npm - @siglume/direct-request-payment - Versions diffs - 0.4.0 → 0.4.1 - Mend

@siglume/direct-request-payment 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/CHANGELOG.md +13 -0
package/README.md +7 -1
package/dist/index.cjs +32 -5
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +5 -1
package/dist/index.d.ts +5 -1
package/dist/index.js +32 -5
package/dist/index.js.map +1 -1
package/docs/announcement-ja.md +8 -6
package/docs/api-reference.md +11 -1
package/docs/merchant-quickstart.md +5 -1
package/docs/pricing.md +18 -14
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,18 @@
 # Changelog
+## 0.4.1 - 2026-06-18
+Hosted Checkout rollout correction release.
+- Marked Hosted Checkout as Beta / server rollout in the README and API docs so
+  merchants do not treat the 0.4.0 surface as universally GA while accounts are
+  still being enabled.
+- Added `HostedCheckoutNotAvailableError` (TS + Py). `createCheckoutSession` /
+  `create_checkout_session` and `getCheckoutSession` / `get_checkout_session`
+  now map rollout 404/409 responses to this explicit error instead of exposing a
+  raw missing-route response.
+- Bumped default SDK user agents to 0.4.1.
 ## 0.4.0 - 2026-06-18
 Hosted Checkout for human web shoppers ("Pay with Siglume"). The two buyer

package/README.md CHANGED Viewed

@@ -32,7 +32,7 @@ cases the buyer pays from a **Siglume wallet** (JPYC for JPY, USDC for USD) —
 is **not** a card payment — and your **merchant SDK never authenticates the
 buyer**.
-1. **Human web shopper → Hosted Checkout.** When a person clicks "Pay with
+1. **Human web shopper → Hosted Checkout (Beta; server rollout in progress).** When a person clicks "Pay with
    Siglume" on your site, call
    [`createCheckoutSession(...)`](#hosted-checkout-human-web-shoppers) and
    redirect them to the returned `checkout_url`. They sign into Siglume (passkey
@@ -62,6 +62,12 @@ card-style "instant" checkout for first-time buyers.
 ## Hosted Checkout (Human Web Shoppers)
+**Beta / server rollout:** Hosted Checkout is rolling out account by account.
+Some merchant accounts may not have the server endpoint enabled yet. In that
+case `createCheckoutSession(...)` / `getCheckoutSession(...)` raises
+`HostedCheckoutNotAvailableError` instead of exposing the raw rollout 404/409.
+Keep fulfilling only from the signed `direct_payment.confirmed` webhook.
 Hosted Checkout is a Siglume-hosted page that turns a "Pay with Siglume" button
 into a completed wallet payment, then returns the shopper to your store. It
 orchestrates the same rails as the agent flow — there is no new money movement

package/dist/index.cjs CHANGED Viewed

@@ -40,6 +40,7 @@ __export(src_exports, {
   DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE: () => DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,
   DirectRequestPaymentClient: () => DirectRequestPaymentClient,
   DirectRequestPaymentMerchantClient: () => DirectRequestPaymentMerchantClient,
+  HostedCheckoutNotAvailableError: () => HostedCheckoutNotAvailableError,
   SiglumeApiError: () => SiglumeApiError,
   SiglumeDirectRequestPaymentError: () => SiglumeDirectRequestPaymentError,
   SiglumeWebhookPayloadError: () => SiglumeWebhookPayloadError,
@@ -93,6 +94,12 @@ var SiglumeApiError = class extends SiglumeDirectRequestPaymentError {
     this.data = options.data;
   }
 };
+var HostedCheckoutNotAvailableError = class extends SiglumeApiError {
+  constructor(message = "Hosted Checkout is not enabled for this account yet (server rollout in progress).") {
+    super(message, { status: 409, code: "HOSTED_CHECKOUT_NOT_ENABLED" });
+    this.name = "HostedCheckoutNotAvailableError";
+  }
+};
 var SiglumeWebhookSignatureError = class extends SiglumeDirectRequestPaymentError {
   constructor(message) {
     super(message);
@@ -125,7 +132,7 @@ var DirectRequestPaymentClient = class {
     this.auth_token = authToken;
     this.base_url = (options.base_url ?? envValue("SIGLUME_API_BASE") ?? DEFAULT_SIGLUME_API_BASE).replace(/\/+$/, "");
     this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15e3));
-    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.0";
+    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.1";
     this.fetch_impl = fetchImpl;
   }
   async createPaymentRequirement(input) {
@@ -230,7 +237,7 @@ var DirectRequestPaymentMerchantClient = class {
     this.auth_token = authToken;
     this.base_url = (options.base_url ?? envValue("SIGLUME_API_BASE") ?? DEFAULT_SIGLUME_API_BASE).replace(/\/+$/, "");
     this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15e3));
-    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.0";
+    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.1";
     this.fetch_impl = fetchImpl;
   }
   async setupMerchant(input) {
@@ -275,14 +282,14 @@ var DirectRequestPaymentMerchantClient = class {
       merchant: normalizeSelfServiceMerchant(input.merchant),
       amount_minor: positiveInteger(input.amount_minor, "amount_minor"),
       currency: normalizeCurrency(input.currency),
-      nonce: requireNonEmpty(input.nonce, "nonce"),
+      nonce: normalizeChallengeNonce(input.nonce),
       success_url: requireNonEmpty(input.success_url, "success_url"),
       cancel_url: requireNonEmpty(input.cancel_url, "cancel_url")
     };
     if (input.metadata !== void 0) {
       payload.metadata = cloneJsonObject(input.metadata, "metadata");
     }
-    return this.request(
+    return this.requestHostedCheckout(
       "POST",
       "/sdrp/direct-payments/checkout-sessions",
       payload
@@ -290,7 +297,7 @@ var DirectRequestPaymentMerchantClient = class {
   }
   /** Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). */
   async getCheckoutSession(session_id) {
-    return this.request(
+    return this.requestHostedCheckout(
       "GET",
       `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, "session_id"))}`
     );
@@ -399,6 +406,16 @@ var DirectRequestPaymentMerchantClient = class {
       clearTimeout(timeout);
     }
   }
+  async requestHostedCheckout(method, path, json_body) {
+    try {
+      return await this.request(method, path, json_body);
+    } catch (error) {
+      if (isHostedCheckoutUnavailable(error)) {
+        throw new HostedCheckoutNotAvailableError();
+      }
+      throw error;
+    }
+  }
 };
 async function createDirectRequestPaymentChallenge(input) {
   const merchant = normalizeMerchant(input.merchant);
@@ -745,6 +762,16 @@ function stringOrNull(value) {
   const text = value.trim();
   return text ? text : null;
 }
+function isHostedCheckoutUnavailable(error) {
+  if (!(error instanceof SiglumeApiError)) {
+    return false;
+  }
+  const code = error.code.toUpperCase();
+  if (error.status === 409 && (code === "HOSTED_CHECKOUT_NOT_ENABLED" || code === "FEATURE_DISABLED")) {
+    return true;
+  }
+  return error.status === 404 && (code === "HTTP_404" || code === "NOT_FOUND" || code === "ROUTE_NOT_FOUND" || code === "FEATURE_DISABLED");
+}
 function isRecord(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }

package/dist/index.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts"],"sourcesContent":["export const DEFAULT_SIGLUME_API_BASE = \"https://siglume.com/v1\";\nexport const DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME = \"siglume-external-402-v1\";\n// Recurring (subscription / scheduled autopay) approval uses a DISTINCT scheme\n// with cadence bound into the HMAC, so a one-time checkout challenge can never\n// be replayed as a recurring authorization and vice versa.\nexport const DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME = \"siglume-external-402-recurring-v1\";\nexport const DIRECT_REQUEST_PAYMENT_MODE = \"external_402\";\nexport const DIRECT_REQUEST_PAYMENT_RECEIPT_KIND = \"sdrp_direct_payment\";\nexport const DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND = \"sdrp_direct_payment_allowance\";\nexport const DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE = \"sdrp_direct_payment_requirement\";\nexport const DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 300;\n\nexport type DirectRequestPaymentCurrency = \"JPY\" \| \"USD\";\nexport type DirectRequestPaymentToken = \"JPYC\" \| \"USDC\";\n\nexport interface DirectRequestPaymentChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface ParsedDirectRequestPaymentChallenge {\n scheme: string;\n nonce: string;\n signature: string;\n}\n\n/** \"monthly\" authorizes a Siglume-swept subscription; \"daily\" authorizes\n * merchant-triggered scheduled autopay. It is an approval tag, not a\n * run-count limiter. /\nexport type DirectRequestPaymentRecurringCadence = \"monthly\" \| \"daily\";\n\nexport interface DirectRequestPaymentRecurringChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentRecurringChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n cadence: DirectRequestPaymentRecurringCadence;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface Web3TransactionRequest {\n network?: string;\n chain_id?: number;\n from?: string;\n to?: string;\n data?: string;\n value?: string \| number;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectPaymentRequirement {\n direct_payment_requirement_id: string;\n requirement_id: string;\n id: string;\n mode: string;\n merchant?: string \| null;\n challenge_hash?: string \| null;\n buyer_user_id: string;\n agent_id?: string \| null;\n product_listing_id: string;\n listing_id: string;\n access_grant_id?: string \| null;\n capability_key: string;\n requirement_hash: string;\n request_hash: string;\n siglume_signature: string;\n token_symbol: string;\n currency: string;\n amount_minor: number;\n fee_bps: number;\n status: string;\n expires_at?: string \| null;\n confirmed_at?: string \| null;\n spent_at?: string \| null;\n chain_receipt_id?: string \| null;\n transaction_request: Web3TransactionRequest;\n approve_transaction_request?: Web3TransactionRequest \| null;\n buyer_confirmation?: string \| null;\n non_custodial: boolean;\n metadata_jsonb?: Record<string, unknown>;\n created_at?: string \| null;\n updated_at?: string \| null;\n}\n\nexport interface DirectPaymentRequirementCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n token_symbol?: DirectRequestPaymentToken \| string;\n allowance_amount_minor?: number;\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectPaymentVerifyInput {\n receipt_id?: string \| null;\n chain_receipt_id?: string \| null;\n await_finality?: boolean;\n await_required_status?: string \| null;\n await_timeout_seconds?: number;\n await_poll_seconds?: number;\n}\n\nexport interface Web3PreparedTransactionExecutePayload {\n transaction_request: Web3TransactionRequest;\n receipt_kind: string;\n reference_type: typeof DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE;\n reference_id: string;\n metadata?: Record<string, unknown>;\n await_finality?: boolean;\n}\n\nexport interface Web3PreparedTransactionExecuteResult {\n receipt?: Record<string, unknown>;\n finalization?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentClientOptions {\n auth_token?: string;\n base_url?: string;\n fetch?: typeof fetch;\n timeout_ms?: number;\n user_agent?: string;\n}\n\nexport type DirectRequestPaymentBillingPlan = \"launch\" \| \"free\" \| \"starter\" \| \"growth\" \| \"pro\";\n\nexport interface DirectRequestPaymentMerchantAccount {\n merchant_account_id: string;\n merchant: string;\n merchant_user_id: string;\n user_wallet_id?: string \| null;\n billing_mandate_id?: string \| null;\n display_name?: string \| null;\n status?: string \| null;\n billing_status?: string \| null;\n billing_plan?: string \| null;\n billing_currency?: string \| null;\n token_symbol?: string \| null;\n monthly_fee_minor?: number \| null;\n settlement_fee_bps?: number \| null;\n settlement_fee_min_minor?: number \| null;\n included_monthly_payments?: number \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantSetupInput {\n merchant: string;\n display_name?: string;\n billing_plan?: DirectRequestPaymentBillingPlan \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n allowed_currencies?: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>;\n webhook_callback_url?: string;\n billing_mandate_cap_minor?: number;\n max_amount_minor?: number;\n // Hosted Checkout return-URL origin allowlist (open-redirect defense). Each\n // entry is an absolute origin such as \"https://shop.example.com\". The origin\n // of webhook_callback_url is auto-allowed in addition to these.\n checkout_allowed_origins?: string[];\n}\n\nexport interface HostedCheckoutSessionCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n success_url: string;\n cancel_url: string;\n metadata?: Record<string, unknown>;\n}\n\nexport interface HostedCheckoutSessionCreateResult {\n checkout_url: string;\n session_id: string;\n challenge_hash: string;\n status?: string;\n expires_at?: string \| null;\n}\n\nexport interface HostedCheckoutSession {\n session_id: string;\n merchant: string;\n currency: string;\n token_symbol: string;\n amount_minor: number;\n status: string;\n challenge_hash: string;\n requirement_id?: string \| null;\n success_url: string;\n cancel_url: string;\n expires_at?: string \| null;\n authenticated_at?: string \| null;\n paid_at?: string \| null;\n cancelled_at?: string \| null;\n created_at?: string \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantBillingMandateInput {\n currency?: DirectRequestPaymentCurrency \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantResponse {\n merchant_account: DirectRequestPaymentMerchantAccount;\n challenge_secret?: string \| null;\n challenge_secret_created?: boolean;\n created?: boolean \| null;\n listing_id?: string \| null;\n mandate?: Record<string, unknown> \| null;\n next_steps?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscriptionInput {\n callback_url: string;\n description?: string;\n event_types?: string[];\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscription {\n webhook_subscription_id?: string;\n subscription_id?: string;\n id?: string;\n callback_url?: string;\n signing_secret?: string;\n status?: string;\n event_types?: string[];\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupInput extends DirectRequestPaymentMerchantSetupInput {\n create_webhook_subscription?: boolean;\n prepare_billing_mandate?: boolean;\n webhook_event_types?: string[];\n webhook_description?: string;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupResult {\n merchant: DirectRequestPaymentMerchantResponse;\n billing_mandate?: DirectRequestPaymentMerchantResponse \| null;\n webhook_subscription?: DirectRequestPaymentWebhookSubscription \| null;\n env: Record<string, string>;\n}\n\nexport interface SiglumeEnvelopeMeta {\n request_id?: string \| null;\n trace_id?: string \| null;\n [key: string]: unknown;\n}\n\nexport interface WebhookSignatureVerification {\n timestamp: number;\n signature: string;\n}\n\nexport interface DirectRequestPaymentWebhookEvent {\n id: string;\n type: \"direct_payment.confirmed\" \| string;\n api_version: string;\n occurred_at: string;\n data: {\n mode?: string;\n merchant?: string;\n direct_payment_requirement_id?: string;\n requirement_id?: string;\n challenge_hash?: string;\n amount_minor?: number;\n currency?: string;\n token_symbol?: string;\n status?: string;\n [key: string]: unknown;\n };\n [key: string]: unknown;\n}\n\nexport class SiglumeDirectRequestPaymentError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeDirectRequestPaymentError\";\n }\n}\n\nexport class SiglumeApiError extends SiglumeDirectRequestPaymentError {\n readonly status: number;\n readonly code: string;\n readonly data: unknown;\n\n constructor(message: string, options: { status: number; code?: string; data?: unknown }) {\n super(message);\n this.name = \"SiglumeApiError\";\n this.status = options.status;\n this.code = options.code ?? \"SIGLUME_API_ERROR\";\n this.data = options.data;\n }\n}\n\nexport class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookSignatureError\";\n }\n}\n\nexport class SiglumeWebhookPayloadError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookPayloadError\";\n }\n}\n\nexport class DirectRequestPaymentClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A buyer Siglume bearer token is required for Direct Request Payment API calls. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.0\";\n this.fetch_impl = fetchImpl;\n }\n\n async createPaymentRequirement(input: DirectPaymentRequirementCreateInput): Promise<DirectPaymentRequirement> {\n const payload: Record<string, unknown> = {\n mode: DIRECT_REQUEST_PAYMENT_MODE,\n merchant: normalizeMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n challenge: requireNonEmpty(input.challenge, \"challenge\"),\n };\n if (input.token_symbol !== undefined) {\n payload.token_symbol = normalizeToken(input.token_symbol);\n }\n if (input.allowance_amount_minor !== undefined) {\n payload.allowance_amount_minor = positiveInteger(input.allowance_amount_minor, \"allowance_amount_minor\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectPaymentRequirement>(\"POST\", \"/sdrp/direct-payments/requirements\", payload);\n }\n\n async getPaymentRequirement(requirement_id: string): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"GET\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}`,\n );\n }\n\n async verifyPaymentRequirement(\n requirement_id: string,\n input: DirectPaymentVerifyInput,\n ): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"POST\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}/verify`,\n input,\n );\n }\n\n async executePreparedTransaction(\n payload: Web3PreparedTransactionExecutePayload,\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.request<Web3PreparedTransactionExecuteResult>(\n \"POST\",\n \"/market/web3/transactions/execute-prepared\",\n payload,\n );\n }\n\n async executePaymentTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildPaymentExecutionPayload(requirement, options));\n }\n\n async executeAllowanceTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildAllowanceExecutionPayload(requirement, options));\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport class DirectRequestPaymentMerchantClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_MERCHANT_AUTH_TOKEN\") ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A merchant Siglume bearer token is required for Direct Request Payment merchant setup. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.0\";\n this.fetch_impl = fetchImpl;\n }\n\n async setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n billing_plan: normalizeBillingPlan(input.billing_plan ?? \"launch\"),\n billing_currency: normalizeCurrency(input.billing_currency ?? \"JPY\"),\n };\n if (input.display_name !== undefined) {\n payload.display_name = requireNonEmpty(input.display_name, \"display_name\");\n }\n if (input.allowed_currencies !== undefined) {\n payload.allowed_currencies = normalizeAllowedCurrencies(input.allowed_currencies);\n }\n if (input.webhook_callback_url !== undefined) {\n payload.webhook_callback_url = requireNonEmpty(input.webhook_callback_url, \"webhook_callback_url\");\n }\n if (input.billing_mandate_cap_minor !== undefined) {\n payload.billing_mandate_cap_minor = positiveInteger(input.billing_mandate_cap_minor, \"billing_mandate_cap_minor\");\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n if (input.checkout_allowed_origins !== undefined) {\n payload.checkout_allowed_origins = normalizeOriginList(input.checkout_allowed_origins);\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\"POST\", \"/sdrp/direct-payments/merchants\", payload);\n }\n\n /\n Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web\n * shoppers). Siglume authors the challenge server-side, persists a single-use\n * expiring session, and returns a `checkout_url`. Redirect the shopper there;\n * they log into Siglume, approve, and pay from their own wallet, then return\n * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook\n * (the source of truth), exactly as with the agent flow.\n \n `success_url`/`cancel_url` must be on an origin you registered via\n * `checkout_allowed_origins` (or your `webhook_callback_url` origin).\n /\n async createCheckoutSession(input: HostedCheckoutSessionCreateInput): Promise<HostedCheckoutSessionCreateResult> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n nonce: requireNonEmpty(input.nonce, \"nonce\"),\n success_url: requireNonEmpty(input.success_url, \"success_url\"),\n cancel_url: requireNonEmpty(input.cancel_url, \"cancel_url\"),\n };\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<HostedCheckoutSessionCreateResult>(\n \"POST\",\n \"/sdrp/direct-payments/checkout-sessions\",\n payload,\n );\n }\n\n /* Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). /\n async getCheckoutSession(session_id: string): Promise<HostedCheckoutSession> {\n return this.request<HostedCheckoutSession>(\n \"GET\",\n `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, \"session_id\"))}`,\n );\n }\n\n async getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"GET\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}`,\n );\n }\n\n async rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/challenge-secret/rotate`,\n );\n }\n\n async prepareBillingMandate(\n merchant: string,\n input: DirectRequestPaymentMerchantBillingMandateInput = {},\n ): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {};\n if (input.currency !== undefined) {\n payload.currency = normalizeCurrency(input.currency);\n }\n if (input.billing_currency !== undefined) {\n payload.billing_currency = normalizeCurrency(input.billing_currency);\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/billing-mandate`,\n payload,\n );\n }\n\n async createWebhookSubscription(\n input: DirectRequestPaymentWebhookSubscriptionInput,\n ): Promise<DirectRequestPaymentWebhookSubscription> {\n const payload: Record<string, unknown> = {\n callback_url: requireNonEmpty(input.callback_url, \"callback_url\"),\n event_types: input.event_types?.length\n ? input.event_types.map((eventType) => requireNonEmpty(eventType, \"event_type\"))\n : [\"direct_payment.confirmed\", \"direct_payment.spent\"],\n };\n if (input.description !== undefined) {\n payload.description = requireNonEmpty(input.description, \"description\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectRequestPaymentWebhookSubscription>(\"POST\", \"/market/webhooks/subscriptions\", payload);\n }\n\n async setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult> {\n const merchant = await this.setupMerchant(input);\n const merchantKey = merchant.merchant_account.merchant;\n const billing_mandate = input.prepare_billing_mandate === false\n ? null\n : await this.prepareBillingMandate(merchantKey, {\n billing_currency: merchant.merchant_account.billing_currency ?? input.billing_currency ?? \"JPY\",\n max_amount_minor: input.max_amount_minor ?? input.billing_mandate_cap_minor,\n });\n const shouldCreateWebhook = input.create_webhook_subscription ?? Boolean(input.webhook_callback_url);\n const webhook_subscription = shouldCreateWebhook && input.webhook_callback_url\n ? await this.createWebhookSubscription({\n callback_url: input.webhook_callback_url,\n description: input.webhook_description ?? `${merchantKey} Direct Request Payment`,\n event_types: input.webhook_event_types,\n metadata: { merchant: merchantKey, sdk: \"@siglume/direct-request-payment\" },\n })\n : null;\n const env: Record<string, string> = {\n SIGLUME_DIRECT_PAYMENT_MERCHANT: merchantKey,\n };\n if (merchant.challenge_secret) {\n env.SIGLUME_DIRECT_PAYMENT_CHALLENGE_SECRET = merchant.challenge_secret;\n }\n const webhookSecret = stringOrNull(webhook_subscription?.signing_secret);\n if (webhookSecret) {\n env.SIGLUME_WEBHOOK_SECRET = webhookSecret;\n }\n return { merchant, billing_mandate, webhook_subscription, env };\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport async function createDirectRequestPaymentChallenge(\n input: DirectRequestPaymentChallengeInput,\n): Promise<DirectRequestPaymentChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = normalizeChallengeNonce(input.nonce);\n const material = `${merchant}:${amount}:${currency}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport function parseDirectRequestPaymentChallenge(challenge: string): ParsedDirectRequestPaymentChallenge {\n const parts = requireNonEmpty(challenge, \"challenge\").split(\":\");\n if (parts.length !== 3) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge must be scheme:nonce:signature.\");\n }\n const [scheme, nonce, signature] = parts;\n if (!scheme \|\| !nonce \|\| !signature) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge is incomplete.\");\n }\n return { scheme, nonce, signature };\n}\n\n/* Merchant-side, ONE-TIME approval of a recurring authorization: amount +\n * currency + cadence are bound into the HMAC. Recurring charges afterwards\n * are deliberately challenge-free; the recurring authorization and the\n * buyer's mandate/budget caps are the per-charge integrity checks. Cadence\n * \"monthly\" = subscription, \"daily\" = scheduled autopay approval tag. /\nexport async function createDirectRequestPaymentRecurringChallenge(\n input: DirectRequestPaymentRecurringChallengeInput,\n): Promise<DirectRequestPaymentRecurringChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentRecurringChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentRecurringChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = normalizeChallengeNonce(input.nonce);\n // MUST stay byte-identical to the server's\n // _external_402_recurring_challenge_signature — both sides change together.\n const material = `${merchant}:${amount}:${currency}:${cadence}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport async function verifyDirectRequestPaymentRecurringChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentRecurringChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n cadence: input.cadence,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function verifyDirectRequestPaymentChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function directRequestPaymentChallengeHash(challenge: string): Promise<string> {\n return sha256Prefixed(requireNonEmpty(challenge, \"challenge\"));\n}\n\nexport async function directRequestPaymentRequestHash(input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n}): Promise<string> {\n const material = `${normalizeMerchant(input.merchant)}${positiveInteger(input.amount_minor, \"amount_minor\")}${normalizeCurrency(input.currency)}${requireNonEmpty(input.challenge, \"challenge\")}`;\n return sha256Prefixed(material);\n}\n\nexport function buildPaymentExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n return buildPreparedTransactionExecutionPayload(requirement, requirement.transaction_request, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildAllowanceExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n const approveRequest = requirement.approve_transaction_request;\n if (!approveRequest \|\| Object.keys(approveRequest).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"This payment requirement does not include an allowance approval transaction.\");\n }\n return buildPreparedTransactionExecutionPayload(requirement, approveRequest, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildPreparedTransactionExecutionPayload(\n requirement: DirectPaymentRequirement,\n transaction_request: Web3TransactionRequest,\n options: {\n receipt_kind: string;\n await_finality?: boolean;\n metadata?: Record<string, unknown>;\n },\n): Web3PreparedTransactionExecutePayload {\n const metadata = {\n ...(isRecord(transaction_request.metadata_jsonb) ? transaction_request.metadata_jsonb : {}),\n ...(options.metadata ?? {}),\n };\n return {\n transaction_request,\n receipt_kind: requireNonEmpty(options.receipt_kind, \"receipt_kind\"),\n reference_type: DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,\n reference_id: requirement.requirement_id,\n metadata,\n await_finality: Boolean(options.await_finality),\n };\n}\n\nexport async function computeWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp: number },\n): Promise<string> {\n if (!signing_secret) {\n throw new SiglumeWebhookSignatureError(\"SIGLUME webhook signing secret is required.\");\n }\n const timestamp = Math.trunc(options.timestamp);\n const bytes = bodyBytes(body);\n const prefix = new TextEncoder().encode(`${timestamp}.`);\n const payload = new Uint8Array(prefix.length + bytes.length);\n payload.set(prefix, 0);\n payload.set(bytes, prefix.length);\n return hmacSha256Hex(signing_secret, payload);\n}\n\nexport async function buildWebhookSignatureHeader(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp?: number } = {},\n): Promise<string> {\n const timestamp = Math.trunc(options.timestamp ?? Date.now() / 1000);\n const signature = await computeWebhookSignature(signing_secret, body, { timestamp });\n return `t=${timestamp},v1=${signature}`;\n}\n\nexport async function verifyWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<WebhookSignatureVerification> {\n const { timestamp, signature } = parseSignatureHeader(signature_header);\n const toleranceSeconds = Math.max(1, Math.trunc(options.tolerance_seconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS));\n const nowSeconds = Math.trunc(options.now ?? Date.now() / 1000);\n if (Math.abs(nowSeconds - timestamp) > toleranceSeconds) {\n throw new SiglumeWebhookSignatureError(\"Webhook timestamp is outside the allowed tolerance window.\");\n }\n const expected = await computeWebhookSignature(signing_secret, body, { timestamp });\n if (!(await timingSafeEqualHex(expected, signature))) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature did not match.\");\n }\n return { timestamp, signature };\n}\n\nexport function parseDirectRequestPaymentWebhookEvent(payload: unknown): DirectRequestPaymentWebhookEvent {\n const event = requireRecord(payload, \"webhook event\");\n const data = requireRecord(event.data, \"webhook event data\");\n const parsed = {\n ...event,\n id: requireNonEmpty(stringOrNull(event.id) ?? \"\", \"webhook event id\"),\n type: requireNonEmpty(stringOrNull(event.type) ?? \"\", \"webhook event type\"),\n api_version: requireNonEmpty(stringOrNull(event.api_version) ?? \"\", \"webhook api_version\"),\n occurred_at: requireNonEmpty(stringOrNull(event.occurred_at) ?? \"\", \"webhook occurred_at\"),\n data: { ...data },\n } as DirectRequestPaymentWebhookEvent;\n if (parsed.type === \"direct_payment.confirmed\" && parsed.data.mode !== DIRECT_REQUEST_PAYMENT_MODE) {\n throw new SiglumeWebhookPayloadError(\"direct_payment.confirmed webhook must carry data.mode='external_402'.\");\n }\n return parsed;\n}\n\nexport async function verifyDirectRequestPaymentWebhook(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<{ event: DirectRequestPaymentWebhookEvent; verification: WebhookSignatureVerification }> {\n const verification = await verifyWebhookSignature(signing_secret, body, signature_header, options);\n const text = new TextDecoder().decode(bodyBytes(body));\n let parsed: unknown;\n try {\n parsed = JSON.parse(text);\n } catch (error) {\n throw new SiglumeWebhookPayloadError(\"Webhook body must contain valid JSON.\");\n }\n return { event: parseDirectRequestPaymentWebhookEvent(parsed), verification };\n}\n\nexport const createExternal402Challenge = createDirectRequestPaymentChallenge;\nexport const verifyExternal402Challenge = verifyDirectRequestPaymentChallenge;\nexport const createExternal402RecurringChallenge = createDirectRequestPaymentRecurringChallenge;\nexport const verifyExternal402RecurringChallenge = verifyDirectRequestPaymentRecurringChallenge;\n\nfunction normalizeMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9._-]{0,95}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be a lowercase key using letters, numbers, dot, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeSelfServiceMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9_-]{2,63}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be 3-64 chars using lowercase letters, numbers, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeBillingPlan(value: string): DirectRequestPaymentBillingPlan {\n const plan = requireNonEmpty(value, \"billing_plan\").toLowerCase();\n if (plan === \"launch\" \|\| plan === \"free\" \|\| plan === \"starter\" \|\| plan === \"growth\" \|\| plan === \"pro\") {\n return plan;\n }\n throw new SiglumeDirectRequestPaymentError(\"billing_plan must be launch, starter, growth, or pro.\");\n}\n\nfunction normalizeCurrency(value: string): DirectRequestPaymentCurrency {\n const currency = requireNonEmpty(value, \"currency\").toUpperCase();\n if (currency !== \"JPY\" && currency !== \"USD\") {\n throw new SiglumeDirectRequestPaymentError(\"currency must be JPY or USD.\");\n }\n return currency;\n}\n\nfunction normalizeToken(value: string): DirectRequestPaymentToken {\n const token = requireNonEmpty(value, \"token_symbol\").toUpperCase();\n if (token !== \"JPYC\" && token !== \"USDC\") {\n throw new SiglumeDirectRequestPaymentError(\"token_symbol must be JPYC or USDC.\");\n }\n return token;\n}\n\nfunction normalizeAllowedCurrencies(value: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>): Record<string, string> {\n const normalized: Record<string, string> = {};\n if (Array.isArray(value)) {\n for (const item of value) {\n const currency = normalizeCurrency(item);\n normalized[currency] = defaultTokenForCurrency(currency);\n }\n } else if (isRecord(value)) {\n for (const [rawCurrency, rawToken] of Object.entries(value)) {\n normalized[normalizeCurrency(rawCurrency)] = normalizeToken(String(rawToken));\n }\n } else {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must be an array or a currency-to-token object.\");\n }\n if (Object.keys(normalized).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must include at least one currency.\");\n }\n return normalized;\n}\n\nfunction defaultTokenForCurrency(currency: DirectRequestPaymentCurrency): DirectRequestPaymentToken {\n return currency === \"JPY\" ? \"JPYC\" : \"USDC\";\n}\n\nfunction normalizeOriginList(value: string[]): string[] {\n if (!Array.isArray(value)) {\n throw new SiglumeDirectRequestPaymentError(\"checkout_allowed_origins must be an array of origin URLs.\");\n }\n const seen = new Set<string>();\n const origins: string[] = [];\n for (const item of value) {\n let url: URL;\n try {\n url = new URL(requireNonEmpty(String(item), \"checkout_allowed_origins entry\"));\n } catch {\n throw new SiglumeDirectRequestPaymentError(\n \"each checkout_allowed_origins entry must be an absolute origin such as https://shop.example.com.\",\n );\n }\n const origin = `${url.protocol.toLowerCase()}//${url.host.toLowerCase()}`;\n if (!seen.has(origin)) {\n seen.add(origin);\n origins.push(origin);\n }\n }\n return origins;\n}\n\nfunction positiveInteger(value: number, name: string): number {\n const parsed = Number(value);\n if (!Number.isSafeInteger(parsed) \|\| parsed <= 0) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a positive safe integer.`);\n }\n return parsed;\n}\n\nfunction requireNonEmpty(value: string, name: string): string {\n const text = String(value ?? \"\").trim();\n if (!text) {\n throw new SiglumeDirectRequestPaymentError(`${name} is required.`);\n }\n return text;\n}\n\nfunction normalizeChallengeNonce(value: string): string {\n const nonce = requireNonEmpty(value, \"nonce\");\n if (nonce.includes(\":\")) {\n throw new SiglumeDirectRequestPaymentError(\"nonce must not contain ':'.\");\n }\n return nonce;\n}\n\nfunction normalizeRecurringCadence(value: string): DirectRequestPaymentRecurringCadence {\n const cadence = requireNonEmpty(value, \"cadence\").toLowerCase();\n if (cadence !== \"monthly\" && cadence !== \"daily\") {\n throw new SiglumeDirectRequestPaymentError(\n 'cadence must be \"monthly\" (subscription) or \"daily\" (scheduled autopay).',\n );\n }\n return cadence;\n}\n\nfunction cloneJsonObject(value: Record<string, unknown>, name: string): Record<string, unknown> {\n try {\n const cloned = JSON.parse(JSON.stringify(value)) as unknown;\n if (!isRecord(cloned)) {\n throw new Error(\"not an object\");\n }\n return cloned;\n } catch (error) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a JSON-serializable object.`);\n }\n}\n\nfunction parseJson(rawText: string): unknown {\n try {\n return JSON.parse(rawText);\n } catch (error) {\n throw new SiglumeApiError(\"Siglume API returned invalid JSON.\", {\n status: 502,\n code: \"INVALID_JSON_RESPONSE\",\n data: rawText,\n });\n }\n}\n\nfunction stringOrNull(value: unknown): string \| null {\n if (typeof value !== \"string\") {\n return null;\n }\n const text = value.trim();\n return text ? text : null;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction requireRecord(value: unknown, name: string): Record<string, unknown> {\n if (!isRecord(value)) {\n throw new SiglumeWebhookPayloadError(`${name} must be an object.`);\n }\n return value;\n}\n\nfunction envValue(name: string): string \| undefined {\n if (typeof process === \"undefined\") {\n return undefined;\n }\n const value = process.env[name];\n return value && value.trim() ? value.trim() : undefined;\n}\n\nfunction bodyBytes(body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>): Uint8Array {\n if (body instanceof Uint8Array) {\n return body;\n }\n if (body instanceof ArrayBuffer) {\n return new Uint8Array(body);\n }\n if (typeof body === \"string\") {\n return new TextEncoder().encode(body);\n }\n if (isRecord(body)) {\n return new TextEncoder().encode(JSON.stringify(body));\n }\n throw new SiglumeWebhookPayloadError(\"Webhook body must be raw bytes, a string, or a JSON object.\");\n}\n\nfunction parseSignatureHeader(signatureHeader: string): { timestamp: number; signature: string } {\n let timestamp: number \| null = null;\n let signature: string \| null = null;\n for (const item of String(signatureHeader ?? \"\").split(\",\")) {\n const [key, value] = item.trim().split(\"=\", 2);\n if (key === \"t\") {\n const parsed = Number.parseInt(value ?? \"\", 10);\n if (!Number.isFinite(parsed)) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature timestamp is invalid.\");\n }\n timestamp = parsed;\n }\n if (key === \"v1\") {\n signature = String(value ?? \"\").trim();\n }\n }\n if (timestamp === null \|\| !signature) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature header is incomplete.\");\n }\n return { timestamp, signature };\n}\n\nasync function randomNonce(): Promise<string> {\n if (globalThis.crypto?.randomUUID) {\n return globalThis.crypto.randomUUID();\n }\n const bytes = new Uint8Array(16);\n if (globalThis.crypto?.getRandomValues) {\n globalThis.crypto.getRandomValues(bytes);\n } else if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n bytes.set(crypto.randomBytes(16));\n } else {\n throw new SiglumeDirectRequestPaymentError(\"Crypto random number generation is unavailable in this runtime.\");\n }\n return bytesToHex(bytes);\n}\n\nasync function hmacSha256Hex(secret: string, payload: Uint8Array): Promise<string> {\n if (globalThis.crypto?.subtle) {\n const stablePayload = new Uint8Array(payload.byteLength);\n stablePayload.set(payload);\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n );\n const digest = await globalThis.crypto.subtle.sign(\"HMAC\", key, stablePayload);\n return bytesToHex(new Uint8Array(digest));\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return crypto.createHmac(\"sha256\", secret).update(Buffer.from(payload)).digest(\"hex\");\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for HMAC-SHA256 in this runtime.\");\n}\n\nasync function sha256Prefixed(material: string): Promise<string> {\n const bytes = new TextEncoder().encode(material);\n if (globalThis.crypto?.subtle) {\n const digest = await globalThis.crypto.subtle.digest(\"SHA-256\", bytes);\n return `sha256:${bytesToHex(new Uint8Array(digest))}`;\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return `sha256:${crypto.createHash(\"sha256\").update(Buffer.from(bytes)).digest(\"hex\")}`;\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for SHA-256 in this runtime.\");\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return [...bytes].map((item) => item.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\nfunction hexToBytes(hex: string): Uint8Array {\n const normalized = String(hex ?? \"\").trim().toLowerCase();\n if (normalized.length % 2 !== 0 \|\| !/^[0-9a-f]$/.test(normalized)) {\n throw new SiglumeWebhookSignatureError(\"Hex digest is invalid.\");\n }\n const bytes = new Uint8Array(normalized.length / 2);\n for (let index = 0; index < normalized.length; index += 2) {\n bytes[index / 2] = Number.parseInt(normalized.slice(index, index + 2), 16);\n }\n return bytes;\n}\n\nasync function timingSafeEqualHex(left: string, right: string): Promise<boolean> {\n const leftBytes = hexToBytes(left);\n const rightBytes = hexToBytes(right);\n if (leftBytes.length !== rightBytes.length) {\n return false;\n }\n let diff = 0;\n for (let index = 0; index < leftBytes.length; index += 1) {\n diff \|= leftBytes[index]! ^ rightBytes[index]!;\n }\n return diff === 0;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,IAAM,2BAA2B;AACjC,IAAM,0CAA0C;AAIhD,IAAM,oDAAoD;AAC1D,IAAM,8BAA8B;AACpC,IAAM,sCAAsC;AAC5C,IAAM,gDAAgD;AACtD,IAAM,wCAAwC;AAC9C,IAAM,oCAAoC;AAyS1C,IAAM,mCAAN,cAA+C,MAAM;AAAA,EAC1D,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,iCAAiC;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,SAA4D;AACvF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS,QAAQ;AACtB,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAEO,IAAM,+BAAN,cAA2C,iCAAiC;AAAA,EACjF,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,cAAyC,iCAAiC;AAAA,EAC/E,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,MAAiC;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,oBAAoB;AACrE,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,yBAAyB,OAA+E;AAC5G,UAAM,UAAmC;AAAA,MACvC,MAAM;AAAA,MACN,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,WAAW,gBAAgB,MAAM,WAAW,WAAW;AAAA,IACzD;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,eAAe,MAAM,YAAY;AAAA,IAC1D;AACA,QAAI,MAAM,2BAA2B,QAAW;AAC9C,cAAQ,yBAAyB,gBAAgB,MAAM,wBAAwB,wBAAwB;AAAA,IACzG;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAkC,QAAQ,sCAAsC,OAAO;AAAA,EACrG;AAAA,EAEA,MAAM,sBAAsB,gBAA2D;AACrF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,IAC7G;AAAA,EACF;AAAA,EAEA,MAAM,yBACJ,gBACA,OACmC;AACnC,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,MAC3G;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,SAC+C;AAC/C,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,6BAA6B,aAAa,OAAO,CAAC;AAAA,EAC3F;AAAA,EAEA,MAAM,4BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,+BAA+B,aAAa,OAAO,CAAC;AAAA,EAC7F;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,qCAAN,MAAyC;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,6BAA6B,KAAK,SAAS,oBAAoB;AAChH,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,OAA8F;AAChH,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,qBAAqB,MAAM,gBAAgB,QAAQ;AAAA,MACjE,kBAAkB,kBAAkB,MAAM,oBAAoB,KAAK;AAAA,IACrE;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,gBAAgB,MAAM,cAAc,cAAc;AAAA,IAC3E;AACA,QAAI,MAAM,uBAAuB,QAAW;AAC1C,cAAQ,qBAAqB,2BAA2B,MAAM,kBAAkB;AAAA,IAClF;AACA,QAAI,MAAM,yBAAyB,QAAW;AAC5C,cAAQ,uBAAuB,gBAAgB,MAAM,sBAAsB,sBAAsB;AAAA,IACnG;AACA,QAAI,MAAM,8BAA8B,QAAW;AACjD,cAAQ,4BAA4B,gBAAgB,MAAM,2BAA2B,2BAA2B;AAAA,IAClH;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,QAAI,MAAM,6BAA6B,QAAW;AAChD,cAAQ,2BAA2B,oBAAoB,MAAM,wBAAwB;AAAA,IACvF;AACA,WAAO,KAAK,QAA8C,QAAQ,mCAAmC,OAAO;AAAA,EAC9G;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,sBAAsB,OAAqF;AAC/G,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,OAAO,gBAAgB,MAAM,OAAO,OAAO;AAAA,MAC3C,aAAa,gBAAgB,MAAM,aAAa,aAAa;AAAA,MAC7D,YAAY,gBAAgB,MAAM,YAAY,YAAY;AAAA,IAC5D;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,mBAAmB,YAAoD;AAC3E,WAAO,KAAK;AAAA,MACV;AAAA,MACA,2CAA2C,mBAAmB,gBAAgB,YAAY,YAAY,CAAC,CAAC;AAAA,IAC1G;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAiE;AACjF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,UAAiE;AAC3F,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,UACA,QAAyD,CAAC,GACX;AAC/C,UAAM,UAAmC,CAAC;AAC1C,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,kBAAkB,MAAM,QAAQ;AAAA,IACrD;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,kBAAkB,MAAM,gBAAgB;AAAA,IACrE;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,MAC7F;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,OACkD;AAClD,UAAM,UAAmC;AAAA,MACvC,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,aAAa,MAAM,aAAa,SAC5B,MAAM,YAAY,IAAI,CAAC,cAAc,gBAAgB,WAAW,YAAY,CAAC,IAC7E,CAAC,4BAA4B,sBAAsB;AAAA,IACzD;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,cAAQ,cAAc,gBAAgB,MAAM,aAAa,aAAa;AAAA,IACxE;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAiD,QAAQ,kCAAkC,OAAO;AAAA,EAChH;AAAA,EAEA,MAAM,cAAc,OAAiG;AACnH,UAAM,WAAW,MAAM,KAAK,cAAc,KAAK;AAC/C,UAAM,cAAc,SAAS,iBAAiB;AAC9C,UAAM,kBAAkB,MAAM,4BAA4B,QACtD,OACA,MAAM,KAAK,sBAAsB,aAAa;AAAA,MAC9C,kBAAkB,SAAS,iBAAiB,oBAAoB,MAAM,oBAAoB;AAAA,MAC1F,kBAAkB,MAAM,oBAAoB,MAAM;AAAA,IACpD,CAAC;AACH,UAAM,sBAAsB,MAAM,+BAA+B,QAAQ,MAAM,oBAAoB;AACnG,UAAM,uBAAuB,uBAAuB,MAAM,uBACtD,MAAM,KAAK,0BAA0B;AAAA,MACrC,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM,uBAAuB,GAAG,WAAW;AAAA,MACxD,aAAa,MAAM;AAAA,MACnB,UAAU,EAAE,UAAU,aAAa,KAAK,kCAAkC;AAAA,IAC5E,CAAC,IACC;AACJ,UAAM,MAA8B;AAAA,MAClC,iCAAiC;AAAA,IACnC;AACA,QAAI,SAAS,kBAAkB;AAC7B,UAAI,0CAA0C,SAAS;AAAA,IACzD;AACA,UAAM,gBAAgB,aAAa,sBAAsB,cAAc;AACvE,QAAI,eAAe;AACjB,UAAI,yBAAyB;AAAA,IAC/B;AACA,WAAO,EAAE,UAAU,iBAAiB,sBAAsB,IAAI;AAAA,EAChE;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEA,eAAsB,oCACpB,OACwC;AACxC,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,6CAA6C,MAAM,QAAQ;AAAA,IACjF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,uCAAuC,IAAI,KAAK,IAAI,SAAS;AAClF,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,6CACpB,QACA,OAMiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AACjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,KAAK;AAC3D,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEO,SAAS,mCAAmC,WAAwD;AACzG,QAAM,QAAQ,gBAAgB,WAAW,WAAW,EAAE,MAAM,GAAG;AAC/D,MAAI,MAAM,WAAW,GAAG;AACtB,UAAM,IAAI,iCAAiC,kEAAkE;AAAA,EAC/G;AACA,QAAM,CAAC,QAAQ,OAAO,SAAS,IAAI;AACnC,MAAI,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW;AACnC,UAAM,IAAI,iCAAiC,iDAAiD;AAAA,EAC9F;AACA,SAAO,EAAE,QAAQ,OAAO,UAAU;AACpC;AAOA,eAAsB,6CACpB,OACiD;AACjD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,sDAAsD,MAAM,QAAQ;AAAA,IAC1F;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,iDAAiD,IAAI,KAAK,IAAI,SAAS;AAC5F,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,sDACpB,QACA,OAOiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AAGjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,OAAO,IAAI,KAAK;AACtE,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEA,eAAsB,6CACpB,QACA,OAOkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,mDAAmD;AACvE,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,sDAAsD,QAAQ;AAAA,IACnF,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,SAAS,MAAM;AAAA,IACf,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,oCACpB,QACA,OAMkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,yCAAyC;AAC7D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,6CAA6C,QAAQ;AAAA,IAC1E,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,kCAAkC,WAAoC;AAC1F,SAAO,eAAe,gBAAgB,WAAW,WAAW,CAAC;AAC/D;AAEA,eAAsB,gCAAgC,OAKlC;AAClB,QAAM,WAAW,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,cAAc,cAAc,CAAC,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,WAAW,WAAW,CAAC;AAC/L,SAAO,eAAe,QAAQ;AAChC;AAEO,SAAS,6BACd,aACA,UAA4E,CAAC,GACtC;AACvC,SAAO,yCAAyC,aAAa,YAAY,qBAAqB;AAAA,IAC5F,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,+BACd,aACA,UAA4E,CAAC,GACtC;AACvC,QAAM,iBAAiB,YAAY;AACnC,MAAI,CAAC,kBAAkB,OAAO,KAAK,cAAc,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,iCAAiC,8EAA8E;AAAA,EAC3H;AACA,SAAO,yCAAyC,aAAa,gBAAgB;AAAA,IAC3E,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,yCACd,aACA,qBACA,SAKuC;AACvC,QAAM,WAAW;AAAA,IACf,GAAI,SAAS,oBAAoB,cAAc,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,IACzF,GAAI,QAAQ,YAAY,CAAC;AAAA,EAC3B;AACA,SAAO;AAAA,IACL;AAAA,IACA,cAAc,gBAAgB,QAAQ,cAAc,cAAc;AAAA,IAClE,gBAAgB;AAAA,IAChB,cAAc,YAAY;AAAA,IAC1B;AAAA,IACA,gBAAgB,QAAQ,QAAQ,cAAc;AAAA,EAChD;AACF;AAEA,eAAsB,wBACpB,gBACA,MACA,SACiB;AACjB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,6BAA6B,6CAA6C;AAAA,EACtF;AACA,QAAM,YAAY,KAAK,MAAM,QAAQ,SAAS;AAC9C,QAAM,QAAQ,UAAU,IAAI;AAC5B,QAAM,SAAS,IAAI,YAAY,EAAE,OAAO,GAAG,SAAS,GAAG;AACvD,QAAM,UAAU,IAAI,WAAW,OAAO,SAAS,MAAM,MAAM;AAC3D,UAAQ,IAAI,QAAQ,CAAC;AACrB,UAAQ,IAAI,OAAO,OAAO,MAAM;AAChC,SAAO,cAAc,gBAAgB,OAAO;AAC9C;AAEA,eAAsB,4BACpB,gBACA,MACA,UAAkC,CAAC,GAClB;AACjB,QAAM,YAAY,KAAK,MAAM,QAAQ,aAAa,KAAK,IAAI,IAAI,GAAI;AACnE,QAAM,YAAY,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AACnF,SAAO,KAAK,SAAS,OAAO,SAAS;AACvC;AAEA,eAAsB,uBACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GAClB;AACvC,QAAM,EAAE,WAAW,UAAU,IAAI,qBAAqB,gBAAgB;AACtE,QAAM,mBAAmB,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,qBAAqB,iCAAiC,CAAC;AAC/G,QAAM,aAAa,KAAK,MAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAI;AAC9D,MAAI,KAAK,IAAI,aAAa,SAAS,IAAI,kBAAkB;AACvD,UAAM,IAAI,6BAA6B,4DAA4D;AAAA,EACrG;AACA,QAAM,WAAW,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AAClF,MAAI,CAAE,MAAM,mBAAmB,UAAU,SAAS,GAAI;AACpD,UAAM,IAAI,6BAA6B,kCAAkC;AAAA,EAC3E;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEO,SAAS,sCAAsC,SAAoD;AACxG,QAAM,QAAQ,cAAc,SAAS,eAAe;AACpD,QAAM,OAAO,cAAc,MAAM,MAAM,oBAAoB;AAC3D,QAAM,SAAS;AAAA,IACb,GAAG;AAAA,IACH,IAAI,gBAAgB,aAAa,MAAM,EAAE,KAAK,IAAI,kBAAkB;AAAA,IACpE,MAAM,gBAAgB,aAAa,MAAM,IAAI,KAAK,IAAI,oBAAoB;AAAA,IAC1E,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,MAAM,EAAE,GAAG,KAAK;AAAA,EAClB;AACA,MAAI,OAAO,SAAS,8BAA8B,OAAO,KAAK,SAAS,6BAA6B;AAClG,UAAM,IAAI,2BAA2B,uEAAuE;AAAA,EAC9G;AACA,SAAO;AACT;AAEA,eAAsB,kCACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GACyC;AAClG,QAAM,eAAe,MAAM,uBAAuB,gBAAgB,MAAM,kBAAkB,OAAO;AACjG,QAAM,OAAO,IAAI,YAAY,EAAE,OAAO,UAAU,IAAI,CAAC;AACrD,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,SAAS,OAAO;AACd,UAAM,IAAI,2BAA2B,uCAAuC;AAAA,EAC9E;AACA,SAAO,EAAE,OAAO,sCAAsC,MAAM,GAAG,aAAa;AAC9E;AAEO,IAAM,6BAA6B;AACnC,IAAM,6BAA6B;AACnC,IAAM,sCAAsC;AAC5C,IAAM,sCAAsC;AAEnD,SAAS,kBAAkB,OAAuB;AAChD,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,8BAA8B,KAAK,QAAQ,GAAG;AACjD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,6BAA6B,OAAuB;AAC3D,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,6BAA6B,KAAK,QAAQ,GAAG;AAChD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,OAAgD;AAC5E,QAAM,OAAO,gBAAgB,OAAO,cAAc,EAAE,YAAY;AAChE,MAAI,SAAS,YAAY,SAAS,UAAU,SAAS,aAAa,SAAS,YAAY,SAAS,OAAO;AACrG,WAAO;AAAA,EACT;AACA,QAAM,IAAI,iCAAiC,uDAAuD;AACpG;AAEA,SAAS,kBAAkB,OAA6C;AACtE,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,aAAa,SAAS,aAAa,OAAO;AAC5C,UAAM,IAAI,iCAAiC,8BAA8B;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,SAAS,eAAe,OAA0C;AAChE,QAAM,QAAQ,gBAAgB,OAAO,cAAc,EAAE,YAAY;AACjE,MAAI,UAAU,UAAU,UAAU,QAAQ;AACxC,UAAM,IAAI,iCAAiC,oCAAoC;AAAA,EACjF;AACA,SAAO;AACT;AAEA,SAAS,2BAA2B,OAAsG;AACxI,QAAM,aAAqC,CAAC;AAC5C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,kBAAkB,IAAI;AACvC,iBAAW,QAAQ,IAAI,wBAAwB,QAAQ;AAAA,IACzD;AAAA,EACF,WAAW,SAAS,KAAK,GAAG;AAC1B,eAAW,CAAC,aAAa,QAAQ,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,iBAAW,kBAAkB,WAAW,CAAC,IAAI,eAAe,OAAO,QAAQ,CAAC;AAAA,IAC9E;AAAA,EACF,OAAO;AACL,UAAM,IAAI,iCAAiC,oEAAoE;AAAA,EACjH;AACA,MAAI,OAAO,KAAK,UAAU,EAAE,WAAW,GAAG;AACxC,UAAM,IAAI,iCAAiC,wDAAwD;AAAA,EACrG;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,UAAmE;AAClG,SAAO,aAAa,QAAQ,SAAS;AACvC;AAEA,SAAS,oBAAoB,OAA2B;AACtD,MAAI,CAAC,MAAM,QAAQ,KAAK,GAAG;AACzB,UAAM,IAAI,iCAAiC,2DAA2D;AAAA,EACxG;AACA,QAAM,OAAO,oBAAI,IAAY;AAC7B,QAAM,UAAoB,CAAC;AAC3B,aAAW,QAAQ,OAAO;AACxB,QAAI;AACJ,QAAI;AACF,YAAM,IAAI,IAAI,gBAAgB,OAAO,IAAI,GAAG,gCAAgC,CAAC;AAAA,IAC/E,QAAQ;AACN,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,SAAS,GAAG,IAAI,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,YAAY,CAAC;AACvE,QAAI,CAAC,KAAK,IAAI,MAAM,GAAG;AACrB,WAAK,IAAI,MAAM;AACf,cAAQ,KAAK,MAAM;AAAA,IACrB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,SAAS,OAAO,KAAK;AAC3B,MAAI,CAAC,OAAO,cAAc,MAAM,KAAK,UAAU,GAAG;AAChD,UAAM,IAAI,iCAAiC,GAAG,IAAI,mCAAmC;AAAA,EACvF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,OAAO,OAAO,SAAS,EAAE,EAAE,KAAK;AACtC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,iCAAiC,GAAG,IAAI,eAAe;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,OAAuB;AACtD,QAAM,QAAQ,gBAAgB,OAAO,OAAO;AAC5C,MAAI,MAAM,SAAS,GAAG,GAAG;AACvB,UAAM,IAAI,iCAAiC,6BAA6B;AAAA,EAC1E;AACA,SAAO;AACT;AAEA,SAAS,0BAA0B,OAAqD;AACtF,QAAM,UAAU,gBAAgB,OAAO,SAAS,EAAE,YAAY;AAC9D,MAAI,YAAY,aAAa,YAAY,SAAS;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAgC,MAAuC;AAC9F,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,KAAK,UAAU,KAAK,CAAC;AAC/C,QAAI,CAAC,SAAS,MAAM,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IACjC;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,iCAAiC,GAAG,IAAI,sCAAsC;AAAA,EAC1F;AACF;AAEA,SAAS,UAAU,SAA0B;AAC3C,MAAI;AACF,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sCAAsC;AAAA,MAC9D,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AACF;AAEA,SAAS,aAAa,OAA+B;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK;AACxB,SAAO,OAAO,OAAO;AACvB;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,cAAc,OAAgB,MAAuC;AAC5E,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,2BAA2B,GAAG,IAAI,qBAAqB;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,SAAS,MAAkC;AAClD,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,QAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,SAAO,SAAS,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AAChD;AAEA,SAAS,UAAU,MAA+E;AAChG,MAAI,gBAAgB,YAAY;AAC9B,WAAO;AAAA,EACT;AACA,MAAI,gBAAgB,aAAa;AAC/B,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AACA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO,IAAI,YAAY,EAAE,OAAO,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,IAAI,GAAG;AAClB,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,IAAI,CAAC;AAAA,EACtD;AACA,QAAM,IAAI,2BAA2B,6DAA6D;AACpG;AAEA,SAAS,qBAAqB,iBAAmE;AAC/F,MAAI,YAA2B;AAC/B,MAAI,YAA2B;AAC/B,aAAW,QAAQ,OAAO,mBAAmB,EAAE,EAAE,MAAM,GAAG,GAAG;AAC3D,UAAM,CAAC,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE,MAAM,KAAK,CAAC;AAC7C,QAAI,QAAQ,KAAK;AACf,YAAM,SAAS,OAAO,SAAS,SAAS,IAAI,EAAE;AAC9C,UAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,cAAM,IAAI,6BAA6B,yCAAyC;AAAA,MAClF;AACA,kBAAY;AAAA,IACd;AACA,QAAI,QAAQ,MAAM;AAChB,kBAAY,OAAO,SAAS,EAAE,EAAE,KAAK;AAAA,IACvC;AAAA,EACF;AACA,MAAI,cAAc,QAAQ,CAAC,WAAW;AACpC,UAAM,IAAI,6BAA6B,yCAAyC;AAAA,EAClF;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEA,eAAe,cAA+B;AAC5C,MAAI,WAAW,QAAQ,YAAY;AACjC,WAAO,WAAW,OAAO,WAAW;AAAA,EACtC;AACA,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,MAAI,WAAW,QAAQ,iBAAiB;AACtC,eAAW,OAAO,gBAAgB,KAAK;AAAA,EACzC,WAAW,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AACnE,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,UAAM,IAAI,OAAO,YAAY,EAAE,CAAC;AAAA,EAClC,OAAO;AACL,UAAM,IAAI,iCAAiC,iEAAiE;AAAA,EAC9G;AACA,SAAO,WAAW,KAAK;AACzB;AAEA,eAAe,cAAc,QAAgB,SAAsC;AACjF,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,gBAAgB,IAAI,WAAW,QAAQ,UAAU;AACvD,kBAAc,IAAI,OAAO;AACzB,UAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,MACzC;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,MAAM;AAAA,MAC/B,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,MAChC;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AACA,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,aAAa;AAC7E,WAAO,WAAW,IAAI,WAAW,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,KAAK,OAAO,CAAC,EAAE,OAAO,KAAK;AAAA,EACtF;AACA,QAAM,IAAI,iCAAiC,yDAAyD;AACtG;AAEA,eAAe,eAAe,UAAmC;AAC/D,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,QAAQ;AAC/C,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,OAAO,WAAW,KAAK;AACrE,WAAO,UAAU,WAAW,IAAI,WAAW,MAAM,CAAC,CAAC;AAAA,EACrD;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,UAAU,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;AAAA,EACvF;AACA,QAAM,IAAI,iCAAiC,qDAAqD;AAClG;AAEA,SAAS,WAAW,OAA2B;AAC7C,SAAO,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE;AAC7E;AAEA,SAAS,WAAW,KAAyB;AAC3C,QAAM,aAAa,OAAO,OAAO,EAAE,EAAE,KAAK,EAAE,YAAY;AACxD,MAAI,WAAW,SAAS,MAAM,KAAK,CAAC,cAAc,KAAK,UAAU,GAAG;AAClE,UAAM,IAAI,6BAA6B,wBAAwB;AAAA,EACjE;AACA,QAAM,QAAQ,IAAI,WAAW,WAAW,SAAS,CAAC;AAClD,WAAS,QAAQ,GAAG,QAAQ,WAAW,QAAQ,SAAS,GAAG;AACzD,UAAM,QAAQ,CAAC,IAAI,OAAO,SAAS,WAAW,MAAM,OAAO,QAAQ,CAAC,GAAG,EAAE;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,eAAe,mBAAmB,MAAc,OAAiC;AAC/E,QAAM,YAAY,WAAW,IAAI;AACjC,QAAM,aAAa,WAAW,KAAK;AACnC,MAAI,UAAU,WAAW,WAAW,QAAQ;AAC1C,WAAO;AAAA,EACT;AACA,MAAI,OAAO;AACX,WAAS,QAAQ,GAAG,QAAQ,UAAU,QAAQ,SAAS,GAAG;AACxD,YAAQ,UAAU,KAAK,IAAK,WAAW,KAAK;AAAA,EAC9C;AACA,SAAO,SAAS;AAClB;","names":[]}
