@siglume/direct-request-payment 0.3.6 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/CHANGELOG.md +30 -0
  2. package/README.md +87 -0
  3. package/dist/index.cjs +64 -2
  4. package/dist/index.cjs.map +1 -1
  5. package/dist/index.d.cts +51 -1
  6. package/dist/index.d.ts +51 -1
  7. package/dist/index.js +64 -2
  8. package/dist/index.js.map +1 -1
  9. package/docs/announcement-ja.md +16 -0
  10. package/docs/api-reference.md +123 -0
  11. package/docs/merchant-quickstart.md +130 -0
  12. package/docs/security.md +17 -0
  13. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -1,5 +1,35 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.4.0 - 2026-06-18
4
+
5
+ Hosted Checkout for human web shoppers ("Pay with Siglume"). The two buyer
6
+ systems are now both first-class: AI agents pay through the API/tools (unchanged)
7
+ and humans pay through a Siglume-hosted checkout page.
8
+
9
+ - **`DirectRequestPaymentMerchantClient.createCheckoutSession(...)`** (TS + Py):
10
+ create a single-use, expiring Hosted Checkout session. Siglume authors the
11
+ challenge server-side and returns a `checkout_url`; redirect the shopper there.
12
+ The shopper logs into Siglume, approves, and pays from their own Siglume wallet
13
+ (JPYC / USDC), then returns to your `success_url`. Fulfill on the existing
14
+ `direct_payment.confirmed` webhook — the source of truth — exactly as with the
15
+ agent flow. The merchant SDK still does not authenticate the buyer.
16
+ - **`getCheckoutSession(session_id)`** (TS + Py): read a session's status
17
+ (`open` / `authenticated` / `paid` / `expired` / `cancelled` / `failed`).
18
+ - **`checkout_allowed_origins`** added to `setupMerchant` / `setupCheckout`: a
19
+ return-URL origin allowlist (open-redirect defense). `success_url` /
20
+ `cancel_url` must be on a registered origin; the `webhook_callback_url` origin
21
+ is auto-allowed.
22
+ - Docs: documented the **two buyer systems** (human Web = Hosted Checkout; AI
23
+ agent / AtoA = direct API / tools), the AtoA **prerequisite** that the buyer
24
+ agent is pre-connected to Siglume (MCP/OAuth, or a custom app holding the
25
+ buyer's Siglume JWT), and the merchant / Siglume / buyer **boundaries** —
26
+ including that the buyer needs a Siglume wallet and this is **not** a card
27
+ payment.
28
+
29
+ No wire-format changes to existing challenges, requirements, or webhooks; 0.3.x
30
+ clients interoperate unchanged. Hosted Checkout is gated server-side and is a
31
+ purely additive surface.
32
+
3
33
  ## 0.3.6 - 2026-06-18
4
34
 
5
35
  Documentation and public-surface cleanup release. No wire-format or API changes;
package/README.md CHANGED
@@ -25,6 +25,93 @@ token for setup. `DirectRequestPaymentClient` requires the buyer's Siglume
25
25
  bearer token for payment requirements. Do not use a Developer Portal `cli_` API
26
26
  key with this package.
27
27
 
28
+ ## Two Kinds of Buyer
29
+
30
+ SDRP serves two kinds of buyer, and you integrate each differently. In both
31
+ cases the buyer pays from a **Siglume wallet** (JPYC for JPY, USDC for USD) — it
32
+ is **not** a card payment — and your **merchant SDK never authenticates the
33
+ buyer**.
34
+
35
+ 1. **Human web shopper → Hosted Checkout.** When a person clicks "Pay with
36
+ Siglume" on your site, call
37
+ [`createCheckoutSession(...)`](#hosted-checkout-human-web-shoppers) and
38
+ redirect them to the returned `checkout_url`. They sign into Siglume (passkey
39
+ or email code — the login *is* the wallet), review the amount, approve once,
40
+ and pay from their own wallet, then return to your `success_url`. This is the
41
+ Stripe-Checkout-equivalent path.
42
+
43
+ 2. **AI agent / agent-to-agent (AtoA) → direct API / tools.** An autonomous
44
+ buyer agent pays through `DirectRequestPaymentClient` (your app holds the
45
+ buyer's Siglume JWT) or through the Siglume marketplace tool
46
+ `market_confirm_direct_payment_and_execute` (MCP).
47
+
48
+ **Prerequisite (important):** agent payment assumes the buyer agent is
49
+ **already connected to Siglume before the payment**. An AI client
50
+ (Claude / ChatGPT / Cursor, …) connects through the **Siglume MCP server
51
+ (OAuth authorization, with a consent screen)**; a custom app holds the
52
+ buyer's **Siglume bearer token (JWT)**. Either way a Siglume authentication
53
+ context must be established before paying — the merchant SDK does not log the
54
+ buyer in. Unattended runs are bounded by Siglume's **approval gates / spending
55
+ budgets** (per-run / daily / monthly auto-pay budgets, or Works approval), not
56
+ by the merchant.
57
+
58
+ Honest framing: the part that integrates quickly is the **merchant plumbing**
59
+ (challenge or checkout session + webhook). Human web payment still requires the
60
+ shopper to have — or create — a Siglume wallet and pay from it; it is not a
61
+ card-style "instant" checkout for first-time buyers.
62
+
63
+ ## Hosted Checkout (Human Web Shoppers)
64
+
65
+ Hosted Checkout is a Siglume-hosted page that turns a "Pay with Siglume" button
66
+ into a completed wallet payment, then returns the shopper to your store. It
67
+ orchestrates the same rails as the agent flow — there is no new money movement
68
+ and the merchant fulfills on the same `direct_payment.confirmed` webhook.
69
+
70
+ ```ts
71
+ import { DirectRequestPaymentMerchantClient } from "@siglume/direct-request-payment";
72
+
73
+ const merchant = new DirectRequestPaymentMerchantClient({ auth_token: process.env.SIGLUME_MERCHANT_AUTH_TOKEN });
74
+
75
+ // 1. Register the return-URL origins once (open-redirect defense). The origin of
76
+ // your webhook_callback_url is auto-allowed in addition to these.
77
+ await merchant.setupMerchant({
78
+ merchant: "your_merchant_key",
79
+ webhook_callback_url: "https://api.your-shop.com/webhooks/siglume",
80
+ checkout_allowed_origins: ["https://www.your-shop.com"],
81
+ });
82
+
83
+ // 2. Per order: create a session and redirect the shopper to checkout_url.
84
+ const session = await merchant.createCheckoutSession({
85
+ merchant: "your_merchant_key",
86
+ amount_minor: 500, // server-fixed; the browser cannot change it
87
+ currency: "JPY",
88
+ nonce: order.id, // unique per order
89
+ success_url: "https://www.your-shop.com/thanks",
90
+ cancel_url: "https://www.your-shop.com/cart",
91
+ metadata: { order_id: order.id },
92
+ });
93
+ redirect(session.checkout_url); // -> https://siglume.com/pay/<session_id>
94
+
95
+ // 3. Fulfill when the signed direct_payment.confirmed webhook arrives (the
96
+ // source of truth). Poll merchant.getCheckoutSession(session.session_id) if
97
+ // you also want to show status in your own UI.
98
+ ```
99
+
100
+ Siglume fixes the amount, currency, challenge, and return URLs **server-side** at
101
+ session creation, so the browser cannot tamper with the price or the redirect
102
+ target. The shopper's Siglume credentials are never shared with your store.
103
+
104
+ **Who does what.**
105
+
106
+ - **Merchant** — confirms the order; signs the challenge (agent flow) or creates
107
+ a checkout session (web flow); verifies the webhook signature; fulfills
108
+ idempotently. Never sees the buyer's Siglume credentials.
109
+ - **Siglume** — provides the wallet and login, executes the wallet payment,
110
+ applies the fee, settles on-chain, and routes Micro / Nano automatically by
111
+ amount band.
112
+ - **Buyer** — needs a Siglume wallet funded in **JPYC / USDC**. **Not a card
113
+ payment.**
114
+
28
115
  ## Amount-Based Pricing and Settlement
29
116
 
30
117
  Pricing has one structure: you choose a **Standard Payment** plan once during
package/dist/index.cjs CHANGED
@@ -125,7 +125,7 @@ var DirectRequestPaymentClient = class {
125
125
  this.auth_token = authToken;
126
126
  this.base_url = (options.base_url ?? envValue("SIGLUME_API_BASE") ?? DEFAULT_SIGLUME_API_BASE).replace(/\/+$/, "");
127
127
  this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15e3));
128
- this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.3.6";
128
+ this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.0";
129
129
  this.fetch_impl = fetchImpl;
130
130
  }
131
131
  async createPaymentRequirement(input) {
@@ -230,7 +230,7 @@ var DirectRequestPaymentMerchantClient = class {
230
230
  this.auth_token = authToken;
231
231
  this.base_url = (options.base_url ?? envValue("SIGLUME_API_BASE") ?? DEFAULT_SIGLUME_API_BASE).replace(/\/+$/, "");
232
232
  this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15e3));
233
- this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.3.6";
233
+ this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.0";
234
234
  this.fetch_impl = fetchImpl;
235
235
  }
236
236
  async setupMerchant(input) {
@@ -254,8 +254,47 @@ var DirectRequestPaymentMerchantClient = class {
254
254
  if (input.max_amount_minor !== void 0) {
255
255
  payload.max_amount_minor = positiveInteger(input.max_amount_minor, "max_amount_minor");
256
256
  }
257
+ if (input.checkout_allowed_origins !== void 0) {
258
+ payload.checkout_allowed_origins = normalizeOriginList(input.checkout_allowed_origins);
259
+ }
257
260
  return this.request("POST", "/sdrp/direct-payments/merchants", payload);
258
261
  }
262
+ /**
263
+ * Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web
264
+ * shoppers). Siglume authors the challenge server-side, persists a single-use
265
+ * expiring session, and returns a `checkout_url`. Redirect the shopper there;
266
+ * they log into Siglume, approve, and pay from their own wallet, then return
267
+ * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook
268
+ * (the source of truth), exactly as with the agent flow.
269
+ *
270
+ * `success_url`/`cancel_url` must be on an origin you registered via
271
+ * `checkout_allowed_origins` (or your `webhook_callback_url` origin).
272
+ */
273
+ async createCheckoutSession(input) {
274
+ const payload = {
275
+ merchant: normalizeSelfServiceMerchant(input.merchant),
276
+ amount_minor: positiveInteger(input.amount_minor, "amount_minor"),
277
+ currency: normalizeCurrency(input.currency),
278
+ nonce: requireNonEmpty(input.nonce, "nonce"),
279
+ success_url: requireNonEmpty(input.success_url, "success_url"),
280
+ cancel_url: requireNonEmpty(input.cancel_url, "cancel_url")
281
+ };
282
+ if (input.metadata !== void 0) {
283
+ payload.metadata = cloneJsonObject(input.metadata, "metadata");
284
+ }
285
+ return this.request(
286
+ "POST",
287
+ "/sdrp/direct-payments/checkout-sessions",
288
+ payload
289
+ );
290
+ }
291
+ /** Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). */
292
+ async getCheckoutSession(session_id) {
293
+ return this.request(
294
+ "GET",
295
+ `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, "session_id"))}`
296
+ );
297
+ }
259
298
  async getMerchant(merchant) {
260
299
  return this.request(
261
300
  "GET",
@@ -624,6 +663,29 @@ function normalizeAllowedCurrencies(value) {
624
663
  function defaultTokenForCurrency(currency) {
625
664
  return currency === "JPY" ? "JPYC" : "USDC";
626
665
  }
666
+ function normalizeOriginList(value) {
667
+ if (!Array.isArray(value)) {
668
+ throw new SiglumeDirectRequestPaymentError("checkout_allowed_origins must be an array of origin URLs.");
669
+ }
670
+ const seen = /* @__PURE__ */ new Set();
671
+ const origins = [];
672
+ for (const item of value) {
673
+ let url;
674
+ try {
675
+ url = new URL(requireNonEmpty(String(item), "checkout_allowed_origins entry"));
676
+ } catch {
677
+ throw new SiglumeDirectRequestPaymentError(
678
+ "each checkout_allowed_origins entry must be an absolute origin such as https://shop.example.com."
