n(r(5186)),c=r(1786);class l{get namespace(){var e;return(null===(e=this.claims)||void 0===e?void 0:e.auth.ans)||this.settings.namespace}get backendOrigin(){var e;return this.backendOriginOverride||(null===(e=this.claims)||void 0===e?void 0:e.auth.endp)}get authId(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.id}get challenge(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.chlg}get next(){var e;return null===(e=this.claims)||void 0===e?void 0:e.auth.next}constructor(e,t,r){var n,o;this.channels=new Set,this.log=i.LoggerFactory.getLogger("auth-session"),this.platform=t,this.authToken=r,this.settings=e,r&&(this.claims=this.parseJwt(r),this.settings.namespace=this.claims.auth.ans,this.uvLevel=(null===(o=null===(n=this.claims.auth.subs.dev)||void 0===n?void 0:n.auths.pasv)||void 0===o?void 0:o.uvlvl)||s.UserVerificationLevel.Discouraged),this.requestSigner=t.createRequestSigner(this)}fetchFromBackend(e,t){const r="POST",n="application/json",i=JSON.stringify(t),s=e.split("?"),c=s[0],l=s.length>1?s[1]:"",u=new Headers({Accept:n,"Content-Type":n,"PA-Version":o.USER_AGENT_VERSIONS});return this.authToken&&u.set("Authorization","Bearer "+this.authToken),new Promise(((t,o)=>{this.requestSigner.sign(r,c,l,n,i).then((n=>{n&&(u.set("PA-Sig-Version",n.version),u.set("PA-Challenge",n.challenge),u.set("PA-KID",n.keyId),u.set("PA-Signature",n.signature)),this.platform.fetch(this.backendOrigin+e,{mode:"cors",method:r,headers:u,body:i}).then((e=>e.json())).then((e=>{e.error&&e.error.code===a.default.ERROR_NO_DEVICE_FOUND&&(this.settings.reset(),this.platform.deviceAuth.reset()),t(e)})).catch(o)})).catch(o)}))}static parseCloseEvent(e){var t=c.WebSocketCloseReasons.UNKNOWN_REASON;switch(e.code){case 1e3:t=c.WebSocketCloseReasons.NORMAL_CLOSURE;break;case 1001:t=c.WebSocketCloseReasons.GOING_AWAY;break;case 1002:t=c.WebSocketCloseReasons.PROTOCOL_ERROR;break;case 1003:t=c.WebSocketCloseReasons.UNSUPPORTED_DATA;break;case 1005:t=c.WebSocketCloseReasons.NO_STATUS_RECEIVED;break;case 1006:t=c.WebSocketCloseReasons.ABNORMAL_CLOSURE;break;case 1007:t=c.WebSocketCloseReasons.INVALID_FRAME_PAYLOAD_DATA;break;case 1008:t=c.WebSocketCloseReasons.POLICY_VIOLATION;break;case 1009:t=c.WebSocketCloseReasons.MESSAGE_TOO_BIG;break;case 1010:t=c.WebSocketCloseReasons.MANDATORY_EXTENSION;break;case 1011:t=c.WebSocketCloseReasons.INTERNAL_ERROR;break;case 1015:t=c.WebSocketCloseReasons.TLS_HANDSHAKE}return[t,e.code]}createMessageChannel(e,t,r,n){if(!this.authToken)throw new Error("Authentication token is not initialized, cannot create MessageChannel");const i=this.backendOrigin.replace(/^http/,"ws"),o=this.platform.createMessageChannel(i+e);var s=!0;const a=setInterval((()=>{s?(this.log.trace("Sending ping message"),s=!1,o.send("ping")):(this.log.warn("Failed to receive ping response in time, closing the channel"),clearInterval(a),o.close(),r("Channel communication stalled"),this.channels.delete(o))}),3e4);return o.addEventListener("close",(e=>{var r=e.code?`with status code: ${e.code}`:"without status code";this.log.debug(`Message channel is closed ${r}`),clearInterval(a),this.channels.delete(o);const[n,i]=l.parseCloseEvent(e);t(n,i)})),o.addEventListener("error",(e=>{this.log.debug("Message channel encountered an error"),this.log.debug(e)})),o.addEventListener("message",(e=>{if(this.log.trace("Message channel received a message"),this.log.trace(e),"origin"in e&&e.origin!==i)r("Unexpected origin");else{const t=e.data;t&&"string"==typeof t?"pong"===t?s=!0:n(t):n(e.toString())}})),this.channels.add(o),o}closeAllMessageChannels(){this.log.trace("Closing all message channels, total "+this.channels.size+" registered channels");const e=new Set(this.channels);e.forEach((e=>e.close())),e.clear(),this.channels.clear()}getDeviceRegistration(){return new Promise(((e,t)=>{this.platform.deviceAuth.getRegistration(this.namespace).then((t=>{t&&(this.backendOriginOverride?this.log.debug("Not overriding backend URL since it has been already set"):(this.backendOriginOverride=t.endpoint,this.log.debug("backend URL overridden with "+this.backendOriginOverride))),e(t)})).catch(t)}))}embedFpResultToDeviceRegistration(e){return new Promise((t=>{this.getFingerprintData().then((r=>{r&&e.setFpSignal(r),t(e)})).catch((t=>{const r=`Unexpected error happened during Fingerprint data collection: ${t.toString}`;this.log.warn(r),e.setFpSignal({error:r})}))}))}getFingerprintData(){return new Promise((e=>{var t=this.platform.getFpPromise();if(this.shouldCollectFP())if(t)t.then((e=>e.get())).then((t=>{if(t.sealedResult)this.log.debug(`FP result: ${t.sealedResult}`),e({results:t.sealedResult});else{const t="Cannot found sealed result in Fingerprint returned payload";this.log.warn(t),e({error:t})}})).catch((t=>{const r=`Error in collecting Fingerprint data: ${t.toString}`;this.log.warn(r),e({error:r})}));else{const t="Found null instance of Fingerprint, check if your input API key is valid";this.log.warn(t),e({error:t})}else this.log.debug("Fingerprint is not enabled from AuthToken"),e(void 0)}))}shouldCollectFP(){var e,t,r;return!!(null===(r=null===(t=null===(e=this.claims)||void 0===e?void 0:e.auth.subs.dev)||void 0===t?void 0:t.sgnls)||void 0===r?void 0:r.fpt)}parseJwt(e){return JSON.parse(atob(e.split(".")[1]))}}t.default=l},3225:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.AuthStatusActions=void 0;const i=r(1727),o=n(r(3350));t.AuthStatusActions=class{constructor(){this.log=i.LoggerFactory.getLogger("auth-status-actions")}waitForStatus(e){var t=!1;return this.log.trace("Waiting for auth status"),new Promise(((r,n)=>{const i=e.createMessageChannel("/v1/client/status?token="+encodeURIComponent(e.authToken),((e,r)=>{t||n(new o.default(`Failed to receive secondary authentication with status code ${r}. ${e}`))}),(e=>{t=!0,n(new o.default("Failed to receive secondary authentication status: "+e))}),(s=>{t=!0;try{this.log.debug("Secondary authentication status: "+s);const t=JSON.parse(s);t.error?n(new o.default(t.error.message,t.error.code,t.next,!1)):(e.lastStep=t.next,r(t.next))}catch(e){n(e)}finally{this.log.trace("Closing channel"),i.close()}}))}))}}},2102:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.UserVerificationLevel=void 0,(r=t.UserVerificationLevel||(t.UserVerificationLevel={})).Discouraged="none",r.Preferred="pref",r.Required="req"},8370:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=n(r(8607)),o=r(1727),s=n(r(3350)),a=n(r(5186)),c=n(r(1840));class l{constructor(){this.log=o.LoggerFactory.getLogger("device-passive-register-step"),this.name=l.NAME}execute(e){return new Promise(((t,r)=>{l.hasAssertionResponse(e)?c.default.runFidoVerify(this.log,e).then(t).catch(r):e.getDeviceRegistration().then((n=>{n?e.embedFpResultToDeviceRegistration(n).then((n=>{this.finishRegistration(e,[this.getFido2Registration(e)],n.getSignals()).then(t).catch(r)})):e.platform.deviceAuth.createRegistration({namespace:e.namespace,endpoint:e.backendOrigin}).then((t=>e.embedFpResultToDeviceRegistration(t))).then((n=>{n.getAuthRegistration(e.challenge).then((t=>this.finishRegistration(e,[this.getFido2Registration(e),t],n.getSignals()))).then((i=>{n.deviceId=e.settings.deviceId,e.platform.deviceAuth.storeRegistration(n).then((()=>t(i))).catch(r)})).catch(r)})).catch(r)})).catch(r)}))}static hasAssertionResponse(e){const t=e.credential.response;return t&&"authenticatorData"in t&&"signature"in t}finishRegistration(e,t,r){return new Promise(((n,i)=>{e.fetchFromBackend("/v1/client/device/fido2/register/finish",{deviceName:e.platform.getPlatformName(),deviceCapabilities:e.platform.getDeviceCapabilities(),registrations:t,signals:r}).then((t=>{if(t.error)i(new s.default(t.error.message,t.error.code,t.next,!1));else{const r=t.data;r?(r.deviceId&&(e.settings.deviceId=r.deviceId,e.settings.fidoPasskeyRegistered=!0),r.scanMessage&&(e.authMessage=r.scanMessage),n(t.next)):i(new s.default("Failed to register device, returned deviceId is null or empty",a.default.ERROR_AUTHENTICATION_FAILURE,t.next,!1))}})).catch(i)}))}getFido2Registration(e){const t=e.credential,r=t.response;return{webAuthnCredential:{type:null==t?void 0:t.type,id:null==t?void 0:t.id,rawId:i.default.bufferEncode(null==t?void 0:t.rawId),response:{attestationObject:i.default.bufferEncode(r.attestationObject),clientDataJSON:i.default.bufferEncode(r.clientDataJSON)}}}}}l.NAME="device/passive/register",t.default=l},1044:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),o=n(r(3350));class s{constructor(e,t){this.name=s.NAME,this.log=i.LoggerFactory.getLogger("device-passive-silent-step"),this.forUPK=e,this.userConsentStep=null!=t?t:{execute:()=>Promise.resolve({consentGranted:!0})}}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{e.getDeviceRegistration().then((n=>{n?e.embedFpResultToDeviceRegistration(n).then((n=>{this.verify(e,n).then(t).catch(r)})):this.userConsentStep.execute().then((n=>{n.consentGranted?e.platform.deviceAuth.createRegistration({namespace:e.namespace,endpoint:e.backendOrigin}).then((t=>e.embedFpResultToDeviceRegistration(t))).then((t=>this.register(e,t))).then(t).catch(r):r(new Error("User denied the consent to register the device"))})).catch(r)})).catch(r)}))}getBackendRegisterEndpoint(){return this.forUPK?"/v1/client/device/universal/register":"/v1/client/device/passive/register"}getBackendVerifyEndpoint(){return this.forUPK?"