1	+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["export const DEFAULT_SIGLUME_API_BASE = \"https://siglume.com/v1\";\nexport const DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME = \"siglume-external-402-v1\";\n// Recurring (subscription / scheduled autopay) approval uses a DISTINCT scheme\n// with cadence bound into the HMAC, so a one-time checkout challenge can never\n// be replayed as a recurring authorization and vice versa.\nexport const DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME = \"siglume-external-402-recurring-v1\";\nexport const DIRECT_REQUEST_PAYMENT_MODE = \"external_402\";\nexport const DIRECT_REQUEST_PAYMENT_RECEIPT_KIND = \"sdrp_direct_payment\";\nexport const DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND = \"sdrp_direct_payment_allowance\";\nexport const DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE = \"sdrp_direct_payment_requirement\";\nexport const DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 300;\n\nexport type DirectRequestPaymentCurrency = \"JPY\" \| \"USD\";\nexport type DirectRequestPaymentToken = \"JPYC\" \| \"USDC\";\n\nexport interface DirectRequestPaymentChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface ParsedDirectRequestPaymentChallenge {\n scheme: string;\n nonce: string;\n signature: string;\n}\n\n/** \"monthly\" authorizes a Siglume-swept subscription; \"daily\" authorizes\n * merchant-triggered scheduled autopay. It is an approval tag, not a\n * run-count limiter. /\nexport type DirectRequestPaymentRecurringCadence = \"monthly\" \| \"daily\";\n\nexport interface DirectRequestPaymentRecurringChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentRecurringChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n cadence: DirectRequestPaymentRecurringCadence;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface Web3TransactionRequest {\n network?: string;\n chain_id?: number;\n from?: string;\n to?: string;\n data?: string;\n value?: string \| number;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectPaymentRequirement {\n direct_payment_requirement_id: string;\n requirement_id: string;\n id: string;\n mode: string;\n merchant?: string \| null;\n challenge_hash?: string \| null;\n buyer_user_id: string;\n agent_id?: string \| null;\n product_listing_id: string;\n listing_id: string;\n access_grant_id?: string \| null;\n capability_key: string;\n requirement_hash: string;\n request_hash: string;\n siglume_signature: string;\n token_symbol: string;\n currency: string;\n amount_minor: number;\n fee_bps: number;\n status: string;\n expires_at?: string \| null;\n confirmed_at?: string \| null;\n spent_at?: string \| null;\n chain_receipt_id?: string \| null;\n transaction_request: Web3TransactionRequest;\n approve_transaction_request?: Web3TransactionRequest \| null;\n buyer_confirmation?: string \| null;\n non_custodial: boolean;\n metadata_jsonb?: Record<string, unknown>;\n created_at?: string \| null;\n updated_at?: string \| null;\n}\n\nexport interface DirectPaymentRequirementCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n token_symbol?: DirectRequestPaymentToken \| string;\n allowance_amount_minor?: number;\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectPaymentVerifyInput {\n receipt_id?: string \| null;\n chain_receipt_id?: string \| null;\n await_finality?: boolean;\n await_required_status?: string \| null;\n await_timeout_seconds?: number;\n await_poll_seconds?: number;\n}\n\nexport interface Web3PreparedTransactionExecutePayload {\n transaction_request: Web3TransactionRequest;\n receipt_kind: string;\n reference_type: typeof DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE;\n reference_id: string;\n metadata?: Record<string, unknown>;\n await_finality?: boolean;\n}\n\nexport interface Web3PreparedTransactionExecuteResult {\n receipt?: Record<string, unknown>;\n finalization?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentClientOptions {\n auth_token?: string;\n base_url?: string;\n fetch?: typeof fetch;\n timeout_ms?: number;\n user_agent?: string;\n}\n\nexport type DirectRequestPaymentBillingPlan = \"launch\" \| \"free\" \| \"starter\" \| \"growth\" \| \"pro\";\n\nexport interface DirectRequestPaymentMerchantAccount {\n merchant_account_id: string;\n merchant: string;\n merchant_user_id: string;\n user_wallet_id?: string \| null;\n billing_mandate_id?: string \| null;\n display_name?: string \| null;\n status?: string \| null;\n billing_status?: string \| null;\n billing_plan?: string \| null;\n billing_currency?: string \| null;\n token_symbol?: string \| null;\n monthly_fee_minor?: number \| null;\n settlement_fee_bps?: number \| null;\n settlement_fee_min_minor?: number \| null;\n included_monthly_payments?: number \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantSetupInput {\n merchant: string;\n display_name?: string;\n billing_plan?: DirectRequestPaymentBillingPlan \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n allowed_currencies?: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>;\n webhook_callback_url?: string;\n billing_mandate_cap_minor?: number;\n max_amount_minor?: number;\n // Hosted Checkout return-URL origin allowlist (open-redirect defense). Each\n // entry is an absolute origin such as \"https://shop.example.com\". The origin\n // of webhook_callback_url is auto-allowed in addition to these.\n checkout_allowed_origins?: string[];\n}\n\nexport interface HostedCheckoutSessionCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n success_url: string;\n cancel_url: string;\n metadata?: Record<string, unknown>;\n}\n\nexport interface HostedCheckoutSessionCreateResult {\n checkout_url: string;\n session_id: string;\n challenge_hash: string;\n status?: string;\n expires_at?: string \| null;\n}\n\nexport interface HostedCheckoutSession {\n session_id: string;\n merchant: string;\n currency: string;\n token_symbol: string;\n amount_minor: number;\n status: string;\n challenge_hash: string;\n requirement_id?: string \| null;\n success_url: string;\n cancel_url: string;\n expires_at?: string \| null;\n authenticated_at?: string \| null;\n paid_at?: string \| null;\n cancelled_at?: string \| null;\n created_at?: string \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantBillingMandateInput {\n currency?: DirectRequestPaymentCurrency \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantResponse {\n merchant_account: DirectRequestPaymentMerchantAccount;\n challenge_secret?: string \| null;\n challenge_secret_created?: boolean;\n created?: boolean \| null;\n listing_id?: string \| null;\n mandate?: Record<string, unknown> \| null;\n next_steps?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscriptionInput {\n callback_url: string;\n description?: string;\n event_types?: string[];\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscription {\n webhook_subscription_id?: string;\n subscription_id?: string;\n id?: string;\n callback_url?: string;\n signing_secret?: string;\n status?: string;\n event_types?: string[];\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupInput extends DirectRequestPaymentMerchantSetupInput {\n create_webhook_subscription?: boolean;\n prepare_billing_mandate?: boolean;\n webhook_event_types?: string[];\n webhook_description?: string;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupResult {\n merchant: DirectRequestPaymentMerchantResponse;\n billing_mandate?: DirectRequestPaymentMerchantResponse \| null;\n webhook_subscription?: DirectRequestPaymentWebhookSubscription \| null;\n env: Record<string, string>;\n}\n\nexport interface SiglumeEnvelopeMeta {\n request_id?: string \| null;\n trace_id?: string \| null;\n [key: string]: unknown;\n}\n\nexport interface WebhookSignatureVerification {\n timestamp: number;\n signature: string;\n}\n\nexport interface DirectRequestPaymentWebhookEvent {\n id: string;\n type: \"direct_payment.confirmed\" \| string;\n api_version: string;\n occurred_at: string;\n data: {\n mode?: string;\n merchant?: string;\n direct_payment_requirement_id?: string;\n requirement_id?: string;\n challenge_hash?: string;\n amount_minor?: number;\n currency?: string;\n token_symbol?: string;\n status?: string;\n [key: string]: unknown;\n };\n [key: string]: unknown;\n}\n\nexport class SiglumeDirectRequestPaymentError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeDirectRequestPaymentError\";\n }\n}\n\nexport class SiglumeApiError extends SiglumeDirectRequestPaymentError {\n readonly status: number;\n readonly code: string;\n readonly data: unknown;\n\n constructor(message: string, options: { status: number; code?: string; data?: unknown }) {\n super(message);\n this.name = \"SiglumeApiError\";\n this.status = options.status;\n this.code = options.code ?? \"SIGLUME_API_ERROR\";\n this.data = options.data;\n }\n}\n\nexport class HostedCheckoutNotAvailableError extends SiglumeApiError {\n constructor(message = \"Hosted Checkout is not enabled for this account yet (server rollout in progress).\") {\n super(message, { status: 409, code: \"HOSTED_CHECKOUT_NOT_ENABLED\" });\n this.name = \"HostedCheckoutNotAvailableError\";\n }\n}\n\nexport class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookSignatureError\";\n }\n}\n\nexport class SiglumeWebhookPayloadError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookPayloadError\";\n }\n}\n\nexport class DirectRequestPaymentClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A buyer Siglume bearer token is required for Direct Request Payment API calls. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.1\";\n this.fetch_impl = fetchImpl;\n }\n\n async createPaymentRequirement(input: DirectPaymentRequirementCreateInput): Promise<DirectPaymentRequirement> {\n const payload: Record<string, unknown> = {\n mode: DIRECT_REQUEST_PAYMENT_MODE,\n merchant: normalizeMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n challenge: requireNonEmpty(input.challenge, \"challenge\"),\n };\n if (input.token_symbol !== undefined) {\n payload.token_symbol = normalizeToken(input.token_symbol);\n }\n if (input.allowance_amount_minor !== undefined) {\n payload.allowance_amount_minor = positiveInteger(input.allowance_amount_minor, \"allowance_amount_minor\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectPaymentRequirement>(\"POST\", \"/sdrp/direct-payments/requirements\", payload);\n }\n\n async getPaymentRequirement(requirement_id: string): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"GET\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}`,\n );\n }\n\n async verifyPaymentRequirement(\n requirement_id: string,\n input: DirectPaymentVerifyInput,\n ): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"POST\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}/verify`,\n input,\n );\n }\n\n async executePreparedTransaction(\n payload: Web3PreparedTransactionExecutePayload,\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.request<Web3PreparedTransactionExecuteResult>(\n \"POST\",\n \"/market/web3/transactions/execute-prepared\",\n payload,\n );\n }\n\n async executePaymentTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildPaymentExecutionPayload(requirement, options));\n }\n\n async executeAllowanceTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildAllowanceExecutionPayload(requirement, options));\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport class DirectRequestPaymentMerchantClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_MERCHANT_AUTH_TOKEN\") ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A merchant Siglume bearer token is required for Direct Request Payment merchant setup. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.1\";\n this.fetch_impl = fetchImpl;\n }\n\n async setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n billing_plan: normalizeBillingPlan(input.billing_plan ?? \"launch\"),\n billing_currency: normalizeCurrency(input.billing_currency ?? \"JPY\"),\n };\n if (input.display_name !== undefined) {\n payload.display_name = requireNonEmpty(input.display_name, \"display_name\");\n }\n if (input.allowed_currencies !== undefined) {\n payload.allowed_currencies = normalizeAllowedCurrencies(input.allowed_currencies);\n }\n if (input.webhook_callback_url !== undefined) {\n payload.webhook_callback_url = requireNonEmpty(input.webhook_callback_url, \"webhook_callback_url\");\n }\n if (input.billing_mandate_cap_minor !== undefined) {\n payload.billing_mandate_cap_minor = positiveInteger(input.billing_mandate_cap_minor, \"billing_mandate_cap_minor\");\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n if (input.checkout_allowed_origins !== undefined) {\n payload.checkout_allowed_origins = normalizeOriginList(input.checkout_allowed_origins);\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\"POST\", \"/sdrp/direct-payments/merchants\", payload);\n }\n\n /\n Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web\n * shoppers). Siglume authors the challenge server-side, persists a single-use\n * expiring session, and returns a `checkout_url`. Redirect the shopper there;\n * they log into Siglume, approve, and pay from their own wallet, then return\n * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook\n * (the source of truth), exactly as with the agent flow.\n \n `success_url`/`cancel_url` must be on an origin you registered via\n * `checkout_allowed_origins` (or your `webhook_callback_url` origin).\n /\n async createCheckoutSession(input: HostedCheckoutSessionCreateInput): Promise<HostedCheckoutSessionCreateResult> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n nonce: normalizeChallengeNonce(input.nonce),\n success_url: requireNonEmpty(input.success_url, \"success_url\"),\n cancel_url: requireNonEmpty(input.cancel_url, \"cancel_url\"),\n };\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.requestHostedCheckout<HostedCheckoutSessionCreateResult>(\n \"POST\",\n \"/sdrp/direct-payments/checkout-sessions\",\n payload,\n );\n }\n\n /* Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). /\n async getCheckoutSession(session_id: string): Promise<HostedCheckoutSession> {\n return this.requestHostedCheckout<HostedCheckoutSession>(\n \"GET\",\n `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, \"session_id\"))}`,\n );\n }\n\n async getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"GET\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}`,\n );\n }\n\n async rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/challenge-secret/rotate`,\n );\n }\n\n async prepareBillingMandate(\n merchant: string,\n input: DirectRequestPaymentMerchantBillingMandateInput = {},\n ): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {};\n if (input.currency !== undefined) {\n payload.currency = normalizeCurrency(input.currency);\n }\n if (input.billing_currency !== undefined) {\n payload.billing_currency = normalizeCurrency(input.billing_currency);\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/billing-mandate`,\n payload,\n );\n }\n\n async createWebhookSubscription(\n input: DirectRequestPaymentWebhookSubscriptionInput,\n ): Promise<DirectRequestPaymentWebhookSubscription> {\n const payload: Record<string, unknown> = {\n callback_url: requireNonEmpty(input.callback_url, \"callback_url\"),\n event_types: input.event_types?.length\n ? input.event_types.map((eventType) => requireNonEmpty(eventType, \"event_type\"))\n : [\"direct_payment.confirmed\", \"direct_payment.spent\"],\n };\n if (input.description !== undefined) {\n payload.description = requireNonEmpty(input.description, \"description\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectRequestPaymentWebhookSubscription>(\"POST\", \"/market/webhooks/subscriptions\", payload);\n }\n\n async setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult> {\n const merchant = await this.setupMerchant(input);\n const merchantKey = merchant.merchant_account.merchant;\n const billing_mandate = input.prepare_billing_mandate === false\n ? null\n : await this.prepareBillingMandate(merchantKey, {\n billing_currency: merchant.merchant_account.billing_currency ?? input.billing_currency ?? \"JPY\",\n max_amount_minor: input.max_amount_minor ?? input.billing_mandate_cap_minor,\n });\n const shouldCreateWebhook = input.create_webhook_subscription ?? Boolean(input.webhook_callback_url);\n const webhook_subscription = shouldCreateWebhook && input.webhook_callback_url\n ? await this.createWebhookSubscription({\n callback_url: input.webhook_callback_url,\n description: input.webhook_description ?? `${merchantKey} Direct Request Payment`,\n event_types: input.webhook_event_types,\n metadata: { merchant: merchantKey, sdk: \"@siglume/direct-request-payment\" },\n })\n : null;\n const env: Record<string, string> = {\n SIGLUME_DIRECT_PAYMENT_MERCHANT: merchantKey,\n };\n if (merchant.challenge_secret) {\n env.SIGLUME_DIRECT_PAYMENT_CHALLENGE_SECRET = merchant.challenge_secret;\n }\n const webhookSecret = stringOrNull(webhook_subscription?.signing_secret);\n if (webhookSecret) {\n env.SIGLUME_WEBHOOK_SECRET = webhookSecret;\n }\n return { merchant, billing_mandate, webhook_subscription, env };\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n\n private async requestHostedCheckout<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n try {\n return await this.request<T>(method, path, json_body);\n } catch (error) {\n if (isHostedCheckoutUnavailable(error)) {\n throw new HostedCheckoutNotAvailableError();\n }\n throw error;\n }\n }\n}\n\nexport async function createDirectRequestPaymentChallenge(\n input: DirectRequestPaymentChallengeInput,\n): Promise<DirectRequestPaymentChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = normalizeChallengeNonce(input.nonce);\n const material = `${merchant}:${amount}:${currency}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport function parseDirectRequestPaymentChallenge(challenge: string): ParsedDirectRequestPaymentChallenge {\n const parts = requireNonEmpty(challenge, \"challenge\").split(\":\");\n if (parts.length !== 3) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge must be scheme:nonce:signature.\");\n }\n const [scheme, nonce, signature] = parts;\n if (!scheme \|\| !nonce \|\| !signature) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge is incomplete.\");\n }\n return { scheme, nonce, signature };\n}\n\n/* Merchant-side, ONE-TIME approval of a recurring authorization: amount +\n * currency + cadence are bound into the HMAC. Recurring charges afterwards\n * are deliberately challenge-free; the recurring authorization and the\n * buyer's mandate/budget caps are the per-charge integrity checks. Cadence\n * \"monthly\" = subscription, \"daily\" = scheduled autopay approval tag. /\nexport async function createDirectRequestPaymentRecurringChallenge(\n input: DirectRequestPaymentRecurringChallengeInput,\n): Promise<DirectRequestPaymentRecurringChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentRecurringChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentRecurringChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = normalizeChallengeNonce(input.nonce);\n // MUST stay byte-identical to the server's\n // _external_402_recurring_challenge_signature — both sides change together.\n const material = `${merchant}:${amount}:${currency}:${cadence}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport async function verifyDirectRequestPaymentRecurringChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentRecurringChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n cadence: input.cadence,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function verifyDirectRequestPaymentChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function directRequestPaymentChallengeHash(challenge: string): Promise<string> {\n return sha256Prefixed(requireNonEmpty(challenge, \"challenge\"));\n}\n\nexport async function directRequestPaymentRequestHash(input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n}): Promise<string> {\n const material = `${normalizeMerchant(input.merchant)}${positiveInteger(input.amount_minor, \"amount_minor\")}${normalizeCurrency(input.currency)}${requireNonEmpty(input.challenge, \"challenge\")}`;\n return sha256Prefixed(material);\n}\n\nexport function buildPaymentExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n return buildPreparedTransactionExecutionPayload(requirement, requirement.transaction_request, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildAllowanceExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n const approveRequest = requirement.approve_transaction_request;\n if (!approveRequest \|\| Object.keys(approveRequest).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"This payment requirement does not include an allowance approval transaction.\");\n }\n return buildPreparedTransactionExecutionPayload(requirement, approveRequest, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildPreparedTransactionExecutionPayload(\n requirement: DirectPaymentRequirement,\n transaction_request: Web3TransactionRequest,\n options: {\n receipt_kind: string;\n await_finality?: boolean;\n metadata?: Record<string, unknown>;\n },\n): Web3PreparedTransactionExecutePayload {\n const metadata = {\n ...(isRecord(transaction_request.metadata_jsonb) ? transaction_request.metadata_jsonb : {}),\n ...(options.metadata ?? {}),\n };\n return {\n transaction_request,\n receipt_kind: requireNonEmpty(options.receipt_kind, \"receipt_kind\"),\n reference_type: DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,\n reference_id: requirement.requirement_id,\n metadata,\n await_finality: Boolean(options.await_finality),\n };\n}\n\nexport async function computeWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp: number },\n): Promise<string> {\n if (!signing_secret) {\n throw new SiglumeWebhookSignatureError(\"SIGLUME webhook signing secret is required.\");\n }\n const timestamp = Math.trunc(options.timestamp);\n const bytes = bodyBytes(body);\n const prefix = new TextEncoder().encode(`${timestamp}.`);\n const payload = new Uint8Array(prefix.length + bytes.length);\n payload.set(prefix, 0);\n payload.set(bytes, prefix.length);\n return hmacSha256Hex(signing_secret, payload);\n}\n\nexport async function buildWebhookSignatureHeader(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp?: number } = {},\n): Promise<string> {\n const timestamp = Math.trunc(options.timestamp ?? Date.now() / 1000);\n const signature = await computeWebhookSignature(signing_secret, body, { timestamp });\n return `t=${timestamp},v1=${signature}`;\n}\n\nexport async function verifyWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<WebhookSignatureVerification> {\n const { timestamp, signature } = parseSignatureHeader(signature_header);\n const toleranceSeconds = Math.max(1, Math.trunc(options.tolerance_seconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS));\n const nowSeconds = Math.trunc(options.now ?? Date.now() / 1000);\n if (Math.abs(nowSeconds - timestamp) > toleranceSeconds) {\n throw new SiglumeWebhookSignatureError(\"Webhook timestamp is outside the allowed tolerance window.\");\n }\n const expected = await computeWebhookSignature(signing_secret, body, { timestamp });\n if (!(await timingSafeEqualHex(expected, signature))) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature did not match.\");\n }\n return { timestamp, signature };\n}\n\nexport function parseDirectRequestPaymentWebhookEvent(payload: unknown): DirectRequestPaymentWebhookEvent {\n const event = requireRecord(payload, \"webhook event\");\n const data = requireRecord(event.data, \"webhook event data\");\n const parsed = {\n ...event,\n id: requireNonEmpty(stringOrNull(event.id) ?? \"\", \"webhook event id\"),\n type: requireNonEmpty(stringOrNull(event.type) ?? \"\", \"webhook event type\"),\n api_version: requireNonEmpty(stringOrNull(event.api_version) ?? \"\", \"webhook api_version\"),\n occurred_at: requireNonEmpty(stringOrNull(event.occurred_at) ?? \"\", \"webhook occurred_at\"),\n data: { ...data },\n } as DirectRequestPaymentWebhookEvent;\n if (parsed.type === \"direct_payment.confirmed\" && parsed.data.mode !== DIRECT_REQUEST_PAYMENT_MODE) {\n throw new SiglumeWebhookPayloadError(\"direct_payment.confirmed webhook must carry data.mode='external_402'.\");\n }\n return parsed;\n}\n\nexport async function verifyDirectRequestPaymentWebhook(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<{ event: DirectRequestPaymentWebhookEvent; verification: WebhookSignatureVerification }> {\n const verification = await verifyWebhookSignature(signing_secret, body, signature_header, options);\n const text = new TextDecoder().decode(bodyBytes(body));\n let parsed: unknown;\n try {\n parsed = JSON.parse(text);\n } catch (error) {\n throw new SiglumeWebhookPayloadError(\"Webhook body must contain valid JSON.\");\n }\n return { event: parseDirectRequestPaymentWebhookEvent(parsed), verification };\n}\n\nexport const createExternal402Challenge = createDirectRequestPaymentChallenge;\nexport const verifyExternal402Challenge = verifyDirectRequestPaymentChallenge;\nexport const createExternal402RecurringChallenge = createDirectRequestPaymentRecurringChallenge;\nexport const verifyExternal402RecurringChallenge = verifyDirectRequestPaymentRecurringChallenge;\n\nfunction normalizeMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9._-]{0,95}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be a lowercase key using letters, numbers, dot, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeSelfServiceMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9_-]{2,63}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be 3-64 chars using lowercase letters, numbers, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeBillingPlan(value: string): DirectRequestPaymentBillingPlan {\n const plan = requireNonEmpty(value, \"billing_plan\").toLowerCase();\n if (plan === \"launch\" \|\| plan === \"free\" \|\| plan === \"starter\" \|\| plan === \"growth\" \|\| plan === \"pro\") {\n return plan;\n }\n throw new SiglumeDirectRequestPaymentError(\"billing_plan must be launch, starter, growth, or pro.\");\n}\n\nfunction normalizeCurrency(value: string): DirectRequestPaymentCurrency {\n const currency = requireNonEmpty(value, \"currency\").toUpperCase();\n if (currency !== \"JPY\" && currency !== \"USD\") {\n throw new SiglumeDirectRequestPaymentError(\"currency must be JPY or USD.\");\n }\n return currency;\n}\n\nfunction normalizeToken(value: string): DirectRequestPaymentToken {\n const token = requireNonEmpty(value, \"token_symbol\").toUpperCase();\n if (token !== \"JPYC\" && token !== \"USDC\") {\n throw new SiglumeDirectRequestPaymentError(\"token_symbol must be JPYC or USDC.\");\n }\n return token;\n}\n\nfunction normalizeAllowedCurrencies(value: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>): Record<string, string> {\n const normalized: Record<string, string> = {};\n if (Array.isArray(value)) {\n for (const item of value) {\n const currency = normalizeCurrency(item);\n normalized[currency] = defaultTokenForCurrency(currency);\n }\n } else if (isRecord(value)) {\n for (const [rawCurrency, rawToken] of Object.entries(value)) {\n normalized[normalizeCurrency(rawCurrency)] = normalizeToken(String(rawToken));\n }\n } else {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must be an array or a currency-to-token object.\");\n }\n if (Object.keys(normalized).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must include at least one currency.\");\n }\n return normalized;\n}\n\nfunction defaultTokenForCurrency(currency: DirectRequestPaymentCurrency): DirectRequestPaymentToken {\n return currency === \"JPY\" ? \"JPYC\" : \"USDC\";\n}\n\nfunction normalizeOriginList(value: string[]): string[] {\n if (!Array.isArray(value)) {\n throw new SiglumeDirectRequestPaymentError(\"checkout_allowed_origins must be an array of origin URLs.\");\n }\n const seen = new Set<string>();\n const origins: string[] = [];\n for (const item of value) {\n let url: URL;\n try {\n url = new URL(requireNonEmpty(String(item), \"checkout_allowed_origins entry\"));\n } catch {\n throw new SiglumeDirectRequestPaymentError(\n \"each checkout_allowed_origins entry must be an absolute origin such as https://shop.example.com.\",\n );\n }\n const origin = `${url.protocol.toLowerCase()}//${url.host.toLowerCase()}`;\n if (!seen.has(origin)) {\n seen.add(origin);\n origins.push(origin);\n }\n }\n return origins;\n}\n\nfunction positiveInteger(value: number, name: string): number {\n const parsed = Number(value);\n if (!Number.isSafeInteger(parsed) \|\| parsed <= 0) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a positive safe integer.`);\n }\n return parsed;\n}\n\nfunction requireNonEmpty(value: string, name: string): string {\n const text = String(value ?? \"\").trim();\n if (!text) {\n throw new SiglumeDirectRequestPaymentError(`${name} is required.`);\n }\n return text;\n}\n\nfunction normalizeChallengeNonce(value: string): string {\n const nonce = requireNonEmpty(value, \"nonce\");\n if (nonce.includes(\":\")) {\n throw new SiglumeDirectRequestPaymentError(\"nonce must not contain ':'.\");\n }\n return nonce;\n}\n\nfunction normalizeRecurringCadence(value: string): DirectRequestPaymentRecurringCadence {\n const cadence = requireNonEmpty(value, \"cadence\").toLowerCase();\n if (cadence !== \"monthly\" && cadence !== \"daily\") {\n throw new SiglumeDirectRequestPaymentError(\n 'cadence must be \"monthly\" (subscription) or \"daily\" (scheduled autopay).',\n );\n }\n return cadence;\n}\n\nfunction cloneJsonObject(value: Record<string, unknown>, name: string): Record<string, unknown> {\n try {\n const cloned = JSON.parse(JSON.stringify(value)) as unknown;\n if (!isRecord(cloned)) {\n throw new Error(\"not an object\");\n }\n return cloned;\n } catch (error) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a JSON-serializable object.`);\n }\n}\n\nfunction parseJson(rawText: string): unknown {\n try {\n return JSON.parse(rawText);\n } catch (error) {\n throw new SiglumeApiError(\"Siglume API returned invalid JSON.\", {\n status: 502,\n code: \"INVALID_JSON_RESPONSE\",\n data: rawText,\n });\n }\n}\n\nfunction stringOrNull(value: unknown): string \| null {\n if (typeof value !== \"string\") {\n return null;\n }\n const text = value.trim();\n return text ? text : null;\n}\n\nfunction isHostedCheckoutUnavailable(error: unknown): boolean {\n if (!(error instanceof SiglumeApiError)) {\n return false;\n }\n const code = error.code.toUpperCase();\n if (error.status === 409 && (code === \"HOSTED_CHECKOUT_NOT_ENABLED\" \|\| code === \"FEATURE_DISABLED\")) {\n return true;\n }\n return (\n error.status === 404 &&\n (code === \"HTTP_404\" \|\| code === \"NOT_FOUND\" \|\| code === \"ROUTE_NOT_FOUND\" \|\| code === \"FEATURE_DISABLED\")\n );\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction requireRecord(value: unknown, name: string): Record<string, unknown> {\n if (!isRecord(value)) {\n throw new SiglumeWebhookPayloadError(`${name} must be an object.`);\n }\n return value;\n}\n\nfunction envValue(name: string): string \| undefined {\n if (typeof process === \"undefined\") {\n return undefined;\n }\n const value = process.env[name];\n return value && value.trim() ? value.trim() : undefined;\n}\n\nfunction bodyBytes(body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>): Uint8Array {\n if (body instanceof Uint8Array) {\n return body;\n }\n if (body instanceof ArrayBuffer) {\n return new Uint8Array(body);\n }\n if (typeof body === \"string\") {\n return new TextEncoder().encode(body);\n }\n if (isRecord(body)) {\n return new TextEncoder().encode(JSON.stringify(body));\n }\n throw new SiglumeWebhookPayloadError(\"Webhook body must be raw bytes, a string, or a JSON object.\");\n}\n\nfunction parseSignatureHeader(signatureHeader: string): { timestamp: number; signature: string } {\n let timestamp: number \| null = null;\n let signature: string \| null = null;\n for (const item of String(signatureHeader ?? \"\").split(\",\")) {\n const [key, value] = item.trim().split(\"=\", 2);\n if (key === \"t\") {\n const parsed = Number.parseInt(value ?? \"\", 10);\n if (!Number.isFinite(parsed)) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature timestamp is invalid.\");\n }\n timestamp = parsed;\n }\n if (key === \"v1\") {\n signature = String(value ?? \"\").trim();\n }\n }\n if (timestamp === null \|\| !signature) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature header is incomplete.\");\n }\n return { timestamp, signature };\n}\n\nasync function randomNonce(): Promise<string> {\n if (globalThis.crypto?.randomUUID) {\n return globalThis.crypto.randomUUID();\n }\n const bytes = new Uint8Array(16);\n if (globalThis.crypto?.getRandomValues) {\n globalThis.crypto.getRandomValues(bytes);\n } else if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n bytes.set(crypto.randomBytes(16));\n } else {\n throw new SiglumeDirectRequestPaymentError(\"Crypto random number generation is unavailable in this runtime.\");\n }\n return bytesToHex(bytes);\n}\n\nasync function hmacSha256Hex(secret: string, payload: Uint8Array): Promise<string> {\n if (globalThis.crypto?.subtle) {\n const stablePayload = new Uint8Array(payload.byteLength);\n stablePayload.set(payload);\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n );\n const digest = await globalThis.crypto.subtle.sign(\"HMAC\", key, stablePayload);\n return bytesToHex(new Uint8Array(digest));\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return crypto.createHmac(\"sha256\", secret).update(Buffer.from(payload)).digest(\"hex\");\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for HMAC-SHA256 in this runtime.\");\n}\n\nasync function sha256Prefixed(material: string): Promise<string> {\n const bytes = new TextEncoder().encode(material);\n if (globalThis.crypto?.subtle) {\n const digest = await globalThis.crypto.subtle.digest(\"SHA-256\", bytes);\n return `sha256:${bytesToHex(new Uint8Array(digest))}`;\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return `sha256:${crypto.createHash(\"sha256\").update(Buffer.from(bytes)).digest(\"hex\")}`;\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for SHA-256 in this runtime.\");\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return [...bytes].map((item) => item.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\nfunction hexToBytes(hex: string): Uint8Array {\n const normalized = String(hex ?? \"\").trim().toLowerCase();\n if (normalized.length % 2 !== 0 \|\| !/^[0-9a-f]$/.test(normalized)) {\n throw new SiglumeWebhookSignatureError(\"Hex digest is invalid.\");\n }\n const bytes = new Uint8Array(normalized.length / 2);\n for (let index = 0; index < normalized.length; index += 2) {\n bytes[index / 2] = Number.parseInt(normalized.slice(index, index + 2), 16);\n }\n return bytes;\n}\n\nasync function timingSafeEqualHex(left: string, right: string): Promise<boolean> {\n const leftBytes = hexToBytes(left);\n const rightBytes = hexToBytes(right);\n if (leftBytes.length !== rightBytes.length) {\n return false;\n }\n let diff = 0;\n for (let index = 0; index < leftBytes.length; index += 1) {\n diff \|= leftBytes[index]! ^ rightBytes[index]!;\n }\n return diff === 0;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,IAAM,2BAA2B;AACjC,IAAM,0CAA0C;AAIhD,IAAM,oDAAoD;AAC1D,IAAM,8BAA8B;AACpC,IAAM,sCAAsC;AAC5C,IAAM,gDAAgD;AACtD,IAAM,wCAAwC;AAC9C,IAAM,oCAAoC;AAyS1C,IAAM,mCAAN,cAA+C,MAAM;AAAA,EAC1D,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,iCAAiC;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,SAA4D;AACvF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS,QAAQ;AACtB,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAEO,IAAM,kCAAN,cAA8C,gBAAgB;AAAA,EACnE,YAAY,UAAU,qFAAqF;AACzG,UAAM,SAAS,EAAE,QAAQ,KAAK,MAAM,8BAA8B,CAAC;AACnE,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,+BAAN,cAA2C,iCAAiC;AAAA,EACjF,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,cAAyC,iCAAiC;AAAA,EAC/E,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,MAAiC;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,oBAAoB;AACrE,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,yBAAyB,OAA+E;AAC5G,UAAM,UAAmC;AAAA,MACvC,MAAM;AAAA,MACN,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,WAAW,gBAAgB,MAAM,WAAW,WAAW;AAAA,IACzD;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,eAAe,MAAM,YAAY;AAAA,IAC1D;AACA,QAAI,MAAM,2BAA2B,QAAW;AAC9C,cAAQ,yBAAyB,gBAAgB,MAAM,wBAAwB,wBAAwB;AAAA,IACzG;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAkC,QAAQ,sCAAsC,OAAO;AAAA,EACrG;AAAA,EAEA,MAAM,sBAAsB,gBAA2D;AACrF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,IAC7G;AAAA,EACF;AAAA,EAEA,MAAM,yBACJ,gBACA,OACmC;AACnC,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,MAC3G;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,SAC+C;AAC/C,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,6BAA6B,aAAa,OAAO,CAAC;AAAA,EAC3F;AAAA,EAEA,MAAM,4BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,+BAA+B,aAAa,OAAO,CAAC;AAAA,EAC7F;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,qCAAN,MAAyC;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,6BAA6B,KAAK,SAAS,oBAAoB;AAChH,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,OAA8F;AAChH,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,qBAAqB,MAAM,gBAAgB,QAAQ;AAAA,MACjE,kBAAkB,kBAAkB,MAAM,oBAAoB,KAAK;AAAA,IACrE;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,gBAAgB,MAAM,cAAc,cAAc;AAAA,IAC3E;AACA,QAAI,MAAM,uBAAuB,QAAW;AAC1C,cAAQ,qBAAqB,2BAA2B,MAAM,kBAAkB;AAAA,IAClF;AACA,QAAI,MAAM,yBAAyB,QAAW;AAC5C,cAAQ,uBAAuB,gBAAgB,MAAM,sBAAsB,sBAAsB;AAAA,IACnG;AACA,QAAI,MAAM,8BAA8B,QAAW;AACjD,cAAQ,4BAA4B,gBAAgB,MAAM,2BAA2B,2BAA2B;AAAA,IAClH;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,QAAI,MAAM,6BAA6B,QAAW;AAChD,cAAQ,2BAA2B,oBAAoB,MAAM,wBAAwB;AAAA,IACvF;AACA,WAAO,KAAK,QAA8C,QAAQ,mCAAmC,OAAO;AAAA,EAC9G;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,sBAAsB,OAAqF;AAC/G,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,OAAO,wBAAwB,MAAM,KAAK;AAAA,MAC1C,aAAa,gBAAgB,MAAM,aAAa,aAAa;AAAA,MAC7D,YAAY,gBAAgB,MAAM,YAAY,YAAY;AAAA,IAC5D;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,mBAAmB,YAAoD;AAC3E,WAAO,KAAK;AAAA,MACV;AAAA,MACA,2CAA2C,mBAAmB,gBAAgB,YAAY,YAAY,CAAC,CAAC;AAAA,IAC1G;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAiE;AACjF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,UAAiE;AAC3F,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,UACA,QAAyD,CAAC,GACX;AAC/C,UAAM,UAAmC,CAAC;AAC1C,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,kBAAkB,MAAM,QAAQ;AAAA,IACrD;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,kBAAkB,MAAM,gBAAgB;AAAA,IACrE;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,MAC7F;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,OACkD;AAClD,UAAM,UAAmC;AAAA,MACvC,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,aAAa,MAAM,aAAa,SAC5B,MAAM,YAAY,IAAI,CAAC,cAAc,gBAAgB,WAAW,YAAY,CAAC,IAC7E,CAAC,4BAA4B,sBAAsB;AAAA,IACzD;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,cAAQ,cAAc,gBAAgB,MAAM,aAAa,aAAa;AAAA,IACxE;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAiD,QAAQ,kCAAkC,OAAO;AAAA,EAChH;AAAA,EAEA,MAAM,cAAc,OAAiG;AACnH,UAAM,WAAW,MAAM,KAAK,cAAc,KAAK;AAC/C,UAAM,cAAc,SAAS,iBAAiB;AAC9C,UAAM,kBAAkB,MAAM,4BAA4B,QACtD,OACA,MAAM,KAAK,sBAAsB,aAAa;AAAA,MAC9C,kBAAkB,SAAS,iBAAiB,oBAAoB,MAAM,oBAAoB;AAAA,MAC1F,kBAAkB,MAAM,oBAAoB,MAAM;AAAA,IACpD,CAAC;AACH,UAAM,sBAAsB,MAAM,+BAA+B,QAAQ,MAAM,oBAAoB;AACnG,UAAM,uBAAuB,uBAAuB,MAAM,uBACtD,MAAM,KAAK,0BAA0B;AAAA,MACrC,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM,uBAAuB,GAAG,WAAW;AAAA,MACxD,aAAa,MAAM;AAAA,MACnB,UAAU,EAAE,UAAU,aAAa,KAAK,kCAAkC;AAAA,IAC5E,CAAC,IACC;AACJ,UAAM,MAA8B;AAAA,MAClC,iCAAiC;AAAA,IACnC;AACA,QAAI,SAAS,kBAAkB;AAC7B,UAAI,0CAA0C,SAAS;AAAA,IACzD;AACA,UAAM,gBAAgB,aAAa,sBAAsB,cAAc;AACvE,QAAI,eAAe;AACjB,UAAI,yBAAyB;AAAA,IAC/B;AACA,WAAO,EAAE,UAAU,iBAAiB,sBAAsB,IAAI;AAAA,EAChE;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,MAAc,sBAAyB,QAAgB,MAAc,WAAiC;AACpG,QAAI;AACF,aAAO,MAAM,KAAK,QAAW,QAAQ,MAAM,SAAS;AAAA,IACtD,SAAS,OAAO;AACd,UAAI,4BAA4B,KAAK,GAAG;AACtC,cAAM,IAAI,gCAAgC;AAAA,MAC5C;AACA,YAAM;AAAA,IACR;AAAA,EACF;AACF;AAEA,eAAsB,oCACpB,OACwC;AACxC,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,6CAA6C,MAAM,QAAQ;AAAA,IACjF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,uCAAuC,IAAI,KAAK,IAAI,SAAS;AAClF,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,6CACpB,QACA,OAMiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AACjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,KAAK;AAC3D,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEO,SAAS,mCAAmC,WAAwD;AACzG,QAAM,QAAQ,gBAAgB,WAAW,WAAW,EAAE,MAAM,GAAG;AAC/D,MAAI,MAAM,WAAW,GAAG;AACtB,UAAM,IAAI,iCAAiC,kEAAkE;AAAA,EAC/G;AACA,QAAM,CAAC,QAAQ,OAAO,SAAS,IAAI;AACnC,MAAI,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW;AACnC,UAAM,IAAI,iCAAiC,iDAAiD;AAAA,EAC9F;AACA,SAAO,EAAE,QAAQ,OAAO,UAAU;AACpC;AAOA,eAAsB,6CACpB,OACiD;AACjD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,sDAAsD,MAAM,QAAQ;AAAA,IAC1F;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,iDAAiD,IAAI,KAAK,IAAI,SAAS;AAC5F,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,sDACpB,QACA,OAOiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AAGjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,OAAO,IAAI,KAAK;AACtE,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEA,eAAsB,6CACpB,QACA,OAOkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,mDAAmD;AACvE,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,sDAAsD,QAAQ;AAAA,IACnF,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,SAAS,MAAM;AAAA,IACf,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,oCACpB,QACA,OAMkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,yCAAyC;AAC7D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,6CAA6C,QAAQ;AAAA,IAC1E,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,kCAAkC,WAAoC;AAC1F,SAAO,eAAe,gBAAgB,WAAW,WAAW,CAAC;AAC/D;AAEA,eAAsB,gCAAgC,OAKlC;AAClB,QAAM,WAAW,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,cAAc,cAAc,CAAC,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,WAAW,WAAW,CAAC;AAC/L,SAAO,eAAe,QAAQ;AAChC;AAEO,SAAS,6BACd,aACA,UAA4E,CAAC,GACtC;AACvC,SAAO,yCAAyC,aAAa,YAAY,qBAAqB;AAAA,IAC5F,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,+BACd,aACA,UAA4E,CAAC,GACtC;AACvC,QAAM,iBAAiB,YAAY;AACnC,MAAI,CAAC,kBAAkB,OAAO,KAAK,cAAc,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,iCAAiC,8EAA8E;AAAA,EAC3H;AACA,SAAO,yCAAyC,aAAa,gBAAgB;AAAA,IAC3E,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,yCACd,aACA,qBACA,SAKuC;AACvC,QAAM,WAAW;AAAA,IACf,GAAI,SAAS,oBAAoB,cAAc,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,IACzF,GAAI,QAAQ,YAAY,CAAC;AAAA,EAC3B;AACA,SAAO;AAAA,IACL;AAAA,IACA,cAAc,gBAAgB,QAAQ,cAAc,cAAc;AAAA,IAClE,gBAAgB;AAAA,IAChB,cAAc,YAAY;AAAA,IAC1B;AAAA,IACA,gBAAgB,QAAQ,QAAQ,cAAc;AAAA,EAChD;AACF;AAEA,eAAsB,wBACpB,gBACA,MACA,SACiB;AACjB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,6BAA6B,6CAA6C;AAAA,EACtF;AACA,QAAM,YAAY,KAAK,MAAM,QAAQ,SAAS;AAC9C,QAAM,QAAQ,UAAU,IAAI;AAC5B,QAAM,SAAS,IAAI,YAAY,EAAE,OAAO,GAAG,SAAS,GAAG;AACvD,QAAM,UAAU,IAAI,WAAW,OAAO,SAAS,MAAM,MAAM;AAC3D,UAAQ,IAAI,QAAQ,CAAC;AACrB,UAAQ,IAAI,OAAO,OAAO,MAAM;AAChC,SAAO,cAAc,gBAAgB,OAAO;AAC9C;AAEA,eAAsB,4BACpB,gBACA,MACA,UAAkC,CAAC,GAClB;AACjB,QAAM,YAAY,KAAK,MAAM,QAAQ,aAAa,KAAK,IAAI,IAAI,GAAI;AACnE,QAAM,YAAY,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AACnF,SAAO,KAAK,SAAS,OAAO,SAAS;AACvC;AAEA,eAAsB,uBACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GAClB;AACvC,QAAM,EAAE,WAAW,UAAU,IAAI,qBAAqB,gBAAgB;AACtE,QAAM,mBAAmB,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,qBAAqB,iCAAiC,CAAC;AAC/G,QAAM,aAAa,KAAK,MAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAI;AAC9D,MAAI,KAAK,IAAI,aAAa,SAAS,IAAI,kBAAkB;AACvD,UAAM,IAAI,6BAA6B,4DAA4D;AAAA,EACrG;AACA,QAAM,WAAW,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AAClF,MAAI,CAAE,MAAM,mBAAmB,UAAU,SAAS,GAAI;AACpD,UAAM,IAAI,6BAA6B,kCAAkC;AAAA,EAC3E;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEO,SAAS,sCAAsC,SAAoD;AACxG,QAAM,QAAQ,cAAc,SAAS,eAAe;AACpD,QAAM,OAAO,cAAc,MAAM,MAAM,oBAAoB;AAC3D,QAAM,SAAS;AAAA,IACb,GAAG;AAAA,IACH,IAAI,gBAAgB,aAAa,MAAM,EAAE,KAAK,IAAI,kBAAkB;AAAA,IACpE,MAAM,gBAAgB,aAAa,MAAM,IAAI,KAAK,IAAI,oBAAoB;AAAA,IAC1E,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,MAAM,EAAE,GAAG,KAAK;AAAA,EAClB;AACA,MAAI,OAAO,SAAS,8BAA8B,OAAO,KAAK,SAAS,6BAA6B;AAClG,UAAM,IAAI,2BAA2B,uEAAuE;AAAA,EAC9G;AACA,SAAO;AACT;AAEA,eAAsB,kCACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GACyC;AAClG,QAAM,eAAe,MAAM,uBAAuB,gBAAgB,MAAM,kBAAkB,OAAO;AACjG,QAAM,OAAO,IAAI,YAAY,EAAE,OAAO,UAAU,IAAI,CAAC;AACrD,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,SAAS,OAAO;AACd,UAAM,IAAI,2BAA2B,uCAAuC;AAAA,EAC9E;AACA,SAAO,EAAE,OAAO,sCAAsC,MAAM,GAAG,aAAa;AAC9E;AAEO,IAAM,6BAA6B;AACnC,IAAM,6BAA6B;AACnC,IAAM,sCAAsC;AAC5C,IAAM,sCAAsC;AAEnD,SAAS,kBAAkB,OAAuB;AAChD,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,8BAA8B,KAAK,QAAQ,GAAG;AACjD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,6BAA6B,OAAuB;AAC3D,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,6BAA6B,KAAK,QAAQ,GAAG;AAChD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,OAAgD;AAC5E,QAAM,OAAO,gBAAgB,OAAO,cAAc,EAAE,YAAY;AAChE,MAAI,SAAS,YAAY,SAAS,UAAU,SAAS,aAAa,SAAS,YAAY,SAAS,OAAO;AACrG,WAAO;AAAA,EACT;AACA,QAAM,IAAI,iCAAiC,uDAAuD;AACpG;AAEA,SAAS,kBAAkB,OAA6C;AACtE,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,aAAa,SAAS,aAAa,OAAO;AAC5C,UAAM,IAAI,iCAAiC,8BAA8B;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,SAAS,eAAe,OAA0C;AAChE,QAAM,QAAQ,gBAAgB,OAAO,cAAc,EAAE,YAAY;AACjE,MAAI,UAAU,UAAU,UAAU,QAAQ;AACxC,UAAM,IAAI,iCAAiC,oCAAoC;AAAA,EACjF;AACA,SAAO;AACT;AAEA,SAAS,2BAA2B,OAAsG;AACxI,QAAM,aAAqC,CAAC;AAC5C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,kBAAkB,IAAI;AACvC,iBAAW,QAAQ,IAAI,wBAAwB,QAAQ;AAAA,IACzD;AAAA,EACF,WAAW,SAAS,KAAK,GAAG;AAC1B,eAAW,CAAC,aAAa,QAAQ,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,iBAAW,kBAAkB,WAAW,CAAC,IAAI,eAAe,OAAO,QAAQ,CAAC;AAAA,IAC9E;AAAA,EACF,OAAO;AACL,UAAM,IAAI,iCAAiC,oEAAoE;AAAA,EACjH;AACA,MAAI,OAAO,KAAK,UAAU,EAAE,WAAW,GAAG;AACxC,UAAM,IAAI,iCAAiC,wDAAwD;AAAA,EACrG;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,UAAmE;AAClG,SAAO,aAAa,QAAQ,SAAS;AACvC;AAEA,SAAS,oBAAoB,OAA2B;AACtD,MAAI,CAAC,MAAM,QAAQ,KAAK,GAAG;AACzB,UAAM,IAAI,iCAAiC,2DAA2D;AAAA,EACxG;AACA,QAAM,OAAO,oBAAI,IAAY;AAC7B,QAAM,UAAoB,CAAC;AAC3B,aAAW,QAAQ,OAAO;AACxB,QAAI;AACJ,QAAI;AACF,YAAM,IAAI,IAAI,gBAAgB,OAAO,IAAI,GAAG,gCAAgC,CAAC;AAAA,IAC/E,QAAQ;AACN,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,SAAS,GAAG,IAAI,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,YAAY,CAAC;AACvE,QAAI,CAAC,KAAK,IAAI,MAAM,GAAG;AACrB,WAAK,IAAI,MAAM;AACf,cAAQ,KAAK,MAAM;AAAA,IACrB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,SAAS,OAAO,KAAK;AAC3B,MAAI,CAAC,OAAO,cAAc,MAAM,KAAK,UAAU,GAAG;AAChD,UAAM,IAAI,iCAAiC,GAAG,IAAI,mCAAmC;AAAA,EACvF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,OAAO,OAAO,SAAS,EAAE,EAAE,KAAK;AACtC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,iCAAiC,GAAG,IAAI,eAAe;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,OAAuB;AACtD,QAAM,QAAQ,gBAAgB,OAAO,OAAO;AAC5C,MAAI,MAAM,SAAS,GAAG,GAAG;AACvB,UAAM,IAAI,iCAAiC,6BAA6B;AAAA,EAC1E;AACA,SAAO;AACT;AAEA,SAAS,0BAA0B,OAAqD;AACtF,QAAM,UAAU,gBAAgB,OAAO,SAAS,EAAE,YAAY;AAC9D,MAAI,YAAY,aAAa,YAAY,SAAS;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAgC,MAAuC;AAC9F,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,KAAK,UAAU,KAAK,CAAC;AAC/C,QAAI,CAAC,SAAS,MAAM,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IACjC;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,iCAAiC,GAAG,IAAI,sCAAsC;AAAA,EAC1F;AACF;AAEA,SAAS,UAAU,SAA0B;AAC3C,MAAI;AACF,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sCAAsC;AAAA,MAC9D,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AACF;AAEA,SAAS,aAAa,OAA+B;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK;AACxB,SAAO,OAAO,OAAO;AACvB;AAEA,SAAS,4BAA4B,OAAyB;AAC5D,MAAI,EAAE,iBAAiB,kBAAkB;AACvC,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK,YAAY;AACpC,MAAI,MAAM,WAAW,QAAQ,SAAS,iCAAiC,SAAS,qBAAqB;AACnG,WAAO;AAAA,EACT;AACA,SACE,MAAM,WAAW,QAChB,SAAS,cAAc,SAAS,eAAe,SAAS,qBAAqB,SAAS;AAE3F;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,cAAc,OAAgB,MAAuC;AAC5E,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,2BAA2B,GAAG,IAAI,qBAAqB;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,SAAS,MAAkC;AAClD,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,QAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,SAAO,SAAS,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AAChD;AAEA,SAAS,UAAU,MAA+E;AAChG,MAAI,gBAAgB,YAAY;AAC9B,WAAO;AAAA,EACT;AACA,MAAI,gBAAgB,aAAa;AAC/B,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AACA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO,IAAI,YAAY,EAAE,OAAO,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,IAAI,GAAG;AAClB,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,IAAI,CAAC;AAAA,EACtD;AACA,QAAM,IAAI,2BAA2B,6DAA6D;AACpG;AAEA,SAAS,qBAAqB,iBAAmE;AAC/F,MAAI,YAA2B;AAC/B,MAAI,YAA2B;AAC/B,aAAW,QAAQ,OAAO,mBAAmB,EAAE,EAAE,MAAM,GAAG,GAAG;AAC3D,UAAM,CAAC,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE,MAAM,KAAK,CAAC;AAC7C,QAAI,QAAQ,KAAK;AACf,YAAM,SAAS,OAAO,SAAS,SAAS,IAAI,EAAE;AAC9C,UAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,cAAM,IAAI,6BAA6B,yCAAyC;AAAA,MAClF;AACA,kBAAY;AAAA,IACd;AACA,QAAI,QAAQ,MAAM;AAChB,kBAAY,OAAO,SAAS,EAAE,EAAE,KAAK;AAAA,IACvC;AAAA,EACF;AACA,MAAI,cAAc,QAAQ,CAAC,WAAW;AACpC,UAAM,IAAI,6BAA6B,yCAAyC;AAAA,EAClF;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEA,eAAe,cAA+B;AAC5C,MAAI,WAAW,QAAQ,YAAY;AACjC,WAAO,WAAW,OAAO,WAAW;AAAA,EACtC;AACA,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,MAAI,WAAW,QAAQ,iBAAiB;AACtC,eAAW,OAAO,gBAAgB,KAAK;AAAA,EACzC,WAAW,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AACnE,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,UAAM,IAAI,OAAO,YAAY,EAAE,CAAC;AAAA,EAClC,OAAO;AACL,UAAM,IAAI,iCAAiC,iEAAiE;AAAA,EAC9G;AACA,SAAO,WAAW,KAAK;AACzB;AAEA,eAAe,cAAc,QAAgB,SAAsC;AACjF,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,gBAAgB,IAAI,WAAW,QAAQ,UAAU;AACvD,kBAAc,IAAI,OAAO;AACzB,UAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,MACzC;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,MAAM;AAAA,MAC/B,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,MAChC;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AACA,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,aAAa;AAC7E,WAAO,WAAW,IAAI,WAAW,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,KAAK,OAAO,CAAC,EAAE,OAAO,KAAK;AAAA,EACtF;AACA,QAAM,IAAI,iCAAiC,yDAAyD;AACtG;AAEA,eAAe,eAAe,UAAmC;AAC/D,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,QAAQ;AAC/C,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,OAAO,WAAW,KAAK;AACrE,WAAO,UAAU,WAAW,IAAI,WAAW,MAAM,CAAC,CAAC;AAAA,EACrD;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,UAAU,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;AAAA,EACvF;AACA,QAAM,IAAI,iCAAiC,qDAAqD;AAClG;AAEA,SAAS,WAAW,OAA2B;AAC7C,SAAO,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE;AAC7E;AAEA,SAAS,WAAW,KAAyB;AAC3C,QAAM,aAAa,OAAO,OAAO,EAAE,EAAE,KAAK,EAAE,YAAY;AACxD,MAAI,WAAW,SAAS,MAAM,KAAK,CAAC,cAAc,KAAK,UAAU,GAAG;AAClE,UAAM,IAAI,6BAA6B,wBAAwB;AAAA,EACjE;AACA,QAAM,QAAQ,IAAI,WAAW,WAAW,SAAS,CAAC;AAClD,WAAS,QAAQ,GAAG,QAAQ,WAAW,QAAQ,SAAS,GAAG;AACzD,UAAM,QAAQ,CAAC,IAAI,OAAO,SAAS,WAAW,MAAM,OAAO,QAAQ,CAAC,GAAG,EAAE;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,eAAe,mBAAmB,MAAc,OAAiC;AAC/E,QAAM,YAAY,WAAW,IAAI;AACjC,QAAM,aAAa,WAAW,KAAK;AACnC,MAAI,UAAU,WAAW,WAAW,QAAQ;AAC1C,WAAO;AAAA,EACT;AACA,MAAI,OAAO;AACX,WAAS,QAAQ,GAAG,QAAQ,UAAU,QAAQ,SAAS,GAAG;AACxD,YAAQ,UAAU,KAAK,IAAK,WAAW,KAAK;AAAA,EAC9C;AACA,SAAO,SAAS;AAClB;","names":[]}