679
+ );
680
+ }
681
+ const origin = `${url.protocol.toLowerCase()}//${url.host.toLowerCase()}`;
682
+ if (!seen.has(origin)) {
683
+ seen.add(origin);
684
+ origins.push(origin);
685
+ }
686
+ }
687
+ return origins;
688
+ }
627
689
  function positiveInteger(value, name) {
628
690
  const parsed = Number(value);
629
691
  if (!Number.isSafeInteger(parsed) || parsed <= 0) {
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts"],"sourcesContent":["export const DEFAULT_SIGLUME_API_BASE = \"https://siglume.com/v1\";\nexport const DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME = \"siglume-external-402-v1\";\n// Recurring (subscription / scheduled autopay) approval uses a DISTINCT scheme\n// with cadence bound into the HMAC, so a one-time checkout challenge can never\n// be replayed as a recurring authorization and vice versa.\nexport const DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME = \"siglume-external-402-recurring-v1\";\nexport const DIRECT_REQUEST_PAYMENT_MODE = \"external_402\";\nexport const DIRECT_REQUEST_PAYMENT_RECEIPT_KIND = \"sdrp_direct_payment\";\nexport const DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND = \"sdrp_direct_payment_allowance\";\nexport const DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE = \"sdrp_direct_payment_requirement\";\nexport const DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 300;\n\nexport type DirectRequestPaymentCurrency = \"JPY\" | \"USD\";\nexport type DirectRequestPaymentToken = \"JPYC\" | \"USDC\";\n\nexport interface DirectRequestPaymentChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface ParsedDirectRequestPaymentChallenge {\n scheme: string;\n nonce: string;\n signature: string;\n}\n\n/** \"monthly\" authorizes a Siglume-swept subscription; \"daily\" authorizes\n * merchant-triggered scheduled autopay. It is an approval tag, not a\n * run-count limiter. */\nexport type DirectRequestPaymentRecurringCadence = \"monthly\" | \"daily\";\n\nexport interface DirectRequestPaymentRecurringChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n cadence: DirectRequestPaymentRecurringCadence | string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentRecurringChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n cadence: DirectRequestPaymentRecurringCadence;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface Web3TransactionRequest {\n network?: string;\n chain_id?: number;\n from?: string;\n to?: string;\n data?: string;\n value?: string | number;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectPaymentRequirement {\n direct_payment_requirement_id: string;\n requirement_id: string;\n id: string;\n mode: string;\n merchant?: string | null;\n challenge_hash?: string | null;\n buyer_user_id: string;\n agent_id?: string | null;\n product_listing_id: string;\n listing_id: string;\n access_grant_id?: string | null;\n capability_key: string;\n requirement_hash: string;\n request_hash: string;\n siglume_signature: string;\n token_symbol: string;\n currency: string;\n amount_minor: number;\n fee_bps: number;\n status: string;\n expires_at?: string | null;\n confirmed_at?: string | null;\n spent_at?: string | null;\n chain_receipt_id?: string | null;\n transaction_request: Web3TransactionRequest;\n approve_transaction_request?: Web3TransactionRequest | null;\n buyer_confirmation?: string | null;\n non_custodial: boolean;\n metadata_jsonb?: Record<string, unknown>;\n created_at?: string | null;\n updated_at?: string | null;\n}\n\nexport interface DirectPaymentRequirementCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n challenge: string;\n token_symbol?: DirectRequestPaymentToken | string;\n allowance_amount_minor?: number;\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectPaymentVerifyInput {\n receipt_id?: string | null;\n chain_receipt_id?: string | null;\n await_finality?: boolean;\n await_required_status?: string | null;\n await_timeout_seconds?: number;\n await_poll_seconds?: number;\n}\n\nexport interface Web3PreparedTransactionExecutePayload {\n transaction_request: Web3TransactionRequest;\n receipt_kind: string;\n reference_type: typeof DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE;\n reference_id: string;\n metadata?: Record<string, unknown>;\n await_finality?: boolean;\n}\n\nexport interface Web3PreparedTransactionExecuteResult {\n receipt?: Record<string, unknown>;\n finalization?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentClientOptions {\n auth_token?: string;\n base_url?: string;\n fetch?: typeof fetch;\n timeout_ms?: number;\n user_agent?: string;\n}\n\nexport type DirectRequestPaymentBillingPlan = \"launch\" | \"free\" | \"starter\" | \"growth\" | \"pro\";\n\nexport interface DirectRequestPaymentMerchantAccount {\n merchant_account_id: string;\n merchant: string;\n merchant_user_id: string;\n user_wallet_id?: string | null;\n billing_mandate_id?: string | null;\n display_name?: string | null;\n status?: string | null;\n billing_status?: string | null;\n billing_plan?: string | null;\n billing_currency?: string | null;\n token_symbol?: string | null;\n monthly_fee_minor?: number | null;\n settlement_fee_bps?: number | null;\n settlement_fee_min_minor?: number | null;\n included_monthly_payments?: number | null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantSetupInput {\n merchant: string;\n display_name?: string;\n billing_plan?: DirectRequestPaymentBillingPlan | string;\n billing_currency?: DirectRequestPaymentCurrency | string;\n allowed_currencies?: Record<string, string> | Array<DirectRequestPaymentCurrency | string>;\n webhook_callback_url?: string;\n billing_mandate_cap_minor?: number;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantBillingMandateInput {\n currency?: DirectRequestPaymentCurrency | string;\n billing_currency?: DirectRequestPaymentCurrency | string;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantResponse {\n merchant_account: DirectRequestPaymentMerchantAccount;\n challenge_secret?: string | null;\n challenge_secret_created?: boolean;\n created?: boolean | null;\n listing_id?: string | null;\n mandate?: Record<string, unknown> | null;\n next_steps?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscriptionInput {\n callback_url: string;\n description?: string;\n event_types?: string[];\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscription {\n webhook_subscription_id?: string;\n subscription_id?: string;\n id?: string;\n callback_url?: string;\n signing_secret?: string;\n status?: string;\n event_types?: string[];\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupInput extends DirectRequestPaymentMerchantSetupInput {\n create_webhook_subscription?: boolean;\n prepare_billing_mandate?: boolean;\n webhook_event_types?: string[];\n webhook_description?: string;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupResult {\n merchant: DirectRequestPaymentMerchantResponse;\n billing_mandate?: DirectRequestPaymentMerchantResponse | null;\n webhook_subscription?: DirectRequestPaymentWebhookSubscription | null;\n env: Record<string, string>;\n}\n\nexport interface SiglumeEnvelopeMeta {\n request_id?: string | null;\n trace_id?: string | null;\n [key: string]: unknown;\n}\n\nexport interface WebhookSignatureVerification {\n timestamp: number;\n signature: string;\n}\n\nexport interface DirectRequestPaymentWebhookEvent {\n id: string;\n type: \"direct_payment.confirmed\" | string;\n api_version: string;\n occurred_at: string;\n data: {\n mode?: string;\n merchant?: string;\n direct_payment_requirement_id?: string;\n requirement_id?: string;\n challenge_hash?: string;\n amount_minor?: number;\n currency?: string;\n token_symbol?: string;\n status?: string;\n [key: string]: unknown;\n };\n [key: string]: unknown;\n}\n\nexport class SiglumeDirectRequestPaymentError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeDirectRequestPaymentError\";\n }\n}\n\nexport class SiglumeApiError extends SiglumeDirectRequestPaymentError {\n readonly status: number;\n readonly code: string;\n readonly data: unknown;\n\n constructor(message: string, options: { status: number; code?: string; data?: unknown }) {\n super(message);\n this.name = \"SiglumeApiError\";\n this.status = options.status;\n this.code = options.code ?? \"SIGLUME_API_ERROR\";\n this.data = options.data;\n }\n}\n\nexport class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookSignatureError\";\n }\n}\n\nexport class SiglumeWebhookPayloadError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookPayloadError\";\n }\n}\n\nexport class DirectRequestPaymentClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A buyer Siglume bearer token is required for Direct Request Payment API calls. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.3.6\";\n this.fetch_impl = fetchImpl;\n }\n\n async createPaymentRequirement(input: DirectPaymentRequirementCreateInput): Promise<DirectPaymentRequirement> {\n const payload: Record<string, unknown> = {\n mode: DIRECT_REQUEST_PAYMENT_MODE,\n merchant: normalizeMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n challenge: requireNonEmpty(input.challenge, \"challenge\"),\n };\n if (input.token_symbol !== undefined) {\n payload.token_symbol = normalizeToken(input.token_symbol);\n }\n if (input.allowance_amount_minor !== undefined) {\n payload.allowance_amount_minor = positiveInteger(input.allowance_amount_minor, \"allowance_amount_minor\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectPaymentRequirement>(\"POST\", \"/sdrp/direct-payments/requirements\", payload);\n }\n\n async getPaymentRequirement(requirement_id: string): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"GET\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}`,\n );\n }\n\n async verifyPaymentRequirement(\n requirement_id: string,\n input: DirectPaymentVerifyInput,\n ): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"POST\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}/verify`,\n input,\n );\n }\n\n async executePreparedTransaction(\n payload: Web3PreparedTransactionExecutePayload,\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.request<Web3PreparedTransactionExecuteResult>(\n \"POST\",\n \"/market/web3/transactions/execute-prepared\",\n payload,\n );\n }\n\n async executePaymentTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildPaymentExecutionPayload(requirement, options));\n }\n\n async executeAllowanceTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildAllowanceExecutionPayload(requirement, options));\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string | undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport class DirectRequestPaymentMerchantClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_MERCHANT_AUTH_TOKEN\") ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A merchant Siglume bearer token is required for Direct Request Payment merchant setup. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.3.6\";\n this.fetch_impl = fetchImpl;\n }\n\n async setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n billing_plan: normalizeBillingPlan(input.billing_plan ?? \"launch\"),\n billing_currency: normalizeCurrency(input.billing_currency ?? \"JPY\"),\n };\n if (input.display_name !== undefined) {\n payload.display_name = requireNonEmpty(input.display_name, \"display_name\");\n }\n if (input.allowed_currencies !== undefined) {\n payload.allowed_currencies = normalizeAllowedCurrencies(input.allowed_currencies);\n }\n if (input.webhook_callback_url !== undefined) {\n payload.webhook_callback_url = requireNonEmpty(input.webhook_callback_url, \"webhook_callback_url\");\n }\n if (input.billing_mandate_cap_minor !== undefined) {\n payload.billing_mandate_cap_minor = positiveInteger(input.billing_mandate_cap_minor, \"billing_mandate_cap_minor\");\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\"POST\", \"/sdrp/direct-payments/merchants\", payload);\n }\n\n async getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"GET\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}`,\n );\n }\n\n async rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/challenge-secret/rotate`,\n );\n }\n\n async prepareBillingMandate(\n merchant: string,\n input: DirectRequestPaymentMerchantBillingMandateInput = {},\n ): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {};\n if (input.currency !== undefined) {\n payload.currency = normalizeCurrency(input.currency);\n }\n if (input.billing_currency !== undefined) {\n payload.billing_currency = normalizeCurrency(input.billing_currency);\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/billing-mandate`,\n payload,\n );\n }\n\n async createWebhookSubscription(\n input: DirectRequestPaymentWebhookSubscriptionInput,\n ): Promise<DirectRequestPaymentWebhookSubscription> {\n const payload: Record<string, unknown> = {\n callback_url: requireNonEmpty(input.callback_url, \"callback_url\"),\n event_types: input.event_types?.length\n ? input.event_types.map((eventType) => requireNonEmpty(eventType, \"event_type\"))\n : [\"direct_payment.confirmed\", \"direct_payment.spent\"],\n };\n if (input.description !== undefined) {\n payload.description = requireNonEmpty(input.description, \"description\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectRequestPaymentWebhookSubscription>(\"POST\", \"/market/webhooks/subscriptions\", payload);\n }\n\n async setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult> {\n const merchant = await this.setupMerchant(input);\n const merchantKey = merchant.merchant_account.merchant;\n const billing_mandate = input.prepare_billing_mandate === false\n ? null\n : await this.prepareBillingMandate(merchantKey, {\n billing_currency: merchant.merchant_account.billing_currency ?? input.billing_currency ?? \"JPY\",\n max_amount_minor: input.max_amount_minor ?? input.billing_mandate_cap_minor,\n });\n const shouldCreateWebhook = input.create_webhook_subscription ?? Boolean(input.webhook_callback_url);\n const webhook_subscription = shouldCreateWebhook && input.webhook_callback_url\n ? await this.createWebhookSubscription({\n callback_url: input.webhook_callback_url,\n description: input.webhook_description ?? `${merchantKey} Direct Request Payment`,\n event_types: input.webhook_event_types,\n metadata: { merchant: merchantKey, sdk: \"@siglume/direct-request-payment\" },\n })\n : null;\n const env: Record<string, string> = {\n SIGLUME_DIRECT_PAYMENT_MERCHANT: merchantKey,\n };\n if (merchant.challenge_secret) {\n env.SIGLUME_DIRECT_PAYMENT_CHALLENGE_SECRET = merchant.challenge_secret;\n }\n const webhookSecret = stringOrNull(webhook_subscription?.signing_secret);\n if (webhookSecret) {\n env.SIGLUME_WEBHOOK_SECRET = webhookSecret;\n }\n return { merchant, billing_mandate, webhook_subscription, env };\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string | undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport async function createDirectRequestPaymentChallenge(\n input: DirectRequestPaymentChallengeInput,\n): Promise<DirectRequestPaymentChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = normalizeChallengeNonce(input.nonce);\n const material = `${merchant}:${amount}:${currency}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport function parseDirectRequestPaymentChallenge(challenge: string): ParsedDirectRequestPaymentChallenge {\n const parts = requireNonEmpty(challenge, \"challenge\").split(\":\");\n if (parts.length !