/v1/client/device/universal/verify":"/v1/client/device/passive/verify"}register(e,t){return this.log.trace("Registering"),new Promise(((r,n)=>{t.getAuthRegistration(e.challenge).then((i=>{e.fetchFromBackend(this.getBackendRegisterEndpoint(),{deviceName:e.platform.getPlatformName(),deviceCapabilities:e.platform.getDeviceCapabilities(),registrations:[i],signals:t.getSignals()}).then((i=>{if(i.error)n(new o.default(i.error.message,i.error.code,i.next,!1));else{const s=i,a=s.data.deviceId;a||n(new o.default("Failed to register device, returned deviceId is null or empty",0,i.next)),e.settings.deviceId=a,e.settings.fidoPasskeyRegistered=s.data.passkey,t.deviceId=a,this.log.debug("Device ID: "+a);const c=i.data;c&&c.scanMessage&&(e.authMessage=c.scanMessage),e.platform.deviceAuth.storeRegistration(t).then((()=>r(i.next))).catch(n)}})).catch(n)}))}))}verify(e,t){return this.log.trace("Verifying"),new Promise(((r,n)=>{if(t.deviceId){const i=t.deviceId+":"+e.challenge;t.sign(i).then((i=>{e.fetchFromBackend(this.getBackendVerifyEndpoint(),{deviceId:t.deviceId,keyId:t.keyId,signature:i,signals:t.getSignals()}).then((e=>{e.error?n(new o.default(e.error.message,e.error.code,e.next,!1)):r(e.next)})).catch(n)}))}else n(new o.default("Failed to initiate verification, DeviceId is missing"))}))}}s.NAME="device/passive/silent",t.default=s},6736:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.DevicePassiveActions=void 0;const i=r(1727),o=n(r(8607)),s=n(r(1044)),a=r(2102),c=n(r(3350)),l=r(4817),u=r(3225),d=r(9229),h=r(6267);class f extends u.AuthStatusActions{constructor(e,t){super(),this.log=i.LoggerFactory.getLogger("device-passive-actions"),this.getDisplayName=e||(()=>null),this.handler=t}register(e,t){return this.log.trace("Registering Passkey"),new Promise(((r,n)=>{const i=this.getDisplayName();e.fetchFromBackend("/v1/client/device/fido2/register/start",{displayName:i||void 0,signals:t}).then((t=>{var o,s;if(t.error)n(new c.default(t.error.message,t.error.code,t.next,!1));else{const a=null===(o=t.data)||void 0===o?void 0:o.credCreateOptions,l=null===(s=t.data)||void 0===s?void 0:s.credRequestOptions;if(a)this.createCredentials(e,i,a,t).then(r).catch(n);else if(l)this.getCredentials(e,l,t).then(r).catch(n);else{const e=new c.default(f.NO_CREDS_FOUND);n(e)}}})).catch(n)}))}verify(e){return this.log.trace("Verifying Passkey"),new Promise(((t,r)=>{e.settings.deviceId?e.fetchFromBackend("/v1/client/device/fido2/verify/start",{deviceId:e.settings.deviceId}).then((n=>{if(n.error)r(new c.default(n.error.message,n.error.code,n.next,!1));else{const i=n.data.credRequestOptions;this.getCredentials(e,i,n).then(t).catch(r)}})).catch(r):r(new c.default("Failed to start verification, DeviceId is missing"))}))}createCredentials(e,t,r,n){return this.log.trace("Trying create new FIDO credentials"),new Promise(((i,s)=>{r.challenge=o.default.bufferDecode(r.challenge),r.user.id=o.default.bufferDecode(r.user.id),t&&(r.user.displayName=t),r.excludeCredentials&&r.excludeCredentials.forEach((e=>{e.id=o.default.bufferDecode(e.id)}));const a={publicKey:r};e.platform.webauthn.createCredentials(a).then((t=>{t?(e.credential=t,i(n.next)):s(new c.default("Failed to create FIDO2 credentials"))})).catch((t=>{const r=d.FidoOptionsError.identifyRegistrationError({error:t,options:a,platform:e.platform});r instanceof d.FidoOptionsError&&"InvalidStateError"===r.name?this.handler?(this.log.trace("Passkey handler callback has been defined"),this.handler().then((t=>{t===h.AuthResponseStatus.Accept?this.parseCredRequestOptions(n,e).then(i).catch(s):s(new c.default(`${f.USER_NOT_ACCEPTING_RESPONSE}: ${t}`))})).catch(s)):(this.log.trace("Passkey handler callback is null, go ahead with passkey discoverable as default behavior"),this.parseCredRequestOptions(n,e).then(i).catch(s)):s(r)}))}))}parseCredRequestOptions(e,t){return new Promise(((r,n)=>{const i=e.data;if(i.credRequestOptions){const o=i.credRequestOptions;this.getCredentials(t,o,e).then(r).catch(n)}else n(new c.default(f.NO_REQUEST_CREDS_FOUND))}))}getCredentials(e,t,r){return this.log.trace("Trying get existing FIDO credentials"),new Promise(((n,i)=>{var s,a;if(0==(null===(s=t.allowCredentials)||void 0===s?void 0:s.length))i(new c.default("AllowCredentials array should not be empty when call getCredentials()"));else{t.challenge=o.default.bufferDecode(t.challenge),t.allowCredentials&&(null===(a=t.allowCredentials)||void 0===a||a.forEach((e=>{e.id=o.default.bufferDecode(e.id)})));const s={publicKey:t};e.platform.webauthn.getCredentials(s).then((t=>{t?(e.credential=t,n(r.next)):i(new c.default("Failed to load FIDO2 credentials"))})).catch((t=>{const r=d.FidoOptionsError.identifyAuthenticationError({error:t,options:s,platform:e.platform});i(r)}))}}))}}f.NO_REQUEST_CREDS_FOUND="Passkey has already been registered but found no CredentialRequestOptions in the fido/register/start response payload",f.NO_CREDS_FOUND="Neither credCreateOptions nor credRequestOptions are found in the fido/register/start response payload",f.USER_NOT_ACCEPTING_RESPONSE="User not accepting to continue by reusing the existing passkey with user response",t.DevicePassiveActions=f;class g extends f{constructor(e,t,r){super(e,t),this.name=g.NAME,this.role=null!=r?r:l.DeviceRole.Primary,this.log=i.LoggerFactory.getLogger("device-passive-step")}execute(e){return this.role==l.DeviceRole.Secondary?this.waitForStatus(e):e.platform.isFidoSupported()&&e.uvLevel!==a.UserVerificationLevel.Discouraged?e.settings.deviceId?e.settings.fidoPasskeyRegistered?this.verify(e):Promise.resolve(s.default.NAME):new Promise(((t,r)=>{e.getFingerprintData().then((n=>{const i={fingerprint:n};this.register(e,i).then(t).catch(r)})).catch((n=>{const i=`Unexpected error happened during Fingerprint data collection: ${n.message}`;this.log.warn(i),this.log.warn(n);const o={fingerprint:{error:i}};this.register(e,o).then(t).catch(r)}))})):Promise.resolve(s.default.NAME)}}g.NAME="device/passive",t.default=g},1474:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),i=r(6736);class o extends i.DevicePassiveActions{constructor(e,t){super(e,t),this.name=o.NAME,this.log=n.LoggerFactory.getLogger("device-passive-stepup-step")}execute(e){return e.platform.isFidoSupported()?e.settings.deviceId?e.settings.fidoPasskeyRegistered?Promise.reject(new Error("FIDO2 Passkey is already registered")):new Promise(((t,r)=>{e.getFingerprintData().then((n=>{const i={fingerprint:n};this.register(e,i).then(t).catch(r)})).catch((n=>{const i=`Unexpected error happened during Fingerprint data collection: ${n.message}`;this.log.warn(i),this.log.warn(n);const o={fingerprint:{error:i}};this.register(e,o).then(t).catch(r)}))})):Promise.reject(new Error("Device is not registered")):Promise.reject(new Error("FIDO2 is not supported"))}}o.NAME="device/passive/stepup",t.default=o},1840:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=n(r(8607)),o=r(1727),s=n(r(3350));class a{constructor(){this.log=o.LoggerFactory.getLogger("device-passive-verify-step"),this.name=a.NAME}execute(e){return new Promise(((t,r)=>{a.runFidoVerify(this.log,e).then(t).catch(r)}))}static runFidoVerify(e,t){return new Promise(((r,n)=>{t.getFingerprintData().then((i=>{const o={fingerprint:i};a.makeFidoVerifyFinishRequest(e,t,o).then(r).catch(n)})).catch((i=>{const o=`Unexpected error happened during Fingerprint data collection ${i.toString}`;e.warn(o);const s={fingerprint:{error:o}};a.makeFidoVerifyFinishRequest(e,t,s).then(r).catch(n)}))}))}static makeFidoVerifyFinishRequest(e,t,r){return new Promise(((n,o)=>{const a=t.credential,c=a.response;t.fetchFromBackend("/v1/client/device/fido2/verify/finish",{webAuthnAssertion:{type:null==a?void 0:a.type,id:null==a?void 0:a.id,rawId:i.default.bufferEncode(null==a?void 0:a.rawId),response:{authenticatorData:i.default.bufferEncode(c.authenticatorData),clientDataJSON:i.default.bufferEncode(c.clientDataJSON),signature:i.default.bufferEncode(c.signature),userHandle:c.userHandle?i.default.bufferEncode(c.userHandle):void 0}},signals:r}).then((r=>{if(r.error)o(new s.default(r.error.message,r.error.code,r.next,!1));else{const i=r.data;i?(i.deviceId&&(t.settings.deviceId=i.deviceId),i.passkey&&(t.settings.fidoPasskeyRegistered=!0),i.scanMessage&&(t.authMessage=i.scanMessage)):e.warn("No data was received in the response"),t.settings.fidoPasskeyRegistered=!0,n(r.next)}})).catch(o)}))}}a.NAME="device/passive/verify",t.default=a},2207:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.DeviceUniversalRedirectExchangeStep=t.DeviceUniversalRedirectFinishStep=t.DeviceUniversalRedirectBaseStep=void 0;const i=n(r(3350));class o{constructor(){this.name=""}execute(e){return new Promise(((t,r)=>{var n,o,s,a,c,l;let u=null===(l=null===(c=null===(a=null===(s=null===(o=null===(n=e.claims)||void 0===n?void 0:n.auth)||void 0===o?void 0:o.subs)||void 0===s?void 0:s.dev)||void 0===a?void 0:a.auths)||void 0===c?void 0:c.unvsl)||void 0===l?void 0:l.ftu;if(void 0!==u&&u){u+=`?authId=${e.authId}`;let n="";if("redirect/exchange"===this.name)n="authexchange";else{if("redirect/finish"!==this.name)return void r(new i.default(`Unknown UPK Step: ${this.name}`,0,e.next,!0));n="authfinish"}u+=`&next=${n}`,e.platform.urlRedirect(u),t("")}else r(new i.default("AuthToken claims do not contain final target URL",0,e.next,!0))}))}}t.DeviceUniversalRedirectBaseStep=o;class s extends o{constructor(){super(...arguments),this.name=s.NAME}}s.NAME="redirect/finish",t.DeviceUniversalRedirectFinishStep=s;class a extends o{constructor(){super(...arguments),this.name=a.NAME}}a.NAME="redirect/exchange",t.DeviceUniversalRedirectExchangeStep=a},9790:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),o=n(r(3350)),s=n(r(1044));class a{constructor(e){this.log=i.LoggerFactory.getLogger("device-universal-step"),this.name=a.NAME,this.forUPK=!1,this.forUPK=e}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{var n,i,a;if(this.forUPK)t(s.default.NAME);else{let s=null===(a=null===(i=null===(n=e.claims)||void 0===n?void 0:n.auth.subs.dev)||void 0===i?void 0:i.auths.unvsl)||void 0===a?void 0:a.endp;void 0!==s&&s?