package/dist/index.d.cts CHANGED Viewed

@@ -282,6 +282,9 @@ declare class SiglumeApiError extends SiglumeDirectRequestPaymentError {
         data?: unknown;
     });
 }
+declare class HostedCheckoutNotAvailableError extends SiglumeApiError {
+    constructor(message?: string);
+}
 declare class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {
     constructor(message: string);
 }
@@ -337,6 +340,7 @@ declare class DirectRequestPaymentMerchantClient {
     createWebhookSubscription(input: DirectRequestPaymentWebhookSubscriptionInput): Promise<DirectRequestPaymentWebhookSubscription>;
     setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult>;
     request<T>(method: string, path: string, json_body?: unknown): Promise<T>;
+    private requestHostedCheckout;
 }
 declare function createDirectRequestPaymentChallenge(input: DirectRequestPaymentChallengeInput): Promise<DirectRequestPaymentChallenge>;
 declare function createDirectRequestPaymentChallengeSignature(secret: string, input: {
@@ -415,4 +419,4 @@ declare const verifyExternal402Challenge: typeof verifyDirectRequestPaymentChall
 declare const createExternal402RecurringChallenge: typeof createDirectRequestPaymentRecurringChallenge;
 declare const verifyExternal402RecurringChallenge: typeof verifyDirectRequestPaymentRecurringChallenge;
-export { DEFAULT_SIGLUME_API_BASE, DEFAULT_WEBHOOK_TOLERANCE_SECONDS, DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_MODE, DIRECT_REQUEST_PAYMENT_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE, type DirectPaymentRequirement, type DirectPaymentRequirementCreateInput, type DirectPaymentVerifyInput, type DirectRequestPaymentBillingPlan, type DirectRequestPaymentChallenge, type DirectRequestPaymentChallengeInput, type DirectRequestPaymentCheckoutSetupInput, type DirectRequestPaymentCheckoutSetupResult, DirectRequestPaymentClient, type DirectRequestPaymentClientOptions, type DirectRequestPaymentCurrency, type DirectRequestPaymentMerchantAccount, type DirectRequestPaymentMerchantBillingMandateInput, DirectRequestPaymentMerchantClient, type DirectRequestPaymentMerchantResponse, type DirectRequestPaymentMerchantSetupInput, type DirectRequestPaymentRecurringCadence, type DirectRequestPaymentRecurringChallenge, type DirectRequestPaymentRecurringChallengeInput, type DirectRequestPaymentToken, type DirectRequestPaymentWebhookEvent, type DirectRequestPaymentWebhookSubscription, type DirectRequestPaymentWebhookSubscriptionInput, type HostedCheckoutSession, type HostedCheckoutSessionCreateInput, type HostedCheckoutSessionCreateResult, type ParsedDirectRequestPaymentChallenge, SiglumeApiError, SiglumeDirectRequestPaymentError, type SiglumeEnvelopeMeta, SiglumeWebhookPayloadError, SiglumeWebhookSignatureError, type Web3PreparedTransactionExecutePayload, type Web3PreparedTransactionExecuteResult, type Web3TransactionRequest, type WebhookSignatureVerification, buildAllowanceExecutionPayload, buildPaymentExecutionPayload, buildPreparedTransactionExecutionPayload, buildWebhookSignatureHeader, computeWebhookSignature, createDirectRequestPaymentChallenge, createDirectRequestPaymentChallengeSignature, createDirectRequestPaymentRecurringChallenge, createDirectRequestPaymentRecurringChallengeSignature, createExternal402Challenge, createExternal402RecurringChallenge, directRequestPaymentChallengeHash, directRequestPaymentRequestHash, parseDirectRequestPaymentChallenge, parseDirectRequestPaymentWebhookEvent, verifyDirectRequestPaymentChallenge, verifyDirectRequestPaymentRecurringChallenge, verifyDirectRequestPaymentWebhook, verifyExternal402Challenge, verifyExternal402RecurringChallenge, verifyWebhookSignature };
+export { DEFAULT_SIGLUME_API_BASE, DEFAULT_WEBHOOK_TOLERANCE_SECONDS, DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_MODE, DIRECT_REQUEST_PAYMENT_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE, type DirectPaymentRequirement, type DirectPaymentRequirementCreateInput, type DirectPaymentVerifyInput, type DirectRequestPaymentBillingPlan, type DirectRequestPaymentChallenge, type DirectRequestPaymentChallengeInput, type DirectRequestPaymentCheckoutSetupInput, type DirectRequestPaymentCheckoutSetupResult, DirectRequestPaymentClient, type DirectRequestPaymentClientOptions, type DirectRequestPaymentCurrency, type DirectRequestPaymentMerchantAccount, type DirectRequestPaymentMerchantBillingMandateInput, DirectRequestPaymentMerchantClient, type DirectRequestPaymentMerchantResponse, type DirectRequestPaymentMerchantSetupInput, type DirectRequestPaymentRecurringCadence, type DirectRequestPaymentRecurringChallenge, type DirectRequestPaymentRecurringChallengeInput, type DirectRequestPaymentToken, type DirectRequestPaymentWebhookEvent, type DirectRequestPaymentWebhookSubscription, type DirectRequestPaymentWebhookSubscriptionInput, HostedCheckoutNotAvailableError, type HostedCheckoutSession, type HostedCheckoutSessionCreateInput, type HostedCheckoutSessionCreateResult, type ParsedDirectRequestPaymentChallenge, SiglumeApiError, SiglumeDirectRequestPaymentError, type SiglumeEnvelopeMeta, SiglumeWebhookPayloadError, SiglumeWebhookSignatureError, type Web3PreparedTransactionExecutePayload, type Web3PreparedTransactionExecuteResult, type Web3TransactionRequest, type WebhookSignatureVerification, buildAllowanceExecutionPayload, buildPaymentExecutionPayload, buildPreparedTransactionExecutionPayload, buildWebhookSignatureHeader, computeWebhookSignature, createDirectRequestPaymentChallenge, createDirectRequestPaymentChallengeSignature, createDirectRequestPaymentRecurringChallenge, createDirectRequestPaymentRecurringChallengeSignature, createExternal402Challenge, createExternal402RecurringChallenge, directRequestPaymentChallengeHash, directRequestPaymentRequestHash, parseDirectRequestPaymentChallenge, parseDirectRequestPaymentWebhookEvent, verifyDirectRequestPaymentChallenge, verifyDirectRequestPaymentRecurringChallenge, verifyDirectRequestPaymentWebhook, verifyExternal402Challenge, verifyExternal402RecurringChallenge, verifyWebhookSignature };

package/dist/index.d.ts CHANGED Viewed

@@ -282,6 +282,9 @@ declare class SiglumeApiError extends SiglumeDirectRequestPaymentError {
         data?: unknown;
     });
 }
+declare class HostedCheckoutNotAvailableError extends SiglumeApiError {
+    constructor(message?: string);
+}
 declare class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {
     constructor(message: string);
 }
@@ -337,6 +340,7 @@ declare class DirectRequestPaymentMerchantClient {
     createWebhookSubscription(input: DirectRequestPaymentWebhookSubscriptionInput): Promise<DirectRequestPaymentWebhookSubscription>;
     setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult>;
     request<T>(method: string, path: string, json_body?: unknown): Promise<T>;
+    private requestHostedCheckout;
 }
 declare function createDirectRequestPaymentChallenge(input: DirectRequestPaymentChallengeInput): Promise<DirectRequestPaymentChallenge>;
 declare function createDirectRequestPaymentChallengeSignature(secret: string, input: {
@@ -415,4 +419,4 @@ declare const verifyExternal402Challenge: typeof verifyDirectRequestPaymentChall
 declare const createExternal402RecurringChallenge: typeof createDirectRequestPaymentRecurringChallenge;
 declare const verifyExternal402RecurringChallenge: typeof verifyDirectRequestPaymentRecurringChallenge;
-export { DEFAULT_SIGLUME_API_BASE, DEFAULT_WEBHOOK_TOLERANCE_SECONDS, DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_MODE, DIRECT_REQUEST_PAYMENT_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE, type DirectPaymentRequirement, type DirectPaymentRequirementCreateInput, type DirectPaymentVerifyInput, type DirectRequestPaymentBillingPlan, type DirectRequestPaymentChallenge, type DirectRequestPaymentChallengeInput, type DirectRequestPaymentCheckoutSetupInput, type DirectRequestPaymentCheckoutSetupResult, DirectRequestPaymentClient, type DirectRequestPaymentClientOptions, type DirectRequestPaymentCurrency, type DirectRequestPaymentMerchantAccount, type DirectRequestPaymentMerchantBillingMandateInput, DirectRequestPaymentMerchantClient, type DirectRequestPaymentMerchantResponse, type DirectRequestPaymentMerchantSetupInput, type DirectRequestPaymentRecurringCadence, type DirectRequestPaymentRecurringChallenge, type DirectRequestPaymentRecurringChallengeInput, type DirectRequestPaymentToken, type DirectRequestPaymentWebhookEvent, type DirectRequestPaymentWebhookSubscription, type DirectRequestPaymentWebhookSubscriptionInput, type HostedCheckoutSession, type HostedCheckoutSessionCreateInput, type HostedCheckoutSessionCreateResult, type ParsedDirectRequestPaymentChallenge, SiglumeApiError, SiglumeDirectRequestPaymentError, type SiglumeEnvelopeMeta, SiglumeWebhookPayloadError, SiglumeWebhookSignatureError, type Web3PreparedTransactionExecutePayload, type Web3PreparedTransactionExecuteResult, type Web3TransactionRequest, type WebhookSignatureVerification, buildAllowanceExecutionPayload, buildPaymentExecutionPayload, buildPreparedTransactionExecutionPayload, buildWebhookSignatureHeader, computeWebhookSignature, createDirectRequestPaymentChallenge, createDirectRequestPaymentChallengeSignature, createDirectRequestPaymentRecurringChallenge, createDirectRequestPaymentRecurringChallengeSignature, createExternal402Challenge, createExternal402RecurringChallenge, directRequestPaymentChallengeHash, directRequestPaymentRequestHash, parseDirectRequestPaymentChallenge, parseDirectRequestPaymentWebhookEvent, verifyDirectRequestPaymentChallenge, verifyDirectRequestPaymentRecurringChallenge, verifyDirectRequestPaymentWebhook, verifyExternal402Challenge, verifyExternal402RecurringChallenge, verifyWebhookSignature };
+export { DEFAULT_SIGLUME_API_BASE, DEFAULT_WEBHOOK_TOLERANCE_SECONDS, DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_MODE, DIRECT_REQUEST_PAYMENT_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE, type DirectPaymentRequirement, type DirectPaymentRequirementCreateInput, type DirectPaymentVerifyInput, type DirectRequestPaymentBillingPlan, type DirectRequestPaymentChallenge, type DirectRequestPaymentChallengeInput, type DirectRequestPaymentCheckoutSetupInput, type DirectRequestPaymentCheckoutSetupResult, DirectRequestPaymentClient, type DirectRequestPaymentClientOptions, type DirectRequestPaymentCurrency, type DirectRequestPaymentMerchantAccount, type DirectRequestPaymentMerchantBillingMandateInput, DirectRequestPaymentMerchantClient, type DirectRequestPaymentMerchantResponse, type DirectRequestPaymentMerchantSetupInput, type DirectRequestPaymentRecurringCadence, type DirectRequestPaymentRecurringChallenge, type DirectRequestPaymentRecurringChallengeInput, type DirectRequestPaymentToken, type DirectRequestPaymentWebhookEvent, type DirectRequestPaymentWebhookSubscription, type DirectRequestPaymentWebhookSubscriptionInput, HostedCheckoutNotAvailableError, type HostedCheckoutSession, type HostedCheckoutSessionCreateInput, type HostedCheckoutSessionCreateResult, type ParsedDirectRequestPaymentChallenge, SiglumeApiError, SiglumeDirectRequestPaymentError, type SiglumeEnvelopeMeta, SiglumeWebhookPayloadError, SiglumeWebhookSignatureError, type Web3PreparedTransactionExecutePayload, type Web3PreparedTransactionExecuteResult, type Web3TransactionRequest, type WebhookSignatureVerification, buildAllowanceExecutionPayload, buildPaymentExecutionPayload, buildPreparedTransactionExecutionPayload, buildWebhookSignatureHeader, computeWebhookSignature, createDirectRequestPaymentChallenge, createDirectRequestPaymentChallengeSignature, createDirectRequestPaymentRecurringChallenge, createDirectRequestPaymentRecurringChallengeSignature, createExternal402Challenge, createExternal402RecurringChallenge, directRequestPaymentChallengeHash, directRequestPaymentRequestHash, parseDirectRequestPaymentChallenge, parseDirectRequestPaymentWebhookEvent, verifyDirectRequestPaymentChallenge, verifyDirectRequestPaymentRecurringChallenge, verifyDirectRequestPaymentWebhook, verifyExternal402Challenge, verifyExternal402RecurringChallenge, verifyWebhookSignature };