== 3) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge must be scheme:nonce:signature.\");\n }\n const [scheme, nonce, signature] = parts;\n if (!scheme || !nonce || !signature) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge is incomplete.\");\n }\n return { scheme, nonce, signature };\n}\n\n/** Merchant-side, ONE-TIME approval of a recurring authorization: amount +\n * currency + cadence are bound into the HMAC. Recurring charges afterwards\n * are deliberately challenge-free; the recurring authorization and the\n * buyer's mandate/budget caps are the per-charge integrity checks. Cadence\n * \"monthly\" = subscription, \"daily\" = scheduled autopay approval tag. */\nexport async function createDirectRequestPaymentRecurringChallenge(\n input: DirectRequestPaymentRecurringChallengeInput,\n): Promise<DirectRequestPaymentRecurringChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentRecurringChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentRecurringChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n cadence: DirectRequestPaymentRecurringCadence | string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = normalizeChallengeNonce(input.nonce);\n // MUST stay byte-identical to the server's\n // _external_402_recurring_challenge_signature — both sides change together.\n const material = `${merchant}:${amount}:${currency}:${cadence}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport async function verifyDirectRequestPaymentRecurringChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n cadence: DirectRequestPaymentRecurringCadence | string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentRecurringChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n cadence: input.cadence,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function verifyDirectRequestPaymentChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function directRequestPaymentChallengeHash(challenge: string): Promise<string> {\n return sha256Prefixed(requireNonEmpty(challenge, \"challenge\"));\n}\n\nexport async function directRequestPaymentRequestHash(input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n challenge: string;\n}): Promise<string> {\n const material = `${normalizeMerchant(input.merchant)}${positiveInteger(input.amount_minor, \"amount_minor\")}${normalizeCurrency(input.currency)}${requireNonEmpty(input.challenge, \"challenge\")}`;\n return sha256Prefixed(material);\n}\n\nexport function buildPaymentExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n return buildPreparedTransactionExecutionPayload(requirement, requirement.transaction_request, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildAllowanceExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n const approveRequest = requirement.approve_transaction_request;\n if (!approveRequest || Object.keys(approveRequest).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"This payment requirement does not include an allowance approval transaction.\");\n }\n return buildPreparedTransactionExecutionPayload(requirement, approveRequest, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildPreparedTransactionExecutionPayload(\n requirement: DirectPaymentRequirement,\n transaction_request: Web3TransactionRequest,\n options: {\n receipt_kind: string;\n await_finality?: boolean;\n metadata?: Record<string, unknown>;\n },\n): Web3PreparedTransactionExecutePayload {\n const metadata = {\n ...(isRecord(transaction_request.metadata_jsonb) ? transaction_request.metadata_jsonb : {}),\n ...(options.metadata ?? {}),\n };\n return {\n transaction_request,\n receipt_kind: requireNonEmpty(options.receipt_kind, \"receipt_kind\"),\n reference_type: DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,\n reference_id: requirement.requirement_id,\n metadata,\n await_finality: Boolean(options.await_finality),\n };\n}\n\nexport async function computeWebhookSignature(\n signing_secret: string,\n body: Uint8Array | ArrayBuffer | string | Record<string, unknown>,\n options: { timestamp: number },\n): Promise<string> {\n if (!signing_secret) {\n throw new SiglumeWebhookSignatureError(\"SIGLUME webhook signing secret is required.\");\n }\n const timestamp = Math.trunc(options.timestamp);\n const bytes = bodyBytes(body);\n const prefix = new TextEncoder().encode(`${timestamp}.`);\n const payload = new Uint8Array(prefix.length + bytes.length);\n payload.set(prefix, 0);\n payload.set(bytes, prefix.length);\n return hmacSha256Hex(signing_secret, payload);\n}\n\nexport async function buildWebhookSignatureHeader(\n signing_secret: string,\n body: Uint8Array | ArrayBuffer | string | Record<string, unknown>,\n options: { timestamp?: number } = {},\n): Promise<string> {\n const timestamp = Math.trunc(options.timestamp ?? Date.now() / 1000);\n const signature = await computeWebhookSignature(signing_secret, body, { timestamp });\n return `t=${timestamp},v1=${signature}`;\n}\n\nexport async function verifyWebhookSignature(\n signing_secret: string,\n body: Uint8Array | ArrayBuffer | string | Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<WebhookSignatureVerification> {\n const { timestamp, signature } = parseSignatureHeader(signature_header);\n const toleranceSeconds = Math.max(1, Math.trunc(options.tolerance_seconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS));\n const nowSeconds = Math.trunc(options.now ?? Date.now() / 1000);\n if (Math.abs(nowSeconds - timestamp) > toleranceSeconds) {\n throw new SiglumeWebhookSignatureError(\"Webhook timestamp is outside the allowed tolerance window.\");\n }\n const expected = await computeWebhookSignature(signing_secret, body, { timestamp });\n if (!(await timingSafeEqualHex(expected, signature))) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature did not match.\");\n }\n return { timestamp, signature };\n}\n\nexport function parseDirectRequestPaymentWebhookEvent(payload: unknown): DirectRequestPaymentWebhookEvent {\n const event = requireRecord(payload, \"webhook event\");\n const data = requireRecord(event.data, \"webhook event data\");\n const parsed = {\n ...event,\n id: requireNonEmpty(stringOrNull(event.id) ?? \"\", \"webhook event id\"),\n type: requireNonEmpty(stringOrNull(event.type) ?? \"\", \"webhook event type\"),\n api_version: requireNonEmpty(stringOrNull(event.api_version) ?? \"\", \"webhook api_version\"),\n occurred_at: requireNonEmpty(stringOrNull(event.occurred_at) ?? \"\", \"webhook occurred_at\"),\n data: { ...data },\n } as DirectRequestPaymentWebhookEvent;\n if (parsed.type === \"direct_payment.confirmed\" && parsed.data.mode !== DIRECT_REQUEST_PAYMENT_MODE) {\n throw new SiglumeWebhookPayloadError(\"direct_payment.confirmed webhook must carry data.mode='external_402'.\");\n }\n return parsed;\n}\n\nexport async function verifyDirectRequestPaymentWebhook(\n signing_secret: string,\n body: Uint8Array | ArrayBuffer | string | Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<{ event: DirectRequestPaymentWebhookEvent; verification: WebhookSignatureVerification }> {\n const verification = await verifyWebhookSignature(signing_secret, body, signature_header, options);\n const text = new TextDecoder().decode(bodyBytes(body));\n let parsed: unknown;\n try {\n parsed = JSON.parse(text);\n } catch (error) {\n throw new SiglumeWebhookPayloadError(\"Webhook body must contain valid JSON.\");\n }\n return { event: parseDirectRequestPaymentWebhookEvent(parsed), verification };\n}\n\nexport const createExternal402Challenge = createDirectRequestPaymentChallenge;\nexport const verifyExternal402Challenge = verifyDirectRequestPaymentChallenge;\nexport const createExternal402RecurringChallenge = createDirectRequestPaymentRecurringChallenge;\nexport const verifyExternal402RecurringChallenge = verifyDirectRequestPaymentRecurringChallenge;\n\nfunction normalizeMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9._-]{0,95}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be a lowercase key using letters, numbers, dot, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeSelfServiceMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9_-]{2,63}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be 3-64 chars using lowercase letters, numbers, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeBillingPlan(value: string): DirectRequestPaymentBillingPlan {\n const plan = requireNonEmpty(value, \"billing_plan\").toLowerCase();\n if (plan === \"launch\" || plan === \"free\" || plan === \"starter\" || plan === \"growth\" || plan === \"pro\") {\n return plan;\n }\n throw new SiglumeDirectRequestPaymentError(\"billing_plan must be launch, starter, growth, or pro.\");\n}\n\nfunction normalizeCurrency(value: string): DirectRequestPaymentCurrency {\n const currency = requireNonEmpty(value, \"currency\").toUpperCase();\n if (currency !== \"JPY\" && currency !== \"USD\") {\n throw new SiglumeDirectRequestPaymentError(\"currency must be JPY or USD.\");\n }\n return currency;\n}\n\nfunction normalizeToken(value: string): DirectRequestPaymentToken {\n const token = requireNonEmpty(value, \"token_symbol\").toUpperCase();\n if (token !== \"JPYC\" && token !== \"USDC\") {\n throw new SiglumeDirectRequestPaymentError(\"token_symbol must be JPYC or USDC.\");\n }\n return token;\n}\n\nfunction normalizeAllowedCurrencies(value: Record<string, string> | Array<DirectRequestPaymentCurrency | string>): Record<string, string> {\n const normalized: Record<string, string> = {};\n if (Array.isArray(value)) {\n for (const item of value) {\n const currency = normalizeCurrency(item);\n normalized[currency] = defaultTokenForCurrency(currency);\n }\n } else if (isRecord(value)) {\n for (const [rawCurrency, rawToken] of Object.entries(value)) {\n normalized[normalizeCurrency(rawCurrency)] = normalizeToken(String(rawToken));\n }\n } else {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must be an array or a currency-to-token object.\");\n }\n if (Object.keys(normalized).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must include at least one currency.\");\n }\n return normalized;\n}\n\nfunction defaultTokenForCurrency(currency: DirectRequestPaymentCurrency): DirectRequestPaymentToken {\n return currency === \"JPY\" ? \"JPYC\" : \"USDC\";\n}\n\nfunction positiveInteger(value: number, name: string): number {\n const parsed = Number(value);\n if (!Number.isSafeInteger(parsed) || parsed <= 0) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a positive safe integer.`);\n }\n return parsed;\n}\n\nfunction requireNonEmpty(value: string, name: string): string {\n const text = String(value ?? \"\").trim();\n if (!text) {\n throw new SiglumeDirectRequestPaymentError(`${name} is required.`);\n }\n return text;\n}\n\nfunction normalizeChallengeNonce(value: string): string {\n const nonce = requireNonEmpty(value, \"nonce\");\n if (nonce.includes(\":\")) {\n throw new SiglumeDirectRequestPaymentError(\"nonce must not contain ':'.\");\n }\n return nonce;\n}\n\nfunction normalizeRecurringCadence(value: string): DirectRequestPaymentRecurringCadence {\n const cadence = requireNonEmpty(value, \"cadence\").toLowerCase();\n if (cadence !== \"monthly\" && cadence !== \"daily\") {\n throw new SiglumeDirectRequestPaymentError(\n 'cadence must be \"monthly\" (subscription) or \"daily\" (scheduled autopay).',\n );\n }\n return cadence;\n}\n\nfunction cloneJsonObject(value: Record<string, unknown>, name: string): Record<string, unknown> {\n try {\n const cloned = JSON.parse(JSON.stringify(value)) as unknown;\n if (!isRecord(cloned)) {\n throw new Error(\"not an object\");\n }\n return cloned;\n } catch (error) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a JSON-serializable object.`);\n }\n}\n\nfunction parseJson(rawText: string): unknown {\n try {\n return JSON.parse(rawText);\n } catch (error) {\n throw new SiglumeApiError(\"Siglume API returned invalid JSON.\", {\n status: 502,\n code: \"INVALID_JSON_RESPONSE\",\n data: rawText,\n });\n }\n}\n\nfunction stringOrNull(value: unknown): string | null {\n if (typeof value !== \"string\") {\n return null;\n }\n const text = value.trim();\n return text ? text : null;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction requireRecord(value: unknown, name: string): Record<string, unknown> {\n if (!isRecord(value)) {\n throw new SiglumeWebhookPayloadError(`${name} must be an object.`);\n }\n return value;\n}\n\nfunction envValue(name: string): string | undefined {\n if (typeof process === \"undefined\") {\n return undefined;\n }\n const value = process.env[name];\n return value && value.trim() ? value.trim() : undefined;\n}\n\nfunction bodyBytes(body: Uint8Array | ArrayBuffer | string | Record<string, unknown>): Uint8Array {\n if (body instanceof Uint8Array) {\n return body;\n }\n if (body instanceof ArrayBuffer) {\n return new Uint8Array(body);\n }\n if (typeof body === \"string\") {\n return new TextEncoder().encode(body);\n }\n if (isRecord(body)) {\n return new TextEncoder().encode(JSON.stringify(body));\n }\n throw new SiglumeWebhookPayloadError(\"Webhook body must be raw bytes, a string, or a JSON object.\");\n}\n\nfunction parseSignatureHeader(signatureHeader: string): { timestamp: number; signature: string } {\n let timestamp: number | null = null;\n let signature: string | null = null;\n for (const item of String(signatureHeader ?? \"\").split(\",\")) {\n const [key, value] = item.trim().split(\"=\", 2);\n if (key === \"t\") {\n const parsed = Number.parseInt(value ?? \"\", 10);\n if (!Number.isFinite(parsed)) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature timestamp is invalid.\");\n }\n timestamp = parsed;\n }\n if (key === \"v1\") {\n signature = String(value ?? \"\").trim();\n }\n }\n if (timestamp === null || !signature) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature header is incomplete.\");\n }\n return { timestamp, signature };\n}\n\nasync function randomNonce(): Promise<string> {\n if (globalThis.crypto?.randomUUID) {\n return globalThis.crypto.randomUUID();\n }\n const bytes = new Uint8Array(16);\n if (globalThis.crypto?.getRandomValues) {\n globalThis.crypto.getRandomValues(bytes);\n } else if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n bytes.set(crypto.randomBytes(16));\n } else {\n throw new SiglumeDirectRequestPaymentError(\"Crypto random number generation is unavailable in this runtime.\");\n }\n return bytesToHex(bytes);\n}\n\nasync function hmacSha256Hex(secret: string, payload: Uint8Array): Promise<string> {\n if (globalThis.crypto?.subtle) {\n const stablePayload = new Uint8Array(payload.byteLength);\n stablePayload.set(payload);\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n );\n const digest = await globalThis.crypto.subtle.sign(\"HMAC\", key, stablePayload);\n return bytesToHex(new Uint8Array(digest));\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return crypto.createHmac(\"sha256\", secret).update(Buffer.from(payload)).digest(\"hex\");\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for HMAC-SHA256 in this runtime.