(s+=`?authId=${e.authId}&authtoken=${e.authToken}`,e.platform.urlRedirect(s),t("")):r(new o.default("AuthToken claims do not contain universal redirect URL",0,e.next,!0))}}))}}a.NAME="device/universal",t.default=a},5186:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0});class r{}r.ERROR_AUTHENTICATION_FAILURE=1e4,r.ERROR_AUTHENTICATION_EXTERNAL_FAILURE=10001,r.ERROR_AUTHENTICATION_CLIENT_FAILURE=10002,r.ERROR_AUTHENTICATION_PROHIBITED_ACTION=10003,r.ERROR_MISSING_AUTHENTICATOR_COMPLETION=10004,r.ERROR_MAX_ATTEMPTS=10005,r.ERROR_NO_DEVICE_FOUND=10006,t.default=r},9229:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.FidoOptionsError=void 0;class r extends Error{constructor({message:e,cause:t,name:r}){super(e,{cause:t}),this.name=null!=r?r:t.name}static identifyAuthenticationError({error:e,options:t,platform:n}){const{publicKey:i}=t;if(!i)return new r({message:r.MISSING_PUBLIC_KEY_PROPERTY,cause:new Error(r.MISSING_PUBLIC_KEY_PROPERTY)});if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new r({message:r.ABORT_SIGNAL,cause:e})}else{if("NotAllowedError"===e.name)return new r({message:e.message,cause:e});if("SecurityError"===e.name){const t=n.getOrigin();return i.rpId!==t?new r({message:`${r.INVALID_RP_ID}: ${i.rpId}`,cause:e}):new r({message:`${r.SECURITY_ERROR_FOUND}: ${e.message}`,cause:e})}if("UnknownError"===e.name)return new r({message:r.UNKNOWN_ERROR,cause:e})}return e}static identifyRegistrationError({error:e,options:t,platform:n}){var i,o,s;const{publicKey:a}=t;if(!a)return new r({message:r.MISSING_PUBLIC_KEY_PROPERTY,cause:new Error(r.MISSING_PUBLIC_KEY_PROPERTY)});if("InvalidStateError"===e.name)return new r({message:r.INVALID_STATE_ERROR,cause:e});if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new r({message:this.ABORT_SIGNAL,cause:e})}else if("ConstraintError"===e.name){if(!0===(null===(i=a.authenticatorSelection)||void 0===i?void 0:i.requireResidentKey))return new r({message:this.CONSTRAINT_ERROR,cause:e});if("conditional"===t.mediation&&"required"===(null===(o=a.authenticatorSelection)||void 0===o?void 0:o.userVerification))return new r({message:this.USER_VERIFICATION_NOT_POSSILE,cause:e});if("required"===(null===(s=a.authenticatorSelection)||void 0===s?void 0:s.userVerification))return new r({message:this.NO_MATCHING_AUTHENTICATOR,cause:e})}else{if("NotAllowedError"===e.name)return new r({message:e.message,cause:e});if("NotSupportedError"===e.name)return 0===a.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new r({message:this.INVALID_CRED_PARAMS,cause:e}):new r({message:r.NO_MATCHING_AUTHENTICATOR_FOR_PARAMS_ALGO,cause:e});if("SecurityError"===e.name){const t=n.getOrigin();return a.rp.id!==t?new r({message:`${r.INVALID_RP_ID}: ${a.rp.id}`,cause:e}):new r({message:`${r.SECURITY_ERROR_FOUND}: ${e.message}`,cause:e})}if("TypeError"===e.name){if(a.user.id.byteLength<1||a.user.id.byteLength>64)return new r({message:r.INVALID_USER_ID_LENGTH,cause:e})}else if("UnknownError"===e.name)return new r({message:r.UNKNOWN_ERROR,cause:e})}return e}}r.MISSING_PUBLIC_KEY_PROPERTY="options missing publicKey property",r.ABORT_SIGNAL="Authentication was sent an abort signal",r.INVALID_STATE_ERROR="The authenticator was already registered",r.UNKNOWN_ERROR="Unknown error: the authenticator was unable to process the predefined options, or unable to generate a new credential",r.SECURITY_ERROR_FOUND="Security error found",r.INVALID_RP_ID="The rp.id is not valid for the current domain",r.CONSTRAINT_ERROR="Discoverable credentials is required but found no matching supported authenticator",r.USER_VERIFICATION_NOT_POSSILE="User verification is required during automatic registration but this could not be performed",r.NO_MATCHING_AUTHENTICATOR="User verification is required but found no matching supported authenticator",r.INVALID_CRED_PARAMS="No entry in pubKeyCredParams having the type of public-key",r.NO_MATCHING_AUTHENTICATOR_FOR_PARAMS_ALGO="No available authenticator supported any of the specified pubKeyCredParams algorithms",r.INVALID_USER_ID_LENGTH="User ID has invalid length",t.FidoOptionsError=r},9568:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),o=n(r(4610)),s=n(r(1204)),a=n(r(3350)),c=n(r(6105)),l=n(r(5186));class u{constructor(e,t,r,n){if(this.steps=new Map,this.log=i.LoggerFactory.getLogger("main-authenticator"),this.platform=e,this.authFinishStep=r,this.settings=t,n)for(let e of n)this.steps.set(e.name,e)}isPasskeyRegistered(){return this.settings.fidoPasskeyRegistered}isFidoSupported(){return this.platform.isFidoSupported()}isDeviceRegistered(){return null!==this.settings.deviceId}isMobileWeb(){const e=this.platform.getUserAgent();return null!==e&&/Mobi|Android|webOS|iPhone|iPad|BlackBerry|Opera Mini/i.test(e)}getDeviceId(){return this.settings.deviceId}resetDeviceSettings(){this.settings.reset(),this.platform.deviceAuth.reset()}authenticate(e){return new o.default(((t,r,n)=>{e||r(new Error("No authentication token provided")),this.authFinishStep||r(new Error("AuthFinish step must be specified"));try{const i=new s.default(this.settings,this.platform,e),o=this.process(i);n((()=>o.cancel())),o.then((()=>{var e;if(i.lastStep!==u.AUTH_EMPTY)return this.log.info("Authentication flow has been completed."),null===(e=this.authFinishStep)||void 0===e?void 0:e.execute({authId:i.authId});this.log.info("Next step is not provided, authentication flow is terminated without completion."),t()})).then(t).catch(r)}catch(e){r(e)}}))}unregisterDevice(){return this.isDeviceRegistered()?new Promise(((e,t)=>{this.unregister("/v1/client/device/unregister").then((()=>{this.resetDeviceSettings(),e()})).catch(t)})):Promise.resolve()}unregisterPasskey(){return this.settings.fidoPasskeyRegistered?new Promise(((e,t)=>{this.unregister("/v1/client/stepup/unregister").then((()=>{this.settings.fidoPasskeyRegistered=!1,e()})).catch(t)})):Promise.resolve()}unregister(e){return new Promise(((t,r)=>{try{new s.default(this.settings,this.platform).fetchFromBackend(e,{deviceId:this.getDeviceId()}).then((e=>{e.error?r(new a.default(e.error.message,e.error.code,e.next,!1)):t()})).catch(r)}catch(e){r(e)}}))}process(e){return new o.default(((t,r,n)=>{n((()=>{this.log.info("Canceled"),e.closeAllMessageChannels(),t()})),this.nextStep(e,e.next,1).then(t).catch(r)}))}nextStep(e,t,r){return this.log.debug(`Authentication attempt ${r}, next step: ${t}`),e.lastStep=t,new Promise(((n,i)=>{[u.AUTH_DONE,u.AUTH_EMPTY].includes(t)?n():r>u.MAX_ATTEMPTS?i(new a.default("Too many authentication steps",l.default.ERROR_MAX_ATTEMPTS)):this.getNextStep(t).execute(e).then((t=>this.nextStep(e,t,r+1))).then(n).catch((t=>new c.default(t).execute(e).then((t=>this.nextStep(e,t,r+1))).then(n).catch(i)))}))}getNextStep(e){return this.steps.get(e)||new c.default("Unknown authentication step: "+e)}}u.AUTH_DONE="done",u.AUTH_EMPTY="",u.MAX_ATTEMPTS=50,t.default=u},7625:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=n(r(3350)),o=r(1727),s=r(4817),a=n(r(5186));class c{constructor(e,t){this.name=c.NAME,this.log=o.LoggerFactory.getLogger("mobile-instant-step"),this.errorCodeBak=a.default.ERROR_AUTHENTICATION_CLIENT_FAILURE,this.implementation=e,t?(this.getDeviceIp=t,this.deviceIpDetection=!1):(this.getDeviceIp=()=>null,this.deviceIpDetection=!0)}execute(e){return new Promise(((t,r)=>{let n=e.platform.getMobileAuthBuilder().withDeviceIpDetection(this.deviceIpDetection);switch(this.implementation){case s.MobileAuthImplementation.Pixel:n=n.withPixelImplementation();break;case s.MobileAuthImplementation.Fetch:n=n.withFetchImplementation().withFinishStep((t=>new Promise(((r,n)=>{e.fetchFromBackend("/v1/client/mobile/instant/finish",{vfp:t.vfp}).then(r).catch(n)}))))}n=n.withStartStep((t=>new Promise(((r,n)=>{const o=this.deviceIpDetection?t.deviceDescriptor.ip:this.getDeviceIp();e.fetchFromBackend("/v1/client/mobile/instant/start",{cellularIp:o,implementation:this.implementation}).then((e=>{var t;e.error?(this.nextBak=e.next,this.errorCodeBak=e.error.code,n(new i.default(e.error.message,e.error.code,e.next,!1))):r({authUrl:null===(t=e.data)||void 0===t?void 0:t.redirectUrl})})).catch(n)})))),n.build().authenticate().then((n=>{if(n){const e=n;e.error&&r(new i.default(n.error.message,n.error.code,n.next,!1)),t(e.next)}else e.fetchFromBackend("/v1/client/mobile/instant/finish",{}).then((e=>t(e.next))).catch((e=>{r(new i.default(n.error.message,n.error.code,n.next,!1))}))})).catch((e=>{r(new i.default(e,this.errorCodeBak,this.nextBak,!1))}))}))}}c.NAME="mobile/instant",t.default=c},3075:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),o=r(3794),s=n(r(3350)),a=r(3225),c=n(r(8907));class l extends a.AuthStatusActions{constructor(e,t){super(),this.name=l.NAME,this.log=i.LoggerFactory.getLogger("mobile-instantlink-step"),this.startStep=e,this.getDeviceIp=null!=t?t:()=>null}execute(e){return this.log.trace("Executing"),new Promise(((t,r)=>{var n,i,o,s,a,c,l=!0;(null===(o=null===(i=null===(n=e.claims)||void 0===n?void 0:n.auth.subs.mob)||void 0===i?void 0:i.auths.inln)||void 0===o?void 0:o.mnp)&&(l=!1);var u=!1;(null===(c=null===(a=null===(s=e.claims)||void 0===s?void 0:s.auth.subs.mob)||void 0===a?void 0:a.auths.inln)||void 0===c?void 0:c.tme)&&(u=!0),this.runStartStep(e,l).then((n=>{this.runFinishStep(e,u).then((()=>this.waitForStatus(e))).then((e=>t(e))).catch(r)})).catch(r)}))}runStartStep(e,t,r){return new Promise(((n,i)=>{this.startStep?this.startStep.execute(t,r).then((r=>{const a=c.default.validatePhoneNumberInput(r);a?i(a):e.fetchFromBackend("/v1/client/mobile/instantlink/start",{sourceIp:this.getDeviceIp(),mobileNumber:null==r?void 0:r.phoneNumber}).then((r=>{var a,c,l;const u=r;if(u.error)i(new s.default(u.error.message,u.error.code,r.next,!1));else if(u.data){var d="";(null===(a=u.data)||void 0===a?void 0:a.code)&&(d+=`Error Code: ${u.data.code}, `),(null===(c=u.data)||void 0===c?void 0:c.message)?d+=`${u.data.message}`:d+="Error validating phone number";let r=new o.PhoneValidationError(d,null===(l=u.data)||void 0===l?void 0:l.code);this.log.error(`Server reports invalid phone number: ${d}`),this.runStartStep(e,t,r).then(n).catch(i)}else n(u.next)})).catch(i)})).catch(i):i(new Error("InstantLink start step must be specified"))}))}runFinishStep(e,t){return new Promise(((r,n)=>{t?