package/dist/index.js CHANGED Viewed

@@ -25,6 +25,12 @@ var SiglumeApiError = class extends SiglumeDirectRequestPaymentError {
     this.data = options.data;
   }
 };
+var HostedCheckoutNotAvailableError = class extends SiglumeApiError {
+  constructor(message = "Hosted Checkout is not enabled for this account yet (server rollout in progress).") {
+    super(message, { status: 409, code: "HOSTED_CHECKOUT_NOT_ENABLED" });
+    this.name = "HostedCheckoutNotAvailableError";
+  }
+};
 var SiglumeWebhookSignatureError = class extends SiglumeDirectRequestPaymentError {
   constructor(message) {
     super(message);
@@ -57,7 +63,7 @@ var DirectRequestPaymentClient = class {
     this.auth_token = authToken;
     this.base_url = (options.base_url ?? envValue("SIGLUME_API_BASE") ?? DEFAULT_SIGLUME_API_BASE).replace(/\/+$/, "");
     this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15e3));
-    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.0";
+    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.1";
     this.fetch_impl = fetchImpl;
   }
   async createPaymentRequirement(input) {
@@ -162,7 +168,7 @@ var DirectRequestPaymentMerchantClient = class {
     this.auth_token = authToken;
     this.base_url = (options.base_url ?? envValue("SIGLUME_API_BASE") ?? DEFAULT_SIGLUME_API_BASE).replace(/\/+$/, "");
     this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15e3));
-    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.0";
+    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.1";
     this.fetch_impl = fetchImpl;
   }
   async setupMerchant(input) {
@@ -207,14 +213,14 @@ var DirectRequestPaymentMerchantClient = class {
       merchant: normalizeSelfServiceMerchant(input.merchant),
       amount_minor: positiveInteger(input.amount_minor, "amount_minor"),
       currency: normalizeCurrency(input.currency),
-      nonce: requireNonEmpty(input.nonce, "nonce"),
+      nonce: normalizeChallengeNonce(input.nonce),
       success_url: requireNonEmpty(input.success_url, "success_url"),
       cancel_url: requireNonEmpty(input.cancel_url, "cancel_url")
     };
     if (input.metadata !== void 0) {
       payload.metadata = cloneJsonObject(input.metadata, "metadata");
     }
-    return this.request(
+    return this.requestHostedCheckout(
       "POST",
       "/sdrp/direct-payments/checkout-sessions",
       payload
@@ -222,7 +228,7 @@ var DirectRequestPaymentMerchantClient = class {
   }
   /** Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). */
   async getCheckoutSession(session_id) {
-    return this.request(
+    return this.requestHostedCheckout(
       "GET",
       `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, "session_id"))}`
     );
@@ -331,6 +337,16 @@ var DirectRequestPaymentMerchantClient = class {
       clearTimeout(timeout);
     }
   }
+  async requestHostedCheckout(method, path, json_body) {
+    try {
+      return await this.request(method, path, json_body);
+    } catch (error) {
+      if (isHostedCheckoutUnavailable(error)) {
+        throw new HostedCheckoutNotAvailableError();
+      }
+      throw error;
+    }
+  }
 };
 async function createDirectRequestPaymentChallenge(input) {
   const merchant = normalizeMerchant(input.merchant);
@@ -677,6 +693,16 @@ function stringOrNull(value) {
   const text = value.trim();
   return text ? text : null;
 }
+function isHostedCheckoutUnavailable(error) {
+  if (!(error instanceof SiglumeApiError)) {
+    return false;
+  }
+  const code = error.code.toUpperCase();
+  if (error.status === 409 && (code === "HOSTED_CHECKOUT_NOT_ENABLED" || code === "FEATURE_DISABLED")) {
+    return true;
+  }
+  return error.status === 404 && (code === "HTTP_404" || code === "NOT_FOUND" || code === "ROUTE_NOT_FOUND" || code === "FEATURE_DISABLED");
+}
 function isRecord(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }
@@ -813,6 +839,7 @@ export {
   DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,
   DirectRequestPaymentClient,
   DirectRequestPaymentMerchantClient,
+  HostedCheckoutNotAvailableError,
   SiglumeApiError,
   SiglumeDirectRequestPaymentError,
   SiglumeWebhookPayloadError,