\");\n}\n\nasync function sha256Prefixed(material: string): Promise<string> {\n const bytes = new TextEncoder().encode(material);\n if (globalThis.crypto?.subtle) {\n const digest = await globalThis.crypto.subtle.digest(\"SHA-256\", bytes);\n return `sha256:${bytesToHex(new Uint8Array(digest))}`;\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return `sha256:${crypto.createHash(\"sha256\").update(Buffer.from(bytes)).digest(\"hex\")}`;\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for SHA-256 in this runtime.\");\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return [...bytes].map((item) => item.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\nfunction hexToBytes(hex: string): Uint8Array {\n const normalized = String(hex ?? \"\").trim().toLowerCase();\n if (normalized.length % 2 !== 0 || !/^[0-9a-f]*$/.test(normalized)) {\n throw new SiglumeWebhookSignatureError(\"Hex digest is invalid.\");\n }\n const bytes = new Uint8Array(normalized.length / 2);\n for (let index = 0; index < normalized.length; index += 2) {\n bytes[index / 2] = Number.parseInt(normalized.slice(index, index + 2), 16);\n }\n return bytes;\n}\n\nasync function timingSafeEqualHex(left: string, right: string): Promise<boolean> {\n const leftBytes = hexToBytes(left);\n const rightBytes = hexToBytes(right);\n if (leftBytes.length !== rightBytes.length) {\n return false;\n }\n let diff = 0;\n for (let index = 0; index < leftBytes.length; index += 1) {\n diff |= leftBytes[index]! ^ rightBytes[index]!;\n }\n return diff === 0;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,IAAM,2BAA2B;AACjC,IAAM,0CAA0C;AAIhD,IAAM,oDAAoD;AAC1D,IAAM,8BAA8B;AACpC,IAAM,sCAAsC;AAC5C,IAAM,gDAAgD;AACtD,IAAM,wCAAwC;AAC9C,IAAM,oCAAoC;AA+P1C,IAAM,mCAAN,cAA+C,MAAM;AAAA,EAC1D,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,iCAAiC;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,SAA4D;AACvF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS,QAAQ;AACtB,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAEO,IAAM,+BAAN,cAA2C,iCAAiC;AAAA,EACjF,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,cAAyC,iCAAiC;AAAA,EAC/E,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,MAAiC;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,oBAAoB;AACrE,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,yBAAyB,OAA+E;AAC5G,UAAM,UAAmC;AAAA,MACvC,MAAM;AAAA,MACN,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,WAAW,gBAAgB,MAAM,WAAW,WAAW;AAAA,IACzD;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,eAAe,MAAM,YAAY;AAAA,IAC1D;AACA,QAAI,MAAM,2BAA2B,QAAW;AAC9C,cAAQ,yBAAyB,gBAAgB,MAAM,wBAAwB,wBAAwB;AAAA,IACzG;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAkC,QAAQ,sCAAsC,OAAO;AAAA,EACrG;AAAA,EAEA,MAAM,sBAAsB,gBAA2D;AACrF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,IAC7G;AAAA,EACF;AAAA,EAEA,MAAM,yBACJ,gBACA,OACmC;AACnC,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,MAC3G;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,SAC+C;AAC/C,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,6BAA6B,aAAa,OAAO,CAAC;AAAA,EAC3F;AAAA,EAEA,MAAM,4BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,+BAA+B,aAAa,OAAO,CAAC;AAAA,EAC7F;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,qCAAN,MAAyC;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,6BAA6B,KAAK,SAAS,oBAAoB;AAChH,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,OAA8F;AAChH,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,qBAAqB,MAAM,gBAAgB,QAAQ;AAAA,MACjE,kBAAkB,kBAAkB,MAAM,oBAAoB,KAAK;AAAA,IACrE;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,gBAAgB,MAAM,cAAc,cAAc;AAAA,IAC3E;AACA,QAAI,MAAM,uBAAuB,QAAW;AAC1C,cAAQ,qBAAqB,2BAA2B,MAAM,kBAAkB;AAAA,IAClF;AACA,QAAI,MAAM,yBAAyB,QAAW;AAC5C,cAAQ,uBAAuB,gBAAgB,MAAM,sBAAsB,sBAAsB;AAAA,IACnG;AACA,QAAI,MAAM,8BAA8B,QAAW;AACjD,cAAQ,4BAA4B,gBAAgB,MAAM,2BAA2B,2BAA2B;AAAA,IAClH;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK,QAA8C,QAAQ,mCAAmC,OAAO;AAAA,EAC9G;AAAA,EAEA,MAAM,YAAY,UAAiE;AACjF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,UAAiE;AAC3F,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,UACA,QAAyD,CAAC,GACX;AAC/C,UAAM,UAAmC,CAAC;AAC1C,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,kBAAkB,MAAM,QAAQ;AAAA,IACrD;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,kBAAkB,MAAM,gBAAgB;AAAA,IACrE;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,MAC7F;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,OACkD;AAClD,UAAM,UAAmC;AAAA,MACvC,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,aAAa,MAAM,aAAa,SAC5B,MAAM,YAAY,IAAI,CAAC,cAAc,gBAAgB,WAAW,YAAY,CAAC,IAC7E,CAAC,4BAA4B,sBAAsB;AAAA,IACzD;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,cAAQ,cAAc,gBAAgB,MAAM,aAAa,aAAa;AAAA,IACxE;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAiD,QAAQ,kCAAkC,OAAO;AAAA,EAChH;AAAA,EAEA,MAAM,cAAc,OAAiG;AACnH,UAAM,WAAW,MAAM,KAAK,cAAc,KAAK;AAC/C,UAAM,cAAc,SAAS,iBAAiB;AAC9C,UAAM,kBAAkB,MAAM,4BAA4B,QACtD,OACA,MAAM,KAAK,sBAAsB,aAAa;AAAA,MAC9C,kBAAkB,SAAS,iBAAiB,oBAAoB,MAAM,oBAAoB;AAAA,MAC1F,kBAAkB,MAAM,oBAAoB,MAAM;AAAA,IACpD,CAAC;AACH,UAAM,sBAAsB,MAAM,+BAA+B,QAAQ,MAAM,oBAAoB;AACnG,UAAM,uBAAuB,uBAAuB,MAAM,uBACtD,MAAM,KAAK,0BAA0B;AAAA,MACrC,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM,uBAAuB,GAAG,WAAW;AAAA,MACxD,aAAa,MAAM;AAAA,MACnB,UAAU,EAAE,UAAU,aAAa,KAAK,kCAAkC;AAAA,IAC5E,CAAC,IACC;AACJ,UAAM,MAA8B;AAAA,MAClC,iCAAiC;AAAA,IACnC;AACA,QAAI,SAAS,kBAAkB;AAC7B,UAAI,0CAA0C,SAAS;AAAA,IACzD;AACA,UAAM,gBAAgB,aAAa,sBAAsB,cAAc;AACvE,QAAI,eAAe;AACjB,UAAI,yBAAyB;AAAA,IAC/B;AACA,WAAO,EAAE,UAAU,iBAAiB,sBAAsB,IAAI;AAAA,EAChE;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEA,eAAsB,oCACpB,OACwC;AACxC,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,6CAA6C,MAAM,QAAQ;AAAA,IACjF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,uCAAuC,IAAI,KAAK,IAAI,SAAS;AAClF,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,6CACpB,QACA,OAMiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AACjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,KAAK;AAC3D,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEO,SAAS,mCAAmC,WAAwD;AACzG,QAAM,QAAQ,gBAAgB,WAAW,WAAW,EAAE,MAAM,GAAG;AAC/D,MAAI,MAAM,WAAW,GAAG;AACtB,UAAM,IAAI,iCAAiC,kEAAkE;AAAA,EAC/G;AACA,QAAM,CAAC,QAAQ,OAAO,SAAS,IAAI;AACnC,MAAI,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW;AACnC,UAAM,IAAI,iCAAiC,iDAAiD;AAAA,EAC9F;AACA,SAAO,EAAE,QAAQ,OAAO,UAAU;AACpC;AAOA,eAAsB,6CACpB,OACiD;AACjD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,sDAAsD,MAAM,QAAQ;AAAA,IAC1F;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,iDAAiD,IAAI,KAAK,IAAI,SAAS;AAC5F,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,sDACpB,QACA,OAOiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AAGjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,OAAO,IAAI,KAAK;AACtE,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEA,eAAsB,6CACpB,QACA,OAOkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,mDAAmD;AACvE,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,sDAAsD,QAAQ;AAAA,IACnF,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,SAAS,MAAM;AAAA,IACf,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,oCACpB,QACA,OAMkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,yCAAyC;AAC7D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,6CAA6C,QAAQ;AAAA,IAC1E,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,kCAAkC,WAAoC;AAC1F,SAAO,eAAe,gBAAgB,WAAW,WAAW,CAAC;AAC/D;AAEA,eAAsB,gCAAgC,OAKlC;AAClB,QAAM,WAAW,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,cAAc,cAAc,CAAC,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,WAAW,WAAW,CAAC;AAC/L,SAAO,eAAe,QAAQ;AAChC;AAEO,SAAS,6BACd,aACA,UAA4E,CAAC,GACtC;AACvC,SAAO,yCAAyC,aAAa,YAAY,qBAAqB;AAAA,IAC5F,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,+BACd,aACA,UAA4E,CAAC,GACtC;AACvC,QAAM,iBAAiB,YAAY;AACnC,MAAI,CAAC,kBAAkB,OAAO,KAAK,cAAc,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,iCAAiC,8EAA8E;AAAA,EAC3H;AACA,SAAO,yCAAyC,aAAa,gBAAgB;AAAA,IAC3E,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,yCACd,aACA,qBACA,SAKuC;AACvC,QAAM,WAAW;AAAA,IACf,GAAI,SAAS,oBAAoB,cAAc,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,IACzF,GAAI,QAAQ,YAAY,CAAC;AAAA,EAC3B;AACA,SAAO;AAAA,IACL;AAAA,IACA,cAAc,gBAAgB,QAAQ,cAAc,cAAc;AAAA,IAClE,gBAAgB;AAAA,IAChB,cAAc,YAAY;AAAA,IAC1B;AAAA,IACA,gBAAgB,QAAQ,QAAQ,cAAc;AAAA,EAChD;AACF;AAEA,eAAsB,wBACpB,gBACA,MACA,SACiB;AACjB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,6BAA6B,6CAA6C;AAAA,EACtF;AACA,QAAM,YAAY,KAAK,MAAM,QAAQ,SAAS;AAC9C,QAAM,QAAQ,UAAU,IAAI;AAC5B,QAAM,SAAS,IAAI,YAAY,EAAE,OAAO,GAAG,SAAS,GAAG;AACvD,QAAM,UAAU,IAAI,WAAW,OAAO,SAAS,MAAM,MAAM;AAC3D,UAAQ,IAAI,QAAQ,CAAC;AACrB,UAAQ,IAAI,OAAO,OAAO,MAAM;AAChC,SAAO,cAAc,gBAAgB,OAAO;AAC9C;AAEA,eAAsB,4BACpB,gBACA,MACA,UAAkC,CAAC,GAClB;AACjB,QAAM,YAAY,KAAK,MAAM,QAAQ,aAAa,KAAK,IAAI,IAAI,GAAI;AACnE,QAAM,YAAY,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AACnF,SAAO,KAAK,SAAS,OAAO,SAAS;AACvC;AAEA,eAAsB,uBACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GAClB;AACvC,QAAM,EAAE,WAAW,UAAU,IAAI,qBAAqB,gBAAgB;AACtE,QAAM,mBAAmB,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,qBAAqB,iCAAiC,CAAC;AAC/G,QAAM,aAAa,KAAK,MAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAI;AAC9D,MAAI,KAAK,IAAI,aAAa,SAAS,IAAI,kBAAkB;AACvD,UAAM,IAAI,6BAA6B,4DAA4D;AAAA,EACrG;AACA,QAAM,WAAW,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AAClF,MAAI,CAAE,MAAM,mBAAmB,UAAU,SAAS,GAAI;AACpD,UAAM,IAAI,6BAA6B,kCAAkC;AAAA,EAC3E;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEO,SAAS,sCAAsC,SAAoD;AACxG,QAAM,QAAQ,cAAc,SAAS,eAAe;AACpD,QAAM,OAAO,cAAc,MAAM,MAAM,oBAAoB;AAC3D,QAAM,SAAS;AAAA,IACb,GAAG;AAAA,IACH,IAAI,gBAAgB,aAAa,MAAM,EAAE,KAAK,IAAI,kBAAkB;AAAA,IACpE,MAAM,gBAAgB,aAAa,MAAM,IAAI,KAAK,IAAI,oBAAoB;AAAA,IAC1E,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,MAAM,EAAE,GAAG,KAAK;AAAA,EAClB;AACA,MAAI,OAAO,SAAS,8BAA8B,OAAO,KAAK,SAAS,6BAA6B;AAClG,UAAM,IAAI,2BAA2B,uEAAuE;AAAA,EAC9G;AACA,SAAO;AACT;AAEA,eAAsB,kCACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GACyC;AAClG,QAAM,eAAe,MAAM,uBAAuB,gBAAgB,MAAM,kBAAkB,OAAO;AACjG,QAAM,OAAO,IAAI,YAAY,EAAE,OAAO,UAAU,IAAI,CAAC;AACrD,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,SAAS,OAAO;AACd,UAAM,IAAI,2BAA2B,uCAAuC;AAAA,EAC9E;AACA,SAAO,EAAE,OAAO,sCAAsC,MAAM,GAAG,aAAa;AAC9E;AAEO,IAAM,6BAA6B;AACnC,IAAM,6BAA6B;AACnC,IAAM,sCAAsC;AAC5C,IAAM,sCAAsC;AAEnD,SAAS,kBAAkB,OAAuB;AAChD,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,8BAA8B,KAAK,QAAQ,GAAG;AACjD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,6BAA6B,OAAuB;AAC3D,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,6BAA6B,KAAK,QAAQ,GAAG;AAChD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,OAAgD;AAC5E,QAAM,OAAO,gBAAgB,OAAO,cAAc,EAAE,YAAY;AAChE,MAAI,SAAS,YAAY,SAAS,UAAU,SAAS,aAAa,SAAS,YAAY,SAAS,OAAO;AACrG,WAAO;AAAA,EACT;AACA,QAAM,IAAI,iCAAiC,uDAAuD;AACpG;AAEA,SAAS,kBAAkB,OAA6C;AACtE,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,aAAa,SAAS,aAAa,OAAO;AAC5C,UAAM,IAAI,iCAAiC,8BAA8B;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,SAAS,eAAe,OAA0C;AAChE,QAAM,QAAQ,gBAAgB,OAAO,cAAc,EAAE,YAAY;AACjE,MAAI,UAAU,UAAU,UAAU,QAAQ;AACxC,UAAM,IAAI,iCAAiC,oCAAoC;AAAA,EACjF;AACA,SAAO;AACT;AAEA,SAAS,2BAA2B,OAAsG;AACxI,QAAM,aAAqC,CAAC;AAC5C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,kBAAkB,IAAI;AACvC,iBAAW,QAAQ,IAAI,wBAAwB,QAAQ;AAAA,IACzD;AAAA,EACF,WAAW,SAAS,KAAK,GAAG;AAC1B,eAAW,CAAC,aAAa,QAAQ,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,iBAAW,kBAAkB,WAAW,CAAC,IAAI,eAAe,OAAO,QAAQ,CAAC;AAAA,IAC9E;AAAA,EACF,OAAO;AACL,UAAM,IAAI,iCAAiC,oEAAoE;AAAA,EACjH;AACA,MAAI,OAAO,KAAK,UAAU,EAAE,WAAW,GAAG;AACxC,UAAM,IAAI,iCAAiC,wDAAwD;AAAA,EACrG;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,UAAmE;AAClG,SAAO,aAAa,QAAQ,SAAS;AACvC;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,SAAS,OAAO,KAAK;AAC3B,MAAI,CAAC,OAAO,cAAc,MAAM,KAAK,UAAU,GAAG;AAChD,UAAM,IAAI,iCAAiC,GAAG,IAAI,mCAAmC;AAAA,EACvF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,OAAO,OAAO,SAAS,EAAE,EAAE,KAAK;AACtC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,iCAAiC,GAAG,IAAI,eAAe;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,OAAuB;AACtD,QAAM,QAAQ,gBAAgB,OAAO,OAAO;AAC5C,MAAI,MAAM,SAAS,GAAG,GAAG;AACvB,UAAM,IAAI,iCAAiC,6BAA6B;AAAA,EAC1E;AACA,SAAO;AACT;AAEA,SAAS,0BAA0B,OAAqD;AACtF,QAAM,UAAU,gBAAgB,OAAO,SAAS,EAAE,YAAY;AAC9D,MAAI,YAAY,aAAa,YAAY,SAAS;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAgC,MAAuC;AAC9F,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,KAAK,UAAU,KAAK,CAAC;AAC/C,QAAI,CAAC,SAAS,MAAM,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IACjC;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,iCAAiC,GAAG,IAAI,sCAAsC;AAAA,EAC1F;AACF;AAEA,SAAS,UAAU,SAA0B;AAC3C,MAAI;AACF,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sCAAsC;AAAA,MAC9D,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AACF;AAEA,SAAS,aAAa,OAA+B;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK;AACxB,SAAO,OAAO,OAAO;AACvB;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,cAAc,OAAgB,MAAuC;AAC5E,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,2BAA2B,GAAG,IAAI,qBAAqB;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,SAAS,MAAkC;AAClD,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,QAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,SAAO,SAAS,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AAChD;AAEA,SAAS,UAAU,MAA+E;AAChG,MAAI,gBAAgB,YAAY;AAC9B,WAAO;AAAA,EACT;AACA,MAAI,gBAAgB,aAAa;AAC/B,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AACA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO,IAAI,YAAY,EAAE,OAAO,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,IAAI,GAAG;AAClB,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,IAAI,CAAC;AAAA,EACtD;AACA,QAAM,IAAI,2BAA2B,6DAA6D;AACpG;AAEA,SAAS,qBAAqB,iBAAmE;AAC/F,MAAI,YAA2B;AAC/B,MAAI,YAA2B;AAC/B,aAAW,QAAQ,OAAO,mBAAmB,EAAE,EAAE,MAAM,GAAG,GAAG;AAC3D,UAAM,CAAC,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE,MAAM,KAAK,CAAC;AAC7C,QAAI,QAAQ,KAAK;AACf,YAAM,SAAS,OAAO,SAAS,SAAS,IAAI,EAAE;AAC9C,UAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,cAAM,IAAI,6BAA6B,yCAAyC;AAAA,MAClF;AACA,kBAAY;AAAA,IACd;AACA,QAAI,QAAQ,MAAM;AAChB,kBAAY,OAAO,SAAS,EAAE,EAAE,KAAK;AAAA,IACvC;AAAA,EACF;AACA,MAAI,cAAc,QAAQ,CAAC,WAAW;AACpC,UAAM,IAAI,6BAA6B,yCAAyC;AAAA,EAClF;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEA,eAAe,cAA+B;AAC5C,MAAI,WAAW,QAAQ,YAAY;AACjC,WAAO,WAAW,OAAO,WAAW;AAAA,EACtC;AACA,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,MAAI,WAAW,QAAQ,iBAAiB;AACtC,eAAW,OAAO,gBAAgB,KAAK;AAAA,EACzC,WAAW,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AACnE,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,UAAM,IAAI,OAAO,YAAY,EAAE,CAAC;AAAA,EAClC,OAAO;AACL,UAAM,IAAI,iCAAiC,iEAAiE;AAAA,EAC9G;AACA,SAAO,WAAW,KAAK;AACzB;AAEA,eAAe,cAAc,QAAgB,SAAsC;AACjF,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,gBAAgB,IAAI,WAAW,QAAQ,UAAU;AACvD,kBAAc,IAAI,OAAO;AACzB,UAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,MACzC;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,MAAM;AAAA,MAC/B,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,MAChC;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AACA,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,aAAa;AAC7E,WAAO,WAAW,IAAI,WAAW,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,KAAK,OAAO,CAAC,EAAE,OAAO,KAAK;AAAA,EACtF;AACA,QAAM,IAAI,iCAAiC,yDAAyD;AACtG;AAEA,eAAe,eAAe,UAAmC;AAC/D,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,QAAQ;AAC/C,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,OAAO,WAAW,KAAK;AACrE,WAAO,UAAU,WAAW,IAAI,WAAW,MAAM,CAAC,CAAC;AAAA,EACrD;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,UAAU,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;AAAA,EACvF;AACA,QAAM,IAAI,iCAAiC,qDAAqD;AAClG;AAEA,SAAS,WAAW,OAA2B;AAC7C,SAAO,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE;AAC7E;AAEA,SAAS,WAAW,KAAyB;AAC3C,QAAM,aAAa,OAAO,OAAO,EAAE,EAAE,KAAK,EAAE,YAAY;AACxD,MAAI,WAAW,SAAS,MAAM,KAAK,CAAC,cAAc,KAAK,UAAU,GAAG;AAClE,UAAM,IAAI,6BAA6B,wBAAwB;AAAA,EACjE;AACA,QAAM,QAAQ,IAAI,WAAW,WAAW,SAAS,CAAC;AAClD,WAAS,QAAQ,GAAG,QAAQ,WAAW,QAAQ,SAAS,GAAG;AACzD,UAAM,QAAQ,CAAC,IAAI,OAAO,SAAS,WAAW,MAAM,OAAO,QAAQ,CAAC,GAAG,EAAE;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,eAAe,mBAAmB,MAAc,OAAiC;AAC/E,QAAM,YAAY,WAAW,IAAI;AACjC,QAAM,aAAa,WAAW,KAAK;AACnC,MAAI,UAAU,WAAW,WAAW,QAAQ;AAC1C,WAAO;AAAA,EACT;AACA,MAAI,OAAO;AACX,WAAS,QAAQ,GAAG,QAAQ,UAAU,QAAQ,SAAS,GAAG;AACxD,YAAQ,UAAU,KAAK,IAAK,WAAW,KAAK;AAAA,EAC9C;AACA,SAAO,SAAS;AAClB;","names":[]}