(this.log.info("Simulating user clicking the instant link"),setTimeout((()=>{e.platform.fetch(e.backendOrigin+"/v1/client/mobile/instantlink/finish?token="+encodeURIComponent(e.authToken)+"&vfp=test-vfp",{mode:"no-cors",method:"GET"}).catch((e=>{this.log.error("Calling AuthFinish in test mode has failed: ",s.default.extractMessage(e))})).finally(r)}),100)):r()}))}}l.NAME="mobile/instantlink",t.default=l},8907:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),o=n(r(3350)),s=r(8864),a=r(3794);class c{constructor(e,t){this.name=c.NAME,this.log=i.LoggerFactory.getLogger("mobile-otp-step"),this.otpStartStep=e,this.otpFinishStep=t}execute(e){return new Promise(((t,r)=>{var n,i,o;if(this.otpStartStep)if(this.otpFinishStep){var s=!0;(null===(o=null===(i=null===(n=e.claims)||void 0===n?void 0:n.auth.subs.mob)||void 0===i?void 0:i.auths.otp)||void 0===o?void 0:o.mnp)&&(s=!1),this.runOtpStartStep(e,this.otpStartStep,this.otpFinishStep,s).then(t).catch(r)}else r(new Error("OtpFinishStep step must be specified"));else r(new Error("OtpStartStep step must be specified"))}))}static validatePhoneNumberInput(e){if(null!=e)return"object"!=typeof e?new o.default("Input must be an object"):"phoneNumber"in e?"string"!=typeof e.phoneNumber?new o.default("phoneNumber field in the input must be a string"):void 0:new o.default("phoneNumber field in the input is missing")}runOtpStartStep(e,t,r,n,i){return new Promise(((s,l)=>{t.execute(n,i).then((i=>{const u=c.validatePhoneNumberInput(i);u?l(u):e.fetchFromBackend("/v1/client/mobile/otp/start",{mobileNumber:null==i?void 0:i.phoneNumber}).then((i=>{const c=i;if(c.error)l(new o.default(c.error.message,c.error.code,i.next,!1));else if(c.data){let i=c.data;var u="";(null==i?void 0:i.code)&&(u+=`Error Code: ${i.code}, `),(null==i?void 0:i.message)?u+=`${i.message}`:u+="Error validating phone number";let o=new a.PhoneValidationError(u,null==i?void 0:i.code);this.log.error(`Server reports invalid phone number: ${u}`),this.runOtpStartStep(e,t,r,n,o).then(s).catch(l)}else this.runOtpFinishStep(e,t,r,n).then(s).catch(l)})).catch(l)})).catch((e=>{const t=o.default.extractMessage(e);l(new Error(`Failed to start OTP flow: ${t}`))}))}))}static validateFinishResult(e){if(null==e||"object"!=typeof e)return new o.default("result should be a valid object");if(!("resultType"in e))return new o.default("resultType field in the result is missing");if(e.resultType===s.OtpFinishResultType.OnSuccess){const t=e.input;if(null==t||"object"!=typeof t)return new o.default("input should be a valid object when resultType field is set with OnSuccess value");if(!("otp"in t))return new o.default("otp field in the input is missing");if("string"!=typeof t.otp)return new o.default("otp field in the input must be a string")}}runOtpFinishStep(e,t,r,n,i){return new Promise(((a,l)=>{r.execute(i).then((i=>{var u;let d=i;const h=c.validateFinishResult(d);if(h)l(h);else switch(d.resultType){case s.OtpFinishResultType.OnResendOtp:this.runOtpStartStep(e,t,r,n).then(a).catch(l);break;case s.OtpFinishResultType.OnSuccess:let i=d.input;e.fetchFromBackend("/v1/client/mobile/otp/finish",{otp:null!==(u=null==i?void 0:i.otp)&&void 0!==u?u:""}).then((i=>{const c=i;if(c.error)l(new o.default(c.error.message,c.error.code,i.next,!1));else if(c.data){let i=c.data;var u="";(null==i?void 0:i.code)&&(u+=`Error Code: ${i.code}, `),(null==i?void 0:i.message)?u+=`${i.message}`:u+="Error validating OTP";let o=new s.OtpError(u,null==i?void 0:i.code);this.log.error(`Server reports invalid OTP: ${u}`),this.runOtpFinishStep(e,t,r,n,o).then(a).catch(l)}else a(i.next)})).catch(l)}})).catch((e=>{const t=o.default.extractMessage(e);l(new Error(`Failed to obtain OTP for verification: ${t}}`))}))}))}}c.NAME="mobile/otp",t.default=c},3794:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.PhoneValidationError=void 0;const i=n(r(3350));class o extends i.default{constructor(e,t){super(e,t)}}t.PhoneValidationError=o},8566:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.getUnixTime=t.arrayBufferToHexString=t.arrayBufferToString=t.stringToArrayBuffer=t.DEVICE_CAPABILITY_WEBAUTHN=void 0,t.DEVICE_CAPABILITY_WEBAUTHN="webauthn",t.stringToArrayBuffer=function(e){return(new TextEncoder).encode(e)},t.arrayBufferToString=function(e){return String.fromCharCode.apply(null,Array.from(new Uint8Array(e)))},t.arrayBufferToHexString=function(e){return Array.from(new Uint8Array(e),(e=>("00"+e.toString(16)).slice(-2))).join("")},t.getUnixTime=function(){return Math.floor(Date.now()/1e3)}},6105:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=r(1727),o=n(r(3350)),s=n(r(9568)),a=n(r(8370)),c=n(r(1044)),l=n(r(6736)),u=n(r(1840)),d=n(r(7625)),h=n(r(3075)),f=n(r(8907)),g=n(r(4704)),p=n(r(1474)),v=r(2207);class _{constructor(e){if(this.logger=i.LoggerFactory.getLogger("report-error-step"),this._message="Unknown error",this.reportable=!0,this.name="error",e instanceof o.default){const t=e;this._message=t.message,this._code=t.code,this.nextStep=t.nextStep,this.reportable=t.reportable}else e&&(this._message=o.default.extractMessage(e));this._message||this.logger.warn("Unexpected error: "+e)}get code(){return this._code}get message(){return this._message}execute(e){let t=`Authentication step ${e.lastStep} failed`;if(this._code&&(t=t+", code: "+this._code),this._message&&(t=t+", message: "+this._message),this.logger.error(t),this.nextStep===s.default.AUTH_DONE)return Promise.resolve(s.default.AUTH_DONE);const r=e.lastStep?_.endpointMap.get(e.lastStep):void 0;return!r||!this.reportable&&this.nextStep?this.nextStep?Promise.resolve(this.nextStep):Promise.reject(new o.default("Cannot determine the next auth step")):new Promise(((t,n)=>{e.fetchFromBackend(`/v1/client/${r}/error`,{code:this._code?this._code:void 0,message:this._message}).then((e=>t(e.next))).catch(n)}))}}_.endpointMap=new Map([[l.default.NAME,"device/passive"],[c.default.NAME,"device/passive"],[a.default.NAME,"device/fido2"],[u.default.NAME,"device/fido2"],[p.default.NAME,"device/fido2"],[d.default.NAME,"mobile/instant"],[h.default.NAME,"mobile/instantlink"],[f.default.NAME,"mobile/otp"],[g.default.NAME,"user/mobileactive"],[v.DeviceUniversalRedirectExchangeStep.NAME,"device/universal"],[v.DeviceUniversalRedirectFinishStep.NAME,"device/universal"]]),t.default=_},1770:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727),i=r(8566),o=["/v1/client/stepup/unregister","/v1/client/device/unregister","/v1/client/device/passive/error","/v1/client/mobile/instant/error","/v1/client/mobile/otp/error","/v1/client/user/mobileactive","/v1/client/user/mobileactive/error"];t.default=class{constructor(e){this.log=n.LoggerFactory.getLogger("request-signer"),this.session=e}sign(e,t,r,n,i){return new Promise(((s,a)=>{this.session.getDeviceRegistration().then((c=>c&&c.deviceId?o.includes(t)?void Promise.all([this.getChallenge(c.deviceId),this.getHash(i)]).then((i=>{const o=i[0],l=i[1],u=e+"\n"+t+"\n"+r+"\n"+n+"\n"+o+"\n"+l;c.sign(u).then((e=>s({version:"3",challenge:o,signature:e,keyId:c.keyId}))).catch(a)})).catch(a):(this.log.debug("No signing needed for "+t),void s(null)):(this.log.debug("Device not registered, cannot sign"),void s(null)))).catch(a)}))}getChallenge(e){return new Promise(((t,r)=>{this.cachedChallenge&&this.cachedChallenge.receivedAt&&this.cachedChallenge.ttl&&this.cachedChallenge.deviceId===e&&this.cachedChallenge.receivedAt+this.cachedChallenge.ttl-60>(0,i.getUnixTime)()?t(this.cachedChallenge.challenge):this.session.fetchFromBackend("/v1/client/challenge",{deviceId:e}).then((e=>e)).then((e=>{var n;e.error?r(null===(n=e.error)||void 0===n?void 0:n.message):(e.receivedAt=(0,i.getUnixTime)(),this.cachedChallenge=e,t(e.challenge))})).catch(r)}))}getHash(e){return new Promise(((t,r)=>{crypto.subtle.digest("SHA-256",(0,i.stringToArrayBuffer)(e)).then((e=>t((0,i.arrayBufferToHexString)(e)))).catch(r)}))}}},1703:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=n(r(3350)),o=r(1727);class s{constructor(e){this.log=o.LoggerFactory.getLogger("scan-message-step"),this.name=s.NAME,this.authMessageHandler=e}execute(e){return new Promise(((t,r)=>{this.authMessageHandler?(e.authMessage||(this.log.warn("Auth message is missing"),e.authMessage={}),this.authMessageHandler(e.authMessage).then((n=>{e.fetchFromBackend("/v1/client/user/response",{response:n}).then((e=>{e.error?r(new i.default(e.error.message,e.error.code,e.next,!1)):t(e.next)}))})).catch(r)):r(new i.default("Failed to process auth message, the handler was not specified"))}))}}s.NAME="scan/message",t.default=s},7370:(e,t,r)=>{Object.defineProperty(t,"__esModule",{value:!0});const n=r(1727);class i{constructor(e){this.log=n.LoggerFactory.getLogger("settings"),this.upkEnabled=!1,this.storage=e}reset(){this.log.trace("reset"),this.deviceId=null,this.namespace=null,this.fidoPasskeyRegistered=!1}get deviceId(){return this.storage.getItem(this.getKey(i.DEVICE_ID_KEY))}set deviceId(e){this.setOrRemove(i.DEVICE_ID_KEY,e)}get fidoPasskeyRegistered(){return"true"===this.storage.getItem(this.getKey(i.FIDO_PASSKEY_REGISTERED_KEY))}set fidoPasskeyRegistered(e){this.setOrRemove(i.FIDO_PASSKEY_REGISTERED_KEY,e?"true":null)}get namespace(){return this.storage.getItem(this.getKey(i.NAMESPACE_KEY))}set namespace(e){this.log.trace("namespace set to "+e),this.setOrRemove(i.NAMESPACE_KEY,e)}getKey(e){return`${i.KEY_PREFIX}.