npm - @siglume/direct-request-payment - Versions diffs - 0.4.0 → 0.4.2 - Mend

@siglume/direct-request-payment 0.4.0 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/CHANGELOG.md +42 -0
package/README.md +51 -1
package/dist/index.cjs +32 -5
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +5 -1
package/dist/index.d.ts +5 -1
package/dist/index.js +32 -5
package/dist/index.js.map +1 -1
package/docs/announcement-ja.md +8 -6
package/docs/api-reference.md +344 -18
package/docs/merchant-quickstart.md +32 -1
package/docs/pricing.md +18 -14
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,47 @@
 # Changelog
+## 0.4.2 - 2026-06-19
+Documentation completeness release. No wire-format or API changes; 0.4.x clients
+interoperate unchanged. The SDK is the only manual integrators have, so every
+public capability is now documented and every signature verified against code.
+- Documented previously-undocumented public methods/functions: buyer-client
+  `getPaymentRequirement` and `executePreparedTransaction`; the module helpers
+  `parseDirectRequestPaymentChallenge`, `createDirectRequestPaymentChallengeSignature`,
+  `createDirectRequestPaymentRecurringChallengeSignature`,
+  `buildPaymentExecutionPayload` / `buildAllowanceExecutionPayload` /
+  `buildPreparedTransactionExecutionPayload`, and `computeWebhookSignature` (plus
+  full per-function webhook-verification entries with examples).
+- Added an **Exported Constants** table (all 8 importable constants with values)
+  and an **Aliases** table (the `external_402*` legacy aliases → preferred
+  `DirectRequestPayment*` names).
+- Replaced the "Python uses snake_case" hand-wave with the **actual Python
+  keyword-only signatures** for the challenge / webhook / signature verifiers.
+- Documented the `setupCheckout` toggles (`prepare_billing_mandate`,
+  `create_webhook_subscription`, `webhook_event_types`, `webhook_description`)
+  and completed the `getCheckoutSession` / `HostedCheckoutSession` return fields
+  (`authenticated_at`, `cancelled_at`, `created_at`, …).
+- Clarified that `billing_plan` also accepts the legacy `free` (Launch) key, that
+  subscription creation (`POST /v1/sdrp/direct-payments/subscriptions`) has no SDK
+  method and must be called over raw HTTP, and added `METERED_SETTLEMENT_PAST_DUE`
+  to the merchant-quickstart failure-handling list.
+- README: added the missing **Python** Hosted Checkout example and a
+  `getCheckoutSession` status-poll example.
+## 0.4.1 - 2026-06-18
+Hosted Checkout rollout correction release.
+- Marked Hosted Checkout as Beta / server rollout in the README and API docs so
+  merchants do not treat the 0.4.0 surface as universally GA while accounts are
+  still being enabled.
+- Added `HostedCheckoutNotAvailableError` (TS + Py). `createCheckoutSession` /
+  `create_checkout_session` and `getCheckoutSession` / `get_checkout_session`
+  now map rollout 404/409 responses to this explicit error instead of exposing a
+  raw missing-route response.
+- Bumped default SDK user agents to 0.4.1.
 ## 0.4.0 - 2026-06-18
 Hosted Checkout for human web shoppers ("Pay with Siglume"). The two buyer

package/README.md CHANGED Viewed

@@ -32,7 +32,7 @@ cases the buyer pays from a **Siglume wallet** (JPYC for JPY, USDC for USD) —
 is **not** a card payment — and your **merchant SDK never authenticates the
 buyer**.
-1. **Human web shopper → Hosted Checkout.** When a person clicks "Pay with
+1. **Human web shopper → Hosted Checkout (Beta; server rollout in progress).** When a person clicks "Pay with
    Siglume" on your site, call
    [`createCheckoutSession(...)`](#hosted-checkout-human-web-shoppers) and
    redirect them to the returned `checkout_url`. They sign into Siglume (passkey
@@ -62,6 +62,12 @@ card-style "instant" checkout for first-time buyers.
 ## Hosted Checkout (Human Web Shoppers)
+**Beta / server rollout:** Hosted Checkout is rolling out account by account.
+Some merchant accounts may not have the server endpoint enabled yet. In that
+case `createCheckoutSession(...)` / `getCheckoutSession(...)` raises
+`HostedCheckoutNotAvailableError` instead of exposing the raw rollout 404/409.
+Keep fulfilling only from the signed `direct_payment.confirmed` webhook.
 Hosted Checkout is a Siglume-hosted page that turns a "Pay with Siglume" button
 into a completed wallet payment, then returns the shopper to your store. It
 orchestrates the same rails as the agent flow — there is no new money movement
@@ -97,6 +103,38 @@ redirect(session.checkout_url); // -> https://siglume.com/pay/<session_id>
 //    you also want to show status in your own UI.
 ```
+```py
+import os
+from siglume_direct_request_payment import DirectRequestPaymentMerchantClient
+merchant = DirectRequestPaymentMerchantClient(auth_token=os.environ["SIGLUME_MERCHANT_AUTH_TOKEN"])
+# 1. Register the return-URL origins once (open-redirect defense). The origin of
+#    your webhook_callback_url is auto-allowed in addition to these.
+merchant.setup_merchant(
+    merchant="your_merchant_key",
+    webhook_callback_url="https://api.your-shop.com/webhooks/siglume",
+    checkout_allowed_origins=["https://www.your-shop.com"],
+)
+# 2. Per order: create a session and redirect the shopper to checkout_url.
+session = merchant.create_checkout_session(
+    merchant="your_merchant_key",
+    amount_minor=500,            # server-fixed; the browser cannot change it
+    currency="JPY",
+    nonce=order["id"],           # unique per order
+    success_url="https://www.your-shop.com/thanks",
+    cancel_url="https://www.your-shop.com/cart",
+    metadata={"order_id": order["id"]},
+)
+redirect(session["checkout_url"])  # -> https://siglume.com/pay/<session_id>
+# 3. Fulfill when the signed direct_payment.confirmed webhook arrives (the
+#    source of truth). Poll merchant.get_checkout_session(session["session_id"])
+#    if you also want to show status in your own UI.
+```
 Siglume fixes the amount, currency, challenge, and return URLs **server-side** at
 session creation, so the browser cannot tamper with the price or the redirect
 target. The shopper's Siglume credentials are never shared with your store.
@@ -112,6 +150,18 @@ target. The shopper's Siglume credentials are never shared with your store.
 - **Buyer** — needs a Siglume wallet funded in **JPYC / USDC**. **Not a card
   payment.**
+**Optional status poll.** The webhook is the source of truth for fulfillment, but
+you can read a session's status (`open` / `authenticated` / `paid` / `expired` /
+`cancelled` / `failed`) to drive your own UI:
+```ts
+const status = (await merchant.getCheckoutSession(session.session_id)).status;
+```
+```py
+status = merchant.get_checkout_session(session["session_id"])["status"]
+```
 ## Amount-Based Pricing and Settlement
 Pricing has one structure: you choose a **Standard Payment** plan once during

package/dist/index.cjs CHANGED Viewed

@@ -40,6 +40,7 @@ __export(src_exports, {
   DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE: () => DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,
   DirectRequestPaymentClient: () => DirectRequestPaymentClient,
   DirectRequestPaymentMerchantClient: () => DirectRequestPaymentMerchantClient,
+  HostedCheckoutNotAvailableError: () => HostedCheckoutNotAvailableError,
   SiglumeApiError: () => SiglumeApiError,
   SiglumeDirectRequestPaymentError: () => SiglumeDirectRequestPaymentError,
   SiglumeWebhookPayloadError: () => SiglumeWebhookPayloadError,
@@ -93,6 +94,12 @@ var SiglumeApiError = class extends SiglumeDirectRequestPaymentError {
     this.data = options.data;
   }
 };
+var HostedCheckoutNotAvailableError = class extends SiglumeApiError {
+  constructor(message = "Hosted Checkout is not enabled for this account yet (server rollout in progress).") {
+    super(message, { status: 409, code: "HOSTED_CHECKOUT_NOT_ENABLED" });
+    this.name = "HostedCheckoutNotAvailableError";
+  }
+};
 var SiglumeWebhookSignatureError = class extends SiglumeDirectRequestPaymentError {
   constructor(message) {
     super(message);
@@ -125,7 +132,7 @@ var DirectRequestPaymentClient = class {
     this.auth_token = authToken;
     this.base_url = (options.base_url ?? envValue("SIGLUME_API_BASE") ?? DEFAULT_SIGLUME_API_BASE).replace(/\/+$/, "");
     this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15e3));
-    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.0";
+    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.2";
     this.fetch_impl = fetchImpl;
   }
   async createPaymentRequirement(input) {
@@ -230,7 +237,7 @@ var DirectRequestPaymentMerchantClient = class {
     this.auth_token = authToken;
     this.base_url = (options.base_url ?? envValue("SIGLUME_API_BASE") ?? DEFAULT_SIGLUME_API_BASE).replace(/\/+$/, "");
     this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15e3));
-    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.0";
+    this.user_agent = options.user_agent ?? "@siglume/direct-request-payment/0.4.2";
     this.fetch_impl = fetchImpl;
   }
   async setupMerchant(input) {
@@ -275,14 +282,14 @@ var DirectRequestPaymentMerchantClient = class {
       merchant: normalizeSelfServiceMerchant(input.merchant),
       amount_minor: positiveInteger(input.amount_minor, "amount_minor"),
       currency: normalizeCurrency(input.currency),
-      nonce: requireNonEmpty(input.nonce, "nonce"),
+      nonce: normalizeChallengeNonce(input.nonce),
       success_url: requireNonEmpty(input.success_url, "success_url"),
       cancel_url: requireNonEmpty(input.cancel_url, "cancel_url")
     };
     if (input.metadata !== void 0) {
       payload.metadata = cloneJsonObject(input.metadata, "metadata");
     }
-    return this.request(
+    return this.requestHostedCheckout(
       "POST",
       "/sdrp/direct-payments/checkout-sessions",
       payload
@@ -290,7 +297,7 @@ var DirectRequestPaymentMerchantClient = class {
   }
   /** Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). */
   async getCheckoutSession(session_id) {
-    return this.request(
+    return this.requestHostedCheckout(
       "GET",
       `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, "session_id"))}`
     );
@@ -399,6 +406,16 @@ var DirectRequestPaymentMerchantClient = class {
       clearTimeout(timeout);
     }
   }
+  async requestHostedCheckout(method, path, json_body) {
+    try {
+      return await this.request(method, path, json_body);
+    } catch (error) {
+      if (isHostedCheckoutUnavailable(error)) {
+        throw new HostedCheckoutNotAvailableError();
+      }
+      throw error;
+    }
+  }
 };
 async function createDirectRequestPaymentChallenge(input) {
   const merchant = normalizeMerchant(input.merchant);
@@ -745,6 +762,16 @@ function stringOrNull(value) {
   const text = value.trim();
   return text ? text : null;
 }
+function isHostedCheckoutUnavailable(error) {
+  if (!(error instanceof SiglumeApiError)) {
+    return false;
+  }
+  const code = error.code.toUpperCase();
+  if (error.status === 409 && (code === "HOSTED_CHECKOUT_NOT_ENABLED" || code === "FEATURE_DISABLED")) {
+    return true;
+  }
+  return error.status === 404 && (code === "HTTP_404" || code === "NOT_FOUND" || code === "ROUTE_NOT_FOUND" || code === "FEATURE_DISABLED");
+}
 function isRecord(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }

package/dist/index.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts"],"sourcesContent":["export const DEFAULT_SIGLUME_API_BASE = \"https://siglume.com/v1\";\nexport const DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME = \"siglume-external-402-v1\";\n// Recurring (subscription / scheduled autopay) approval uses a DISTINCT scheme\n// with cadence bound into the HMAC, so a one-time checkout challenge can never\n// be replayed as a recurring authorization and vice versa.\nexport const DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME = \"siglume-external-402-recurring-v1\";\nexport const DIRECT_REQUEST_PAYMENT_MODE = \"external_402\";\nexport const DIRECT_REQUEST_PAYMENT_RECEIPT_KIND = \"sdrp_direct_payment\";\nexport const DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND = \"sdrp_direct_payment_allowance\";\nexport const DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE = \"sdrp_direct_payment_requirement\";\nexport const DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 300;\n\nexport type DirectRequestPaymentCurrency = \"JPY\" \| \"USD\";\nexport type DirectRequestPaymentToken = \"JPYC\" \| \"USDC\";\n\nexport interface DirectRequestPaymentChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface ParsedDirectRequestPaymentChallenge {\n scheme: string;\n nonce: string;\n signature: string;\n}\n\n/** \"monthly\" authorizes a Siglume-swept subscription; \"daily\" authorizes\n * merchant-triggered scheduled autopay. It is an approval tag, not a\n * run-count limiter. /\nexport type DirectRequestPaymentRecurringCadence = \"monthly\" \| \"daily\";\n\nexport interface DirectRequestPaymentRecurringChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentRecurringChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n cadence: DirectRequestPaymentRecurringCadence;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface Web3TransactionRequest {\n network?: string;\n chain_id?: number;\n from?: string;\n to?: string;\n data?: string;\n value?: string \| number;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectPaymentRequirement {\n direct_payment_requirement_id: string;\n requirement_id: string;\n id: string;\n mode: string;\n merchant?: string \| null;\n challenge_hash?: string \| null;\n buyer_user_id: string;\n agent_id?: string \| null;\n product_listing_id: string;\n listing_id: string;\n access_grant_id?: string \| null;\n capability_key: string;\n requirement_hash: string;\n request_hash: string;\n siglume_signature: string;\n token_symbol: string;\n currency: string;\n amount_minor: number;\n fee_bps: number;\n status: string;\n expires_at?: string \| null;\n confirmed_at?: string \| null;\n spent_at?: string \| null;\n chain_receipt_id?: string \| null;\n transaction_request: Web3TransactionRequest;\n approve_transaction_request?: Web3TransactionRequest \| null;\n buyer_confirmation?: string \| null;\n non_custodial: boolean;\n metadata_jsonb?: Record<string, unknown>;\n created_at?: string \| null;\n updated_at?: string \| null;\n}\n\nexport interface DirectPaymentRequirementCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n token_symbol?: DirectRequestPaymentToken \| string;\n allowance_amount_minor?: number;\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectPaymentVerifyInput {\n receipt_id?: string \| null;\n chain_receipt_id?: string \| null;\n await_finality?: boolean;\n await_required_status?: string \| null;\n await_timeout_seconds?: number;\n await_poll_seconds?: number;\n}\n\nexport interface Web3PreparedTransactionExecutePayload {\n transaction_request: Web3TransactionRequest;\n receipt_kind: string;\n reference_type: typeof DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE;\n reference_id: string;\n metadata?: Record<string, unknown>;\n await_finality?: boolean;\n}\n\nexport interface Web3PreparedTransactionExecuteResult {\n receipt?: Record<string, unknown>;\n finalization?