1
+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["export const DEFAULT_SIGLUME_API_BASE = \"https://siglume.com/v1\";\nexport const DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME = \"siglume-external-402-v1\";\n// Recurring (subscription / scheduled autopay) approval uses a DISTINCT scheme\n// with cadence bound into the HMAC, so a one-time checkout challenge can never\n// be replayed as a recurring authorization and vice versa.\nexport const DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME = \"siglume-external-402-recurring-v1\";\nexport const DIRECT_REQUEST_PAYMENT_MODE = \"external_402\";\nexport const DIRECT_REQUEST_PAYMENT_RECEIPT_KIND = \"sdrp_direct_payment\";\nexport const DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND = \"sdrp_direct_payment_allowance\";\nexport const DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE = \"sdrp_direct_payment_requirement\";\nexport const DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 300;\n\nexport type DirectRequestPaymentCurrency = \"JPY\" | \"USD\";\nexport type DirectRequestPaymentToken = \"JPYC\" | \"USDC\";\n\nexport interface DirectRequestPaymentChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface ParsedDirectRequestPaymentChallenge {\n scheme: string;\n nonce: string;\n signature: string;\n}\n\n/** \"monthly\" authorizes a Siglume-swept subscription; \"daily\" authorizes\n * merchant-triggered scheduled autopay. It is an approval tag, not a\n * run-count limiter. */\nexport type DirectRequestPaymentRecurringCadence = \"monthly\" | \"daily\";\n\nexport interface DirectRequestPaymentRecurringChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n cadence: DirectRequestPaymentRecurringCadence | string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentRecurringChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n cadence: DirectRequestPaymentRecurringCadence;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface Web3TransactionRequest {\n network?: string;\n chain_id?: number;\n from?: string;\n to?: string;\n data?: string;\n value?: string | number;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectPaymentRequirement {\n direct_payment_requirement_id: string;\n requirement_id: string;\n id: string;\n mode: string;\n merchant?: string | null;\n challenge_hash?: string | null;\n buyer_user_id: string;\n agent_id?: string | null;\n product_listing_id: string;\n listing_id: string;\n access_grant_id?: string | null;\n capability_key: string;\n requirement_hash: string;\n request_hash: string;\n siglume_signature: string;\n token_symbol: string;\n currency: string;\n amount_minor: number;\n fee_bps: number;\n status: string;\n expires_at?: string | null;\n confirmed_at?: string | null;\n spent_at?: string | null;\n chain_receipt_id?: string | null;\n transaction_request: Web3TransactionRequest;\n approve_transaction_request?: Web3TransactionRequest | null;\n buyer_confirmation?: string | null;\n non_custodial: boolean;\n metadata_jsonb?: Record<string, unknown>;\n created_at?: string | null;\n updated_at?: string | null;\n}\n\nexport interface DirectPaymentRequirementCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n challenge: string;\n token_symbol?: DirectRequestPaymentToken | string;\n allowance_amount_minor?: number;\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectPaymentVerifyInput {\n receipt_id?: string | null;\n chain_receipt_id?: string | null;\n await_finality?: boolean;\n await_required_status?: string | null;\n await_timeout_seconds?: number;\n await_poll_seconds?: number;\n}\n\nexport interface Web3PreparedTransactionExecutePayload {\n transaction_request: Web3TransactionRequest;\n receipt_kind: string;\n reference_type: typeof DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE;\n reference_id: string;\n metadata?: Record<string, unknown>;\n await_finality?: boolean;\n}\n\nexport interface Web3PreparedTransactionExecuteResult {\n receipt?: Record<string, unknown>;\n finalization?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentClientOptions {\n auth_token?: string;\n base_url?: string;\n fetch?: typeof fetch;\n timeout_ms?: number;\n user_agent?: string;\n}\n\nexport type DirectRequestPaymentBillingPlan = \"launch\" | \"free\" | \"starter\" | \"growth\" | \"pro\";\n\nexport interface DirectRequestPaymentMerchantAccount {\n merchant_account_id: string;\n merchant: string;\n merchant_user_id: string;\n user_wallet_id?: string | null;\n billing_mandate_id?: string | null;\n display_name?: string | null;\n status?: string | null;\n billing_status?: string | null;\n billing_plan?: string | null;\n billing_currency?: string | null;\n token_symbol?: string | null;\n monthly_fee_minor?: number | null;\n settlement_fee_bps?: number | null;\n settlement_fee_min_minor?: number | null;\n included_monthly_payments?: number | null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantSetupInput {\n merchant: string;\n display_name?: string;\n billing_plan?: DirectRequestPaymentBillingPlan | string;\n billing_currency?: DirectRequestPaymentCurrency | string;\n allowed_currencies?: Record<string, string> | Array<DirectRequestPaymentCurrency | string>;\n webhook_callback_url?: string;\n billing_mandate_cap_minor?: number;\n max_amount_minor?: number;\n // Hosted Checkout return-URL origin allowlist (open-redirect defense). Each\n // entry is an absolute origin such as \"https://shop.example.com\". The origin\n // of webhook_callback_url is auto-allowed in addition to these.\n checkout_allowed_origins?: string[];\n}\n\nexport interface HostedCheckoutSessionCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n nonce: string;\n success_url: string;\n cancel_url: string;\n metadata?: Record<string, unknown>;\n}\n\nexport interface HostedCheckoutSessionCreateResult {\n checkout_url: string;\n session_id: string;\n challenge_hash: string;\n status?: string;\n expires_at?: string | null;\n}\n\nexport interface HostedCheckoutSession {\n session_id: string;\n merchant: string;\n currency: string;\n token_symbol: string;\n amount_minor: number;\n status: string;\n challenge_hash: string;\n requirement_id?: string | null;\n success_url: string;\n cancel_url: string;\n expires_at?: string | null;\n authenticated_at?: string | null;\n paid_at?: string | null;\n cancelled_at?: string | null;\n created_at?: string | null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantBillingMandateInput {\n currency?: DirectRequestPaymentCurrency | string;\n billing_currency?: DirectRequestPaymentCurrency | string;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantResponse {\n merchant_account: DirectRequestPaymentMerchantAccount;\n challenge_secret?: string | null;\n challenge_secret_created?: boolean;\n created?: boolean | null;\n listing_id?: string | null;\n mandate?: Record<string, unknown> | null;\n next_steps?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscriptionInput {\n callback_url: string;\n description?: string;\n event_types?: string[];\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscription {\n webhook_subscription_id?: string;\n subscription_id?: string;\n id?: string;\n callback_url?: string;\n signing_secret?: string;\n status?: string;\n event_types?: string[];\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupInput extends DirectRequestPaymentMerchantSetupInput {\n create_webhook_subscription?: boolean;\n prepare_billing_mandate?: boolean;\n webhook_event_types?: string[];\n webhook_description?: string;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupResult {\n merchant: DirectRequestPaymentMerchantResponse;\n billing_mandate?: DirectRequestPaymentMerchantResponse | null;\n webhook_subscription?: DirectRequestPaymentWebhookSubscription | null;\n env: Record<string, string>;\n}\n\nexport interface SiglumeEnvelopeMeta {\n request_id?: string | null;\n trace_id?: string | null;\n [key: string]: unknown;\n}\n\nexport interface WebhookSignatureVerification {\n timestamp: number;\n signature: string;\n}\n\nexport interface DirectRequestPaymentWebhookEvent {\n id: string;\n type: \"direct_payment.confirmed\" | string;\n api_version: string;\n occurred_at: string;\n data: {\n mode?: string;\n merchant?: string;\n direct_payment_requirement_id?: string;\n requirement_id?: string;\n challenge_hash?: string;\n amount_minor?: number;\n currency?: string;\n token_symbol?: string;\n status?: string;\n [key: string]: unknown;\n };\n [key: string]: unknown;\n}\n\nexport class SiglumeDirectRequestPaymentError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeDirectRequestPaymentError\";\n }\n}\n\nexport class SiglumeApiError extends SiglumeDirectRequestPaymentError {\n readonly status: number;\n readonly code: string;\n readonly data: unknown;\n\n constructor(message: string, options: { status: number; code?: string; data?: unknown }) {\n super(message);\n this.name = \"SiglumeApiError\";\n this.status = options.status;\n this.code = options.code ?? \"SIGLUME_API_ERROR\";\n this.data = options.data;\n }\n}\n\nexport class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookSignatureError\";\n }\n}\n\nexport class SiglumeWebhookPayloadError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookPayloadError\";\n }\n}\n\nexport class DirectRequestPaymentClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A buyer Siglume bearer token is required for Direct Request Payment API calls. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.0\";\n this.fetch_impl = fetchImpl;\n }\n\n async createPaymentRequirement(input: DirectPaymentRequirementCreateInput): Promise<DirectPaymentRequirement> {\n const payload: Record<string, unknown> = {\n mode: DIRECT_REQUEST_PAYMENT_MODE,\n merchant: normalizeMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n challenge: requireNonEmpty(input.challenge, \"challenge\"),\n };\n if (input.token_symbol !== undefined) {\n payload.token_symbol = normalizeToken(input.token_symbol);\n }\n if (input.allowance_amount_minor !== undefined) {\n payload.allowance_amount_minor = positiveInteger(input.allowance_amount_minor, \"allowance_amount_minor\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectPaymentRequirement>(\"POST\", \"/sdrp/direct-payments/requirements\", payload);\n }\n\n async getPaymentRequirement(requirement_id: string): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"GET\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}`,\n );\n }\n\n async verifyPaymentRequirement(\n requirement_id: string,\n input: DirectPaymentVerifyInput,\n ): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"POST\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}/verify`,\n input,\n );\n }\n\n async executePreparedTransaction(\n payload: Web3PreparedTransactionExecutePayload,\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.request<Web3PreparedTransactionExecuteResult>(\n \"POST\",\n \"/market/web3/transactions/execute-prepared\",\n payload,\n );\n }\n\n async executePaymentTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildPaymentExecutionPayload(requirement, options));\n }\n\n async executeAllowanceTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildAllowanceExecutionPayload(requirement, options));\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string | undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport class DirectRequestPaymentMerchantClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_MERCHANT_AUTH_TOKEN\") ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A merchant Siglume bearer token is required for Direct Request Payment merchant setup. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.0\";\n this.fetch_impl = fetchImpl;\n }\n\n async setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n billing_plan: normalizeBillingPlan(input.billing_plan ?? \"launch\"),\n billing_currency: normalizeCurrency(input.billing_currency ?? \"JPY\"),\n };\n if (input.display_name !== undefined) {\n payload.display_name = requireNonEmpty(input.display_name, \"display_name\");\n }\n if (input.allowed_currencies !== undefined) {\n payload.allowed_currencies = normalizeAllowedCurrencies(input.allowed_currencies);\n }\n if (input.webhook_callback_url !== undefined) {\n payload.webhook_callback_url = requireNonEmpty(input.webhook_callback_url, \"webhook_callback_url\");\n }\n if (input.billing_mandate_cap_minor !== undefined) {\n payload.billing_mandate_cap_minor = positiveInteger(input.billing_mandate_cap_minor, \"billing_mandate_cap_minor\");\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n if (input.checkout_allowed_origins !== undefined) {\n payload.checkout_allowed_origins = normalizeOriginList(input.checkout_allowed_origins);\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\"POST\", \"/sdrp/direct-payments/merchants\", payload);\n }\n\n /**\n * Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web\n * shoppers). Siglume authors the challenge server-side, persists a single-use\n * expiring session, and returns a `checkout_url`. Redirect the shopper there;\n * they log into Siglume, approve, and pay from their own wallet, then return\n * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook\n * (the source of truth), exactly as with the agent flow.\n *\n * `success_url`/`cancel_url` must be on an origin you registered via\n * `checkout_allowed_origins` (or your `webhook_callback_url` origin).