${e}`}setOrRemove(e,t){t?this.storage.setItem(this.getKey(e),t):this.storage.removeItem(this.getKey(e))}}i.KEY_PREFIX="ProveAuth",i.DEVICE_ID_KEY="DeviceId",i.NAMESPACE_KEY="namespace",i.FIDO_PASSKEY_REGISTERED_KEY="fidoPasskeyRegistered",t.default=i},6185:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=n(r(3350));class o{constructor(){this.name=o.NAME}execute(e){return new Promise(((e,t)=>{t(new i.default(`Step ${this.name} is not supported yet`))}))}}o.NAME="user/mobileactive",t.default=o},4704:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0});const i=n(r(3350));class o{constructor(){this.name=o.NAME}execute(e){return new Promise(((e,t)=>{t(new i.default(`Step ${this.name} is not supported yet`))}))}}o.NAME="user/present",t.default=o},4781:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.WebDeviceRegistration=void 0;const i=r(1727),o=n(r(3350)),s=r(8566);class a{constructor(e){this.deviceId=null,this.namespace=e.namespace,this.endpoint=e.endpoint,e.createdAt?(this.createdAt=e.createdAt,this.keyId=e.keyId,this.deviceId=e.deviceId,this.algorithm=e.algorithm,this.keys=e.keys):(this.keyId=crypto.randomUUID(),this.algorithm="ES256",this.createdAt=(0,s.getUnixTime)())}setFpSignal(e){this.fingerprint=e}sign(e){return new Promise(((t,r)=>{this.initialize().then((()=>{this.keys&&crypto.subtle.sign({name:"ECDSA",hash:{name:"SHA-256"}},this.keys.privateKey,(0,s.stringToArrayBuffer)(e)).then((e=>t(btoa((0,s.arrayBufferToString)(this.p1363ToDer(e)))))).catch(r)})).catch(r)}))}getPublicKey(){return new Promise(((e,t)=>{this.initialize().then((()=>{this.keys&&crypto.subtle.exportKey("spki",this.keys.publicKey).then((t=>{const r=btoa((0,s.arrayBufferToString)(t));e("-----BEGIN PUBLIC KEY-----\n"+r+"\n-----END PUBLIC KEY-----")})).catch(t)})).catch(t)}))}getAuthRegistration(e){return new Promise(((t,r)=>{this.sign(e).then((e=>{this.getPublicKey().then((r=>{t({publicKey:{id:this.keyId,alg:this.algorithm,key:r,uvLevel:0},signature:e})})).catch(r)})).catch(r)}))}getSignals(){return{fingerprint:this.fingerprint}}initialize(){return new Promise(((e,t)=>{this.keys?e():crypto.subtle.generateKey({name:"ECDSA",namedCurve:"P-256"},!1,["sign","verify"]).then((t=>{this.keys=t,e()})).catch(t)}))}p1363ToDer(e){const t=(0,s.arrayBufferToHexString)(e);let r=t.substring(0,t.length/2),n=t.substring(t.length/2);r=r.replace(/^(00)+/,""),n=n.replace(/^(00)+/,""),parseInt(r.charAt(0),16)>=8&&(r=`00${r}`),parseInt(n.charAt(0),16)>=8&&(n=`00${n}`);const i=`02${(r.length/2).toString(16).padStart(2,"0")}${r}`,o=`02${(n.length/2).toString(16).padStart(2,"0")}${n}`,a=`30${((i.length+o.length)/2).toString(16).padStart(2,"0")}${i}${o}`.match(/[\da-f]{2}/gi);return a?new Uint8Array(a.map((e=>parseInt(e,16)))):new Uint8Array}lenVal(e){if("string"==typeof e||e instanceof String){const t=e;return`[${t.length}]: ${t}`}{const t=e;return`[${t.byteLength}]: ${Array.from(new Uint8Array(t),(e=>e.toString(16))).join(",")}`}}}t.WebDeviceRegistration=a;class c{constructor(e){this.log=i.LoggerFactory.getLogger("web-device-auth"),this.dbFactory=e}createRegistration(e){return new Promise(((t,r)=>{t(new a(e))}))}getRegistration(e){return new Promise(((t,r)=>{const n=this.openDatabase();n.onerror=e=>{r("Failed to open registration database: "+e)},n.onsuccess=n=>{const i=n.target.result,o=i.transaction([c.DB_STORE],"readonly");o.oncomplete=()=>i.close();const s=o.objectStore(c.DB_STORE).get(e);s.onerror=e=>{this.log.error(e),r(new Error("Failed to access registration"))},s.onsuccess=()=>{s.result?t(new a(s.result)):t(null)}}}))}storeRegistration(e){return new Promise(((t,r)=>{const n=this.openDatabase();n.onerror=e=>{r("Failed to open registration database: "+e)},n.onsuccess=n=>{const i=n.target.result,s=i.transaction([c.DB_STORE],"readwrite");s.oncomplete=()=>i.close();const a=s.objectStore(c.DB_STORE);this.log.trace("Saving registration");const l=a.put(e);l.onsuccess=()=>{this.log.trace("Registration saved"),t()},l.onerror=e=>{this.log.error(e),r(new o.default("Failed to store registration"))}}}))}deleteRegistration(e){return new Promise(((t,r)=>{var n=this.openDatabase();n.onerror=e=>{r("Failed to open registration database: "+e)},n.onsuccess=n=>{var i=n.target.result,o=i.transaction([c.DB_STORE],"readwrite");if(o.oncomplete=()=>i.close(),!i.objectStoreNames.contains(c.DB_STORE))return this.log.debug("Registration not found, store is missing"),void t();var s=o.objectStore(c.DB_STORE).delete(e);s.onsuccess=()=>{t()},s.onerror=e=>{this.log.error(e),r(new Error("Failed to delete registration"))}}}))}reset(){return new Promise(((e,t)=>{var r=this.dbFactory.deleteDatabase(c.DB_NAME);r.onsuccess=t=>{e()},r.onerror=t=>{this.log.warn("Failed to delete registration database"),this.log.warn(t),e()}}))}openDatabase(){const e=this.dbFactory.open(c.DB_NAME,c.DB_VERSION);return e.onupgradeneeded=e=>{var t;const r=null===(t=e.target)||void 0===t?void 0:t.result;r?(this.log.debug("Registration not found, database is missing, initializing"),r.createObjectStore(c.DB_STORE,{keyPath:"namespace"}).transaction.oncomplete=e=>{this.log.trace("Store initialization completed")}):this.log.error("Failed to initialize registration database: database is null")},e}}c.DB_VERSION=1,c.DB_NAME="ProveAuth",c.DB_STORE="Registrations",t.default=c},1092:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.WebPlatform=t.WebSocketMessageChannel=void 0;const i=r(8266),o=r(8566),s=n(r(1770)),a=n(r(4781));class c{constructor(e){this.webSocket=new WebSocket(e)}addEventListener(e,t){this.webSocket.addEventListener(e,t)}send(e){this.webSocket.send(e)}close(){this.webSocket.close()}}t.WebSocketMessageChannel=c,t.WebPlatform=class{constructor(){this.webauthn={getCredentials:e=>navigator.credentials.get(e),createCredentials:e=>navigator.credentials.create(e)},this.deviceAuth=new a.default(window.indexedDB)}getPlatformName(){return`${this.getBrowserName()} ${this.getBrowserVersion()} on ${this.getOSName()}`}getUserAgent(){return navigator.userAgent}isFidoSupported(){return null!=window.PublicKeyCredential}fetch(e,t){return fetch(e,t)}createMessageChannel(e){return new c(e)}createRequestSigner(e){return new s.default(e)}getBrowserName(){const e=navigator.userAgent;let t;return t=e.indexOf("Firefox")>-1?"Firefox":e.indexOf("Opera")>-1||e.indexOf("OPR")>-1?"Opera":e.indexOf("DuckDuckGo")>-1?"DuckDuckGo":e.indexOf("SamsungBrowser")>-1?"Samsung Browser":e.indexOf("Trident")>-1?"Internet Explorer":e.indexOf("Edge")>-1?"Edge":e.indexOf("Chrome")>-1?"Chrome":e.indexOf("Safari")>-1?"Safari":"Unknown",t}getBrowserVersion(){const e=navigator.userAgent.match(/(?:Firefox|Opera|OPR|SamsungBrowser|DuckDuckGo|Internet Explorer|Edge|Chrome|Safari)[\/|\s](\d+(\.\d+)?)/i);return e?e[1]:"Unknown"}getOSName(){const e=navigator.platform,t=navigator.userAgent;let r;if(/Win/i.test(e)){r="Windows";const e=t.match(/Win(?:dows )?NT (\d+\.\d+)/i);if(e){const t=parseFloat(e[1]);r+=11===t?" 11":10===t?" 10":6.3===t?" 8.1":6.2===t?" 8":6.1===t?" 7":6===t?" Vista":5.1===t||5.2===t?" XP":" (Unknown Version)"}}else if(e.match(/Mac/i)){r="Mac OS";const e=t.match(/Mac OS X (\d+[_.]\d+([_.]\d+)?)/i);e&&(r+=" "+e[1].replace(/_/g,"."))}else r=t.match(/Android/i)?"Android":t.match(/iOS|iPhone|iPad|iPod/i)?"iOS":e.match(/Linux/i)?"Linux":"Unknown";return r}getDeviceCapabilities(){return this.isFidoSupported()?[o.DEVICE_CAPABILITY_WEBAUTHN]:[]}getMobileAuthBuilder(){return new i.AuthenticatorBuilder}exit(e){}urlRedirect(e){window.location.replace(e)}getFpPromise(){return this.fpPromise}setFpPromise(e){this.fpPromise=e}getOrigin(){return window.location.origin}}},1786:(e,t)=>{var r;Object.defineProperty(t,"__esModule",{value:!0}),t.WebSocketCloseReasons=void 0,(r=t.WebSocketCloseReasons||(t.WebSocketCloseReasons={})).NORMAL_CLOSURE="Normal closure",r.GOING_AWAY="The connection is closed because a server is going down or a browser has navigated away from the page.",r.PROTOCOL_ERROR="The connection is closed due to a protocol error",r.UNSUPPORTED_DATA="The connection is closed because it has received unsupported data",r.NO_STATUS_RECEIVED="No closed status code was actually present.",r.ABNORMAL_CLOSURE="The connection was closed unexpectedly without a close frame",r.INVALID_FRAME_PAYLOAD_DATA="The connection was closed because it received inconsistent data in a message.",r.POLICY_VIOLATION="The connection was closed due to policy violation",r.MESSAGE_TOO_BIG="The connection was closed because it has received a message that is too big for it to process.",r.MANDATORY_EXTENSION="The connection was closed because the client required a server extension that was not supported.",r.INTERNAL_ERROR="The connection was closed because the server encountered an unexpected error",r.TLS_HANDSHAKE="The connection was closed due to a failure to perform a TLS handshake",r.UNKNOWN_REASON="Unknown reason"},8864:function(e,t,r){var n=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.OtpFinishResultType=t.OtpError=void 0;const i=n(r(3350));class o extends i.default{constructor(e,t){super(e,t)}}var s;t.OtpError=o,(s=t.OtpFinishResultType||(t.OtpFinishResultType={}))[s.OnSuccess=0]="OnSuccess",s[s.OnResendOtp=1]="OnResendOtp"},6462:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.USER_AGENT_VERSIONS=t.API_CONTRACT_VERSION=t.VERSION=void 0,t.VERSION="2.10.0",t.API_CONTRACT_VERSION="2.10.0",t.USER_AGENT_VERSIONS=`ProveAuth/${t.VERSION} Contract/${t.API_CONTRACT_VERSION} WEB/1`}},t={};function r(n){var i=t[n];if(void 0!==i)return i.exports;var o=t[n]={exports:{}};return e[n].call(o.exports,o,o.exports,r),o.exports}return r.d=(e,t)=>{for(var n in t)r.o(t,n)&&!r.o(e,n)&&Object.defineProperty(e,n,{enumerable:!0,get:t[n]})},r.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),r.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r(3607)})()));