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentClientOptions {\n auth_token?: string;\n base_url?: string;\n fetch?: typeof fetch;\n timeout_ms?: number;\n user_agent?: string;\n}\n\nexport type DirectRequestPaymentBillingPlan = \"launch\" \| \"free\" \| \"starter\" \| \"growth\" \| \"pro\";\n\nexport interface DirectRequestPaymentMerchantAccount {\n merchant_account_id: string;\n merchant: string;\n merchant_user_id: string;\n user_wallet_id?: string \| null;\n billing_mandate_id?: string \| null;\n display_name?: string \| null;\n status?: string \| null;\n billing_status?: string \| null;\n billing_plan?: string \| null;\n billing_currency?: string \| null;\n token_symbol?: string \| null;\n monthly_fee_minor?: number \| null;\n settlement_fee_bps?: number \| null;\n settlement_fee_min_minor?: number \| null;\n included_monthly_payments?: number \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantSetupInput {\n merchant: string;\n display_name?: string;\n billing_plan?: DirectRequestPaymentBillingPlan \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n allowed_currencies?: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>;\n webhook_callback_url?: string;\n billing_mandate_cap_minor?: number;\n max_amount_minor?: number;\n // Hosted Checkout return-URL origin allowlist (open-redirect defense). Each\n // entry is an absolute origin such as \"https://shop.example.com\". The origin\n // of webhook_callback_url is auto-allowed in addition to these.\n checkout_allowed_origins?: string[];\n}\n\nexport interface HostedCheckoutSessionCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n success_url: string;\n cancel_url: string;\n metadata?: Record<string, unknown>;\n}\n\nexport interface HostedCheckoutSessionCreateResult {\n checkout_url: string;\n session_id: string;\n challenge_hash: string;\n status?: string;\n expires_at?: string \| null;\n}\n\nexport interface HostedCheckoutSession {\n session_id: string;\n merchant: string;\n currency: string;\n token_symbol: string;\n amount_minor: number;\n status: string;\n challenge_hash: string;\n requirement_id?: string \| null;\n success_url: string;\n cancel_url: string;\n expires_at?: string \| null;\n authenticated_at?: string \| null;\n paid_at?: string \| null;\n cancelled_at?: string \| null;\n created_at?: string \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantBillingMandateInput {\n currency?: DirectRequestPaymentCurrency \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantResponse {\n merchant_account: DirectRequestPaymentMerchantAccount;\n challenge_secret?: string \| null;\n challenge_secret_created?: boolean;\n created?: boolean \| null;\n listing_id?: string \| null;\n mandate?: Record<string, unknown> \| null;\n next_steps?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscriptionInput {\n callback_url: string;\n description?: string;\n event_types?: string[];\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscription {\n webhook_subscription_id?: string;\n subscription_id?: string;\n id?: string;\n callback_url?: string;\n signing_secret?: string;\n status?: string;\n event_types?: string[];\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupInput extends DirectRequestPaymentMerchantSetupInput {\n create_webhook_subscription?: boolean;\n prepare_billing_mandate?: boolean;\n webhook_event_types?: string[];\n webhook_description?: string;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupResult {\n merchant: DirectRequestPaymentMerchantResponse;\n billing_mandate?: DirectRequestPaymentMerchantResponse \| null;\n webhook_subscription?: DirectRequestPaymentWebhookSubscription \| null;\n env: Record<string, string>;\n}\n\nexport interface SiglumeEnvelopeMeta {\n request_id?: string \| null;\n trace_id?: string \| null;\n [key: string]: unknown;\n}\n\nexport interface WebhookSignatureVerification {\n timestamp: number;\n signature: string;\n}\n\nexport interface DirectRequestPaymentWebhookEvent {\n id: string;\n type: \"direct_payment.confirmed\" \| string;\n api_version: string;\n occurred_at: string;\n data: {\n mode?: string;\n merchant?: string;\n direct_payment_requirement_id?: string;\n requirement_id?: string;\n challenge_hash?: string;\n amount_minor?: number;\n currency?: string;\n token_symbol?: string;\n status?: string;\n [key: string]: unknown;\n };\n [key: string]: unknown;\n}\n\nexport class SiglumeDirectRequestPaymentError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeDirectRequestPaymentError\";\n }\n}\n\nexport class SiglumeApiError extends SiglumeDirectRequestPaymentError {\n readonly status: number;\n readonly code: string;\n readonly data: unknown;\n\n constructor(message: string, options: { status: number; code?: string; data?: unknown }) {\n super(message);\n this.name = \"SiglumeApiError\";\n this.status = options.status;\n this.code = options.code ?? \"SIGLUME_API_ERROR\";\n this.data = options.data;\n }\n}\n\nexport class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookSignatureError\";\n }\n}\n\nexport class SiglumeWebhookPayloadError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookPayloadError\";\n }\n}\n\nexport class DirectRequestPaymentClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A buyer Siglume bearer token is required for Direct Request Payment API calls. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.0\";\n this.fetch_impl = fetchImpl;\n }\n\n async createPaymentRequirement(input: DirectPaymentRequirementCreateInput): Promise<DirectPaymentRequirement> {\n const payload: Record<string, unknown> = {\n mode: DIRECT_REQUEST_PAYMENT_MODE,\n merchant: normalizeMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n challenge: requireNonEmpty(input.challenge, \"challenge\"),\n };\n if (input.token_symbol !== undefined) {\n payload.token_symbol = normalizeToken(input.token_symbol);\n }\n if (input.allowance_amount_minor !== undefined) {\n payload.allowance_amount_minor = positiveInteger(input.allowance_amount_minor, \"allowance_amount_minor\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectPaymentRequirement>(\"POST\", \"/sdrp/direct-payments/requirements\", payload);\n }\n\n async getPaymentRequirement(requirement_id: string): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"GET\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}`,\n );\n }\n\n async verifyPaymentRequirement(\n requirement_id: string,\n input: DirectPaymentVerifyInput,\n ): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"POST\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}/verify`,\n input,\n );\n }\n\n async executePreparedTransaction(\n payload: Web3PreparedTransactionExecutePayload,\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.request<Web3PreparedTransactionExecuteResult>(\n \"POST\",\n \"/market/web3/transactions/execute-prepared\",\n payload,\n );\n }\n\n async executePaymentTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildPaymentExecutionPayload(requirement, options));\n }\n\n async executeAllowanceTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildAllowanceExecutionPayload(requirement, options));\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport class DirectRequestPaymentMerchantClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_MERCHANT_AUTH_TOKEN\") ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A merchant Siglume bearer token is required for Direct Request Payment merchant setup. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.0\";\n this.fetch_impl = fetchImpl;\n }\n\n async setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n billing_plan: normalizeBillingPlan(input.billing_plan ?? \"launch\"),\n billing_currency: normalizeCurrency(input.billing_currency ?? \"JPY\"),\n };\n if (input.display_name !== undefined) {\n payload.display_name = requireNonEmpty(input.display_name, \"display_name\");\n }\n if (input.allowed_currencies !== undefined) {\n payload.allowed_currencies = normalizeAllowedCurrencies(input.allowed_currencies);\n }\n if (input.webhook_callback_url !== undefined) {\n payload.webhook_callback_url = requireNonEmpty(input.webhook_callback_url, \"webhook_callback_url\");\n }\n if (input.billing_mandate_cap_minor !== undefined) {\n payload.billing_mandate_cap_minor = positiveInteger(input.billing_mandate_cap_minor, \"billing_mandate_cap_minor\");\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n if (input.checkout_allowed_origins !== undefined) {\n payload.checkout_allowed_origins = normalizeOriginList(input.checkout_allowed_origins);\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\"POST\", \"/sdrp/direct-payments/merchants\", payload);\n }\n\n /\n Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web\n * shoppers). Siglume authors the challenge server-side, persists a single-use\n * expiring session, and returns a `checkout_url`. Redirect the shopper there;\n * they log into Siglume, approve, and pay from their own wallet, then return\n * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook\n * (the source of truth), exactly as with the agent flow.\n \n `success_url`/`cancel_url` must be on an origin you registered via\n * `checkout_allowed_origins` (or your `webhook_callback_url` origin).\n /\n async createCheckoutSession(input: HostedCheckoutSessionCreateInput): Promise<HostedCheckoutSessionCreateResult> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n nonce: requireNonEmpty(input.nonce, \"nonce\"),\n success_url: requireNonEmpty(input.success_url, \"success_url\"),\n cancel_url: requireNonEmpty(input.cancel_url, \"cancel_url\"),\n };\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<HostedCheckoutSessionCreateResult>(\n \"POST\",\n \"/sdrp/direct-payments/checkout-sessions\",\n payload,\n );\n }\n\n /* Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). /\n async getCheckoutSession(session_id: string): Promise<HostedCheckoutSession> {\n return this.request<HostedCheckoutSession>(\n \"GET\",\n `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, \"session_id\"))}`,\n );\n }\n\n async getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"GET\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}`,\n );\n }\n\n async rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/challenge-secret/rotate`,\n );\n }\n\n async prepareBillingMandate(\n merchant: string,\n input: DirectRequestPaymentMerchantBillingMandateInput = {},\n ): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {};\n if (input.currency !== undefined) {\n payload.currency = normalizeCurrency(input.currency);\n }\n if (input.billing_currency !== undefined) {\n payload.billing_currency = normalizeCurrency(input.billing_currency);\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/billing-mandate`,\n payload,\n );\n }\n\n async createWebhookSubscription(\n input: DirectRequestPaymentWebhookSubscriptionInput,\n ): Promise<DirectRequestPaymentWebhookSubscription> {\n const payload: Record<string, unknown> = {\n callback_url: requireNonEmpty(input.callback_url, \"callback_url\"),\n event_types: input.event_types?.length\n ? input.event_types.map((eventType) => requireNonEmpty(eventType, \"event_type\"))\n : [\"direct_payment.confirmed\", \"direct_payment.spent\"],\n };\n if (input.description !== undefined) {\n payload.description = requireNonEmpty(input.description, \"description\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectRequestPaymentWebhookSubscription>(\"POST\", \"/market/webhooks/subscriptions\", payload);\n }\n\n async setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult> {\n const merchant = await this.setupMerchant(input);\n const merchantKey = merchant.merchant_account.merchant;\n const billing_mandate = input.prepare_billing_mandate === false\n ? null\n : await this.prepareBillingMandate(merchantKey, {\n billing_currency: merchant.merchant_account.billing_currency ?? input.billing_currency ?? \"JPY\",\n max_amount_minor: input.max_amount_minor ?? input.billing_mandate_cap_minor,\n });\n const shouldCreateWebhook = input.create_webhook_subscription ?? Boolean(input.webhook_callback_url);\n const webhook_subscription = shouldCreateWebhook && input.webhook_callback_url\n ? await this.createWebhookSubscription({\n callback_url: input.webhook_callback_url,\n description: input.webhook_description ?? `${merchantKey} Direct Request Payment`,\n event_types: input.webhook_event_types,\n metadata: { merchant: merchantKey, sdk: \"@siglume/direct-request-payment\" },\n })\n : null;\n const env: Record<string, string> = {\n SIGLUME_DIRECT_PAYMENT_MERCHANT: merchantKey,\n };\n if (merchant.challenge_secret) {\n env.SIGLUME_DIRECT_PAYMENT_CHALLENGE_SECRET = merchant.challenge_secret;\n }\n const webhookSecret = stringOrNull(webhook_subscription?.signing_secret);\n if (webhookSecret) {\n env.SIGLUME_WEBHOOK_SECRET = webhookSecret;\n }\n return { merchant, billing_mandate, webhook_subscription, env };\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport async function createDirectRequestPaymentChallenge(\n input: DirectRequestPaymentChallengeInput,\n): Promise<DirectRequestPaymentChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = normalizeChallengeNonce(input.nonce);\n const material = `${merchant}:${amount}:${currency}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport function parseDirectRequestPaymentChallenge(challenge: string): ParsedDirectRequestPaymentChallenge {\n const parts = requireNonEmpty(challenge, \"challenge\").split(\":\");\n if (parts.length !== 3) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge must be scheme:nonce:signature.\");\n }\n const [scheme, nonce, signature] = parts;\n if (!scheme \|\| !nonce \|\| !signature) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge is incomplete.\");\n }\n return { scheme, nonce, signature };\n}\n\n/* Merchant-side, ONE-TIME approval of a recurring authorization: amount +\n * currency + cadence are bound into the HMAC. Recurring charges afterwards\n * are deliberately challenge-free; the recurring authorization and the\n * buyer's mandate/budget caps are the per-charge integrity checks. Cadence\n * \"monthly\" = subscription, \"daily\" = scheduled autopay approval tag. /\nexport async function createDirectRequestPaymentRecurringChallenge(\n input: DirectRequestPaymentRecurringChallengeInput,\n): Promise<DirectRequestPaymentRecurringChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentRecurringChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentRecurringChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = normalizeChallengeNonce(input.nonce);\n // MUST stay byte-identical to the server's\n // _external_402_recurring_challenge_signature — both sides change together.\n const material = `${merchant}:${amount}:${currency}:${cadence}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport async function verifyDirectRequestPaymentRecurringChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentRecurringChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n cadence: input.cadence,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function verifyDirectRequestPaymentChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function directRequestPaymentChallengeHash(challenge: string): Promise<string> {\n return sha256Prefixed(requireNonEmpty(challenge, \"challenge\"));\n}\n\nexport async function directRequestPaymentRequestHash(input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n}): Promise<string> {\n const material = `${normalizeMerchant(input.merchant)}${positiveInteger(input.amount_minor, \"amount_minor\")}${normalizeCurrency(input.currency)}${requireNonEmpty(input.challenge, \"challenge\")}`;\n return sha256Prefixed(material);\n}\n\nexport function buildPaymentExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n return buildPreparedTransactionExecutionPayload(requirement, requirement.transaction_request, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildAllowanceExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n const approveRequest = requirement.approve_transaction_request;\n if (!approveRequest \|\| Object.keys(approveRequest).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"This payment requirement does not include an allowance approval transaction.\");\n }\n return buildPreparedTransactionExecutionPayload(requirement, approveRequest, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildPreparedTransactionExecutionPayload(\n requirement: DirectPaymentRequirement,\n transaction_request: Web3TransactionRequest,\n options: {\n receipt_kind: string;\n await_finality?: boolean;\n metadata?: Record<string, unknown>;\n },\n): Web3PreparedTransactionExecutePayload {\n const metadata = {\n ...