\n */\n async createCheckoutSession(input: HostedCheckoutSessionCreateInput): Promise<HostedCheckoutSessionCreateResult> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n nonce: requireNonEmpty(input.nonce, \"nonce\"),\n success_url: requireNonEmpty(input.success_url, \"success_url\"),\n cancel_url: requireNonEmpty(input.cancel_url, \"cancel_url\"),\n };\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<HostedCheckoutSessionCreateResult>(\n \"POST\",\n \"/sdrp/direct-payments/checkout-sessions\",\n payload,\n );\n }\n\n /** Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). */\n async getCheckoutSession(session_id: string): Promise<HostedCheckoutSession> {\n return this.request<HostedCheckoutSession>(\n \"GET\",\n `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, \"session_id\"))}`,\n );\n }\n\n async getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"GET\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}`,\n );\n }\n\n async rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/challenge-secret/rotate`,\n );\n }\n\n async prepareBillingMandate(\n merchant: string,\n input: DirectRequestPaymentMerchantBillingMandateInput = {},\n ): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {};\n if (input.currency !== undefined) {\n payload.currency = normalizeCurrency(input.currency);\n }\n if (input.billing_currency !== undefined) {\n payload.billing_currency = normalizeCurrency(input.billing_currency);\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/billing-mandate`,\n payload,\n );\n }\n\n async createWebhookSubscription(\n input: DirectRequestPaymentWebhookSubscriptionInput,\n ): Promise<DirectRequestPaymentWebhookSubscription> {\n const payload: Record<string, unknown> = {\n callback_url: requireNonEmpty(input.callback_url, \"callback_url\"),\n event_types: input.event_types?.length\n ? input.event_types.map((eventType) => requireNonEmpty(eventType, \"event_type\"))\n : [\"direct_payment.confirmed\", \"direct_payment.spent\"],\n };\n if (input.description !== undefined) {\n payload.description = requireNonEmpty(input.description, \"description\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectRequestPaymentWebhookSubscription>(\"POST\", \"/market/webhooks/subscriptions\", payload);\n }\n\n async setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult> {\n const merchant = await this.setupMerchant(input);\n const merchantKey = merchant.merchant_account.merchant;\n const billing_mandate = input.prepare_billing_mandate === false\n ? null\n : await this.prepareBillingMandate(merchantKey, {\n billing_currency: merchant.merchant_account.billing_currency ?? input.billing_currency ?? \"JPY\",\n max_amount_minor: input.max_amount_minor ?? input.billing_mandate_cap_minor,\n });\n const shouldCreateWebhook = input.create_webhook_subscription ?? Boolean(input.webhook_callback_url);\n const webhook_subscription = shouldCreateWebhook && input.webhook_callback_url\n ? await this.createWebhookSubscription({\n callback_url: input.webhook_callback_url,\n description: input.webhook_description ?? `${merchantKey} Direct Request Payment`,\n event_types: input.webhook_event_types,\n metadata: { merchant: merchantKey, sdk: \"@siglume/direct-request-payment\" },\n })\n : null;\n const env: Record<string, string> = {\n SIGLUME_DIRECT_PAYMENT_MERCHANT: merchantKey,\n };\n if (merchant.challenge_secret) {\n env.SIGLUME_DIRECT_PAYMENT_CHALLENGE_SECRET = merchant.challenge_secret;\n }\n const webhookSecret = stringOrNull(webhook_subscription?.signing_secret);\n if (webhookSecret) {\n env.SIGLUME_WEBHOOK_SECRET = webhookSecret;\n }\n return { merchant, billing_mandate, webhook_subscription, env };\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string | undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport async function createDirectRequestPaymentChallenge(\n input: DirectRequestPaymentChallengeInput,\n): Promise<DirectRequestPaymentChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = normalizeChallengeNonce(input.nonce);\n const material = `${merchant}:${amount}:${currency}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport function parseDirectRequestPaymentChallenge(challenge: string): ParsedDirectRequestPaymentChallenge {\n const parts = requireNonEmpty(challenge, \"challenge\").split(\":\");\n if (parts.length !== 3) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge must be scheme:nonce:signature.\");\n }\n const [scheme, nonce, signature] = parts;\n if (!scheme || !nonce || !signature) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge is incomplete.\");\n }\n return { scheme, nonce, signature };\n}\n\n/** Merchant-side, ONE-TIME approval of a recurring authorization: amount +\n * currency + cadence are bound into the HMAC. Recurring charges afterwards\n * are deliberately challenge-free; the recurring authorization and the\n * buyer's mandate/budget caps are the per-charge integrity checks. Cadence\n * \"monthly\" = subscription, \"daily\" = scheduled autopay approval tag. */\nexport async function createDirectRequestPaymentRecurringChallenge(\n input: DirectRequestPaymentRecurringChallengeInput,\n): Promise<DirectRequestPaymentRecurringChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentRecurringChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentRecurringChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n cadence: DirectRequestPaymentRecurringCadence | string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = normalizeChallengeNonce(input.nonce);\n // MUST stay byte-identical to the server's\n // _external_402_recurring_challenge_signature — both sides change together.\n const material = `${merchant}:${amount}:${currency}:${cadence}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport async function verifyDirectRequestPaymentRecurringChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n cadence: DirectRequestPaymentRecurringCadence | string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentRecurringChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n cadence: input.cadence,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function verifyDirectRequestPaymentChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function directRequestPaymentChallengeHash(challenge: string): Promise<string> {\n return sha256Prefixed(requireNonEmpty(challenge, \"challenge\"));\n}\n\nexport async function directRequestPaymentRequestHash(input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency | string;\n challenge: string;\n}): Promise<string> {\n const material = `${normalizeMerchant(input.merchant)}${positiveInteger(input.amount_minor, \"amount_minor\")}${normalizeCurrency(input.currency)}${requireNonEmpty(input.challenge, \"challenge\")}`;\n return sha256Prefixed(material);\n}\n\nexport function buildPaymentExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n return buildPreparedTransactionExecutionPayload(requirement, requirement.transaction_request, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildAllowanceExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n const approveRequest = requirement.approve_transaction_request;\n if (!approveRequest || Object.keys(approveRequest).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"This payment requirement does not include an allowance approval transaction.\");\n }\n return buildPreparedTransactionExecutionPayload(requirement, approveRequest, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildPreparedTransactionExecutionPayload(\n requirement: DirectPaymentRequirement,\n transaction_request: Web3TransactionRequest,\n options: {\n receipt_kind: string;\n await_finality?: boolean;\n metadata?: Record<string, unknown>;\n },\n): Web3PreparedTransactionExecutePayload {\n const metadata = {\n ...(isRecord(transaction_request.metadata_jsonb) ? transaction_request.metadata_jsonb : {}),\n ...(options.metadata ?? {}),\n };\n return {\n transaction_request,\n receipt_kind: requireNonEmpty(options.receipt_kind, \"receipt_kind\"),\n reference_type: DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,\n reference_id: requirement.requirement_id,\n metadata,\n await_finality: Boolean(options.await_finality),\n };\n}\n\nexport async function computeWebhookSignature(\n signing_secret: string,\n body: Uint8Array | ArrayBuffer | string | Record<string, unknown>,\n options: { timestamp: number },\n): Promise<string> {\n if (!signing_secret) {\n throw new SiglumeWebhookSignatureError(\"SIGLUME webhook signing secret is required.\");\n }\n const timestamp = Math.trunc(options.timestamp);\n const bytes = bodyBytes(body);\n const prefix = new TextEncoder().encode(`${timestamp}.`);\n const payload = new Uint8Array(prefix.length + bytes.length);\n payload.set(prefix, 0);\n payload.set(bytes, prefix.length);\n return hmacSha256Hex(signing_secret, payload);\n}\n\nexport async function buildWebhookSignatureHeader(\n signing_secret: string,\n body: Uint8Array | ArrayBuffer | string | Record<string, unknown>,\n options: { timestamp?: number } = {},\n): Promise<string> {\n const timestamp = Math.trunc(options.timestamp ?? Date.now() / 1000);\n const signature = await computeWebhookSignature(signing_secret, body, { timestamp });\n return `t=${timestamp},v1=${signature}`;\n}\n\nexport async function verifyWebhookSignature(\n signing_secret: string,\n body: Uint8Array | ArrayBuffer | string | Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<WebhookSignatureVerification> {\n const { timestamp, signature } = parseSignatureHeader(signature_header);\n const toleranceSeconds = Math.max(1, Math.trunc(options.tolerance_seconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS));\n const nowSeconds = Math.trunc(options.now ?? Date.now() / 1000);\n if (Math.abs(nowSeconds - timestamp) > toleranceSeconds) {\n throw new SiglumeWebhookSignatureError(\"Webhook timestamp is outside the allowed tolerance window.\");\n }\n const expected = await computeWebhookSignature(signing_secret, body, { timestamp });\n if (!(await timingSafeEqualHex(expected, signature))) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature did not match.\");\n }\n return { timestamp, signature };\n}\n\nexport function parseDirectRequestPaymentWebhookEvent(payload: unknown): DirectRequestPaymentWebhookEvent {\n const event = requireRecord(payload, \"webhook event\");\n const data = requireRecord(event.data, \"webhook event data\");\n const parsed = {\n ...event,\n id: requireNonEmpty(stringOrNull(event.id) ?? \"\", \"webhook event id\"),\n type: requireNonEmpty(stringOrNull(event.type) ?? \"\", \"webhook event type\"),\n api_version: requireNonEmpty(stringOrNull(event.api_version) ?? \"\", \"webhook api_version\"),\n occurred_at: requireNonEmpty(stringOrNull(event.occurred_at) ?? \"\", \"webhook occurred_at\"),\n data: { ...data },\n } as DirectRequestPaymentWebhookEvent;\n if (parsed.type === \"direct_payment.confirmed\" && parsed.data.mode !== DIRECT_REQUEST_PAYMENT_MODE) {\n throw new SiglumeWebhookPayloadError(\"direct_payment.confirmed webhook must carry data.mode='external_402'.\");\n }\n return parsed;\n}\n\nexport async function verifyDirectRequestPaymentWebhook(\n signing_secret: string,\n body: Uint8Array | ArrayBuffer | string | Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<{ event: DirectRequestPaymentWebhookEvent; verification: WebhookSignatureVerification }> {\n const verification = await verifyWebhookSignature(signing_secret, body, signature_header, options);\n const text = new TextDecoder().decode(bodyBytes(body));\n let parsed: unknown;\n try {\n parsed = JSON.parse(text);\n } catch (error) {\n throw new SiglumeWebhookPayloadError(\"Webhook body must contain valid JSON.\");\n }\n return { event: parseDirectRequestPaymentWebhookEvent(parsed), verification };\n}\n\nexport const createExternal402Challenge = createDirectRequestPaymentChallenge;\nexport const verifyExternal402Challenge = verifyDirectRequestPaymentChallenge;\nexport const createExternal402RecurringChallenge = createDirectRequestPaymentRecurringChallenge;\nexport const verifyExternal402RecurringChallenge = verifyDirectRequestPaymentRecurringChallenge;\n\nfunction normalizeMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9._-]{0,95}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be a lowercase key using letters, numbers, dot, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeSelfServiceMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9_-]{2,63}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be 3-64 chars using lowercase letters, numbers, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeBillingPlan(value: string): DirectRequestPaymentBillingPlan {\n const plan = requireNonEmpty(value, \"billing_plan\").toLowerCase();\n if (plan === \"launch\" || plan === \"free\" || plan === \"starter\" || plan === \"growth\" || plan === \"pro\") {\n return plan;\n }\n throw new SiglumeDirectRequestPaymentError(\"billing_plan must be launch, starter, growth, or pro.\");\n}\n\nfunction normalizeCurrency(value: string): DirectRequestPaymentCurrency {\n const currency = requireNonEmpty(value, \"currency\").toUpperCase();\n if (currency !== \"JPY\" && currency !== \"USD\") {\n throw new SiglumeDirectRequestPaymentError(\"currency must be JPY or USD.\");\n }\n return currency;\n}\n\nfunction normalizeToken(value: string): DirectRequestPaymentToken {\n const token = requireNonEmpty(value, \"token_symbol\").toUpperCase();\n if (token !== \"JPYC\" && token !== \"USDC\") {\n throw new SiglumeDirectRequestPaymentError(\"token_symbol must be JPYC or USDC.\");\n }\n return token;\n}\n\nfunction normalizeAllowedCurrencies(value: Record<string, string> | Array<DirectRequestPaymentCurrency | string>): Record<string, string> {\n const normalized: Record<string, string> = {};\n if (Array.isArray(value)) {\n for (const item of value) {\n const currency = normalizeCurrency(item);\n normalized[currency] = defaultTokenForCurrency(currency);\n }\n } else if (isRecord(value)) {\n for (const [rawCurrency, rawToken] of Object.entries(value)) {\n normalized[normalizeCurrency(rawCurrency)] = normalizeToken(String(rawToken));\n }\n } else {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must be an array or a currency-to-token object.\");\n }\n if (Object.keys(normalized).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must include at least one currency.\");\n }\n return normalized;\n}\n\nfunction defaultTokenForCurrency(currency: DirectRequestPaymentCurrency): DirectRequestPaymentToken {\n return currency === \"JPY\" ? \"JPYC\" : \"USDC\";\n}\n\nfunction normalizeOriginList(value: string[]): string[] {\n if (!Array.isArray(value)) {\n throw new SiglumeDirectRequestPaymentError(\"checkout_allowed_origins must be an array of origin URLs.\");\n }\n const seen = new Set<string>();\n const origins: string[] = [];\n for (const item of value) {\n let url: URL;\n try {\n url = new URL(requireNonEmpty(String(item), \"checkout_allowed_origins entry\"));\n } catch {\n throw new SiglumeDirectRequestPaymentError(\n \"each checkout_allowed_origins entry must be an absolute origin such as https://shop.example.com.