package/build/lib/index.d.ts

@@ -11,5 +11,4 @@ import { PhoneValidationError } from './proveauth/internal/phone-number-input';
 import { OtpError, OtpStartStep, OtpStartInput, OtpStartStepFn, OtpFinishStep, OtpFinishInput, OtpFinishStepFn, OtpFinishResult, OtpFinishResultType } from './proveauth/otp';
 import { InstantLinkStartInput, InstantLinkStartStep, InstantLinkStartStepFn } from './proveauth/instantlink';
 import UserConsentStep, { UserConsentOutput, UserConsentStepFn } from './proveauth/user-consent-step';
-import { DarwiniumWrapper } from './proveauth/darwinium-wrapper';
-export { VERSION, AuthFinishStep, AuthFinishStepFn, AuthFinishStepInput, Authenticator, AuthenticatorBuilder, AuthMessage, AuthMessageHandler, AuthResponseStatus, CancelablePromise, DeviceRole, InstantLinkStartStep, InstantLinkStartInput, InstantLinkStartStepFn, Logger, LoggerFactory, LogLevel, LogWriter, MobileAuthImplementation, OtpFinishStep, OtpFinishInput, OtpFinishResult, OtpFinishStepFn, OtpFinishResultType, OtpStartStep, OtpStartInput, OtpStartStepFn, OtpError, PasskeyAlreadyExistCallback, PhoneValidationError, BuildConfig, DeviceContextOptions, UserConsentStep, UserConsentStepFn, UserConsentOutput, DarwiniumWrapper, };
+export { VERSION, AuthFinishStep, AuthFinishStepFn, AuthFinishStepInput, Authenticator, AuthenticatorBuilder, AuthMessage, AuthMessageHandler, AuthResponseStatus, CancelablePromise, DeviceRole, InstantLinkStartStep, InstantLinkStartInput, InstantLinkStartStepFn, Logger, LoggerFactory, LogLevel, LogWriter, MobileAuthImplementation, OtpFinishStep, OtpFinishInput, OtpFinishResult, OtpFinishStepFn, OtpFinishResultType, OtpStartStep, OtpStartInput, OtpStartStepFn, OtpError, PasskeyAlreadyExistCallback, PhoneValidationError, BuildConfig, DeviceContextOptions, UserConsentStep, UserConsentStepFn, UserConsentOutput, };

package/build/lib/index.js

@@ -26,7 +26,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.DarwiniumWrapper = exports.BuildConfig = exports.PhoneValidationError = exports.OtpError = exports.OtpFinishResultType = exports.MobileAuthImplementation = exports.LogLevel = exports.LoggerFactory = exports.DeviceRole = exports.CancelablePromise = exports.AuthResponseStatus = exports.AuthenticatorBuilder = exports.VERSION = void 0;
+exports.BuildConfig = exports.PhoneValidationError = exports.OtpError = exports.OtpFinishResultType = exports.MobileAuthImplementation = exports.LogLevel = exports.LoggerFactory = exports.DeviceRole = exports.CancelablePromise = exports.AuthResponseStatus = exports.AuthenticatorBuilder = exports.VERSION = void 0;
 const version_1 = require("./proveauth/version");
 Object.defineProperty(exports, "VERSION", { enumerable: true, get: function () { return version_1.VERSION; } });
 const authenticator_builder_1 = __importStar(require("./proveauth/authenticator-builder"));
@@ -47,5 +47,3 @@ Object.defineProperty(exports, "PhoneValidationError", { enumerable: true, get:
 const otp_1 = require("./proveauth/otp");
 Object.defineProperty(exports, "OtpError", { enumerable: true, get: function () { return otp_1.OtpError; } });
 Object.defineProperty(exports, "OtpFinishResultType", { enumerable: true, get: function () { return otp_1.OtpFinishResultType; } });
-const darwinium_wrapper_1 = require("./proveauth/darwinium-wrapper");
-Object.defineProperty(exports, "DarwiniumWrapper", { enumerable: true, get: function () { return darwinium_wrapper_1.DarwiniumWrapper; } });

package/build/lib/proveauth/authenticator-builder.d.ts

@@ -52,7 +52,6 @@ export default class AuthenticatorBuilder {
     getUrlsByBuildConfig(buildConfig?: BuildConfig): [string | undefined, string | undefined];
     getRegionByBuildConfig(buildConfig?: BuildConfig): Region;
     private getFpPromiseInstanceFromOptions;
-    private runDarwiniumDataCollection;
     withPasskeyAlreadyExistCallback(handler: PasskeyAlreadyExistCallback): AuthenticatorBuilder;
     build(): Authenticator;
 }

package/build/lib/proveauth/authenticator-builder.js

@@ -21,8 +21,6 @@ const main_authenticator_1 = __importDefault(require("./internal/main-authentica
 const logger_1 = require("./common/logger");
 const settings_1 = __importDefault(require("./internal/settings"));
 const device_context_options_1 = require("./device-context-options");
-const darwinium_result_1 = __importDefault(require("./darwinium-result"));
-const auth_error_1 = __importDefault(require("./internal/auth-error"));
 var DeviceRole;
 (function (DeviceRole) {
     DeviceRole[DeviceRole["Primary"] = 0] = "Primary";
@@ -202,55 +200,6 @@ class AuthenticatorBuilder {
             this.log.trace('FingerprintJS is not installed or failed to load', error);
         }
     }
-    runDarwiniumDataCollection(settings, options) {
-        var _a, _b;
-        if (!options) {
-            return;
-        }
-        if (!options.extraDeviceSignalEnabled) {
-            return;
-        }
-        const existingDarwiniumResult = settings.darwiniumResult;
-        if (existingDarwiniumResult) {
-            if (!existingDarwiniumResult.isExpired()) {
-                return;
-            }
-        }
-        if (options.iFrameEnabledForExtraDeviceSignals) {
-            let endpoint;
-            switch (options.buildConfig) {
-                case device_context_options_1.BuildConfig.US_PROD:
-                    endpoint = device_context_options_1.DarwiniumCollectionEndpoint.US_PROD;
-                    break;
-                case device_context_options_1.BuildConfig.US_UAT:
-                    endpoint = device_context_options_1.DarwiniumCollectionEndpoint.US_UAT;
-                    break;
-                case device_context_options_1.BuildConfig.DEV:
-                    endpoint = device_context_options_1.DarwiniumCollectionEndpoint.DEV;
-                    break;
-                default:
-                    const result = new darwinium_result_1.default();
-                    result.setExpiration();
-                    result.setErr('Unknown BuildConfig');
-                    settings.darwiniumResult = result;
-                    return;
-            }
-            (_a = this.platform) === null || _a === void 0 ? void 0 : _a.collectDarwiniumData(true, endpoint).then((result) => (settings.darwiniumResult = result)).catch((err) => {
-                const result = new darwinium_result_1.default();
-                result.setExpiration();
-                result.setErr(auth_error_1.default.extractMessage(err));
-                settings.darwiniumResult = result;
-            });
-        }
-        else {
-            (_b = this.platform) === null || _b === void 0 ? void 0 : _b.collectDarwiniumData(false).then((result) => (settings.darwiniumResult = result)).catch((err) => {
-                const result = new darwinium_result_1.default();
-                result.setExpiration();
-                result.setErr(auth_error_1.default.extractMessage(err));
-                settings.darwiniumResult = result;
-            });
-        }
-    }
     withPasskeyAlreadyExistCallback(handler) {
         this.passkeyCreationHandler = handler;
         return this;
@@ -269,7 +218,6 @@ class AuthenticatorBuilder {
         }
         const settings = new settings_1.default(this.storage);
         settings.upkEnabled = this.upkEnabled;
-        this.runDarwiniumDataCollection(settings, this.deviceContextOptions);
         if (this.role === DeviceRole.Primary) {
             return new main_authenticator_1.default(this.platform, settings, this.authFinishStep, [
                 new device_universal_step_1.default(this.upkEnabled),

package/build/lib/proveauth/device-context-options.d.ts

@@ -11,16 +11,9 @@ export declare enum BuildConfig {
     US_UAT = "US_UAT",
     US_PROD = "US_PROD"
 }
-export declare enum DarwiniumCollectionEndpoint {
-    DEV = "https://upk.dev.prove-auth.proveapis.com/device-context",
-    US_UAT = "https://upk.uat.prove-auth.proveapis.com/device-context",
-    US_PROD = "https://upk.prove-auth.proveapis.com/device-context"
-}
 export default interface DeviceContextOptions {
     readonly buildConfig: BuildConfig;
     readonly publicApiKey: string;
     readonly customScriptUrl?: string;
     readonly customEndpointUrl?: string;
-    readonly extraDeviceSignalEnabled?: boolean;
-    readonly iFrameEnabledForExtraDeviceSignals?: boolean;
 }

package/build/lib/proveauth/device-context-options.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.DarwiniumCollectionEndpoint = exports.BuildConfig = exports.ProveAuthProxyEndpoint = exports.ProveAuthProxyScriptUrl = void 0;
+exports.BuildConfig = exports.ProveAuthProxyEndpoint = exports.ProveAuthProxyScriptUrl = void 0;
 var ProveAuthProxyScriptUrl;
 (function (ProveAuthProxyScriptUrl) {
     ProveAuthProxyScriptUrl["DEFAULT_US_UAT_SCRIPT_URL"] = "https://upk.uat.prove-auth.proveapis.com/vFqZceQyx8/uqLttozA7q";
@@ -17,9 +17,3 @@ var BuildConfig;
     BuildConfig["US_UAT"] = "US_UAT";
     BuildConfig["US_PROD"] = "US_PROD";
 })(BuildConfig = exports.BuildConfig || (exports.BuildConfig = {}));
-var DarwiniumCollectionEndpoint;
-(function (DarwiniumCollectionEndpoint) {
-    DarwiniumCollectionEndpoint["DEV"] = "https://upk.dev.prove-auth.proveapis.com/device-context";
-    DarwiniumCollectionEndpoint["US_UAT"] = "https://upk.uat.prove-auth.proveapis.com/device-context";
-    DarwiniumCollectionEndpoint["US_PROD"] = "https://upk.prove-auth.proveapis.com/device-context";
-})(DarwiniumCollectionEndpoint = exports.DarwiniumCollectionEndpoint || (exports.DarwiniumCollectionEndpoint = {}));