(isRecord(transaction_request.metadata_jsonb) ? transaction_request.metadata_jsonb : {}),\n ...(options.metadata ?? {}),\n };\n return {\n transaction_request,\n receipt_kind: requireNonEmpty(options.receipt_kind, \"receipt_kind\"),\n reference_type: DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,\n reference_id: requirement.requirement_id,\n metadata,\n await_finality: Boolean(options.await_finality),\n };\n}\n\nexport async function computeWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp: number },\n): Promise<string> {\n if (!signing_secret) {\n throw new SiglumeWebhookSignatureError(\"SIGLUME webhook signing secret is required.\");\n }\n const timestamp = Math.trunc(options.timestamp);\n const bytes = bodyBytes(body);\n const prefix = new TextEncoder().encode(`${timestamp}.`);\n const payload = new Uint8Array(prefix.length + bytes.length);\n payload.set(prefix, 0);\n payload.set(bytes, prefix.length);\n return hmacSha256Hex(signing_secret, payload);\n}\n\nexport async function buildWebhookSignatureHeader(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp?: number } = {},\n): Promise<string> {\n const timestamp = Math.trunc(options.timestamp ?? Date.now() / 1000);\n const signature = await computeWebhookSignature(signing_secret, body, { timestamp });\n return `t=${timestamp},v1=${signature}`;\n}\n\nexport async function verifyWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<WebhookSignatureVerification> {\n const { timestamp, signature } = parseSignatureHeader(signature_header);\n const toleranceSeconds = Math.max(1, Math.trunc(options.tolerance_seconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS));\n const nowSeconds = Math.trunc(options.now ?? Date.now() / 1000);\n if (Math.abs(nowSeconds - timestamp) > toleranceSeconds) {\n throw new SiglumeWebhookSignatureError(\"Webhook timestamp is outside the allowed tolerance window.\");\n }\n const expected = await computeWebhookSignature(signing_secret, body, { timestamp });\n if (!(await timingSafeEqualHex(expected, signature))) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature did not match.\");\n }\n return { timestamp, signature };\n}\n\nexport function parseDirectRequestPaymentWebhookEvent(payload: unknown): DirectRequestPaymentWebhookEvent {\n const event = requireRecord(payload, \"webhook event\");\n const data = requireRecord(event.data, \"webhook event data\");\n const parsed = {\n ...event,\n id: requireNonEmpty(stringOrNull(event.id) ?? \"\", \"webhook event id\"),\n type: requireNonEmpty(stringOrNull(event.type) ?? \"\", \"webhook event type\"),\n api_version: requireNonEmpty(stringOrNull(event.api_version) ?? \"\", \"webhook api_version\"),\n occurred_at: requireNonEmpty(stringOrNull(event.occurred_at) ?? \"\", \"webhook occurred_at\"),\n data: { ...data },\n } as DirectRequestPaymentWebhookEvent;\n if (parsed.type === \"direct_payment.confirmed\" && parsed.data.mode !== DIRECT_REQUEST_PAYMENT_MODE) {\n throw new SiglumeWebhookPayloadError(\"direct_payment.confirmed webhook must carry data.mode='external_402'.\");\n }\n return parsed;\n}\n\nexport async function verifyDirectRequestPaymentWebhook(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<{ event: DirectRequestPaymentWebhookEvent; verification: WebhookSignatureVerification }> {\n const verification = await verifyWebhookSignature(signing_secret, body, signature_header, options);\n const text = new TextDecoder().decode(bodyBytes(body));\n let parsed: unknown;\n try {\n parsed = JSON.parse(text);\n } catch (error) {\n throw new SiglumeWebhookPayloadError(\"Webhook body must contain valid JSON.\");\n }\n return { event: parseDirectRequestPaymentWebhookEvent(parsed), verification };\n}\n\nexport const createExternal402Challenge = createDirectRequestPaymentChallenge;\nexport const verifyExternal402Challenge = verifyDirectRequestPaymentChallenge;\nexport const createExternal402RecurringChallenge = createDirectRequestPaymentRecurringChallenge;\nexport const verifyExternal402RecurringChallenge = verifyDirectRequestPaymentRecurringChallenge;\n\nfunction normalizeMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9._-]{0,95}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be a lowercase key using letters, numbers, dot, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeSelfServiceMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9_-]{2,63}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be 3-64 chars using lowercase letters, numbers, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeBillingPlan(value: string): DirectRequestPaymentBillingPlan {\n const plan = requireNonEmpty(value, \"billing_plan\").toLowerCase();\n if (plan === \"launch\" \|\| plan === \"free\" \|\| plan === \"starter\" \|\| plan === \"growth\" \|\| plan === \"pro\") {\n return plan;\n }\n throw new SiglumeDirectRequestPaymentError(\"billing_plan must be launch, starter, growth, or pro.\");\n}\n\nfunction normalizeCurrency(value: string): DirectRequestPaymentCurrency {\n const currency = requireNonEmpty(value, \"currency\").toUpperCase();\n if (currency !== \"JPY\" && currency !== \"USD\") {\n throw new SiglumeDirectRequestPaymentError(\"currency must be JPY or USD.\");\n }\n return currency;\n}\n\nfunction normalizeToken(value: string): DirectRequestPaymentToken {\n const token = requireNonEmpty(value, \"token_symbol\").toUpperCase();\n if (token !== \"JPYC\" && token !== \"USDC\") {\n throw new SiglumeDirectRequestPaymentError(\"token_symbol must be JPYC or USDC.\");\n }\n return token;\n}\n\nfunction normalizeAllowedCurrencies(value: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>): Record<string, string> {\n const normalized: Record<string, string> = {};\n if (Array.isArray(value)) {\n for (const item of value) {\n const currency = normalizeCurrency(item);\n normalized[currency] = defaultTokenForCurrency(currency);\n }\n } else if (isRecord(value)) {\n for (const [rawCurrency, rawToken] of Object.entries(value)) {\n normalized[normalizeCurrency(rawCurrency)] = normalizeToken(String(rawToken));\n }\n } else {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must be an array or a currency-to-token object.\");\n }\n if (Object.keys(normalized).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must include at least one currency.\");\n }\n return normalized;\n}\n\nfunction defaultTokenForCurrency(currency: DirectRequestPaymentCurrency): DirectRequestPaymentToken {\n return currency === \"JPY\" ? \"JPYC\" : \"USDC\";\n}\n\nfunction normalizeOriginList(value: string[]): string[] {\n if (!Array.isArray(value)) {\n throw new SiglumeDirectRequestPaymentError(\"checkout_allowed_origins must be an array of origin URLs.\");\n }\n const seen = new Set<string>();\n const origins: string[] = [];\n for (const item of value) {\n let url: URL;\n try {\n url = new URL(requireNonEmpty(String(item), \"checkout_allowed_origins entry\"));\n } catch {\n throw new SiglumeDirectRequestPaymentError(\n \"each checkout_allowed_origins entry must be an absolute origin such as https://shop.example.com.\",\n );\n }\n const origin = `${url.protocol.toLowerCase()}//${url.host.toLowerCase()}`;\n if (!seen.has(origin)) {\n seen.add(origin);\n origins.push(origin);\n }\n }\n return origins;\n}\n\nfunction positiveInteger(value: number, name: string): number {\n const parsed = Number(value);\n if (!Number.isSafeInteger(parsed) \|\| parsed <= 0) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a positive safe integer.`);\n }\n return parsed;\n}\n\nfunction requireNonEmpty(value: string, name: string): string {\n const text = String(value ?? \"\").trim();\n if (!text) {\n throw new SiglumeDirectRequestPaymentError(`${name} is required.`);\n }\n return text;\n}\n\nfunction normalizeChallengeNonce(value: string): string {\n const nonce = requireNonEmpty(value, \"nonce\");\n if (nonce.includes(\":\")) {\n throw new SiglumeDirectRequestPaymentError(\"nonce must not contain ':'.\");\n }\n return nonce;\n}\n\nfunction normalizeRecurringCadence(value: string): DirectRequestPaymentRecurringCadence {\n const cadence = requireNonEmpty(value, \"cadence\").toLowerCase();\n if (cadence !== \"monthly\" && cadence !== \"daily\") {\n throw new SiglumeDirectRequestPaymentError(\n 'cadence must be \"monthly\" (subscription) or \"daily\" (scheduled autopay).',\n );\n }\n return cadence;\n}\n\nfunction cloneJsonObject(value: Record<string, unknown>, name: string): Record<string, unknown> {\n try {\n const cloned = JSON.parse(JSON.stringify(value)) as unknown;\n if (!isRecord(cloned)) {\n throw new Error(\"not an object\");\n }\n return cloned;\n } catch (error) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a JSON-serializable object.`);\n }\n}\n\nfunction parseJson(rawText: string): unknown {\n try {\n return JSON.parse(rawText);\n } catch (error) {\n throw new SiglumeApiError(\"Siglume API returned invalid JSON.\", {\n status: 502,\n code: \"INVALID_JSON_RESPONSE\",\n data: rawText,\n });\n }\n}\n\nfunction stringOrNull(value: unknown): string \| null {\n if (typeof value !== \"string\") {\n return null;\n }\n const text = value.trim();\n return text ? text : null;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction requireRecord(value: unknown, name: string): Record<string, unknown> {\n if (!isRecord(value)) {\n throw new SiglumeWebhookPayloadError(`${name} must be an object.`);\n }\n return value;\n}\n\nfunction envValue(name: string): string \| undefined {\n if (typeof process === \"undefined\") {\n return undefined;\n }\n const value = process.env[name];\n return value && value.trim() ? value.trim() : undefined;\n}\n\nfunction bodyBytes(body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>): Uint8Array {\n if (body instanceof Uint8Array) {\n return body;\n }\n if (body instanceof ArrayBuffer) {\n return new Uint8Array(body);\n }\n if (typeof body === \"string\") {\n return new TextEncoder().encode(body);\n }\n if (isRecord(body)) {\n return new TextEncoder().encode(JSON.stringify(body));\n }\n throw new SiglumeWebhookPayloadError(\"Webhook body must be raw bytes, a string, or a JSON object.\");\n}\n\nfunction parseSignatureHeader(signatureHeader: string): { timestamp: number; signature: string } {\n let timestamp: number \| null = null;\n let signature: string \| null = null;\n for (const item of String(signatureHeader ?? \"\").split(\",\")) {\n const [key, value] = item.trim().split(\"=\", 2);\n if (key === \"t\") {\n const parsed = Number.parseInt(value ?? \"\", 10);\n if (!Number.isFinite(parsed)) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature timestamp is invalid.\");\n }\n timestamp = parsed;\n }\n if (key === \"v1\") {\n signature = String(value ?? \"\").trim();\n }\n }\n if (timestamp === null \|\| !signature) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature header is incomplete.\");\n }\n return { timestamp, signature };\n}\n\nasync function randomNonce(): Promise<string> {\n if (globalThis.crypto?.randomUUID) {\n return globalThis.crypto.randomUUID();\n }\n const bytes = new Uint8Array(16);\n if (globalThis.crypto?.getRandomValues) {\n globalThis.crypto.getRandomValues(bytes);\n } else if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n bytes.set(crypto.randomBytes(16));\n } else {\n throw new SiglumeDirectRequestPaymentError(\"Crypto random number generation is unavailable in this runtime.\");\n }\n return bytesToHex(bytes);\n}\n\nasync function hmacSha256Hex(secret: string, payload: Uint8Array): Promise<string> {\n if (globalThis.crypto?.subtle) {\n const stablePayload = new Uint8Array(payload.byteLength);\n stablePayload.set(payload);\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n );\n const digest = await globalThis.crypto.subtle.sign(\"HMAC\", key, stablePayload);\n return bytesToHex(new Uint8Array(digest));\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return crypto.createHmac(\"sha256\", secret).update(Buffer.from(payload)).digest(\"hex\");\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for HMAC-SHA256 in this runtime.\");\n}\n\nasync function sha256Prefixed(material: string): Promise<string> {\n const bytes = new TextEncoder().encode(material);\n if (globalThis.crypto?.subtle) {\n const digest = await globalThis.crypto.subtle.digest(\"SHA-256\", bytes);\n return `sha256:${bytesToHex(new Uint8Array(digest))}`;\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return `sha256:${crypto.createHash(\"sha256\").update(Buffer.from(bytes)).digest(\"hex\")}`;\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for SHA-256 in this runtime.\");\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return [...bytes].map((item) => item.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\nfunction hexToBytes(hex: string): Uint8Array {\n const normalized = String(hex ?? \"\").trim().toLowerCase();\n if (normalized.length % 2 !== 0 \|\| !/^[0-9a-f]$/.test(normalized)) {\n throw new SiglumeWebhookSignatureError(\"Hex digest is invalid.\");\n }\n const bytes = new Uint8Array(normalized.length / 2);\n for (let index = 0; index < normalized.length; index += 2) {\n bytes[index / 2] = Number.parseInt(normalized.slice(index, index + 2), 16);\n }\n return bytes;\n}\n\nasync function timingSafeEqualHex(left: string, right: string): Promise<boolean> {\n const leftBytes = hexToBytes(left);\n const rightBytes = hexToBytes(right);\n if (leftBytes.length !== rightBytes.length) {\n return false;\n }\n let diff = 0;\n for (let index = 0; index < leftBytes.length; index += 1) {\n diff \|= leftBytes[index]! ^ rightBytes[index]!;\n }\n return diff === 