\",\n );\n }\n const origin = `${url.protocol.toLowerCase()}//${url.host.toLowerCase()}`;\n if (!seen.has(origin)) {\n seen.add(origin);\n origins.push(origin);\n }\n }\n return origins;\n}\n\nfunction positiveInteger(value: number, name: string): number {\n const parsed = Number(value);\n if (!Number.isSafeInteger(parsed) || parsed <= 0) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a positive safe integer.`);\n }\n return parsed;\n}\n\nfunction requireNonEmpty(value: string, name: string): string {\n const text = String(value ?? \"\").trim();\n if (!text) {\n throw new SiglumeDirectRequestPaymentError(`${name} is required.`);\n }\n return text;\n}\n\nfunction normalizeChallengeNonce(value: string): string {\n const nonce = requireNonEmpty(value, \"nonce\");\n if (nonce.includes(\":\")) {\n throw new SiglumeDirectRequestPaymentError(\"nonce must not contain ':'.\");\n }\n return nonce;\n}\n\nfunction normalizeRecurringCadence(value: string): DirectRequestPaymentRecurringCadence {\n const cadence = requireNonEmpty(value, \"cadence\").toLowerCase();\n if (cadence !== \"monthly\" && cadence !== \"daily\") {\n throw new SiglumeDirectRequestPaymentError(\n 'cadence must be \"monthly\" (subscription) or \"daily\" (scheduled autopay).',\n );\n }\n return cadence;\n}\n\nfunction cloneJsonObject(value: Record<string, unknown>, name: string): Record<string, unknown> {\n try {\n const cloned = JSON.parse(JSON.stringify(value)) as unknown;\n if (!isRecord(cloned)) {\n throw new Error(\"not an object\");\n }\n return cloned;\n } catch (error) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a JSON-serializable object.`);\n }\n}\n\nfunction parseJson(rawText: string): unknown {\n try {\n return JSON.parse(rawText);\n } catch (error) {\n throw new SiglumeApiError(\"Siglume API returned invalid JSON.\", {\n status: 502,\n code: \"INVALID_JSON_RESPONSE\",\n data: rawText,\n });\n }\n}\n\nfunction stringOrNull(value: unknown): string | null {\n if (typeof value !== \"string\") {\n return null;\n }\n const text = value.trim();\n return text ? text : null;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction requireRecord(value: unknown, name: string): Record<string, unknown> {\n if (!isRecord(value)) {\n throw new SiglumeWebhookPayloadError(`${name} must be an object.`);\n }\n return value;\n}\n\nfunction envValue(name: string): string | undefined {\n if (typeof process === \"undefined\") {\n return undefined;\n }\n const value = process.env[name];\n return value && value.trim() ? value.trim() : undefined;\n}\n\nfunction bodyBytes(body: Uint8Array | ArrayBuffer | string | Record<string, unknown>): Uint8Array {\n if (body instanceof Uint8Array) {\n return body;\n }\n if (body instanceof ArrayBuffer) {\n return new Uint8Array(body);\n }\n if (typeof body === \"string\") {\n return new TextEncoder().encode(body);\n }\n if (isRecord(body)) {\n return new TextEncoder().encode(JSON.stringify(body));\n }\n throw new SiglumeWebhookPayloadError(\"Webhook body must be raw bytes, a string, or a JSON object.\");\n}\n\nfunction parseSignatureHeader(signatureHeader: string): { timestamp: number; signature: string } {\n let timestamp: number | null = null;\n let signature: string | null = null;\n for (const item of String(signatureHeader ?? \"\").split(\",\")) {\n const [key, value] = item.trim().split(\"=\", 2);\n if (key === \"t\") {\n const parsed = Number.parseInt(value ?? \"\", 10);\n if (!Number.isFinite(parsed)) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature timestamp is invalid.\");\n }\n timestamp = parsed;\n }\n if (key === \"v1\") {\n signature = String(value ?? \"\").trim();\n }\n }\n if (timestamp === null || !signature) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature header is incomplete.\");\n }\n return { timestamp, signature };\n}\n\nasync function randomNonce(): Promise<string> {\n if (globalThis.crypto?.randomUUID) {\n return globalThis.crypto.randomUUID();\n }\n const bytes = new Uint8Array(16);\n if (globalThis.crypto?.getRandomValues) {\n globalThis.crypto.getRandomValues(bytes);\n } else if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n bytes.set(crypto.randomBytes(16));\n } else {\n throw new SiglumeDirectRequestPaymentError(\"Crypto random number generation is unavailable in this runtime.\");\n }\n return bytesToHex(bytes);\n}\n\nasync function hmacSha256Hex(secret: string, payload: Uint8Array): Promise<string> {\n if (globalThis.crypto?.subtle) {\n const stablePayload = new Uint8Array(payload.byteLength);\n stablePayload.set(payload);\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n );\n const digest = await globalThis.crypto.subtle.sign(\"HMAC\", key, stablePayload);\n return bytesToHex(new Uint8Array(digest));\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return crypto.createHmac(\"sha256\", secret).update(Buffer.from(payload)).digest(\"hex\");\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for HMAC-SHA256 in this runtime.\");\n}\n\nasync function sha256Prefixed(material: string): Promise<string> {\n const bytes = new TextEncoder().encode(material);\n if (globalThis.crypto?.subtle) {\n const digest = await globalThis.crypto.subtle.digest(\"SHA-256\", bytes);\n return `sha256:${bytesToHex(new Uint8Array(digest))}`;\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return `sha256:${crypto.createHash(\"sha256\").update(Buffer.from(bytes)).digest(\"hex\")}`;\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for SHA-256 in this runtime.\");\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return [...bytes].map((item) => item.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\nfunction hexToBytes(hex: string): Uint8Array {\n const normalized = String(hex ?? \"\").trim().toLowerCase();\n if (normalized.length % 2 !== 0 || !/^[0-9a-f]*$/.test(normalized)) {\n throw new SiglumeWebhookSignatureError(\"Hex digest is invalid.\");\n }\n const bytes = new Uint8Array(normalized.length / 2);\n for (let index = 0; index < normalized.length; index += 2) {\n bytes[index / 2] = Number.parseInt(normalized.slice(index, index + 2), 16);\n }\n return bytes;\n}\n\nasync function timingSafeEqualHex(left: string, right: string): Promise<boolean> {\n const leftBytes = hexToBytes(left);\n const rightBytes = hexToBytes(right);\n if (leftBytes.length !== rightBytes.length) {\n return false;\n }\n let diff = 0;\n for (let index = 0; index < leftBytes.length; index += 1) {\n diff |= leftBytes[index]! ^ rightBytes[index]!;\n }\n return diff === 0;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,IAAM,2BAA2B;AACjC,IAAM,0CAA0C;AAIhD,IAAM,oDAAoD;AAC1D,IAAM,8BAA8B;AACpC,IAAM,sCAAsC;AAC5C,IAAM,gDAAgD;AACtD,IAAM,wCAAwC;AAC9C,IAAM,oCAAoC;AAyS1C,IAAM,mCAAN,cAA+C,MAAM;AAAA,EAC1D,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,iCAAiC;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,SAA4D;AACvF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS,QAAQ;AACtB,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAEO,IAAM,+BAAN,cAA2C,iCAAiC;AAAA,EACjF,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,cAAyC,iCAAiC;AAAA,EAC/E,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,MAAiC;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,oBAAoB;AACrE,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,yBAAyB,OAA+E;AAC5G,UAAM,UAAmC;AAAA,MACvC,MAAM;AAAA,MACN,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,WAAW,gBAAgB,MAAM,WAAW,WAAW;AAAA,IACzD;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,eAAe,MAAM,YAAY;AAAA,IAC1D;AACA,QAAI,MAAM,2BAA2B,QAAW;AAC9C,cAAQ,yBAAyB,gBAAgB,MAAM,wBAAwB,wBAAwB;AAAA,IACzG;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAkC,QAAQ,sCAAsC,OAAO;AAAA,EACrG;AAAA,EAEA,MAAM,sBAAsB,gBAA2D;AACrF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,IAC7G;AAAA,EACF;AAAA,EAEA,MAAM,yBACJ,gBACA,OACmC;AACnC,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,MAC3G;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,SAC+C;AAC/C,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,6BAA6B,aAAa,OAAO,CAAC;AAAA,EAC3F;AAAA,EAEA,MAAM,4BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,+BAA+B,aAAa,OAAO,CAAC;AAAA,EAC7F;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,qCAAN,MAAyC;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,6BAA6B,KAAK,SAAS,oBAAoB;AAChH,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,OAA8F;AAChH,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,qBAAqB,MAAM,gBAAgB,QAAQ;AAAA,MACjE,kBAAkB,kBAAkB,MAAM,oBAAoB,KAAK;AAAA,IACrE;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,gBAAgB,MAAM,cAAc,cAAc;AAAA,IAC3E;AACA,QAAI,MAAM,uBAAuB,QAAW;AAC1C,cAAQ,qBAAqB,2BAA2B,MAAM,kBAAkB;AAAA,IAClF;AACA,QAAI,MAAM,yBAAyB,QAAW;AAC5C,cAAQ,uBAAuB,gBAAgB,MAAM,sBAAsB,sBAAsB;AAAA,IACnG;AACA,QAAI,MAAM,8BAA8B,QAAW;AACjD,cAAQ,4BAA4B,gBAAgB,MAAM,2BAA2B,2BAA2B;AAAA,IAClH;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,QAAI,MAAM,6BAA6B,QAAW;AAChD,cAAQ,2BAA2B,oBAAoB,MAAM,wBAAwB;AAAA,IACvF;AACA,WAAO,KAAK,QAA8C,QAAQ,mCAAmC,OAAO;AAAA,EAC9G;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,sBAAsB,OAAqF;AAC/G,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,OAAO,gBAAgB,MAAM,OAAO,OAAO;AAAA,MAC3C,aAAa,gBAAgB,MAAM,aAAa,aAAa;AAAA,MAC7D,YAAY,gBAAgB,MAAM,YAAY,YAAY;AAAA,IAC5D;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,mBAAmB,YAAoD;AAC3E,WAAO,KAAK;AAAA,MACV;AAAA,MACA,2CAA2C,mBAAmB,gBAAgB,YAAY,YAAY,CAAC,CAAC;AAAA,IAC1G;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAiE;AACjF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,UAAiE;AAC3F,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,UACA,QAAyD,CAAC,GACX;AAC/C,UAAM,UAAmC,CAAC;AAC1C,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,kBAAkB,MAAM,QAAQ;AAAA,IACrD;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,kBAAkB,MAAM,gBAAgB;AAAA,IACrE;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,MAC7F;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,OACkD;AAClD,UAAM,UAAmC;AAAA,MACvC,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,aAAa,MAAM,aAAa,SAC5B,MAAM,YAAY,IAAI,CAAC,cAAc,gBAAgB,WAAW,YAAY,CAAC,IAC7E,CAAC,4BAA4B,sBAAsB;AAAA,IACzD;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,cAAQ,cAAc,gBAAgB,MAAM,aAAa,aAAa;AAAA,IACxE;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAiD,QAAQ,kCAAkC,OAAO;AAAA,EAChH;AAAA,EAEA,MAAM,cAAc,OAAiG;AACnH,UAAM,WAAW,MAAM,KAAK,cAAc,KAAK;AAC/C,UAAM,cAAc,SAAS,iBAAiB;AAC9C,UAAM,kBAAkB,MAAM,4BAA4B,QACtD,OACA,MAAM,KAAK,sBAAsB,aAAa;AAAA,MAC9C,kBAAkB,SAAS,iBAAiB,oBAAoB,MAAM,oBAAoB;AAAA,MAC1F,kBAAkB,MAAM,oBAAoB,MAAM;AAAA,IACpD,CAAC;AACH,UAAM,sBAAsB,MAAM,+BAA+B,QAAQ,MAAM,oBAAoB;AACnG,UAAM,uBAAuB,uBAAuB,MAAM,uBACtD,MAAM,KAAK,0BAA0B;AAAA,MACrC,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM,uBAAuB,GAAG,WAAW;AAAA,MACxD,aAAa,MAAM;AAAA,MACnB,UAAU,EAAE,UAAU,aAAa,KAAK,kCAAkC;AAAA,IAC5E,CAAC,IACC;AACJ,UAAM,MAA8B;AAAA,MAClC,iCAAiC;AAAA,IACnC;AACA,QAAI,SAAS,kBAAkB;AAC7B,UAAI,0CAA0C,SAAS;AAAA,IACzD;AACA,UAAM,gBAAgB,aAAa,sBAAsB,cAAc;AACvE,QAAI,eAAe;AACjB,UAAI,yBAAyB;AAAA,IAC/B;AACA,WAAO,EAAE,UAAU,iBAAiB,sBAAsB,IAAI;AAAA,EAChE;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEA,eAAsB,oCACpB,OACwC;AACxC,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,6CAA6C,MAAM,QAAQ;AAAA,IACjF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,uCAAuC,IAAI,KAAK,IAAI,SAAS;AAClF,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,6CACpB,QACA,OAMiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AACjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,KAAK;AAC3D,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEO,SAAS,mCAAmC,WAAwD;AACzG,QAAM,QAAQ,gBAAgB,WAAW,WAAW,EAAE,MAAM,GAAG;AAC/D,MAAI,MAAM,WAAW,GAAG;AACtB,UAAM,IAAI,iCAAiC,kEAAkE;AAAA,EAC/G;AACA,QAAM,CAAC,QAAQ,OAAO,SAAS,IAAI;AACnC,MAAI,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW;AACnC,UAAM,IAAI,iCAAiC,iDAAiD;AAAA,EAC9F;AACA,SAAO,EAAE,QAAQ,OAAO,UAAU;AACpC;AAOA,eAAsB,6CACpB,OACiD;AACjD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,sDAAsD,MAAM,QAAQ;AAAA,IAC1F;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,iDAAiD,IAAI,KAAK,IAAI,SAAS;AAC5F,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,sDACpB,QACA,OAOiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AAGjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,OAAO,IAAI,KAAK;AACtE,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEA,eAAsB,6CACpB,QACA,OAOkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,mDAAmD;AACvE,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,sDAAsD,QAAQ;AAAA,IACnF,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,SAAS,MAAM;AAAA,IACf,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,oCACpB,QACA,OAMkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,yCAAyC;AAC7D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,6CAA6C,QAAQ;AAAA,IAC1E,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,kCAAkC,WAAoC;AAC1F,SAAO,eAAe,gBAAgB,WAAW,WAAW,CAAC;AAC/D;AAEA,eAAsB,gCAAgC,OAKlC;AAClB,QAAM,WAAW,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,cAAc,cAAc,CAAC,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,WAAW,WAAW,CAAC;AAC/L,SAAO,eAAe,QAAQ;AAChC;AAEO,SAAS,6BACd,aACA,UAA4E,CAAC,GACtC;AACvC,SAAO,yCAAyC,aAAa,YAAY,qBAAqB;AAAA,IAC5F,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,+BACd,aACA,UAA4E,CAAC,GACtC;AACvC,QAAM,iBAAiB,YAAY;AACnC,MAAI,CAAC,kBAAkB,OAAO,KAAK,cAAc,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,iCAAiC,8EAA8E;AAAA,EAC3H;AACA,SAAO,yCAAyC,aAAa,gBAAgB;AAAA,IAC3E,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,yCACd,aACA,qBACA,SAKuC;AACvC,QAAM,WAAW;AAAA,IACf,GAAI,SAAS,oBAAoB,cAAc,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,IACzF,GAAI,QAAQ,YAAY,CAAC;AAAA,EAC3B;AACA,SAAO;AAAA,IACL;AAAA,IACA,cAAc,gBAAgB,QAAQ,cAAc,cAAc;AAAA,IAClE,gBAAgB;AAAA,IAChB,cAAc,YAAY;AAAA,IAC1B;AAAA,IACA,gBAAgB,QAAQ,QAAQ,cAAc;AAAA,EAChD;AACF;AAEA,eAAsB,wBACpB,gBACA,MACA,SACiB;AACjB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,6BAA6B,6CAA6C;AAAA,EACtF;AACA,QAAM,YAAY,KAAK,MAAM,QAAQ,SAAS;AAC9C,QAAM,QAAQ,UAAU,IAAI;AAC5B,QAAM,SAAS,IAAI,YAAY,EAAE,OAAO,GAAG,SAAS,GAAG;AACvD,QAAM,UAAU,IAAI,WAAW,OAAO,SAAS,MAAM,MAAM;AAC3D,UAAQ,IAAI,QAAQ,CAAC;AACrB,UAAQ,IAAI,OAAO,OAAO,MAAM;AAChC,SAAO,cAAc,gBAAgB,OAAO;AAC9C;AAEA,eAAsB,4BACpB,gBACA,MACA,UAAkC,CAAC,GAClB;AACjB,QAAM,YAAY,KAAK,MAAM,QAAQ,aAAa,KAAK,IAAI,IAAI,GAAI;AACnE,QAAM,YAAY,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AACnF,SAAO,KAAK,SAAS,OAAO,SAAS;AACvC;AAEA,eAAsB,uBACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GAClB;AACvC,QAAM,EAAE,WAAW,UAAU,IAAI,qBAAqB,gBAAgB;AACtE,QAAM,mBAAmB,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,qBAAqB,iCAAiC,CAAC;AAC/G,QAAM,aAAa,KAAK,MAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAI;AAC9D,MAAI,KAAK,IAAI,aAAa,SAAS,IAAI,kBAAkB;AACvD,UAAM,IAAI,6BAA6B,4DAA4D;AAAA,EACrG;AACA,QAAM,WAAW,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AAClF,MAAI,CAAE,MAAM,mBAAmB,UAAU,SAAS,GAAI;AACpD,UAAM,IAAI,6BAA6B,kCAAkC;AAAA,EAC3E;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEO,SAAS,sCAAsC,SAAoD;AACxG,QAAM,QAAQ,cAAc,SAAS,eAAe;AACpD,QAAM,OAAO,cAAc,MAAM,MAAM,oBAAoB;AAC3D,QAAM,SAAS;AAAA,IACb,GAAG;AAAA,IACH,IAAI,gBAAgB,aAAa,MAAM,EAAE,KAAK,IAAI,kBAAkB;AAAA,IACpE,MAAM