package/build/lib/proveauth/internal/auth-request.d.ts

@@ -95,7 +95,6 @@ export interface V1ClientOtpFinish {
 }
 export interface Signals {
     fingerprint?: Signal;
-    darwinium?: Signal;
 }
 export interface Signal {
     results?: string;

package/build/lib/proveauth/internal/auth-session.d.ts

@@ -1,6 +1,6 @@
 /// <reference types="webappsec-credential-management" />
 import AuthMessage from './auth-message';
-import { AuthRequest, Signal, Signals } from './auth-request';
+import { AuthRequest, Signal } from './auth-request';
 import AuthResponse from './auth-response';
 import AuthTokenClaims, { UserVerificationLevel } from './auth-token-claims';
 import { DeviceRegistration } from './device-auth';
@@ -32,10 +32,7 @@ export default class AuthSession implements AuthSessionIntegration {
     closeAllMessageChannels(): void;
     getDeviceRegistration(): Promise<DeviceRegistration | null>;
     embedFpResultToDeviceRegistration(registration: DeviceRegistration): Promise<DeviceRegistration>;
-    embedDarwiniumResultToDeviceRegistration(registration: DeviceRegistration): Promise<DeviceRegistration>;
-    embedDarwiniumSignal(signals: Signals): void;
     getFingerprintData(): Promise<Signal | undefined>;
     shouldCollectFP(): boolean;
-    shouldSendDarwiniumData(): boolean;
     private parseJwt;
 }

package/build/lib/proveauth/internal/auth-session.js

@@ -233,63 +233,6 @@ class AuthSession {
             });
         });
     }
-    embedDarwiniumResultToDeviceRegistration(registration) {
-        return new Promise((resolve) => {
-            const notAvaialbleErrMsg = 'Darwinium data is not avaialble';
-            if (this.shouldSendDarwiniumData()) {
-                const dResult = this.settings.darwiniumResult;
-                if (dResult) {
-                    if (!dResult.isExpired()) {
-                        if (dResult.getResultBlob()) {
-                            registration.setDarwiniumSignal({ results: dResult.getResultBlob() });
-                        }
-                        else {
-                            if (dResult.getError()) {
-                                registration.setDarwiniumSignal({ error: dResult.getError() });
-                            }
-                            else {
-                                registration.setDarwiniumSignal({ error: notAvaialbleErrMsg });
-                            }
-                        }
-                    }
-                    else {
-                        registration.setDarwiniumSignal({ error: 'Darwinium data is expired' });
-                    }
-                }
-                else {
-                    registration.setDarwiniumSignal({ error: notAvaialbleErrMsg });
-                }
-            }
-            resolve(registration);
-        });
-    }
-    embedDarwiniumSignal(signals) {
-        const notAvaialbleErrMsg = 'Darwinium data is not avaialble';
-        if (this.shouldSendDarwiniumData()) {
-            const dResult = this.settings.darwiniumResult;
-            if (dResult) {
-                if (!dResult.isExpired()) {
-                    if (dResult.getResultBlob()) {
-                        signals.darwinium = { results: dResult.getResultBlob() };
-                    }
-                    else {
-                        if (dResult.getError()) {
-                            signals.darwinium = { error: dResult.getError() };
-                        }
-                        else {
-                            signals.darwinium = { error: notAvaialbleErrMsg };
-                        }
-                    }
-                }
-                else {
-                    signals.darwinium = { error: 'Darwinium data is expired' };
-                }
-            }
-            else {
-                signals.darwinium = { error: notAvaialbleErrMsg };
-            }
-        }
-    }
     getFingerprintData() {
         return new Promise((resolve) => {
             var fpPromise = this.platform.getFpPromise();
@@ -331,10 +274,6 @@ class AuthSession {
         }
         return false;
     }
-    shouldSendDarwiniumData() {
-        var _a, _b, _c;
-        return ((_c = (_b = (_a = this.claims) === null || _a === void 0 ? void 0 : _a.auth.subs.dev) === null || _b === void 0 ? void 0 : _b.sgnls) === null || _c === void 0 ? void 0 : _c.dwn) ? true : false;
-    }
     parseJwt(token) {
         return JSON.parse(atob(token.split('.')[1]));
     }

package/build/lib/proveauth/internal/device-auth.d.ts

@@ -10,12 +10,10 @@ export interface DeviceRegistration {
     readonly endpoint: string;
     deviceId: string | null;
     fingerprint?: Signal;
-    darwinium?: Signal;
     sign: (data: string) => Promise<string>;
     getPublicKey: () => Promise<string>;
     getAuthRegistration: (challenge: string) => Promise<AuthRegistration>;
     setFpSignal: (fpSignal: Signal) => void;
-    setDarwiniumSignal: (dSignal: Signal) => void;
     getSignals: () => Signals;
 }
 export default interface DeviceAuth {

package/build/lib/proveauth/internal/device-passive-register-step.js

@@ -23,10 +23,7 @@ class DevicePassiveRegisterStep {
                     .getDeviceRegistration()
                     .then((devRegistration) => {
                     if (devRegistration) {
-                        session
-                            .embedFpResultToDeviceRegistration(devRegistration)
-                            .then((devRegistration) => session.embedDarwiniumResultToDeviceRegistration(devRegistration))
-                            .then((devRegistration) => {
+                        session.embedFpResultToDeviceRegistration(devRegistration).then((devRegistration) => {
                             this.finishRegistration(session, [this.getFido2Registration(session)], devRegistration.getSignals())
                                 .then(resolve)
                                 .catch(reject);
@@ -39,7 +36,6 @@ class DevicePassiveRegisterStep {
                             endpoint: session.backendOrigin,
                         })
                             .then((devRegistration) => session.embedFpResultToDeviceRegistration(devRegistration))
-                            .then((devRegistration) => session.embedDarwiniumResultToDeviceRegistration(devRegistration))
                             .then((devRegistration) => {
                             devRegistration
                                 .getAuthRegistration(session.challenge)

package/build/lib/proveauth/internal/device-passive-silent-step.js

@@ -21,10 +21,7 @@ class DevicePassiveSilentStep {
                 .getDeviceRegistration()
                 .then((registration) => {
                 if (registration) {
-                    session
-                        .embedFpResultToDeviceRegistration(registration)
-                        .then((registration) => session.embedDarwiniumResultToDeviceRegistration(registration))
-                        .then((registration) => {
+                    session.embedFpResultToDeviceRegistration(registration).then((registration) => {
                         this.verify(session, registration).then(resolve).catch(reject);
                     });
                 }
@@ -39,7 +36,6 @@ class DevicePassiveSilentStep {
                                 endpoint: session.backendOrigin,
                             })
                                 .then((registration) => session.embedFpResultToDeviceRegistration(registration))
-                                .then((registration) => session.embedDarwiniumResultToDeviceRegistration(registration))
                                 .then((registration) => this.register(session, registration))
                                 .then(resolve)
                                 .catch(reject);

package/build/lib/proveauth/internal/device-passive-step.js

@@ -222,7 +222,6 @@ class DevicePassiveStep extends DevicePassiveActions {
                 const signals = {
                     fingerprint: signal,
                 };
-                session.embedDarwiniumSignal(signals);
                 this.register(session, signals).then(resolve).catch(reject);
             })
                 .catch((error) => {
@@ -234,7 +233,6 @@ class DevicePassiveStep extends DevicePassiveActions {
                         error: errorMsg,
                     },
                 };
-                session.embedDarwiniumSignal(signals);
                 this.register(session, signals).then(resolve).catch(reject);
             });
         });

package/build/lib/proveauth/internal/device-passive-stepup-step.js

@@ -25,7 +25,6 @@ class DevicePassiveStepupStep extends device_passive_step_1.DevicePassiveActions
                 const signals = {
                     fingerprint: signal,
                 };
-                session.embedDarwiniumSignal(signals);
                 this.register(session, signals).then(resolve).catch(reject);
             })
                 .catch((error) => {
@@ -37,7 +36,6 @@ class DevicePassiveStepupStep extends device_passive_step_1.DevicePassiveActions
                         error: errorMsg,
                     },
                 };
-                session.embedDarwiniumSignal(signals);
                 this.register(session, signals).then(resolve).catch(reject);
             });
         });

package/build/lib/proveauth/internal/device-passive-verify-step.js

@@ -22,7 +22,6 @@ class DevicePassiveVerifyStep {
                 .getFingerprintData()
                 .then((signal) => {
                 const signals = { fingerprint: signal };
-                session.embedDarwiniumSignal(signals);
                 DevicePassiveVerifyStep.makeFidoVerifyFinishRequest(log, session, signals)
                     .then(resolve)
                     .catch(reject);
@@ -31,7 +30,6 @@ class DevicePassiveVerifyStep {
                 const errorMsg = `Unexpected error happened during Fingerprint data collection ${error.toString}`;
                 log.warn(errorMsg);
                 const signals = { fingerprint: { error: errorMsg } };
-                session.embedDarwiniumSignal(signals);
                 DevicePassiveVerifyStep.makeFidoVerifyFinishRequest(log, session, signals)
                     .then(resolve)
                     .catch(reject);

package/build/lib/proveauth/internal/platform.d.ts

@@ -4,7 +4,6 @@ import { AuthRequest } from './auth-request';
 import AuthResponse from './auth-response';
 import DeviceAuth, { DeviceRegistration } from './device-auth';
 import { Agent } from '@fingerprintjs/fingerprintjs-pro';
-import DarwiniumResult from '../darwinium-result';
 export declare const DEVICE_CAPABILITY_WEBAUTHN = "webauthn";
 export interface MessageChannel {
     addEventListener: (type: string, listener: (event: any) => void) => void;
@@ -44,7 +43,6 @@ export default interface Platform {
     getFpPromise: () => Promise<Agent> | undefined;
     setFpPromise: (fpPromise: Promise<Agent>) => void;
     getOrigin: () => string;
-    collectDarwiniumData: (iFrameEnabled: boolean, iFrameSrc?: string) => Promise<DarwiniumResult>;
 }
 export declare function stringToArrayBuffer(input: string): ArrayBuffer;
 export declare function arrayBufferToString(input: ArrayBuffer): string;

package/build/lib/proveauth/internal/settings.d.ts

@@ -1,10 +1,8 @@
-import DarwiniumResult from '../darwinium-result';
 export default class Settings {
     static readonly KEY_PREFIX = "ProveAuth";
     static readonly DEVICE_ID_KEY = "DeviceId";
     static readonly NAMESPACE_KEY = "namespace";
     static readonly FIDO_PASSKEY_REGISTERED_KEY = "fidoPasskeyRegistered";
-    static readonly DARWINIUM_RESULT_KEY = "DarwiniumResult";
     private readonly log;
     private storage;
     upkEnabled: boolean;
@@ -16,8 +14,6 @@ export default class Settings {
     set fidoPasskeyRegistered(val: boolean);
     get namespace(): string | null;
     set namespace(val: string | null);
-    get darwiniumResult(): DarwiniumResult | undefined;
-    set darwiniumResult(result: DarwiniumResult | undefined);
     private getKey;
     private setOrRemove;
 }