0;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,IAAM,2BAA2B;AACjC,IAAM,0CAA0C;AAIhD,IAAM,oDAAoD;AAC1D,IAAM,8BAA8B;AACpC,IAAM,sCAAsC;AAC5C,IAAM,gDAAgD;AACtD,IAAM,wCAAwC;AAC9C,IAAM,oCAAoC;AAyS1C,IAAM,mCAAN,cAA+C,MAAM;AAAA,EAC1D,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,iCAAiC;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,SAA4D;AACvF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS,QAAQ;AACtB,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAEO,IAAM,+BAAN,cAA2C,iCAAiC;AAAA,EACjF,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,cAAyC,iCAAiC;AAAA,EAC/E,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,MAAiC;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,oBAAoB;AACrE,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,yBAAyB,OAA+E;AAC5G,UAAM,UAAmC;AAAA,MACvC,MAAM;AAAA,MACN,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,WAAW,gBAAgB,MAAM,WAAW,WAAW;AAAA,IACzD;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,eAAe,MAAM,YAAY;AAAA,IAC1D;AACA,QAAI,MAAM,2BAA2B,QAAW;AAC9C,cAAQ,yBAAyB,gBAAgB,MAAM,wBAAwB,wBAAwB;AAAA,IACzG;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAkC,QAAQ,sCAAsC,OAAO;AAAA,EACrG;AAAA,EAEA,MAAM,sBAAsB,gBAA2D;AACrF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,IAC7G;AAAA,EACF;AAAA,EAEA,MAAM,yBACJ,gBACA,OACmC;AACnC,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,MAC3G;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,SAC+C;AAC/C,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,6BAA6B,aAAa,OAAO,CAAC;AAAA,EAC3F;AAAA,EAEA,MAAM,4BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,+BAA+B,aAAa,OAAO,CAAC;AAAA,EAC7F;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,qCAAN,MAAyC;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,6BAA6B,KAAK,SAAS,oBAAoB;AAChH,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,OAA8F;AAChH,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,qBAAqB,MAAM,gBAAgB,QAAQ;AAAA,MACjE,kBAAkB,kBAAkB,MAAM,oBAAoB,KAAK;AAAA,IACrE;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,gBAAgB,MAAM,cAAc,cAAc;AAAA,IAC3E;AACA,QAAI,MAAM,uBAAuB,QAAW;AAC1C,cAAQ,qBAAqB,2BAA2B,MAAM,kBAAkB;AAAA,IAClF;AACA,QAAI,MAAM,yBAAyB,QAAW;AAC5C,cAAQ,uBAAuB,gBAAgB,MAAM,sBAAsB,sBAAsB;AAAA,IACnG;AACA,QAAI,MAAM,8BAA8B,QAAW;AACjD,cAAQ,4BAA4B,gBAAgB,MAAM,2BAA2B,2BAA2B;AAAA,IAClH;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,QAAI,MAAM,6BAA6B,QAAW;AAChD,cAAQ,2BAA2B,oBAAoB,MAAM,wBAAwB;AAAA,IACvF;AACA,WAAO,KAAK,QAA8C,QAAQ,mCAAmC,OAAO;AAAA,EAC9G;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,sBAAsB,OAAqF;AAC/G,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,OAAO,gBAAgB,MAAM,OAAO,OAAO;AAAA,MAC3C,aAAa,gBAAgB,MAAM,aAAa,aAAa;AAAA,MAC7D,YAAY,gBAAgB,MAAM,YAAY,YAAY;AAAA,IAC5D;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,mBAAmB,YAAoD;AAC3E,WAAO,KAAK;AAAA,MACV;AAAA,MACA,2CAA2C,mBAAmB,gBAAgB,YAAY,YAAY,CAAC,CAAC;AAAA,IAC1G;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAiE;AACjF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,UAAiE;AAC3F,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,UACA,QAAyD,CAAC,GACX;AAC/C,UAAM,UAAmC,CAAC;AAC1C,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,kBAAkB,MAAM,QAAQ;AAAA,IACrD;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,kBAAkB,MAAM,gBAAgB;AAAA,IACrE;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,MAC7F;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,OACkD;AAClD,UAAM,UAAmC;AAAA,MACvC,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,aAAa,MAAM,aAAa,SAC5B,MAAM,YAAY,IAAI,CAAC,cAAc,gBAAgB,WAAW,YAAY,CAAC,IAC7E,CAAC,4BAA4B,sBAAsB;AAAA,IACzD;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,cAAQ,cAAc,gBAAgB,MAAM,aAAa,aAAa;AAAA,IACxE;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAiD,QAAQ,kCAAkC,OAAO;AAAA,EAChH;AAAA,EAEA,MAAM,cAAc,OAAiG;AACnH,UAAM,WAAW,MAAM,KAAK,cAAc,KAAK;AAC/C,UAAM,cAAc,SAAS,iBAAiB;AAC9C,UAAM,kBAAkB,MAAM,4BAA4B,QACtD,OACA,MAAM,KAAK,sBAAsB,aAAa;AAAA,MAC9C,kBAAkB,SAAS,iBAAiB,oBAAoB,MAAM,oBAAoB;AAAA,MAC1F,kBAAkB,MAAM,oBAAoB,MAAM;AAAA,IACpD,CAAC;AACH,UAAM,sBAAsB,MAAM,+BAA+B,QAAQ,MAAM,oBAAoB;AACnG,UAAM,uBAAuB,uBAAuB,MAAM,uBACtD,MAAM,KAAK,0BAA0B;AAAA,MACrC,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM,uBAAuB,GAAG,WAAW;AAAA,MACxD,aAAa,MAAM;AAAA,MACnB,UAAU,EAAE,UAAU,aAAa,KAAK,kCAAkC;AAAA,IAC5E,CAAC,IACC;AACJ,UAAM,MAA8B;AAAA,MAClC,iCAAiC;AAAA,IACnC;AACA,QAAI,SAAS,kBAAkB;AAC7B,UAAI,0CAA0C,SAAS;AAAA,IACzD;AACA,UAAM,gBAAgB,aAAa,sBAAsB,cAAc;AACvE,QAAI,eAAe;AACjB,UAAI,yBAAyB;AAAA,IAC/B;AACA,WAAO,EAAE,UAAU,iBAAiB,sBAAsB,IAAI;AAAA,EAChE;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEA,eAAsB,oCACpB,OACwC;AACxC,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,6CAA6C,MAAM,QAAQ;AAAA,IACjF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,uCAAuC,IAAI,KAAK,IAAI,SAAS;AAClF,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,6CACpB,QACA,OAMiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AACjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,KAAK;AAC3D,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEO,SAAS,mCAAmC,WAAwD;AACzG,QAAM,QAAQ,gBAAgB,WAAW,WAAW,EAAE,MAAM,GAAG;AAC/D,MAAI,MAAM,WAAW,GAAG;AACtB,UAAM,IAAI,iCAAiC,kEAAkE;AAAA,EAC/G;AACA,QAAM,CAAC,QAAQ,OAAO,SAAS,IAAI;AACnC,MAAI,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW;AACnC,UAAM,IAAI,iCAAiC,iDAAiD;AAAA,EAC9F;AACA,SAAO,EAAE,QAAQ,OAAO,UAAU;AACpC;AAOA,eAAsB,6CACpB,OACiD;AACjD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,sDAAsD,MAAM,QAAQ;AAAA,IAC1F;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,iDAAiD,IAAI,KAAK,IAAI,SAAS;AAC5F,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,sDACpB,QACA,OAOiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AAGjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,OAAO,IAAI,KAAK;AACtE,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEA,eAAsB,6CACpB,QACA,OAOkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,mDAAmD;AACvE,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,sDAAsD,QAAQ;AAAA,IACnF,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,SAAS,MAAM;AAAA,IACf,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,oCACpB,QACA,OAMkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,yCAAyC;AAC7D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,6CAA6C,QAAQ;AAAA,IAC1E,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,kCAAkC,WAAoC;AAC1F,SAAO,eAAe,gBAAgB,WAAW,WAAW,CAAC;AAC/D;AAEA,eAAsB,gCAAgC,OAKlC;AAClB,QAAM,WAAW,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,cAAc,cAAc,CAAC,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,WAAW,WAAW,CAAC;AAC/L,SAAO,eAAe,QAAQ;AAChC;AAEO,SAAS,6BACd,aACA,UAA4E,CAAC,GACtC;AACvC,SAAO,yCAAyC,aAAa,YAAY,qBAAqB;AAAA,IAC5F,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,+BACd,aACA,UAA4E,CAAC,GACtC;AACvC,QAAM,iBAAiB,YAAY;AACnC,MAAI,CAAC,kBAAkB,OAAO,KAAK,cAAc,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,iCAAiC,8EAA8E;AAAA,EAC3H;AACA,SAAO,yCAAyC,aAAa,gBAAgB;AAAA,IAC3E,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,yCACd,aACA,qBACA,SAKuC;AACvC,QAAM,WAAW;AAAA,IACf,GAAI,SAAS,oBAAoB,cAAc,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,IACzF,GAAI,QAAQ,YAAY,CAAC;AAAA,EAC3B;AACA,SAAO;AAAA,IACL;AAAA,IACA,cAAc,gBAAgB,QAAQ,cAAc,cAAc;AAAA,IAClE,gBAAgB;AAAA,IAChB,cAAc,YAAY;AAAA,IAC1B;AAAA,IACA,gBAAgB,QAAQ,QAAQ,cAAc;AAAA,EAChD;AACF;AAEA,eAAsB,wBACpB,gBACA,MACA,SACiB;AACjB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,6BAA6B,6CAA6C;AAAA,EACtF;AACA,QAAM,YAAY,KAAK,MAAM,QAAQ,SAAS;AAC9C,QAAM,QAAQ,UAAU,IAAI;AAC5B,QAAM,SAAS,IAAI,YAAY,EAAE,OAAO,GAAG,SAAS,GAAG;AACvD,QAAM,UAAU,IAAI,WAAW,OAAO,SAAS,MAAM,MAAM;AAC3D,UAAQ,IAAI,QAAQ,CAAC;AACrB,UAAQ,IAAI,OAAO,OAAO,MAAM;AAChC,SAAO,cAAc,gBAAgB,OAAO;AAC9C;AAEA,eAAsB,4BACpB,gBACA,MACA,UAAkC,CAAC,GAClB;AACjB,QAAM,YAAY,KAAK,MAAM,QAAQ,aAAa,KAAK,IAAI,IAAI,GAAI;AACnE,QAAM,YAAY,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AACnF,SAAO,KAAK,SAAS,OAAO,SAAS;AACvC;AAEA,eAAsB,uBACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GAClB;AACvC,QAAM,EAAE,WAAW,UAAU,IAAI,qBAAqB,gBAAgB;AACtE,QAAM,mBAAmB,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,qBAAqB,iCAAiC,CAAC;AAC/G,QAAM,aAAa,KAAK,MAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAI;AAC9D,MAAI,KAAK,IAAI,aAAa,SAAS,IAAI,kBAAkB;AACvD,UAAM,IAAI,6BAA6B,4DAA4D;AAAA,EACrG;AACA,QAAM,WAAW,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AAClF,MAAI,CAAE,MAAM,mBAAmB,UAAU,SAAS,GAAI;AACpD,UAAM,IAAI,6BAA6B,kCAAkC;AAAA,EAC3E;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEO,SAAS,sCAAsC,SAAoD;AACxG,QAAM,QAAQ,cAAc,SAAS,eAAe;AACpD,QAAM,OAAO,cAAc,MAAM,MAAM,oBAAoB;AAC3D,QAAM,SAAS;AAAA,IACb,GAAG;AAAA,IACH,IAAI,gBAAgB,aAAa,MAAM,EAAE,KAAK,IAAI,kBAAkB;AAAA,IACpE,MAAM,gBAAgB,aAAa,MAAM,IAAI,KAAK,IAAI,oBAAoB;AAAA,IAC1E,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,MAAM,EAAE,GAAG,KAAK;AAAA,EAClB;AACA,MAAI,OAAO,SAAS,8BAA8B,OAAO,KAAK,SAAS,6BAA6B;AAClG,UAAM,IAAI,2BAA2B,uEAAuE;AAAA,EAC9G;AACA,SAAO;AACT;AAEA,eAAsB,kCACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GACyC;AAClG,QAAM,eAAe,MAAM,uBAAuB,gBAAgB,MAAM,kBAAkB,OAAO;AACjG,QAAM,OAAO,IAAI,YAAY,EAAE,OAAO,UAAU,IAAI,CAAC;AACrD,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,SAAS,OAAO;AACd,UAAM,IAAI,2BAA2B,uCAAuC;AAAA,EAC9E;AACA,SAAO,EAAE,OAAO,sCAAsC,MAAM,GAAG,aAAa;AAC9E;AAEO,IAAM,6BAA6B;AACnC,IAAM,6BAA6B;AACnC,IAAM,sCAAsC;AAC5C,IAAM,sCAAsC;AAEnD,SAAS,kBAAkB,OAAuB;AAChD,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,8BAA8B,KAAK,QAAQ,GAAG;AACjD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,6BAA6B,OAAuB;AAC3D,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,6BAA6B,KAAK,QAAQ,GAAG;AAChD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,OAAgD;AAC5E,QAAM,OAAO,gBAAgB,OAAO,cAAc,EAAE,YAAY;AAChE,MAAI,SAAS,YAAY,SAAS,UAAU,SAAS,aAAa,SAAS,YAAY,SAAS,OAAO;AACrG,WAAO;AAAA,EACT;AACA,QAAM,IAAI,iCAAiC,uDAAuD;AACpG;AAEA,SAAS,kBAAkB,OAA6C;AACtE,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,aAAa,SAAS,aAAa,OAAO;AAC5C,UAAM,IAAI,iCAAiC,8BAA8B;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,SAAS,eAAe,OAA0C;AAChE,QAAM,QAAQ,gBAAgB,OAAO,cAAc,EAAE,YAAY;AACjE,MAAI,UAAU,UAAU,UAAU,QAAQ;AACxC,UAAM,IAAI,iCAAiC,oCAAoC;AAAA,EACjF;AACA,SAAO;AACT;AAEA,SAAS,2BAA2B,OAAsG;AACxI,QAAM,aAAqC,CAAC;AAC5C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,kBAAkB,IAAI;AACvC,iBAAW,QAAQ,IAAI,wBAAwB,QAAQ;AAAA,IACzD;AAAA,EACF,WAAW,SAAS,KAAK,GAAG;AAC1B,eAAW,CAAC,aAAa,QAAQ,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,iBAAW,kBAAkB,WAAW,CAAC,IAAI,eAAe,OAAO,QAAQ,CAAC;AAAA,IAC9E;AAAA,EACF,OAAO;AACL,UAAM,IAAI,iCAAiC,oEAAoE;AAAA,EACjH;AACA,MAAI,OAAO,KAAK,UAAU,EAAE,WAAW,GAAG;AACxC,UAAM,IAAI,iCAAiC,wDAAwD;AAAA,EACrG;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,UAAmE;AAClG,SAAO,aAAa,QAAQ,SAAS;AACvC;AAEA,SAAS,oBAAoB,OAA2B;AACtD,MAAI,CAAC,MAAM,QAAQ,KAAK,GAAG;AACzB,UAAM,IAAI,iCAAiC,2DAA2D;AAAA,EACxG;AACA,QAAM,OAAO,oBAAI,IAAY;AAC7B,QAAM,UAAoB,CAAC;AAC3B,aAAW,QAAQ,OAAO;AACxB,QAAI;AACJ,QAAI;AACF,YAAM,IAAI,IAAI,gBAAgB,OAAO,IAAI,GAAG,gCAAgC,CAAC;AAAA,IAC/E,QAAQ;AACN,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,SAAS,GAAG,IAAI,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,YAAY,CAAC;AACvE,QAAI,CAAC,KAAK,IAAI,MAAM,GAAG;AACrB,WAAK,IAAI,MAAM;AACf,cAAQ,KAAK,MAAM;AAAA,IACrB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,SAAS,OAAO,KAAK;AAC3B,MAAI,CAAC,OAAO,cAAc,MAAM,KAAK,UAAU,GAAG;AAChD,UAAM,IAAI,iCAAiC,GAAG,IAAI,mCAAmC;AAAA,EACvF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,OAAO,OAAO,SAAS,EAAE,EAAE,KAAK;AACtC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,iCAAiC,GAAG,IAAI,eAAe;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,OAAuB;AACtD,QAAM,QAAQ,gBAAgB,OAAO,OAAO;AAC5C,MAAI,MAAM,SAAS,GAAG,GAAG;AACvB,UAAM,IAAI,iCAAiC,6BAA6B;AAAA,EAC1E;AACA,SAAO;AACT;AAEA,SAAS,0BAA0B,OAAqD;AACtF,QAAM,UAAU,gBAAgB,OAAO,SAAS,EAAE,YAAY;AAC9D,MAAI,YAAY,aAAa,YAAY,SAAS;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAgC,MAAuC;AAC9F,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,KAAK,UAAU,KAAK,CAAC;AAC/C,QAAI,CAAC,SAAS,MAAM,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IACjC;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,iCAAiC,GAAG,IAAI,sCAAsC;AAAA,EAC1F;AACF;AAEA,SAAS,UAAU,SAA0B;AAC3C,MAAI;AACF,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sCAAsC;AAAA,MAC9D,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AACF;AAEA,SAAS,aAAa,OAA+B;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK;AACxB,SAAO,OAAO,OAAO;AACvB;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,cAAc,OAAgB,MAAuC;AAC5E,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,2BAA2B,GAAG,IAAI,qBAAqB;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,SAAS,MAAkC;AAClD,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,QAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,SAAO,SAAS,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AAChD;AAEA,SAAS,UAAU,MAA+E;AAChG,MAAI,gBAAgB,YAAY;AAC9B,WAAO;AAAA,EACT;AACA,MAAI,gBAAgB,aAAa;AAC/B,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AACA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO,IAAI,YAAY,EAAE,OAAO,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,IAAI,GAAG;AAClB,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,IAAI,CAAC;AAAA,EACtD;AACA,QAAM,IAAI,2BAA2B,6DAA6D;AACpG;AAEA,SAAS,qBAAqB,iBAAmE;AAC/F,MAAI,YAA2B;AAC/B,MAAI,YAA2B;AAC/B,aAAW,QAAQ,OAAO,mBAAmB,EAAE,EAAE,MAAM,GAAG,GAAG;AAC3D,UAAM,CAAC,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE,MAAM,KAAK,CAAC;AAC7C,QAAI,QAAQ,KAAK;AACf,YAAM,SAAS,OAAO,SAAS,SAAS,IAAI,EAAE;AAC9C,UAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,cAAM,IAAI,6BAA6B,yCAAyC;AAAA,MAClF;AACA,kBAAY;AAAA,IACd;AACA,QAAI,QAAQ,MAAM;AAChB,kBAAY,OAAO,SAAS,EAAE,EAAE,KAAK;AAAA,IACvC;AAAA,EACF;AACA,MAAI,cAAc,QAAQ,CAAC,WAAW;AACpC,UAAM,IAAI,6BAA6B,yCAAyC;AAAA,EAClF;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEA,eAAe,cAA+B;AAC5C,MAAI,WAAW,QAAQ,YAAY;AACjC,WAAO,WAAW,OAAO,WAAW;AAAA,EACtC;AACA,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,MAAI,WAAW,QAAQ,iBAAiB;AACtC,eAAW,OAAO,gBAAgB,KAAK;AAAA,EACzC,WAAW,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AACnE,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,UAAM,IAAI,OAAO,YAAY,EAAE,CAAC;AAAA,EAClC,OAAO;AACL,UAAM,IAAI,iCAAiC,iEAAiE;AAAA,EAC9G;AACA,SAAO,WAAW,KAAK;AACzB;AAEA,eAAe,cAAc,QAAgB,SAAsC;AACjF,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,gBAAgB,IAAI,WAAW,QAAQ,UAAU;AACvD,kBAAc,IAAI,OAAO;AACzB,UAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,MACzC;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,MAAM;AAAA,MAC/B,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,MAChC;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AACA,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,aAAa;AAC7E,WAAO,WAAW,IAAI,WAAW,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,KAAK,OAAO,CAAC,EAAE,OAAO,KAAK;AAAA,EACtF;AACA,QAAM,IAAI,iCAAiC,yDAAyD;AACtG;AAEA,eAAe,eAAe,UAAmC;AAC/D,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,QAAQ;AAC/C,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,OAAO,WAAW,KAAK;AACrE,WAAO,UAAU,WAAW,IAAI,WAAW,MAAM,CAAC,CAAC;AAAA,EACrD;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,UAAU,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;AAAA,EACvF;AACA,QAAM,IAAI,iCAAiC,qDAAqD;AAClG;AAEA,SAAS,WAAW,OAA2B;AAC7C,SAAO,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE;AAC7E;AAEA,SAAS,WAAW,KAAyB;AAC3C,QAAM,aAAa,OAAO,OAAO,EAAE,EAAE,KAAK,EAAE,YAAY;AACxD,MAAI,WAAW,SAAS,MAAM,KAAK,CAAC,cAAc,KAAK,UAAU,GAAG;AAClE,UAAM,IAAI,6BAA6B,wBAAwB;AAAA,EACjE;AACA,QAAM,QAAQ,IAAI,WAAW,WAAW,SAAS,CAAC;AAClD,WAAS,QAAQ,GAAG,QAAQ,WAAW,QAAQ,SAAS,GAAG;AACzD,UAAM,QAAQ,CAAC,IAAI,OAAO,SAAS,WAAW,MAAM,OAAO,QAAQ,CAAC,GAAG,EAAE;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,eAAe,mBAAmB,MAAc,OAAiC;AAC/E,QAAM,YAAY,WAAW,IAAI;AACjC,QAAM,aAAa,WAAW,KAAK;AACnC,MAAI,UAAU,WAAW,WAAW,QAAQ;AAC1C,WAAO;AAAA,EACT;AACA,MAAI,OAAO;AACX,WAAS,QAAQ,GAAG,QAAQ,UAAU,QAAQ,SAAS,GAAG;AACxD,YAAQ,UAAU,KAAK,IAAK,WAAW,KAAK;AAAA,EAC9C;AACA,SAAO,SAAS;AAClB;","names":[]}
1	+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["export const DEFAULT_SIGLUME_API_BASE = \"https://siglume.com/v1\";\nexport const DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME = \"siglume-external-402-v1\";\n// Recurring (subscription / scheduled autopay) approval uses a DISTINCT scheme\n// with cadence bound into the HMAC, so a one-time checkout challenge can never\n// be replayed as a recurring authorization and vice versa.\nexport const DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME = \"siglume-external-402-recurring-v1\";\nexport const DIRECT_REQUEST_PAYMENT_MODE = \"external_402\";\nexport const DIRECT_REQUEST_PAYMENT_RECEIPT_KIND = \"sdrp_direct_payment\";\nexport const DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND = \"sdrp_direct_payment_allowance\";\nexport const DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE = \"sdrp_direct_payment_requirement\";\nexport const DEFAULT_WEBHOOK_TOLERANCE_SECONDS = 300;\n\nexport type DirectRequestPaymentCurrency = \"JPY\" \| \"USD\";\nexport type DirectRequestPaymentToken = \"JPYC\" \| \"USDC\";\n\nexport interface DirectRequestPaymentChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface ParsedDirectRequestPaymentChallenge {\n scheme: string;\n nonce: string;\n signature: string;\n}\n\n/** \"monthly\" authorizes a Siglume-swept subscription; \"daily\" authorizes\n * merchant-triggered scheduled autopay. It is an approval tag, not a\n * run-count limiter. /\nexport type DirectRequestPaymentRecurringCadence = \"monthly\" \| \"daily\";\n\nexport interface DirectRequestPaymentRecurringChallengeInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n secret: string;\n nonce?: string;\n}\n\nexport interface DirectRequestPaymentRecurringChallenge {\n scheme: typeof DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME;\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency;\n cadence: DirectRequestPaymentRecurringCadence;\n nonce: string;\n signature: string;\n challenge: string;\n challenge_hash: string;\n}\n\nexport interface Web3TransactionRequest {\n network?: string;\n chain_id?: number;\n from?: string;\n to?: string;\n data?: string;\n value?: string \| number;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectPaymentRequirement {\n direct_payment_requirement_id: string;\n requirement_id: string;\n id: string;\n mode: string;\n merchant?: string \| null;\n challenge_hash?: string \| null;\n buyer_user_id: string;\n agent_id?: string \| null;\n product_listing_id: string;\n listing_id: string;\n access_grant_id?: string \| null;\n capability_key: string;\n requirement_hash: string;\n request_hash: string;\n siglume_signature: string;\n token_symbol: string;\n currency: string;\n amount_minor: number;\n fee_bps: number;\n status: string;\n expires_at?: string \| null;\n confirmed_at?: string \| null;\n spent_at?: string \| null;\n chain_receipt_id?: string \| null;\n transaction_request: Web3TransactionRequest;\n approve_transaction_request?: Web3TransactionRequest \| null;\n buyer_confirmation?: string \| null;\n non_custodial: boolean;\n metadata_jsonb?: Record<string, unknown>;\n created_at?: string \| null;\n updated_at?: string \| null;\n}\n\nexport interface DirectPaymentRequirementCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n token_symbol?: DirectRequestPaymentToken \| string;\n allowance_amount_minor?: number;\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectPaymentVerifyInput {\n receipt_id?: string \| null;\n chain_receipt_id?: string \| null;\n await_finality?: boolean;\n await_required_status?: string \| null;\n await_timeout_seconds?: number;\n await_poll_seconds?: number;\n}\n\nexport interface Web3PreparedTransactionExecutePayload {\n transaction_request: Web3TransactionRequest;\n receipt_kind: string;\n reference_type: typeof DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE;\n reference_id: string;\n metadata?: Record<string, unknown>;\n await_finality?: boolean;\n}\n\nexport interface Web3PreparedTransactionExecuteResult {\n receipt?: Record<string, unknown>;\n finalization?