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts"],"sourcesContent":["export const DEFAULT_SIGLUME_API_BASE = \"https://siglume.com/v1\";\nexport const DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME = \"siglume-external-402-v1\";\n// Recurring (subscription / scheduled autopay) approval uses a DISTINCT scheme\n// with cadence bound into the HMAC, so a one-time checkout challenge can never\n// be replayed as a recurring authorization and vice versa.\nexport const DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME = \"siglume-external-402-recurring-v1\";\nexport const DIRECT_REQUEST_PAYMENT_MODE = \"external_402\";\nexport const DIRECT_REQUEST_PAYMENT_RECEIPT_KIND = \"sdrp_direct_payment\";\nexport const DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND = \"sdrp_direct_payment_allowance\";\nexport const DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE = \"sdrp_direct_payment_requirement\";\nexport const DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 300;\n\nexport type DirectRequestPaymentCurrency = \"JPY\" \| \"USD\";\nexport type DirectRequestPaymentToken = \"JPYC\" \| \"USDC\";\n\nexport interface DirectRequestPaymentChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface ParsedDirectRequestPaymentChallenge {\n scheme: string;\n nonce: string;\n signature: string;\n}\n\n/** \"monthly\" authorizes a Siglume-swept subscription; \"daily\" authorizes\n * merchant-triggered scheduled autopay. It is an approval tag, not a\n * run-count limiter. /\nexport type DirectRequestPaymentRecurringCadence = \"monthly\" \| \"daily\";\n\nexport interface DirectRequestPaymentRecurringChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentRecurringChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n cadence: DirectRequestPaymentRecurringCadence;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface Web3TransactionRequest {\n network?: string;\n chain_id?: number;\n from?: string;\n to?: string;\n data?: string;\n value?: string \| number;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectPaymentRequirement {\n direct_payment_requirement_id: string;\n requirement_id: string;\n id: string;\n mode: string;\n merchant?: string \| null;\n challenge_hash?: string \| null;\n buyer_user_id: string;\n agent_id?: string \| null;\n product_listing_id: string;\n listing_id: string;\n access_grant_id?: string \| null;\n capability_key: string;\n requirement_hash: string;\n request_hash: string;\n siglume_signature: string;\n token_symbol: string;\n currency: string;\n amount_minor: number;\n fee_bps: number;\n status: string;\n expires_at?: string \| null;\n confirmed_at?: string \| null;\n spent_at?: string \| null;\n chain_receipt_id?: string \| null;\n transaction_request: Web3TransactionRequest;\n approve_transaction_request?: Web3TransactionRequest \| null;\n buyer_confirmation?: string \| null;\n non_custodial: boolean;\n metadata_jsonb?: Record<string, unknown>;\n created_at?: string \| null;\n updated_at?: string \| null;\n}\n\nexport interface DirectPaymentRequirementCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n token_symbol?: DirectRequestPaymentToken \| string;\n allowance_amount_minor?: number;\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectPaymentVerifyInput {\n receipt_id?: string \| null;\n chain_receipt_id?: string \| null;\n await_finality?: boolean;\n await_required_status?: string \| null;\n await_timeout_seconds?: number;\n await_poll_seconds?: number;\n}\n\nexport interface Web3PreparedTransactionExecutePayload {\n transaction_request: Web3TransactionRequest;\n receipt_kind: string;\n reference_type: typeof DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE;\n reference_id: string;\n metadata?: Record<string, unknown>;\n await_finality?: boolean;\n}\n\nexport interface Web3PreparedTransactionExecuteResult {\n receipt?: Record<string, unknown>;\n finalization?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentClientOptions {\n auth_token?: string;\n base_url?: string;\n fetch?: typeof fetch;\n timeout_ms?: number;\n user_agent?: string;\n}\n\nexport type DirectRequestPaymentBillingPlan = \"launch\" \| \"free\" \| \"starter\" \| \"growth\" \| \"pro\";\n\nexport interface DirectRequestPaymentMerchantAccount {\n merchant_account_id: string;\n merchant: string;\n merchant_user_id: string;\n user_wallet_id?: string \| null;\n billing_mandate_id?: string \| null;\n display_name?: string \| null;\n status?: string \| null;\n billing_status?: string \| null;\n billing_plan?: string \| null;\n billing_currency?: string \| null;\n token_symbol?: string \| null;\n monthly_fee_minor?: number \| null;\n settlement_fee_bps?: number \| null;\n settlement_fee_min_minor?: number \| null;\n included_monthly_payments?: number \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantSetupInput {\n merchant: string;\n display_name?: string;\n billing_plan?: DirectRequestPaymentBillingPlan \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n allowed_currencies?: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>;\n webhook_callback_url?: string;\n billing_mandate_cap_minor?: number;\n max_amount_minor?: number;\n // Hosted Checkout return-URL origin allowlist (open-redirect defense). Each\n // entry is an absolute origin such as \"https://shop.example.com\". The origin\n // of webhook_callback_url is auto-allowed in addition to these.\n checkout_allowed_origins?: string[];\n}\n\nexport interface HostedCheckoutSessionCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n success_url: string;\n cancel_url: string;\n metadata?: Record<string, unknown>;\n}\n\nexport interface HostedCheckoutSessionCreateResult {\n checkout_url: string;\n session_id: string;\n challenge_hash: string;\n status?: string;\n expires_at?: string \| null;\n}\n\nexport interface HostedCheckoutSession {\n session_id: string;\n merchant: string;\n currency: string;\n token_symbol: string;\n amount_minor: number;\n status: string;\n challenge_hash: string;\n requirement_id?: string \| null;\n success_url: string;\n cancel_url: string;\n expires_at?: string \| null;\n authenticated_at?: string \| null;\n paid_at?: string \| null;\n cancelled_at?: string \| null;\n created_at?: string \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantBillingMandateInput {\n currency?: DirectRequestPaymentCurrency \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantResponse {\n merchant_account: DirectRequestPaymentMerchantAccount;\n challenge_secret?: string \| null;\n challenge_secret_created?: boolean;\n created?: boolean \| null;\n listing_id?: string \| null;\n mandate?: Record<string, unknown> \| null;\n next_steps?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscriptionInput {\n callback_url: string;\n description?: string;\n event_types?: string[];\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscription {\n webhook_subscription_id?: string;\n subscription_id?: string;\n id?: string;\n callback_url?: string;\n signing_secret?: string;\n status?: string;\n event_types?: string[];\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupInput extends DirectRequestPaymentMerchantSetupInput {\n create_webhook_subscription?: boolean;\n prepare_billing_mandate?: boolean;\n webhook_event_types?: string[];\n webhook_description?: string;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupResult {\n merchant: DirectRequestPaymentMerchantResponse;\n billing_mandate?: DirectRequestPaymentMerchantResponse \| null;\n webhook_subscription?: DirectRequestPaymentWebhookSubscription \| null;\n env: Record<string, string>;\n}\n\nexport interface SiglumeEnvelopeMeta {\n request_id?: string \| null;\n trace_id?: string \| null;\n [key: string]: unknown;\n}\n\nexport interface WebhookSignatureVerification {\n timestamp: number;\n signature: string;\n}\n\nexport interface DirectRequestPaymentWebhookEvent {\n id: string;\n type: \"direct_payment.confirmed\" \| string;\n api_version: string;\n occurred_at: string;\n data: {\n mode?: string;\n merchant?: string;\n direct_payment_requirement_id?: string;\n requirement_id?: string;\n challenge_hash?: string;\n amount_minor?: number;\n currency?: string;\n token_symbol?: string;\n status?: string;\n [key: string]: unknown;\n };\n [key: string]: unknown;\n}\n\nexport class SiglumeDirectRequestPaymentError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeDirectRequestPaymentError\";\n }\n}\n\nexport class SiglumeApiError extends SiglumeDirectRequestPaymentError {\n readonly status: number;\n readonly code: string;\n readonly data: unknown;\n\n constructor(message: string, options: { status: number; code?: string; data?: unknown }) {\n super(message);\n this.name = \"SiglumeApiError\";\n this.status = options.status;\n this.code = options.code ?? \"SIGLUME_API_ERROR\";\n this.data = options.data;\n }\n}\n\nexport class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookSignatureError\";\n }\n}\n\nexport class SiglumeWebhookPayloadError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookPayloadError\";\n }\n}\n\nexport class DirectRequestPaymentClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A buyer Siglume bearer token is required for Direct Request Payment API calls. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.0\";\n this.fetch_impl = fetchImpl;\n }\n\n async createPaymentRequirement(input: DirectPaymentRequirementCreateInput): Promise<DirectPaymentRequirement> {\n const payload: Record<string, unknown> = {\n mode: DIRECT_REQUEST_PAYMENT_MODE,\n merchant: normalizeMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n challenge: requireNonEmpty(input.challenge, \"challenge\"),\n };\n if (input.token_symbol !== undefined) {\n payload.token_symbol = normalizeToken(input.token_symbol);\n }\n if (input.allowance_amount_minor !== undefined) {\n payload.allowance_amount_minor = positiveInteger(input.allowance_amount_minor, \"allowance_amount_minor\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectPaymentRequirement>(\"POST\", \"/sdrp/direct-payments/requirements\", payload);\n }\n\n async getPaymentRequirement(requirement_id: string): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"GET\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}`,\n );\n }\n\n async verifyPaymentRequirement(\n requirement_id: string,\n input: DirectPaymentVerifyInput,\n ): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"POST\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}/verify`,\n input,\n );\n }\n\n async executePreparedTransaction(\n payload: Web3PreparedTransactionExecutePayload,\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.request<Web3PreparedTransactionExecuteResult>(\n \"POST\",\n \"/market/web3/transactions/execute-prepared\",\n payload,\n );\n }\n\n async executePaymentTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildPaymentExecutionPayload(requirement, options));\n }\n\n async executeAllowanceTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildAllowanceExecutionPayload(requirement, options));\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport class DirectRequestPaymentMerchantClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_MERCHANT_AUTH_TOKEN\") ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A merchant Siglume bearer token is required for Direct Request Payment merchant setup. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.0\";\n this.fetch_impl = fetchImpl;\n }\n\n async setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n billing_plan: normalizeBillingPlan(input.billing_plan ?? \"launch\"),\n billing_currency: normalizeCurrency(input.billing_currency ?? \"JPY\"),\n };\n if (input.display_name !== undefined) {\n payload.display_name = requireNonEmpty(input.display_name, \"display_name\");\n }\n if (input.allowed_currencies !== undefined) {\n payload.allowed_currencies = normalizeAllowedCurrencies(input.allowed_currencies);\n }\n if (input.webhook_callback_url !== undefined) {\n payload.webhook_callback_url = requireNonEmpty(input.webhook_callback_url, \"webhook_callback_url\");\n }\n if (input.billing_mandate_cap_minor !== undefined) {\n payload.billing_mandate_cap_minor = positiveInteger(input.billing_mandate_cap_minor, \"billing_mandate_cap_minor\");\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n if (input.checkout_allowed_origins !== undefined) {\n payload.checkout_allowed_origins = normalizeOriginList(input.checkout_allowed_origins);\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\"POST\", \"/sdrp/direct-payments/merchants\", payload);\n }\n\n /\n Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web\n * shoppers). Siglume authors the challenge server-side, persists a single-use\n * expiring session, and returns a `checkout_url`. Redirect the shopper there;\n * they log into Siglume, approve, and pay from their own wallet, then return\n * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook\n * (the source of truth), exactly as with the agent flow.\n \n `success_url`/`cancel_url` must be on an origin you registered via\n * `checkout_allowed_origins` (or your `webhook_callback_url` origin).\n /\n async createCheckoutSession(input: HostedCheckoutSessionCreateInput): Promise<HostedCheckoutSessionCreateResult> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n nonce: requireNonEmpty(input.nonce, \"nonce\"),\n success_url: requireNonEmpty(input.success_url, \"success_url\"),\n cancel_url: requireNonEmpty(input.cancel_url, \"cancel_url\"),\n };\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<HostedCheckoutSessionCreateResult>(\n \"POST\",\n \"/sdrp/direct-payments/checkout-sessions\",\n payload,\n );\n }\n\n /* Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). /\n async getCheckoutSession(session_id: string): Promise<HostedCheckoutSession> {\n return this.request<HostedCheckoutSession>(\n \"GET\",\n `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, \"session_id\"))}`,\n );\n }\n\n async getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"GET\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}`,\n );\n }\n\n async rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/challenge-secret/rotate`,\n );\n }\n\n async prepareBillingMandate(\n merchant: string,\n input: DirectRequestPaymentMerchantBillingMandateInput = {},\n ): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {};\n if (input.currency !== undefined) {\n payload.currency = normalizeCurrency(input.currency);\n }\n if (input.billing_currency !== undefined) {\n payload.billing_currency = normalizeCurrency(input.billing_currency);\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/billing-mandate`,\n payload,\n );\n }\n\n async createWebhookSubscription(\n input: DirectRequestPaymentWebhookSubscriptionInput,\n ): Promise<DirectRequestPaymentWebhookSubscription> {\n const payload: Record<string, unknown> = {\n callback_url: requireNonEmpty(input.callback_url, \"callback_url\"),\n event_types: input.event_types?.length\n ? input.event_types.map((eventType) => requireNonEmpty(eventType, \"event_type\"))\n : [\"direct_payment.confirmed\", \"direct_payment.spent\"],\n };\n if (input.description !== undefined) {\n payload.description = requireNonEmpty(input.description, \"description\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectRequestPaymentWebhookSubscription>(\"POST\", \"/market/webhooks/subscriptions\", payload);\n }\n\n async setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult> {\n const merchant = await this.setupMerchant(input);\n const merchantKey = merchant.merchant_account.merchant;\n const billing_mandate = input.prepare_billing_mandate === false\n ? null\n : await this.prepareBillingMandate(merchantKey, {\n billing_currency: merchant.merchant_account.billing_currency ?? input.billing_currency ?? \"JPY\",\n max_amount_minor: input.max_amount_minor ?? input.billing_mandate_cap_minor,\n });\n const shouldCreateWebhook = input.create_webhook_subscription ?? Boolean(input.webhook_callback_url);\n const webhook_subscription = shouldCreateWebhook && input.webhook_callback_url\n ? await this.createWebhookSubscription({\n callback_url: input.webhook_callback_url,\n description: input.webhook_description ?? `${merchantKey} Direct Request Payment`,\n event_types: input.webhook_event_types,\n metadata: { merchant: merchantKey, sdk: \"@siglume/direct-request-payment\" },\n })\n : null;\n const env: Record<string, string> = {\n SIGLUME_DIRECT_PAYMENT_MERCHANT: merchantKey,\n };\n if (merchant.challenge_secret) {\n env.SIGLUME_DIRECT_PAYMENT_CHALLENGE_SECRET = merchant.challenge_secret;\n }\n const webhookSecret = stringOrNull(webhook_subscription?.signing_secret);\n if (webhookSecret) {\n env.SIGLUME_WEBHOOK_SECRET = webhookSecret;\n }\n return { merchant, billing_mandate, webhook_subscription, env };\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport async function createDirectRequestPaymentChallenge(\n input: DirectRequestPaymentChallengeInput,\n): Promise<DirectRequestPaymentChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = normalizeChallengeNonce(input.nonce);\n const material = `${merchant}:${amount}:${currency}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport function parseDirectRequestPaymentChallenge(challenge: string): ParsedDirectRequestPaymentChallenge {\n const parts = requireNonEmpty(challenge, \"challenge\").split(\":\");\n if (parts.length !== 3) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge must be scheme:nonce:signature.\");\n }\n const [scheme, nonce, signature] = parts;\n if (!scheme \|\| !nonce \|\| !signature) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge is incomplete.\");\n }\n return { scheme, nonce, signature };\n}\n\n/* Merchant-side, ONE-TIME approval of a recurring authorization: amount +\n * currency + cadence are bound into the HMAC. Recurring charges afterwards\n * are deliberately challenge-free; the recurring authorization and the\n * buyer's mandate/budget caps are the per-charge integrity checks. Cadence\n * \"monthly\" = subscription, \"daily\" = scheduled autopay approval tag. /\nexport async function createDirectRequestPaymentRecurringChallenge(\n input: DirectRequestPaymentRecurringChallengeInput,\n): Promise<DirectRequestPaymentRecurringChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentRecurringChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentRecurringChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = normalizeChallengeNonce(input.nonce);\n // MUST stay byte-identical to the server's\n // _external_402_recurring_challenge_signature — both sides change together.\n const material = `${merchant}:${amount}:${currency}:${cadence}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport async function verifyDirectRequestPaymentRecurringChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentRecurringChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n cadence: input.cadence,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function verifyDirectRequestPaymentChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function directRequestPaymentChallengeHash(challenge: string): Promise<string> {\n return sha256Prefixed(requireNonEmpty(challenge, \"challenge\"));\n}\n\nexport async function directRequestPaymentRequestHash(input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n}): Promise<string> {\n const material = `${normalizeMerchant(input.merchant)}${positiveInteger(input.amount_minor, \"amount_minor\")}${normalizeCurrency(input.currency)}${requireNonEmpty(input.challenge, \"challenge\")}`;\n return sha256Prefixed(material);\n}\n\nexport function buildPaymentExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n return buildPreparedTransactionExecutionPayload(requirement, requirement.transaction_request, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildAllowanceExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n const approveRequest = requirement.approve_transaction_request;\n if (!approveRequest \|\| Object.keys(approveRequest).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"This payment requirement does not include an allowance approval transaction.\");\n }\n return buildPreparedTransactionExecutionPayload(requirement, approveRequest, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildPreparedTransactionExecutionPayload(\n requirement: DirectPaymentRequirement,\n transaction_request: Web3TransactionRequest,\n options: {\n receipt_kind: string;\n await_finality?: boolean;\n metadata?: Record<string, unknown>;\n },\n): Web3PreparedTransactionExecutePayload {\n const metadata = {\n ...(isRecord(transaction_request.metadata_jsonb) ? transaction_request.metadata_jsonb : {}),\n ...(options.metadata ?? {}),\n };\n return {\n transaction_request,\n receipt_kind: requireNonEmpty(options.receipt_kind, \"receipt_kind\"),\n reference_type: DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,\n reference_id: requirement.requirement_id,\n metadata,\n await_finality: Boolean(options.await_finality),\n };\n}\n\nexport async function computeWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp: number },\n): Promise<string> {\n if (!signing_secret) {\n throw new SiglumeWebhookSignatureError(\"SIGLUME webhook signing secret is required.\");\n }\n const timestamp = Math.trunc(options.timestamp);\n const bytes = bodyBytes(body);\n const prefix = new TextEncoder().encode(`${timestamp}.`);\n const payload = new Uint8Array(prefix.length + bytes.length);\n payload.set(prefix, 0);\n payload.set(bytes, prefix.length);\n return hmacSha256Hex(signing_secret, payload);\n}\n\nexport async function buildWebhookSignatureHeader(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp?: number } = {},\n): Promise<string> {\n const timestamp = Math.trunc(options.timestamp ?? Date.now() / 1000);\n const signature = await computeWebhookSignature(signing_secret, body, { timestamp });\n return `t=${timestamp},v1=${signature}`;\n}\n\nexport async function verifyWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<WebhookSignatureVerification> {\n const { timestamp, signature } = parseSignatureHeader(signature_header);\n const toleranceSeconds = Math.max(1, Math.trunc(options.tolerance_seconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS));\n const nowSeconds = Math.trunc(options.now ?? Date.now() / 1000);\n if (Math.abs(nowSeconds - timestamp) > toleranceSeconds) {\n throw new SiglumeWebhookSignatureError(\"Webhook timestamp is outside the allowed tolerance window.\");\n }\n const expected = await computeWebhookSignature(signing_secret, body, { timestamp });\n if (!(await timingSafeEqualHex(expected, signature))) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature did not match.\");\n }\n return { timestamp, signature };\n}\n\nexport function parseDirectRequestPaymentWebhookEvent(payload: unknown): DirectRequestPaymentWebhookEvent {\n const event = requireRecord(payload, \"webhook event\");\n const data = requireRecord(event.data, \"webhook event data\");\n const parsed = {\n ...event,\n id: requireNonEmpty(stringOrNull(event.id) ?? \"\", \"webhook event id\"),\n type: requireNonEmpty(stringOrNull(event.type) ?? \"\", \"webhook event type\"),\n api_version: requireNonEmpty(stringOrNull(event.api_version) ?? \"\", \"webhook api_version\"),\n occurred_at: requireNonEmpty(stringOrNull(event.occurred_at) ?? \"\", \"webhook occurred_at\"),\n data: { ...data },\n } as DirectRequestPaymentWebhookEvent;\n if (parsed.type === \"direct_payment.confirmed\" && parsed.data.mode !== DIRECT_REQUEST_PAYMENT_MODE) {\n throw new SiglumeWebhookPayloadError(\"direct_payment.confirmed webhook must carry data.mode='external_402'.\");\n }\n return parsed;\n}\n\nexport async function verifyDirectRequestPaymentWebhook(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<{ event: DirectRequestPaymentWebhookEvent; verification: WebhookSignatureVerification }> {\n const verification = await verifyWebhookSignature(signing_secret, body, signature_header, options);\n const text = new TextDecoder().decode(bodyBytes(body));\n let parsed: unknown;\n try {\n parsed = JSON.parse(text);\n } catch (error) {\n throw new SiglumeWebhookPayloadError(\"Webhook body must contain valid JSON.\");\n }\n return { event: parseDirectRequestPaymentWebhookEvent(parsed), verification };\n}\n\nexport const createExternal402Challenge = createDirectRequestPaymentChallenge;\nexport const verifyExternal402Challenge = verifyDirectRequestPaymentChallenge;\nexport const createExternal402RecurringChallenge = createDirectRequestPaymentRecurringChallenge;\nexport const verifyExternal402RecurringChallenge = verifyDirectRequestPaymentRecurringChallenge;\n\nfunction normalizeMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9._-]{0,95}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be a lowercase key using letters, numbers, dot, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeSelfServiceMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9_-]{2,63}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be 3-64 chars using lowercase letters, numbers, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeBillingPlan(value: string): DirectRequestPaymentBillingPlan {\n const plan = requireNonEmpty(value, \"billing_plan\").toLowerCase();\n if (plan === \"launch\" \|\| plan === \"free\" \|\| plan === \"starter\" \|\| plan === \"growth\" \|\| plan === \"pro\") {\n return plan;\n }\n throw new SiglumeDirectRequestPaymentError(\"billing_plan must be launch, starter, growth, or pro.\");\n}\n\nfunction normalizeCurrency(value: string): DirectRequestPaymentCurrency {\n const currency = requireNonEmpty(value, \"currency\").toUpperCase();\n if (currency !== \"JPY\" && currency !== \"USD\") {\n throw new SiglumeDirectRequestPaymentError(\"currency must be JPY or USD.\");\n }\n return currency;\n}\n\nfunction normalizeToken(value: string): DirectRequestPaymentToken {\n const token = requireNonEmpty(value, \"token_symbol\").toUpperCase();\n if (token !== \"JPYC\" && token !== \"USDC\") {\n throw new SiglumeDirectRequestPaymentError(\"token_symbol must be JPYC or USDC.\");\n }\n return token;\n}\n\nfunction normalizeAllowedCurrencies(value: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>): Record<string, string> {\n const normalized: Record<string, string> = {};\n if (Array.isArray(value)) {\n for (const item of value) {\n const currency = normalizeCurrency(item);\n normalized[currency] = defaultTokenForCurrency(currency);\n }\n } else if (isRecord(value)) {\n for (const [rawCurrency, rawToken] of Object.entries(value)) {\n normalized[normalizeCurrency(rawCurrency)] = normalizeToken(String(rawToken));\n }\n } else {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must be an array or a currency-to-token object.\");\n }\n if (Object.keys(normalized).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must include at least one currency.\");\n }\n return normalized;\n}\n\nfunction defaultTokenForCurrency(currency: DirectRequestPaymentCurrency): DirectRequestPaymentToken {\n return currency === \"JPY\" ? \"JPYC\" : \"USDC\";\n}\n\nfunction normalizeOriginList(value: string[]): string[] {\n if (!Array.isArray(value)) {\n throw new SiglumeDirectRequestPaymentError(\"checkout_allowed_origins must be an array of origin URLs.\");\n }\n const seen = new Set<string>();\n const origins: string[] = [];\n for (const item of value) {\n let url: URL;\n try {\n url = new URL(requireNonEmpty(String(item), \"checkout_allowed_origins entry\"));\n } catch {\n throw new SiglumeDirectRequestPaymentError(\n \"each checkout_allowed_origins entry must be an absolute origin such as https://shop.example.com.\",\n );\n }\n const origin = `${url.protocol.toLowerCase()}//${url.host.toLowerCase()}`;\n if (!seen.has(origin)) {\n seen.add(origin);\n origins.push(origin);\n }\n }\n return origins;\n}\n\nfunction positiveInteger(value: number, name: string): number {\n const parsed = Number(value);\n if (!Number.isSafeInteger(parsed) \|\| parsed <= 0) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a positive safe integer.`);\n }\n return parsed;\n}\n\nfunction requireNonEmpty(value: string, name: string): string {\n const text = String(value ?? \"\").trim();\n if (!text) {\n throw new SiglumeDirectRequestPaymentError(`${name} is required.`);\n }\n return text;\n}\n\nfunction normalizeChallengeNonce(value: string): string {\n const nonce = requireNonEmpty(value, \"nonce\");\n if (nonce.includes(\":\")) {\n throw new SiglumeDirectRequestPaymentError(\"nonce must not contain ':'.\");\n }\n return nonce;\n}\n\nfunction normalizeRecurringCadence(value: string): DirectRequestPaymentRecurringCadence {\n const cadence = requireNonEmpty(value, \"cadence\").toLowerCase();\n if (cadence !== \"monthly\" && cadence !== \"daily\") {\n throw new SiglumeDirectRequestPaymentError(\n 'cadence must be \"monthly\" (subscription) or \"daily\" (scheduled autopay).',\n );\n }\n return cadence;\n}\n\nfunction cloneJsonObject(value: Record<string, unknown>, name: string): Record<string, unknown> {\n try {\n const cloned = JSON.parse(JSON.stringify(value)) as unknown;\n if (!isRecord(cloned)) {\n throw new Error(\"not an object\");\n }\n return cloned;\n } catch (error) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a JSON-serializable object.`);\n }\n}\n\nfunction parseJson(rawText: string): unknown {\n try {\n return JSON.parse(rawText);\n } catch (error) {\n throw new SiglumeApiError(\"Siglume API returned invalid JSON.\", {\n status: 502,\n code: \"INVALID_JSON_RESPONSE\",\n data: rawText,\n });\n }\n}\n\nfunction stringOrNull(value: unknown): string \| null {\n if (typeof value !== \"string\") {\n return null;\n }\n const text = value.trim();\n return text ? text : null;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction requireRecord(value: unknown, name: string): Record<string, unknown> {\n if (!isRecord(value)) {\n throw new SiglumeWebhookPayloadError(`${name} must be an object.`);\n }\n return value;\n}\n\nfunction envValue(name: string): string \| undefined {\n if (typeof process === \"undefined\") {\n return undefined;\n }\n const value = process.env[name];\n return value && value.trim() ? value.trim() : undefined;\n}\n\nfunction bodyBytes(body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>): Uint8Array {\n if (body instanceof Uint8Array) {\n return body;\n }\n if (body instanceof ArrayBuffer) {\n return new Uint8Array(body);\n }\n if (typeof body === \"string\") {\n return new TextEncoder().encode(body);\n }\n if (isRecord(body)) {\n return new TextEncoder().encode(JSON.stringify(body));\n }\n throw new SiglumeWebhookPayloadError(\"Webhook body must be raw bytes, a string, or a JSON object.\");\n}\n\nfunction parseSignatureHeader(signatureHeader: string): { timestamp: number; signature: string } {\n let timestamp: number \| null = null;\n let signature: string \| null = null;\n for (const item of String(signatureHeader ?? \"\").split(\",\")) {\n const [key, value] = item.trim().split(\"=\", 2);\n if (key === \"t\") {\n const parsed = Number.parseInt(value ?? \"\", 10);\n if (!Number.isFinite(parsed)) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature timestamp is invalid.\");\n }\n timestamp = parsed;\n }\n if (key === \"v1\") {\n signature = String(value ?? \"\").trim();\n }\n }\n if (timestamp === null \|\| !signature) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature header is incomplete.\");\n }\n return { timestamp, signature };\n}\n\nasync function randomNonce(): Promise<string> {\n if (globalThis.crypto?.randomUUID) {\n return globalThis.crypto.randomUUID();\n }\n const bytes = new Uint8Array(16);\n if (globalThis.crypto?.getRandomValues) {\n globalThis.crypto.getRandomValues(bytes);\n } else if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n bytes.set(crypto.randomBytes(16));\n } else {\n throw new SiglumeDirectRequestPaymentError(\"Crypto random number generation is unavailable in this runtime.\");\n }\n return bytesToHex(bytes);\n}\n\nasync function hmacSha256Hex(secret: string, payload: Uint8Array): Promise<string> {\n if (globalThis.crypto?.subtle) {\n const stablePayload = new Uint8Array(payload.byteLength);\n stablePayload.set(payload);\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n );\n const digest = await globalThis.crypto.subtle.sign(\"HMAC\", key, stablePayload);\n return bytesToHex(new Uint8Array(digest));\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return crypto.createHmac(\"sha256\", secret).update(Buffer.from(payload)).digest(\"hex\");\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for HMAC-SHA256 in this runtime.\");\n}\n\nasync function sha256Prefixed(material: string): Promise<string> {\n const bytes = new TextEncoder().encode(material);\n if (globalThis.crypto?.subtle) {\n const digest = await globalThis.crypto.subtle.digest(\"SHA-256\", bytes);\n return `sha256:${bytesToHex(new Uint8Array(digest))}`;\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return `sha256:${crypto.createHash(\"sha256\").update(Buffer.from(bytes)).digest(\"hex\")}`;\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for SHA-256 in this runtime.\");\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return [...bytes].map((item) => item.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\nfunction hexToBytes(hex: string): Uint8Array {\n const normalized = String(hex ?? \"\").trim().toLowerCase();\n if (normalized.length % 2 !== 0 \|\| !/^[0-9a-f]$/.test(normalized)) {\n throw new SiglumeWebhookSignatureError(\"Hex digest is invalid.\");\n }\n const bytes = new Uint8Array(normalized.length / 2);\n for (let index = 0; index < normalized.length; index += 2) {\n bytes[index / 2] = Number.parseInt(normalized.slice(index, index + 2), 16);\n }\n return bytes;\n}\n\nasync function timingSafeEqualHex(left: string, right: string): Promise<boolean> {\n const leftBytes = hexToBytes(left);\n const rightBytes = hexToBytes(right);\n if (leftBytes.length !== rightBytes.length) {\n return false;\n }\n let diff = 0;\n for (let index = 0; index < leftBytes.length; index += 1) {\n diff \|= leftBytes[index]! ^ rightBytes[index]!;\n }\n return diff === 0;\n}\n"],"mappings":";AAAO,IAAM,2BAA2B;AACjC,IAAM,0CAA0C;AAIhD,IAAM,oDAAoD;AAC1D,IAAM,8BAA8B;AACpC,IAAM,sCAAsC;AAC5C,IAAM,gDAAgD;AACtD,IAAM,wCAAwC;AAC9C,IAAM,oCAAoC;AAyS1C,IAAM,mCAAN,cAA+C,MAAM;AAAA,EAC1D,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,iCAAiC;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,SAA4D;AACvF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS,QAAQ;AACtB,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAEO,IAAM,+BAAN,cAA2C,iCAAiC;AAAA,EACjF,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,cAAyC,iCAAiC;AAAA,EAC/E,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,MAAiC;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,oBAAoB;AACrE,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,yBAAyB,OAA+E;AAC5G,UAAM,UAAmC;AAAA,MACvC,MAAM;AAAA,MACN,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,WAAW,gBAAgB,MAAM,WAAW,WAAW;AAAA,IACzD;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,eAAe,MAAM,YAAY;AAAA,IAC1D;AACA,QAAI,MAAM,2BAA2B,QAAW;AAC9C,cAAQ,yBAAyB,gBAAgB,MAAM,wBAAwB,wBAAwB;AAAA,IACzG;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAkC,QAAQ,sCAAsC,OAAO;AAAA,EACrG;AAAA,EAEA,MAAM,sBAAsB,gBAA2D;AACrF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,IAC7G;AAAA,EACF;AAAA,EAEA,MAAM,yBACJ,gBACA,OACmC;AACnC,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,MAC3G;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,SAC+C;AAC/C,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,6BAA6B,aAAa,OAAO,CAAC;AAAA,EAC3F;AAAA,EAEA,MAAM,4BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,+BAA+B,aAAa,OAAO,CAAC;AAAA,EAC7F;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,qCAAN,MAAyC;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,6BAA6B,KAAK,SAAS,oBAAoB;AAChH,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,OAA8F;AAChH,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,qBAAqB,MAAM,gBAAgB,QAAQ;AAAA,MACjE,kBAAkB,kBAAkB,MAAM,oBAAoB,KAAK;AAAA,IACrE;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,gBAAgB,MAAM,cAAc,cAAc;AAAA,IAC3E;AACA,QAAI,MAAM,uBAAuB,QAAW;AAC1C,cAAQ,qBAAqB,2BAA2B,MAAM,kBAAkB;AAAA,IAClF;AACA,QAAI,MAAM,yBAAyB,QAAW;AAC5C,cAAQ,uBAAuB,gBAAgB,MAAM,sBAAsB,sBAAsB;AAAA,IACnG;AACA,QAAI,MAAM,8BAA8B,QAAW;AACjD,cAAQ,4BAA4B,gBAAgB,MAAM,2BAA2B,2BAA2B;AAAA,IAClH;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,QAAI,MAAM,6BAA6B,QAAW;AAChD,cAAQ,2BAA2B,oBAAoB,MAAM,wBAAwB;AAAA,IACvF;AACA,WAAO,KAAK,QAA8C,QAAQ,mCAAmC,OAAO;AAAA,EAC9G;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,sBAAsB,OAAqF;AAC/G,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,OAAO,gBAAgB,MAAM,OAAO,OAAO;AAAA,MAC3C,aAAa,gBAAgB,MAAM,aAAa,aAAa;AAAA,MAC7D,YAAY,gBAAgB,MAAM,YAAY,YAAY;AAAA,IAC5D;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,mBAAmB,YAAoD;AAC3E,WAAO,KAAK;AAAA,MACV;AAAA,MACA,2CAA2C,mBAAmB,gBAAgB,YAAY,YAAY,CAAC,CAAC;AAAA,IAC1G;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAiE;AACjF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,UAAiE;AAC3F,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,UACA,QAAyD,CAAC,GACX;AAC/C,UAAM,UAAmC,CAAC;AAC1C,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,kBAAkB,MAAM,QAAQ;AAAA,IACrD;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,kBAAkB,MAAM,gBAAgB;AAAA,IACrE;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,MAC7F;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,OACkD;AAClD,UAAM,UAAmC;AAAA,MACvC,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,aAAa,MAAM,aAAa,SAC5B,MAAM,YAAY,IAAI,CAAC,cAAc,gBAAgB,WAAW,YAAY,CAAC,IAC7E,CAAC,4BAA4B,sBAAsB;AAAA,IACzD;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,cAAQ,cAAc,gBAAgB,MAAM,aAAa,aAAa;AAAA,IACxE;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAiD,QAAQ,kCAAkC,OAAO;AAAA,EAChH;AAAA,EAEA,MAAM,cAAc,OAAiG;AACnH,UAAM,WAAW,MAAM,KAAK,cAAc,KAAK;AAC/C,UAAM,cAAc,SAAS,iBAAiB;AAC9C,UAAM,kBAAkB,MAAM,4BAA4B,QACtD,OACA,MAAM,KAAK,sBAAsB,aAAa;AAAA,MAC9C,kBAAkB,SAAS,iBAAiB,oBAAoB,MAAM,oBAAoB;AAAA,MAC1F,kBAAkB,MAAM,oBAAoB,MAAM;AAAA,IACpD,CAAC;AACH,UAAM,sBAAsB,MAAM,+BAA+B,QAAQ,MAAM,oBAAoB;AACnG,UAAM,uBAAuB,uBAAuB,MAAM,uBACtD,MAAM,KAAK,0BAA0B;AAAA,MACrC,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM,uBAAuB,GAAG,WAAW;AAAA,MACxD,aAAa,MAAM;AAAA,MACnB,UAAU,EAAE,UAAU,aAAa,KAAK,kCAAkC;AAAA,IAC5E,CAAC,IACC;AACJ,UAAM,MAA8B;AAAA,MAClC,iCAAiC;AAAA,IACnC;AACA,QAAI,SAAS,kBAAkB;AAC7B,UAAI,0CAA0C,SAAS;AAAA,IACzD;AACA,UAAM,gBAAgB,aAAa,sBAAsB,cAAc;AACvE,QAAI,eAAe;AACjB,UAAI,yBAAyB;AAAA,IAC/B;AACA,WAAO,EAAE,UAAU,iBAAiB,sBAAsB,IAAI;AAAA,EAChE;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEA,eAAsB,oCACpB,OACwC;AACxC,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,6CAA6C,MAAM,QAAQ;AAAA,IACjF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,uCAAuC,IAAI,KAAK,IAAI,SAAS;AAClF,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,6CACpB,QACA,OAMiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AACjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,KAAK;AAC3D,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEO,SAAS,mCAAmC,WAAwD;AACzG,QAAM,QAAQ,gBAAgB,WAAW,WAAW,EAAE,MAAM,GAAG;AAC/D,MAAI,MAAM,WAAW,GAAG;AACtB,UAAM,IAAI,iCAAiC,kEAAkE;AAAA,EAC/G;AACA,QAAM,CAAC,QAAQ,OAAO,SAAS,IAAI;AACnC,MAAI,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW;AACnC,UAAM,IAAI,iCAAiC,iDAAiD;AAAA,EAC9F;AACA,SAAO,EAAE,QAAQ,OAAO,UAAU;AACpC;AAOA,eAAsB,6CACpB,OACiD;AACjD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,sDAAsD,MAAM,QAAQ;AAAA,IAC1F;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,iDAAiD,IAAI,KAAK,IAAI,SAAS;AAC5F,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,sDACpB,QACA,OAOiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AAGjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,OAAO,IAAI,KAAK;AACtE,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEA,eAAsB,6CACpB,QACA,OAOkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,mDAAmD;AACvE,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,sDAAsD,QAAQ;AAAA,IACnF,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,SAAS,MAAM;AAAA,IACf,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,oCACpB,QACA,OAMkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,yCAAyC;AAC7D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,6CAA6C,QAAQ;AAAA,IAC1E,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,kCAAkC,WAAoC;AAC1F,SAAO,eAAe,gBAAgB,WAAW,WAAW,CAAC;AAC/D;AAEA,eAAsB,gCAAgC,OAKlC;AAClB,QAAM,WAAW,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,cAAc,cAAc,CAAC,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,WAAW,WAAW,CAAC;AAC/L,SAAO,eAAe,QAAQ;AAChC;AAEO,SAAS,6BACd,aACA,UAA4E,CAAC,GACtC;AACvC,SAAO,yCAAyC,aAAa,YAAY,qBAAqB;AAAA,IAC5F,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,+BACd,aACA,UAA4E,CAAC,GACtC;AACvC,QAAM,iBAAiB,YAAY;AACnC,MAAI,CAAC,kBAAkB,OAAO,KAAK,cAAc,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,iCAAiC,8EAA8E;AAAA,EAC3H;AACA,SAAO,yCAAyC,aAAa,gBAAgB;AAAA,IAC3E,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,yCACd,aACA,qBACA,SAKuC;AACvC,QAAM,WAAW;AAAA,IACf,GAAI,SAAS,oBAAoB,cAAc,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,IACzF,GAAI,QAAQ,YAAY,CAAC;AAAA,EAC3B;AACA,SAAO;AAAA,IACL;AAAA,IACA,cAAc,gBAAgB,QAAQ,cAAc,cAAc;AAAA,IAClE,gBAAgB;AAAA,IAChB,cAAc,YAAY;AAAA,IAC1B;AAAA,IACA,gBAAgB,QAAQ,QAAQ,cAAc;AAAA,EAChD;AACF;AAEA,eAAsB,wBACpB,gBACA,MACA,SACiB;AACjB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,6BAA6B,6CAA6C;AAAA,EACtF;AACA,QAAM,YAAY,KAAK,MAAM,QAAQ,SAAS;AAC9C,QAAM,QAAQ,UAAU,IAAI;AAC5B,QAAM,SAAS,IAAI,YAAY,EAAE,OAAO,GAAG,SAAS,GAAG;AACvD,QAAM,UAAU,IAAI,WAAW,OAAO,SAAS,MAAM,MAAM;AAC3D,UAAQ,IAAI,QAAQ,CAAC;AACrB,UAAQ,IAAI,OAAO,OAAO,MAAM;AAChC,SAAO,cAAc,gBAAgB,OAAO;AAC9C;AAEA,eAAsB,4BACpB,gBACA,MACA,UAAkC,CAAC,GAClB;AACjB,QAAM,YAAY,KAAK,MAAM,QAAQ,aAAa,KAAK,IAAI,IAAI,GAAI;AACnE,QAAM,YAAY,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AACnF,SAAO,KAAK,SAAS,OAAO,SAAS;AACvC;AAEA,eAAsB,uBACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GAClB;AACvC,QAAM,EAAE,WAAW,UAAU,IAAI,qBAAqB,gBAAgB;AACtE,QAAM,mBAAmB,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,qBAAqB,iCAAiC,CAAC;AAC/G,QAAM,aAAa,KAAK,MAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAI;AAC9D,MAAI,KAAK,IAAI,aAAa,SAAS,IAAI,kBAAkB;AACvD,UAAM,IAAI,6BAA6B,4DAA4D;AAAA,EACrG;AACA,QAAM,WAAW,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AAClF,MAAI,CAAE,MAAM,mBAAmB,UAAU,SAAS,GAAI;AACpD,UAAM,IAAI,6BAA6B,kCAAkC;AAAA,EAC3E;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEO,SAAS,sCAAsC,SAAoD;AACxG,QAAM,QAAQ,cAAc,SAAS,eAAe;AACpD,QAAM,OAAO,cAAc,MAAM,MAAM,oBAAoB;AAC3D,QAAM,SAAS;AAAA,IACb,GAAG;AAAA,IACH,IAAI,gBAAgB,aAAa,MAAM,EAAE,KAAK,IAAI,kBAAkB;AAAA,IACpE,MAAM,gBAAgB,aAAa,MAAM,IAAI,KAAK,IAAI,oBAAoB;AAAA,IAC1E,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,MAAM,EAAE,GAAG,KAAK;AAAA,EAClB;AACA,MAAI,OAAO,SAAS,8BAA8B,OAAO,KAAK,SAAS,6BAA6B;AAClG,UAAM,IAAI,2BAA2B,uEAAuE;AAAA,EAC9G;AACA,SAAO;AACT;AAEA,eAAsB,kCACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GACyC;AAClG,QAAM,eAAe,MAAM,uBAAuB,gBAAgB,MAAM,kBAAkB,OAAO;AACjG,QAAM,OAAO,IAAI,YAAY,EAAE,OAAO,UAAU,IAAI,CAAC;AACrD,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,SAAS,OAAO;AACd,UAAM,IAAI,2BAA2B,uCAAuC;AAAA,EAC9E;AACA,SAAO,EAAE,OAAO,sCAAsC,MAAM,GAAG,aAAa;AAC9E;AAEO,IAAM,6BAA6B;AACnC,IAAM,6BAA6B;AACnC,IAAM,sCAAsC;AAC5C,IAAM,sCAAsC;AAEnD,SAAS,kBAAkB,OAAuB;AAChD,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,8BAA8B,KAAK,QAAQ,GAAG;AACjD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,6BAA6B,OAAuB;AAC3D,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,6BAA6B,KAAK,QAAQ,GAAG;AAChD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,OAAgD;AAC5E,QAAM,OAAO,gBAAgB,OAAO,cAAc,EAAE,YAAY;AAChE,MAAI,SAAS,YAAY,SAAS,UAAU,SAAS,aAAa,SAAS,YAAY,SAAS,OAAO;AACrG,WAAO;AAAA,EACT;AACA,QAAM,IAAI,iCAAiC,uDAAuD;AACpG;AAEA,SAAS,kBAAkB,OAA6C;AACtE,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,aAAa,SAAS,aAAa,OAAO;AAC5C,UAAM,IAAI,iCAAiC,8BAA8B;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,SAAS,eAAe,OAA0C;AAChE,QAAM,QAAQ,gBAAgB,OAAO,cAAc,EAAE,YAAY;AACjE,MAAI,UAAU,UAAU,UAAU,QAAQ;AACxC,UAAM,IAAI,iCAAiC,oCAAoC;AAAA,EACjF;AACA,SAAO;AACT;AAEA,SAAS,2BAA2B,OAAsG;AACxI,QAAM,aAAqC,CAAC;AAC5C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,kBAAkB,IAAI;AACvC,iBAAW,QAAQ,IAAI,wBAAwB,QAAQ;AAAA,IACzD;AAAA,EACF,WAAW,SAAS,KAAK,GAAG;AAC1B,eAAW,CAAC,aAAa,QAAQ,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,iBAAW,kBAAkB,WAAW,CAAC,IAAI,eAAe,OAAO,QAAQ,CAAC;AAAA,IAC9E;AAAA,EACF,OAAO;AACL,UAAM,IAAI,iCAAiC,oEAAoE;AAAA,EACjH;AACA,MAAI,OAAO,KAAK,UAAU,EAAE,WAAW,GAAG;AACxC,UAAM,IAAI,iCAAiC,wDAAwD;AAAA,EACrG;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,UAAmE;AAClG,SAAO,aAAa,QAAQ,SAAS;AACvC;AAEA,SAAS,oBAAoB,OAA2B;AACtD,MAAI,CAAC,MAAM,QAAQ,KAAK,GAAG;AACzB,UAAM,IAAI,iCAAiC,2DAA2D;AAAA,EACxG;AACA,QAAM,OAAO,oBAAI,IAAY;AAC7B,QAAM,UAAoB,CAAC;AAC3B,aAAW,QAAQ,OAAO;AACxB,QAAI;AACJ,QAAI;AACF,YAAM,IAAI,IAAI,gBAAgB,OAAO,IAAI,GAAG,gCAAgC,CAAC;AAAA,IAC/E,QAAQ;AACN,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,SAAS,GAAG,IAAI,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,YAAY,CAAC;AACvE,QAAI,CAAC,KAAK,IAAI,MAAM,GAAG;AACrB,WAAK,IAAI,MAAM;AACf,cAAQ,KAAK,MAAM;AAAA,IACrB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,SAAS,OAAO,KAAK;AAC3B,MAAI,CAAC,OAAO,cAAc,MAAM,KAAK,UAAU,GAAG;AAChD,UAAM,IAAI,iCAAiC,GAAG,IAAI,mCAAmC;AAAA,EACvF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,OAAO,OAAO,SAAS,EAAE,EAAE,KAAK;AACtC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,iCAAiC,GAAG,IAAI,eAAe;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,OAAuB;AACtD,QAAM,QAAQ,gBAAgB,OAAO,OAAO;AAC5C,MAAI,MAAM,SAAS,GAAG,GAAG;AACvB,UAAM,IAAI,iCAAiC,6BAA6B;AAAA,EAC1E;AACA,SAAO;AACT;AAEA,SAAS,0BAA0B,OAAqD;AACtF,QAAM,UAAU,gBAAgB,OAAO,SAAS,EAAE,YAAY;AAC9D,MAAI,YAAY,aAAa,YAAY,SAAS;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAgC,MAAuC;AAC9F,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,KAAK,UAAU,KAAK,CAAC;AAC/C,QAAI,CAAC,SAAS,MAAM,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IACjC;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,iCAAiC,GAAG,IAAI,sCAAsC;AAAA,EAC1F;AACF;AAEA,SAAS,UAAU,SAA0B;AAC3C,MAAI;AACF,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sCAAsC;AAAA,MAC9D,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AACF;AAEA,SAAS,aAAa,OAA+B;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK;AACxB,SAAO,OAAO,OAAO;AACvB;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,cAAc,OAAgB,MAAuC;AAC5E,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,2BAA2B,GAAG,IAAI,qBAAqB;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,SAAS,MAAkC;AAClD,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,QAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,SAAO,SAAS,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AAChD;AAEA,SAAS,UAAU,MAA+E;AAChG,MAAI,gBAAgB,YAAY;AAC9B,WAAO;AAAA,EACT;AACA,MAAI,gBAAgB,aAAa;AAC/B,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AACA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO,IAAI,YAAY,EAAE,OAAO,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,IAAI,GAAG;AAClB,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,IAAI,CAAC;AAAA,EACtD;AACA,QAAM,IAAI,2BAA2B,6DAA6D;AACpG;AAEA,SAAS,qBAAqB,iBAAmE;AAC/F,MAAI,YAA2B;AAC/B,MAAI,YAA2B;AAC/B,aAAW,QAAQ,OAAO,mBAAmB,EAAE,EAAE,MAAM,GAAG,GAAG;AAC3D,UAAM,CAAC,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE,MAAM,KAAK,CAAC;AAC7C,QAAI,QAAQ,KAAK;AACf,YAAM,SAAS,OAAO,SAAS,SAAS,IAAI,EAAE;AAC9C,UAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,cAAM,IAAI,6BAA6B,yCAAyC;AAAA,MAClF;AACA,kBAAY;AAAA,IACd;AACA,QAAI,QAAQ,MAAM;AAChB,kBAAY,OAAO,SAAS,EAAE,EAAE,KAAK;AAAA,IACvC;AAAA,EACF;AACA,MAAI,cAAc,QAAQ,CAAC,WAAW;AACpC,UAAM,IAAI,6BAA6B,yCAAyC;AAAA,EAClF;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEA,eAAe,cAA+B;AAC5C,MAAI,WAAW,QAAQ,YAAY;AACjC,WAAO,WAAW,OAAO,WAAW;AAAA,EACtC;AACA,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,MAAI,WAAW,QAAQ,iBAAiB;AACtC,eAAW,OAAO,gBAAgB,KAAK;AAAA,EACzC,WAAW,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AACnE,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,UAAM,IAAI,OAAO,YAAY,EAAE,CAAC;AAAA,EAClC,OAAO;AACL,UAAM,IAAI,iCAAiC,iEAAiE;AAAA,EAC9G;AACA,SAAO,WAAW,KAAK;AACzB;AAEA,eAAe,cAAc,QAAgB,SAAsC;AACjF,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,gBAAgB,IAAI,WAAW,QAAQ,UAAU;AACvD,kBAAc,IAAI,OAAO;AACzB,UAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,MACzC;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,MAAM;AAAA,MAC/B,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,MAChC;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AACA,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,aAAa;AAC7E,WAAO,WAAW,IAAI,WAAW,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,KAAK,OAAO,CAAC,EAAE,OAAO,KAAK;AAAA,EACtF;AACA,QAAM,IAAI,iCAAiC,yDAAyD;AACtG;AAEA,eAAe,eAAe,UAAmC;AAC/D,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,QAAQ;AAC/C,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,OAAO,WAAW,KAAK;AACrE,WAAO,UAAU,WAAW,IAAI,WAAW,MAAM,CAAC,CAAC;AAAA,EACrD;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,UAAU,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;AAAA,EACvF;AACA,QAAM,IAAI,iCAAiC,qDAAqD;AAClG;AAEA,SAAS,WAAW,OAA2B;AAC7C,SAAO,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE;AAC7E;AAEA,SAAS,WAAW,KAAyB;AAC3C,QAAM,aAAa,OAAO,OAAO,EAAE,EAAE,KAAK,EAAE,YAAY;AACxD,MAAI,WAAW,SAAS,MAAM,KAAK,CAAC,cAAc,KAAK,UAAU,GAAG;AAClE,UAAM,IAAI,6BAA6B,wBAAwB;AAAA,EACjE;AACA,QAAM,QAAQ,IAAI,WAAW,WAAW,SAAS,CAAC;AAClD,WAAS,QAAQ,GAAG,QAAQ,WAAW,QAAQ,SAAS,GAAG;AACzD,UAAM,QAAQ,CAAC,IAAI,OAAO,SAAS,WAAW,MAAM,OAAO,QAAQ,CAAC,GAAG,EAAE;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,eAAe,mBAAmB,MAAc,OAAiC;AAC/E,QAAM,YAAY,WAAW,IAAI;AACjC,QAAM,aAAa,WAAW,KAAK;AACnC,MAAI,UAAU,WAAW,WAAW,QAAQ;AAC1C,WAAO;AAAA,EACT;AACA,MAAI,OAAO;AACX,WAAS,QAAQ,GAAG,QAAQ,UAAU,QAAQ,SAAS,GAAG;AACxD,YAAQ,UAAU,KAAK,IAAK,WAAW,KAAK;AAAA,EAC9C;AACA,SAAO,SAAS;AAClB;","names":[]}