package/build/lib/proveauth/internal/settings.js

@@ -1,10 +1,6 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 const logger_1 = require("../common/logger");
-const darwinium_result_1 = __importDefault(require("../darwinium-result"));
 class Settings {
     constructor(storage) {
         this.log = logger_1.LoggerFactory.getLogger('settings');
@@ -16,7 +12,6 @@ class Settings {
         this.deviceId = null;
         this.namespace = null;
         this.fidoPasskeyRegistered = false;
-        this.darwiniumResult = undefined;
     }
     get deviceId() {
         return this.storage.getItem(this.getKey(Settings.DEVICE_ID_KEY));
@@ -37,16 +32,6 @@ class Settings {
         this.log.trace('namespace set to ' + val);
         this.setOrRemove(Settings.NAMESPACE_KEY, val);
     }
-    get darwiniumResult() {
-        let resultJson = this.storage.getItem(this.getKey(Settings.DARWINIUM_RESULT_KEY));
-        if (resultJson) {
-            const parsed = JSON.parse(resultJson);
-            return Object.assign(new darwinium_result_1.default(), parsed);
-        }
-    }
-    set darwiniumResult(result) {
-        this.setOrRemove(Settings.DARWINIUM_RESULT_KEY, JSON.stringify(result));
-    }
     getKey(key) {
         return `${Settings.KEY_PREFIX}.${key}`;
     }
@@ -63,5 +48,4 @@ Settings.KEY_PREFIX = 'ProveAuth';
 Settings.DEVICE_ID_KEY = 'DeviceId';
 Settings.NAMESPACE_KEY = 'namespace';
 Settings.FIDO_PASSKEY_REGISTERED_KEY = 'fidoPasskeyRegistered';
-Settings.DARWINIUM_RESULT_KEY = 'DarwiniumResult';
 exports.default = Settings;

package/build/lib/proveauth/internal/web-device-auth.d.ts

@@ -4,7 +4,6 @@ export declare class WebDeviceRegistration implements DeviceRegistration {
     private keys?;
     deviceId: string | null;
     fingerprint?: Signal;
-    darwinium?: Signal;
     readonly namespace: string;
     readonly keyId: string;
     readonly algorithm: string;
@@ -16,7 +15,6 @@ export declare class WebDeviceRegistration implements DeviceRegistration {
     getPublicKey(): Promise<string>;
     getAuthRegistration(challenge: string): Promise<AuthRegistration>;
     getSignals(): Signals;
-    setDarwiniumSignal(dwnSignal: Signal): void;
     private initialize;
     private p1363ToDer;
     private lenVal;

package/build/lib/proveauth/internal/web-device-auth.js

@@ -86,12 +86,8 @@ class WebDeviceRegistration {
     getSignals() {
         return {
             fingerprint: this.fingerprint,
-            darwinium: this.darwinium,
         };
     }
-    setDarwiniumSignal(dwnSignal) {
-        this.darwinium = dwnSignal;
-    }
     initialize() {
         return new Promise((resolve, reject) => {
             if (this.keys) {

package/build/lib/proveauth/internal/web-platform.d.ts

@@ -2,7 +2,6 @@ import { AuthenticatorBuilder } from '@prove-identity/mobile-auth';
 import Platform, { AuthSessionIntegration, MessageChannel, RequestSigner } from './platform';
 import WebDeviceAuth from './web-device-auth';
 import { Agent } from '@fingerprintjs/fingerprintjs-pro';
-import DarwiniumResult from '../darwinium-result';
 export declare class WebSocketMessageChannel implements MessageChannel {
     private readonly webSocket;
     constructor(endpointUrl: string);
@@ -33,5 +32,4 @@ export declare class WebPlatform implements Platform {
     getFpPromise(): Promise<Agent> | undefined;
     setFpPromise(fpPromise: Promise<Agent>): void;
     getOrigin(): string;
-    collectDarwiniumData(iFrameEnabled: boolean, iFrameSrc?: string): Promise<DarwiniumResult>;
 }

package/build/lib/proveauth/internal/web-platform.js

@@ -8,8 +8,6 @@ const mobile_auth_1 = require("@prove-identity/mobile-auth");
 const platform_1 = require("./platform");
 const request_signer_v3_1 = __importDefault(require("./request-signer-v3"));
 const web_device_auth_1 = __importDefault(require("./web-device-auth"));
-const darwinium_result_1 = __importDefault(require("../darwinium-result"));
-const darwinium_wrapper_1 = require("../darwinium-wrapper");
 class WebSocketMessageChannel {
     constructor(endpointUrl) {
         this.webSocket = new WebSocket(endpointUrl);
@@ -170,22 +168,5 @@ class WebPlatform {
     getOrigin() {
         return window.location.origin;
     }
-    collectDarwiniumData(iFrameEnabled, iFrameSrc) {
-        return new Promise((resolve) => {
-            if (iFrameEnabled) {
-                if (iFrameSrc) {
-                    return darwinium_wrapper_1.DarwiniumWrapper.collectDataInIFrame(iFrameSrc).then((result) => resolve(result));
-                }
-                else {
-                    const result = new darwinium_result_1.default();
-                    result.setErr('iFrame is enabled for Darwinium data collection but iFrame src endpoint is unavailable');
-                    resolve(result);
-                }
-            }
-            else {
-                return darwinium_wrapper_1.DarwiniumWrapper.collectData().then((result) => resolve(result));
-            }
-        });
-    }
 }
 exports.WebPlatform = WebPlatform;

package/build/lib/proveauth/version.d.ts

@@ -1,3 +1,3 @@
-export declare const VERSION = "2.9.1";
-export declare const API_CONTRACT_VERSION = "2.9.1";
+export declare const VERSION = "2.10.0";
+export declare const API_CONTRACT_VERSION = "2.10.0";
 export declare const USER_AGENT_VERSIONS: string;

package/build/lib/proveauth/version.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.USER_AGENT_VERSIONS = exports.API_CONTRACT_VERSION = exports.VERSION = void 0;
-exports.VERSION = '2.9.1';
-exports.API_CONTRACT_VERSION = '2.9.1';
+exports.VERSION = '2.10.0';
+exports.API_CONTRACT_VERSION = '2.10.0';
 exports.USER_AGENT_VERSIONS = `ProveAuth/${exports.VERSION} Contract/${exports.API_CONTRACT_VERSION} WEB/1`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@prove-identity/prove-auth",
-  "version": "2.9.1",
+  "version": "2.10.0",
   "description": "Prove Auth SDK for Web",
   "main": "build/lib/index.js",
   "files": [

package/build/lib/proveauth/darwinium-result.d.ts

@@ -1,11 +0,0 @@
-export default class DarwiniumResult {
-    private resultBlob?;
-    private err?;
-    private expiredAt?;
-    setResultBlob(blob: string): void;
-    setErr(err: string): void;
-    getResultBlob(): string | undefined;
-    getError(): string | undefined;
-    setExpiration(): void;
-    isExpired(): boolean;
-}

package/build/lib/proveauth/darwinium-result.js

@@ -1,25 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-class DarwiniumResult {
-    setResultBlob(blob) {
-        this.resultBlob = blob;
-    }
-    setErr(err) {
-        this.err = err;
-    }
-    getResultBlob() {
-        return this.resultBlob;
-    }
-    getError() {
-        return this.err;
-    }
-    setExpiration() {
-        const now = new Date();
-        const tenMinutesLater = new Date(now.getTime() + 10 * 60 * 1000);
-        this.expiredAt = tenMinutesLater.getTime();
-    }
-    isExpired() {
-        return this.expiredAt ? Date.now() > this.expiredAt : true;
-    }
-}
-exports.default = DarwiniumResult;

package/build/lib/proveauth/darwinium-wrapper.d.ts

@@ -1,6 +0,0 @@
-import DarwiniumResult from './darwinium-result';
-export declare class DarwiniumWrapper {
-    static collectData(): Promise<DarwiniumResult>;
-    static collectDataInIFrame(iFrameSrc: string): Promise<DarwiniumResult>;
-    static runDarwinmiumAndPostResultInMsg(): void;
-}

package/build/lib/proveauth/darwinium-wrapper.js

@@ -1,97 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DarwiniumWrapper = void 0;
-const darwinium_result_1 = __importDefault(require("./darwinium-result"));
-const auth_error_1 = __importDefault(require("./internal/auth-error"));
-class DarwiniumWrapper {
-    static collectData() {
-        return new Promise((resolve) => {
-            const result = new darwinium_result_1.default();
-            if (dwn) {
-                let dwnHandle = dwn.start({
-                    geo_location_enabled: false,
-                    mouse: true,
-                });
-                dwnHandle
-                    .collect()
-                    .then((dwnData) => {
-                    result.setResultBlob(dwnData);
-                    result.setExpiration();
-                    resolve(result);
-                })
-                    .catch((error) => {
-                    result.setErr(auth_error_1.default.extractMessage(error));
-                    result.setExpiration();
-                    resolve(result);
-                });
-            }
-            else {
-                result.setErr('Darwinium instance is not avaialble');
-                result.setExpiration();
-                resolve(result);
-            }
-        });
-    }
-    static collectDataInIFrame(iFrameSrc) {
-        return new Promise((resolve) => {
-            var _a;
-            const result = new darwinium_result_1.default();
-            const postMsgListener = (event) => {
-                if (event.data && event.data.source === 'prove-device-signal') {
-                    const blob = event.data.dwnData;
-                    result.setResultBlob(blob);
-                    result.setExpiration();
-                    console.log(blob);
-                    resolve(result);
-                    window.removeEventListener('message', postMsgListener);
-                }
-                else if (event.data && event.data.source === 'prove-device-signal-error') {
-                    const errMsg = event.data.dwnErr;
-                    result.setErr(errMsg);
-                    result.setExpiration();
-                    resolve(result);
-                    window.removeEventListener('message', postMsgListener);
-                }
-            };
-            let existingIframe = document.getElementById('prove-iframe');
-            if (existingIframe) {
-                (_a = existingIframe.parentNode) === null || _a === void 0 ? void 0 : _a.removeChild(existingIframe);
-            }
-            window.addEventListener('message', postMsgListener);
-            const iframe = document.createElement('iframe');
-            iframe.src = iFrameSrc;
-            iframe.style.display = 'none';
-            iframe.id = 'prove-iframe';
-            document.body.appendChild(iframe);
-        });
-    }
-    static runDarwinmiumAndPostResultInMsg() {
-        if (dwn) {
-            let dwnHandle = dwn.start({
-                geo_location_enabled: false,
-                mouse: true,
-            });
-            dwnHandle
-                .collect()
-                .then((data) => {
-                window.parent.postMessage({ source: 'prove-device-signal', dwnData: data }, '*');
-            })
-                .catch((error) => {
-                window.parent.postMessage({
-                    source: 'prove-device-signal-error',
-                    dwnErr: error,
-                }, '*');
-            });
-        }
-        else {
-            window.parent.postMessage({
-                source: 'prove-device-signal-error',
-                fpErr: 'Darwinium instance is not avaialble',
-            }, '*');
-        }
-    }
-}
-exports.DarwiniumWrapper = DarwiniumWrapper;