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentClientOptions {\n auth_token?: string;\n base_url?: string;\n fetch?: typeof fetch;\n timeout_ms?: number;\n user_agent?: string;\n}\n\nexport type DirectRequestPaymentBillingPlan = \"launch\" \| \"free\" \| \"starter\" \| \"growth\" \| \"pro\";\n\nexport interface DirectRequestPaymentMerchantAccount {\n merchant_account_id: string;\n merchant: string;\n merchant_user_id: string;\n user_wallet_id?: string \| null;\n billing_mandate_id?: string \| null;\n display_name?: string \| null;\n status?: string \| null;\n billing_status?: string \| null;\n billing_plan?: string \| null;\n billing_currency?: string \| null;\n token_symbol?: string \| null;\n monthly_fee_minor?: number \| null;\n settlement_fee_bps?: number \| null;\n settlement_fee_min_minor?: number \| null;\n included_monthly_payments?: number \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantSetupInput {\n merchant: string;\n display_name?: string;\n billing_plan?: DirectRequestPaymentBillingPlan \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n allowed_currencies?: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>;\n webhook_callback_url?: string;\n billing_mandate_cap_minor?: number;\n max_amount_minor?: number;\n // Hosted Checkout return-URL origin allowlist (open-redirect defense). Each\n // entry is an absolute origin such as \"https://shop.example.com\". The origin\n // of webhook_callback_url is auto-allowed in addition to these.\n checkout_allowed_origins?: string[];\n}\n\nexport interface HostedCheckoutSessionCreateInput {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n success_url: string;\n cancel_url: string;\n metadata?: Record<string, unknown>;\n}\n\nexport interface HostedCheckoutSessionCreateResult {\n checkout_url: string;\n session_id: string;\n challenge_hash: string;\n status?: string;\n expires_at?: string \| null;\n}\n\nexport interface HostedCheckoutSession {\n session_id: string;\n merchant: string;\n currency: string;\n token_symbol: string;\n amount_minor: number;\n status: string;\n challenge_hash: string;\n requirement_id?: string \| null;\n success_url: string;\n cancel_url: string;\n expires_at?: string \| null;\n authenticated_at?: string \| null;\n paid_at?: string \| null;\n cancelled_at?: string \| null;\n created_at?: string \| null;\n metadata_jsonb?: Record<string, unknown>;\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentMerchantBillingMandateInput {\n currency?: DirectRequestPaymentCurrency \| string;\n billing_currency?: DirectRequestPaymentCurrency \| string;\n max_amount_minor?: number;\n}\n\nexport interface DirectRequestPaymentMerchantResponse {\n merchant_account: DirectRequestPaymentMerchantAccount;\n challenge_secret?: string \| null;\n challenge_secret_created?: boolean;\n created?: boolean \| null;\n listing_id?: string \| null;\n mandate?: Record<string, unknown> \| null;\n next_steps?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscriptionInput {\n callback_url: string;\n description?: string;\n event_types?: string[];\n metadata?: Record<string, unknown>;\n}\n\nexport interface DirectRequestPaymentWebhookSubscription {\n webhook_subscription_id?: string;\n subscription_id?: string;\n id?: string;\n callback_url?: string;\n signing_secret?: string;\n status?: string;\n event_types?: string[];\n [key: string]: unknown;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupInput extends DirectRequestPaymentMerchantSetupInput {\n create_webhook_subscription?: boolean;\n prepare_billing_mandate?: boolean;\n webhook_event_types?: string[];\n webhook_description?: string;\n}\n\nexport interface DirectRequestPaymentCheckoutSetupResult {\n merchant: DirectRequestPaymentMerchantResponse;\n billing_mandate?: DirectRequestPaymentMerchantResponse \| null;\n webhook_subscription?: DirectRequestPaymentWebhookSubscription \| null;\n env: Record<string, string>;\n}\n\nexport interface SiglumeEnvelopeMeta {\n request_id?: string \| null;\n trace_id?: string \| null;\n [key: string]: unknown;\n}\n\nexport interface WebhookSignatureVerification {\n timestamp: number;\n signature: string;\n}\n\nexport interface DirectRequestPaymentWebhookEvent {\n id: string;\n type: \"direct_payment.confirmed\" \| string;\n api_version: string;\n occurred_at: string;\n data: {\n mode?: string;\n merchant?: string;\n direct_payment_requirement_id?: string;\n requirement_id?: string;\n challenge_hash?: string;\n amount_minor?: number;\n currency?: string;\n token_symbol?: string;\n status?: string;\n [key: string]: unknown;\n };\n [key: string]: unknown;\n}\n\nexport class SiglumeDirectRequestPaymentError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeDirectRequestPaymentError\";\n }\n}\n\nexport class SiglumeApiError extends SiglumeDirectRequestPaymentError {\n readonly status: number;\n readonly code: string;\n readonly data: unknown;\n\n constructor(message: string, options: { status: number; code?: string; data?: unknown }) {\n super(message);\n this.name = \"SiglumeApiError\";\n this.status = options.status;\n this.code = options.code ?? \"SIGLUME_API_ERROR\";\n this.data = options.data;\n }\n}\n\nexport class HostedCheckoutNotAvailableError extends SiglumeApiError {\n constructor(message = \"Hosted Checkout is not enabled for this account yet (server rollout in progress).\") {\n super(message, { status: 409, code: \"HOSTED_CHECKOUT_NOT_ENABLED\" });\n this.name = \"HostedCheckoutNotAvailableError\";\n }\n}\n\nexport class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookSignatureError\";\n }\n}\n\nexport class SiglumeWebhookPayloadError extends SiglumeDirectRequestPaymentError {\n constructor(message: string) {\n super(message);\n this.name = \"SiglumeWebhookPayloadError\";\n }\n}\n\nexport class DirectRequestPaymentClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A buyer Siglume bearer token is required for Direct Request Payment API calls. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.2\";\n this.fetch_impl = fetchImpl;\n }\n\n async createPaymentRequirement(input: DirectPaymentRequirementCreateInput): Promise<DirectPaymentRequirement> {\n const payload: Record<string, unknown> = {\n mode: DIRECT_REQUEST_PAYMENT_MODE,\n merchant: normalizeMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n challenge: requireNonEmpty(input.challenge, \"challenge\"),\n };\n if (input.token_symbol !== undefined) {\n payload.token_symbol = normalizeToken(input.token_symbol);\n }\n if (input.allowance_amount_minor !== undefined) {\n payload.allowance_amount_minor = positiveInteger(input.allowance_amount_minor, \"allowance_amount_minor\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectPaymentRequirement>(\"POST\", \"/sdrp/direct-payments/requirements\", payload);\n }\n\n async getPaymentRequirement(requirement_id: string): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"GET\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}`,\n );\n }\n\n async verifyPaymentRequirement(\n requirement_id: string,\n input: DirectPaymentVerifyInput,\n ): Promise<DirectPaymentRequirement> {\n return this.request<DirectPaymentRequirement>(\n \"POST\",\n `/sdrp/direct-payments/requirements/${encodeURIComponent(requireNonEmpty(requirement_id, \"requirement_id\"))}/verify`,\n input,\n );\n }\n\n async executePreparedTransaction(\n payload: Web3PreparedTransactionExecutePayload,\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.request<Web3PreparedTransactionExecuteResult>(\n \"POST\",\n \"/market/web3/transactions/execute-prepared\",\n payload,\n );\n }\n\n async executePaymentTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildPaymentExecutionPayload(requirement, options));\n }\n\n async executeAllowanceTransaction(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n ): Promise<Web3PreparedTransactionExecuteResult> {\n return this.executePreparedTransaction(buildAllowanceExecutionPayload(requirement, options));\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n}\n\nexport class DirectRequestPaymentMerchantClient {\n readonly auth_token: string;\n readonly base_url: string;\n readonly timeout_ms: number;\n readonly user_agent: string;\n private readonly fetch_impl: typeof fetch;\n\n constructor(options: DirectRequestPaymentClientOptions = {}) {\n const authToken = options.auth_token ?? envValue(\"SIGLUME_MERCHANT_AUTH_TOKEN\") ?? envValue(\"SIGLUME_AUTH_TOKEN\");\n if (!authToken) {\n throw new SiglumeDirectRequestPaymentError(\n \"A merchant Siglume bearer token is required for Direct Request Payment merchant setup. Developer Portal API keys are not accepted.\",\n );\n }\n const fetchImpl = options.fetch ?? globalThis.fetch;\n if (!fetchImpl) {\n throw new SiglumeDirectRequestPaymentError(\"A fetch implementation is required in this runtime.\");\n }\n this.auth_token = authToken;\n this.base_url = (options.base_url ?? envValue(\"SIGLUME_API_BASE\") ?? DEFAULT_SIGLUME_API_BASE).replace(/\\/+$/, \"\");\n this.timeout_ms = Math.max(1, Math.trunc(options.timeout_ms ?? 15000));\n this.user_agent = options.user_agent ?? \"@siglume/direct-request-payment/0.4.2\";\n this.fetch_impl = fetchImpl;\n }\n\n async setupMerchant(input: DirectRequestPaymentMerchantSetupInput): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n billing_plan: normalizeBillingPlan(input.billing_plan ?? \"launch\"),\n billing_currency: normalizeCurrency(input.billing_currency ?? \"JPY\"),\n };\n if (input.display_name !== undefined) {\n payload.display_name = requireNonEmpty(input.display_name, \"display_name\");\n }\n if (input.allowed_currencies !== undefined) {\n payload.allowed_currencies = normalizeAllowedCurrencies(input.allowed_currencies);\n }\n if (input.webhook_callback_url !== undefined) {\n payload.webhook_callback_url = requireNonEmpty(input.webhook_callback_url, \"webhook_callback_url\");\n }\n if (input.billing_mandate_cap_minor !== undefined) {\n payload.billing_mandate_cap_minor = positiveInteger(input.billing_mandate_cap_minor, \"billing_mandate_cap_minor\");\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n if (input.checkout_allowed_origins !== undefined) {\n payload.checkout_allowed_origins = normalizeOriginList(input.checkout_allowed_origins);\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\"POST\", \"/sdrp/direct-payments/merchants\", payload);\n }\n\n /\n Create a Hosted Checkout session (Stripe-Checkout-equivalent for human web\n * shoppers). Siglume authors the challenge server-side, persists a single-use\n * expiring session, and returns a `checkout_url`. Redirect the shopper there;\n * they log into Siglume, approve, and pay from their own wallet, then return\n * to your `success_url`. Fulfill on the `direct_payment.confirmed` webhook\n * (the source of truth), exactly as with the agent flow.\n \n `success_url`/`cancel_url` must be on an origin you registered via\n * `checkout_allowed_origins` (or your `webhook_callback_url` origin).\n /\n async createCheckoutSession(input: HostedCheckoutSessionCreateInput): Promise<HostedCheckoutSessionCreateResult> {\n const payload: Record<string, unknown> = {\n merchant: normalizeSelfServiceMerchant(input.merchant),\n amount_minor: positiveInteger(input.amount_minor, \"amount_minor\"),\n currency: normalizeCurrency(input.currency),\n nonce: normalizeChallengeNonce(input.nonce),\n success_url: requireNonEmpty(input.success_url, \"success_url\"),\n cancel_url: requireNonEmpty(input.cancel_url, \"cancel_url\"),\n };\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.requestHostedCheckout<HostedCheckoutSessionCreateResult>(\n \"POST\",\n \"/sdrp/direct-payments/checkout-sessions\",\n payload,\n );\n }\n\n /* Read a Hosted Checkout session's status (open / authenticated / paid / expired / cancelled / failed). /\n async getCheckoutSession(session_id: string): Promise<HostedCheckoutSession> {\n return this.requestHostedCheckout<HostedCheckoutSession>(\n \"GET\",\n `/sdrp/direct-payments/checkout-sessions/${encodeURIComponent(requireNonEmpty(session_id, \"session_id\"))}`,\n );\n }\n\n async getMerchant(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"GET\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}`,\n );\n }\n\n async rotateChallengeSecret(merchant: string): Promise<DirectRequestPaymentMerchantResponse> {\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/challenge-secret/rotate`,\n );\n }\n\n async prepareBillingMandate(\n merchant: string,\n input: DirectRequestPaymentMerchantBillingMandateInput = {},\n ): Promise<DirectRequestPaymentMerchantResponse> {\n const payload: Record<string, unknown> = {};\n if (input.currency !== undefined) {\n payload.currency = normalizeCurrency(input.currency);\n }\n if (input.billing_currency !== undefined) {\n payload.billing_currency = normalizeCurrency(input.billing_currency);\n }\n if (input.max_amount_minor !== undefined) {\n payload.max_amount_minor = positiveInteger(input.max_amount_minor, \"max_amount_minor\");\n }\n return this.request<DirectRequestPaymentMerchantResponse>(\n \"POST\",\n `/sdrp/direct-payments/merchants/${encodeURIComponent(normalizeSelfServiceMerchant(merchant))}/billing-mandate`,\n payload,\n );\n }\n\n async createWebhookSubscription(\n input: DirectRequestPaymentWebhookSubscriptionInput,\n ): Promise<DirectRequestPaymentWebhookSubscription> {\n const payload: Record<string, unknown> = {\n callback_url: requireNonEmpty(input.callback_url, \"callback_url\"),\n event_types: input.event_types?.length\n ? input.event_types.map((eventType) => requireNonEmpty(eventType, \"event_type\"))\n : [\"direct_payment.confirmed\", \"direct_payment.spent\"],\n };\n if (input.description !== undefined) {\n payload.description = requireNonEmpty(input.description, \"description\");\n }\n if (input.metadata !