,gBAAgB,aAAa,MAAM,IAAI,KAAK,IAAI,oBAAoB;AAAA,IAC1E,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,MAAM,EAAE,GAAG,KAAK;AAAA,EAClB;AACA,MAAI,OAAO,SAAS,8BAA8B,OAAO,KAAK,SAAS,6BAA6B;AAClG,UAAM,IAAI,2BAA2B,uEAAuE;AAAA,EAC9G;AACA,SAAO;AACT;AAEA,eAAsB,kCACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GACyC;AAClG,QAAM,eAAe,MAAM,uBAAuB,gBAAgB,MAAM,kBAAkB,OAAO;AACjG,QAAM,OAAO,IAAI,YAAY,EAAE,OAAO,UAAU,IAAI,CAAC;AACrD,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,SAAS,OAAO;AACd,UAAM,IAAI,2BAA2B,uCAAuC;AAAA,EAC9E;AACA,SAAO,EAAE,OAAO,sCAAsC,MAAM,GAAG,aAAa;AAC9E;AAEO,IAAM,6BAA6B;AACnC,IAAM,6BAA6B;AACnC,IAAM,sCAAsC;AAC5C,IAAM,sCAAsC;AAEnD,SAAS,kBAAkB,OAAuB;AAChD,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,8BAA8B,KAAK,QAAQ,GAAG;AACjD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,6BAA6B,OAAuB;AAC3D,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,6BAA6B,KAAK,QAAQ,GAAG;AAChD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,OAAgD;AAC5E,QAAM,OAAO,gBAAgB,OAAO,cAAc,EAAE,YAAY;AAChE,MAAI,SAAS,YAAY,SAAS,UAAU,SAAS,aAAa,SAAS,YAAY,SAAS,OAAO;AACrG,WAAO;AAAA,EACT;AACA,QAAM,IAAI,iCAAiC,uDAAuD;AACpG;AAEA,SAAS,kBAAkB,OAA6C;AACtE,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,aAAa,SAAS,aAAa,OAAO;AAC5C,UAAM,IAAI,iCAAiC,8BAA8B;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,SAAS,eAAe,OAA0C;AAChE,QAAM,QAAQ,gBAAgB,OAAO,cAAc,EAAE,YAAY;AACjE,MAAI,UAAU,UAAU,UAAU,QAAQ;AACxC,UAAM,IAAI,iCAAiC,oCAAoC;AAAA,EACjF;AACA,SAAO;AACT;AAEA,SAAS,2BAA2B,OAAsG;AACxI,QAAM,aAAqC,CAAC;AAC5C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,kBAAkB,IAAI;AACvC,iBAAW,QAAQ,IAAI,wBAAwB,QAAQ;AAAA,IACzD;AAAA,EACF,WAAW,SAAS,KAAK,GAAG;AAC1B,eAAW,CAAC,aAAa,QAAQ,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,iBAAW,kBAAkB,WAAW,CAAC,IAAI,eAAe,OAAO,QAAQ,CAAC;AAAA,IAC9E;AAAA,EACF,OAAO;AACL,UAAM,IAAI,iCAAiC,oEAAoE;AAAA,EACjH;AACA,MAAI,OAAO,KAAK,UAAU,EAAE,WAAW,GAAG;AACxC,UAAM,IAAI,iCAAiC,wDAAwD;AAAA,EACrG;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,UAAmE;AAClG,SAAO,aAAa,QAAQ,SAAS;AACvC;AAEA,SAAS,oBAAoB,OAA2B;AACtD,MAAI,CAAC,MAAM,QAAQ,KAAK,GAAG;AACzB,UAAM,IAAI,iCAAiC,2DAA2D;AAAA,EACxG;AACA,QAAM,OAAO,oBAAI,IAAY;AAC7B,QAAM,UAAoB,CAAC;AAC3B,aAAW,QAAQ,OAAO;AACxB,QAAI;AACJ,QAAI;AACF,YAAM,IAAI,IAAI,gBAAgB,OAAO,IAAI,GAAG,gCAAgC,CAAC;AAAA,IAC/E,QAAQ;AACN,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,SAAS,GAAG,IAAI,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,YAAY,CAAC;AACvE,QAAI,CAAC,KAAK,IAAI,MAAM,GAAG;AACrB,WAAK,IAAI,MAAM;AACf,cAAQ,KAAK,MAAM;AAAA,IACrB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,SAAS,OAAO,KAAK;AAC3B,MAAI,CAAC,OAAO,cAAc,MAAM,KAAK,UAAU,GAAG;AAChD,UAAM,IAAI,iCAAiC,GAAG,IAAI,mCAAmC;AAAA,EACvF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,OAAO,OAAO,SAAS,EAAE,EAAE,KAAK;AACtC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,iCAAiC,GAAG,IAAI,eAAe;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,OAAuB;AACtD,QAAM,QAAQ,gBAAgB,OAAO,OAAO;AAC5C,MAAI,MAAM,SAAS,GAAG,GAAG;AACvB,UAAM,IAAI,iCAAiC,6BAA6B;AAAA,EAC1E;AACA,SAAO;AACT;AAEA,SAAS,0BAA0B,OAAqD;AACtF,QAAM,UAAU,gBAAgB,OAAO,SAAS,EAAE,YAAY;AAC9D,MAAI,YAAY,aAAa,YAAY,SAAS;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAgC,MAAuC;AAC9F,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,KAAK,UAAU,KAAK,CAAC;AAC/C,QAAI,CAAC,SAAS,MAAM,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IACjC;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,iCAAiC,GAAG,IAAI,sCAAsC;AAAA,EAC1F;AACF;AAEA,SAAS,UAAU,SAA0B;AAC3C,MAAI;AACF,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sCAAsC;AAAA,MAC9D,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AACF;AAEA,SAAS,aAAa,OAA+B;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK;AACxB,SAAO,OAAO,OAAO;AACvB;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,cAAc,OAAgB,MAAuC;AAC5E,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,2BAA2B,GAAG,IAAI,qBAAqB;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,SAAS,MAAkC;AAClD,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,QAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,SAAO,SAAS,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AAChD;AAEA,SAAS,UAAU,MAA+E;AAChG,MAAI,gBAAgB,YAAY;AAC9B,WAAO;AAAA,EACT;AACA,MAAI,gBAAgB,aAAa;AAC/B,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AACA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO,IAAI,YAAY,EAAE,OAAO,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,IAAI,GAAG;AAClB,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,IAAI,CAAC;AAAA,EACtD;AACA,QAAM,IAAI,2BAA2B,6DAA6D;AACpG;AAEA,SAAS,qBAAqB,iBAAmE;AAC/F,MAAI,YAA2B;AAC/B,MAAI,YAA2B;AAC/B,aAAW,QAAQ,OAAO,mBAAmB,EAAE,EAAE,MAAM,GAAG,GAAG;AAC3D,UAAM,CAAC,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE,MAAM,KAAK,CAAC;AAC7C,QAAI,QAAQ,KAAK;AACf,YAAM,SAAS,OAAO,SAAS,SAAS,IAAI,EAAE;AAC9C,UAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,cAAM,IAAI,6BAA6B,yCAAyC;AAAA,MAClF;AACA,kBAAY;AAAA,IACd;AACA,QAAI,QAAQ,MAAM;AAChB,kBAAY,OAAO,SAAS,EAAE,EAAE,KAAK;AAAA,IACvC;AAAA,EACF;AACA,MAAI,cAAc,QAAQ,CAAC,WAAW;AACpC,UAAM,IAAI,6BAA6B,yCAAyC;AAAA,EAClF;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEA,eAAe,cAA+B;AAC5C,MAAI,WAAW,QAAQ,YAAY;AACjC,WAAO,WAAW,OAAO,WAAW;AAAA,EACtC;AACA,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,MAAI,WAAW,QAAQ,iBAAiB;AACtC,eAAW,OAAO,gBAAgB,KAAK;AAAA,EACzC,WAAW,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AACnE,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,UAAM,IAAI,OAAO,YAAY,EAAE,CAAC;AAAA,EAClC,OAAO;AACL,UAAM,IAAI,iCAAiC,iEAAiE;AAAA,EAC9G;AACA,SAAO,WAAW,KAAK;AACzB;AAEA,eAAe,cAAc,QAAgB,SAAsC;AACjF,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,gBAAgB,IAAI,WAAW,QAAQ,UAAU;AACvD,kBAAc,IAAI,OAAO;AACzB,UAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,MACzC;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,MAAM;AAAA,MAC/B,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,MAChC;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AACA,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,aAAa;AAC7E,WAAO,WAAW,IAAI,WAAW,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,KAAK,OAAO,CAAC,EAAE,OAAO,KAAK;AAAA,EACtF;AACA,QAAM,IAAI,iCAAiC,yDAAyD;AACtG;AAEA,eAAe,eAAe,UAAmC;AAC/D,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,QAAQ;AAC/C,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,OAAO,WAAW,KAAK;AACrE,WAAO,UAAU,WAAW,IAAI,WAAW,MAAM,CAAC,CAAC;AAAA,EACrD;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,UAAU,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;AAAA,EACvF;AACA,QAAM,IAAI,iCAAiC,qDAAqD;AAClG;AAEA,SAAS,WAAW,OAA2B;AAC7C,SAAO,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE;AAC7E;AAEA,SAAS,WAAW,KAAyB;AAC3C,QAAM,aAAa,OAAO,OAAO,EAAE,EAAE,KAAK,EAAE,YAAY;AACxD,MAAI,WAAW,SAAS,MAAM,KAAK,CAAC,cAAc,KAAK,UAAU,GAAG;AAClE,UAAM,IAAI,6BAA6B,wBAAwB;AAAA,EACjE;AACA,QAAM,QAAQ,IAAI,WAAW,WAAW,SAAS,CAAC;AAClD,WAAS,QAAQ,GAAG,QAAQ,WAAW,QAAQ,SAAS,GAAG;AACzD,UAAM,QAAQ,CAAC,IAAI,OAAO,SAAS,WAAW,MAAM,OAAO,QAAQ,CAAC,GAAG,EAAE;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,eAAe,mBAAmB,MAAc,OAAiC;AAC/E,QAAM,YAAY,WAAW,IAAI;AACjC,QAAM,aAAa,WAAW,KAAK;AACnC,MAAI,UAAU,WAAW,WAAW,QAAQ;AAC1C,WAAO;AAAA,EACT;AACA,MAAI,OAAO;AACX,WAAS,QAAQ,GAAG,QAAQ,UAAU,QAAQ,SAAS,GAAG;AACxD,YAAQ,UAAU,KAAK,IAAK,WAAW,KAAK;AAAA,EAC9C;AACA,SAAO,SAAS;AAClB;","names":[]}
package/dist/index.d.cts CHANGED
@@ -162,6 +162,42 @@ interface DirectRequestPaymentMerchantSetupInput {
162
162
  webhook_callback_url?: string;
163
163
  billing_mandate_cap_minor?: number;
164
164
  max_amount_minor?: number;
165
+ checkout_allowed_origins?: string[];
166
+ }
167
+ interface HostedCheckoutSessionCreateInput {
168
+ merchant: string;
169
+ amount_minor: number;
170
+ currency: DirectRequestPaymentCurrency | string;
171
+ nonce: string;
172
+ success_url: string;
173
+ cancel_url: string;
174
+ metadata?: Record<string, unknown>;
175
+ }
176
+ interface HostedCheckoutSessionCreateResult {
177
+ checkout_url: string;
178
+ session_id: string;
179
+ challenge_hash: string;
180
+ status?: string;
181
+ expires_at?: string | null;
182
+ }
183
+ interface HostedCheckoutSession {
184
+ session_id: string;
185
+ merchant: string;
186
+ currency: string;
187
+ token_symbol: string;
188
+ amount_minor: number;
189
+ status: string;
190
+ challenge_hash: string;
191
+ requirement_id?: string | null;
192
+ success_url: string;
193
+ cancel_url: string;
194
+ expires_at?: string | null;
195
+ authenticated_at?: string | null;
196
+ paid_at?: string | null;
197
+ cancelled_at?: string | null;
198
+ created_at?: string | null;
199
+ metadata_jsonb?: Record<string, unknown>;
200
+ [key: string]: unknown;
165
201
  }
166
202
  interface DirectRequestPaymentMerchantBillingMandateInput {
167
203
  currency?: DirectRequestPaymentCurrency | string;
@@ -281,6 +317,20 @@ declare class DirectRequestPaymentMerchantClient {
281
317
  private readonly fetch_impl;
282
318
  constructor(options?: DirectRequestPaymentClientOptions);
283
319
  setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse>;
320
+ /**
321
+ * Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web
322
+ * shoppers). Siglume authors the challenge server-side, persists a single-use
323
+ * expiring session, and returns a `checkout_url`. Redirect the shopper there;
324
+ * they log into Siglume, approve, and pay from their own wallet, then return
325
+ * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook
326
+ * (the source of truth), exactly as with the agent flow.
327
+ *
328
+ * `success_url`/`cancel_url` must be on an origin you registered via
329
+ * `checkout_allowed_origins` (or your `webhook_callback_url` origin).
330
+ */
331
+ createCheckoutSession(input: HostedCheckoutSessionCreateInput): Promise<HostedCheckoutSessionCreateResult>;
332
+ /** Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). */
333
+ getCheckoutSession(session_id: string): Promise<HostedCheckoutSession>;
284
334
  getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse>;
285
335
  rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse>;
286
336
  prepareBillingMandate(merchant: string, input?: DirectRequestPaymentMerchantBillingMandateInput): Promise<DirectRequestPaymentMerchantResponse>;
@@ -365,4 +415,4 @@ declare const verifyExternal402Challenge: typeof verifyDirectRequestPaymentChall
365
415
  declare const createExternal402RecurringChallenge: typeof createDirectRequestPaymentRecurringChallenge;
366
416
  declare const verifyExternal402RecurringChallenge: typeof verifyDirectRequestPaymentRecurringChallenge;
367
417
 
368
- export { DEFAULT_SIGLUME_API_BASE, DEFAULT_WEBHOOK_TOLERANCE_SECONDS, DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_MODE, DIRECT_REQUEST_PAYMENT_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE, type DirectPaymentRequirement, type DirectPaymentRequirementCreateInput, type DirectPaymentVerifyInput, type DirectRequestPaymentBillingPlan, type DirectRequestPaymentChallenge, type DirectRequestPaymentChallengeInput, type DirectRequestPaymentCheckoutSetupInput, type DirectRequestPaymentCheckoutSetupResult, DirectRequestPaymentClient, type DirectRequestPaymentClientOptions, type DirectRequestPaymentCurrency, type DirectRequestPaymentMerchantAccount, type DirectRequestPaymentMerchantBillingMandateInput, DirectRequestPaymentMerchantClient, type DirectRequestPaymentMerchantResponse, type DirectRequestPaymentMerchantSetupInput, type DirectRequestPaymentRecurringCadence, type DirectRequestPaymentRecurringChallenge, type DirectRequestPaymentRecurringChallengeInput, type DirectRequestPaymentToken, type DirectRequestPaymentWebhookEvent, type DirectRequestPaymentWebhookSubscription, type DirectRequestPaymentWebhookSubscriptionInput, type ParsedDirectRequestPaymentChallenge, SiglumeApiError, SiglumeDirectRequestPaymentError, type SiglumeEnvelopeMeta, SiglumeWebhookPayloadError, SiglumeWebhookSignatureError, type Web3PreparedTransactionExecutePayload, type Web3PreparedTransactionExecuteResult, type Web3TransactionRequest, type WebhookSignatureVerification, buildAllowanceExecutionPayload, buildPaymentExecutionPayload, buildPreparedTransactionExecutionPayload, buildWebhookSignatureHeader, computeWebhookSignature, createDirectRequestPaymentChallenge, createDirectRequestPaymentChallengeSignature, createDirectRequestPaymentRecurringChallenge, createDirectRequestPaymentRecurringChallengeSignature, createExternal402Challenge, createExternal402RecurringChallenge, directRequestPaymentChallengeHash, directRequestPaymentRequestHash, parseDirectRequestPaymentChallenge, parseDirectRequestPaymentWebhookEvent, verifyDirectRequestPaymentChallenge, verifyDirectRequestPaymentRecurringChallenge, verifyDirectRequestPaymentWebhook, verifyExternal402Challenge, verifyExternal402RecurringChallenge, verifyWebhookSignature };
418
+ export { DEFAULT_SIGLUME_API_BASE, DEFAULT_WEBHOOK_TOLERANCE_SECONDS, DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_MODE, DIRECT_REQUEST_PAYMENT_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE, type DirectPaymentRequirement, type DirectPaymentRequirementCreateInput, type DirectPaymentVerifyInput, type DirectRequestPaymentBillingPlan, type DirectRequestPaymentChallenge, type DirectRequestPaymentChallengeInput, type DirectRequestPaymentCheckoutSetupInput, type DirectRequestPaymentCheckoutSetupResult, DirectRequestPaymentClient, type DirectRequestPaymentClientOptions, type DirectRequestPaymentCurrency, type DirectRequestPaymentMerchantAccount, type DirectRequestPaymentMerchantBillingMandateInput, DirectRequestPaymentMerchantClient, type DirectRequestPaymentMerchantResponse, type DirectRequestPaymentMerchantSetupInput, type DirectRequestPaymentRecurringCadence, type DirectRequestPaymentRecurringChallenge, type DirectRequestPaymentRecurringChallengeInput, type DirectRequestPaymentToken, type DirectRequestPaymentWebhookEvent, type DirectRequestPaymentWebhookSubscription, type DirectRequestPaymentWebhookSubscriptionInput, type HostedCheckoutSession, type HostedCheckoutSessionCreateInput, type HostedCheckoutSessionCreateResult, type ParsedDirectRequestPaymentChallenge, SiglumeApiError, SiglumeDirectRequestPaymentError, type SiglumeEnvelopeMeta, SiglumeWebhookPayloadError, SiglumeWebhookSignatureError, type Web3PreparedTransactionExecutePayload, type Web3PreparedTransactionExecuteResult, type Web3TransactionRequest, type WebhookSignatureVerification, buildAllowanceExecutionPayload, buildPaymentExecutionPayload, buildPreparedTransactionExecutionPayload, buildWebhookSignatureHeader, computeWebhookSignature, createDirectRequestPaymentChallenge, createDirectRequestPaymentChallengeSignature, createDirectRequestPaymentRecurringChallenge, createDirectRequestPaymentRecurringChallengeSignature, createExternal402Challenge, createExternal402RecurringChallenge, directRequestPaymentChallengeHash, directRequestPaymentRequestHash, parseDirectRequestPaymentChallenge, parseDirectRequestPaymentWebhookEvent, verifyDirectRequestPaymentChallenge, verifyDirectRequestPaymentRecurringChallenge, verifyDirectRequestPaymentWebhook, verifyExternal402Challenge, verifyExternal402RecurringChallenge, verifyWebhookSignature };