1	+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["export const DEFAULT_SIGLUME_API_BASE = \"https://siglume.com/v1\";\nexport const DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME = \"siglume-external-402-v1\";\n// Recurring (subscription / scheduled autopay) approval uses a DISTINCT scheme\n// with cadence bound into the HMAC, so a one-time checkout challenge can never\n// be replayed as a recurring authorization and vice versa.\nexport const DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME = \"siglume-external-402-recurring-v1\";\nexport const DIRECT_REQUEST_PAYMENT_MODE = \"external_402\";\nexport const DIRECT_REQUEST_PAYMENT_RECEIPT_KIND = \"sdrp_direct_payment\";\nexport const DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND = \"sdrp_direct_payment_allowance\";\nexport const DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE = \"sdrp_direct_payment_requirement\";\nexport const DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 300;\n\nexport type DirectRequestPaymentCurrency = \"JPY\" \| \"USD\";\nexport type DirectRequestPaymentToken = \"JPYC\" \| \"USDC\";\n\nexport interface DirectRequestPaymentChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface ParsedDirectRequestPaymentChallenge {\n scheme: string;\n nonce: string;\n signature: string;\n}\n\n/** \"monthly\" authorizes a Siglume-swept subscription; \"daily\" authorizes\n * merchant-triggered scheduled autopay. It is an approval tag, not a\n * run-count limiter. /\nexport type DirectRequestPaymentRecurringCadence = \"monthly\" \| \"daily\";\n\nexport interface DirectRequestPaymentRecurringChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentRecurringChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n cadence: DirectRequestPaymentRecurringCadence;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface Web3TransactionRequest {\n network?: string;\n chain_id?: number;\n from?: string;\n to?: string;\n data?: string;\n value?: string \| number;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectPaymentRequirement {\n direct_payment_requirement_id: string;\n requirement_id: string;\n id: string;\n mode: string;\n merchant?: string \| null;\n challenge_hash?: string \| null;\n buyer_user_id: string;\n agent_id?: string \| null;\n product_listing_id: string;\n listing_id: string;\n access_grant_id?: string \| null;\n capability_key: string;\n requirement_hash: string;\n request_hash: string;\n siglume_signature: string;\n token_symbol: string;\n currency: string;\n amount_minor: number;\n fee_bps: number;\n status: string;\n expires_at?: string \| null;\n confirmed_at?: string \| null;\n spent_at?: string \| null;\n chain_receipt_id?: string \| null;\n transaction_request: Web3TransactionRequest;\n approve_transaction_request?: Web3TransactionRequest \| null;\n buyer_confirmation?: string \| null;\n non_custodial: boolean;\n metadata_jsonb?: Record<string, unknown>;\n created_at?: string \| null;\n updated_at?: string \| null;\n}\n\nexport interface DirectPaymentRequirementCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n token_symbol?: DirectRequestPaymentToken \| string;\n allowance_amount_minor?: number;\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectPaymentVerifyInput {\n receipt_id?: string \| null;\n chain_receipt_id?: string \| null;\n await_finality?: boolean;\n await_required_status?: string \| null;\n await_timeout_seconds?: number;\n await_poll_seconds?: number;\n}\n\nexport interface Web3PreparedTransactionExecutePayload {\n transaction_request: Web3TransactionRequest;\n receipt_kind: string;\n reference_type: typeof DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE;\n reference_id: string;\n metadata?: Record<string, unknown>;\n await_finality?: boolean;\n}\n\nexport interface Web3PreparedTransactionExecuteResult {\n receipt?: Record<string, unknown>;\n finalization?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentClientOptions {\n auth_token?: string;\n base_url?: string;\n fetch?: typeof fetch;\n timeout_ms?: number;\n user_agent?: string;\n}\n\nexport type DirectRequestPaymentBillingPlan = \"launch\" \| \"free\" \| \"starter\" \| \"growth\" \| \"pro\";\n\nexport interface DirectRequestPaymentMerchantAccount {\n merchant_account_id: string;\n merchant: string;\n merchant_user_id: string;\n user_wallet_id?: string \| null;\n billing_mandate_id?: string \| null;\n display_name?: string \| null;\n status?: string \| null;\n billing_status?: string \| null;\n billing_plan?: string \| null;\n billing_currency?: string \| null;\n token_symbol?: string \| null;\n monthly_fee_minor?: number \| null;\n settlement_fee_bps?: number \| null;\n settlement_fee_min_minor?: number \| null;\n included_monthly_payments?: number \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantSetupInput {\n merchant: string;\n display_name?: string;\n billing_plan?: DirectRequestPaymentBillingPlan \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n allowed_currencies?: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>;\n webhook_callback_url?: string;\n billing_mandate_cap_minor?: number;\n max_amount_minor?: number;\n // Hosted Checkout return-URL origin allowlist (open-redirect defense). Each\n // entry is an absolute origin such as \"https://shop.example.com\". The origin\n // of webhook_callback_url is auto-allowed in addition to these.\n checkout_allowed_origins?: string[];\n}\n\nexport interface HostedCheckoutSessionCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n success_url: string;\n cancel_url: string;\n metadata?: Record<string, unknown>;\n}\n\nexport interface HostedCheckoutSessionCreateResult {\n checkout_url: string;\n session_id: string;\n challenge_hash: string;\n status?: string;\n expires_at?: string \| null;\n}\n\nexport interface HostedCheckoutSession {\n session_id: string;\n merchant: string;\n currency: string;\n token_symbol: string;\n amount_minor: number;\n status: string;\n challenge_hash: string;\n requirement_id?: string \| null;\n success_url: string;\n cancel_url: string;\n expires_at?: string \| null;\n authenticated_at?: string \| null;\n paid_at?: string \| null;\n cancelled_at?: string \| null;\n created_at?: string \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantBillingMandateInput {\n currency?: DirectRequestPaymentCurrency \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantResponse {\n merchant_account: DirectRequestPaymentMerchantAccount;\n challenge_secret?: string \| null;\n challenge_secret_created?: boolean;\n created?: boolean \| null;\n listing_id?: string \| null;\n mandate?: Record<string, unknown> \| null;\n next_steps?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscriptionInput {\n callback_url: string;\n description?: string;\n event_types?: string[];\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscription {\n webhook_subscription_id?: string;\n subscription_id?: string;\n id?: string;\n callback_url?: string;\n signing_secret?: string;\n status?: string;\n event_types?: string[];\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupInput extends DirectRequestPaymentMerchantSetupInput {\n create_webhook_subscription?: boolean;\n prepare_billing_mandate?: boolean;\n webhook_event_types?: string[];\n webhook_description?: string;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupResult {\n merchant: DirectRequestPaymentMerchantResponse;\n billing_mandate?: DirectRequestPaymentMerchantResponse \| null;\n webhook_subscription?: DirectRequestPaymentWebhookSubscription \| null;\n env: Record<string, string>;\n}\n\nexport interface SiglumeEnvelopeMeta {\n request_id?: string \| null;\n trace_id?: string \| null;\n [key: string]: unknown;\n}\n\nexport interface WebhookSignatureVerification {\n timestamp: number;\n signature: string;\n}\n\nexport interface DirectRequestPaymentWebhookEvent {\n id: string;\n type: \"direct_payment.confirmed\" \| string;\n api_version: string;\n occurred_at: string;\n data: {\n mode?: string;\n merchant?: string;\n direct_payment_requirement_id?: string;\n requirement_id?: string;\n challenge_hash?: string;\n amount_minor?: number;\n currency?: string;\n token_symbol?: string;\n status?: string;\n [key: string]: unknown;\n };\n [key: string]: unknown;\n}\n\nexport class SiglumeDirectRequestPaymentError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeDirectRequestPaymentError\";\n }\n}\n\nexport class SiglumeApiError extends SiglumeDirectRequestPaymentError {\n readonly status: number;\n readonly code: string;\n readonly data: unknown;\n\n constructor(message: string, options: { status: number; code?: string; data?: unknown }) {\n super(message);\n this.name = \"SiglumeApiError\";\n this.status = options.status;\n this.code = options.code ?? \"SIGLUME_API_ERROR\";\n this.data = options.data;\n }\n}\n\nexport class HostedCheckoutNotAvailableError extends SiglumeApiError {\n constructor(message = \"Hosted Checkout is not enabled for this account yet (server rollout in progress).\") {\n super(message, { status: 409, code: \"HOSTED_CHECKOUT_NOT_ENABLED\" });\n this.name = \"HostedCheckoutNotAvailableError\";\n }\n}\n\nexport class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookSignatureError\";\n }\n}\n\nexport class SiglumeWebhookPayloadError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookPayloadError\";\n }\n}\n\nexport class DirectRequestPaymentClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A buyer Siglume bearer token is required for Direct Request Payment API calls. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.1\";\n this.fetch_impl = fetchImpl;\n }\n\n async createPaymentRequirement(input: DirectPaymentRequirementCreateInput): Promise<DirectPaymentRequirement> {\n const payload: Record<string, unknown> = {\n mode: DIRECT_REQUEST_PAYMENT_MODE,\n merchant: normalizeMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n challenge: requireNonEmpty(input.challenge, \"challenge\"),\n };\n if (input.token_symbol !== undefined) {\n payload.token_symbol = normalizeToken(input.token_symbol);\n }\n if (input.allowance_amount_minor !== undefined) {\n payload.allowance_amount_minor = positiveInteger(input.allowance_amount_minor, \"allowance_amount_minor\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectPaymentRequirement>(\"POST\", \"/sdrp/direct-payments/requirements\", payload);\n }\n\n async getPaymentRequirement(requirement_id: string): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"GET\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}`,\n );\n }\n\n async verifyPaymentRequirement(\n requirement_id: string,\n input: DirectPaymentVerifyInput,\n ): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"POST\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}/verify`,\n input,\n );\n }\n\n async executePreparedTransaction(\n payload: Web3PreparedTransactionExecutePayload,\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.request<Web3PreparedTransactionExecuteResult>(\n \"POST\",\n \"/market/web3/transactions/execute-prepared\",\n payload,\n );\n }\n\n async executePaymentTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildPaymentExecutionPayload(requirement, options));\n }\n\n async executeAllowanceTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildAllowanceExecutionPayload(requirement, options));\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport class DirectRequestPaymentMerchantClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_MERCHANT_AUTH_TOKEN\") ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A merchant Siglume bearer token is required for Direct Request Payment merchant setup. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.1\";\n this.fetch_impl = fetchImpl;\n }\n\n async setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n billing_plan: normalizeBillingPlan(input.billing_plan ?? \"launch\"),\n billing_currency: normalizeCurrency(input.billing_currency ?? \"JPY\"),\n };\n if (input.display_name !== undefined) {\n payload.display_name = requireNonEmpty(input.display_name, \"display_name\");\n }\n if (input.allowed_currencies !== undefined) {\n payload.allowed_currencies = normalizeAllowedCurrencies(input.allowed_currencies);\n }\n if (input.webhook_callback_url !== undefined) {\n payload.webhook_callback_url = requireNonEmpty(input.webhook_callback_url, \"webhook_callback_url\");\n }\n if (input.billing_mandate_cap_minor !== undefined) {\n payload.billing_mandate_cap_minor = positiveInteger(input.billing_mandate_cap_minor, \"billing_mandate_cap_minor\");\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n if (input.checkout_allowed_origins !== undefined) {\n payload.checkout_allowed_origins = normalizeOriginList(input.checkout_allowed_origins);\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\"POST\", \"/sdrp/direct-payments/merchants\", payload);\n }\n\n /\n Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web\n * shoppers). Siglume authors the challenge server-side, persists a single-use\n * expiring session, and returns a `checkout_url`. Redirect the shopper there;\n * they log into Siglume, approve, and pay from their own wallet, then return\n * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook\n * (the source of truth), exactly as with the agent flow.\n \n `success_url`/`cancel_url` must be on an origin you registered via\n * `checkout_allowed_origins` (or your `webhook_callback_url` origin).\n /\n async createCheckoutSession(input: HostedCheckoutSessionCreateInput): Promise<HostedCheckoutSessionCreateResult> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n nonce: normalizeChallengeNonce(input.nonce),\n success_url: requireNonEmpty(input.success_url, \"success_url\"),\n cancel_url: requireNonEmpty(input.cancel_url, \"cancel_url\"),\n };\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.requestHostedCheckout<HostedCheckoutSessionCreateResult>(\n \"POST\",\n \"/sdrp/direct-payments/checkout-sessions\",\n payload,\n );\n }\n\n /* Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). /\n async getCheckoutSession(session_id: string): Promise<HostedCheckoutSession> {\n return this.requestHostedCheckout<HostedCheckoutSession>(\n \"GET\",\n `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, \"session_id\"))}`,\n );\n }\n\n async getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"GET\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}`,\n );\n }\n\n async rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/challenge-secret/rotate`,\n );\n }\n\n async prepareBillingMandate(\n merchant: string,\n input: DirectRequestPaymentMerchantBillingMandateInput = {},\n ): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {};\n if (input.currency !== undefined) {\n payload.currency = normalizeCurrency(input.currency);\n }\n if (input.billing_currency !== undefined) {\n payload.billing_currency = normalizeCurrency(input.billing_currency);\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/billing-mandate`,\n payload,\n );\n }\n\n async createWebhookSubscription(\n input: DirectRequestPaymentWebhookSubscriptionInput,\n ): Promise<DirectRequestPaymentWebhookSubscription> {\n const payload: Record<string, unknown> = {\n callback_url: requireNonEmpty(input.callback_url, \"callback_url\"),\n event_types: input.event_types?.length\n ? input.event_types.map((eventType) => requireNonEmpty(eventType, \"event_type\"))\n : [\"direct_payment.confirmed\", \"direct_payment.spent\"],\n };\n if (input.description !== undefined) {\n payload.description = requireNonEmpty(input.description, \"description\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectRequestPaymentWebhookSubscription>(\"POST\", \"/market/webhooks/subscriptions\", payload);\n }\n\n async setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult> {\n const merchant = await this.setupMerchant(input);\n const merchantKey = merchant.merchant_account.merchant;\n const billing_mandate = input.prepare_billing_mandate === false\n ? null\n : await this.prepareBillingMandate(merchantKey, {\n billing_currency: merchant.merchant_account.billing_currency ?? input.billing_currency ?? \"JPY\",\n max_amount_minor: input.max_amount_minor ?? input.billing_mandate_cap_minor,\n });\n const shouldCreateWebhook = input.create_webhook_subscription ?? Boolean(input.webhook_callback_url);\n const webhook_subscription = shouldCreateWebhook && input.webhook_callback_url\n ? await this.createWebhookSubscription({\n callback_url: input.webhook_callback_url,\n description: input.webhook_description ?? `${merchantKey} Direct Request Payment`,\n event_types: input.webhook_event_types,\n metadata: { merchant: merchantKey, sdk: \"@siglume/direct-request-payment\" },\n })\n : null;\n const env: Record<string, string> = {\n SIGLUME_DIRECT_PAYMENT_MERCHANT: merchantKey,\n };\n if (merchant.challenge_secret) {\n env.SIGLUME_DIRECT_PAYMENT_CHALLENGE_SECRET = merchant.challenge_secret;\n }\n const webhookSecret = stringOrNull(webhook_subscription?.signing_secret);\n if (webhookSecret) {\n env.SIGLUME_WEBHOOK_SECRET = webhookSecret;\n }\n return { merchant, billing_mandate, webhook_subscription, env };\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n\n private async requestHostedCheckout<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n try {\n return await this.request<T>(method, path, json_body);\n } catch (error) {\n if (isHostedCheckoutUnavailable(error)) {\n throw new HostedCheckoutNotAvailableError();\n }\n throw error;\n }\n }\n}\n\nexport async function createDirectRequestPaymentChallenge(\n input: DirectRequestPaymentChallengeInput,\n): Promise<DirectRequestPaymentChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = normalizeChallengeNonce(input.nonce);\n const material = `${merchant}:${amount}:${currency}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport function parseDirectRequestPaymentChallenge(challenge: string): ParsedDirectRequestPaymentChallenge {\n const parts = requireNonEmpty(challenge, \"challenge\").split(\":\");\n if (parts.length !== 3) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge must be scheme:nonce:signature.\");\n }\n const [scheme, nonce, signature] = parts;\n if (!scheme \|\| !nonce \|\| !signature) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge is incomplete.\");\n }\n return { scheme, nonce, signature };\n}\n\n/* Merchant-side, ONE-TIME approval of a recurring authorization: amount +\n * currency + cadence are bound into the HMAC. Recurring charges afterwards\n * are deliberately challenge-free; the recurring authorization and the\n * buyer's mandate/budget caps are the per-charge integrity checks. Cadence\n * \"monthly\" = subscription, \"daily\" = scheduled autopay approval tag. /\nexport async function createDirectRequestPaymentRecurringChallenge(\n input: DirectRequestPaymentRecurringChallengeInput,\n): Promise<DirectRequestPaymentRecurringChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentRecurringChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentRecurringChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = normalizeChallengeNonce(input.nonce);\n // MUST stay byte-identical to the server's\n // _external_402_recurring_challenge_signature — both sides change together.\n const material = `${merchant}:${amount}:${currency}:${cadence}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport async function verifyDirectRequestPaymentRecurringChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentRecurringChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n cadence: input.cadence,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function verifyDirectRequestPaymentChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function directRequestPaymentChallengeHash(challenge: string): Promise<string> {\n return sha256Prefixed(requireNonEmpty(challenge, \"challenge\"));\n}\n\nexport async function directRequestPaymentRequestHash(input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n}): Promise<string> {\n const material = `${normalizeMerchant(input.merchant)}${positiveInteger(input.amount_minor, \"amount_minor\")}${normalizeCurrency(input.currency)}${requireNonEmpty(input.challenge, \"challenge\")}`;\n return sha256Prefixed(material);\n}\n\nexport function buildPaymentExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n return buildPreparedTransactionExecutionPayload(requirement, requirement.transaction_request, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildAllowanceExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n const approveRequest = requirement.approve_transaction_request;\n if (!approveRequest \|\| Object.keys(approveRequest).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"This payment requirement does not include an allowance approval transaction.\");\n }\n return buildPreparedTransactionExecutionPayload(requirement, approveRequest, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildPreparedTransactionExecutionPayload(\n requirement: DirectPaymentRequirement,\n transaction_request: Web3TransactionRequest,\n options: {\n receipt_kind: string;\n await_finality?: boolean;\n metadata?: Record<string, unknown>;\n },\n): Web3PreparedTransactionExecutePayload {\n const metadata = {\n ...(isRecord(transaction_request.metadata_jsonb) ? transaction_request.metadata_jsonb : {}),\n ...(options.metadata ?? {}),\n };\n return {\n transaction_request,\n receipt_kind: requireNonEmpty(options.receipt_kind, \"receipt_kind\"),\n reference_type: DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,\n reference_id: requirement.requirement_id,\n metadata,\n await_finality: Boolean(options.await_finality),\n };\n}\n\nexport async function computeWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp: number },\n): Promise<string> {\n if (!signing_secret) {\n throw new SiglumeWebhookSignatureError(\"SIGLUME webhook signing secret is required.\");\n }\n const timestamp = Math.trunc(options.timestamp);\n const bytes = bodyBytes(body);\n const prefix = new TextEncoder().encode(`${timestamp}.`);\n const payload = new Uint8Array(prefix.length + bytes.length);\n payload.set(prefix, 0);\n payload.set(bytes, prefix.length);\n return hmacSha256Hex(signing_secret, payload);\n}\n\nexport async function buildWebhookSignatureHeader(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp?: number } = {},\n): Promise<string> {\n const timestamp = Math.trunc(options.timestamp ?? Date.now() / 1000);\n const signature = await computeWebhookSignature(signing_secret, body, { timestamp });\n return `t=${timestamp},v1=${signature}`;\n}\n\nexport async function verifyWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<WebhookSignatureVerification> {\n const { timestamp, signature } = parseSignatureHeader(signature_header);\n const toleranceSeconds = Math.max(1, Math.trunc(options.tolerance_seconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS));\n const nowSeconds = Math.trunc(options.now ?? Date.now() / 1000);\n if (Math.abs(nowSeconds - timestamp) > toleranceSeconds) {\n throw new SiglumeWebhookSignatureError(\"Webhook timestamp is outside the allowed tolerance window.\");\n }\n const expected = await computeWebhookSignature(signing_secret, body, { timestamp });\n if (!(await timingSafeEqualHex(expected, signature))) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature did not match.\");\n }\n return { timestamp, signature };\n}\n\nexport function parseDirectRequestPaymentWebhookEvent(payload: unknown): DirectRequestPaymentWebhookEvent {\n const event = requireRecord(payload, \"webhook event\");\n const data = requireRecord(event.data, \"webhook event data\");\n const parsed = {\n ...event,\n id: requireNonEmpty(stringOrNull(event.id) ?? \"\", \"webhook event id\"),\n type: requireNonEmpty(stringOrNull(event.type) ?? \"\", \"webhook event type\"),\n api_version: requireNonEmpty(stringOrNull(event.api_version) ?? \"\", \"webhook api_version\"),\n occurred_at: requireNonEmpty(stringOrNull(event.occurred_at) ?? \"\", \"webhook occurred_at\"),\n data: { ...data },\n } as DirectRequestPaymentWebhookEvent;\n if (parsed.type === \"direct_payment.confirmed\" && parsed.data.mode !== DIRECT_REQUEST_PAYMENT_MODE) {\n throw new SiglumeWebhookPayloadError(\"direct_payment.confirmed webhook must carry data.mode='external_402'.\");\n }\n return parsed;\n}\n\nexport async function verifyDirectRequestPaymentWebhook(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<{ event: DirectRequestPaymentWebhookEvent; verification: WebhookSignatureVerification }> {\n const verification = await verifyWebhookSignature(signing_secret, body, signature_header, options);\n const text = new TextDecoder().decode(bodyBytes(body));\n let parsed: unknown;\n try {\n parsed = JSON.parse(text);\n } catch (error) {\n throw new SiglumeWebhookPayloadError(\"Webhook body must contain valid JSON.\");\n }\n return { event: parseDirectRequestPaymentWebhookEvent(parsed), verification };\n}\n\nexport const createExternal402Challenge = createDirectRequestPaymentChallenge;\nexport const verifyExternal402Challenge = verifyDirectRequestPaymentChallenge;\nexport const createExternal402RecurringChallenge = createDirectRequestPaymentRecurringChallenge;\nexport const verifyExternal402RecurringChallenge = verifyDirectRequestPaymentRecurringChallenge;\n\nfunction normalizeMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9._-]{0,95}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be a lowercase key using letters, numbers, dot, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeSelfServiceMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9_-]{2,63}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be 3-64 chars using lowercase letters, numbers, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeBillingPlan(value: string): DirectRequestPaymentBillingPlan {\n const plan = requireNonEmpty(value, \"billing_plan\").toLowerCase();\n if (plan === \"launch\" \|\| plan === \"free\" \|\| plan === \"starter\" \|\| plan === \"growth\" \|\| plan === \"pro\") {\n return plan;\n }\n throw new SiglumeDirectRequestPaymentError(\"billing_plan must be launch, starter, growth, or pro.\");\n}\n\nfunction normalizeCurrency(value: string): DirectRequestPaymentCurrency {\n const currency = requireNonEmpty(value, \"currency\").toUpperCase();\n if (currency !== \"JPY\" && currency !== \"USD\") {\n throw new SiglumeDirectRequestPaymentError(\"currency must be JPY or USD.\");\n }\n return currency;\n}\n\nfunction normalizeToken(value: string): DirectRequestPaymentToken {\n const token = requireNonEmpty(value, \"token_symbol\").toUpperCase();\n if (token !== \"JPYC\" && token !== \"USDC\") {\n throw new SiglumeDirectRequestPaymentError(\"token_symbol must be JPYC or USDC.\");\n }\n return token;\n}\n\nfunction normalizeAllowedCurrencies(value: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>): Record<string, string> {\n const normalized: Record<string, string> = {};\n if (Array.isArray(value)) {\n for (const item of value) {\n const currency = normalizeCurrency(item);\n normalized[currency] = defaultTokenForCurrency(currency);\n }\n } else if (isRecord(value)) {\n for (const [rawCurrency, rawToken] of Object.entries(value)) {\n normalized[normalizeCurrency(rawCurrency)] = normalizeToken(String(rawToken));\n }\n } else {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must be an array or a currency-to-token object.\");\n }\n if (Object.keys(normalized).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must include at least one currency.\");\n }\n return normalized;\n}\n\nfunction defaultTokenForCurrency(currency: DirectRequestPaymentCurrency): DirectRequestPaymentToken {\n return currency === \"JPY\" ? \"JPYC\" : \"USDC\";\n}\n\nfunction normalizeOriginList(value: string[]): string[] {\n if (!Array.isArray(value)) {\n throw new SiglumeDirectRequestPaymentError(\"checkout_allowed_origins must be an array of origin URLs.\");\n }\n const seen = new Set<string>();\n const origins: string[] = [];\n for (const item of value) {\n let url: URL;\n try {\n url = new URL(requireNonEmpty(String(item), \"checkout_allowed_origins entry\"));\n } catch {\n throw new SiglumeDirectRequestPaymentError(\n \"each checkout_allowed_origins entry must be an absolute origin such as https://shop.example.com.\",\n );\n }\n const origin = `${url.protocol.toLowerCase()}//${url.host.toLowerCase()}`;\n if (!seen.has(origin)) {\n seen.add(origin);\n origins.push(origin);\n }\n }\n return origins;\n}\n\nfunction positiveInteger(value: number, name: string): number {\n const parsed = Number(value);\n if (!Number.isSafeInteger(parsed) \|\| parsed <= 0) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a positive safe integer.`);\n }\n return parsed;\n}\n\nfunction requireNonEmpty(value: string, name: string): string {\n const text = String(value ?? \"\").trim();\n if (!text) {\n throw new SiglumeDirectRequestPaymentError(`${name} is required.`);\n }\n return text;\n}\n\nfunction normalizeChallengeNonce(value: string): string {\n const nonce = requireNonEmpty(value, \"nonce\");\n if (nonce.includes(\":\")) {\n throw new SiglumeDirectRequestPaymentError(\"nonce must not contain ':'.\");\n }\n return nonce;\n}\n\nfunction normalizeRecurringCadence(value: string): DirectRequestPaymentRecurringCadence {\n const cadence = requireNonEmpty(value, \"cadence\").toLowerCase();\n if (cadence !== \"monthly\" && cadence !== \"daily\") {\n throw new SiglumeDirectRequestPaymentError(\n 'cadence must be \"monthly\" (subscription) or \"daily\" (scheduled autopay).',\n );\n }\n return cadence;\n}\n\nfunction cloneJsonObject(value: Record<string, unknown>, name: string): Record<string, unknown> {\n try {\n const cloned = JSON.parse(JSON.stringify(value)) as unknown;\n if (!isRecord(cloned)) {\n throw new Error(\"not an object\");\n }\n return cloned;\n } catch (error) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a JSON-serializable object.`);\n }\n}\n\nfunction parseJson(rawText: string): unknown {\n try {\n return JSON.parse(rawText);\n } catch (error) {\n throw new SiglumeApiError(\"Siglume API returned invalid JSON.\", {\n status: 502,\n code: \"INVALID_JSON_RESPONSE\",\n data: rawText,\n });\n }\n}\n\nfunction stringOrNull(value: unknown): string \| null {\n if (typeof value !== \"string\") {\n return null;\n }\n const text = value.trim();\n return text ? text : null;\n}\n\nfunction isHostedCheckoutUnavailable(error: unknown): boolean {\n if (!(error instanceof SiglumeApiError)) {\n return false;\n }\n const code = error.code.toUpperCase();\n if (error.status === 409 && (code === \"HOSTED_CHECKOUT_NOT_ENABLED\" \|\| code === \"FEATURE_DISABLED\")) {\n return true;\n }\n return (\n error.status === 404 &&\n (code === \"HTTP_404\" \|\| code === \"NOT_FOUND\" \|\| code === \"ROUTE_NOT_FOUND\" \|\| code === \"FEATURE_DISABLED\")\n );\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction requireRecord(value: unknown, name: string): Record<string, unknown> {\n if (!isRecord(value)) {\n throw new SiglumeWebhookPayloadError(`${name} must be an object.`);\n }\n return value;\n}\n\nfunction envValue(name: string): string \| undefined {\n if (typeof process === \"undefined\") {\n return undefined;\n }\n const value = process.env[name];\n return value && value.trim() ? value.trim() : undefined;\n}\n\nfunction bodyBytes(body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>): Uint8Array {\n if (body instanceof Uint8Array) {\n return body;\n }\n if (body instanceof ArrayBuffer) {\n return new Uint8Array(body);\n }\n if (typeof body === \"string\") {\n return new TextEncoder().encode(body);\n }\n if (isRecord(body)) {\n return new TextEncoder().encode(JSON.stringify(body));\n }\n throw new SiglumeWebhookPayloadError(\"Webhook body must be raw bytes, a string, or a JSON object.\");\n}\n\nfunction parseSignatureHeader(signatureHeader: string): { timestamp: number; signature: string } {\n let timestamp: number \| null = null;\n let signature: string \| null = null;\n for (const item of String(signatureHeader ?? \"\").split(\",\")) {\n const [key, value] = item.trim().split(\"=\", 2);\n if (key === \"t\") {\n const parsed = Number.parseInt(value ?? \"\", 10);\n if (!Number.isFinite(parsed)) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature timestamp is invalid.\");\n }\n timestamp = parsed;\n }\n if (key === \"v1\") {\n signature = String(value ?? \"\").trim();\n }\n }\n if (timestamp === null \|\| !signature) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature header is incomplete.\");\n }\n return { timestamp, signature };\n}\n\nasync function randomNonce(): Promise<string> {\n if (globalThis.crypto?.randomUUID) {\n return globalThis.crypto.randomUUID();\n }\n const bytes = new Uint8Array(16);\n if (globalThis.crypto?.getRandomValues) {\n globalThis.crypto.getRandomValues(bytes);\n } else if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n bytes.set(crypto.randomBytes(16));\n } else {\n throw new SiglumeDirectRequestPaymentError(\"Crypto random number generation is unavailable in this runtime.\");\n }\n return bytesToHex(bytes);\n}\n\nasync function hmacSha256Hex(secret: string, payload: Uint8Array): Promise<string> {\n if (globalThis.crypto?.subtle) {\n const stablePayload = new Uint8Array(payload.byteLength);\n stablePayload.set(payload);\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n );\n const digest = await globalThis.crypto.subtle.sign(\"HMAC\", key, stablePayload);\n return bytesToHex(new Uint8Array(digest));\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return crypto.createHmac(\"sha256\", secret).update(Buffer.from(payload)).digest(\"hex\");\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for HMAC-SHA256 in this runtime.\");\n}\n\nasync function sha256Prefixed(material: string): Promise<string> {\n const bytes = new TextEncoder().encode(material);\n if (globalThis.crypto?.subtle) {\n const digest = await globalThis.crypto.subtle.digest(\"SHA-256\", bytes);\n return `sha256:${bytesToHex(new Uint8Array(digest))}`;\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return `sha256:${crypto.createHash(\"sha256\").update(Buffer.from(bytes)).digest(\"hex\")}`;\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for SHA-256 in this runtime.\");\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return [...bytes].map((item) => item.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\nfunction hexToBytes(hex: string): Uint8Array {\n const normalized = String(hex ?? \"\").trim().toLowerCase();\n if (normalized.length % 2 !== 0 \|\| !/^[0-9a-f]$/.test(normalized)) {\n throw new SiglumeWebhookSignatureError(\"Hex digest is invalid.\");\n }\n const bytes = new Uint8Array(normalized.length / 2);\n for (let index = 0; index < normalized.length; index += 2) {\n bytes[index / 2] = Number.parseInt(normalized.slice(index, index + 2), 16);\n }\n return bytes;\n}\n\nasync function timingSafeEqualHex(left: string, right: string): Promise<boolean> {\n const leftBytes = hexToBytes(left);\n const rightBytes = hexToBytes(right);\n if (leftBytes.length !== rightBytes.length) {\n return false;\n }\n let diff = 0;\n for (let index = 0; index < leftBytes.length; index += 1) {\n diff \|= leftBytes[index]! ^ rightBytes[index]!;\n }\n return diff === 0;\n}\n"],"mappings":";AAAO,IAAM,2BAA2B;AACjC,IAAM,0CAA0C;AAIhD,IAAM,oDAAoD;AAC1D,IAAM,8BAA8B;AACpC,IAAM,sCAAsC;AAC5C,IAAM,gDAAgD;AACtD,IAAM,wCAAwC;AAC9C,IAAM,oCAAoC;AAyS1C,IAAM,mCAAN,cAA+C,MAAM;AAAA,EAC1D,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,iCAAiC;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,SAA4D;AACvF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS,QAAQ;AACtB,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAEO,IAAM,kCAAN,cAA8C,gBAAgB;AAAA,EACnE,YAAY,UAAU,qFAAqF;AACzG,UAAM,SAAS,EAAE,QAAQ,KAAK,MAAM,8BAA8B,CAAC;AACnE,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,+BAAN,cAA2C,iCAAiC;AAAA,EACjF,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,cAAyC,iCAAiC;AAAA,EAC/E,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,MAAiC;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,oBAAoB;AACrE,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,yBAAyB,OAA+E;AAC5G,UAAM,UAAmC;AAAA,MACvC,MAAM;AAAA,MACN,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,WAAW,gBAAgB,MAAM,WAAW,WAAW;AAAA,IACzD;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,eAAe,MAAM,YAAY;AAAA,IAC1D;AACA,QAAI,MAAM,2BAA2B,QAAW;AAC9C,cAAQ,yBAAyB,gBAAgB,MAAM,wBAAwB,wBAAwB;AAAA,IACzG;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAkC,QAAQ,sCAAsC,OAAO;AAAA,EACrG;AAAA,EAEA,MAAM,sBAAsB,gBAA2D;AACrF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,IAC7G;AAAA,EACF;AAAA,EAEA,MAAM,yBACJ,gBACA,OACmC;AACnC,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,MAC3G;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,SAC+C;AAC/C,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,6BAA6B,aAAa,OAAO,CAAC;AAAA,EAC3F;AAAA,EAEA,MAAM,4BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,+BAA+B,aAAa,OAAO,CAAC;AAAA,EAC7F;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,qCAAN,MAAyC;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,6BAA6B,KAAK,SAAS,oBAAoB;AAChH,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,OAA8F;AAChH,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,qBAAqB,MAAM,gBAAgB,QAAQ;AAAA,MACjE,kBAAkB,kBAAkB,MAAM,oBAAoB,KAAK;AAAA,IACrE;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,gBAAgB,MAAM,cAAc,cAAc;AAAA,IAC3E;AACA,QAAI,MAAM,uBAAuB,QAAW;AAC1C,cAAQ,qBAAqB,2BAA2B,MAAM,kBAAkB;AAAA,IAClF;AACA,QAAI,MAAM,yBAAyB,QAAW;AAC5C,cAAQ,uBAAuB,gBAAgB,MAAM,sBAAsB,sBAAsB;AAAA,IACnG;AACA,QAAI,MAAM,8BAA8B,QAAW;AACjD,cAAQ,4BAA4B,gBAAgB,MAAM,2BAA2B,2BAA2B;AAAA,IAClH;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,QAAI,MAAM,6BAA6B,QAAW;AAChD,cAAQ,2BAA2B,oBAAoB,MAAM,wBAAwB;AAAA,IACvF;AACA,WAAO,KAAK,QAA8C,QAAQ,mCAAmC,OAAO;AAAA,EAC9G;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,sBAAsB,OAAqF;AAC/G,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,OAAO,wBAAwB,MAAM,KAAK;AAAA,MAC1C,aAAa,gBAAgB,MAAM,aAAa,aAAa;AAAA,MAC7D,YAAY,gBAAgB,MAAM,YAAY,YAAY;AAAA,IAC5D;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,mBAAmB,YAAoD;AAC3E,WAAO,KAAK;AAAA,MACV;AAAA,MACA,2CAA2C,mBAAmB,gBAAgB,YAAY,YAAY,CAAC,CAAC;AAAA,IAC1G;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAiE;AACjF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,UAAiE;AAC3F,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,UACA,QAAyD,CAAC,GACX;AAC/C,UAAM,UAAmC,CAAC;AAC1C,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,kBAAkB,MAAM,QAAQ;AAAA,IACrD;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,kBAAkB,MAAM,gBAAgB;AAAA,IACrE;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,MAC7F;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,OACkD;AAClD,UAAM,UAAmC;AAAA,MACvC,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,aAAa,MAAM,aAAa,SAC5B,MAAM,YAAY,IAAI,CAAC,cAAc,gBAAgB,WAAW,YAAY,CAAC,IAC7E,CAAC,4BAA4B,sBAAsB;AAAA,IACzD;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,cAAQ,cAAc,gBAAgB,MAAM,aAAa,aAAa;AAAA,IACxE;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAiD,QAAQ,kCAAkC,OAAO;AAAA,EAChH;AAAA,EAEA,MAAM,cAAc,OAAiG;AACnH,UAAM,WAAW,MAAM,KAAK,cAAc,KAAK;AAC/C,UAAM,cAAc,SAAS,iBAAiB;AAC9C,UAAM,kBAAkB,MAAM,4BAA4B,QACtD,OACA,MAAM,KAAK,sBAAsB,aAAa;AAAA,MAC9C,kBAAkB,SAAS,iBAAiB,oBAAoB,MAAM,oBAAoB;AAAA,MAC1F,kBAAkB,MAAM,oBAAoB,MAAM;AAAA,IACpD,CAAC;AACH,UAAM,sBAAsB,MAAM,+BAA+B,QAAQ,MAAM,oBAAoB;AACnG,UAAM,uBAAuB,uBAAuB,MAAM,uBACtD,MAAM,KAAK,0BAA0B;AAAA,MACrC,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM,uBAAuB,GAAG,WAAW;AAAA,MACxD,aAAa,MAAM;AAAA,MACnB,UAAU,EAAE,UAAU,aAAa,KAAK,kCAAkC;AAAA,IAC5E,CAAC,IACC;AACJ,UAAM,MAA8B;AAAA,MAClC,iCAAiC;AAAA,IACnC;AACA,QAAI,SAAS,kBAAkB;AAC7B,UAAI,0CAA0C,SAAS;AAAA,IACzD;AACA,UAAM,gBAAgB,aAAa,sBAAsB,cAAc;AACvE,QAAI,eAAe;AACjB,UAAI,yBAAyB;AAAA,IAC/B;AACA,WAAO,EAAE,UAAU,iBAAiB,sBAAsB,IAAI;AAAA,EAChE;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,MAAc,sBAAyB,QAAgB,MAAc,WAAiC;AACpG,QAAI;AACF,aAAO,MAAM,KAAK,QAAW,QAAQ,MAAM,SAAS;AAAA,IACtD,SAAS,OAAO;AACd,UAAI,4BAA4B,KAAK,GAAG;AACtC,cAAM,IAAI,gCAAgC;AAAA,MAC5C;AACA,YAAM;AAAA,IACR;AAAA,EACF;AACF;AAEA,eAAsB,oCACpB,OACwC;AACxC,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,6CAA6C,MAAM,QAAQ;AAAA,IACjF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,uCAAuC,IAAI,KAAK,IAAI,SAAS;AAClF,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,6CACpB,QACA,OAMiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AACjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,KAAK;AAC3D,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEO,SAAS,mCAAmC,WAAwD;AACzG,QAAM,QAAQ,gBAAgB,WAAW,WAAW,EAAE,MAAM,GAAG;AAC/D,MAAI,MAAM,WAAW,GAAG;AACtB,UAAM,IAAI,iCAAiC,kEAAkE;AAAA,EAC/G;AACA,QAAM,CAAC,QAAQ,OAAO,SAAS,IAAI;AACnC,MAAI,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW;AACnC,UAAM,IAAI,iCAAiC,iDAAiD;AAAA,EAC9F;AACA,SAAO,EAAE,QAAQ,OAAO,UAAU;AACpC;AAOA,eAAsB,6CACpB,OACiD;AACjD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,sDAAsD,MAAM,QAAQ;AAAA,IAC1F;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,iDAAiD,IAAI,KAAK,IAAI,SAAS;AAC5F,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,sDACpB,QACA,OAOiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AAGjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,OAAO,IAAI,KAAK;AACtE,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEA,eAAsB,6CACpB,QACA,OAOkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,mDAAmD;AACvE,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,sDAAsD,QAAQ;AAAA,IACnF,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,SAAS,MAAM;AAAA,IACf,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,oCACpB,QACA,OAMkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,yCAAyC;AAC7D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,6CAA6C,QAAQ;AAAA,IAC1E,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,kCAAkC,WAAoC;AAC1F,SAAO,eAAe,gBAAgB,WAAW,WAAW,CAAC;AAC/D;AAEA,eAAsB,gCAAgC,OAKlC;AAClB,QAAM,WAAW,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,cAAc,cAAc,CAAC,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,WAAW,WAAW,CAAC;AAC/L,SAAO,eAAe,QAAQ;AAChC;AAEO,SAAS,6BACd,aACA,UAA4E,CAAC,GACtC;AACvC,SAAO,yCAAyC,aAAa,YAAY,qBAAqB;AAAA,IAC5F,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,+BACd,aACA,UAA4E,CAAC,GACtC;AACvC,QAAM,iBAAiB,YAAY;AACnC,MAAI,CAAC,kBAAkB,OAAO,KAAK,cAAc,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,iCAAiC,8EAA8E;AAAA,EAC3H;AACA,SAAO,yCAAyC,aAAa,gBAAgB;AAAA,IAC3E,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,yCACd,aACA,qBACA,SAKuC;AACvC,QAAM,WAAW;AAAA,IACf,GAAI,SAAS,oBAAoB,cAAc,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,IACzF,GAAI,QAAQ,YAAY,CAAC;AAAA,EAC3B;AACA,SAAO;AAAA,IACL;AAAA,IACA,cAAc,gBAAgB,QAAQ,cAAc,cAAc;AAAA,IAClE,gBAAgB;AAAA,IAChB,cAAc,YAAY;AAAA,IAC1B;AAAA,IACA,gBAAgB,QAAQ,QAAQ,cAAc;AAAA,EAChD;AACF;AAEA,eAAsB,wBACpB,gBACA,MACA,SACiB;AACjB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,6BAA6B,6CAA6C;AAAA,EACtF;AACA,QAAM,YAAY,KAAK,MAAM,QAAQ,SAAS;AAC9C,QAAM,QAAQ,UAAU,IAAI;AAC5B,QAAM,SAAS,IAAI,YAAY,EAAE,OAAO,GAAG,SAAS,GAAG;AACvD,QAAM,UAAU,IAAI,WAAW,OAAO,SAAS,MAAM,MAAM;AAC3D,UAAQ,IAAI,QAAQ,CAAC;AACrB,UAAQ,IAAI,OAAO,OAAO,MAAM;AAChC,SAAO,cAAc,gBAAgB,OAAO;AAC9C;AAEA,eAAsB,4BACpB,gBACA,MACA,UAAkC,CAAC,GAClB;AACjB,QAAM,YAAY,KAAK,MAAM,QAAQ,aAAa,KAAK,IAAI,IAAI,GAAI;AACnE,QAAM,YAAY,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AACnF,SAAO,KAAK,SAAS,OAAO,SAAS;AACvC;AAEA,eAAsB,uBACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GAClB;AACvC,QAAM,EAAE,WAAW,UAAU,IAAI,qBAAqB,gBAAgB;AACtE,QAAM,mBAAmB,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,qBAAqB,iCAAiC,CAAC;AAC/G,QAAM,aAAa,KAAK,MAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAI;AAC9D,MAAI,KAAK,IAAI,aAAa,SAAS,IAAI,kBAAkB;AACvD,UAAM,IAAI,6BAA6B,4DAA4D;AAAA,EACrG;AACA,QAAM,WAAW,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AAClF,MAAI,CAAE,MAAM,mBAAmB,UAAU,SAAS,GAAI;AACpD,UAAM,IAAI,6BAA6B,kCAAkC;AAAA,EAC3E;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEO,SAAS,sCAAsC,SAAoD;AACxG,QAAM,QAAQ,cAAc,SAAS,eAAe;AACpD,QAAM,OAAO,cAAc,MAAM,MAAM,oBAAoB;AAC3D,QAAM,SAAS;AAAA,IACb,GAAG;AAAA,IACH,IAAI,gBAAgB,aAAa,MAAM,EAAE,KAAK,IAAI,kBAAkB;AAAA,IACpE,MAAM,gBAAgB,aAAa,MAAM,IAAI,KAAK,IAAI,oBAAoB;AAAA,IAC1E,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,MAAM,EAAE,GAAG,KAAK;AAAA,EAClB;AACA,MAAI,OAAO,SAAS,8BAA8B,OAAO,KAAK,SAAS,6BAA6B;AAClG,UAAM,IAAI,2BAA2B,uEAAuE;AAAA,EAC9G;AACA,SAAO;AACT;AAEA,eAAsB,kCACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GACyC;AAClG,QAAM,eAAe,MAAM,uBAAuB,gBAAgB,MAAM,kBAAkB,OAAO;AACjG,QAAM,OAAO,IAAI,YAAY,EAAE,OAAO,UAAU,IAAI,CAAC;AACrD,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,SAAS,OAAO;AACd,UAAM,IAAI,2BAA2B,uCAAuC;AAAA,EAC9E;AACA,SAAO,EAAE,OAAO,sCAAsC,MAAM,GAAG,aAAa;AAC9E;AAEO,IAAM,6BAA6B;AACnC,IAAM,6BAA6B;AACnC,IAAM,sCAAsC;AAC5C,IAAM,sCAAsC;AAEnD,SAAS,kBAAkB,OAAuB;AAChD,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,8BAA8B,KAAK,QAAQ,GAAG;AACjD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,6BAA6B,OAAuB;AAC3D,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,6BAA6B,KAAK,QAAQ,GAAG;AAChD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,OAAgD;AAC5E,QAAM,OAAO,gBAAgB,OAAO,cAAc,EAAE,YAAY;AAChE,MAAI,SAAS,YAAY,SAAS,UAAU,SAAS,aAAa,SAAS,YAAY,SAAS,OAAO;AACrG,WAAO;AAAA,EACT;AACA,QAAM,IAAI,iCAAiC,uDAAuD;AACpG;AAEA,SAAS,kBAAkB,OAA6C;AACtE,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,aAAa,SAAS,aAAa,OAAO;AAC5C,UAAM,IAAI,iCAAiC,8BAA8B;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,SAAS,eAAe,OAA0C;AAChE,QAAM,QAAQ,gBAAgB,OAAO,cAAc,EAAE,YAAY;AACjE,MAAI,UAAU,UAAU,UAAU,QAAQ;AACxC,UAAM,IAAI,iCAAiC,oCAAoC;AAAA,EACjF;AACA,SAAO;AACT;AAEA,SAAS,2BAA2B,OAAsG;AACxI,QAAM,aAAqC,CAAC;AAC5C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,kBAAkB,IAAI;AACvC,iBAAW,QAAQ,IAAI,wBAAwB,QAAQ;AAAA,IACzD;AAAA,EACF,WAAW,SAAS,KAAK,GAAG;AAC1B,eAAW,CAAC,aAAa,QAAQ,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,iBAAW,kBAAkB,WAAW,CAAC,IAAI,eAAe,OAAO,QAAQ,CAAC;AAAA,IAC9E;AAAA,EACF,OAAO;AACL,UAAM,IAAI,iCAAiC,oEAAoE;AAAA,EACjH;AACA,MAAI,OAAO,KAAK,UAAU,EAAE,WAAW,GAAG;AACxC,UAAM,IAAI,iCAAiC,wDAAwD;AAAA,EACrG;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,UAAmE;AAClG,SAAO,aAAa,QAAQ,SAAS;AACvC;AAEA,SAAS,oBAAoB,OAA2B;AACtD,MAAI,CAAC,MAAM,QAAQ,KAAK,GAAG;AACzB,UAAM,IAAI,iCAAiC,2DAA2D;AAAA,EACxG;AACA,QAAM,OAAO,oBAAI,IAAY;AAC7B,QAAM,UAAoB,CAAC;AAC3B,aAAW,QAAQ,OAAO;AACxB,QAAI;AACJ,QAAI;AACF,YAAM,IAAI,IAAI,gBAAgB,OAAO,IAAI,GAAG,gCAAgC,CAAC;AAAA,IAC/E,QAAQ;AACN,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,SAAS,GAAG,IAAI,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,YAAY,CAAC;AACvE,QAAI,CAAC,KAAK,IAAI,MAAM,GAAG;AACrB,WAAK,IAAI,MAAM;AACf,cAAQ,KAAK,MAAM;AAAA,IACrB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,SAAS,OAAO,KAAK;AAC3B,MAAI,CAAC,OAAO,cAAc,MAAM,KAAK,UAAU,GAAG;AAChD,UAAM,IAAI,iCAAiC,GAAG,IAAI,mCAAmC;AAAA,EACvF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,OAAO,OAAO,SAAS,EAAE,EAAE,KAAK;AACtC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,iCAAiC,GAAG,IAAI,eAAe;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,OAAuB;AACtD,QAAM,QAAQ,gBAAgB,OAAO,OAAO;AAC5C,MAAI,MAAM,SAAS,GAAG,GAAG;AACvB,UAAM,IAAI,iCAAiC,6BAA6B;AAAA,EAC1E;AACA,SAAO;AACT;AAEA,SAAS,0BAA0B,OAAqD;AACtF,QAAM,UAAU,gBAAgB,OAAO,SAAS,EAAE,YAAY;AAC9D,MAAI,YAAY,aAAa,YAAY,SAAS;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAgC,MAAuC;AAC9F,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,KAAK,UAAU,KAAK,CAAC;AAC/C,QAAI,CAAC,SAAS,MAAM,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IACjC;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,iCAAiC,GAAG,IAAI,sCAAsC;AAAA,EAC1F;AACF;AAEA,SAAS,UAAU,SAA0B;AAC3C,MAAI;AACF,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sCAAsC;AAAA,MAC9D,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AACF;AAEA,SAAS,aAAa,OAA+B;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK;AACxB,SAAO,OAAO,OAAO;AACvB;AAEA,SAAS,4BAA4B,OAAyB;AAC5D,MAAI,EAAE,iBAAiB,kBAAkB;AACvC,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK,YAAY;AACpC,MAAI,MAAM,WAAW,QAAQ,SAAS,iCAAiC,SAAS,qBAAqB;AACnG,WAAO;AAAA,EACT;AACA,SACE,MAAM,WAAW,QAChB,SAAS,cAAc,SAAS,eAAe,SAAS,qBAAqB,SAAS;AAE3F;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,cAAc,OAAgB,MAAuC;AAC5E,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,2BAA2B,GAAG,IAAI,qBAAqB;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,SAAS,MAAkC;AAClD,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,QAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,SAAO,SAAS,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AAChD;AAEA,SAAS,UAAU,MAA+E;AAChG,MAAI,gBAAgB,YAAY;AAC9B,WAAO;AAAA,EACT;AACA,MAAI,gBAAgB,aAAa;AAC/B,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AACA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO,IAAI,YAAY,EAAE,OAAO,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,IAAI,GAAG;AAClB,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,IAAI,CAAC;AAAA,EACtD;AACA,QAAM,IAAI,2BAA2B,6DAA6D;AACpG;AAEA,SAAS,qBAAqB,iBAAmE;AAC/F,MAAI,YAA2B;AAC/B,MAAI,YAA2B;AAC/B,aAAW,QAAQ,OAAO,mBAAmB,EAAE,EAAE,MAAM,GAAG,GAAG;AAC3D,UAAM,CAAC,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE,MAAM,KAAK,CAAC;AAC7C,QAAI,QAAQ,KAAK;AACf,YAAM,SAAS,OAAO,SAAS,SAAS,IAAI,EAAE;AAC9C,UAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,cAAM,IAAI,6BAA6B,yCAAyC;AAAA,MAClF;AACA,kBAAY;AAAA,IACd;AACA,QAAI,QAAQ,MAAM;AAChB,kBAAY,OAAO,SAAS,EAAE,EAAE,KAAK;AAAA,IACvC;AAAA,EACF;AACA,MAAI,cAAc,QAAQ,CAAC,WAAW;AACpC,UAAM,IAAI,6BAA6B,yCAAyC;AAAA,EAClF;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEA,eAAe,cAA+B;AAC5C,MAAI,WAAW,QAAQ,YAAY;AACjC,WAAO,WAAW,OAAO,WAAW;AAAA,EACtC;AACA,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,MAAI,WAAW,QAAQ,iBAAiB;AACtC,eAAW,OAAO,gBAAgB,KAAK;AAAA,EACzC,WAAW,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AACnE,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,UAAM,IAAI,OAAO,YAAY,EAAE,CAAC;AAAA,EAClC,OAAO;AACL,UAAM,IAAI,iCAAiC,iEAAiE;AAAA,EAC9G;AACA,SAAO,WAAW,KAAK;AACzB;AAEA,eAAe,cAAc,QAAgB,SAAsC;AACjF,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,gBAAgB,IAAI,WAAW,QAAQ,UAAU;AACvD,kBAAc,IAAI,OAAO;AACzB,UAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,MACzC;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,MAAM;AAAA,MAC/B,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,MAChC;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AACA,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,aAAa;AAC7E,WAAO,WAAW,IAAI,WAAW,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,KAAK,OAAO,CAAC,EAAE,OAAO,KAAK;AAAA,EACtF;AACA,QAAM,IAAI,iCAAiC,yDAAyD;AACtG;AAEA,eAAe,eAAe,UAAmC;AAC/D,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,QAAQ;AAC/C,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,OAAO,WAAW,KAAK;AACrE,WAAO,UAAU,WAAW,IAAI,WAAW,MAAM,CAAC,CAAC;AAAA,EACrD;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,UAAU,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;AAAA,EACvF;AACA,QAAM,IAAI,iCAAiC,qDAAqD;AAClG;AAEA,SAAS,WAAW,OAA2B;AAC7C,SAAO,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE;AAC7E;AAEA,SAAS,WAAW,KAAyB;AAC3C,QAAM,aAAa,OAAO,OAAO,EAAE,EAAE,KAAK,EAAE,YAAY;AACxD,MAAI,WAAW,SAAS,MAAM,KAAK,CAAC,cAAc,KAAK,UAAU,GAAG;AAClE,UAAM,IAAI,6BAA6B,wBAAwB;AAAA,EACjE;AACA,QAAM,QAAQ,IAAI,WAAW,WAAW,SAAS,CAAC;AAClD,WAAS,QAAQ,GAAG,QAAQ,WAAW,QAAQ,SAAS,GAAG;AACzD,UAAM,QAAQ,CAAC,IAAI,OAAO,SAAS,WAAW,MAAM,OAAO,QAAQ,CAAC,GAAG,EAAE;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,eAAe,mBAAmB,MAAc,OAAiC;AAC/E,QAAM,YAAY,WAAW,IAAI;AACjC,QAAM,aAAa,WAAW,KAAK;AACnC,MAAI,UAAU,WAAW,WAAW,QAAQ;AAC1C,WAAO;AAAA,EACT;AACA,MAAI,OAAO;AACX,WAAS,QAAQ,GAAG,QAAQ,UAAU,QAAQ,SAAS,GAAG;AACxD,YAAQ,UAAU,KAAK,IAAK,WAAW,KAAK;AAAA,EAC9C;AACA,SAAO,SAAS;AAClB;","names":[]}