== undefined) {\n payload.metadata = cloneJsonObject(input.metadata, \"metadata\");\n }\n return this.request<DirectRequestPaymentWebhookSubscription>(\"POST\", \"/market/webhooks/subscriptions\", payload);\n }\n\n async setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult> {\n const merchant = await this.setupMerchant(input);\n const merchantKey = merchant.merchant_account.merchant;\n const billing_mandate = input.prepare_billing_mandate === false\n ? null\n : await this.prepareBillingMandate(merchantKey, {\n billing_currency: merchant.merchant_account.billing_currency ?? input.billing_currency ?? \"JPY\",\n max_amount_minor: input.max_amount_minor ?? input.billing_mandate_cap_minor,\n });\n const shouldCreateWebhook = input.create_webhook_subscription ?? Boolean(input.webhook_callback_url);\n const webhook_subscription = shouldCreateWebhook && input.webhook_callback_url\n ? await this.createWebhookSubscription({\n callback_url: input.webhook_callback_url,\n description: input.webhook_description ?? `${merchantKey} Direct Request Payment`,\n event_types: input.webhook_event_types,\n metadata: { merchant: merchantKey, sdk: \"@siglume/direct-request-payment\" },\n })\n : null;\n const env: Record<string, string> = {\n SIGLUME_DIRECT_PAYMENT_MERCHANT: merchantKey,\n };\n if (merchant.challenge_secret) {\n env.SIGLUME_DIRECT_PAYMENT_CHALLENGE_SECRET = merchant.challenge_secret;\n }\n const webhookSecret = stringOrNull(webhook_subscription?.signing_secret);\n if (webhookSecret) {\n env.SIGLUME_WEBHOOK_SECRET = webhookSecret;\n }\n return { merchant, billing_mandate, webhook_subscription, env };\n }\n\n async request<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n const controller = new AbortController();\n const timeout = setTimeout(() => controller.abort(), this.timeout_ms);\n try {\n const headers: Record<string, string> = {\n \"Accept\": \"application/json\",\n \"Authorization\": `Bearer ${this.auth_token}`,\n \"User-Agent\": this.user_agent,\n };\n let body: string \| undefined;\n if (json_body !== undefined) {\n headers[\"Content-Type\"] = \"application/json\";\n body = JSON.stringify(json_body);\n }\n const response = await this.fetch_impl(`${this.base_url}${path}`, {\n method,\n headers,\n body,\n signal: controller.signal,\n });\n const rawText = await response.text();\n const parsed = rawText ? parseJson(rawText) : {};\n if (!response.ok) {\n const error = isRecord(parsed) && isRecord(parsed.error) ? parsed.error : {};\n const code = stringOrNull(error.code) ?? stringOrNull((parsed as Record<string, unknown>).code) ?? `HTTP_${response.status}`;\n const message = stringOrNull(error.message) ?? stringOrNull((parsed as Record<string, unknown>).message) ?? response.statusText;\n throw new SiglumeApiError(message, { status: response.status, code, data: parsed });\n }\n if (isRecord(parsed) && \"data\" in parsed) {\n return parsed.data as T;\n }\n return parsed as T;\n } finally {\n clearTimeout(timeout);\n }\n }\n\n private async requestHostedCheckout<T>(method: string, path: string, json_body?: unknown): Promise<T> {\n try {\n return await this.request<T>(method, path, json_body);\n } catch (error) {\n if (isHostedCheckoutUnavailable(error)) {\n throw new HostedCheckoutNotAvailableError();\n }\n throw error;\n }\n }\n}\n\nexport async function createDirectRequestPaymentChallenge(\n input: DirectRequestPaymentChallengeInput,\n): Promise<DirectRequestPaymentChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const nonce = normalizeChallengeNonce(input.nonce);\n const material = `${merchant}:${amount}:${currency}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport function parseDirectRequestPaymentChallenge(challenge: string): ParsedDirectRequestPaymentChallenge {\n const parts = requireNonEmpty(challenge, \"challenge\").split(\":\");\n if (parts.length !== 3) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge must be scheme:nonce:signature.\");\n }\n const [scheme, nonce, signature] = parts;\n if (!scheme \|\| !nonce \|\| !signature) {\n throw new SiglumeDirectRequestPaymentError(\"Direct Request Payment challenge is incomplete.\");\n }\n return { scheme, nonce, signature };\n}\n\n/* Merchant-side, ONE-TIME approval of a recurring authorization: amount +\n * currency + cadence are bound into the HMAC. Recurring charges afterwards\n * are deliberately challenge-free; the recurring authorization and the\n * buyer's mandate/budget caps are the per-charge integrity checks. Cadence\n * \"monthly\" = subscription, \"daily\" = scheduled autopay approval tag. /\nexport async function createDirectRequestPaymentRecurringChallenge(\n input: DirectRequestPaymentRecurringChallengeInput,\n): Promise<DirectRequestPaymentRecurringChallenge> {\n const merchant = normalizeMerchant(input.merchant);\n const amount_minor = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = input.nonce ? normalizeChallengeNonce(input.nonce) : await randomNonce();\n const signature = await createDirectRequestPaymentRecurringChallengeSignature(input.secret, {\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n });\n const challenge = `${DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME}:${nonce}:${signature}`;\n return {\n scheme: DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME,\n merchant,\n amount_minor,\n currency,\n cadence,\n nonce,\n signature,\n challenge,\n challenge_hash: await sha256Prefixed(challenge),\n };\n}\n\nexport async function createDirectRequestPaymentRecurringChallengeSignature(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n nonce: string;\n },\n): Promise<string> {\n const normalizedSecret = requireNonEmpty(secret, \"secret\");\n const merchant = normalizeMerchant(input.merchant);\n const amount = positiveInteger(input.amount_minor, \"amount_minor\");\n const currency = normalizeCurrency(input.currency);\n const cadence = normalizeRecurringCadence(input.cadence);\n const nonce = normalizeChallengeNonce(input.nonce);\n // MUST stay byte-identical to the server's\n // _external_402_recurring_challenge_signature — both sides change together.\n const material = `${merchant}:${amount}:${currency}:${cadence}:${nonce}`;\n return hmacSha256Hex(normalizedSecret, new TextEncoder().encode(material));\n}\n\nexport async function verifyDirectRequestPaymentRecurringChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n cadence: DirectRequestPaymentRecurringCadence \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentRecurringChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n cadence: input.cadence,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function verifyDirectRequestPaymentChallenge(\n secret: string,\n input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n },\n): Promise<boolean> {\n const parsed = parseDirectRequestPaymentChallenge(input.challenge);\n if (parsed.scheme !== DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME) {\n return false;\n }\n const expected = await createDirectRequestPaymentChallengeSignature(secret, {\n merchant: input.merchant,\n amount_minor: input.amount_minor,\n currency: input.currency,\n nonce: parsed.nonce,\n });\n return timingSafeEqualHex(expected, parsed.signature);\n}\n\nexport async function directRequestPaymentChallengeHash(challenge: string): Promise<string> {\n return sha256Prefixed(requireNonEmpty(challenge, \"challenge\"));\n}\n\nexport async function directRequestPaymentRequestHash(input: {\n merchant: string;\n amount_minor: number;\n currency: DirectRequestPaymentCurrency \| string;\n challenge: string;\n}): Promise<string> {\n const material = `${normalizeMerchant(input.merchant)}${positiveInteger(input.amount_minor, \"amount_minor\")}${normalizeCurrency(input.currency)}${requireNonEmpty(input.challenge, \"challenge\")}`;\n return sha256Prefixed(material);\n}\n\nexport function buildPaymentExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n return buildPreparedTransactionExecutionPayload(requirement, requirement.transaction_request, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildAllowanceExecutionPayload(\n requirement: DirectPaymentRequirement,\n options: { await_finality?: boolean; metadata?: Record<string, unknown> } = {},\n): Web3PreparedTransactionExecutePayload {\n const approveRequest = requirement.approve_transaction_request;\n if (!approveRequest \|\| Object.keys(approveRequest).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"This payment requirement does not include an allowance approval transaction.\");\n }\n return buildPreparedTransactionExecutionPayload(requirement, approveRequest, {\n receipt_kind: DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND,\n await_finality: options.await_finality,\n metadata: options.metadata,\n });\n}\n\nexport function buildPreparedTransactionExecutionPayload(\n requirement: DirectPaymentRequirement,\n transaction_request: Web3TransactionRequest,\n options: {\n receipt_kind: string;\n await_finality?: boolean;\n metadata?: Record<string, unknown>;\n },\n): Web3PreparedTransactionExecutePayload {\n const metadata = {\n ...(isRecord(transaction_request.metadata_jsonb) ? transaction_request.metadata_jsonb : {}),\n ...(options.metadata ?? {}),\n };\n return {\n transaction_request,\n receipt_kind: requireNonEmpty(options.receipt_kind, \"receipt_kind\"),\n reference_type: DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE,\n reference_id: requirement.requirement_id,\n metadata,\n await_finality: Boolean(options.await_finality),\n };\n}\n\nexport async function computeWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp: number },\n): Promise<string> {\n if (!signing_secret) {\n throw new SiglumeWebhookSignatureError(\"SIGLUME webhook signing secret is required.\");\n }\n const timestamp = Math.trunc(options.timestamp);\n const bytes = bodyBytes(body);\n const prefix = new TextEncoder().encode(`${timestamp}.`);\n const payload = new Uint8Array(prefix.length + bytes.length);\n payload.set(prefix, 0);\n payload.set(bytes, prefix.length);\n return hmacSha256Hex(signing_secret, payload);\n}\n\nexport async function buildWebhookSignatureHeader(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n options: { timestamp?: number } = {},\n): Promise<string> {\n const timestamp = Math.trunc(options.timestamp ?? Date.now() / 1000);\n const signature = await computeWebhookSignature(signing_secret, body, { timestamp });\n return `t=${timestamp},v1=${signature}`;\n}\n\nexport async function verifyWebhookSignature(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<WebhookSignatureVerification> {\n const { timestamp, signature } = parseSignatureHeader(signature_header);\n const toleranceSeconds = Math.max(1, Math.trunc(options.tolerance_seconds ?? DEFAULT_WEBHOOK_TOLERANCE_SECONDS));\n const nowSeconds = Math.trunc(options.now ?? Date.now() / 1000);\n if (Math.abs(nowSeconds - timestamp) > toleranceSeconds) {\n throw new SiglumeWebhookSignatureError(\"Webhook timestamp is outside the allowed tolerance window.\");\n }\n const expected = await computeWebhookSignature(signing_secret, body, { timestamp });\n if (!(await timingSafeEqualHex(expected, signature))) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature did not match.\");\n }\n return { timestamp, signature };\n}\n\nexport function parseDirectRequestPaymentWebhookEvent(payload: unknown): DirectRequestPaymentWebhookEvent {\n const event = requireRecord(payload, \"webhook event\");\n const data = requireRecord(event.data, \"webhook event data\");\n const parsed = {\n ...event,\n id: requireNonEmpty(stringOrNull(event.id) ?? \"\", \"webhook event id\"),\n type: requireNonEmpty(stringOrNull(event.type) ?? \"\", \"webhook event type\"),\n api_version: requireNonEmpty(stringOrNull(event.api_version) ?? \"\", \"webhook api_version\"),\n occurred_at: requireNonEmpty(stringOrNull(event.occurred_at) ?? \"\", \"webhook occurred_at\"),\n data: { ...data },\n } as DirectRequestPaymentWebhookEvent;\n if (parsed.type === \"direct_payment.confirmed\" && parsed.data.mode !== DIRECT_REQUEST_PAYMENT_MODE) {\n throw new SiglumeWebhookPayloadError(\"direct_payment.confirmed webhook must carry data.mode='external_402'.\");\n }\n return parsed;\n}\n\nexport async function verifyDirectRequestPaymentWebhook(\n signing_secret: string,\n body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>,\n signature_header: string,\n options: { tolerance_seconds?: number; now?: number } = {},\n): Promise<{ event: DirectRequestPaymentWebhookEvent; verification: WebhookSignatureVerification }> {\n const verification = await verifyWebhookSignature(signing_secret, body, signature_header, options);\n const text = new TextDecoder().decode(bodyBytes(body));\n let parsed: unknown;\n try {\n parsed = JSON.parse(text);\n } catch (error) {\n throw new SiglumeWebhookPayloadError(\"Webhook body must contain valid JSON.\");\n }\n return { event: parseDirectRequestPaymentWebhookEvent(parsed), verification };\n}\n\nexport const createExternal402Challenge = createDirectRequestPaymentChallenge;\nexport const verifyExternal402Challenge = verifyDirectRequestPaymentChallenge;\nexport const createExternal402RecurringChallenge = createDirectRequestPaymentRecurringChallenge;\nexport const verifyExternal402RecurringChallenge = verifyDirectRequestPaymentRecurringChallenge;\n\nfunction normalizeMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9._-]{0,95}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be a lowercase key using letters, numbers, dot, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeSelfServiceMerchant(value: string): string {\n const merchant = requireNonEmpty(value, \"merchant\").toLowerCase();\n if (!/^[a-z0-9][a-z0-9_-]{2,63}$/.test(merchant)) {\n throw new SiglumeDirectRequestPaymentError(\"merchant must be 3-64 chars using lowercase letters, numbers, underscore, or hyphen.\");\n }\n return merchant;\n}\n\nfunction normalizeBillingPlan(value: string): DirectRequestPaymentBillingPlan {\n const plan = requireNonEmpty(value, \"billing_plan\").toLowerCase();\n if (plan === \"launch\" \|\| plan === \"free\" \|\| plan === \"starter\" \|\| plan === \"growth\" \|\| plan === \"pro\") {\n return plan;\n }\n throw new SiglumeDirectRequestPaymentError(\"billing_plan must be launch, starter, growth, or pro.\");\n}\n\nfunction normalizeCurrency(value: string): DirectRequestPaymentCurrency {\n const currency = requireNonEmpty(value, \"currency\").toUpperCase();\n if (currency !== \"JPY\" && currency !== \"USD\") {\n throw new SiglumeDirectRequestPaymentError(\"currency must be JPY or USD.\");\n }\n return currency;\n}\n\nfunction normalizeToken(value: string): DirectRequestPaymentToken {\n const token = requireNonEmpty(value, \"token_symbol\").toUpperCase();\n if (token !== \"JPYC\" && token !== \"USDC\") {\n throw new SiglumeDirectRequestPaymentError(\"token_symbol must be JPYC or USDC.\");\n }\n return token;\n}\n\nfunction normalizeAllowedCurrencies(value: Record<string, string> \| Array<DirectRequestPaymentCurrency \| string>): Record<string, string> {\n const normalized: Record<string, string> = {};\n if (Array.isArray(value)) {\n for (const item of value) {\n const currency = normalizeCurrency(item);\n normalized[currency] = defaultTokenForCurrency(currency);\n }\n } else if (isRecord(value)) {\n for (const [rawCurrency, rawToken] of Object.entries(value)) {\n normalized[normalizeCurrency(rawCurrency)] = normalizeToken(String(rawToken));\n }\n } else {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must be an array or a currency-to-token object.\");\n }\n if (Object.keys(normalized).length === 0) {\n throw new SiglumeDirectRequestPaymentError(\"allowed_currencies must include at least one currency.\");\n }\n return normalized;\n}\n\nfunction defaultTokenForCurrency(currency: DirectRequestPaymentCurrency): DirectRequestPaymentToken {\n return currency === \"JPY\" ? \"JPYC\" : \"USDC\";\n}\n\nfunction normalizeOriginList(value: string[]): string[] {\n if (!Array.isArray(value)) {\n throw new SiglumeDirectRequestPaymentError(\"checkout_allowed_origins must be an array of origin URLs.\");\n }\n const seen = new Set<string>();\n const origins: string[] = [];\n for (const item of value) {\n let url: URL;\n try {\n url = new URL(requireNonEmpty(String(item), \"checkout_allowed_origins entry\"));\n } catch {\n throw new SiglumeDirectRequestPaymentError(\n \"each checkout_allowed_origins entry must be an absolute origin such as https://shop.example.com.\",\n );\n }\n const origin = `${url.protocol.toLowerCase()}//${url.host.toLowerCase()}`;\n if (!seen.has(origin)) {\n seen.add(origin);\n origins.push(origin);\n }\n }\n return origins;\n}\n\nfunction positiveInteger(value: number, name: string): number {\n const parsed = Number(value);\n if (!Number.isSafeInteger(parsed) \|\| parsed <= 0) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a positive safe integer.`);\n }\n return parsed;\n}\n\nfunction requireNonEmpty(value: string, name: string): string {\n const text = String(value ?? \"\").trim();\n if (!text) {\n throw new SiglumeDirectRequestPaymentError(`${name} is required.`);\n }\n return text;\n}\n\nfunction normalizeChallengeNonce(value: string): string {\n const nonce = requireNonEmpty(value, \"nonce\");\n if (nonce.includes(\":\")) {\n throw new SiglumeDirectRequestPaymentError(\"nonce must not contain ':'.\");\n }\n return nonce;\n}\n\nfunction normalizeRecurringCadence(value: string): DirectRequestPaymentRecurringCadence {\n const cadence = requireNonEmpty(value, \"cadence\").toLowerCase();\n if (cadence !== \"monthly\" && cadence !== \"daily\") {\n throw new SiglumeDirectRequestPaymentError(\n 'cadence must be \"monthly\" (subscription) or \"daily\" (scheduled autopay).',\n );\n }\n return cadence;\n}\n\nfunction cloneJsonObject(value: Record<string, unknown>, name: string): Record<string, unknown> {\n try {\n const cloned = JSON.parse(JSON.stringify(value)) as unknown;\n if (!isRecord(cloned)) {\n throw new Error(\"not an object\");\n }\n return cloned;\n } catch (error) {\n throw new SiglumeDirectRequestPaymentError(`${name} must be a JSON-serializable object.`);\n }\n}\n\nfunction parseJson(rawText: string): unknown {\n try {\n return JSON.parse(rawText);\n } catch (error) {\n throw new SiglumeApiError(\"Siglume API returned invalid JSON.\", {\n status: 502,\n code: \"INVALID_JSON_RESPONSE\",\n data: rawText,\n });\n }\n}\n\nfunction stringOrNull(value: unknown): string \| null {\n if (typeof value !== \"string\") {\n return null;\n }\n const text = value.trim();\n return text ? text : null;\n}\n\nfunction isHostedCheckoutUnavailable(error: unknown): boolean {\n if (!(error instanceof SiglumeApiError)) {\n return false;\n }\n const code = error.code.toUpperCase();\n if (error.status === 409 && (code === \"HOSTED_CHECKOUT_NOT_ENABLED\" \|\| code === \"FEATURE_DISABLED\")) {\n return true;\n }\n return (\n error.status === 404 &&\n (code === \"HTTP_404\" \|\| code === \"NOT_FOUND\" \|\| code === \"ROUTE_NOT_FOUND\" \|\| code === \"FEATURE_DISABLED\")\n );\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n\nfunction requireRecord(value: unknown, name: string): Record<string, unknown> {\n if (!isRecord(value)) {\n throw new SiglumeWebhookPayloadError(`${name} must be an object.`);\n }\n return value;\n}\n\nfunction envValue(name: string): string \| undefined {\n if (typeof process === \"undefined\") {\n return undefined;\n }\n const value = process.env[name];\n return value && value.trim() ? value.trim() : undefined;\n}\n\nfunction bodyBytes(body: Uint8Array \| ArrayBuffer \| string \| Record<string, unknown>): Uint8Array {\n if (body instanceof Uint8Array) {\n return body;\n }\n if (body instanceof ArrayBuffer) {\n return new Uint8Array(body);\n }\n if (typeof body === \"string\") {\n return new TextEncoder().encode(body);\n }\n if (isRecord(body)) {\n return new TextEncoder().encode(JSON.stringify(body));\n }\n throw new SiglumeWebhookPayloadError(\"Webhook body must be raw bytes, a string, or a JSON object.\");\n}\n\nfunction parseSignatureHeader(signatureHeader: string): { timestamp: number; signature: string } {\n let timestamp: number \| null = null;\n let signature: string \| null = null;\n for (const item of String(signatureHeader ?? \"\").split(\",\")) {\n const [key, value] = item.trim().split(\"=\", 2);\n if (key === \"t\") {\n const parsed = Number.parseInt(value ?? \"\", 10);\n if (!Number.isFinite(parsed)) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature timestamp is invalid.\");\n }\n timestamp = parsed;\n }\n if (key === \"v1\") {\n signature = String(value ?? \"\").trim();\n }\n }\n if (timestamp === null \|\| !signature) {\n throw new SiglumeWebhookSignatureError(\"Webhook signature header is incomplete.\");\n }\n return { timestamp, signature };\n}\n\nasync function randomNonce(): Promise<string> {\n if (globalThis.crypto?.randomUUID) {\n return globalThis.crypto.randomUUID();\n }\n const bytes = new Uint8Array(16);\n if (globalThis.crypto?.getRandomValues) {\n globalThis.crypto.getRandomValues(bytes);\n } else if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n bytes.set(crypto.randomBytes(16));\n } else {\n throw new SiglumeDirectRequestPaymentError(\"Crypto random number generation is unavailable in this runtime.\");\n }\n return bytesToHex(bytes);\n}\n\nasync function hmacSha256Hex(secret: string, payload: Uint8Array): Promise<string> {\n if (globalThis.crypto?.subtle) {\n const stablePayload = new Uint8Array(payload.byteLength);\n stablePayload.set(payload);\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"],\n );\n const digest = await globalThis.crypto.subtle.sign(\"HMAC\", key, stablePayload);\n return bytesToHex(new Uint8Array(digest));\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return crypto.createHmac(\"sha256\", secret).update(Buffer.from(payload)).digest(\"hex\");\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for HMAC-SHA256 in this runtime.\");\n}\n\nasync function sha256Prefixed(material: string): Promise<string> {\n const bytes = new TextEncoder().encode(material);\n if (globalThis.crypto?.subtle) {\n const digest = await globalThis.crypto.subtle.digest(\"SHA-256\", bytes);\n return `sha256:${bytesToHex(new Uint8Array(digest))}`;\n }\n if (typeof process !== \"undefined\" && process.versions?.node) {\n const crypto = await import(\"node:crypto\");\n return `sha256:${crypto.createHash(\"sha256\").update(Buffer.from(bytes)).digest(\"hex\")}`;\n }\n throw new SiglumeDirectRequestPaymentError(\"Web Crypto is required for SHA-256 in this runtime.\");\n}\n\nfunction bytesToHex(bytes: Uint8Array): string {\n return [...bytes].map((item) => item.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\nfunction hexToBytes(hex: string): Uint8Array {\n const normalized = String(hex ?? \"\").trim().toLowerCase();\n if (normalized.length % 2 !== 0 \|\| !/^[0-9a-f]$/.test(normalized)) {\n throw new SiglumeWebhookSignatureError(\"Hex digest is invalid.\");\n }\n const bytes = new Uint8Array(normalized.length / 2);\n for (let index = 0; index < normalized.length; index += 2) {\n bytes[index / 2] = Number.parseInt(normalized.slice(index, index + 2), 16);\n }\n return bytes;\n}\n\nasync function timingSafeEqualHex(left: string, right: string): Promise<boolean> {\n const leftBytes = hexToBytes(left);\n const rightBytes = hexToBytes(right);\n if (leftBytes.length !== rightBytes.length) {\n return false;\n }\n let diff = 0;\n for (let index = 0; index < leftBytes.length; index += 1) {\n diff \|= leftBytes[index]! ^ rightBytes[index]!;\n }\n return diff === 0;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,IAAM,2BAA2B;AACjC,IAAM,0CAA0C;AAIhD,IAAM,oDAAoD;AAC1D,IAAM,8BAA8B;AACpC,IAAM,sCAAsC;AAC5C,IAAM,gDAAgD;AACtD,IAAM,wCAAwC;AAC9C,IAAM,oCAAoC;AAyS1C,IAAM,mCAAN,cAA+C,MAAM;AAAA,EAC1D,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,iCAAiC;AAAA,EAC3D;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY,SAAiB,SAA4D;AACvF,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS,QAAQ;AACtB,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAEO,IAAM,kCAAN,cAA8C,gBAAgB;AAAA,EACnE,YAAY,UAAU,qFAAqF;AACzG,UAAM,SAAS,EAAE,QAAQ,KAAK,MAAM,8BAA8B,CAAC;AACnE,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,+BAAN,cAA2C,iCAAiC;AAAA,EACjF,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,cAAyC,iCAAiC;AAAA,EAC/E,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,6BAAN,MAAiC;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,oBAAoB;AACrE,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,yBAAyB,OAA+E;AAC5G,UAAM,UAAmC;AAAA,MACvC,MAAM;AAAA,MACN,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,WAAW,gBAAgB,MAAM,WAAW,WAAW;AAAA,IACzD;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,eAAe,MAAM,YAAY;AAAA,IAC1D;AACA,QAAI,MAAM,2BAA2B,QAAW;AAC9C,cAAQ,yBAAyB,gBAAgB,MAAM,wBAAwB,wBAAwB;AAAA,IACzG;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAkC,QAAQ,sCAAsC,OAAO;AAAA,EACrG;AAAA,EAEA,MAAM,sBAAsB,gBAA2D;AACrF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,IAC7G;AAAA,EACF;AAAA,EAEA,MAAM,yBACJ,gBACA,OACmC;AACnC,WAAO,KAAK;AAAA,MACV;AAAA,MACA,sCAAsC,mBAAmB,gBAAgB,gBAAgB,gBAAgB,CAAC,CAAC;AAAA,MAC3G;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,SAC+C;AAC/C,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,6BAA6B,aAAa,OAAO,CAAC;AAAA,EAC3F;AAAA,EAEA,MAAM,4BACJ,aACA,UAA4E,CAAC,GAC9B;AAC/C,WAAO,KAAK,2BAA2B,+BAA+B,aAAa,OAAO,CAAC;AAAA,EAC7F;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,qCAAN,MAAyC;AAAA,EACrC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACQ;AAAA,EAEjB,YAAY,UAA6C,CAAC,GAAG;AAC3D,UAAM,YAAY,QAAQ,cAAc,SAAS,6BAA6B,KAAK,SAAS,oBAAoB;AAChH,QAAI,CAAC,WAAW;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,YAAY,QAAQ,SAAS,WAAW;AAC9C,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,iCAAiC,qDAAqD;AAAA,IAClG;AACA,SAAK,aAAa;AAClB,SAAK,YAAY,QAAQ,YAAY,SAAS,kBAAkB,KAAK,0BAA0B,QAAQ,QAAQ,EAAE;AACjH,SAAK,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,cAAc,IAAK,CAAC;AACrE,SAAK,aAAa,QAAQ,cAAc;AACxC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,OAA8F;AAChH,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,qBAAqB,MAAM,gBAAgB,QAAQ;AAAA,MACjE,kBAAkB,kBAAkB,MAAM,oBAAoB,KAAK;AAAA,IACrE;AACA,QAAI,MAAM,iBAAiB,QAAW;AACpC,cAAQ,eAAe,gBAAgB,MAAM,cAAc,cAAc;AAAA,IAC3E;AACA,QAAI,MAAM,uBAAuB,QAAW;AAC1C,cAAQ,qBAAqB,2BAA2B,MAAM,kBAAkB;AAAA,IAClF;AACA,QAAI,MAAM,yBAAyB,QAAW;AAC5C,cAAQ,uBAAuB,gBAAgB,MAAM,sBAAsB,sBAAsB;AAAA,IACnG;AACA,QAAI,MAAM,8BAA8B,QAAW;AACjD,cAAQ,4BAA4B,gBAAgB,MAAM,2BAA2B,2BAA2B;AAAA,IAClH;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,QAAI,MAAM,6BAA6B,QAAW;AAChD,cAAQ,2BAA2B,oBAAoB,MAAM,wBAAwB;AAAA,IACvF;AACA,WAAO,KAAK,QAA8C,QAAQ,mCAAmC,OAAO;AAAA,EAC9G;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,sBAAsB,OAAqF;AAC/G,UAAM,UAAmC;AAAA,MACvC,UAAU,6BAA6B,MAAM,QAAQ;AAAA,MACrD,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,UAAU,kBAAkB,MAAM,QAAQ;AAAA,MAC1C,OAAO,wBAAwB,MAAM,KAAK;AAAA,MAC1C,aAAa,gBAAgB,MAAM,aAAa,aAAa;AAAA,MAC7D,YAAY,gBAAgB,MAAM,YAAY,YAAY;AAAA,IAC5D;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,mBAAmB,YAAoD;AAC3E,WAAO,KAAK;AAAA,MACV;AAAA,MACA,2CAA2C,mBAAmB,gBAAgB,YAAY,YAAY,CAAC,CAAC;AAAA,IAC1G;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,UAAiE;AACjF,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBAAsB,UAAiE;AAC3F,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,IAC/F;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,UACA,QAAyD,CAAC,GACX;AAC/C,UAAM,UAAmC,CAAC;AAC1C,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,kBAAkB,MAAM,QAAQ;AAAA,IACrD;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,kBAAkB,MAAM,gBAAgB;AAAA,IACrE;AACA,QAAI,MAAM,qBAAqB,QAAW;AACxC,cAAQ,mBAAmB,gBAAgB,MAAM,kBAAkB,kBAAkB;AAAA,IACvF;AACA,WAAO,KAAK;AAAA,MACV;AAAA,MACA,mCAAmC,mBAAmB,6BAA6B,QAAQ,CAAC,CAAC;AAAA,MAC7F;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,0BACJ,OACkD;AAClD,UAAM,UAAmC;AAAA,MACvC,cAAc,gBAAgB,MAAM,cAAc,cAAc;AAAA,MAChE,aAAa,MAAM,aAAa,SAC5B,MAAM,YAAY,IAAI,CAAC,cAAc,gBAAgB,WAAW,YAAY,CAAC,IAC7E,CAAC,4BAA4B,sBAAsB;AAAA,IACzD;AACA,QAAI,MAAM,gBAAgB,QAAW;AACnC,cAAQ,cAAc,gBAAgB,MAAM,aAAa,aAAa;AAAA,IACxE;AACA,QAAI,MAAM,aAAa,QAAW;AAChC,cAAQ,WAAW,gBAAgB,MAAM,UAAU,UAAU;AAAA,IAC/D;AACA,WAAO,KAAK,QAAiD,QAAQ,kCAAkC,OAAO;AAAA,EAChH;AAAA,EAEA,MAAM,cAAc,OAAiG;AACnH,UAAM,WAAW,MAAM,KAAK,cAAc,KAAK;AAC/C,UAAM,cAAc,SAAS,iBAAiB;AAC9C,UAAM,kBAAkB,MAAM,4BAA4B,QACtD,OACA,MAAM,KAAK,sBAAsB,aAAa;AAAA,MAC9C,kBAAkB,SAAS,iBAAiB,oBAAoB,MAAM,oBAAoB;AAAA,MAC1F,kBAAkB,MAAM,oBAAoB,MAAM;AAAA,IACpD,CAAC;AACH,UAAM,sBAAsB,MAAM,+BAA+B,QAAQ,MAAM,oBAAoB;AACnG,UAAM,uBAAuB,uBAAuB,MAAM,uBACtD,MAAM,KAAK,0BAA0B;AAAA,MACrC,cAAc,MAAM;AAAA,MACpB,aAAa,MAAM,uBAAuB,GAAG,WAAW;AAAA,MACxD,aAAa,MAAM;AAAA,MACnB,UAAU,EAAE,UAAU,aAAa,KAAK,kCAAkC;AAAA,IAC5E,CAAC,IACC;AACJ,UAAM,MAA8B;AAAA,MAClC,iCAAiC;AAAA,IACnC;AACA,QAAI,SAAS,kBAAkB;AAC7B,UAAI,0CAA0C,SAAS;AAAA,IACzD;AACA,UAAM,gBAAgB,aAAa,sBAAsB,cAAc;AACvE,QAAI,eAAe;AACjB,UAAI,yBAAyB;AAAA,IAC/B;AACA,WAAO,EAAE,UAAU,iBAAiB,sBAAsB,IAAI;AAAA,EAChE;AAAA,EAEA,MAAM,QAAW,QAAgB,MAAc,WAAiC;AAC9E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,UAAU,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,UAAU;AACpE,QAAI;AACF,YAAM,UAAkC;AAAA,QACtC,UAAU;AAAA,QACV,iBAAiB,UAAU,KAAK,UAAU;AAAA,QAC1C,cAAc,KAAK;AAAA,MACrB;AACA,UAAI;AACJ,UAAI,cAAc,QAAW;AAC3B,gBAAQ,cAAc,IAAI;AAC1B,eAAO,KAAK,UAAU,SAAS;AAAA,MACjC;AACA,YAAM,WAAW,MAAM,KAAK,WAAW,GAAG,KAAK,QAAQ,GAAG,IAAI,IAAI;AAAA,QAChE;AAAA,QACA;AAAA,QACA;AAAA,QACA,QAAQ,WAAW;AAAA,MACrB,CAAC;AACD,YAAM,UAAU,MAAM,SAAS,KAAK;AACpC,YAAM,SAAS,UAAU,UAAU,OAAO,IAAI,CAAC;AAC/C,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,QAAQ,SAAS,MAAM,KAAK,SAAS,OAAO,KAAK,IAAI,OAAO,QAAQ,CAAC;AAC3E,cAAM,OAAO,aAAa,MAAM,IAAI,KAAK,aAAc,OAAmC,IAAI,KAAK,QAAQ,SAAS,MAAM;AAC1H,cAAM,UAAU,aAAa,MAAM,OAAO,KAAK,aAAc,OAAmC,OAAO,KAAK,SAAS;AACrH,cAAM,IAAI,gBAAgB,SAAS,EAAE,QAAQ,SAAS,QAAQ,MAAM,MAAM,OAAO,CAAC;AAAA,MACpF;AACA,UAAI,SAAS,MAAM,KAAK,UAAU,QAAQ;AACxC,eAAO,OAAO;AAAA,MAChB;AACA,aAAO;AAAA,IACT,UAAE;AACA,mBAAa,OAAO;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,MAAc,sBAAyB,QAAgB,MAAc,WAAiC;AACpG,QAAI;AACF,aAAO,MAAM,KAAK,QAAW,QAAQ,MAAM,SAAS;AAAA,IACtD,SAAS,OAAO;AACd,UAAI,4BAA4B,KAAK,GAAG;AACtC,cAAM,IAAI,gCAAgC;AAAA,MAC5C;AACA,YAAM;AAAA,IACR;AAAA,EACF;AACF;AAEA,eAAsB,oCACpB,OACwC;AACxC,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,6CAA6C,MAAM,QAAQ;AAAA,IACjF;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,uCAAuC,IAAI,KAAK,IAAI,SAAS;AAClF,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,6CACpB,QACA,OAMiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AACjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,KAAK;AAC3D,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEO,SAAS,mCAAmC,WAAwD;AACzG,QAAM,QAAQ,gBAAgB,WAAW,WAAW,EAAE,MAAM,GAAG;AAC/D,MAAI,MAAM,WAAW,GAAG;AACtB,UAAM,IAAI,iCAAiC,kEAAkE;AAAA,EAC/G;AACA,QAAM,CAAC,QAAQ,OAAO,SAAS,IAAI;AACnC,MAAI,CAAC,UAAU,CAAC,SAAS,CAAC,WAAW;AACnC,UAAM,IAAI,iCAAiC,iDAAiD;AAAA,EAC9F;AACA,SAAO,EAAE,QAAQ,OAAO,UAAU;AACpC;AAOA,eAAsB,6CACpB,OACiD;AACjD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,eAAe,gBAAgB,MAAM,cAAc,cAAc;AACvE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,MAAM,QAAQ,wBAAwB,MAAM,KAAK,IAAI,MAAM,YAAY;AACrF,QAAM,YAAY,MAAM,sDAAsD,MAAM,QAAQ;AAAA,IAC1F;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,YAAY,GAAG,iDAAiD,IAAI,KAAK,IAAI,SAAS;AAC5F,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB,MAAM,eAAe,SAAS;AAAA,EAChD;AACF;AAEA,eAAsB,sDACpB,QACA,OAOiB;AACjB,QAAM,mBAAmB,gBAAgB,QAAQ,QAAQ;AACzD,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,SAAS,gBAAgB,MAAM,cAAc,cAAc;AACjE,QAAM,WAAW,kBAAkB,MAAM,QAAQ;AACjD,QAAM,UAAU,0BAA0B,MAAM,OAAO;AACvD,QAAM,QAAQ,wBAAwB,MAAM,KAAK;AAGjD,QAAM,WAAW,GAAG,QAAQ,IAAI,MAAM,IAAI,QAAQ,IAAI,OAAO,IAAI,KAAK;AACtE,SAAO,cAAc,kBAAkB,IAAI,YAAY,EAAE,OAAO,QAAQ,CAAC;AAC3E;AAEA,eAAsB,6CACpB,QACA,OAOkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,mDAAmD;AACvE,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,sDAAsD,QAAQ;AAAA,IACnF,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,SAAS,MAAM;AAAA,IACf,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,oCACpB,QACA,OAMkB;AAClB,QAAM,SAAS,mCAAmC,MAAM,SAAS;AACjE,MAAI,OAAO,WAAW,yCAAyC;AAC7D,WAAO;AAAA,EACT;AACA,QAAM,WAAW,MAAM,6CAA6C,QAAQ;AAAA,IAC1E,UAAU,MAAM;AAAA,IAChB,cAAc,MAAM;AAAA,IACpB,UAAU,MAAM;AAAA,IAChB,OAAO,OAAO;AAAA,EAChB,CAAC;AACD,SAAO,mBAAmB,UAAU,OAAO,SAAS;AACtD;AAEA,eAAsB,kCAAkC,WAAoC;AAC1F,SAAO,eAAe,gBAAgB,WAAW,WAAW,CAAC;AAC/D;AAEA,eAAsB,gCAAgC,OAKlC;AAClB,QAAM,WAAW,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,cAAc,cAAc,CAAC,GAAG,kBAAkB,MAAM,QAAQ,CAAC,GAAG,gBAAgB,MAAM,WAAW,WAAW,CAAC;AAC/L,SAAO,eAAe,QAAQ;AAChC;AAEO,SAAS,6BACd,aACA,UAA4E,CAAC,GACtC;AACvC,SAAO,yCAAyC,aAAa,YAAY,qBAAqB;AAAA,IAC5F,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,+BACd,aACA,UAA4E,CAAC,GACtC;AACvC,QAAM,iBAAiB,YAAY;AACnC,MAAI,CAAC,kBAAkB,OAAO,KAAK,cAAc,EAAE,WAAW,GAAG;AAC/D,UAAM,IAAI,iCAAiC,8EAA8E;AAAA,EAC3H;AACA,SAAO,yCAAyC,aAAa,gBAAgB;AAAA,IAC3E,cAAc;AAAA,IACd,gBAAgB,QAAQ;AAAA,IACxB,UAAU,QAAQ;AAAA,EACpB,CAAC;AACH;AAEO,SAAS,yCACd,aACA,qBACA,SAKuC;AACvC,QAAM,WAAW;AAAA,IACf,GAAI,SAAS,oBAAoB,cAAc,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,IACzF,GAAI,QAAQ,YAAY,CAAC;AAAA,EAC3B;AACA,SAAO;AAAA,IACL;AAAA,IACA,cAAc,gBAAgB,QAAQ,cAAc,cAAc;AAAA,IAClE,gBAAgB;AAAA,IAChB,cAAc,YAAY;AAAA,IAC1B;AAAA,IACA,gBAAgB,QAAQ,QAAQ,cAAc;AAAA,EAChD;AACF;AAEA,eAAsB,wBACpB,gBACA,MACA,SACiB;AACjB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,6BAA6B,6CAA6C;AAAA,EACtF;AACA,QAAM,YAAY,KAAK,MAAM,QAAQ,SAAS;AAC9C,QAAM,QAAQ,UAAU,IAAI;AAC5B,QAAM,SAAS,IAAI,YAAY,EAAE,OAAO,GAAG,SAAS,GAAG;AACvD,QAAM,UAAU,IAAI,WAAW,OAAO,SAAS,MAAM,MAAM;AAC3D,UAAQ,IAAI,QAAQ,CAAC;AACrB,UAAQ,IAAI,OAAO,OAAO,MAAM;AAChC,SAAO,cAAc,gBAAgB,OAAO;AAC9C;AAEA,eAAsB,4BACpB,gBACA,MACA,UAAkC,CAAC,GAClB;AACjB,QAAM,YAAY,KAAK,MAAM,QAAQ,aAAa,KAAK,IAAI,IAAI,GAAI;AACnE,QAAM,YAAY,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AACnF,SAAO,KAAK,SAAS,OAAO,SAAS;AACvC;AAEA,eAAsB,uBACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GAClB;AACvC,QAAM,EAAE,WAAW,UAAU,IAAI,qBAAqB,gBAAgB;AACtE,QAAM,mBAAmB,KAAK,IAAI,GAAG,KAAK,MAAM,QAAQ,qBAAqB,iCAAiC,CAAC;AAC/G,QAAM,aAAa,KAAK,MAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAI;AAC9D,MAAI,KAAK,IAAI,aAAa,SAAS,IAAI,kBAAkB;AACvD,UAAM,IAAI,6BAA6B,4DAA4D;AAAA,EACrG;AACA,QAAM,WAAW,MAAM,wBAAwB,gBAAgB,MAAM,EAAE,UAAU,CAAC;AAClF,MAAI,CAAE,MAAM,mBAAmB,UAAU,SAAS,GAAI;AACpD,UAAM,IAAI,6BAA6B,kCAAkC;AAAA,EAC3E;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEO,SAAS,sCAAsC,SAAoD;AACxG,QAAM,QAAQ,cAAc,SAAS,eAAe;AACpD,QAAM,OAAO,cAAc,MAAM,MAAM,oBAAoB;AAC3D,QAAM,SAAS;AAAA,IACb,GAAG;AAAA,IACH,IAAI,gBAAgB,aAAa,MAAM,EAAE,KAAK,IAAI,kBAAkB;AAAA,IACpE,MAAM,gBAAgB,aAAa,MAAM,IAAI,KAAK,IAAI,oBAAoB;AAAA,IAC1E,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,aAAa,gBAAgB,aAAa,MAAM,WAAW,KAAK,IAAI,qBAAqB;AAAA,IACzF,MAAM,EAAE,GAAG,KAAK;AAAA,EAClB;AACA,MAAI,OAAO,SAAS,8BAA8B,OAAO,KAAK,SAAS,6BAA6B;AAClG,UAAM,IAAI,2BAA2B,uEAAuE;AAAA,EAC9G;AACA,SAAO;AACT;AAEA,eAAsB,kCACpB,gBACA,MACA,kBACA,UAAwD,CAAC,GACyC;AAClG,QAAM,eAAe,MAAM,uBAAuB,gBAAgB,MAAM,kBAAkB,OAAO;AACjG,QAAM,OAAO,IAAI,YAAY,EAAE,OAAO,UAAU,IAAI,CAAC;AACrD,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,SAAS,OAAO;AACd,UAAM,IAAI,2BAA2B,uCAAuC;AAAA,EAC9E;AACA,SAAO,EAAE,OAAO,sCAAsC,MAAM,GAAG,aAAa;AAC9E;AAEO,IAAM,6BAA6B;AACnC,IAAM,6BAA6B;AACnC,IAAM,sCAAsC;AAC5C,IAAM,sCAAsC;AAEnD,SAAS,kBAAkB,OAAuB;AAChD,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,8BAA8B,KAAK,QAAQ,GAAG;AACjD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,6BAA6B,OAAuB;AAC3D,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,CAAC,6BAA6B,KAAK,QAAQ,GAAG;AAChD,UAAM,IAAI,iCAAiC,sFAAsF;AAAA,EACnI;AACA,SAAO;AACT;AAEA,SAAS,qBAAqB,OAAgD;AAC5E,QAAM,OAAO,gBAAgB,OAAO,cAAc,EAAE,YAAY;AAChE,MAAI,SAAS,YAAY,SAAS,UAAU,SAAS,aAAa,SAAS,YAAY,SAAS,OAAO;AACrG,WAAO;AAAA,EACT;AACA,QAAM,IAAI,iCAAiC,uDAAuD;AACpG;AAEA,SAAS,kBAAkB,OAA6C;AACtE,QAAM,WAAW,gBAAgB,OAAO,UAAU,EAAE,YAAY;AAChE,MAAI,aAAa,SAAS,aAAa,OAAO;AAC5C,UAAM,IAAI,iCAAiC,8BAA8B;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,SAAS,eAAe,OAA0C;AAChE,QAAM,QAAQ,gBAAgB,OAAO,cAAc,EAAE,YAAY;AACjE,MAAI,UAAU,UAAU,UAAU,QAAQ;AACxC,UAAM,IAAI,iCAAiC,oCAAoC;AAAA,EACjF;AACA,SAAO;AACT;AAEA,SAAS,2BAA2B,OAAsG;AACxI,QAAM,aAAqC,CAAC;AAC5C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,eAAW,QAAQ,OAAO;AACxB,YAAM,WAAW,kBAAkB,IAAI;AACvC,iBAAW,QAAQ,IAAI,wBAAwB,QAAQ;AAAA,IACzD;AAAA,EACF,WAAW,SAAS,KAAK,GAAG;AAC1B,eAAW,CAAC,aAAa,QAAQ,KAAK,OAAO,QAAQ,KAAK,GAAG;AAC3D,iBAAW,kBAAkB,WAAW,CAAC,IAAI,eAAe,OAAO,QAAQ,CAAC;AAAA,IAC9E;AAAA,EACF,OAAO;AACL,UAAM,IAAI,iCAAiC,oEAAoE;AAAA,EACjH;AACA,MAAI,OAAO,KAAK,UAAU,EAAE,WAAW,GAAG;AACxC,UAAM,IAAI,iCAAiC,wDAAwD;AAAA,EACrG;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,UAAmE;AAClG,SAAO,aAAa,QAAQ,SAAS;AACvC;AAEA,SAAS,oBAAoB,OAA2B;AACtD,MAAI,CAAC,MAAM,QAAQ,KAAK,GAAG;AACzB,UAAM,IAAI,iCAAiC,2DAA2D;AAAA,EACxG;AACA,QAAM,OAAO,oBAAI,IAAY;AAC7B,QAAM,UAAoB,CAAC;AAC3B,aAAW,QAAQ,OAAO;AACxB,QAAI;AACJ,QAAI;AACF,YAAM,IAAI,IAAI,gBAAgB,OAAO,IAAI,GAAG,gCAAgC,CAAC;AAAA,IAC/E,QAAQ;AACN,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,UAAM,SAAS,GAAG,IAAI,SAAS,YAAY,CAAC,KAAK,IAAI,KAAK,YAAY,CAAC;AACvE,QAAI,CAAC,KAAK,IAAI,MAAM,GAAG;AACrB,WAAK,IAAI,MAAM;AACf,cAAQ,KAAK,MAAM;AAAA,IACrB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,SAAS,OAAO,KAAK;AAC3B,MAAI,CAAC,OAAO,cAAc,MAAM,KAAK,UAAU,GAAG;AAChD,UAAM,IAAI,iCAAiC,GAAG,IAAI,mCAAmC;AAAA,EACvF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAe,MAAsB;AAC5D,QAAM,OAAO,OAAO,SAAS,EAAE,EAAE,KAAK;AACtC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,iCAAiC,GAAG,IAAI,eAAe;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,wBAAwB,OAAuB;AACtD,QAAM,QAAQ,gBAAgB,OAAO,OAAO;AAC5C,MAAI,MAAM,SAAS,GAAG,GAAG;AACvB,UAAM,IAAI,iCAAiC,6BAA6B;AAAA,EAC1E;AACA,SAAO;AACT;AAEA,SAAS,0BAA0B,OAAqD;AACtF,QAAM,UAAU,gBAAgB,OAAO,SAAS,EAAE,YAAY;AAC9D,MAAI,YAAY,aAAa,YAAY,SAAS;AAChD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,gBAAgB,OAAgC,MAAuC;AAC9F,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,KAAK,UAAU,KAAK,CAAC;AAC/C,QAAI,CAAC,SAAS,MAAM,GAAG;AACrB,YAAM,IAAI,MAAM,eAAe;AAAA,IACjC;AACA,WAAO;AAAA,EACT,SAAS,OAAO;AACd,UAAM,IAAI,iCAAiC,GAAG,IAAI,sCAAsC;AAAA,EAC1F;AACF;AAEA,SAAS,UAAU,SAA0B;AAC3C,MAAI;AACF,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sCAAsC;AAAA,MAC9D,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,MAAM;AAAA,IACR,CAAC;AAAA,EACH;AACF;AAEA,SAAS,aAAa,OAA+B;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK;AACxB,SAAO,OAAO,OAAO;AACvB;AAEA,SAAS,4BAA4B,OAAyB;AAC5D,MAAI,EAAE,iBAAiB,kBAAkB;AACvC,WAAO;AAAA,EACT;AACA,QAAM,OAAO,MAAM,KAAK,YAAY;AACpC,MAAI,MAAM,WAAW,QAAQ,SAAS,iCAAiC,SAAS,qBAAqB;AACnG,WAAO;AAAA,EACT;AACA,SACE,MAAM,WAAW,QAChB,SAAS,cAAc,SAAS,eAAe,SAAS,qBAAqB,SAAS;AAE3F;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;AAEA,SAAS,cAAc,OAAgB,MAAuC;AAC5E,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,2BAA2B,GAAG,IAAI,qBAAqB;AAAA,EACnE;AACA,SAAO;AACT;AAEA,SAAS,SAAS,MAAkC;AAClD,MAAI,OAAO,YAAY,aAAa;AAClC,WAAO;AAAA,EACT;AACA,QAAM,QAAQ,QAAQ,IAAI,IAAI;AAC9B,SAAO,SAAS,MAAM,KAAK,IAAI,MAAM,KAAK,IAAI;AAChD;AAEA,SAAS,UAAU,MAA+E;AAChG,MAAI,gBAAgB,YAAY;AAC9B,WAAO;AAAA,EACT;AACA,MAAI,gBAAgB,aAAa;AAC/B,WAAO,IAAI,WAAW,IAAI;AAAA,EAC5B;AACA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO,IAAI,YAAY,EAAE,OAAO,IAAI;AAAA,EACtC;AACA,MAAI,SAAS,IAAI,GAAG;AAClB,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK,UAAU,IAAI,CAAC;AAAA,EACtD;AACA,QAAM,IAAI,2BAA2B,6DAA6D;AACpG;AAEA,SAAS,qBAAqB,iBAAmE;AAC/F,MAAI,YAA2B;AAC/B,MAAI,YAA2B;AAC/B,aAAW,QAAQ,OAAO,mBAAmB,EAAE,EAAE,MAAM,GAAG,GAAG;AAC3D,UAAM,CAAC,KAAK,KAAK,IAAI,KAAK,KAAK,EAAE,MAAM,KAAK,CAAC;AAC7C,QAAI,QAAQ,KAAK;AACf,YAAM,SAAS,OAAO,SAAS,SAAS,IAAI,EAAE;AAC9C,UAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,cAAM,IAAI,6BAA6B,yCAAyC;AAAA,MAClF;AACA,kBAAY;AAAA,IACd;AACA,QAAI,QAAQ,MAAM;AAChB,kBAAY,OAAO,SAAS,EAAE,EAAE,KAAK;AAAA,IACvC;AAAA,EACF;AACA,MAAI,cAAc,QAAQ,CAAC,WAAW;AACpC,UAAM,IAAI,6BAA6B,yCAAyC;AAAA,EAClF;AACA,SAAO,EAAE,WAAW,UAAU;AAChC;AAEA,eAAe,cAA+B;AAC5C,MAAI,WAAW,QAAQ,YAAY;AACjC,WAAO,WAAW,OAAO,WAAW;AAAA,EACtC;AACA,QAAM,QAAQ,IAAI,WAAW,EAAE;AAC/B,MAAI,WAAW,QAAQ,iBAAiB;AACtC,eAAW,OAAO,gBAAgB,KAAK;AAAA,EACzC,WAAW,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AACnE,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,UAAM,IAAI,OAAO,YAAY,EAAE,CAAC;AAAA,EAClC,OAAO;AACL,UAAM,IAAI,iCAAiC,iEAAiE;AAAA,EAC9G;AACA,SAAO,WAAW,KAAK;AACzB;AAEA,eAAe,cAAc,QAAgB,SAAsC;AACjF,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,gBAAgB,IAAI,WAAW,QAAQ,UAAU;AACvD,kBAAc,IAAI,OAAO;AACzB,UAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,MACzC;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,MAAM;AAAA,MAC/B,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,MAChC;AAAA,MACA,CAAC,MAAM;AAAA,IACT;AACA,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,KAAK,QAAQ,KAAK,aAAa;AAC7E,WAAO,WAAW,IAAI,WAAW,MAAM,CAAC;AAAA,EAC1C;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,OAAO,WAAW,UAAU,MAAM,EAAE,OAAO,OAAO,KAAK,OAAO,CAAC,EAAE,OAAO,KAAK;AAAA,EACtF;AACA,QAAM,IAAI,iCAAiC,yDAAyD;AACtG;AAEA,eAAe,eAAe,UAAmC;AAC/D,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,QAAQ;AAC/C,MAAI,WAAW,QAAQ,QAAQ;AAC7B,UAAM,SAAS,MAAM,WAAW,OAAO,OAAO,OAAO,WAAW,KAAK;AACrE,WAAO,UAAU,WAAW,IAAI,WAAW,MAAM,CAAC,CAAC;AAAA,EACrD;AACA,MAAI,OAAO,YAAY,eAAe,QAAQ,UAAU,MAAM;AAC5D,UAAM,SAAS,MAAM,OAAO,QAAa;AACzC,WAAO,UAAU,OAAO,WAAW,QAAQ,EAAE,OAAO,OAAO,KAAK,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;AAAA,EACvF;AACA,QAAM,IAAI,iCAAiC,qDAAqD;AAClG;AAEA,SAAS,WAAW,OAA2B;AAC7C,SAAO,CAAC,GAAG,KAAK,EAAE,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE;AAC7E;AAEA,SAAS,WAAW,KAAyB;AAC3C,QAAM,aAAa,OAAO,OAAO,EAAE,EAAE,KAAK,EAAE,YAAY;AACxD,MAAI,WAAW,SAAS,MAAM,KAAK,CAAC,cAAc,KAAK,UAAU,GAAG;AAClE,UAAM,IAAI,6BAA6B,wBAAwB;AAAA,EACjE;AACA,QAAM,QAAQ,IAAI,WAAW,WAAW,SAAS,CAAC;AAClD,WAAS,QAAQ,GAAG,QAAQ,WAAW,QAAQ,SAAS,GAAG;AACzD,UAAM,QAAQ,CAAC,IAAI,OAAO,SAAS,WAAW,MAAM,OAAO,QAAQ,CAAC,GAAG,EAAE;AAAA,EAC3E;AACA,SAAO;AACT;AAEA,eAAe,mBAAmB,MAAc,OAAiC;AAC/E,QAAM,YAAY,WAAW,IAAI;AACjC,QAAM,aAAa,WAAW,KAAK;AACnC,MAAI,UAAU,WAAW,WAAW,QAAQ;AAC1C,WAAO;AAAA,EACT;AACA,MAAI,OAAO;AACX,WAAS,QAAQ,GAAG,QAAQ,UAAU,QAAQ,SAAS,GAAG;AACxD,YAAQ,UAAU,KAAK,IAAK,WAAW,KAAK;AAAA,EAC9C;AACA,SAAO,SAAS;AAClB;","names":[]}

package/dist/index.d.cts CHANGED Viewed

@@ -282,6 +282,9 @@ declare class SiglumeApiError extends SiglumeDirectRequestPaymentError {
         data?: unknown;
     });
 }
+declare class HostedCheckoutNotAvailableError extends SiglumeApiError {
+    constructor(message?: string);
+}
 declare class SiglumeWebhookSignatureError extends SiglumeDirectRequestPaymentError {
     constructor(message: string);
 }
@@ -337,6 +340,7 @@ declare class DirectRequestPaymentMerchantClient {
     createWebhookSubscription(input: DirectRequestPaymentWebhookSubscriptionInput): Promise<DirectRequestPaymentWebhookSubscription>;
     setupCheckout(input: DirectRequestPaymentCheckoutSetupInput): Promise<DirectRequestPaymentCheckoutSetupResult>;
     request<T>(method: string, path: string, json_body?: unknown): Promise<T>;
+    private requestHostedCheckout;
 }
 declare function createDirectRequestPaymentChallenge(input: DirectRequestPaymentChallengeInput): Promise<DirectRequestPaymentChallenge>;
 declare function createDirectRequestPaymentChallengeSignature(secret: string, input: {
@@ -415,4 +419,4 @@ declare const verifyExternal402Challenge: typeof verifyDirectRequestPaymentChall
 declare const createExternal402RecurringChallenge: typeof createDirectRequestPaymentRecurringChallenge;
 declare const verifyExternal402RecurringChallenge: typeof verifyDirectRequestPaymentRecurringChallenge;
-export { DEFAULT_SIGLUME_API_BASE, DEFAULT_WEBHOOK_TOLERANCE_SECONDS, DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_MODE, DIRECT_REQUEST_PAYMENT_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE, type DirectPaymentRequirement, type DirectPaymentRequirementCreateInput, type DirectPaymentVerifyInput, type DirectRequestPaymentBillingPlan, type DirectRequestPaymentChallenge, type DirectRequestPaymentChallengeInput, type DirectRequestPaymentCheckoutSetupInput, type DirectRequestPaymentCheckoutSetupResult, DirectRequestPaymentClient, type DirectRequestPaymentClientOptions, type DirectRequestPaymentCurrency, type DirectRequestPaymentMerchantAccount, type DirectRequestPaymentMerchantBillingMandateInput, DirectRequestPaymentMerchantClient, type DirectRequestPaymentMerchantResponse, type DirectRequestPaymentMerchantSetupInput, type DirectRequestPaymentRecurringCadence, type DirectRequestPaymentRecurringChallenge, type DirectRequestPaymentRecurringChallengeInput, type DirectRequestPaymentToken, type DirectRequestPaymentWebhookEvent, type DirectRequestPaymentWebhookSubscription, type DirectRequestPaymentWebhookSubscriptionInput, type HostedCheckoutSession, type HostedCheckoutSessionCreateInput, type HostedCheckoutSessionCreateResult, type ParsedDirectRequestPaymentChallenge, SiglumeApiError, SiglumeDirectRequestPaymentError, type SiglumeEnvelopeMeta, SiglumeWebhookPayloadError, SiglumeWebhookSignatureError, type Web3PreparedTransactionExecutePayload, type Web3PreparedTransactionExecuteResult, type Web3TransactionRequest, type WebhookSignatureVerification, buildAllowanceExecutionPayload, buildPaymentExecutionPayload, buildPreparedTransactionExecutionPayload, buildWebhookSignatureHeader, computeWebhookSignature, createDirectRequestPaymentChallenge, createDirectRequestPaymentChallengeSignature, createDirectRequestPaymentRecurringChallenge, createDirectRequestPaymentRecurringChallengeSignature, createExternal402Challenge, createExternal402RecurringChallenge, directRequestPaymentChallengeHash, directRequestPaymentRequestHash, parseDirectRequestPaymentChallenge, parseDirectRequestPaymentWebhookEvent, verifyDirectRequestPaymentChallenge, verifyDirectRequestPaymentRecurringChallenge, verifyDirectRequestPaymentWebhook, verifyExternal402Challenge, verifyExternal402RecurringChallenge, verifyWebhookSignature };
+export { DEFAULT_SIGLUME_API_BASE, DEFAULT_WEBHOOK_TOLERANCE_SECONDS, DIRECT_REQUEST_PAYMENT_ALLOWANCE_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_MODE, DIRECT_REQUEST_PAYMENT_RECEIPT_KIND, DIRECT_REQUEST_PAYMENT_RECURRING_CHALLENGE_SCHEME, DIRECT_REQUEST_PAYMENT_REFERENCE_TYPE, type DirectPaymentRequirement, type DirectPaymentRequirementCreateInput, type DirectPaymentVerifyInput, type DirectRequestPaymentBillingPlan, type DirectRequestPaymentChallenge, type DirectRequestPaymentChallengeInput, type DirectRequestPaymentCheckoutSetupInput, type DirectRequestPaymentCheckoutSetupResult, DirectRequestPaymentClient, type DirectRequestPaymentClientOptions, type DirectRequestPaymentCurrency, type DirectRequestPaymentMerchantAccount, type DirectRequestPaymentMerchantBillingMandateInput, DirectRequestPaymentMerchantClient, type DirectRequestPaymentMerchantResponse, type DirectRequestPaymentMerchantSetupInput, type DirectRequestPaymentRecurringCadence, type DirectRequestPaymentRecurringChallenge, type DirectRequestPaymentRecurringChallengeInput, type DirectRequestPaymentToken, type DirectRequestPaymentWebhookEvent, type DirectRequestPaymentWebhookSubscription, type DirectRequestPaymentWebhookSubscriptionInput, HostedCheckoutNotAvailableError, type HostedCheckoutSession, type HostedCheckoutSessionCreateInput, type HostedCheckoutSessionCreateResult, type ParsedDirectRequestPaymentChallenge, SiglumeApiError, SiglumeDirectRequestPaymentError, type SiglumeEnvelopeMeta, SiglumeWebhookPayloadError, SiglumeWebhookSignatureError, type Web3PreparedTransactionExecutePayload, type Web3PreparedTransactionExecuteResult, type Web3TransactionRequest, type WebhookSignatureVerification, buildAllowanceExecutionPayload, buildPaymentExecutionPayload, buildPreparedTransactionExecutionPayload, buildWebhookSignatureHeader, computeWebhookSignature, createDirectRequestPaymentChallenge, createDirectRequestPaymentChallengeSignature, createDirectRequestPaymentRecurringChallenge, createDirectRequestPaymentRecurringChallengeSignature, createExternal402Challenge, createExternal402RecurringChallenge, directRequestPaymentChallengeHash, directRequestPaymentRequestHash, parseDirectRequestPaymentChallenge, parseDirectRequestPaymentWebhookEvent, verifyDirectRequestPaymentChallenge, verifyDirectRequestPaymentRecurringChallenge, verifyDirectRequestPaymentWebhook, verifyExternal402Challenge, verifyExternal402RecurringChallenge, verifyWebhookSignature };