package/docs/announcement-ja.md CHANGED Viewed

@@ -6,6 +6,8 @@ Siglume Direct Request Payment 向けの外部事業者用SDKを公開しまし
 - PyPI: https://pypi.org/project/siglume-direct-request-payment/
 - GitHub: https://github.com/taihei-05/siglume-direct-request-payment
+> **Beta / サーバーロールアウト中**: Hosted Checkout はアカウントごとに段階提供中です。未提供アカウントでは `createCheckoutSession(...)` / `getCheckoutSession(...)` が `HostedCheckoutNotAvailableError` を返します。生の 404/409 をそのまま利用者へ見せず、提供開始まで既存の agent/API 経路を利用してください。
 このSDKは、外部EC、予約サービス、会員制サービス、有料API、scheduled autopay などで、SDRP の Standard Payment / 通常決済を自社プロダクトに組み込むためのSDKです。
 ## できること
@@ -60,17 +62,17 @@ Standard Payment は1決済ごとに精算します。Micro / Nano は金額帯
 | 帯 | 周期 | 締め期間 | 着金タイミング |
 | --- | --- | --- | --- |
 | Standard Payment | 都度 | — | 各決済の確定直後にオンチェーン精算 |
-| Micro Payment | 週次 | カレンダー週（現状は月曜 00:00 〜 翌週月曜 00:00） | 週が締まった後、受取先・出品ごとに集約してオンチェーン精算（1件以上） |
-| Nano Payment | 月次 | カレンダー月（現状は1日 00:00 〜 翌月1日 00:00） | 月が締まった後、受取先・出品ごとに集約してオンチェーン精算（1件以上） |
+| Micro Payment | 週次 | アカウント別に割り当てられた固定の週次スロット | 締め後、確定通知と約3日の事前通知サイトを置いてから、受取先・出品ごとに集約してオンチェーン精算（1件以上） |
+| Nano Payment | 月次 | アカウント別に割り当てられた固定の月次スロット | 締め後、確定通知と約3日の事前通知サイトを置いてから、受取先・出品ごとに集約してオンチェーン精算（1件以上） |
-- **締め期間**: Micro は1カレンダー週（月曜始まり）、Nano は1カレンダー月（1日始まり）でまとめます。正確な締め時刻はプラットフォーム管理で変更されうるため、下記「確定事項と可変事項」を参照してください。
-- **タイムゾーン**: 締めの境界は購入者が設定した精算タイムゾーン（現状の既定は UTC）で判定され、購入者ごとに境界が少しずれることがあります。既定タイムゾーンはプラットフォーム管理で変更されることがあります。
-- **精算バッチ／支払い実行**: 期間が締まった後、その期間分を受取先・出品・トークンごとに集約し（1件以上）、次の精算パスで自動的にオンチェーン送金します。締めと送金の間には短い（プラットフォーム管理の）遅延があります。
+- **締め期間**: Micro は週次、Nano は月次でまとめます。具体的な締め曜日・日・時刻は、負荷分散のためアカウントごとに固定スロットとして割り当てられます。
+- **タイムゾーン**: 締めの境界は購入者が設定した精算タイムゾーン（既定は UTC）で判定されます。割り当て済みスロットは、予告なくオンザフライで再計算されません。
+- **精算バッチ／支払い実行**: 期間が締まった後、その期間分を受取先・出品・トークンごとに集約し（1件以上）、購入者へ確定通知を送ります。実際の引き落としは締め後おおむね3日の事前通知サイト後、`not_before_attempt_at` 以降の精算パスで実行されます。
 - **売上として確認できる時点**: Micro/Nano の支払いはオンチェーン精算が確定して初めて確定売上になります。それまでは「未精算」です。プラットフォームの精算ステータス／Webhook を正本としてください。
 - **休日・失敗・再試行・繰越**: オンチェーン精算のため銀行休業日の影響はなく、曜日に関係なくカレンダー境界で締まります。精算が失敗した場合（例: 精算時に購入者ウォレットの予算が不足／無効）は自動で再試行され、その購入者の同一トークンの Micro/Nano は未解決の精算が片付くまで一時停止します。未精算額が消えることはなく、失敗した精算に紐づいたまま、再試行成功時に支払われます。
 - **rejected / 課金なし**: 購入者ウォレットの予算は **グロス額**（料金＋プロトコルフィー）で消費され、受理時から精算確定まで確保されます。予算・scope・金額帯が満たされない場合は **課金なしで拒否**され、リクエストは実行されず、精算にも計上されません。
-**確定事項と可変事項**: 周期は固定です（**Micro は週次、Nano は月次**。確定はオンチェーン精算後）。正確な締め時刻、既定タイムゾーン、締めから送金までの遅延、再試行間隔はプラットフォーム側で管理され変更されうるため、暦をハードコードせずプラットフォームの精算ステータスと `fee_bps` を正本としてください。
+**確定事項と可変事項**: 周期は固定です（**Micro は週次、Nano は月次**。確定はオンチェーン精算後）。具体的な締めスロット、予定引き落とし時刻、再試行間隔はプラットフォーム側で管理されるため、暦をハードコードせずプラットフォームの精算ステータスと `fee_bps` を正本としてください。
 ## 最短導入

package/docs/api-reference.md CHANGED Viewed

@@ -10,7 +10,7 @@ SDRP serves two kinds of buyer, and you integrate each differently. In both
 cases the buyer pays from a Siglume wallet (JPYC for JPY, USDC for USD) — not a
 card — and the merchant SDK never authenticates the buyer.
-- **Human web shopper → Hosted Checkout.** Call
+- **Human web shopper → Hosted Checkout (Beta; server rollout in progress).** Call
   [`createCheckoutSession`](#createcheckoutsessioninput--create_checkout_session)
   on `DirectRequestPaymentMerchantClient` and redirect the shopper to the
   returned `checkout_url`. The shopper signs into Siglume on the hosted page,
@@ -216,6 +216,12 @@ webhook-origin auto-allow apply.
 ### `createCheckoutSession(input)` / `create_checkout_session(...)`
+Beta / server rollout: Hosted Checkout is rolling out account by account. If the
+server endpoint is not enabled for the merchant yet, the SDK raises
+`HostedCheckoutNotAvailableError` (TS + Py) rather than leaking a raw rollout
+404/409. Fulfillment must still key off the signed `direct_payment.confirmed`
+webhook.
 Creates a single-use, expiring Hosted Checkout session for a human web shopper
 and returns the URL to redirect them to. Requires the merchant's Siglume bearer
 token. The server authors the challenge from the merchant's challenge secret —
@@ -447,6 +453,7 @@ TypeScript exports:
 - `SiglumeDirectRequestPaymentError`
 - `SiglumeApiError`
+- `HostedCheckoutNotAvailableError`
 - `SiglumeWebhookSignatureError`
 - `SiglumeWebhookPayloadError`
@@ -454,8 +461,11 @@ Python exports:
 - `DirectRequestPaymentError`
 - `SiglumeApiError`
+- `HostedCheckoutNotAvailableError`
 - `SiglumeWebhookSignatureError`
 - `SiglumeWebhookPayloadError`
 `SiglumeApiError` includes the HTTP status, platform error code, and parsed
 response data where available.
+`HostedCheckoutNotAvailableError` is raised when the Hosted Checkout server
+surface is not enabled for the account yet during the rollout.

package/docs/merchant-quickstart.md CHANGED Viewed

@@ -24,7 +24,7 @@ revenue remains unsettled until the later on-chain settlement succeeds.
 There are two ways a buyer reaches you, and you integrate each differently:
-- **Human web shopper → Hosted Checkout.** Create a checkout session and
+- **Human web shopper → Hosted Checkout (Beta; server rollout in progress).** Create a checkout session and
   redirect the shopper to the Siglume-hosted page (the
   [section below](#hosted-checkout-human-web-shoppers)). This is the path that
   resembles a Stripe-style hosted checkout.
@@ -38,6 +38,10 @@ the merchant SDK never authenticates the buyer, and you fulfill on the same
 ## Hosted Checkout (Human Web Shoppers)
+**Beta / server rollout:** Hosted Checkout is rolling out account by account.
+Some merchant accounts may not have the server endpoint enabled yet. The SDK
+raises `HostedCheckoutNotAvailableError` for rollout 404/409 responses.
 When a person clicks "Pay with Siglume" on your site, create a session and
 redirect them to the returned `checkout_url`. They sign into Siglume on the
 hosted page, approve, and pay from their own wallet, then return to your

package/docs/pricing.md CHANGED Viewed

@@ -59,34 +59,38 @@ confirmed payment turns into money in your settlement wallet.
 | Band | Cadence | Period | You are paid |
 | --- | --- | --- | --- |
 | Standard Payment | Per payment | n/a | On-chain, immediately after each payment confirms |
-| Micro Payment | Weekly | Buyer settlement timezone Monday 00:00 to the next Monday 00:00; default timezone is UTC | After the week closes, in aggregated on-chain settlement(s) grouped per buyer, payee, token, and period |
-| Nano Payment | Monthly | Buyer settlement timezone 1st 00:00 to the 1st of the next month 00:00; default timezone is UTC | After the month closes, in aggregated on-chain settlement(s) grouped per buyer, payee, token, and period |
+| Micro Payment | Weekly | Fixed weekly slot assigned per account | After the period closes, after the final notice and an approximately 3-day pre-debit notice site, in aggregated on-chain settlement(s) grouped per buyer, payee, token, and period |
+| Nano Payment | Monthly | Fixed monthly slot assigned per account | After the period closes, after the final notice and an approximately 3-day pre-debit notice site, in aggregated on-chain settlement(s) grouped per buyer, payee, token, and period |
 ### Micro weekly settlement
-- **Closing period.** Micro-band payments accrue across one calendar week:
-  Monday 00:00 to the following Monday 00:00 in the buyer settlement timezone.
+- **Closing period.** Micro-band payments accrue across one weekly period. The
+  specific closing weekday and time are assigned as a fixed slot per account to
+  spread settlement load.
 - **Timezone.** Period boundaries are evaluated in the buyer's configured
-  settlement timezone, defaulting to UTC, so different buyers can close on
-  slightly different local boundaries.
+  settlement timezone, defaulting to UTC. Assigned slots are persisted and are
+  not recalculated on the fly.
 - **Settlement.** After the week closes, Siglume aggregates that week's Micro
   payments — grouped per buyer, payee, token, and period — into on-chain
-  settlement(s). Aggregation and payment run automatically on the next settlement
-  pass after the period closes; there is a short, platform-managed lag between
-  the close and the on-chain transaction.
+  settlement(s). Siglume sends the final debit notice first; the on-chain debit
+  is not attempted until the scheduled attempt time after an approximately
+  3-day pre-debit notice site (`not_before_attempt_at`).
 - **Revenue recognition.** A Micro payment is final only once its weekly
   settlement confirms on-chain. Until then it is accrued, not settled.
 ### Nano monthly settlement
-- **Closing period.** Nano-band payments accrue across one calendar month:
-  the 1st at 00:00 to the 1st of the next month at 00:00 in the buyer
-  settlement timezone.
+- **Closing period.** Nano-band payments accrue across one monthly period. The
+  specific closing day and time are assigned as a fixed slot per account to
+  spread settlement load.
 - **Timezone.** As with Micro, period boundaries use the buyer's configured
-  settlement timezone, defaulting to UTC.
+  settlement timezone, defaulting to UTC. Assigned slots are persisted and are
+  not recalculated on the fly.
 - **Settlement.** After the month closes, Siglume aggregates that month's Nano
   payments — grouped per buyer, payee, token, and period — into on-chain
-  settlement(s), on the next settlement pass after the period closes.
+  settlement(s). Siglume sends the final debit notice first; the on-chain debit
+  is not attempted until the scheduled attempt time after an approximately
+  3-day pre-debit notice site (`not_before_attempt_at`).
 - **Revenue recognition.** A Nano payment is final only once its monthly
   settlement confirms on-chain.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@siglume/direct-request-payment",
-  "version": "0.4.0",
+  "version": "0.4.1",
   "description": "SDK for the Siglume Direct Request Payment SDRP payment protocol",
   "keywords": [
     "siglume",